Wireless AP role

Understanding Access point role.

Table 1 Role and Association Matrix
	Root Access Point	Root Bridge (without Wireless Clients)	Non-root Bridge	Non-root Bridge with Wireless Clients	Workgroup Bridge
Root Access Point					X
Root Bridge			X	X	X
Non-root Bridge without Wireless Clients		X		X
Non-root Bridge with Wireless Clients		X	X
Workgroup Bridge	X	X
Universal Workgroup Bridge	X	X

Access Point Role:

·         In the access point role the router accepts associations from wireless clients and non-root devices, such as a non-root bridge

Root Access Point: If the access point provides its clients a connection to a wired network through a wired connection it is said to be a root access point.

·         A device in root mode accepts associations with non-root devices, such as a non-root bridge.

Bridge Role

Wireless bridges provide higher data rates and superior throughput for data-intensive and line of sight applications. High-speed links between the wireless bridges deliver throughput that is many times faster than the E1/T1 lines for a fraction of the cost. In this way, wireless bridges eliminate the need for expensive leased lines and fiber-optic cables.

The wireless bridge can link LANs either through the wired interface or through the wireless interface.

Wireless bridges can be configured for point-to-point and point-to-multipoint applications.

Root Bridge: The station-role root bridge mode accepts associations with non-root bridge devices and can be set to

accept wireless clients. For example:

wd(config)#interface dot11radio interfacenumber

wd(config-in)#station-role root bridge wireless-clients

026- Converting Lightweight AP to Autonomous AP

To convert  LWAP mode to autonomous mode by loading a Cisco IOS release using a TFTP server:

---

Step 1 Setup your PC

• Install TFTP server on you PC. 
• Assign static ip from following pool 10.0.0.2 to 10.0.0.3. 
• Ensure file extension are visible. From Windows Explorer, click Tools > Folder Options > View; then uncheck the Hide extensions for known file types check box.

Step 2: Downloading  IOS image

• Copy access point image file (such as c1200-k9w7-tar.122-15.JA.tar for a 1200 series access point) in the TFTP server folder and activate TFTP. Set the timeout value on the TFTP server to 30 seconds.
• Rename the access point image file in the TFTP server folder to  
• c1200-k9w7-tar.default for a 1200 series access point,  
• c1130-k9w7-tar.default for an 1130 series access point,  
• c1240-k9w7-tar.default for a 1240 series access point, and  
• c1250-k9w7-tar.default for a 1250 series access point.

Step 3: Uploading IOS

• Disconnect power from the access point.
• Connect the PC to the access point using a Crossover cable.
• Press and hold MODE while you reconnect power to the access point. Keep holding the MODE button until the status LED turns red (approximately 20 to 30 seconds) and then release.
• Wait until the access point reboots, as indicated by all LEDs turning green followed by the Status LED blinking green.

Step 4: Configure Autonomous AP

•  After the access point reboots, reconfigure it using the GUI or the CLI.

---

 


 [Previous Post]    Networking Mnemonics

023- Converting Autonomous AP to Lightweight Cisco

---

Upgrading IOS on Cisco AIR AP

METHOD I: Using GUI

• Open a browser and type http: // ip address of AP 
• On home page click SYSTEM SOFTWARE, select SOFTWARE UPGRADE
• you will get two option namely
• HTTP upgrade
• TFTP upgrade
• For TFTP upgrade, enter TFTP server ip address, specify the name of IOS file name, click UPGRADE button. This show status window and will take up few minute. AP will reboot once the upgrade is completed.

METHOD 2: Using CLI

• Login into AP using Telnet / SSH or Hyper terminal
• Type following commands : If you want to overwrite existing image
  archive download-sw /overwrite /reload  tftp:  / /location/image-name
  eg.archive download-sw /overwrite /reload  tftp : / /10.10.10.10 / c1240-k9w7-tar.124-10b.JA3.tar

OR

Type following command: If you want to keep existig ios
archive download-sw /leave-old-sw /reload tftp://location/image-name

   

METHOD 3:Using CiscoAironet-AP-to-LWAPP-upgrade-tool

Steps to UPGRADING authnomous AP to Lightweight AP
[ For AP MODEL : AIR-AP1231G-A-K9]
• Before upgrade make sure that domain name [say xyz. Com] and dns server is entered in AP.
• ping cisco-lwapp-controller.xyx.com
• Create text file with following text
[ip-address-of-ap],[login-name],[login-password],[Privilege-mode-password]


• Open Upgrade Tool v3.4

Details to be filled in Upgrade tool:
1. give the path of IP File
2. select radio use upgrade tool TFTP server
3. provide the path of LWAP image
C:\ Program Files\Cisco Systems\Upgrade Tool\images\c1200-rcvk9w8-tar.123-7.JX9.tar
4. System IP Addr: IP address of host where Upgrade tool is installed
5. Controller Details: specify ip address, login details of primary controller
6. Add DNS address and domain name
7. Click START


• Once image is downloaded successfuly AP will reboot and link to the Primary controller.
• Login in to controller and search for AP under Wireless TAB. It might register with mac address.
• Edit the details of AP such as ip address, hostname, county code in WLC






NOTE: to link light weigh ap to WLC we can use following command on AP

AP# lwapp ap ip address [IP address] [subnet mask]
AP# lwapp ap ip default-gateway [IP-address]
AP# lwapp ap controller ip address [IP-address]
AP# lwapp ap [hostname name]


To clear the manually entered controller information, use following commands:
clear lwapp ap ip address
clear lwapp ip default-gateway
clear lwapp controller ip address
clear lwapp ap hostname


 To reset AP manualy to default
 clear lwapp private-config

---

016 Configuring cisco 1300 wireless device

Configuring 1300 as Non-Root Bridge

This examples sets a LEAP user name and passsword for the SSID test:
     bridge# configure terminal
     bridge(config)# configure interface dot1radio0
     bridge(config)# station role non-root
     bridge(config)# ssid test

Following command configure username and password for Leap authentication:
     bridge(config-ssid)# authentication client username admin password p@ssw0rd
     bridge(config-ssid)# end

-------------------------------------------------------------------------
Following command enable the local radius server on the bridge and ensure that local radius
server is used for authentication


      bridge(config)#aaa new-model
      bridge(config)# aaa group server radius rad_eap server 10.10.10.10 auth-port 1812 acct-port 1813
      bridge(config)# aaa authentication login esp_methods group rad_eap

      bridge(config)# station role root
      bridge(config)# distance 1

following command enters the bridge into the local server config mode:
      bridge(config)# radius-server local

By default LEAP, EAPFAST, & MAC authentication are supported. Using the no form for other 2 types
ensures that LEAP is used for authentication.

        bridge(config)# no authentication eapfast
        bridge(config)# no authentication mac

        bridge(config)# interface dot11radio 0
        bridge(config-if) # ssid bridge

Following command enable EAP authentication for the SSID
       bridge(config-if-ssid)# authentication network-eap rad_eap

This step is optional. This value seeds the initial key for use with broadcast [255.255.255.255] traffic.
If more than one VLAN is used, then keys must be set for each VLAN,

      bridge(config-if)# encryption vlan 1 key 1 size 128bit 1234567890123456789 transmit-

This defines the policy for the use of Wired Equivalent Privacy (WEP). If more than one VLAN is used,
the policy must be set to mandatory for each VLAN.
      
          bridge(config-if )# encryption vlan 1  mode wep mandatory
 
          bridge(config)# user admin password p@ssw0rd