Since now a days Autonomous AP deployments are rarely used, it is very hard to find quality documentations(apart from Cisco configuration guides & few support forum docs) how to configure these. To understand basic functions of different types of autonomous configurations(Bridge, Work Group Bridge-WGB, Repeater) I have set up very basic lab configuration (with open authentication without making it complex by adding security related configs) for each type of these deployment.
Here is the first one for wireless bridges. I have two 1310 APs set up as per the below diagram. Wireless bridge is acting as a trunk link where multiple vlan carry through wireless media (instead of wire). Usually this use to connect remote sites where fibre/Copper WAN infrastructure is too expensive/or not available for these remote sites.
In this example we will create two WLANs in AAP1 & bridge them to remote site AAP2. One key point to remember is Non-Root Bridge (NRB) to be connected to Root Bridge (RB) via native vlan SSID in order to carry multiple WLAN(or vlans) through this wireless bridge.
First step is to configure Fa 0/2 switchport as trunk where it connects to AAP1(Root Bridge).
interface FastEthernet0/2 description AAP2 switchport trunk native vlan 110 switchport mode trunk spanning-tree portfast trunk
Next step is to define the required WLAN on AAP1. In my case I will define two WLANs. “BRIDGE” WLAN for AAP2 to associate with AAP1 & “TEST” WLAN to client to associate with these APs. You need to assign these WLANs into radio interface & specify a radio interface role. In this case we have given “Root Bridge” role to AAP1 with “wireless clients” keyword where it will allow normal clients to join this AP. without this”wireless clients” keyword no clients would be able to join except Non Root Bridge (AAP2)
dot11 ssid BRIDGE vlan 110 authentication open ! dot11 ssid TEST vlan 15 authentication open ! interface Dot11Radio0 ssid BRIDGE ssid TEST station-role root bridge wireless-clients
Then on the AAP1 you can configure BVI interface with an IP of Vlan 110 range & configure its gateway as SVI of VLAN 110 created on DS01 (in my case 10.10.110.3). Then configure Radio & Ethernet sub interfaces with dot1q encapsulation for vlan 110 as native vlan. Always bridge group number will be 1 for this native vlan sub interfaces. For other sub interface you can use any group number in the range of [1-255]. If a vlan number is between 1-255 usually use that for the sub interface & group numbering as a best practice.
interface BVI1 ip address 10.10.110.101 255.255.255.0 ! ip default-gateway 10.10.110.3 ! interface Dot11Radio0.15 encapsulation dot1Q 15 bridge-group 15 ! interface Dot11Radio0.110 encapsulation dot1Q 110 native bridge-group 1 ! interface FastEthernet0.15 encapsulation dot1Q 15 bridge-group 15 ! interface FastEthernet0.110 encapsulation dot1Q 110 native bridge-group
On the Non Root Bridge (AAP2) station role should be specify as “non-root bridge wireless-clients” with “wireless-clients” keyword allow normal clients to join this AP. Also note that “infrastructure-ssid” command used under SSID “BRIDGE” forced to AAP2 to use that SSID to connect to Root Bridge. An infrastructure SSID must be assigned to the Native VLAN ( vlan 110 in my case). Here is the full config of AAP2.
hostname AAP2 ! dot11 ssid BRIDGE vlan 110 authentication open infrastructure-ssid ! dot11 ssid TEST vlan 15 authentication open ! interface Dot11Radio0 ssid BRIDGE ssid TEST station-role non-root bridge wireless-clients ! interface Dot11Radio0.15 encapsulation dot1Q 15 bridge-group 15 ! interface Dot11Radio0.110 encapsulation dot1Q 110 native bridge-group 1 ! interface FastEthernet0.15 encapsulation dot1Q 15 bridge-group 15 ! interface FastEthernet0.110 encapsulation dot1Q 110 native bridge-group 1 ! interface BVI1 ip address 10.10.110.102 255.255.255.0 ! ip default-gateway 10.10.110.3
“show dot11 associations” & “show dot11 associations all-clients” commands can be used to verify the association of NRB to RB & normal clients to NRB.
AAP1#show dot11 associations 802.11 Client Stations on Dot11Radio0: SSID [BRIDGE] : MAC Address IP address Device Name Parent State 001b.2a30.48c0 10.10.110.102 bridge AAP2 self Assoc ! AAP2#show dot11 associations 802.11 Client Stations on Dot11Radio0: SSID [BRIDGE] : MAC Address IP address Device Name Parent State 001b.2a30.48b0 10.10.110.101 11g-bridge AAP1 - Assoc SSID [TEST] : MAC Address IP address Device Name Parent State 6420.0ce0.2375 10.10.15.53 unknown - self Assoc AAP2#show dot11 associations all-client Address : 001b.2a30.48b0 Name : AAP1 IP Address : 10.10.110.101 Interface : Dot11Radio 0 Device : 11g-bridge Software Version : 12.4 CCX Version : 5 Client MFP : Off State : Assoc Parent : - SSID : BRIDGE VLAN : 110 Hops to Infra : 0 Association Id : 1 Tunnel Address : 0.0.0.0 Key Mgmt type : NONE Encryption : Off Current Rate : 36.0 Capability : WMM ShortHdr ShortSlot Supported Rates : 1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 Voice Rates : disabled Bandwidth : 20 MHz Signal Strength : -76 dBm Connected for : 663 seconds Signal to Noise : 25 dB Activity Timeout : 15 seconds Power-save : Off Last Activity : 0 seconds ago Apsd DE AC(s) : NONE Packets Input : 10658 Packets Output : 141 Bytes Input : 1468541 Bytes Output : 17727 Duplicates Rcvd : 0 Data Retries : 35 Decrypt Failed : 0 RTS Retries : 0 MIC Failed : 0 MIC Missing : 0 Packets Redirected: 0 Redirect Filtered: 0 Address : 6420.0ce0.2375 Name : NONE IP Address : 10.10.15.53 Interface : Dot11Radio 0 Device : unknown Software Version : NONE CCX Version : NONE Client MFP : Off State : Assoc Parent : self SSID : TEST VLAN : 15 Hops to Infra : 2 Association Id : 2 Clients Associated: 0 Repeaters associated: 0 Tunnel Address : 0.0.0.0 Key Mgmt type : NONE Encryption : Off Current Rate : 9.0 Capability : WMM ShortHdr ShortSlot Supported Rates : 1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 Voice Rates : disabled Bandwidth : 20 MHz Signal Strength : -89 dBm Connected for : 22 seconds Signal to Noise : 11 dB Activity Timeout : 58 seconds Power-save : Off Last Activity : 2 seconds ago Apsd DE AC(s) : NONE Packets Input : 263 Packets Output : 33 Bytes Input : 15586 Bytes Output : 4899 Duplicates Rcvd : 36 Data Retries : 42 Decrypt Failed : 0 RTS Retries : 0 MIC Failed : 0 MIC Missing : 0 Packets Redirected: 0 Redirect Filtered: 0
This is the basic configuration you need to understand when it comes to basic wireless bridging. In future we will look at configuring this with added security.
Related Posts
1. Lightweight to Autonomous (vice versa) Conversion
2. Multiple SSID Config on Autonomous AP
3. Autonomous AP – Repeater
4. Autonomous AP – WGB
