Cisco 1941 with AIR-SAP 1602E-E-K9 Standalone
Jump to navigation
Jump to search
Here below you will find a basic configuration of AIR-SAP 1602E-E-K9 access point connected to 4-port EHWIC card inserted into Cisco 1941 ISR G2 modular router.
Product codding
Product/Model Number: AIR-SAP1602E-E-K9 IOS C1600 Software (AP1G2-K9W7-M), Version 15.2(2)JB2, RELEASE SOFTWARE (fc1) Regulatory Domain / AIR-SAP 1602E-E-K9 \ \_External antenna \_C_ stands for: Control and Provisioning of Wireless Access Points Protocol CAPWAP require WLC (Wireless Lan Controller) \_S_ stands for: Standalone AP
- Router
show inventory
#show inventory NAME: "CISCO1941/K9", DESCR: "CISCO1941/K9 chassis, Hw Serial#: ***********, Hw Revision: 1.0" PID: CISCO1941/K9 , VID: V05 , SN: *********** NAME: "3G WWAN EHWIC-QuadBand HSPA+R7/HSPA/UMTS QuadBand EDGE/GPRS and GPS on Slot 0 SubSlot 0", DESCR: "3G WWAN EHWIC-QuadBand HSPA+R7/HSPA/UMTS QuadBand EDGE/GPRS and GPS" PID: EHWIC-3G-HSPA+7 , VID: V01 , SN: *********** NAME: "Modem 0 on Cellular0/0/0", DESCR: "Sierra Wireless MC8705" PID: MC8705 , VID: 1.0, SN: *********** NAME: "4 Port GE POE EHWIC Switch on Slot 0 SubSlot 1", DESCR: "4 Port GE POE EHWIC Switch" PID: EHWIC-4ESG-P , VID: V01 , SN: *********** NAME: "C1941 AC-POE Power Supply", DESCR: "C1941 AC-POE Power Supply" PID: PWR-1941-POE , VID: , SN:
- Access point
show inventory
NAME: "AP1600", DESCR: "Cisco Aironet 1600 Series (IEEE 802.11n) Access Point" PID: AIR-SAP1602E-E-K9 , VID: V01, SN: ********x11
Please notice that access points are powered by Power Over Ethernet. There is a difference power consumption for AIR-CAP (managed) access point that uses 13W vs AIR-SAP (standalone) uses 15.4W.
#sh power inline PowerSupply SlotNum. Maximum Allocated Status ----------- -------- ------- --------- ------ INT-PS 0 80.000 46.200 PS GOOD Interface Config Device Powered PowerAllocated State --------- ------ ------ ------- -------------- ----- Gi0/1/0 auto Unknown Off 0.000 Watts NOT_PHONE Gi0/1/1 auto IEEE-3 On 15.400 Watts PHONE Gi0/1/2 auto IEEE-3 On 15.400 Watts PHONE Gi0/1/3 auto IEEE-3 On 15.400 Watts PHONE
- Default account credentials on the access point
Username: Cisco Password: Cisco Enabled mode: Cisco
Basic AP config with WPA2-PSK auth
! Last configuration change at 01:27:06 UTC Mon Mar 1 1993 by tech version 15.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! !please change name as required hostname ap1 ! ! logging rate-limit console 9 ! aaa new-model ! ! aaa authentication login default local aaa authorization exec default local ! ! ! ! ! aaa session-id common no ip routing no ip cef ! ! ! dot11 syslog ! dot11 ssid DS_WPA2 authentication open authentication key-management wpa version 2 guest-mode infrastructure-ssid optional !set password as required wpa-psk ascii WPA2_password ! ! crypto pki token default removal timeout 0 ! ! username Cisco password 7 00271A150754 username tech privilege 15 secret tech ! ! bridge irb ! ! ! interface Dot11Radio0 no ip address no ip route-cache ! encryption mode ciphers aes-ccm ! ssid DS_WPA2 ! antenna gain 0 stbc beamform ofdm station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Dot11Radio1 no ip address no ip route-cache shutdown antenna gain 0 no dfs band block channel dfs station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface GigabitEthernet0 no ip address no ip route-cache duplex auto speed auto bridge-group 1 bridge-group 1 spanning-disabled no bridge-group 1 source-learning ! interface BVI1 ip address dhcp client-id GigabitEthernet0 no ip route-cache ! ip forward-protocol nd ip http server ip http authentication aaa no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ! ! bridge 1 route ip ! ! ! line con 0 line vty 0 4 transport input all ! end
Configure from WEB
WPA2
ERROR: VLAN 99 cannot support WPA optional. Set 'Encryption Mode' to 'Cipher', 'TKIP + WEP 40 bit' or 'TKIP + WEP 128 bit'
or 'AES CCMP + TKIP + WEP 40 bit', or 'AES CCMP + TKIP + WEP 128 bit' on all radio interfaces before selecting WPA.
(See Security> Encryption Manager) To set the correct 'Key Management', follow the steps below: STEP 1:Set the 'Key Management' to 'None'. STEP 2:Set the 'Cipher' to 'TKIP' or 'AES CCMP' or 'AES CCMP + TKIP'.(see Security>Encryption Manager) STEP 3:Set the 'Authenticated Key Management' to 'WPA' and 'Mandatory'.
References
- Cisco Aironet 1600 Series Access Points Getting Started Guide, December, 2012 Revised: April 16, 2013
- Cisco Aironet 1600 Series Access Point Data Sheet
- Wireless LAN Controller and Lightweight Access Point Basic Configuration Example
- Cisco IOS Software Configuration Guide for Cisco Aironet Access Points for Cisco IOS Releases 15.2(4)JA
- VLANs on Aironet Access Points Configuration Example