Cisco CISCO1401 - 1401 Router - EN, CISCO1417 - 1417 Router - EN, Aironet 1400 Series Software Manual
Cisco Aironet 1400 Series Wireless Bridge
Software Configuration Guide
Cisco IOS Release 12.2(11)JA
June 2003
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
Text Part Number: OL-4059-01
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public
domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
CCDE, CCENT, CCSI, Cisco Eos, Cisco Explorer, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase,
Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco TrustSec, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip
Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks; Changing the Way We Work,
Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card, and One Million Acts of Green are service marks; and
Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the
Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity,
Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, iLYNX, IOS, iPhone, IronPort, the
IronPort logo, Laser Link, LightStream, Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY,
PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are
registered trademarks of Cisco and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship
between Cisco and any other company. (1002R)
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
Copyright © 2010 Cisco Systems, Inc. All rights reserved.
Preface xiii
Audience xiii
Purpose xiii
Organization xiii
Conventions xv
Related Publications xvii
Obtaining Documentation xvii
Cisco.com xvii
Documentation CD-ROM xvii
Ordering Documentation xvii
Documentation Feedback xviii
Obtaining Technical Assistance xviii
Cisco.com xviii
Technical Assistance Center xix
Cisco TAC Website xix
Cisco TAC Escalation Center xix
CONTENTS
CHAPTER
CHAPTER
Obtaining Additional Publications and Information xx
1 Overview 1-1
Features 1-2
Management Options 1-2
Network Configuration Examples 1-3
Point-to-Point Bridging 1-3
Point-to-Multipoint Bridging 1-4
Redundant Bridging 1-4
2 Configuring the Bridge for the First Time 2-1
Before You Start 2-2
Resetting the Bridge to Default Settings 2-2
Obtaining and Assigning an IP Address 2-3
Connecting to the Bridge Locally 2-3
Assigning Basic Settings 2-4
Default Settings on the Express Setup Page 2-8
OL-4059-01
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
iii
Contents
Protecting Your Wireless LAN 2-8
Using the IP Setup Utility 2-8
Obtaining and Installing IPSU 2-9
Using IPSU to Find the Bridge’s IP Address 2-9
Using IPSU to Set the Bridge’s IP Address and SSID 2-10
Assigning an IP Address Using the CLI 2-11
Using a Telnet Session to Access the CLI 2-12
CHAPTER
CHAPTER
3 Using the Web-Browser Interface 3-1
Using the Web-Browser Interface for the First Time 3-2
Using the Management Pages in the Web-Browser Interface 3-2
Using Action Buttons 3-3
Character Restrictions in Entry Fields 3-4
Using Online Help 3-5
4 Using the Command-Line Interface 4-1
IOS Command Modes 4-2
Getting Help 4-3
Abbreviating Commands 4-3
Using no and default Forms of Commands 4-3
Understanding CLI Messages 4-4
Using Command History 4-4
Changing the Command History Buffer Size 4-4
Recalling Commands 4-5
Disabling the Command History Feature 4-5
Using Editing Features 4-5
Enabling and Disabling Editing Features 4-6
Editing Commands Through Keystrokes 4-6
Editing Command Lines that Wrap 4-7
Searching and Filtering Output of show and more Commands 4-8
Accessing the CLI 4-8
Opening the CLI with Telnet 4-8
Opening the CLI with Secure Shell 4-9
CHAPTER
5 Administering the Bridge 5-1
Preventing Unauthorized Access to Your Bridge 5-2
Protecting Access to Privileged EXEC Commands 5-2
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
iv
OL-4059-01
Default Password and Privilege Level Configuration 5-2
Setting or Changing a Static Enable Password 5-3
Protecting Enable and Enable Secret Passwords with Encryption 5-4
Configuring Username and Password Pairs 5-5
Configuring Multiple Privilege Levels 5-6
Setting the Privilege Level for a Command 5-6
Logging Into and Exiting a Privilege Level 5-7
Controlling Bridge Access with RADIUS 5-7
Default RADIUS Configuration 5-8
Configuring RADIUS Login Authentication 5-8
Defining AAA Server Groups 5-9
Configuring RADIUS Authorization for User Privileged Access and Network Services 5-11
Displaying the RADIUS Configuration 5-12
Controlling Bridge Access with TACACS+ 5-12
Default TACACS+ Configuration 5-13
Configuring TACACS+ Login Authentication 5-13
Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 5-14
Displaying the TACACS+ Configuration 5-15
Contents
Configuring the Bridge for Local Authentication and Authorization 5-15
Configuring the Bridge for Secure Shell 5-16
Understanding SSH 5-16
Configuring SSH 5-17
Managing the System Time and Date 5-17
Understanding the System Clock 5-17
Understanding Network Time Protocol 5-18
Configuring NTP 5-19
Default NTP Configuration 5-20
Configuring NTP Authentication 5-20
Configuring NTP Associations 5-21
Configuring NTP Broadcast Service 5-22
Configuring NTP Access Restrictions 5-23
Configuring the Source IP Address for NTP Packets 5-25
Displaying the NTP Configuration 5-26
Configuring Time and Date Manually 5-26
Setting the System Clock 5-27
Displaying the Time and Date Configuration 5-27
Configuring the Time Zone 5-28
Configuring Summer Time (Daylight Saving Time) 5-29
Configuring a System Name and Prompt 5-31
OL-4059-01
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
v
Contents
Default System Name and Prompt Configuration 5-31
Configuring a System Name 5-31
Understanding DNS 5-32
Default DNS Configuration 5-32
Setting Up DNS 5-32
Displaying the DNS Configuration 5-33
Creating a Banner 5-33
Default Banner Configuration 5-34
Configuring a Message-of-the-Day Login Banner 5-34
Configuring a Login Banner 5-35
CHAPTER
CHAPTER
6 Configuring Radio Settings 6-1
Disabling and Enabling the Radio Interface 6-2
Configuring the Role in Radio Network 6-2
Configuring the Radio Distance Setting 6-3
Configuring Radio Data Rates 6-3
Configuring Radio Transmit Power 6-4
Configuring Radio Channel Settings 6-5
Disabling and Enabling Aironet Extensions 6-6
Configuring the Ethernet Encapsulation Transformation Method 6-6
Configuring the Beacon Period 6-6
Configuring RTS Threshold and Retries 6-7
Configuring the Maximum Data Retries 6-7
Configuring the Fragmentation Threshold 6-8
Configuring Packet Concatenation 6-8
Performing a Carrier Busy Test 6-9
7 Configuring SSIDs 7-1
Understanding SSIDs 7-2
Configuring the SSID 7-2
Default SSID Configuration 7-2
Creating an SSID 7-3
CHAPTER
8 Configuring Spanning Tree Protocol 8-1
Understanding Spanning Tree Protocol 8-2
STP Overview 8-2
Bridge Protocol Data Units 8-3
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
vi
OL-4059-01
Election of the Spanning-Tree Root 8-4
Spanning-Tree Timers 8-4
Creating the Spanning-Tree Topology 8-4
Spanning-Tree Interface States 8-5
Blocking State 8-6
Listening State 8-7
Learning State 8-7
Forwarding State 8-7
Disabled State 8-7
Configuring STP Features 8-8
Default STP Configuration 8-8
Configuring STP Settings 8-8
STP Configuration Examples 8-9
Root Bridge Without VLANs 8-9
Non-Root Bridge Without VLANs 8-10
Root Bridge with VLANs 8-11
Non-Root Bridge with VLANs 8-12
Contents
CHAPTER
CHAPTER
Displaying Spanning-Tree Status 8-14
9 Configuring WEP and WEP Features 9-1
Understanding WEP 9-2
Configuring WEP and WEP Features 9-2
Creating WEP Keys 9-2
Enabling and Disabling WEP and Enabling TKIP and MIC 9-3
10 Configuring Authentication Types 10-1
Understanding Authentication Types 10-2
Open Authentication to the Bridge 10-2
Shared Key Authentication to the Bridge 10-2
EAP Authentication to the Network 10-3
Configuring Authentication Types 10-5
Default Authentication Settings 10-5
Assigning Authentication Types to an SSID 10-5
Configuring Authentication Holdoffs, Timeouts, and Intervals 10-7
Setting Up a Non-Root Bridge as a LEAP Client 10-8
Matching Authentication Types on Root and Non-Root Bridges 10-8
OL-4059-01
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
vii
Contents
CHAPTER
11 Configuring RADIUS and TACACS+ Servers 11-1
Configuring and Enabling RADIUS 11-2
Understanding RADIUS 11-2
RADIUS Operation 11-3
Configuring RADIUS 11-4
Default RADIUS Configuration 11-4
Identifying the RADIUS Server Host 11-4
Configuring RADIUS Login Authentication 11-7
Defining AAA Server Groups 11-9
Configuring RADIUS Authorization for User Privileged Access and Network Services 11-11
Starting RADIUS Accounting 11-12
Configuring Settings for All RADIUS Servers 11-13
Configuring the Bridge to Use Vendor-Specific RADIUS Attributes 11-13
Configuring the Bridge for Vendor-Proprietary RADIUS Server Communication 11-14
Displaying the RADIUS Configuration 11-15
Configuring and Enabling TACACS+ 11-16
Understanding TACACS+ 11-16
TACACS+ Operation 11-17
Configuring TACACS+ 11-17
Default TACACS+ Configuration 11-18
Identifying the TACACS+ Server Host and Setting the Authentication Key 11-18
Configuring TACACS+ Login Authentication 11-19
Configuring TACACS+ Authorization for Privileged EXEC Access and Network Services 11-20
Starting TACACS+ Accounting 11-21
Displaying the TACACS+ Configuration 11-22
CHAPTER
12 Configuring VLANs 12-1
Understanding VLANs 12-2
Related Documents 12-3
Incorporating Wireless Bridges into VLANs 12-4
Configuring VLANs 12-4
Configuring a VLAN 12-4
Viewing VLANs Configured on the Bridge 12-7
CHAPTER
13 Configuring QoS 13-1
Understanding QoS for Wireless LANs 13-2
QoS for Wireless LANs Versus QoS on Wired LANs 13-2
Impact of QoS on a Wireless LAN 13-2
Precedence of QoS Settings 13-3
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
viii
OL-4059-01
Configuring QoS 13-3
Configuration Guidelines 13-3
Configuring QoS Using the Web-Browser Interface 13-4
Adjusting Radio Traffic Class Definitions 13-8
CW-min and CW-max Settings for Point-to-Point and Point-to-Multipoint Bridge Links 13-9
QoS Configuration Examples 13-10
Giving Priority to Voice Traffic 13-10
Giving Priority to Video Traffic 13-12
Contents
CHAPTER
CHAPTER
14 Configuring Filters 14-1
Understanding Filters 14-2
Configuring Filters Using the CLI 14-2
Configuring Filters Using the Web-Browser Interface 14-2
Configuring and Enabling MAC Address Filters 14-3
Creating a MAC Address Filter 14-4
Configuring and Enabling IP Filters 14-5
Creating an IP Filter 14-7
Configuring and Enabling Ethertype Filters 14-8
Creating an Ethertype Filter 14-9
15 Configuring CDP 15-1
Understanding CDP 15-2
Configuring CDP 15-2
Default CDP Configuration 15-2
Configuring the CDP Characteristics 15-3
Disabling and Enabling CDP 15-3
Disabling and Enabling CDP on an Interface 15-4
Monitoring and Maintaining CDP 15-5
CHAPTER
16 Configuring SNMP 16-1
Understanding SNMP 16-2
SNMP Versions 16-2
SNMP Manager Functions 16-3
SNMP Agent Functions 16-3
SNMP Community Strings 16-3
Using SNMP to Access MIB Variables 16-4
Configuring SNMP 16-4
Default SNMP Configuration 16-5
OL-4059-01
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
ix
Contents
Enabling the SNMP Agent 16-5
Configuring Community Strings 16-5
Configuring Trap Managers and Enabling Traps 16-7
Setting the Agent Contact and Location Information 16-9
Using the snmp-server view Command 16-9
SNMP Examples 16-9
Displaying SNMP Status 16-10
CHAPTER
17 Managing Firmware and Configurations 17-1
Working with the Flash File System 17-2
Displaying Available File Systems 17-2
Setting the Default File System 17-3
Displaying Information About Files on a File System 17-3
Changing Directories and Displaying the Working Directory 17-4
Creating and Removing Directories 17-4
Copying Files 17-5
Deleting Files 17-5
Creating, Displaying, and Extracting tar Files 17-6
Creating a tar File 17-6
Displaying the Contents of a tar File 17-7
Extracting a tar File 17-7
Displaying the Contents of a File 17-8
Working with Configuration Files 17-8
Guidelines for Creating and Using Configuration Files 17-9
Configuration File Types and Location 17-9
Creating a Configuration File by Using a Text Editor 17-10
Copying Configuration Files by Using TFTP 17-10
Preparing to Download or Upload a Configuration File by Using TFTP 17-10
Downloading the Configuration File by Using TFTP 17-11
Uploading the Configuration File by Using TFTP 17-11
Copying Configuration Files by Using FTP 17-12
Preparing to Download or Upload a Configuration File by Using FTP 17-13
Downloading a Configuration File by Using FTP 17-13
Uploading a Configuration File by Using FTP 17-14
Copying Configuration Files by Using RCP 17-15
Preparing to Download or Upload a Configuration File by Using RCP 17-16
Downloading a Configuration File by Using RCP 17-16
Uploading a Configuration File by Using RCP 17-17
Clearing Configuration Information 17-18
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
x
OL-4059-01
Deleting a Stored Configuration File 17-18
Working with Software Images 17-19
Image Location on the Bridge 17-19
tar File Format of Images on a Server or Cisco.com 17-19
Copying Image Files by Using TFTP 17-20
Preparing to Download or Upload an Image File by Using TFTP 17-20
Downloading an Image File by Using TFTP 17-21
Uploading an Image File by Using TFTP 17-22
Copying Image Files by Using FTP 17-23
Preparing to Download or Upload an Image File by Using FTP 17-23
Downloading an Image File by Using FTP 17-24
Uploading an Image File by Using FTP 17-26
Copying Image Files by Using RCP 17-27
Preparing to Download or Upload an Image File by Using RCP 17-27
Downloading an Image File by Using RCP 17-29
Uploading an Image File by Using RCP 17-31
Reloading the Image Using the Web Browser Interface 17-32
Browser HTTP Interface 17-32
Browser TFTP Interface 17-32
Reloading the Image Using the Power Injector MODE button 17-33
Contents
CHAPTER
18 Configuring System Message Logging 18-1
Understanding System Message Logging 18-2
Configuring System Message Logging 18-2
System Log Message Format 18-2
Default System Message Logging Configuration 18-3
Disabling and Enabling Message Logging 18-4
Setting the Message Display Destination Device 18-5
Enabling and Disabling Timestamps on Log Messages 18-6
Enabling and Disabling Sequence Numbers in Log Messages 18-6
Defining the Message Severity Level 18-7
Limiting Syslog Messages Sent to the History Table and to SNMP 18-8
Setting a Logging Rate Limit 18-9
Configuring UNIX Syslog Servers 18-10
Logging Messages to a UNIX Syslog Daemon 18-10
Configuring the UNIX System Logging Facility 18-10
Displaying the Logging Configuration 18-12
OL-4059-01
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
xi
Contents
CHAPTER
19 Troubleshooting 19-1
Checking the Bridge LEDs 19-2
Bridge Normal Mode LED Indications 19-3
Power Injector LEDs 19-4
Checking Power 19-6
Checking Basic Configuration Settings 19-7
SSID 19-7
Security Settings 19-7
Antenna Alignment 19-8
Resetting to the Default Configuration 19-8
Using the MODE Button 19-8
Using the Web Browser Interface 19-9
Reloading the Bridge Image 19-9
Using the MODE button 19-9
Web Browser Interface 19-10
Browser HTTP Interface 19-10
Browser TFTP Interface 19-11
Obtaining the Bridge Image File 19-11
Obtaining the TFTP Server Software 19-12
APPENDIX
APPENDIX
APPENDIX
APPENDIX
G
LOSSARY
I
NDEX
A Channels and Antenna Settings A-1
Channels A-2
IEEE 802.11a (5-GHz Band) A-2
Maximum Power Levels A-2
5.8-GHz Band A-2
B Protocol Filters B-1
C Supported MIBs C-1
MIB List C-1
Using FTP to Access the MIB Files C-2
D Error and Event Messages D-1
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
xii
OL-4059-01
Audience
Purpose
Preface
This guide is for the networking professional who installs and manages Cisco Aironet 1400 Series
Bridges. To use this guide, you should have experience working with the Cisco IOS and be familiar with
the concepts and terminology of wireless local area networks.
This guide provides the information you need to install and configure your bridge. This guide provides
procedures for using the IOS commands that have been created or changed for use with the bridge. It
does not provide detailed information about these commands. For detailed information about these
commands, refer to the Cisco IOS Command Reference for Cisco Aironet Access Points and Bridges for
this release. For information about the standard IOS Release 12.2 commands, refer to the IOS
documentation set available from the Cisco.com home page at Service and Support >
TechnicalDocuments. On the Cisco Product Documentation home page, select Release 12.2 from the
Cisco IOS Software drop-down list.
This guide also includes an overview of the bridge web-based interface, which contains all the
funtionality of the command-line interface (CLI). This guide does not provide field-level descriptions of
the web-based windows nor does it provide the procedures for configuring the bridge from the
web-based interface. For all window descriptions and procedures, refer to the bridge online help, which
is available from the Help buttons on the web-based interface pages.
Organization
This guide is organized into these chapters:
Chapter 1, “Overview,” lists the software and hardware features of the bridge and describes the bridge’s
role in your network.
Chapter 2, “Configuring the Bridge for the First Time,” describes how to configure basic settings on a
new bridge.
Chapter 3, “Using the Web-Browser Interface,” describes how to use the web-browser interface to
configure the bridge.
Chapter 4, “Using the Command-Line Interface,” describes how to use the command-line interface (CLI)
to configure the bridge.
OL-4059-01
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
xiii
Organization
Preface
Chapter 5, “Administering the Bridge,” describes how to perform one-time operations to administer your
bridge, such as preventing unauthorized access to the bridge, setting the system date and time, and
setting the system name and prompt.
Chapter 6, “Configuring Radio Settings,” describes how to configure settings for the bridge radio such
as the role in the radio network, data rates, transmit power, channel settings, and others.
Chapter 7, “Configuring SSIDs,” describes how to configure and manage multiple service set identifiers
(SSIDs) on your bridge. You can configure up to 16 SSIDs on your bridge and assign different
configuration settings to each SSID.
Chapter 8, “Configuring Spanning Tree Protocol,” descibes how to configure Spanning Tree Protocol
(STP) on your bridge. STP prevents bridge loops in your network.
Chapter 9, “Configuring WEP and WEP Features,” describes how to configure the cipher suites required
to use authenticated key management, Wired Equivalent Privacy (WEP), and WEP features including
MIC, CMIC, TKIP, CKIP, and broadcast key rotation.
Chapter 10, “Configuring Authentication Types,” describes how to configure authentication types on the
bridge. Client devices use these authentication methods to join your network.
Chapter 11, “Configuring RADIUS and TACACS+ Servers,” describes how to enable and configure the
Remote Authentication Dial-In User Service (RADIUS) and Terminal Access Controller Access Control
System Plus (TACACS+), which provide detailed accounting information and flexible administrative
control over authentication and authorization processes.
Chapter 12, “Configuring VLANs,” describes how to configure your bridge to interoperate with the
VLANs set up on your wired LAN.
Chapter 13, “Configuring QoS,” describes how to configure quality of service (QoS) on your bridge.
With this feature, you can provide preferential treatment to certain traffic at the expense of others.
Chapter 14, “Configuring Filters,” describes how to configure and manage MAC address, IP, and
Ethertype filters on the bridge using the web-browser interface.
Chapter 15, “Configuring CDP,” describes how to configure Cisco Discovery Protocol (CDP) on your
bridge. CDP is a device-discovery protocol that runs on all Cisco network equipment.
Chapter 16, “Configuring SNMP,” describes how to configure the Simple Network Management
Protocol (SNMP) on your bridge.
Chapter 17, “Managing Firmware and Configurations,” describes how to manipulate the Flash file
system, how to copy configuration files, and how to archive (upload and download) software images.
Chapter 18, “Configuring System Message Logging,” describes how to configure system message
logging on your bridge.
Chapter 19, “Troubleshooting,” describes how to troubleshoot common problems with your bridge.
Appendix A, “Channels and Antenna Settings,” lists the bridge radio channels and the maximum power
levels supported by the world’s regulatory domains.
Appendix B, “Protocol Filters,” lists some of the protocols that you can filter on the bridge.
Appendix C, “Supported MIBs,” lists the Simple Network Management Protocol (SNMP) Management
Information Bases (MIBs) that the bridge supports for this software release.
Appendix D, “Error and Event Messages,” lists the CLI error and event messages and provides an
explanation and recommended action for each message.
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
xiv
OL-4059-01
Preface
Conventions
This publication uses these conventions to convey instructions and information:
Command descriptions use these conventions:
Interactive examples use these conventions:
Notes, cautions, and timesavers use these conventions and symbols:
Conventions
• Commands and keywords are in boldface text.
• Arguments for which you supply values are in italic.
• Square brackets ([ ]) mean optional elements.
• Braces ({ }) group required choices, and vertical bars ( | ) separate the alternative elements.
• Braces and vertical bars within square brackets ([{ | }]) mean a required choice within an optional
element.
• Terminal sessions and system displays are in screen font.
• Information you enter is in boldface screen font.
• Nonprinting characters, such as passwords or tabs, are in angle brackets (< >).
Tip Means the following will help you solve a problem. The tips information might not be troubleshooting
Note Means reader take note. Notes contain helpful suggestions or references to materials not contained in
Caution Means reader be careful. In this situation, you might do something that could result equipment damage
Warning
Waarschuwing
or even an action, but could be useful information.
this manual.
or loss of data.
This warning symbol means danger. You are in a situation that could cause bodily injury. Before you
work on any equipment, be aware of the hazards involved with electrical circuitry and be familiar
with standard practices for preventing accidents. (To see translations of the warnings that appear
in this publication, refer to the appendix “Translated Safety Warnings.”)
Dit waarschuwingssymbool betekent gevaar. U verkeert in een situatie die lichamelijk letsel kan
veroorzaken. Voordat u aan enige apparatuur gaat werken, dient u zich bewust te zijn van de bij
elektrische schakelingen betrokken risico’s en dient u op de hoogte te zijn van standaard
maatregelen om ongelukken te voorkomen. (Voor vertalingen van de waarschuwingen die in deze
publicatie verschijnen, kunt u het aanhangsel “Translated Safety Warnings” (Vertalingen van
veiligheidsvoorschriften) raadplegen.)
OL-4059-01
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
xv
Conventions
Preface
Varoitus
Attention
Warnung
Avvertenza
Tämä varoitusmerkki merkitsee vaaraa. Olet tilanteessa, joka voi johtaa ruumiinvammaan. Ennen
kuin työskentelet minkään laitteiston parissa, ota selvää sähkökytkentöihin liittyvistä vaaroista ja
tavanomaisista onnettomuuksien ehkäisykeinoista. (Tässä julkaisussa esiintyvien varoitusten
käännökset löydät liitteestä "Translated Safety Warnings" (käännetyt turvallisuutta koskevat
varoitukset).)
Ce symbole d’avertissement indique un danger. Vous vous trouvez dans une situation pouvant
entraîner des blessures. Avant d’accéder à cet équipement, soyez conscient des dangers posés par
les circuits électriques et familiarisez-vous avec les procédures courantes de prévention des
accidents. Pour obtenir les traductions des mises en garde figurant dans cette publication, veuillez
consulter l’annexe intitulée « Translated Safety Warnings » (Traduction des avis de sécurité).
Dieses Warnsymbol bedeutet Gefahr. Sie befinden sich in einer Situation, die zu einer
Körperverletzung führen könnte. Bevor Sie mit der Arbeit an irgendeinem Gerät beginnen, seien Sie
sich der mit elektrischen Stromkreisen verbundenen Gefahren und der Standardpraktiken zur
Vermeidung von Unfällen bewußt. (Übersetzungen der in dieser Veröffentlichung enthaltenen
Warnhinweise finden Sie im Anhang mit dem Titel “Translated Safety Warnings” (Übersetzung der
Warnhinweise).)
Questo simbolo di avvertenza indica un pericolo. Si è in una situazione che può causare infortuni.
Prima di lavorare su qualsiasi apparecchiatura, occorre conoscere i pericoli relativi ai circuiti
elettrici ed essere al corrente delle pratiche standard per la prevenzione di incidenti. La traduzione
delle avvertenze riportate in questa pubblicazione si trova nell’appendice, “Translated Safety
Warnings” (Traduzione delle avvertenze di sicurezza).
Advarsel
Aviso
¡Advertencia!
Varning!
Dette varselsymbolet betyr fare. Du befinner deg i en situasjon som kan føre til personskade. Før du
utfører arbeid på utstyr, må du være oppmerksom på de faremomentene som elektriske kretser
innebærer, samt gjøre deg kjent med vanlig praksis når det gjelder å unngå ulykker. (Hvis du vil se
oversettelser av de advarslene som finnes i denne publikasjonen, kan du se i vedlegget "Translated
Safety Warnings" [Oversatte sikkerhetsadvarsler].)
Este símbolo de aviso indica perigo. Encontra-se numa situação que lhe poderá causar danos
fisicos. Antes de começar a trabalhar com qualquer equipamento, familiarize-se com os perigos
relacionados com circuitos eléctricos, e com quaisquer práticas comuns que possam prevenir
possíveis acidentes. (Para ver as traduções dos avisos que constam desta publicação, consulte o
apêndice “Translated Safety Warnings” - “Traduções dos Avisos de Segurança”).
Este símbolo de aviso significa peligro. Existe riesgo para su integridad física. Antes de manipular
cualquier equipo, considerar los riesgos que entraña la corriente eléctrica y familiarizarse con los
procedimientos estándar de prevención de accidentes. (Para ver traducciones de las advertencias
que aparecen en esta publicación, consultar el apéndice titulado “Translated Safety Warnings.”)
Denna varningssymbol signalerar fara. Du befinner dig i en situation som kan leda till personskada.
Innan du utför arbete på någon utrustning måste du vara medveten om farorna med elkretsar och
känna till vanligt förfarande för att förebygga skador. (Se förklaringar av de varningar som
förekommer i denna publikation i appendix "Translated Safety Warnings" [Översatta
säkerhetsvarningar].)
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
xvi
OL-4059-01
Preface
Related Publications
Related Publications
These documents provide complete information about the bridge:
• Release Notes for 1400 Series Bridges
• Cisco IOS Command Reference for Cisco Aironet Access Points and Bridges
Click this link to browse the available documentation:
http://www.cisco.com/cisco/web/psa/default.html
To browse to the 1400 series bridge documentation, choose Wireless > Outdoor Wireless > Cisco
Aironet 1400 Series.
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional
information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and
revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed
and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free
service and Cisco currently supports RSS Version 2.0.
OL-4059-01
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
xvii
Related Publications
Preface
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
xviii
OL-4059-01
CHA P TER
1
Overview
Cisco Aironet 1400 Series Bridges (hereafter called bridges) provide building-to-building wireless
connectivity. Operating in the 5.8-GHz, UNII-3 band and conforming to the 802.11a standard, the 1400
series bridge delivers a 54-Mbps data rate. The bridge is a self-contained unit designed for outdoor
installations. You can connect external antennas to the bridge to attain various antenna gains and
coverage patterns. The bridge supports both point-to-point and point-to-multipoint configurations.
You can configure and monitor the bridge using the command-line interface (CLI), the browser-based
management system, or Simple Network Management Protocol (SNMP).
This chapter provides information on the following topics:
• Features, page 1-2
• Management Options, page 1-2
• Network Configuration Examples, page 1-3
OL-4059-01
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
1-1
Features
Features
Chapter 1 Overview
Bridges running Cisco IOS offer these software features:
• VLANs—Allow VLAN trunking on both wireless and Ethernet interfaces.
• QoS—Use this feature to support quality of service for prioritizing traffic on the wireless interface.
• RADIUS Accounting—Enable accounting on the bridge to send accounting data about wireless
client devices to a RADIUS server on your network.
• TACACS+ adminstrator authentication—Enable TACACS+ for server-based, detailed accounting
information and flexible administrative control over authentication and authorization processes. It
provides secure, centralized validation of administrators attempting to gain access to your bridge.
• Enhanced security—Enable three advanced security features to protect against sophisticated attacks
on your wireless network's WEP keys: Message Integrity Check (MIC) and WEP key hashing.
• Enhanced authentication services—Set up non-root bridges to authenticate to your network like
other wireless client devices. After you provide a network username and password for the non-root
bridge, it authenticates to your network using LEAP, Cisco's wireless authentication method, and
receives and uses dynamic WEP keys.
Management Options
You can use the bridge management system through the following interfaces:
• The IOS command-line interface (CLI), which you use through a Telnet session. Most of the
examples in this manual are taken from the CLI. Chapter 4, “Using the Command-Line Interface,”
provides a detailed description of the CLI.
• A web-browser interface, which you use through a web browser. Chapter 3, “Using the
Web-Browser Interface,” provides a detailed description of the web-browser interface.
• Simple Network Management Protocol (SNMP). Chapter 16, “Configuring SNMP,” explains how to
configure your bridge for SNMP management.
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
1-2
OL-4059-01
Chapter 1 Overview
Switch Switch
Non-Root
Bridge
Root Bridge
Network Configuration Examples
This section describes the bridge’s role in common wireless bridging configurations: point-to-point,
point-to-multipoint, and redundant bridging. One bridge in any pair or group of bridges must be a root
bridge, and the bridge or bridges associated to the root bridge must be set to non-root.
Point-to-Point Bridging
In a point-to-point configuration, a non-root bridge associates to a root bridge. In installation mode, the
bridge listens for another 1400 series bridge. If it does not recognize another bridge, the bridge becomes
a root bridge. If it recognizes another bridge, it becomes a non-root bridge associated to the bridge it
recognizes. See Chapter 2, “Configuring the Bridge for the First Time,” for instructions on initial bridge
setup.
Figure 1-1 shows bridges in a point-to-point configuration.
Figure 1-1 Point-to-Point Bridge Configuration
Network Configuration Examples
Note If your bridges connect one or more large, flat networks (a network containing more than 256 users on
the same subnet) we recommend that you use a router to connect the bridge to the large, flat network.
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
OL-4059-01
1-3
Network Configuration Examples
88905
Switch
Switch
Switch
Root Bridge
Non-Root
Bridge
Non-Root
Bridge
Switch
Non-Root
Bridge
Point-to-Multipoint Bridging
In a point-to-multipoint configuration, two or more non-root bridges associate to a root bridge. Up to 17
non-root bridges can associate to a root bridge, but the non-root bridges must share the available
bandwidth.
See Chapter 2, “Configuring the Bridge for the First Time,” for instructions on initial bridge setup.
Figure 1-2 shows bridges in a point-to-multipoint configuration.
Figure 1-2 Point-to-Multipoint Bridge Configuration
Chapter 1 Overview
Note If your bridges connect one or more large, flat networks (a network containing more than 256 users on
the same subnet) we recommend that you use a router to connect the bridge to the large, flat network.
Redundant Bridging
You can set up two pairs of bridges to add redundancy or load balancing to your bridge link. The bridges
must use non-adjacent, non-overlapping radio channels to prevent interference, and they must use
Spanning Tree Protocol (STP) to prevent bridge loops. See Chapter 8, “Configuring Spanning Tree
Protocol,” for instructions on configuring STP.
Note STP is disabled by default.
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
1-4
OL-4059-01
Chapter 1 Overview
88900
Switch on
LAN 1
Switch on
LAN 2
Root Bridge Non-Root
Bridge
Non-Root
Bridge
Root Bridge
Network Configuration Examples
Figure 1-3 shows two pairs of redundant bridges.
Figure 1-3 Redundant Bridge Configuration
OL-4059-01
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
1-5
Network Configuration Examples
Chapter 1 Overview
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
1-6
OL-4059-01
CHA P TER
2
Configuring the Bridge for the First Time
This chapter describes how to configure basic settings on your bridge for the first time. You can
configure all the settings described in this chapter using the CLI, but it might be simplest to browse to
the bridge’s web-browser interface to complete the initial configuration and then use the CLI to enter
additional settings for a more detailed configuration.
This chapter contains these sections:
• Before You Start, page 2-2
• Obtaining and Assigning an IP Address, page 2-3
• Assigning Basic Settings, page 2-4
• Protecting Your Wireless LAN, page 2-8
• Using the IP Setup Utility, page 2-8
• Assigning an IP Address Using the CLI, page 2-11
• Using a Telnet Session to Access the CLI, page 2-12
OL-4059-01
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
2-1
Before You Start
Before You Start
Before you install the bridge, make sure you are using a computer connected to the same network as the
bridge, and obtain the following information from your network administrator:
• A system name for the bridge
• The case-sensitive wireless service set identifier (SSID) that your bridges use
• If not connected to a DHCP server, a unique IP address for your bridge (such as 172.17.255.115)
• If the bridge is not on the same subnet as your PC, a default gateway address and subnet mask
• A Simple Network Management Protocol (SNMP) community name and the SNMP file attribute (if
SNMP is in use)
• If you use IPSU to find or assign the bridge IP address, the MAC address from the product label on
the bridge (such as 00164625854c)
Resetting the Bridge to Default Settings
Chapter 2 Configuring the Bridge for the First Time
If you need to start over during the initial setup process, follow these steps to reset the bridge to factory
default settings using the MODE button on the long-reach power injector:
Step 1 Disconnect power from the power injector.
Step 2 Press and hold the MODE button while you reconnect the power cable.
Step 3 Hold the MODE button until the Status LED on the power injector turns amber (approximately 3 to 4
seconds), and release the button. Wait until the status LED turns green to indicate that the bridge has
booted up. All bridge settings return to factory defaults.
Follow these steps to return to default settings using the web-browser interface:
Step 1 Open your Internet browser. You must use Microsoft Internet Explorer (version 5.x or later) or Netscape
Navigator (version 4.x).
Step 2 Enter the bridge’s IP address in the browser address line and press Enter. An Enter Network Password
window appears.
Step 3 Enter your username in the User Name field. The default username is Cisco.
Step 4 Enter the bridge password in the Password field and press Enter. The default password is Cisco. The
Summary Status page appears.
Step 5 Click System Software and the System Software screen appears.
Step 6 Click System Configuration and the System Configuration screen appears.
Step 7 Click the Reset to Defaults button.
Note If the bridge is configured with a static IP address, the IP address does not change.
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
2-2
OL-4059-01
Chapter 2 Configuring the Bridge for the First Time
Obtaining and Assigning an IP Address
To browse to the bridge’s Express Setup page, you must either obtain or assign the bridge’s IP address
using one of the following methods:
• Use default address 10.0.0.1 when you connect to the bridge locally. For detailed instructions, see
the “Connecting to the Bridge Locally” section on page 2-3.
• Use a DHCP server (if available) to automatically assign an IP address. You can find out the
DHCP-assigned IP address using one of the following methods:
–
Provide your organization’s network administrator with your bridge’s Media Access Control
(MAC) address. Your network administrator will query the DHCP server using the MAC
address to identify the IP address. The bridge’s MAC address is on the label attached to the
bottom of the bridge.
–
Use the Cisco IP Setup Utility (IPSU) to identify the assigned address. You can also use IPSU
to assign an IP address to the bridge if it did not receive an IP address from the DHCP server.
IPSU runs on most Microsoft Windows operating systems: Windows 9x, 2000, Me, NT, and XP.
You can download IPSU from the Software Center on Cisco.com. Click this link to browse to
the Software Center:
Obtaining and Assigning an IP Address
http://www.cisco.com/cisco/software/navigator.html
–
If the unit is a non-root bridge, browse to the Associations page on the root bridge to which the
non-root is associated. The non-root bridge’s MAC address and IP address appear on the root
bridge’s Associations page.
Connecting to the Bridge Locally
If you need to configure the bridge locally (without connecting the bridge to a wired LAN), you can
connect a PC to the Ethernet port on the long-reach power injector using a Category 5 Ethernet cable.
You can use a local connection to the power injector’s Ethernet port much as you would use a serial port
connection.
Note You do not need a special crossover cable to connect your PC to the power injector; you can use
either a straight-through cable or a crossover cable.
If the bridge is configured with default values and not connected to a DHCP server or cannot obtain an
IP address, it defaults to IP address 10.0.0.1. When a non-root bridge associates to a root bridge, it
receives an IP address from the root bridge. Browse to the Associations page on the root bridge to find
the non-root bridge’s IP address, or use IPSU to find the IP address.
Follow these steps to connect to the bridge locally:
Step 1 Make sure that the PC you intend to use is configured to obtain an IP address automatically, or manually
assign it an IP address from 10.0.0.2 to 10.0.0.10.
Step 2 With the power cable disconnected from the power injector, connect your PC to the power injector using
a Category 5 Ethernet cable. You can use either a crossover cable or a straight-through cable.
Step 3 Connect the power injector to the bridge using dual coaxial cables.
Step 4 Connect the power injector power cable and power up the bridge.
OL-4059-01
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
2-3
Assigning Basic Settings
Step 5 Follow the steps in the “Assigning Basic Settings” section on page 2-4. If you make a mistake and need
to start over, follow the steps in the “Resetting the Bridge to Default Settings” section on page 2-2.
Step 6 After configuring the bridge, remove the Ethernet cable from your PC and connect the power injector to
your wired LAN.
Note When you connect your PC to the bridge or reconnect your PC to the wired LAN, you might need to
release and renew the IP address on the PC. On most PCs, you can perform a release and renew by
rebooting your PC or by entering ipconfig /release and ipconfig /renew commands in a command
prompt window. Consult your PC operating instructions for detailed instructions.
Assigning Basic Settings
After you determine or assign the bridge’s IP address, you can browse to the bridge’s Express Setup page
and perform an initial configuration:
Chapter 2 Configuring the Bridge for the First Time
Step 1 Open your Internet browser. The bridge web-browser interface is fully compatible with these browsers:
Microsoft Internet Explorer versions 5.0, 5.01, 5.5 and 6.0; and Netscape Navigator versions 4.79 and
7.0.
Step 2 Enter the bridge’s IP address in the browser address line and press Enter. An Enter Network Password
screen appears.
Step 3 Press Ta b to bypass the Username field and advance to the Password field.
Step 4 Enter the case-sensitive password Cisco and press Enter. The Summary Status page appears. Figure 2-1
shows the Summary Status page.
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
2-4
OL-4059-01
Chapter 2 Configuring the Bridge for the First Time
Figure 2-1 Summary Status Page
Assigning Basic Settings
Step 5
Click Express Setup. The Express Setup screen appears. Figure 2-2 shows the Express Setup page.
OL-4059-01
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
2-5
Assigning Basic Settings
Chapter 2 Configuring the Bridge for the First Time
Figure 2-2 Express Setup Page
2-6
Step 6
Enter the configuration settings you obtained from your system administrator. The configurable settings
include:
• System Name— The system name, while not an essential setting, helps identify the bridge on your
network. The system name appears in the titles of the management system pages.
• Configuration Server Protocol—Click on the button that matches the network’s method of IP
address assignment.
–
DHCP—IP addresses are automatically assigned by your network’s DHCP server.
–
Static IP—The bridge uses a static IP address that you enter in the IP address field.
• IP Address—Use this setting to assign or change the bridge’s IP address. If DHCP is enabled for
your network, leave this field blank.
Note If the bridge’s IP address changes while you are configuring the bridge using the web-browser
interface or a Telnet session over the wired LAN, you lose your connection to the bridge. If you
lose your connection, reconnect to the bridge using its new IP address. Follow the steps in the
“Resetting the Bridge to Default Settings” section on page 2-2 if you need to start over.
• IP Subnet Mask—Enter the IP subnet mask provided by your network administrator so the IP
address can be recognized on the LAN. If DHCP is enabled, leave this field blank.
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
OL-4059-01
Loading...