Cisco 880 Series Software Configuration Manual Download Page 51 | Manualshive

Page: 51 / 58

background image

4-7

Cisco 880 Series Integrated Services Router Software Configuration Guide

OL-22206-01

Chapter 4 Basic Wireless Device Configuration

Configuring Wireless Settings

Read

Without VLANs, encryption settings (WEP and ciphers) apply to an interface, such as the
2.4-GHz radio, and you cannot use more than one encryption setting on an interface. For
example, when you create an SSID with static WEP with VLANs disabled, you cannot create
additional SSIDs with WPA authentication because the SSIDs use different encryption settings.
If you find that the security setting for an SSID conflicts with the settings for another SSID, you
can delete one or more SSIDs to eliminate the conflict.

Security Types

Table 4-1

describes the four security types that you can assign to an SSID.

Table 4-1

Types of SSID Security

Security Type

Description

Security Features Enabled

No security

This is the least secure option. You should use this option
only for SSIDs in a public space and you should assign it to
a VLAN that restricts access to your network.

None.

Static WEP key

This option is more secure than no security. However, static
WEP keys are vulnerable to attack. If you configure this
setting, you should consider limiting association to the
wireless device based on MAC address, see C

ipher Suites

and WEP at:

http://www.cisco.com/en/US/docs/routers/access/wireless/
software/guide/SecurityCipherSuitesWEP.html

.

Or

If your network does not have a RADIUS server, consider
using an access point as a local authentication server.

See

Using the Access Point as a Local Authenticator

for

instructions:

http://www.cisco.com/en/US/docs/routers/access/wireless/
software/guide/SecurityLocalAuthent.html

.

Mandatory WEP. Client devices cannot
associate using this SSID without a WEP
key that matches the wireless device key.

«
...
49
50
51
52
53
...
»

Summary of Contents for 880 Series

Page 1: ...stems Inc 170 West Tasman Drive San Jose CA 95134 1706 USA http www cisco com Tel 408 526 4000 800 553 NETS 6387 Fax 408 527 0883 Cisco 880 Series Integrated Services Router Software Configuration Guide Text Part Number OL 22206 01 ...

Page 2: ...go Cisco Lumin Cisco Nexus Cisco Nurse Connect Cisco StackPower Cisco StadiumVision Cisco TelePresence Cisco Unified Computing System Cisco WebEx DCE Flip Channels Flip for Good Flip Mino Flip Video Flip Video Design Flipshare Design Flip Ultra and Welcome to the Human Network are trademarks Changing the Way We Work Live Play and Learn Cisco Store and Flip Gift Card are service marks and Access Re...

Page 3: ...ing Documentation and Submitting a Service Request page xvi Objective This guide provides an overview and explains how to configure the various features for the Cisco 880 series Integrated Services Routers ISR Some information may not apply to your particular router model For warranty service and support information see the Cisco One Year Limited Hardware Warranty Terms section in Readme First for...

Page 4: ...es an introduction to the wireless device on the router and its use in network configurations Basic Router Configuration Provides procedures for configuring the basic parameters of the router Basic Wireless Device Configuration Provides procedures for initial configuration of the wireless device Table 1 Command Conventions Convention Description boldface font Commands and keywords italic font Vari...

Page 5: ...Cisco System Manager Quick Start Guide Cisco IOS Release 12 4 Quality of Service Solutions Configuration Guide Cisco IOS Security Configuration Guide Release 12 4 Cisco IOS Security Configuration Guide Release 12 4T Cisco IOS Security Command Reference Release 12 4 Cisco IOS Security Command Reference Release 12 4T Cisco IOS Command Reference for Cisco Aironet Access Points and Bridges versions 12...

Page 6: ...more information regarding searching PDF documents Obtaining Documentation and Submitting a Service Request For information on obtaining documentation submitting a service request and gathering additional information see the monthly What s New in Cisco Product Documentation which also lists all new and revised Cisco technical documentation at http www cisco com en US docs general whatsnew whatsnew...

Page 7: ...wer than 20 users These routers are capable of bridging and multiprotocol routing between LAN and WAN ports and provide advanced features such as antivirus protection In addition the Cisco 880W series ISR incorporates an 802 11b g n wireless radio that allows the ISR to act as a wireless access point Cisco 880 Series ISR The Cisco 880 series ISRs are a family of fixed configuration data routers as...

Page 8: ...o access points or phones 802 11b g n Wireless LAN The Cisco 880W series ISRs have an integrated 802 11b g n single radio module for wireless LAN connectivity With this module the router can act as an access point in the local infrastructure Battery backed up Real Time Clock A battery backed up real time clock RTC provides the date and time when the system is powered on The RTC is used to verify t...

Page 9: ...nse The router stores the software license file on the flash memory Selecting Feature Sets Some feature sets are bundled and offered with a software license that is installed on the hardware platforms For a list of features available with a software license on the Cisco 880 see Cisco 880 Data Sheet See Cisco IOS Software Activation Tasks and Commands on Cisco com for details about how to activate ...

Page 10: ... WAN Real time clock Embedded WLAN antenna on wireless models C887VAM W 512 MB memory 256 MB Flash 4 port 10 100 Switch 2 port PoE is a factory configurable option 1 port console aux 1 port external USB 2 0 ADSL2 Annex M Real time clock Embedded WLAN antenna on wireless model C887VA W 512 MB memory 256 MB Flash 4 port 10 100 Switch 2 port PoE is a factory configurable option 1 port console aux 1 p...

Page 11: ...2 MB memory 256 MB Flash 4 port 10 100 Switch 2 port PoE is a facotry configurable option 1 port console aux 1 port external USB 2 0 ADSL2 Annex A 3G modem with Dual SIMM card slots Real time clock Embedded WLAN antenna on wireless models Memory Table 1 2 illustrates the on board memory and flash size for the first and second core The total memory installed is 512 MB 256 MB flash and they are part...

Page 12: ...peration Blink boot up phase in ROM Monitor mode Ethernet Switch and FE GE LAN WAN ports Green Ethernet Switch Off No link Steady on link Blink TXD RXD data PoE Green Yellow PoE Status Off no device powered PoE administratively disabled Steady on green PD connected and powered Steady on yellow PD denied power power delivery fault xDSL Green CD Steady on connected Blink training Green Data Blink TX...

Page 13: ... receiving data traffic Green If dual radio is installed Green Autonomous Mode Off Ethernet link down On Ethernet link up no traffic Blink Ethernet link up with data traffic Unified Mode Off Ethernet link down On Ethernet link up connected to controller Blink AP not communicating with controller VPN_OK Off no tunnel Steady on at least one tunnel is up PPP_OK Off no PPP session Steady on at least o...

Page 14: ...ed from 12 VDC on motherboard Power over Ethernet PoE Inline Power Option Inline power is a configurator option PoE configured boxes are supplied with a 12 VDC 60 W adapter in lieu of the 30 W Images supported c800 universalk9 mz This image offers all IOS features supported by c8xx platforms c800 universalk9_npe mz This image does not support VPN payload and secure voice functionality and statisfi...

Page 15: ...r 1 Product Overview Images supported advsecurity_npe Feature licenses ios ips ipdate Minimum software version needed to support AP802 Table 1 4 Software version needed for AP802 Software Minimum version Router IOS 15 1 4 M AP IOS Autonomous mode TBD AP IOS unified mode J MR2 WLC J MR2 WCS J MR2 ...

Page 16: ...1 10 Cisco 880 Series Integrated Services Router Software Configuration Guide OL 22206 01 Chapter 1 Product Overview Images supported ...

Page 17: ...he access point can be upgraded to operate in Cisco Unified Wireless mode Each mode is described below Autonomous mode supports standalone network configurations where all configuration settings are maintained locally on the wireless device Each autonomous device can load its starting configuration independently and still operate in a cohesive fashion on the network Cisco Unified Wireless mode ope...

Page 18: ...configuration guide scg12410b c hap2 gui html Note The web browser interface is fully compatible with Microsoft Internet Explorer version 6 0 on Windows 98 2000 and XP platforms and with Netscape version 7 0 on Windows 98 2000 XP and Solaris platforms Note Avoid using the CLI and the web browser tools concurrently to configure the wireless device If you configure the wireless device using the CLI ...

Page 19: ... defined in the following examples Root Access Point page 2 3 Central Unit in an All Wireless Network page 2 4 Root Access Point An access point connected directly to a wired LAN provides a connection point for wireless users If more than one access point is connected to the LAN users can roam from one area of a facility to another without losing their connection to the network As users move out o...

Page 20: ...ss network an access point acts as a stand alone root unit The access point is not attached to a wired LAN it functions as a hub linking all stations together The access point serves as the focal point for communications increasing the communication range of wireless users Figure 2 shows an access point in an all wireless network Figure 2 Access Point as Central Unit in All Wireless Network Access...

Page 21: ...ration page 3 4 Configuring Command Line Access page 3 5 Configuring Global Parameters page 3 7 Configuring WAN Interfaces page 3 7 Configuring a Fast Ethernet WAN Interface page 3 8 Configuring the Fast Ethernet LAN Interfaces page 3 16 Configuring the Wireless LAN Interface page 3 16 Configuring a Loopback Interface page 3 17 Configuring Static Routes page 3 18 Configuring Dynamic Routes page 3 ...

Page 22: ...llowing example for a Cisco 881W Router show running config User Access Verification Password Router en Password Router show running config Building configuration Current configuration 986 bytes version 12 4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password encryption hostname Router boot start marker boot end marker enable secret 5 1 g4...

Page 23: ...terface FastEthernet1 shutdown interface FastEthernet2 shutdown interface FastEthernet3 shutdown interface FastEthernet4 ip address 10 1 1 1 255 255 255 0 no ip route cache duplex auto speed auto interface Vlan1 no ip address no ip route cache shutdown interface wlan ap0 description Service Module interface to manage the embedded AP ip unnumbered Vlan1 no cdp enable arp timeout 0 ip route 0 0 0 0 ...

Page 24: ... network administrator must generate and share the following information for the WAN interfaces of the routers PPP authentication type CHAP or PAP PPP client name to access the router PPP password to access the router If you are setting up IP routing Generate the addressing scheme for your IP network Determine the IP routing parameter information including IP address and ATM permanent virtual circ...

Page 25: ...ses See Software Activation on Cisco Integrated Services Routers and Cisco Integrated Service Routers G2 Configuring Command Line Access To configure parameters to control access to the router perform these steps beginning in global configuration mode SUMMARY STEPS 1 line aux console tty vty line number 2 password password 3 login 4 exec timeout minutes seconds 5 line aux console tty vty line numb...

Page 26: ... line Sets the interval that the EXEC command interpreter waits until user input is detected The default is 10 minutes Optionally add seconds to the interval value This example shows a timeout of 5 minutes and 30 seconds Entering a timeout of 0 0 specifies never to time out Step 5 line aux console tty vty line number Example Router config line line vty 0 4 Router config line Specifies a virtual te...

Page 27: ...Multi Mode 886VA and 887VA ISRs page 3 9 Configuring ADSL Mode page 3 10 Command Purpose Step 1 configure terminal Example Router enable Router configure terminal Router config Enters global configuration mode when using the console port If you are connecting to the router using a remote terminal use the following telnet router name or address Login login id Password Router enable Step 2 hostname ...

Page 28: ...rform these steps beginning in global configuration mode SUMMARY STEPS 1 controller vdsl 0 2 interface type number 3 ip address ip address mask Command Purpose Step 1 interface type number Example Router config interface fastethernet 4 Router config if Enters the configuration mode for a Fast Ethernet WAN interface on the router Step 2 ip address ip address mask Example Router config if ip address...

Page 29: ...config t Router config controller vdsl 0 Enters controller configuration mode and the controller number Note There is no need to configure any VDSL2 parameters from CPE side Any specific VDSL2 settings should be set on the DSLAM side Step 2 interface type number Example Router config interface ethernet 0 Router config if Enters the configuration mode for Ethernet Layer 2 transport on the VDSL WAN ...

Page 30: ... or Ethernet WAN network topography Figure 3 1 Example Topology Note A DSLAM in Layer 1 mode may be configured for auto mode A DSLAM in Layer 2 mode must be configured for ATM mode or packet transfer mode PTM Note Cisco 886VA and 887VA allow a maximum of four permanent virtual circuits PVCs Configuring ADSL Mode Configuration tasks Perform the following tasks to configure ADSL mode Configuring ADS...

Page 31: ...EPS When configured in auto the operating mode does not appear in the show running command Configuring CPE and Peer ADSL Mode When configuring for ADSL the ATM main interface or ATM sub interface must be configured with a PVC and an IP address perform a no shutdown command on the interface if needed Command Purpose Step 1 controller vdsl slot Example Router config Controller vdsl 0 Enters config m...

Page 32: ...ED STEPS Command Purpose Step 1 interface type number Example Router config interface atm0 Enters configuration mode for the ATM WAN interface ATM0 Step 2 no shutdown Example Router config if no shutdown Router config if Enables the configuration changes to the ATM interface Step 3 interface atm0 1 point to point Example Router config if interface ATM0 1 point to point Router config subif Enables ...

Page 33: ...no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password encryption hostname Router boot start marker boot end marker no aaa new model memory size iomem 10 ip source route ip cef no ipv6 cef license udi pid CISCO887 V2 K9 sn FHK1313227E Step 6 protocol protocol protocol address virtual template inarp no broadcast disable check subnet no enable ...

Page 34: ... no fair queue interface BRI0 no ip address encapsulation hdlc shutdown isdn termintation multidrop interface ATM0 no ip address no atm ilmi keepalive interface ATM0 1 point to point ip address 30 0 0 1 255 255 255 0 pvc 15 32 protocol ip 30 0 0 2 broadcast interface FastEthernet0 interface FastEthernet1 interface FastEthernet2 interface FastEthernet3 interface Vlan1 no ip address ip forward proto...

Page 35: ...odem Vendor ID csco BDCM Modem Vendor Specific 0x4602 0x6110 Modem Vendor Country 0xB500 0xB500 Serial Number Near FHK1313227E 887 V2 K 15 1 20100 Serial Number Far Modem Version Nead 15 1 20100426 193435 changahn Modem Version Far 0x6110 Modem Status TC Sync Showtime DSL Config Mode AUTO Trained Mode G 992 5 ADSL2 Annex A TC Mode ATM Selftest Result 0x00 DELT configuration disabled DELT state not...

Page 36: ... Peer Connection for ADSL Ping the peer to confirm that CPE to peer configuration is setup correctly Router ping 30 0 0 2 rep 20 Type escape sequence to abort Sending 20 100 byte ICMP Echos to 30 0 0 2 timeout is 2 seconds Success rate is 100 percent 20 20 round trip min avg max 20 22 28 ms Router Configuring the Fast Ethernet LAN Interfaces The Fast Ethernet LAN interfaces on your router are auto...

Page 37: ...nterface configured on the Fast Ethernet interface with an IP address of 200 200 100 1 24 which acts as a static IP address The loopback interface points back to virtual template1 which has a negotiated IP address interface loopback 0 ip address 200 200 100 1 255 255 255 0 static IP address ip nat outside interface Virtual Template1 ip unnumbered loopback0 no ip directed broadcast ip nat outside C...

Page 38: ... rate 0 bits sec 0 packets sec 0 packets input 0 bytes 0 no buffer Received 0 broadcasts 0 runts 0 giants 0 throttles 0 input errors 0 CRC 0 frame 0 overrun 0 ignored 0 abort 0 packets output 0 bytes 0 underruns 0 output errors 0 collisions 0 interface resets 0 output buffer failures 0 output buffers swapped out Another way to verify the loopback interface is to ping it Router ping 200 200 100 1 T...

Page 39: ... should see verification output similar to the following Router show ip route Codes C connected S static R RIP M mobile B BGP D EIGRP EX EIGRP external O OSPF IA OSPF inter area N1 OSPF NSSA external type 1 N2 OSPF NSSA external type 2 E1 OSPF external type 1 E2 OSPF external type 2 i IS IS su IS IS summary L1 IS IS level 1 L2 IS IS level 2 ia IS IS inter area candidate default U per user static r...

Page 40: ...g Enhanced Interior Gateway Routing Protocol page 3 22 Configuring Routing Information Protocol To configure the RIP routing protocol on the router perform these steps beginning in global configuration mode SUMMARY STEPS 1 router rip 2 version 1 2 3 network ip address 4 no auto summary 5 end DETAILED STEPS Command Task Step 1 router rip Example Router configure terminal Router config router rip Ro...

Page 41: ...ected S static R RIP M mobile B BGP D EIGRP EX EIGRP external O OSPF IA OSPF inter area N1 OSPF NSSA external type 1 N2 OSPF NSSA external type 2 E1 OSPF external type 1 E2 OSPF external type 2 i IS IS su IS IS summary L1 IS IS level 1 L2 IS IS level 2 ia IS IS inter area candidate default U per user static route o ODR P periodic downloaded static route Gateway of last resort is not set 10 0 0 0 2...

Page 42: ...IP EIGRP enter the show ip route command and look for EIGRP routes indicated by D You should see verification output similar to the following Router show ip route Codes C connected S static R RIP M mobile B BGP D EIGRP EX EIGRP external O OSPF IA OSPF inter area N1 OSPF NSSA external type 1 N2 OSPF NSSA external type 2 E1 OSPF external type 1 E2 OSPF external type 2 Command Purpose Step 1 router e...

Page 43: ...namic Routes i IS IS su IS IS summary L1 IS IS level 1 L2 IS IS level 2 ia IS IS inter area candidate default U per user static route o ODR P periodic downloaded static route Gateway of last resort is not set 10 0 0 0 24 is subnetted 1 subnets C 10 108 1 0 is directly connected Loopback0 D 3 0 0 0 8 90 409600 via 2 2 2 1 00 00 02 Ethernet0 0 ...

Page 44: ...3 24 Cisco 880 Series Integrated Services Router Software Configuration Guide OL 22206 01 Chapter 3 Basic Router Configuration Configuring Dynamic Routes ...

Page 45: ...o Cisco Unified Software section on page 4 9 for instructions The wireless device is embedded and does not have an external console port for connections To configure the wireless device use a console cable to connect a personal computer to the host router s console port and perform these procedures to establish connectivity and configure the wireless settings Starting a Wireless Configuration Sess...

Page 46: ...erface wlan ap0 Example router config interface wlan ap0 router config if Defines the router s console interface to the wireless device The interface is used for communication between the router s console and the wireless device Always use port 0 The following message appears The wlan ap 0 interface is used for managing the embedded AP Please use the service module wlan ap 0 session command to con...

Page 47: ...6 x Router 1 disconnect 2 Press Enter Step 4 interface vlan1 Example router config if interface vlan1 Specifies the virtual LAN interface for data communication on the internal Gigabit Ethernet 0 GE0 port to other interfaces All the switch ports inherit the default vlan1 interface on the Cisco 880 Series ISR Step 5 ip address subnet mask Example router config if ip address 10 10 0 30 255 255 255 0...

Page 48: ...ware section on page 4 9 for upgrade instructions After upgrading to Cisco Unified Wireless software use the web browser interface to configure the device http cisco com en US docs wireless access_point 12 4_10b_JA configuration guide scg1 2410b chap2 gui html Cisco Express Setup To configure the Unified wireless device use the web browser tool Step 1 Establish a console connection to the wireless...

Page 49: ...authentication For maximum security client devices should also authenticate to your network using MAC address or Extensible Authentication Protocol EAP authentication Both authentication types rely on an authentication server on your network To select an authentication type see Authentication Types for Wireless Devices at http www cisco com en US docs routers access wireless software guide Securit...

Page 50: ...ftware guide SecurityCipherSuitesWEP ht ml Configuring Wireless VLANs If you use VLANs on your wireless LAN and assign SSIDs to VLANs you can create multiple SSIDs by using any of the four security settings defined in the Security Types section on page 4 7 A VLAN can be thought of as a broadcast domain that exists within a defined set of switches A VLAN consists of a number of end systems either h...

Page 51: ... Security Security Type Description Security Features Enabled No security This is the least secure option You should use this option only for SSIDs in a public space and you should assign it to a VLAN that restricts access to your network None Static WEP key This option is more secure than no security However static WEP keys are vulnerable to attack If you configure this setting you should conside...

Page 52: ...arning message appears SSID CONFIG WARNING SSID If radio clients are using EAP FAST AUTH OPEN with EAP should also be configured WPA9 This option permits wireless access to users who are authenticated against a database Access is through the services of an authentication server Users IP traffic is then encrypted with stronger algorithms than those used in WEP This setting uses encryption ciphers T...

Page 53: ...he standby access point takes its place in the network matching settings ensure that client devices can switch easily to the standby access point For more information see Hot Standby Access Points at http www cisco com en US docs routers access wireless software guide RolesHotStandby html Upgrading to Cisco Unified Software To run the access point in Cisco Unified mode upgrade the software by perf...

Page 54: ...nfiguration guide ccfig40 html Confirm that the Mode Setting is Enabled To confirm that the mode setting is enabled perform the following steps Step 1 Ping the WLC from the router to confirm IP connectivity Step 2 Enter the service module wlan ap 0 session command to establish a session into the access point Step 3 Confirm that the access point is running an autonomous boot image Step 4 Enter the ...

Page 55: ...ils to upgrade from autonomous to Unified software perform the following actions Check to ensure the autonomous access point does not have the static IP address configured on the BVI interface before you boot the recovery image Issue a ping between the router access point and the WLC to confirm communication Check the access point and WLC clock time and date are set correctly Q My access point is ...

Page 56: ...m en US docs routers access wireless software guide Se curityAuthenticationTypes html RADIUS and TACACS Servers in a Wireless Environment This document describes how to enable and configure the RADIUS and TACACS and provides detailed accounting information and flexible administrative control over authentication and authorization processes RADIUS and TACACS are facilitated through AAA1 and can be e...

Page 57: ...ithout QoS the device offers best effort service to each packet regardless of the packet contents or size It sends the packets without any assurance of reliability delay bounds or throughput http www cisco com en US docs routers access wireless software guide Q ualityOfService html Regulatory Domains and Channels This document lists the radio channels supported by Cisco access products in the regu...

Page 58: ...Aironet Access Points and Bridges versions 12 4 10b JA and 12 3 8 JEC http www cisco com en US docs wireless access_point 12 4_10b_JA com mand reference cr2410b html Cisco Aironet 1240AG Access Point Support Documentation http www cisco com en US docs wireless access_point 1240 quick guide a p1240qs html Cisco 4400 Series Wireless LAN Controllers Support Documentation http www cisco com en US prod...

Reviews:

No comments

Related manuals for 880 Series

Brand: Cambium Networks Pages: 68

Brand: Cambium Networks Pages: 110

Brand: Javad Pages: 35

3C410012A - OfficeConnect Remote 531 Access...

Brand: 3Com Pages: 72

Brand: NetComm Pages: 69

Brand: Aewin Technologies Pages: 86

NetVanta Analog Modem Dial Backup Interface Module

Brand: ADTRAN Pages: 2

Brand: Adeunis RF Pages: 68

SECURE BOOT STICK FX

Brand: Ecos Pages: 22

Brand: Emerson Pages: 4

Liebert Intellislot IS-WEBCARD

Brand: Emerson Pages: 2

Brand: Emerson Pages: 5

SiteGate-E ARC156

Brand: Emerson Pages: 8

ControlWave Remote Ethernet I/O

Brand: Emerson Pages: 3

Liebert ICOM-DO

Brand: Emerson Pages: 12

Liebert IntelliSlot WEB/485

Brand: Emerson Pages: 2

Brand: Emerson Pages: 6

Bristol Helicoid Gauges

Brand: Emerson Pages: 1

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands