Category Archives: Networking

Cisco Wireless Setup

This is going to be a fairly detailed description of the setup process of a wireless network through Cisco CLI, this setup was done with a HWIC-AP-G-A card. This tutorialis to make a simple AP. The configuration process is broke down into three parts essentially:

1) Creating the SSID
2) Configuring the radio to broadcast the SSID
3) Configuring the SSID to a sub-interface

Step 1 – Creating the SSID

Once the hardware is configured and you have a new enough IOS version you can begin with these commands:

dot11 ssid (SSID)
***This line simply creates and names the SSID
vlan (#)
***Attaches a VLAN tag to this SSID
authentication open
authentication key-management wpa
***This line applies the WPA security suite
mbssid guest-mode
***This line makes multiple SSIDs possible
wpa-psk ascii (Password)
***This line applies the password

Step 2 – Configuring the Radio

interface Dot11Radio (Slot #)
***Selecting the interface
encryption vlan 50 mode ciphers aes-ccm tkip
***This line adds the encryption method to the security suite and binds it to the VLAN. In this line it’s both AES & TKIP
broadcast-key vlan 50
***This line makes the SSID (or binded VLAN) begin broadcasting SSID beacons
ssid KEY
***This line binds the SSID to the radio interface
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
***This line can be used to configure your wireless network’s speed

Step 3 – Configuring Sub-Interface

interface Dot11Radio (Slot.Sub)
***Creates the sub-interface
encapsulation dot1Q (VLAN Tag)
***This line binds the VLAN again
ip address (IP Address)
***This line simply applies an IP address
no ip proxy-arp
***Solves a odd error related to my DHCP pool draining due to DHCP-ACKs

On top of this I would add a DHCP pool to your config to complete your AP. This concludes the post on Cisco wireless AP configurations and the completion of this project. Thank you for your time, if you have ANY comments let me know.

Cisco’s page on the HWIC-AP Card: HERE

DHCP Pools

I have recently been doing some work with DHCP pools and have some interesting findings:

Standard DHCP Pool Config:

ip dhcp pool (POOL NAME)
network (Beginning of IPs) (Subnet Mask)
domain-name (Domain Name)
default-router (Default Gateway)
dns-server (DNS Servers, you can add multiple)
lease (Days)(Hours) (Minute)(or infinite NOT RECOMMENDED)


Excluding addresses need to be added from the global configuration mode, such as:
ip dhcp excluded-address (Low IP Address) (High IP Address)
This is extremely important for defining what IP addresses are to be handed out. You do not want to hand out some addresses, such as your default gateway or a DNS server’s address.


A Few Additional CMDs For Specialized Use:
option <– adds specific server options
Ex. option 150 ip (IP address for tftp server)
This is extremely useful for deploying tftp configuration files to Cisco IP Phones.


A Client-Identifier Pool:
ip dhcp pool (POOL NAME)
host (Single IP Address) (Subnet Mask)
client-identifier (MAC address with the 01 client identifier added to the front)
This pool is setting up a static address to be pulled exclusively from that defined MAC address.


Show CMDs:
Show ip dhcp bindings
** This show command shows the current leases out for your addresses.
Show ip dhcp server statistics
** This show command shows all request and replies for DHCP to this server.
Show ip dhcp pool
** This show command will show a detailed listing of the usage of the pool, how many total addresses you have in this pool and how many are left.
Show ip dhcp conflicts

** This show command will show IP conflicts where one address maybe handed out twice. Extremely useful for troubleshooting.