Wi-Fi

Configure Your Cisco AP for Survey via CLI

Nick Turner

4 min read

Here is a quick roundup of the basic command set required to configure your Autonomous Cisco AP from scratch for APoS.

Connect via the console cable

Hostname

Give the AP a name

ap>
ap>enable
Password: Cisco
ap#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
ap(config)#
ap(config)#hostname SURVEY
SURVEY(config)#
SURVEY(config)#end
SURVEY#

Logging Synchronous

Prevent system messages from appearing in the middle of commands that I am typing.

SURVEY#
SURVEY#conf t
SURVEY(config)#line console 0
SURVEY(config-line)#
SURVEY(config-line)#logging synchronous
SURVEY(config-line)#
SURVEY(config-line)#end
SURVEY#

I think it is worth applying this command to the vty lines also.

SURVEY#
SURVEY#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SURVEY(config)#line vty ?
    <0-15> First Line number

SURVEY(config)#line vty 0 15
SURVEY(config-line)#logging synchronous
SURVEY(config-line)#
SURVEY(config-line)#end
SURVEY#

No IP domain-lookup

To prevent accidental incomplete commands being entered and time wasted while the AP attempts to resolve incomplete text strings.

SURVEY#
SURVEY#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SURVEY(config)#no ip domain-lookup
SURVEY(config)#
SURVEY(config)#end
SURVEY#

Assign an IP address

SURVEY#
SURVEY#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SURVEY(config)#interface BVI ?
    <1-255> BVI interface number

SURVEY(config)#interface BVI 1
SURVEY(config-if)#
SURVEY(config-if)#ip address 192.168.0.1 255.255.255.0
SURVEY(config-if)#
SURVEY(config-if)#end
SURVEY#

Create an SSID and assign it to the 2.4 GHz radio

For now, the SSID will be configured with no encryption.

SURVEY#
SURVEY#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SURVEY(config)#dot11 ssid CISCO-SURVEY 2.4
SURVEY(config-ssid)#
SURVEY(config-ssid)#authentication ?
    client          EAP client information
    key-management  key management
    network-eap     leap method
    open            open method
    shared          shared method

SURVEY(config-ssid)#authentication open
SURVEY(config-ssid)#
SURVEY(config-ssid)#guest-mode
SURVEY(config-ssid)#exit
SURVEY(config)#

That is our first SSID created, intended for the 2.4 GHz band, we have set the authentication to be open and enabled guest mode for this SSID, so that it will be broadcast.

Next we shall assign the SSID to the 2.4 GHz radio.

SURVEY(config)#
SURVEY(config)#interface dot11Radio 0
SURVEY(config-if)#
SURVEY(config-if)#ssid CISCO-SURVEY 2.4
SURVEY(config-if)#
SURVEY(config-if)#end
SURVEY#

Channel, Channel width & world-mode

SURVEY#
SURVEY#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SURVEY(config)#interface dot11Radio 0
SURVEY(config-if)#
SURVEY(config-if)#channel 1
SURVEY(config-if)#
SURVEY(config-if)#channel width 20
SURVEY(config-if)#
SURVEY(config-if)#world-mode dot11d country-code GB indoor
    Selected country United Kingdom (UK)

SURVEY(config-if)#end
SURVEY#

Enable the 2.4 GHz radio interface

SURVEY#
SURVEY#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SURVEY(config)#int dot11Radio 0
SURVEY(config-if)#no shut
SURVEY(config-if)#
*Mar 1 06:13:31.914: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 1 06:13:33.006: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 06:13:33.014: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
SURVEY(config-if)#
*Mar 1 06:13:33.022: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
SURVEY(config-if)#
*Mar 1 06:13:34.042: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 06:13:35.042: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
SURVEY(config-if)#
SURVEY(config-if)#end
SURVEY#

2.4 GHz radio transmit power

SURVEY#
SURVEY#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SURVEY(config)#int dot11Radio 0
SURVEY(config-if)#power local ?
    <3 - 18>  One of: 18 15 12 9 6 3
    maximum   Set power to allowed maximum

SURVEY(config-if)#power local 15
SURVEY(config-if)#end
SURVEY#

The 2.4 GHz interface is all good now and ready to go. Next I will configure the 5 GHz interface in a similar way.

5 GHz radio interface configuration

SURVEY#
SURVEY#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SURVEY(config)#dot11 ssid CISCO-SURVEY 5
SURVEY(config-ssid)#authentication open
SURVEY(config-ssid)#guest-mode
SURVEY(config-ssid)#exit
SURVEY(config)#interface dot11Radio 1
SURVEY(config-if)#ssid CISCO-SURVEY 5
SURVEY(config-if)#channel 36
SURVEY(config-if)#channel width 20
SURVEY(config-if)#world-mode dot11d country-code GB indoor
    Selected country United Kingdom (UK)

SURVEY(config-if)#no shut
SURVEY(config-if)#
*Mar 1 06:47:38.950: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Mar 1 06:47:40.042: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 06:47:40.050: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to down
*Mar 1 06:47:40.058: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Mar 1 06:47:41.078: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 06:47:42.078: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
SURVEY(config-if)#
SURVEY(config-if)#power local ?
    <3 - 18>  One of: 18 15 12 9 6 3
    maximum   Set power to allowed maximum

SURVEY(config-if)#power local
SURVEY(config-if)#power local 12
SURVEY(config-if)#end
SURVEY#

Ok thats it both SSIDs created, basic parameters configured, assigned to their respective radio interface, power level set.

Enable SSH

In the field I find it useful to be able to associate to the AP, with a statically assigned IP address on my laptop and check and or change parameters like the transmit power level by SSH.

SURVEY#
SURVEY#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SURVEY(config)#ip domain name abc.co.uk
SURVEY(config)#crypto key generate rsa
The name for the keys will be: SURVEY.abc.co.uk
Choose the size of the key modulus in the range of 360 to 4096 for your
    General Purpose Keys. Choosing a key modulus greater than 512 may take
    a few minutes.

How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable...
[OK] (elapsed time was 0 seconds)

SURVEY(config)#
*Mar 1 06:58:17.786: %SSH-5-ENABLED: SSH 1.99 has been enabled
SURVEY(config)#
SURVEY(config)#aaa new-model
SURVEY(config)#
SURVEY(config)#aaa authentication login default local none
SURVEY(config)#end
SURVEY#

Now SSH to this AP should be possible.

Save the changes we have made

With a good old-fashioned copy run start

SURVEY#
SURVEY#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
SURVEY#

Sign up for more like this.

Enter your email
Subscribe