New shiny access point
October 13, 2007 | 10:56 am
This week, I ordered a Cisco 1131AG access point on Ebay, at 2/3 of the price.. I got the product because it’s a cisco (support, robustness, etc), and because of the extra range. And this one even looks fabulous! Guess who it’s inspired by 
One thing I noticed as I received the AP, is that the circle around the Cisco logo lights up! It’s green when no one is connected, and blue when someone is. (And all kinds of colours in between I haven’t figured out yet, didn’t read the manual all the way through)
As usual with cisco, it has so many options, that you can easily drown in them, and you really need to know what you are doing. In the menu is a ‘express setup’ as well, but it does not satisfy my needs (wpa without radius). The box ships with radios disabled, and as soon as I enabled one, I was up and running. Took me some extra time to get it running with WPA, as I want to use pre-shared key authentication. (don’t want to set up certifates for 2 users, and without a radius server). I had it up and running, but then I got the problem that the AP would not pass DHCP reply packets.. Must have done something wrong.
So I set it to factory defaults again this morning and set it up according to this user’s instructions, and I was up and running again in a few minutes.
I set it to WPA2 only to be secure (WPA/TKIP is flawed or can be hacked as well), and my mac worked immediatly. My girlfriend, who uses Windows XP and the Windows tools to manage the wireless network card on her laptop, had to install the WPA2 update manually (it’s not an automatic update, and requires genuine valiadation!), and after that, it connected as well, and worked perfectly.
update: seems the DHCP reply packet issues is not solved yet. If I reboot my laptop it gets an ip, but when I suspend and resume, I don’t get an IP from my DHCP server. The DHCP server is SENDING the package though, I see in the sniffer. And the laptop is getting ipv6 router advertisements. Hmm.. Looks like the AP is eating the DHCP reply packets.. grrr..
Would you mind sharing your Cisco config for the 1131?
Would you mind sharing your Cisco config for the 1131? I’m having some issues getting WPA2 working properly on my 1131.
Thanks
this link explains how to configure in enterprise mode or
this link explains how to configure in enterprise mode or in personal mode (which I did not use, because I found it later):
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008054339e.shtml
my config:
[code]Using 2080 out of 32768 bytes
!
! Last configuration change at 23:32:43 GMT Mon Oct 22 2007 by Cisco
! NVRAM config last updated at 23:32:45 GMT Mon Oct 22 2007 by Cisco
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname hon-ap-01
!
enable secret 5 *****
!
clock timezone GMT 1
ip subnet-zero
!
!
no aaa new-model
!
dot11 ssid hongens
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 *****
!
dot11 arp-cache optional
power inline negotiation prestandard source
!
!
username Cisco password 7 *****
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm
!
ssid hongens
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
!
encryption mode ciphers aes-ccm
!
ssid hongens
!
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
hold-queue 160 in
!
interface BVI1
ip address 192.168.127.201 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.127.1
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
snmp-server community public RO
!
control-plane
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
!
sntp server 194.109.22.18
sntp broadcast client
end
[/code]
Have you manage to fix the problem with DHCP problem?
Have you manage to fix the problem with DHCP problem? Isn’t your 1130 series going through a router (linksys, netgear, cisco….etc) I thought the router re-issue the ip’s as the cisco 1130 act only for an access point? I could be wrong.
ray
Ray Ray, yes and no.. I have the dhcp client
Ray Ray, yes and no.. I have the dhcp client problem every now and then on my Macbook Pro running Leopard. Then I disable the wireless nic and enable it again, and it gets an ip. My girlfriend, running a Windows XP SP2 Asus laptop, never has any problems (how ironic
)
My 1130 is funcioning as pure access point, and is in the internal network behind my router. I want my router to supply the ip-addresses (it’s a FreeBSD machine running ISC-DHCP).