!
! Last configuration change at 15:04:55 R Mon Oct 12 2009 by CIsco
! NVRAM config last updated at 15:04:56 R Mon Oct 12 2009 by CIsco
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname KTPO-APO-1
!
enable secret 5 meep
!
clock timezone GMT -5
clock summer-time R recurring
ip subnet-zero
ip name-server 10.0.1.6
!
!
aaa new-model
!
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius ras_pmip
!
aaa group server radius dummy
!
aaa group server radius rad_eap
server 10.0.1.132 auth-port 1645 acct-port 1646
server 10.0.9.101 auth-port 1812 acct-port 1813
!
aaa group server radius cckm_infra
server 10.0.9.101 auth-port 1812 acct-port 1813
!
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login methods_cckm_infra group cckm_infra
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
dot11 vlan-name Guest vlan 75
dot11 vlan-name Mgmt vlan 9
dot11 vlan-name Office vlan 4
dot11 vlan-name Plant vlan 8
dot11 vlan-name Unauthorized vlan 74
!
dot11 ssid KTPO-Guest
vlan 75
authentication open
authentication key-management wpa
wpa-psk ascii 7 meep
!
dot11 ssid KTPO-Wireless
vlan 8
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa
guest-mode
!
dot11 ssid Vlan4
vlan 4
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa
!
!
!
username meep password 7 meep
username meep privilege 15 password 7 meep
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 4 mode ciphers aes-ccm
!
encryption vlan 8 mode ciphers aes-ccm
!
encryption vlan 75 mode ciphers aes-ccm tkip
!
ssid KTPO-Guest
!
ssid KTPO-Wireless
!
ssid Vlan4
!
speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
packet retries 128 drop-packet
channel 2462
station-role root
!
interface Dot11Radio0.4
encapsulation dot1Q 4
no ip route-cache
bridge-group 4
bridge-group 4 subscriber-loop-control
bridge-group 4 block-unknown-source
no bridge-group 4 source-learning
no bridge-group 4 unicast-flooding
bridge-group 4 spanning-disabled
!
interface Dot11Radio0.8
encapsulation dot1Q 8
no ip route-cache
bridge-group 8
bridge-group 8 subscriber-loop-control
bridge-group 8 block-unknown-source
no bridge-group 8 source-learning
no bridge-group 8 unicast-flooding
bridge-group 8 spanning-disabled
!
interface Dot11Radio0.9
encapsulation dot1Q 9 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.75
encapsulation dot1Q 75
no ip route-cache
bridge-group 75
bridge-group 75 subscriber-loop-control
bridge-group 75 block-unknown-source
no bridge-group 75 source-learning
no bridge-group 75 unicast-flooding
bridge-group 75 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
hold-queue 160 in
!
interface FastEthernet0.4
encapsulation dot1Q 4
no ip route-cache
bridge-group 4
no bridge-group 4 source-learning
bridge-group 4 spanning-disabled
!
interface FastEthernet0.8
encapsulation dot1Q 8
no ip route-cache
bridge-group 8
no bridge-group 8 source-learning
bridge-group 8 spanning-disabled
!
interface FastEthernet0.9
encapsulation dot1Q 9 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.75
encapsulation dot1Q 75
no ip route-cache
bridge-group 75
no bridge-group 75 source-learning
bridge-group 75 spanning-disabled
!
interface BVI1
ip address 10.0.9.101 255.255.255.0
no ip route-cache
!
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
!
logging trap debugging
logging 10.0.1.133
radius-server local
no authentication eapfast
no authentication mac
nas 10.0.9.101 key 7 meep
user meep nthash 7 meep
!
radius-server attribute 32 include-in-access-req format %h
radius-server host 10.0.1.132 auth-port 1645 acct-port 1646 key 7 meep
radius-server host 10.0.9.101 auth-port 1812 acct-port 1813 key 7 meep
radius-server vsa send accounting
!
control-plane
!
bridge 1 route ip
!
!
wlccp ap username meep password meep
wlccp authentication-server infrastructure methods_cckm_infra
wlccp authentication-server client eap eap_methods
wlccp wds priority 255 interface BVI1
!
line con 0
line vty 0 4
!
sntp server 10.0.1.6
end
|