Configurare aironet 1242 senza server http attivo

[anubisg1]

Salve a tutti,

Devo configurare una Access Point cisco, in particolare un

aironet AIR-(L)AP1242AG-E-K9

la cosa assurda, è che il server http sembra essere disabilitato e non posso accedere alla configurazione via web.

allo stesso modo non esiste il comando "configure" quindi non posso abilitarlo manualmente..

l'IOS installato è c1240-rcvk9w8-mx

questa è la run config (non ho nessuna start)


Current configuration : 29653 bytes
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname AP001f.ca26.295e
!
enable secret 5 $1$g7SA$QXVK1/GF3In0LOw8Vmged/
!
ip subnet-zero
power inline negotiation prestandard source
!
crypto pki trustpoint Cisco_IOS_MIC_cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint cisco-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint airespace-device-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint airespace-new-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint airespace-old-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
!
crypto ca certificate chain Cisco_IOS_MIC_cert
---
CERTIFICATI VARI
---
quit
!
!
interface FastEthernet0
ip address dhcp client-id FastEthernet0
no ip route-cache
duplex auto
speed auto
hold-queue 80 in
!
no cdp run
!
line con 0
line vty 0 4
login
transport input none
line vty 5 15
login
transport input none
!
end


l'ap ottiene correttamente l'ip tramite dhcp e riesco a pingarlo...

idee? ho pravato sia con "http" che "https"

tutte le 1000 porte scansionate con nmap sono chiuse.

output di nmap:

Starting Nmap 5.21 ( http://nmap.org ) at 2010-10-18 12:03 ora legale Europa occidentale

NSE: Loaded 36 scripts for scanning.

Initiating ARP Ping Scan at 12:03

Scanning 192.168.229.100 [1 port]

Completed ARP Ping Scan at 12:03, 0.05s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 12:03

Completed Parallel DNS resolution of 1 host. at 12:03, 0.03s elapsed

Initiating SYN Stealth Scan at 12:03

Scanning 192.168.229.100 [1000 ports]

Completed SYN Stealth Scan at 12:03, 0.34s elapsed (1000 total ports)

Initiating Service scan at 12:03

Initiating OS detection (try #1) against 192.168.229.100

NSE: Script scanning 192.168.229.100.

NSE: Script Scanning completed.

Nmap scan report for 192.168.229.100

Host is up (0.0015s latency).

All 1000 scanned ports on 192.168.229.100 are closed

MAC Address: 00:1F:CA:26:29:5E (Cisco Systems)

Device type: switch|router|broadband router|WAP

Running: Cisco CatOS, Cisco IOS 11.X|12.X

Too many fingerprints match this host to give specific OS details

Network Distance: 1 hop



HOP RTT ADDRESS

1 1.52 ms 192.168.229.100



Read data files from: C:\Programmi\Nmap

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 3.06 seconds

Raw packets sent: 1007 (44.876KB) | Rcvd: 1007 (40.544KB)

[anubisg1]

nessuno può darmi una mano, per favore.. ho veramente bisogno di aiuto

[stefano.pilla]

Ciao,

scusami in che senso è disabilitata e non riesci ad abilitarlo tramite il comando configure?

se da global configuration dai il comando

Codice: Seleziona tutto

ip http server

oppure meglio ancora

Codice: Seleziona tutto

ip http secure-server

ti si attiva il webserver (e quindi la porta 80 o 443) sull'AP...e puoi raggiungerlo da interfaccia grafica...

che tipo di configurazione devi fare?
l'interfaccia grafica non è detto che sia meglio della CLI...

Ciao

[anubisg1]

vuol dire che:

acceddo alla CLI

do il comando "en" per il diventare super-utente

quando provo a dare "config" il comando fallisce perche' in accordo con "?" dato come amministratore NON ESISTE nessun comando "configure"

quindi non potendo entrare in modalita' (config) non posso fare niente

[anubisg1]

come puoi vedere non posso entrare in config mode:

standard user mode:


AP001d.7095.4f62>?
Exec commands:
clear Reset functions
crypto Encryption related commands.
disable Turn off privileged commands
enable Turn on privileged commands
exit Exit from the EXEC
help Description of the interactive help system
led LED functions
lock Lock the terminal
login Log in as a particular user
logout Exit from the EXEC
name-connection Name an existing network connection
ping Send echo messages
release Release a resource
renew Renew a resource
save Start to save raise_interrupt_level stack
set Set system parameter (not config)
show Show running system information
systat Display information about terminal lines
terminal Set terminal line parameters
traceroute Trace route to destination
where List active connections



root mode: (nota il # quindi SONO amministratore)

AP001d.7095.4f62#?
Exec commands:
cd Change current directory
clear Reset functions
clock Manage the system clock
crypto Encryption related commands.
debug Debugging functions (see also 'undebug')
delete Delete a file
dir List files on a filesystem
disable Turn off privileged commands
enable Turn on privileged commands
exit Exit from the EXEC
fsck Fsck a filesystem
help Description of the interactive help system
led LED functions
lock Lock the terminal
login Log in as a particular user
logout Exit from the EXEC
lwapp lwapp exec commands
mkdir Create new directory
more Display the contents of a file
name-connection Name an existing network connection
no Disable debugging functions
ping Send echo messages
pwd Display current working directory
release Release a resource
reload Halt and perform a cold restart
rename Rename a file
renew Renew a resource
rmdir Remove existing directory
save Start to save raise_interrupt_level stack
send Send a message to other tty lines
set Set system parameter (not config)
show Show running system information
systat Display information about terminal lines
terminal Set terminal line parameters
test Test subsystems, memory, and interfaces
traceroute Trace route to destination
undebug Disable debugging functions (see also 'debug')
upgrade Upgrade software
verify Verify a file
where List active connections


come puoi vedere sono bloccato! come vado in config mode?

[stefano.pilla]

Ciao,

puoi postare il risultato di uno show version?

questo AP è nuovo oppure è stato preso da una rete in produzione?
se non hai nessuna start-config come fai ad avere una running?!?
hai un tftp server da dove scarica la config?
come lo raggiungi? tramite telnet/ssh o console?
nel caso fosse necessario, hai l'immagine per riflasharlo?

Ciao

[anubisg1]

Ciao,

puoi postare il risultato di uno show version?

questo AP è nuovo oppure è stato preso da una rete in produzione?
se non hai nessuna start-config come fai ad avere una running?!?
hai un tftp server da dove scarica la config?
come lo raggiungi? tramite telnet/ssh o console?
nel caso fosse necessario, hai l'immagine per riflasharlo?

Ciao

Codice: Seleziona tutto

AP001d.7095.4f62#show version
Cisco IOS Software, C1240 Software (C1240-RCVK9W8-M), Version 12.3(11)JX1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Mon 17-Jul-06 11:44 by alnguyen

ROM: Bootstrap program is C1240 boot loader
BOOTLDR: C1240 Boot Loader (C1240-BOOT-M) Version 12.4(13d)JA, RELEASE SOFTWARE (fc2)

AP001d.7095.4f62 uptime is 1 minute
System returned to ROM by power-on
System image file is "flash:/c1240-rcvk9w8-mx/c1240-rcvk9w8-mx"

cisco AIR-LAP1242AG-E-K9   (PowerPCElvis) processor (revision A0) with 24566K/8192K bytes of memory.
Processor board ID FCZ123280SS
PowerPCElvis CPU at 266Mhz, revision number 0x0950
Last reset from power-on
LWAPP image version 3.0.51.0
1 FastEthernet interface

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:1D:70:95:4F:62
Part Number                          : 73-10256-07
PCA Assembly Number                  : 800-26918-06
PCA Revision Number                  : A0
PCB Serial Number                    : FOC122911LE
Top Assembly Part Number             : 800-29152-03
Top Assembly Serial Number           : FCZ123280SS
Top Revision Number                  : A0
Product/Model Number                 : AIR-LAP1242AG-E-K9  

Configuration register is 0xF

me lo ha affidato la mia universita da configurare quindi è "nuovo"

non ho una start, ovviamente perchè mai avviato,

Codice: Seleziona tutto

AP001d.7095.4f62#show start
startup-config is not present

non ho nessun server tftp per la configurazione, e lo raggiungo tramite console

grazie per l'aiuto

---edit---

volevo fare un backup dell'IOS ma ho appena notato che sembra non esistere neache il comando "copy"

non riesco a capire cosa diavolo succede..

[stefano.pilla]

Come immaginavo...

dallo sh ver puoi vedere

Codice: Seleziona tutto

LWAPP image version 3.0.51.0 

questo significa che l'AP è attualmente un dispositivo "stupido" che ha bisogno di un controller...ecco spiegato il perchè mancano tutti i comandi di configurazione e la startup config...questa struttura di rete wireless si chiama LWAPP (Lightweight Access Point Protocol)....

Lo devi convertire in un "Autonomous AP" e questo lo puoi fare solo scaricando un nuovo firmware o associandolo ad un controller e fare l'upgrade...

ti posto qui una breve guida su come fare:

Here’s a quick walk through to get a Cisco AP – in my case an 1130AG – from a controller based LWAPP image back to the autonomous image so it can be used as a standalone AP again.

Retrieve the latest IOS image for your AP from Cisco.com
Retreive TFTPD for use as your TFTP server from here
You’ll need a PC with a static IP (10.0.0.1/24 for this example) to wire your AP straight into during the procedure, with the TFTP server running, all firewalls disabled and the IOS image available in the TFTP root.

Step 1: Make sure that the PC contains the access point image file (such as c1130-k9w7-tar.124-10b.JDA3.tar for an 1130 series access point) in the TFTP server folder and that the TFTP server is activated.

Step 2: Set the timeout value on the TFTP server to 30 seconds.

Step 3: On the PC where the TFTP server is located, perform these steps:

a. Disable any software firewall products, such as Windows firewall, ZoneAlarm firewall, McAffee firewall, or others.

b. Ensure all Windows files are visible. From Windows Explorer, click Tools > Folder Options > View; then uncheck the Hide extensions for known file types check box.

Step 4: Connect the PC to the access point using a Category 5 Ethernet cable.

Step 5: Disconnect power from the access point.

Step 6: Press and hold MODE while you reconnect power to the access point.

Step 7: Hold the MODE button until the status LED turns red (approximately 20 to 30 seconds) and then release.

Step 8: Enable LWAPP console CLI allow/disallow debugging

#debug lwapp con cli

Step 9: Enable LWAPP ignore internal reload debugging

#debug lwapp client no-reload

Step 10: Configure IP Address on the fast ethernet interface of the AP

#conf t
(config)#interface fa0
(config-if)#ip addr 10.0.0.2 255.255.255.0

Step 11: Download the image file from the TFTP server to the AP

#archive download-sw /overwrite tftp://10.0.0.1/c1130-k9w7-tar.124-10b.JDA3.tar

Step 12: Reload the unit once the image has been written and the process reports complete.

#reload.

You’ll now be running an autonomous image which you can work with.


Buon lavoro!

[anubisg1]

ovviamente trovare l'IOS adatto sarà abbastanza difficile... mmm speriamo che la mia università abbia accesso ai server cisco per il download dell'IOS, altrimenti la vedo dura...

Grazie mille!

[marcoridolfi]

Ciao a tutti,

Scusate se sono off-topic....
dovrei effettuare un password recovery o un reset alla conf di default di un cisco air-lap1242ag-e-k9

Qualcuno può aiutarmi???non trovo doc in giro!!!

Grazie
Ciao