Configurazione aironet 1242AG

[cicciofly]

Ciao a tutti,
ho un access point aironet 1242AG configurato in Multi-BSSID, SSID Guest associato alla vlan 111 e Interni alla vlan 120.
Ho la necessità di aggiungere un altro aironet per aumentare la copertura wireless, come posso procedere? Non posso configurare il nuovo aironet in modalità repeater, perchè non supporta le vlan...che tipo di configurazione posso fare?
Posto la configurazione del mio AP funzionante.
Grazie in anticipo


Current configuration : 7562 bytes
!
! Last configuration change at 18:11:13 +0100 Wed Jan 25 2012 by admin
! NVRAM config last updated at 18:11:13 +0100 Wed Jan 25 2012 by admin
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap
!
enable secret 5 xxxxx
!
aaa new-model
!
!
aaa group server radius rad_eap
server 192.168.70.5 auth-port 1812 acct-port 1813
server 192.168.70.6 auth-port 1812 acct-port 1813
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
!
aaa session-id common
clock timezone +0100 1
clock summer-time OraSolare recurring last Sun Mar 2:00 last Sun Oct 2:00
ip domain name mio.local
!
!
dot11 vlan-name Interni vlan 120
dot11 vlan-name LAN vlan 100
dot11 vlan-name Nativa vlan 1
dot11 vlan-name WIFI-GUEST vlan 111
!
dot11 ssid Guest
vlan 111
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 7 xxxxxxxxxx
!
dot11 ssid Interni
vlan 120
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa version 2
mbssid guest-mode
!
power inline negotiation prestandard source
!
crypto pki trustpoint TP-self-signed-3298822248
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3298822248
revocation-check none
rsakeypair TP-self-signed-3298822248
!
!
crypto pki certificate chain TP-self-signed-3298822248
certificate self-signed 01
30820246 308201AF A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33323938 38323232 3438301E 170D3132 30313235 31373131
31335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32393838
32323234 3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C73D A2F35816 2336763B B4FB6FB8 E8DE964A 0CA21BB6 F1227BB4 62A82B87
BCBE5310 4D37885A E676A1AD 4F29BE2A E7F6A9DF 02DA8743 3E843894 752C79BC
1303B69D E2C337A1 E0FD3A87 D71C0714 8D68C1FE D0328EB5 2883C4F5 2A926578
B535063C 1CBBB086 AC360EF0 76A9AEAD C8D7C05C 1BD8049F 3C4624BC 9E87B8F8
860B0203 010001A3 6E306C30 0F060355 1D130101 FF040530 030101FF 30190603
551D1104 12301082 0E61702E 6D617261 6E2E696E 74726130 1F060355 1D230418
30168014 348C25A0 39A54384 D02AB775 BB643B3A ACF8B06B 301D0603 551D0E04
16041434 8C25A039 A54384D0 2AB775BB 643B3AAC F8B06B30 0D06092A 864886F7
0D010104 05000381 8100B073 C0083606 8E6ED3C2 DA413B8D 69ADA456 90257302
36BE5AB3 D4C2D455 10F0185C B44B6523 566F7B0F 75A0521F A5C7D8EF 7249C917
8C50DBDE E510DC0C 44FE34E6 2ECBDE74 72A6A847 87B1296E D06B5656 46213C7C
74D4FB9C 89EF55D7 647FF814 70BFC586 BC4771A5 AA06C00D DE343A3E D822518F
10D5A3E7 6E6336AF 87AC
quit

username admin secret 5 xxxxxxx
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 120 mode ciphers aes-ccm
!
encryption vlan 111 mode ciphers aes-ccm
!
broadcast-key vlan 120 change 28800
!
broadcast-key vlan 111 change 28800
!
!
ssid Guest
!
ssid Interni
!
mbssid
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.100
encapsulation dot1Q 100
no ip route-cache
no cdp enable
bridge-group 100
bridge-group 100 subscriber-loop-control
bridge-group 100 block-unknown-source
no bridge-group 100 source-learning
no bridge-group 100 unicast-flooding
bridge-group 100 spanning-disabled
!
interface Dot11Radio0.111
encapsulation dot1Q 111
no ip route-cache
no cdp enable
bridge-group 111
bridge-group 111 subscriber-loop-control
bridge-group 111 block-unknown-source
no bridge-group 111 source-learning
no bridge-group 111 unicast-flooding
bridge-group 111 spanning-disabled
!
interface Dot11Radio0.120
encapsulation dot1Q 120
no ip route-cache
bridge-group 120
bridge-group 120 subscriber-loop-control
bridge-group 120 block-unknown-source
no bridge-group 120 source-learning
no bridge-group 120 unicast-flooding
bridge-group 120 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
no dfs band block
channel dfs
station-role root
!
interface Dot11Radio1.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.100
encapsulation dot1Q 100
ip address 192.168.1.20 255.255.2255.0
no ip route-cache
no cdp enable
bridge-group 100
no bridge-group 100 source-learning
bridge-group 100 spanning-disabled
!
interface FastEthernet0.111
encapsulation dot1Q 111
no ip route-cache
no cdp enable
bridge-group 111
no bridge-group 111 source-learning
bridge-group 111 spanning-disabled
!
interface FastEthernet0.120
encapsulation dot1Q 120
ip address 192.168.218.5 255.255.255.0
no ip route-cache
bridge-group 120
no bridge-group 120 source-learning
bridge-group 120 spanning-disabled
!
interface BVI1
ip address 192.168.5.10 255.255.255.0
no ip route-cache
!
ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/sm ... g/help/eag
ip radius source-interface FastEthernet0.100
logging history alerts
logging trap emergencies
logging facility local0
logging 192.168.22.1
snmp-server community public xxxx
snmp-server enable traps tty
snmp-server enable traps entity
snmp-server enable traps disassociate
snmp-server enable traps authenticate-fail
snmp-server enable traps dot11-qos
snmp-server enable traps switch-over
snmp-server enable traps rogue-ap
snmp-server enable traps wlan-wep
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps syslog
snmp-server enable traps cpu threshold
snmp-server enable traps aaa_server
snmp-server host 192.168.22.1 version 2c
no cdp run
radius-server local
no authentication eapfast
no authentication mac
nas 192.168.70.5 key 7 xxxxxxxxx
!
radius-server attribute 32 include-in-access-req format %h
radius-server host 192.168.70.5 auth-port 1812 acct-port 1813 key 7 xxxxxxxx
radius-server host 192.168.70.6 auth-port 1812 acct-port 1813 key 7 xxxxxxxx
radius-server vsa send accounting
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
!
sntp server 192.168.70.5
end

[Rizio]

Idem, anch'io come Emiliano ho sparso AP in giro per l'azienda cercando di evitare l'overlapping delle frequenze e sono configurati tutti come AP normali. Non ho mai avuto lamentele

Rizio

[cicciofly]

Perché voglio fare in modo che gli apparati restino sempre collegati, anche quando un device passa da un AP all'altro.. Non so se mi sono spiegato bene..

Franco