How-To

Cisco AP Home config

This is a sample AP config for home use, with separate SSIDs for 2.4- and 5GHz terminating in the same interface without using VLAN’s.

no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap
!
!
logging rate-limit console 9
enable secret 5 $1$57XZ$P7xEQacB1fPwQ8vbPYctD1
!
no aaa new-model
no ip source-route
no ip igmp snooping
no ip cef
!
!
!
!
dot11 pause-time 100
dot11 syslog
!
dot11 ssid YOUR-SSID-2G
 authentication open 
 authentication key-management wpa version 2
 guest-mode
 wpa-psk ascii 0 YOUR-WPA-KEY
!
dot11 ssid YOUR-SSID-5G
 authentication open 
 authentication key-management wpa version 2
 guest-mode
 wpa-psk ascii 0 YOUR-WPA-KEY
!
!
!
no ipv6 cef
! 
!
username CISCO password 7 112A1016141D
!
!
bridge irb
!
!
!
interface Dot11Radio0
 no ip address
 !
 encryption mode ciphers aes-ccm 
 !
 ssid YOUR-SSID-2G
 !
 antenna gain 0
 stbc
 channel least-congested 2437 2462
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
 no ip address
 !
 encryption mode ciphers aes-ccm 
 !
 ssid YOUR-SSID-5G
 !
 antenna gain 0
 peakdetect
 no dfs band block
 stbc
 speed basic-24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15. m16. m17. m18. m19. m20. m21. m22. m23. a1ss9 a2ss9 a3ss9
 channel width 40-above
 channel dfs
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface GigabitEthernet0
 no ip address
 duplex auto
 speed auto
 bridge-group 1
 bridge-group 1 spanning-disabled
 no bridge-group 1 source-learning
!
interface GigabitEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
 bridge-group 1
 bridge-group 1 spanning-disabled
 no bridge-group 1 source-learning
!
interface BVI1
 ip address dhcp
 ipv6 address dhcp
 ipv6 address autoconfig
 ipv6 enable
!
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
 login local
 transport input all
!
end

Leave a Reply