Cisco IOS Software Configuration Guide for Cisco Aironet 1400 Series Wireless Bridge (12.3(8)JA)
Overview
Downloads: This chapterpdf (PDF - 192.0KB) | Feedback

Overview

Table Of Contents

Overview

Features

Management Options

Network Configuration Examples

Point-to-Point Bridging

Point-to-Multipoint Bridging

Redundant Bridging

Troubleshooting


Overview


Cisco Aironet 1400 Series Bridges (hereafter called bridges) provide building-to-building wireless connectivity. Operating in the 5.8-GHz, UNII-3 band and conforming to the 802.11a standard, the 1400 series bridge delivers a 54-Mbps data rate. The bridge is a self-contained unit designed for outdoor installations. You can connect external antennas to the bridge to attain various antenna gains and coverage patterns. The bridge supports both point-to-point and point-to-multipoint configurations.

You can configure and monitor the bridge using the command-line interface (CLI), the browser-based management system, or Simple Network Management Protocol (SNMP).

This chapter provides information on the following topics:

Features

Management Options

Network Configuration Examples

Troubleshooting

Features

Bridges running Cisco IOS offer these software features:

VLANs—Allow VLAN trunking on both wireless and Ethernet interfaces.

QoS—Use this feature to support quality of service for prioritizing traffic on the wireless interface.

RADIUS Accounting—Enable accounting on the bridge to send accounting data about wireless client devices to a RADIUS server on your network.

TACACS+ adminstrator authentication—Enable TACACS+ for server-based, detailed accounting information and flexible administrative control over authentication and authorization processes. It provides secure, centralized validation of administrators attempting to gain access to your bridge.

Enhanced security—Enable three advanced security features to protect against sophisticated attacks on your wireless network's WEP keys: Message Integrity Check (MIC) and WEP key hashing.

Enhanced authentication services—Set up non-root bridges to authenticate to your network like other wireless client devices. After you provide a network username and password for the non-root bridge, it authenticates to your network using LEAP, Cisco's wireless authentication method, and receives and uses dynamic WEP keys.

IBNS 802.1x Supplicant (EAP-FAST and EAP-TLS)—802.1x is a standardized framework defined by the IEEE to provide port-based network access. 802.1x authenticatication of network clients using information unique to the client and with credentials known only to the client. This service is called port-level authentication because, for security reasons, it is offered to a single endpoint for a given physical port.

The supplicant refers to the client software that supports the 802.1x and EAP protocols. As access points and bridges are being placed in public places, they are susceptible to being unplugged and their network connection being used by an outsider.

Management Options

You can use the bridge management system through the following interfaces:

The IOS command-line interface (CLI), which you use through a Telnet session. Most of the examples in this manual are taken from the CLI. "Using the Command-Line Interface," provides a detailed description of the CLI.

A web-browser interface, which you use through a web browser. Chapter 3, "Using the Web-Browser Interface," provides a detailed description of the web-browser interface.

Simple Network Management Protocol (SNMP). Chapter 16, "Configuring SNMP," explains how to configure your bridge for SNMP management.

Network Configuration Examples

This section describes the bridge's role in common wireless bridging configurations: point-to-point, point-to-multipoint, and redundant bridging. One bridge in any pair or group of bridges must be a root bridge, and the bridge or bridges associated to the root bridge must be set to non-root.

Point-to-Point Bridging

In a point-to-point configuration, a non-root bridge associates to a root bridge. In installation mode, the bridge listens for another 1400 series bridge. If it does not recognize another bridge, the bridge becomes a root bridge. If it recognizes another bridge, it becomes a non-root bridge associated to the bridge it recognizes. See "Configuring the Bridge for the First Time," for instructions on initial bridge setup.

Figure 1-1 shows bridges in a point-to-point configuration.

Figure 1-1 Point-to-Point Bridge Configuration


Note If your bridges connect one or more large, flat networks (a network containing more than 256 users on the same subnet) Cisco recommends that you use a router to connect the bridge to the large, flat network.


Point-to-Multipoint Bridging

In a point-to-multipoint configuration, two or more non-root bridges associate to a root bridge. Up to 17 non-root bridges can associate to a root bridge, but the non-root bridges must share the available bandwidth.

See "Configuring the Bridge for the First Time," for instructions on initial bridge setup.

Figure 1-2 shows bridges in a point-to-multipoint configuration.

Figure 1-2 Point-to-Multipoint Bridge Configuration


Note If your bridges connect one or more large, flat networks (a network containing more than 256 users on the same subnet) Cisco recommends that you use a router to connect the bridge to the large, flat network.


Redundant Bridging

You can set up two pairs of bridges to add redundancy or load balancing to your bridge link. The bridges must use non-adjacent, non-overlapping radio channels to prevent interference, and they must use Spanning Tree Protocol (STP) to prevent bridge loops. See Chapter 8, "Configuring Spanning Tree Protocol," for instructions on configuring STP.


Note STP is disabled by default.


Figure 1-3 shows two pairs of redundant bridges.

Figure 1-3 Redundant Bridge Configuration

Troubleshooting

For basic troubleshooting procedures, refer to Chapter 19, "Troubleshooting."

For the most up-to-date, detailed troubleshooting information, refer to the Cisco TAC website at http://www.cisco.com/tac.