WDS Bridge

The Wireless Distribution System (WDS) allows you to connect multiple WAP371 devices. With WDS, access points communicate with one another without wires. This capability is critical in providing a seamless experience for roaming clients and for managing multiple wireless networks. It can also simplify the network infrastructure by reducing the amount of cabling required. You can configure the WAP device in point-to-point or point-to-multipoint bridge mode based on the number of links to connect.

In the point-to-point mode, the WAP device accepts client associations and communicates with wireless clients and other repeaters. The WAP device forwards all traffic meant for the other network over the tunnel that is established between the access points. The bridge does not add to the hop count. It functions as a simple OSI Layer 2 network device.

In the point-to-multipoint bridge mode, one WAP device acts as the common link between multiple access points. In this mode, the central WAP device accepts client associations and communicates with the clients and other repeaters. All other access points associate only with the central WAP device that forwards the packets to the appropriate wireless bridge for routing purposes.

The AP can also act as a repeater. In this mode, the AP serves as a connection between two APs that might be too far apart to be within cell range. When acting as a repeater, the AP does not have a wired connection to the LAN and repeats signals by using the wireless connection. No special configuration is required for the AP to function as a repeater, and there are no repeater mode settings. Wireless clients can still connect to an WAP device that is operating as a repeater.

Before you configure WDS on the WAP device, note these guidelines:

• For pure bridging mode that does not allow client associations, we recommend using obscure WPA key for VAP0 or disabling the SSID broadcast.
• All Cisco WAP devices participating in a WDS link must have the following identical settings:
• Radio
• IEEE 802.11 Mode
• Channel Bandwidth
• Channel (Auto is not recommended)

NOTE     When operating bridging in the 802.11n 2.4 GHz band, set the Channel Bandwidth to 20 MHz, rather than the default 20/40 MHz. In the 2.4 GHz
20/40 MHz band, the operating bandwidth can change from 40 MHz to 20 MHz if any 20 MHz WAP devices are detected in the area. The mismatched channel bandwidth can cause the link to disconnect.

See Radio (Basic Settings) for information on configuring these settings.

• When using WDS, be sure to configure WDS on both WAP devices participating in the WDS link.
• You can have only one WDS link between any pair of WAP devices. That is, a remote MAC address may appear only once on the WDS page for a particular WAP device.

To configure a WDS bridge:

1. Select Wireless > WDS Bridge in the navigation pane.
2. Select Enable for Spanning Tree Mode. When enabled, STP helps prevent switching loops. STP is recommended if you configure WDS links. Select Radio 1 or Radio 2 for each WDS link that you configure.
3. Select Enable for WDS Interface.
4. Configure the remaining parameters:
• Remote MAC Address—Specifies the MAC address of the destination WAP device; that is, the WAP device on the other end of the WDS link to which data is sent or handed-off and from which data is received.

TIP     You can find the MAC address on the Status and Statistics > Network Interface page.

• Encryption—The type of encryption to use on the WDS link; it does not have to match the VAP you are bridging. The WDS Encryption settings are unique to the WDS bridge. The options are none, WEP, and WPA Personal. The WPA2-PSK is an option for the WDS link encryption and VAP security. The administrator needs to choose those options to enforce them.

If you are unconcerned about security issues on the WDS link, you may decide not to set any type of encryption. Alternatively, if you have security concerns you can choose between Static WEP and WPA Personal. In WPA Personal mode, the WAP device uses WPA2-PSK with CCMP (AES) encryption over the WDS link. See WEP on WDS Links or WPA/PSK on WDS Links following this procedure for more information about encryption options.

NOTE     Static WEP is applicable only when the radio is operating in legacy mode: 802.11a for 5 GHz radio and 802.11b/g for 2.4 GHz radio.

1. Repeat these steps for up to three additional WDS interfaces.
2. Click Save. The changes are saved to the Startup Configuration.
3. Replicate this procedure on the other device or devices connecting to the bridge.

TIP     You can verify that the bridge link is up by going to the Status and Statistics > Network Interface page. In the Interface Status table, the WLAN0:WDS(x) status should state Up.

NOTE     Partner WDS AP in the remote network retains its management IP address acquired from a DHCP server connected to the WDS AP in the main network even if the WDS link is broken. The IP address is released when the WDS interface is brought administratively down.

CAUTION

After new settings are saved, the corresponding processes may be stopped and restarted. When this happens, the WAP device may lose connectivity. We recommend that you change WAP device settings when a loss of connectivity will least affect your wireless clients.

WEP on WDS Links

These additional fields appear when you select WEP as the encryption type.

• Key Length—If WEP is enabled, specify the length of the WEP key as 64 bits or 128 bits.
• Key Type—If WEP is enabled, specify the WEP key type: ASCII or Hex.
• WEP Key—If you selected ASCII, enter any combination of 0 to 9, a to z, and A to Z. If you selected Hex, enter hexadecimal digits (any combination of 0 to 9 and a to f or A to F). These are the RC4 encryption keys shared with the stations using the WAP device.

Note that the required number of characters is indicated to the right of the field and changes based on your selections in the Key Type and Key Length fields.

WPA/PSK on WDS Links

These additional fields appear when you select WPA/PSK as the encryption type.

• WDS ID—Enter an appropriate name for the new WDS link you have created. It is important that the same WDS ID is also entered at the other end of the WDS link. If this WDS ID is not the same for both WAP devices on the WDS link, they will not be able to communicate and exchange data.

The WDS ID can be any alphanumeric combination.

• Key—Enter a unique shared key for the WDS bridge. This unique shared key must also be entered for the WAP device at the other end of the WDS link. If this key is not the same for both WAPs, they will not be able to communicate and exchange data.

The WPA-PSK key is a string of at least 8 characters to a maximum of 63 characters. Acceptable characters include uppercase and lowercase alphabetic letters, the numeric digits, and special symbols such as @ and #.