Using the IOS
I’ll configure two types of devices in this section using the CLI:
A Cisco router with a routed wireless radio
A basic Cisco wireless access point
The router and the AP configuration through the CLI are not much different. Here, in Table
9.3, are some of the minimum commands needed for configuring a wireless card in a router:
TABLE 9 . 3
Command and Meaning
Command Meaning
hostname
Sets the name for the device
interface
interface
Takes you to interface mode
ip address
Sets an IP address on an interface
no shutdown
Enables an interface
ssid
ssid
Sets an SSID on a radio
guest-mode
Broadcasts the SSID on the BSS
authentication-open
Sets the authentication to open
infrastructuire-ssid
Tells the BSS clients that the wired network can be
reached through this SSID
line con 0
Chooses the console line
password
password
Sets a password on a line
logging synchronous
Stops the console messages from overwriting what you
are typing
line vty
first_line_number
last_line _number
Chooses the Telnet or SSH line numbers
ip dhcp pool pool_name Creates a DHCP pool
network network mask Creates a pool of addresses used by the DHCP pool
default-router Sets the default gateway for the DHCP service to advertise
ip dhcp excluded-address
ip_address
Lists addresses that the DHCP will not hand out to DHCP
clients
copy running-config
startup-config
Saves the running-config to NVRAM
I’ll start by showing how to configure an 871W router with an 802.11b/g radio:
Router>en
Router#config t
Router(config)#hostname 871W
871W(config)#int vlan 1
871W(config-if)#ip address 10.1.11.2 255.255.255.0
871W(config-if)#no shut
871W(config-if)#int dot11radio 0
871W(config-if)#ip address 10.1.12.1 255.255.255.0
871W(config-if)#no shut
871W(config-if)#ssid R3WLAN
871W(config-if-ssid)#guest-mode
871W(config-if-ssid)#authentication open
871W(config-if-ssid)#infrastructure-ssid
871W(config-if-ssid)#line con 0
871W(config-line)#password console
871W(config-line)#login
871W(config-line)#logging sync
871W(config-line)#exec-timeout 0 0
871W(config-line)#exit
871W(config)#line vty 0 ?
<1-4> Last Line number
871W(config)#line vty 0 4
871W(config-line)#password telnet
871W(config-line)#login
871W(config-line)#ip dhcp pool R3WLAN
871W(dhcp-config)#network 10.1.12.0 255.255.255.0
871W(dhcp-config)#default-router 10.1.12.1
871W(dhcp-config)#exit
871W(config)#ip dhcp excluded-address 10.1.12.1
871W(config)#exit
871W#copy run start
Destination filename [startup-config]?[enter]
Building configuration...
[OK]
871W#
The 871W I configured has a four-port switch, which means you have to place the IP
address under the management VLAN interface. You just can’t get away with simply putting
IP addresses on layer-2 switch interfaces.
To be honest, I think this was a faster configuration than using SDM. But I guess, in production,
the SDM with HTTPS would really be a more secure way to administer the router.