881 Router Config :
interface FastEthernet4
ip address (PUBLIC_LAN_IP_ADDRESS)
!
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
no ip redirects
no ip unreachables
arp timeout 0
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
!
interface Vlan1
Description LAN
ip address 192.168.1.1 255.255.255.0
!
bridge 1 protocol ieee
bridge 1 route ip
881w Integrated AP : Access-Point :
dot11 mbssid
dot11 syslog
!
dot11 ssid CommsWireless
vlan 1
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 7 050A130C351D1E074A560547
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 1 mode ciphers tkip
!
encryption mode ciphers tkip
!
broadcast-key vlan 1 change 30
!
!
ssid CommsWireless
!
antenna gain 0
speed basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6.
m7. m8. m9. m10. m11. m12. m13. m14. m15.
station-role root
!
Note :
Under interface Dot11Radio0
These can be removed :
encryption vlan 1 mode ciphers tkip
encryption mode ciphers tkip
Replaced with :
encryption vlan 1 mode ciphers aes-ccm tkip
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0
description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router
no ip address
!
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
description LAN
ip address 192.168.1.2 255.255.255.0
!
ip default-gateway 192.168.1.1
!
bridge 1 protocol ieee
bridge 1 route ip
UBM :
configure
edit mobile-port Mobile1
apn 3gnet
exit
edit mobile-port Mobile2
apn 3gnet
exit
commit
y
add healthcheck-profile 3G
recovery-time 10000
retry-attempts 10
timeout 10000
exit
add link mobile1
type mobile
port Mobile1
username web
password web
healthcheck-address 8.8.8.8
download 1000
upload 1000
healthcheck-profile 3G
exit
add link mobile2
type mobile
port Mobile2
username web
password web
healthcheck-address 8.8.8.8
download 1000
upload 1000
healthcheck-profile 3G
add lan-interface lan1
port Port1
address <<LAN_IP_ADDRESS>><<NOTATION>>( Cisco 881 Point-to-Point-FA4)
exit
commit
y
edit system parameters
system-name <<SITE_NAME>>
tcp-mss-clamp-mode manual
tcp-mss-clamp-value 1400
timeserver-primary 80.74.16.30
timeserver-secondary 80.74.16.31
exit
remove access-rule AllowSSH
remove access-rule AllowHTTPS
remove access-rule AllowSNMP
commit
y
edit user admin
password globalwave
exit
commit
y
config save
add address-alias SSH
type source
address 85.234.86.74/32
exit
add access-rule SSH
source SSH
exit
add tunnel site_name-3g1
type tcp
endpoint-remote 80.74.16.189
endpoint-local mobile1Endpoint
virtual-remote <<IP_ADDRESS>>
virtual-local <<IP_ADDRESS>>
download 1000
upload 1000
exit
add tunnel site_name-3g2
type tcp
endpoint-remote 80.74.16.189
endpoint-local mobile2Endpoint
virtual-remote <<IP_ADDRESS>>
virtual-local <<IP_ADDRESS>>
download 1000
upload 1000
exit
commit
y
add team team1-3g
algorithm distribute
add member tunnel site_name-3g1
exit
add member tunnel site_name-3g2
exit
exit
add policy policy1
source lan1Subnet
destination any
team team1-3g
exit
commit
y
config save
VBOND :
add tunnel site_name-3g1
type tcp
endpoint-remote 0.0.0.0
endpoint-local coreEndpoint
virtual-remote <<IP_ADDRESS>>
virtual-local <<IP_ADDRESS>>
download 1000
upload 1000
exit
add tunnel site_name-3g2
type tcp
endpoint-remote 0.0.0.0
endpoint-local coreEndpoint
virtual-remote <<IP_ADDRESS>>
virtual-local <<IP_ADDRESS>>
download 1000
upload 1000
exit
commit
y
add team site_name-3g
algorithm distribute
add member tunnel site_name-3g1
exit
add member tunnel site_name-3g2
exit
exit
commit
y
add address-alias site_name-lan
type destination
address <<LAN_IP_ADDRESS>><<NOTATION>>
exit
commit
y
add policy site_namepol
destination site_name-lan
team site_name-3g
exit
commit
y
config save
Comments
(There are currently no comments for this post.)