Escolar Documentos
Profissional Documentos
Cultura Documentos
II
Preface
This report basically focuses on configuring and implementation of wireless
network in two different company sites. We analyse the problems and suggest the
solution for problem areas. We also explain the benefits of wireless and IEEE 802.11
security protocol which we use for this network. Benefit of this security protocol is
to secure our network standards. We discussed about wireless network sites survey
in different angels. There are various types of surveys some of them are been
discussed in our report. We define the importance of surveys. After defining almost
all types of surveys we explain the differences deeply. Radio frequency is also been
used for Riga and Malmo site in our report. We implemented radio frequency for our
Riga wireless network to broadcast SSID and also decide for broadcasting SSID
which 802.11a, b, g, n channels select for the Access Point.
We focus on the issues about Interference in signal strength and radio frequency.
We configure Repeater and associate it with our Root Access point to increase the
range of wireless network in Riga site. We define these issues by giving some logical
examples. Aironet client utility site survey tools operate the radio frequency and
help to determine the places and coverage area of the wireless devices. This tool
also uses to determine the best place of device in the area and eliminating of dead
area so we use this tool to determine the low frequency area. We use hardware and
software tools which we use to check the signal strength in the wireless area. We
measure the security level for different departments for example we analyse which
department need more or less access to the internet resources.
We configure Radius Server or implement other services through which users can
authenticate. We use 802.xx standards for these services. We also kept in mind there
are some departments need to be confidentially secure. We practically work on
wireless network component to configure wireless network infrastructure. There is
various type of mode of wireless networking mode and we discuss some of in this
report. There are many other issues been discussed in this report we describe here
only some basic issues. We have worked practically to understand all these themes.
We also faced some problems during completing this report and working practically
on configuring wireless and industrial for Malmo and Riga site.
III
IV
Abstract
The purpose of this thesis report is to implement the wireless network in two different
company sites ABC the Riga site and Malmo site. The main task of this report is to
implement and configure wireless industrial network. This report based on information
gathering method from ABC company and there requirement for wireless network.
This report also focuses on their security system, planning infrastructure and
implementation. Different tools been used to verify the wireless network connection
speed and limitations. This report also deals with benefits and drawback of industrial
networking.
VI
Table of Contents
1. INTRODUCTION
2. PROBLEM AND GOALS
3.WIRELESS BENEFITS AND IEEE 802.XX
STANDARDS
3.1WIRELESS BENEFITS:
3.1.1 Users Roaming
3.1.2 Rapid Installation
3.1.3 Surveillance of Area by Wireless Network
3.1.4 Increased Flexibility
3.1.5 Scalability
3.1.6 Centralized Management
3.1.7 Low Implementation Cost
3.1.8 Wireless Standards
VII
9.4 SWITCHES. 20
9.5 WIRELESS ACCESS POINTS
9.6 USER DEVICES.
IX
1. Introduction
Wireless network are the communication medium without using physical cables
and connections. This medium used in radio frequency for sending and receiving
data between devices for example computers and PDAs etc. There are many types of
networks but the main wireless networks are wide area network, local area network
and personal area network .The WWAN include the wide area technologies for
example, 3g cellular, global system for mobile communication (GSM) and
global positing system (GPS).WLAN is also focused on radio frequency which
includes 802, Xx standards and hyper lane. Bluetooth and infrared (IR) radio are
controlled by WPAN.
Wlan plays backbone role for todays competent atmosphere in wireless
communication technology .Wireless devices connect to the internet through access
points (AP) in Laptops, PDAs etc. AP has different coverage areas based on number
of users and data rates. This area is known as range or cell. Wireless LAN also
provide roaming services for example , everyone can use internet connection inside
the industry without disconnecting internet. There are also many limitations like
frequency range which can effect on sending and receiving data.
DRAWBACKS: - there are also draw backs in wireless networks. Network attacks,
loss of confidentiality and integrity. They are main drawbacks in industrial wireless
networking. Despite all the limitation and drawbacks wireless network still have
great benefits like providing great scalability, flexibility, fast installation ,low cost,
time saving, Centralizing management and mobility of users. We can assume
wireless LAN provide the flexibility, portability and reduce the installation cost in
industrial networking.
ABC company is having problem in there wireless network. Riga and Malmo sited
are not fully secured. Management staff and the factory staff using the same Riga
wireless network which is unsecured because management staff having some
important data which can leak out easily.
10Another problem is some areas of factory having low signal strength. Internet
speed can also slow if number of users will be increase. This site have a building 1
with building 2.Company will need the internet service in building one that will
transfer to other offices. It is impossible to provide internet via cables everywhere
without using wireless connection.
In Malmo site there is three department Administrative, Engineering and Marketing
staff. They are using one vlan for internet and with access points. They want to
separate every department with separate vlan and want to increase security
measures.
Our goals are to provide the secured wireless network by separating the vlans and
using latest wireless technology devices. Like in Malmo authentication will be by the
controller so every users will be authenticate by the radius server.
3.1.5 Scalability:
Wireless network can easily expanded according to consumer requirements there will be
not much cost required for the expansion of the network.
and WPA security. Because it operate in 2.4GHz there for devices with 802.11 suffer
with microwave oven, Bluetooth devices and cordless phones.
Technical Reasons
RF interference sources
Security requirements
Power requirements
Data sending and receiving
Requirements
4.6.1 Walls:
The walls which are constructing by concrete are the interference sources to
lower down the signals strength.
4.6.3 Ceiling:
If metal is used in the ceiling this would be a interference medium for the RF.
8.1 AUTHENTICATION.
This is the method which describes how the user will be authenticating to gain
access to the network resources. Sometime companies already have some
infrastructure from which the users are authenticate like windows server. If there is
not any authenticate server you can configure Radius Server or implement other
services through which users can authenticate and these services should be
compatible with 802.xx standards.
8.2 CONFIDENTIALITY
In this method transmitting data is hided or secured by different encryption
method. So the data is encrypted by different algorithm and techniques which
cannot be read by the wireless attackers. Data Encryption Standard (DES),
Encryption Service Adapter (ESA) this is hardware base used in Cisco routers, MD5,
8.3 INTEGRITY.
This is the mechanism through which it is determine that the transmitted data has
not been modified, altered or damage. The secrete key based or public key based
algorithms are used to maintain this.
9.3 ROUTERS.
These are devices which are used to forward data between networks. These are
also known as layer three devices because these work on layer three of the OSI
Reference Model . In layer three data is send and receive on Internet Protocol (IP).
Network Address Translation (NAT) and Port Address Translation (PAT) are used
by the Routers to forward data by using single IP.
9.4 SWITCHES.
There are two kinds of switches layer two devices and layer three devices. The
layer two devices works on MAC Address and layer three switch works on IP. The
layer-3 switches are also known as multilayer switches.
In Riga site we configure Layer 3 and Layer 2 switch. In Layer 3 switch we create
Three VLANS Factory Management, Factory Users, Building 2. We have created
VLAN interfaces for every VLAN. We also create DHCP Pool for every VLAN
because VLAN users can get ip address directly from that vlan dhcp pool. We used
encapsulate dot1q trunk Protocol for communication between Layer 3 and Layer 2
switch. We used vtp server mode for transferring DHCP pool data to layer 2 switch.
In Layer 2 switch we used switch port mode trunk protocol on that port
which is directly connected with Layer 3 switch for communication between Layer 3
and Layer 2 switch. In layer 2 switch we applied switch port access protocol for
assigning VLAN 11 for Factory Management. We connected access point for Factory
Management with Layer 2 switch. We configured SSID and implement security on
this Access point. Every user who will connect with this access point get ip address
from Factory Management vlan 11.
We connected one Link sys Router with Layer 2 switch for Factory users. We
configured Link sys router and assigned Vlan 10 for Factory users. Every Factory
user will get ip address of VLAN 10.
We connected Root AP and Repeater with Layer 2 switch for the Building 2 site. We
configured and Broadcast SSID for the Building 2 users. We implemented security
on Access point because unauthorized person cannot connect with Building 2 SSID.
On Repeater we configured same SSID and security which is already implemented
on Root AP. We used Repeater to increase the strength and area of our wireless
signals.
In Malmo site we configured layer 3 switch, layer 2 switch, wireless controller, ACS
(Radius server) and Light weight APS. We also configured DHCP Server and
encapsulate dot1q Protocol on layer 3 switch. We have created and assigned Three
VLANS for different departments. In layer 2 switch we configured mode trunk
protocol and switch port mode access protocol for communicating between access
points. Wed configured wireless controller and create SSID for every department.
After creating SSIDS on wireless controller we implemented 802.1x security on
these SSIDs. We installed Radius server on PC for creating users and authenticating
every user through Radius server. We assign Radius server as AAA SERVER and
Wireless controller as AAA server client Role. We created users and implemented
security 802.1x security on all of them. Every department users firstly authenticate
from Radius server after that users will connect with his department SSID and get
the ip address from DHCP SERVER.
13. References
[1]
http://en.wikipedia.org/wiki/Wireless_network#Wireless_LAN[Retrieved: 18 May
2012]
[2]
http://en.wikipedia.org/wiki/IEEE_802.11[Retrieved: 1 June 2012]
[3]
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_q_and_a_item09186
a00805e9a96.shtml[Retrieved: 16 June 2012]
[4]
http://en.wikipedia.org/wiki/Spectrum_analyzer [Retrieved: 1 june 2012]
http://en.wikipedia.org/wiki/File:FSL.jpg [Retrieved: 31 June 2012]
[5]
http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps430/ps4076/pr
oduct_data_sheet09186a00800937a6.html [Retrieved: 15 July 2012]
14. Conclussion:
15 users for each Vlan. So each users will be individually authenticated from the
controller because Radius Server provide the per user authentication.
We kept in mind the IEEE 802.xx standards because IEEE 802.xx standards vary in
security level and data transfer rate. So we also have taken the overview of
authentication, integrity, confidentiality and the security feature. In my report we
also discusses the limitations like frequency rang which effect the sending and
receiving data. The drawbacks like network attacks, loss of confidentiality and loss
of integrity are the main drawbacks in the industrial wireless
networking.
Despite all the limitations and drawbacks wireless network provide great scalability,
flexibility, speedy installation, low cost, time saving, centralizing management, and
mobility of users are the great benefits of industrial wireless networking.
14. Appendix
14.1 Malmo site configuration
14.1.1 Wireless controller configuration
Mode
POE
-- ------- ---- ------- ---------- ---------- ------ ------- --------1 Normal Forw Enable Auto
100 Full Up
Enable N/A
Auto
Auto
Auto
Auto
Auto
Auto
Auto
AP Summary
Number of APs.................................... 1
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
AP Name
Slots AP Model
Ethernet MAC
Location
Port Country
Priority
------------------ ----- -------------------- ----------------- ---------------- ---- ------- -----AP1cdf.0f4e.be7c
SE
Interface
-------
-----------
management
10
engineer
11
marketing
12
factoryadmin
AP Name
-------------------------Disabled
Disabled
Disabled
Disabled
Slots AP Model
Ethernet MAC
Location
Port Country
Priority
------------------ ----- ------------------- ----------------- ---------------- ---- ------- -------AP1cdf.0f4e.be7c
SE
AP Config
Cisco AP Identifier.............................. 0
Cisco AP Name.................................... AP1cdf.0f4e.be7c
Country code..................................... SE - Sweden
Regulatory Domain allowed by Country............. 802.11bg:-E
AP Country code.................................. SE - Sweden
AP Regulatory Domain............................. -E
Switch Port Number .............................. 1
MAC Address...................................... 1c:df:0f:4e:be:7c
IP Address Configuration......................... DHCP
IP Address....................................... 172.32.1.36
IP NetMask....................................... 255.255.255.0
Gateway IP Addr.................................. 172.32.1.1
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
Cisco AP Location................................ default location
Cisco AP Group Name.............................. default-group
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
--More or (q)uit current module or <ctrl-z> to abort..
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... Local
802.11a:-E
Tx Power
......................................... 13
Diversity.................................. DIVERSITY_ENABLED
Interference threshold..................... 10 %
RF utilization threshold................... 80 %
Containment Count............................ 0
CleanAir Capable......................... No
Cisco AP Identifier.............................. 0
802.11a:-E
AP Regulatory Domain............................. -E
IP Address....................................... 172.32.1.36
IP NetMask....................................... 255.255.255.0
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1131AG-E-K9
AP Image......................................... C1130-K9W8-M
AP Up Time....................................... 0 days, 07 h 09 m 27 s
CellId ...................................... 0
Station Configuration
Tx Power
......................................... 104,108,112,116,132,136,140
Diversity.................................. DIVERSITY_ENABLED
Interference threshold..................... 10 %
RF utilization threshold................... 80 %
Containment Count............................ 0
CleanAir Capable......................... No
Number Of Slots.................................. 2
AP Name.......................................... AP1cdf.0f4e.be7c
Slot ID........................................ 0
Noise Information
Interference Information
Load Information
Receive Utilization.......................... 0 %
Transmit Utilization......................... 2 %
Channel Utilization.......................... 4 %
Coverage Information
Nearby APs
Radar Information
RF Parameter Recommendations
Power Level.................................. 1
Antenna Pattern.............................. 0
Classtype
All third party trademarks are the property of their respective owners.
Number Of Slots.................................. 2
AP Name.......................................... AP1cdf.0f4e.be7c
Slot ID........................................ 1
Noise Information
Interference Information
.............................................
Channel 36................................... 1/ 0/ 0
Channel 40................................... 1/ 0/ 0
Channel 44................................... 1/ 0/ 0
Channel 48................................... 0/ 0/ 0
Channel 52................................... 0/ 0/ 0
Channel 56................................... 0/ 0/ 0
Channel 60................................... 0/ 0/ 0
Channel 64................................... 0/ 0/ 0
Channel 100.................................. 0/ 0/ 0
Channel 104.................................. 0/ 0/ 0
Channel 108.................................. 0/ 0/ 0
Channel 112.................................. 0/ 0/ 0
Channel 116.................................. 0/ 0/ 0
Channel 132.................................. 0/ 0/ 0
Channel 136.................................. 0/ 0/ 0
Channel 140.................................. 0/ 0/ 0
Load Information
Receive Utilization.......................... 0 %
Transmit Utilization......................... 0 %
Channel Utilization.......................... 0 %
Coverage Information
Nearby APs
Radar Information
RF Parameter Recommendations
Power Level.................................. 1
Antenna Pattern.............................. 0
Classtype
All third party trademarks are the property of their respective owners.
802.11a Configuration
11nSupport....................................... Enabled
802.11n Status:
A-MPDU Tx:
CFP Period....................................... 4
Default Channel.................................. 36
TI Threshold..................................... -50
Voice AC:
Voice Max-Streams............................. 2
Video AC:
AP Name
MAC Address
TxPower
AP1cdf.0f4e.be7c
00:3a:99:0d:44:20 ENABLED
UP
64*
1(*)
Minimum...................................... unknown
Average...................................... unknown
Maximum...................................... unknown
Minimum...................................... 0 days, 01 h 16 m 57 s
Average...................................... 0 days, 01 h 16 m 57 s
Maximum...................................... 0 days, 01 h 16 m 57 s
128,132,136,140
Radio RF Grouping
Jammer................................... Enabled
SuperAG.................................. Enabled
Canopy................................... Enabled
Jammer................................... Enabled
SuperAG.................................. Disabled
Canopy................................... Disabled
Radio RF Grouping
Jammer................................... Enabled
802.15.4................................. Enabled
SuperAG.................................. Enabled
Canopy................................... Enabled
Xbox..................................... Enabled
Jammer................................... Enabled
802.15.4................................. Disabled
SuperAG.................................. Disabled
Canopy................................... Disabled
Xbox..................................... Disabled
AQ = Air Quality
DFS = Dynamic Frequency Selection
AP Name
Mobility Configuration
MAC Address
IP Address
f8:66:f2:62:30:40 172.32.1.100
Group Name
Malmo
Advanced Configuration
Multicast IP
0.0.0.0
Up
Status
dot11-padding.................................... Disabled
Location Configuration
Interface Configuration
IP Address....................................... 172.32.100.100
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 172.32.100.1
VLAN............................................. 100
Physical Port.................................... 1
ACL.............................................. Unconfigured
AP Manager....................................... Yes
Guest Interface.................................. No
IP Address....................................... 172.32.10.100
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 172.32.10.1
VLAN............................................. 10
Quarantine-vlan.................................. 0
Physical Port.................................... 1
ACL.............................................. Unconfigured
AP Manager....................................... No
Guest Interface.................................. No
IP Address....................................... 172.32.12.100
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 172.32.12.1
VLAN............................................. 12
Quarantine-vlan.................................. 0
Physical Port.................................... 1
ACL.............................................. Unconfigured
AP Manager....................................... No
Guest Interface.................................. No
IP Address....................................... 172.32.1.100
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 172.32.1.1
VLAN............................................. untagged
Quarantine-vlan.................................. 0
Physical Port.................................... 1
ACL.............................................. Unconfigured
AP Manager....................................... No
Guest Interface.................................. No
IP Addre
ss....................................... 172.32.11.100
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 172.32.11.1
VLAN............................................. 11
Quarantine-vlan.................................. 0
Physical Port.................................... 1
ACL.............................................. Unconfigured
AP Manager....................................... No
Guest Interface.................................. No
MAC Address............
.......................... f8:66:f2:62:30:40
IP Address....................................... 1.1.1.1
AP Manager....................................... No
Guest Interface.................................. No
WLAN Configuration
WLAN Identifier.................................. 1
Status........................................... Enabled
NAC-State...................................... Disabled
Quarantine VLAN................................ 0
Interface........................................ management
WMM.............................................. Allowed
Radius Servers
Security
802.1X........................................ Disabled
Web-Passthrough............................... Disabled
WLAN ID
-------
IP Address
---------------
Status
------
WLAN Configuration
WLAN Identifier.................................. 10
Status........................................... Enabled
NAC-State...................................... Disabled
Quarantine VLAN................................ 0
Interface........................................ engineer
WMM.............................................. Allowed
Radius Servers
Security
Key Index:...................................... 1
802.1X........................................ Disabled
Web-Passthrough............................... Disabled
WLAN ID
-------
IP Address
---------------
Status
------
WLAN Configuration
WLAN Identifier.................................. 11
Status........................................... Enabled
NAC-State...................................... Disabled
Quarantine VLAN................................ 0
Interface........................................ marketing
WMM.............................................. Allowed
Radius Servers
Security
Key Index:...................................... 1
802.1X........................................ Disabled
Web-Passthrough............................... Disabled
WLAN ID
IP Address
Status
-------
---------------
------
WLAN Configuration
WLAN Identifier.................................. 12
Status........................................... Enabled
NAC-State...................................... Disabled
Quarantine VLAN................................ 0
Interface........................................ factoryadmin
WMM.............................................. Allowed
Radius Servers
Security
Key Index:...................................... 1
802.1X........................................ Disabled
Web-Passthrough............................... Disabled
WLAN ID
IP Address
Status
-------
---------------
------
ACL Configuration
RADIUS Configuration
Keywrap.......................................... Disabled
Fallback Test:
Authentication Servers
AuthMode/Phase1/Group/Lifetime/Auth/Encr
Accounting Servers
AuthMode/Phase1/Group/Lifetime/Auth/Encr
TACACS Configuration
Authentication Servers
Authorization Servers
Tout
Tout
Accounting Servers
Tout
LDAP Configuration
Timer:
EAP-FAST:
Group Name
# Aps
Route Info
Number of Routes................................. 0
Destination Network
Netmask
Gateway
Authorization List
Statistics
CDP Configuration
-----------------:+-+-+-+-+-+-+-+-+-+-+-+-+-+-
802.11bg
Channels
11111
:12345678901234
-----------------:+-+-+-+-+-+-+-+-+-+-+-+-+-+-
SE (-E ,-E ): A * * * * A * * * * A * * .
-----------------:+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
802.11a
1111111111111111
Channels
:3334444455660001122233445566
:4680246826040482604826093715
-----------------:+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
SE (-E ,-E ): . A . A . A . A A A A A * * * * * * * * * * * . . . . .
Auto-Immune
Auto-Immune.................................... Disabled
IP-theft....................................... Enabled
Signature Policy
CustomLogo....................................... None
Rogue AP Configuration
MAC Address
Classification
00:16:a6:16:d3:78 Unclassified
00:1b:0c:4a:21:c4 Unclassified
00:1f:6c:a9:08:00 Unclassified
00:22:6b:7c:08:20 Pending
00:25:9c:21:89:12 Pending
08:76:ff:06:af:b9 Unclassified
08:76:ff:9b:8a:32 Unclassified
1c:17:d3:16:28:e0 Unclassified
1c:17:d3:16:28:e2 Unclassified
1c:17:d3:16:28:ed Unclassified
1c:17:d3:16:28:ef Unclassified
1c:17:d3:16:2e:d0 Unclassified
1c:17:d3:16:2e:d2 Unclassified
1c:17:d3:16:2e:dd Unclassified
1c:17:d3:16:2e:df Unclassified
1c:17:d3:16:bd:50 Pending
1c:17:d3:ca:34:c0 Unclassified
1c:17:d3:ca:34:c2 Unclassified
1c:17:d3:ca:34:cd Unclassified
1c:17:d3:ca:34:cf Unclassified
e8:39:df:51:04:8d Unclassified
State
MAC Address
State
MAC Address
-----------------
State Type
Media-Stream Configuration
Allowed WLANs....................................
End IP
Operation Status
URL..............................................
E-mail...........................................
Phone............................................
Note.............................................
State............................................ disable
Multicast-direct................................. Enabled
--More-- or (q)uit
Multicast-direct................................. Enabled
Number of Clients................................ 0
--More-- or (q)uit
Client Mac
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
switchport access vlan 10
switchport mode access
spanning-tree portfast
interface FastEthernet0/6
switchport mode trunk
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address dhcp
ip http server
ip http secure-server
ip sla enable reaction-alerts
!
line con 0
line vty 5 15
!
end
ip routing
ip dhcp excluded-address 172.32.10.1 172.32.10.10
ip dhcp excluded-address 172.32.11.1 172.32.11.10
ip dhcp excluded-address 172.32.12.1 172.32.12.10
ip dhcp excluded-address 172.32.1.1 172.32.1.10
!
ip dhcp pool Marketing
network 172.32.11.0 255.255.255.224
default-router 172.32.11.1
!
ip dhcp pool Factory_Admin
network 172.32.12.0 255.255.255.224
default-router 172.32.12.1
!
ip dhcp pool pool1
network 172.32.1.0 255.255.255.0
default-router 172.32.1.1
!
ip dhcp pool pool100
network 172.32.100.0 255.255.255.0
default-router 172.32.100.1
!
ip dhcp pool Engineers
network 172.32.10.0 255.255.255.0
default-router 172.32.10.1
!
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/7
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/8
!
interface FastEthernet0/22
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 172.32.1.1 255.255.255.0
!
interface Vlan10
ip address 172.32.10.1 255.255.255.0
!
interface Vlan11
ip address 172.32.11.1 255.255.255.224
!
interface Vlan12
ip address 172.32.12.1 255.255.255.224
!
interface Vlan100
ip address 172.32.100.1 255.255.255.0
ip classless
ip http server
ip http secure-server
!
!
!
nterface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
switchport trunk native vlan 1
switchport mode trunk
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
switchport access vlan 11
switchport mode access
switchport nonegotiate
!
!
interface FastEthernet0/16
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
switchport access vlan 12
switchport mode access
switchport nonegotiate
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
interface Vlan1
ip address 172.32.1.1 255.255.255.0
!
interface Vlan10
ip address 172.32.10.1 255.255.255.0
!
interface Vlan11
ip address 172.32.11.1 255.255.255.224
!
interface Vlan12
ip address 172.32.12.1 255.255.255.224
!
ip http server
ip http secure-server
ip sla enable reaction-alerts
!
line con 0
line vty 0 4
password cisco
login
line vty 5 15
login
!
end
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
switchport access vlan 10
switchport mode access
switchport nonegotiate
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
switchport access vlan 11
switchport mode access
switchport nonegotiate
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
interface Vlan1
no ip address
!
ip http server
ip http secure-server
ip sla enable reaction-alerts
!
line con 0
line vty 0 4
password cisco
login
line vty 5 15
login
!
end
!
hostname RigaRootap
!
enable secret 5 $1$rCfq$0Z7HdLLWnxla/ndX8QMd61
!
ip subnet-zero
!
!
no aaa new-model
!
dot11 ssid Pakistan
vlan 12
authentication open
guest-mode
!
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1.12
encapsulation dot1Q 12
no ip route-cache
bridge-group 12
bridge-group 12 subscriber-loop-control
bridge-group 12 block-unknown-source
no bridge-group 12 source-learning
no bridge-group 12 unicast-flooding
bridge-group 12 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
hold-queue 160 in
interface FastEthernet0.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.12
encapsulation dot1Q 12
no ip route-cache
bridge-group 12
no bridge-group 12 source-learning
bridge-group 12 spanning-disabled
!
interface BVI1
ip address 192.168.12.4 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.12.1
ip http server
no ip http secure-server
ip http help-path
http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
control-plane
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
!
end
!
interface Dot11Radio0
no ip address
no ip route-cache
!
ssid Pakistan
!
parent 1 001f.6ca9.0800
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role repeater
!
interface Dot11Radio0.12
encapsulation dot1Q 12 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
station-role root
!
interface Dot11Radio1.12
encapsulation dot1Q 12 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
hold-queue 160 in
!
interface FastEthernet0.12
encapsulation dot1Q 12 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 192.168.12.9 255.255.255.0
no ip route-cache
!
ip default-gateway 12.168.12.1
ip http server
no ip http secure-server
ip http help-path
http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
control-plane
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
!
end