登陆ap,默认username:cisco.密码:Cisco,enable密码Cisco.
ap:
int bvi 1
ip add 137.78.5.188 255.255.255.0
1.WEP + Static key
dot11 ssid WEPSTATIC
vlan 5
authentication open
mbssid guest-mode
interface Dot11Radio0
!
encryption vlan 5 key 1 size 40bit 1f1f1f1f1f
encryption vlan 5 mode wep mandatory
!
ssid WEPSTATIC
mbssid
interface Dot11Radio0.5
encapsulation dot1Q 5
no ip route-cache
bridge-group 5
bridge-group 5 subscriber-loop-control
bridge-group 5 block-unknown-source
no bridge-group 5 source-learning
no bridge-group 5 unicast-flooding
bridge-group 5 spanning-disabled
interface FastEthernet0.5
encapsulation dot1Q 5
no ip route-cache
bridge-group 5
no bridge-group 5 source-learning
bridge-group 5 spanning-disabled
****************************************************
2.WEP + dynamic key + dot1x
aaa new-model
!
aaa authentication login eap_methods group radius
dot11 ssid WEPDot1x
vlan 10
authentication open eap eap_methods
authentication network-eap eap_methods
mbssid guest-mode
interface Dot11Radio0
encryption vlan 10 mode wep mandatory
ssid WEPDot1x
mbssid
interface Dot11Radio0.10
encapsulation dot1Q 10
no ip route-cache
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
bridge-group 10 spanning-disabled
interface FastEthernet0.10
encapsulation dot1Q 10
no ip route-cache
bridge-group 10
no bridge-group 10 source-learning
bridge-group 10 spanning-disabled
radius-server attribute 32 include-in-access-req format %h
radius-server host 137.78.5.186 auth-port 1645 acct-port 1646 key 7 030752180500
radius-server vsa send accounting
*****************************************************
3.WPA + PSK
dot11 ssid WPAPSK
vlan 7
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii wolfccies
interface Dot11Radio0
encryption vlan 7 mode ciphers tkip
ssid WPAPSK
mbssid
interface Dot11Radio0.7
encapsulation dot1Q 7
no ip route-cache
bridge-group 7
bridge-group 7 subscriber-loop-control
bridge-group 7 block-unknown-source
no bridge-group 7 source-learning
no bridge-group 7 unicast-flooding
bridge-group 7 spanning-disabled
interface FastEthernet0.7
encapsulation dot1Q 7
no ip route-cache
bridge-group 7
no bridge-group 7 source-learning
bridge-group 7 spanning-disabled
*******************************************************
4.WPA + Dot1x
dot11 ssid WPADOT1X
vlan 5
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa
mbssid guest-mode
interface Dot11Radio0
encryption vlan 5 mode ciphers tkip
ssid WPADOT1X
mbssid
interface Dot11Radio0.5
encapsulation dot1Q 5 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface FastEthernet0.5
encapsulation dot1Q 5 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
radius-server attribute 32 include-in-access-req format %h
radius-server host 137.78.5.186 auth-port 1645 acct-port 1646 key 7 030752180500
radius-server vsa send accounting
***************************************************
关于WPA和WPA2
encryption vlan 5 mode ciphers tkip (WPA)
encryption vlan 5 mode ciphers aes-ccm (WPA2)s
标签:bridge,group,no,无线,source,interface,加密技术,10 From: https://www.cnblogs.com/smoke520/p/18364943