Network Guys

Share your knowledge!

Wireless Point-to-Point Bridge

Today I will show you how to establish a wireless point-to-point bridge for connecting to physical networks via two access points. I built a connection with 5GHz. My equipment:

  • 2x Cisco Aironet Access Point 2600 (Dual-band autonomous 802.11a/g/n) (AIR-SAP2602I-E-K9)
  • 2x Cisco Aironet 2.4-GHz/5-GHz MIMO 4-Element Patch Antenna (AIR-ANT2566P4W-R)
  • 8x Cisco 50FT LOW LOSS CABLE (AIR-CAB050LL-R)

for the montage I used:

  • TerraWave Antenna Adapter Plate (TW-CISCO-A2566)
  • TerraWave Industrial Articulating Mount (TW-IART-MOUNTT)

The length between the two buildings are about 500 meters. The antennas are connected to a pole on the roof. We needed long antenna cables to connect the antennas from the roof to the access points inside the building behind the fire-resisting wall. Keep in mind that the longer antenna cables you use, the more they reduce the signal strength. You can play with the “antenna gain” value inside the Dot11Radio interface. With external antenna you have a gain substracted with the long antenna cable value.

I had very big problems to bring the wireless bridge online. After the remote AP has connected, the device crashed, writes a crash log into the flash and restarts. I got the following messages:

Sep 1 10:45:02.171: dot11_mgmt: bad cookie returned from driver for mac 580a.206a.fd00(expected 0x0, got 0x7F551F0) – force driver to delete client
Sep 1 10:45:05.659: %DOT11-4-MAXRETRIES: Packet to client 501c.bff7.fca0 reached max retries, removing the client
Sep 1 10:45:05.659: Client 501c.bff7.fca0 failed: reached maximum retries
Sep 1 10:45:05.659: %DOT11-6-DISASSOC: Interface Dot11Radio1, Deauthenticating Station 501c.bff7.fca0 Reason: Previous authentication no longer valid
Sep 1 10:45:05.659: %DOT11-6-DISASSOC: Interface Dot11Radio1, Deauthenticating Station 501c.bff9.fc20
Sep 1 10:45:05.659: %DOT11-4-MAXRETRIES: Packet to client 501c.bff7.fca0 reached max retries, removing the client

Installed software was ap3g2-k9w7-mx.152-2.JA. Then I decided to update both autonomous IOS images. I downloaded ap3g2-k9w7-tar.152-4.JB6.tar and erased the whole flash on the system. Don’t forget to save the config with “wr mem” after this. After this you can download and extract directly to the flash with

archive download-sw tftp://10.20.30.5/ap3g2-k9w7-tar.152-4.JB6.tar

After the reload I could successfully connect both access points. Here is my configuration:

Root Access Point:

dot11 ssid WIRELESSBRIDGE
authentication open
authentication key-management wpa version 2
wpa-psk ascii Th1sIsmyP@ssword

interface Dot11Radio1
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm
!
ssid WIRELESSBRIDGE
!
antenna gain 0
peakdetect
distance 1
no dfs band block
stbc
channel dfs
station-role root bridge
bridge-group 1

interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
bridge-group 1 spanning-disabled

interface BVI1
ip address 10.20.30.251 255.255.255.0
no ip route-cache

ip default-gateway 10.20.30.1

 

Non-Root Access Point:

dot11 ssid WIRELESSBRIDGE
authentication open
authentication key-management wpa version 2
wpa-psk ascii Th1sIsmyP@ssword

interface Dot11Radio1
description 5 GHz
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm
!
ssid OSLRICHTFUNK
!
antenna gain 0
peakdetect
distance 1
stbc
station-role non-root bridge
bridge-group 1
bridge-group 1 spanning-disabled

interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
bridge-group 1 spanning-disabled

interface BVI1
ip address 10.20.30.252 255.255.255.0
no ip route-cache

ip default-gateway 10.20.30.1

Leave a Reply

Click on the button to load the content from jetpack.wordpress.com.

Load content

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Certificates

ekahau Certified Survey Engineer
ATP_wsrgb
ACMP2
suca
Post Categories
Post Archives