Today I will show you how to establish a wireless point-to-point bridge for connecting to physical networks via two access points. I built a connection with 5GHz. My equipment:
- 2x Cisco Aironet Access Point 2600 (Dual-band autonomous 802.11a/g/n) (AIR-SAP2602I-E-K9)
- 2x Cisco Aironet 2.4-GHz/5-GHz MIMO 4-Element Patch Antenna (AIR-ANT2566P4W-R)
- 8x Cisco 50FT LOW LOSS CABLE (AIR-CAB050LL-R)
for the montage I used:
- TerraWave Antenna Adapter Plate (TW-CISCO-A2566)
- TerraWave Industrial Articulating Mount (TW-IART-MOUNTT)
The length between the two buildings are about 500 meters. The antennas are connected to a pole on the roof. We needed long antenna cables to connect the antennas from the roof to the access points inside the building behind the fire-resisting wall. Keep in mind that the longer antenna cables you use, the more they reduce the signal strength. You can play with the “antenna gain” value inside the Dot11Radio interface. With external antenna you have a gain substracted with the long antenna cable value.
I had very big problems to bring the wireless bridge online. After the remote AP has connected, the device crashed, writes a crash log into the flash and restarts. I got the following messages:
Sep 1 10:45:02.171: dot11_mgmt: bad cookie returned from driver for mac 580a.206a.fd00(expected 0x0, got 0x7F551F0) – force driver to delete client
Sep 1 10:45:05.659: %DOT11-4-MAXRETRIES: Packet to client 501c.bff7.fca0 reached max retries, removing the client
Sep 1 10:45:05.659: Client 501c.bff7.fca0 failed: reached maximum retries
Sep 1 10:45:05.659: %DOT11-6-DISASSOC: Interface Dot11Radio1, Deauthenticating Station 501c.bff7.fca0 Reason: Previous authentication no longer valid
Sep 1 10:45:05.659: %DOT11-6-DISASSOC: Interface Dot11Radio1, Deauthenticating Station 501c.bff9.fc20
Sep 1 10:45:05.659: %DOT11-4-MAXRETRIES: Packet to client 501c.bff7.fca0 reached max retries, removing the client
Installed software was ap3g2-k9w7-mx.152-2.JA. Then I decided to update both autonomous IOS images. I downloaded ap3g2-k9w7-tar.152-4.JB6.tar and erased the whole flash on the system. Don’t forget to save the config with “wr mem” after this. After this you can download and extract directly to the flash with
archive download-sw tftp://10.20.30.5/ap3g2-k9w7-tar.152-4.JB6.tar
After the reload I could successfully connect both access points. Here is my configuration:
Root Access Point:
dot11 ssid WIRELESSBRIDGE
authentication open
authentication key-management wpa version 2
wpa-psk ascii Th1sIsmyP@sswordinterface Dot11Radio1
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm
!
ssid WIRELESSBRIDGE
!
antenna gain 0
peakdetect
distance 1
no dfs band block
stbc
channel dfs
station-role root bridge
bridge-group 1interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
bridge-group 1 spanning-disabledinterface BVI1
ip address 10.20.30.251 255.255.255.0
no ip route-cacheip default-gateway 10.20.30.1
Non-Root Access Point:
dot11 ssid WIRELESSBRIDGE
authentication open
authentication key-management wpa version 2
wpa-psk ascii Th1sIsmyP@sswordinterface Dot11Radio1
description 5 GHz
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm
!
ssid OSLRICHTFUNK
!
antenna gain 0
peakdetect
distance 1
stbc
station-role non-root bridge
bridge-group 1
bridge-group 1 spanning-disabledinterface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
bridge-group 1 spanning-disabledinterface BVI1
ip address 10.20.30.252 255.255.255.0
no ip route-cacheip default-gateway 10.20.30.1
