+ Reply to Thread
Results 1 to 9 of 9

Thread: Ap-1131ag

  1. Brain Dumps Smell Bad boostinbadger's Avatar
    Join Date
    Dec 2007
    Location
    Virginia
    Posts
    256

    Certifications
    CCENT - CCNA - WCSP - MCE
    #1

    Default Ap-1131ag

    I have reset my AP but when it comes back to the ap> prompt and asks for the password "cisco" does not work. I know it is reset because the hostname was not "ap" when I turned it on.

    I don't have any experience with these yet and don't know if I am doing this right.

    Thanks
    Reply With Quote Quote  

  2. SS -->
  3. was here.
    Join Date
    Apr 2008
    Posts
    4,504
    #2
    Default password for the APs is Cisco with a capital C.
    Reply With Quote Quote  

  4. Brain Dumps Smell Bad boostinbadger's Avatar
    Join Date
    Dec 2007
    Location
    Virginia
    Posts
    256

    Certifications
    CCENT - CCNA - WCSP - MCE
    #3
    Thanks!

    What does a basic config usually look like?
    Reply With Quote Quote  

  5. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,584

    Certifications
    SpecterOps: Powershell Adversary Tactics, SilentBreakSecurity - DarkSideOps, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , C|EH , PA ACE
    #4
    Well i havent played with Cisco APs in a while since i moved jobs and im focused more on ASA's. I would expect it to be a short basic config , you will probably see stuff like the Radio configs , they should be turned off by default last i remembered. However the APs are designed to be configured using the web gui. I would suggest configuring these APs with the GUI. Good luck!
    2017 Goals: Dark Side OPS: Custom Pentesting (complete), SpecterOps: PowerShell Adversary Tactics (completed), eCPPT (2nd attempt), LFCS (4th attempt )
    2018 Goals: eCPPT, OSCP
    Reply With Quote Quote  

  6. Brain Dumps Smell Bad boostinbadger's Avatar
    Join Date
    Dec 2007
    Location
    Virginia
    Posts
    256

    Certifications
    CCENT - CCNA - WCSP - MCE
    #5
    What is the default IP? 192.168.1.1?
    Reply With Quote Quote  

  7. was here.
    Join Date
    Apr 2008
    Posts
    4,504
    #6
    Quote Originally Posted by boostinbadger View Post
    What is the default IP? 192.168.1.1?
    I can't remember exactly but I believe it uses DHCP by default. Either way, use the console and have a look.
    Reply With Quote Quote  

  8. Psychotron Member Megadeth4168's Avatar
    Join Date
    Jan 2006
    Location
    Detroit
    Posts
    2,162

    Certifications
    A+, Network+, Security+, Server+,Project+,MCSE, CCNA:S, CISSP, CCNP, CEH, GCED
    #7
    I believe the default IP is 10.0.0.1 and that the default SSID is tsunami.

    One issue that I've run into with configuring these through the web browser is that the newer browsers don't react well. Firefox didn't seem to work at all... IE7 works but it is still a little flaky. I prefer the CLI myself.
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Sep 2009
    Location
    Wales, UK
    Posts
    411

    Certifications
    CCENT, CCNA, CCNA Voice, CCNA Security, ITIL V3 Foundation, MCP, MCTS
    #8
    Quote Originally Posted by boostinbadger View Post
    Thanks!

    What does a basic config usually look like?
    This is my not quite so basic configuration. If you can get the GUI working that is the best method although not entirely inuitive.

    I got two SSIDs on the AP, one fully open for just internet access, the other using WPA2 with dot1.x authentication for my internal LAN. Each SSID is bridged to a different VLAN on the ethernet sub interfaces.

    Code:
    Current configuration : 5292 bytes
    !
    ! No configuration change since last restart
    !
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    !
    hostname AP1130AG
    !
    enable secret 5 XXXXXXXXXXXXXXXXX
    !
    aaa new-model
    !
    !
    aaa group server radius rad_eap
     server XXXXXXXXXXXXXXXXX auth-port 1645 acct-port 1646
    !
    aaa group server radius rad_mac
    !
    aaa group server radius rad_acct
    !
    aaa group server radius rad_admin
    !
    aaa group server tacacs+ tac_admin
    !
    aaa group server radius rad_pmip
    !
    aaa group server radius dummy
    !
    aaa authentication login eap_methods group rad_eap
    aaa authentication login mac_methods local
    aaa authorization exec default local
    aaa accounting network acct_methods start-stop group rad_acct
    !
    aaa session-id common
    ip domain name XXXXXXXXXXXXXXXXX.co.uk
    !
    !
    dot11 syslog
    !
    dot11 ssid Internet
       vlan 201
       authentication open
       mbssid guest-mode
    !
    dot11 ssid Trusted
       vlan 200
       authentication open eap eap_methods
       authentication key-management wpa version 2
       mbssid guest-mode
    !
    power inline negotiation injector 001d.e5ca.c4ac
    !
    crypto pki trustpoint TP-self-signed-3847650946
     enrollment selfsigned
     subject-name cn=IOS-Self-Signed-Certificate-3847650946
     revocation-check none
     rsakeypair TP-self-signed-3847650946
    !
    !
    crypto pki certificate chain TP-self-signed-3847650946
     certificate self-signed 01
     XXXXXXXXXXXXXXXXX
      quit
    username admin privilege 15 secret 5 XXXXXXXXXXXXXXXXX
    !
    !
    bridge irb
    !
    !
    interface Dot11Radio0
     no ip address
     no ip route-cache
     !
     encryption vlan 200 mode ciphers aes-ccm
     !
     ssid Internet
     !
     ssid Trusted
     !
     mbssid
     station-role root
     no dot11 extension aironet
     bridge-group 1
     bridge-group 1 block-unknown-source
     no bridge-group 1 source-learning
     no bridge-group 1 unicast-flooding
     bridge-group 1 spanning-disabled
    !
    interface Dot11Radio0.200
     encapsulation dot1Q 200
     no ip route-cache
     bridge-group 200
     bridge-group 200 subscriber-loop-control
     bridge-group 200 block-unknown-source
     no bridge-group 200 source-learning
     no bridge-group 200 unicast-flooding
     bridge-group 200 spanning-disabled
    !
    interface Dot11Radio0.201
     encapsulation dot1Q 201
     no ip route-cache
     bridge-group 201
     bridge-group 201 subscriber-loop-control
     bridge-group 201 block-unknown-source
     no bridge-group 201 source-learning
     no bridge-group 201 unicast-flooding
     bridge-group 201 spanning-disabled
    !
    interface Dot11Radio1
     no ip address
     no ip route-cache
     shutdown
     no dfs band block
     channel dfs
     station-role root
     bridge-group 1
     bridge-group 1 subscriber-loop-control
     bridge-group 1 block-unknown-source
     no bridge-group 1 source-learning
     no bridge-group 1 unicast-flooding
     bridge-group 1 spanning-disabled
    !
    interface FastEthernet0
     no ip address
     no ip route-cache
     duplex auto
     speed auto
     bridge-group 1
     no bridge-group 1 source-learning
     bridge-group 1 spanning-disabled
    !
    interface FastEthernet0.200
     encapsulation dot1Q 200
     no ip route-cache
     bridge-group 200
     no bridge-group 200 source-learning
     bridge-group 200 spanning-disabled
    !
    interface FastEthernet0.201
     encapsulation dot1Q 201
     no ip route-cache
     bridge-group 201
     no bridge-group 201 source-learning
     bridge-group 201 spanning-disabled
    !
    interface BVI1
     ip address XXXXXXXXXXXXXXXXX 255.255.255.0
     no ip route-cache
    !
    ip http server
    ip http authentication local
    ip http secure-server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
    ip radius source-interface BVI1
    logging XXXXXXXXXXXXXXXXX
    radius-server attribute 32 include-in-access-req format %h
    radius-server host XXXXXXXXXXXXXXXXX auth-port 1645 acct-port 1646 key 7 XXXXXXXXXXXXXXXXX
    radius-server vsa send accounting
    bridge 1 route ip
    !
    !
    !
    line con 0
    line vty 0 4
     exec-timeout 20 0
     transport input telnet ssh
    !
    sntp server XXXXXXXXXXXXXXXXX
    end
    
    AP1130AG#
    Reply With Quote Quote  

  10. Junior Member Registered Member
    Join Date
    May 2013
    Posts
    3
    #9
    Quote Originally Posted by tiersten View Post
    Default password for the APs is Cisco with a capital C.
    Thanks man,
    May God Bless you !
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks