3.06.2013

Example, Add Cisco AP to a netwrork.

I always set a scheduled reload of the remote device just-in-case there's a chance of breaking it (I'm still learning). 10 mins should give you enough time to implement your changes, test it and save it. Depending on the site and how many admins touch the device you could in theory leave your changes unsaved for a few days just to be sure, then get an onsite person to power cycle it if problems occur.


reload in 10
config t
# config the ssid and map it to a vlan, 1 per vlan.
dot11 ssid YOUR_SSID
vlan YOUR_VLAN
authentication open 
authentication key-management wpa
wpa-psk ascii 0 YOUR_PASSWORD
 
# assign encryption to ssid
interface Dot11Radio0
encryption vlan YOUR_VLAN mode ciphers aes-ccm
ssid YOUR_SSID
 
# config the sub interfaces for dot11 radio and ethernet
interface Dot11Radio0.YOUR_VLAN
 encapsulation dot1Q YOUR_VLAN
 no ip route-cache
 bridge-group YOUR_VLAN
 bridge-group YOUR_VLAN subscriber-loop-control
 bridge-group YOUR_VLAN block-unknown-source
 no bridge-group YOUR_VLAN source-learning
 no bridge-group YOUR_VLAN unicast-flooding
 bridge-group YOUR_VLAN spanning-disabled
 
interface FastEthernet0.YOUR_VLAN
 encapsulation dot1Q YOUR_VLAN
 no ip route-cache
 bridge-group YOUR_VLAN
 no bridge-group YOUR_VLAN source-learning
 bridge-group YOUR_VLAN spanning-disabled
 
# happy?
reload cancel
 
# not happy?
wait 10 mins
 
# want to undo some stuff manually? use the "no" form.
interface Dot11Radio0.YOUR_VLAN
interface FastEthernet0.YOUR_VLAN
 
# or
no bridge-group YOUR_VLAN subscriber-loop-control
 

There's great article here that talks about bridge groups and bvi.