Friday, August 30, 2013

Brocade 7131 AP: Mesh Point-To-Point (P2P) Bridge Configuration

This was a slightly different configuration that the posts I have done before on point-to-point bridges between to APs.  I think I actually prefer this config better, as I had no problems with this config at all.  Below, you can see my line of sight from where my antenna was on my side (right on the outside wall from where I am) to the other side (in the top window in the left corner).  The trees would have posed a problem if they were directly in between, but as you can see, its a clear shot.  See below my configs for this mesh point-to-point bridge.

Portal Side:
! Configuration of BR7131 version 5.4.1.0-020R
!
!
version 2.1
!
!
ip access-list BROADCAST-MULTICAST-CONTROL
 permit tcp any any rule-precedence 10 rule-description "permit all TCP traffic"
 permit udp any eq 67 any eq dhcpc rule-precedence 11 rule-description "permit DHCP replies"
 deny udp any range 137 138 any range 137 138 rule-precedence 20 rule-description "deny windows netbios"
 deny ip any 224.0.0.0/4 rule-precedence 21 rule-description "deny IP multicast"
 deny ip any host 255.255.255.255 rule-precedence 22 rule-description "deny IP local broadcast"
 permit ip any any rule-precedence 100 rule-description "permit all IP traffic"
!
mac access-list PERMIT-ARP-AND-IPv4
 permit any any type ip rule-precedence 10 rule-description "permit all IPv4 traffic"
 permit any any type arp rule-precedence 20 rule-description "permit all ARP traffic"
!
firewall-policy default
 no ip dos tcp-sequence-past-window
 no stateful-packet-inspection-l2
!
!
mint-policy global-default
!
meshpoint-qos-policy default
!
wlan-qos-policy default
 qos trust dscp
 qos trust wmm
!
radio-qos-policy default
!
wlan none
 ssid none
 vlan 1
 bridging-mode tunnel
 encryption-type tkip
 authentication-type none
 no broadcast-ssid
 no answer-broadcast-probes
 wpa-wpa2 psk 0 Passkey
wireless-client count-per-radio 0
!
wlan turnonradio
 ssid turnonradio
 vlan 1
 bridging-mode tunnel
 encryption-type tkip
 authentication-type none
 no broadcast-ssid
 no answer-broadcast-probes
 wpa-wpa2 psk 0 Passkey
 wireless-client count-per-radio 0
!
smart-rf-policy mcx
 smart-ocs-monitoring meshpoint 5GHz MPACS
 smart-ocs-monitoring meshpoint 2.4GHz MPACS
!
!
management-policy default
 no http server
 https server
 ssh
 user admin password 1 4f88cdf3042d08b499b95e6954408123adfe65046bc95eee761ca0b631a2d433 role superuser access all
 no snmp-server manager v2
 snmp-server community 0 public ro
 snmp-server community 0 private rw
 snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
 snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
 banner motd Brocade Mobility Wireless
!
l2tpv3 policy default
!
profile br71xx default-br71xx
 bridge vlan 1
  bridging-mode tunnel
  ip igmp snooping
  ip igmp snooping querier
 bridge vlan 500
  bridging-mode tunnel
  ip igmp snooping
  ip igmp snooping querier
 autoinstall configuration
 autoinstall firmware
 crypto ikev1 policy ikev1-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ikev2 policy ikev2-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
 crypto ikev1 remote-vpn
 crypto ikev2 remote-vpn
 crypto auto-ipsec-secure
 interface radio1
  wlan none bss 1 primary
 interface radio2
  power 30
  placement outdoor
  mesh portal
  mesh psk 0 Passkey
  wlan turnonradio bss 1 primary
 interface radio3
 interface ge1
  switchport mode trunk
  switchport trunk native vlan 1
  no switchport trunk native tagged
  switchport trunk allowed vlan 1,500
  ip dhcp trust
  qos trust dscp
  qos trust 802.1p
 interface ge2
  ip dhcp trust
  qos trust dscp
  qos trust 802.1p
 interface vlan1
  ip address 192.168.1.4/24
  ip address zeroconf secondary
  ip dhcp client request options all
 interface wwan1
 interface pppoe1
 use firewall-policy default
 service pm sys-restart
 router ospf
!
rf-domain mcx
 location somewhere
 timezone Etc/GMT-6
 country-code us
!
br71xx 74-8E-F8-88-39-9C
 use profile default-br71xx
 use rf-domain mcx
 hostname PortalAP
 country-code us
 ip default-gateway 192.168.1.1
 interface radio1
  rf-mode 2.4GHz-wlan
  channel smart
  power smart
  data-rates default
  placement indoor
  no mesh
  mesh psk 0 default-mesh-psk
  no preamble-short
 interface radio2
  rf-mode 5GHz-wlan
  channel 60
  power 30
  placement outdoor
  mesh portal
  mesh psk 0 Passkey
  no preamble-short
  antenna-mode default
 interface ge1
 interface ge2
 interface vlan1
  ip address 192.168.1.4/24
 logging on
 logging console warnings
 logging buffered warnings
!
!
end

PortalAP#

========================================================================
Client Side:
! Configuration of BR7131 version 5.4.1.0-020R
!
!
version 2.1
!
!
ip access-list BROADCAST-MULTICAST-CONTROL
 permit tcp any any rule-precedence 10 rule-description "permit all TCP traffic"
 permit udp any eq 67 any eq dhcpc rule-precedence 11 rule-description "permit DHCP replies"
 deny udp any range 137 138 any range 137 138 rule-precedence 20 rule-description "deny windows netbios"
 deny ip any 224.0.0.0/4 rule-precedence 21 rule-description "deny IP multicast"
 deny ip any host 255.255.255.255 rule-precedence 22 rule-description "deny IP local broadcast"
 permit ip any any rule-precedence 100 rule-description "permit all IP traffic"
!
mac access-list PERMIT-ARP-AND-IPv4
 permit any any type ip rule-precedence 10 rule-description "permit all IPv4 traffic"
 permit any any type arp rule-precedence 20 rule-description "permit all ARP traffic"
!
firewall-policy default
 no ip dos tcp-sequence-past-window
 no stateful-packet-inspection-l2
!
!
mint-policy global-default
!
meshpoint-qos-policy default
!
wlan-qos-policy default
 qos trust dscp
 qos trust wmm
!
radio-qos-policy default
!
wlan turnonradio
 ssid turnonradio
 vlan 1
 bridging-mode tunnel
 encryption-type tkip
 authentication-type none
 no broadcast-ssid
 no answer-broadcast-probes
 wpa-wpa2 psk 0 Passkey
 wireless-client count-per-radio 0
!
smart-rf-policy mcx
 smart-ocs-monitoring meshpoint 5GHz MPBridge-Bridge
 smart-ocs-monitoring meshpoint 2.4GHz MPBridge-Bridge
!
!
management-policy default
 no http server
 https server
 ssh
 user admin password 1 6c6333d2e71a9d96b882955c615bde8a34a589307f522ee1652d7ddcd192fb1d role superuser access all
 no snmp-server manager v2
 snmp-server community 0 public ro
 snmp-server community 0 private rw
 snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
 snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
 banner motd Brocade Mobility Wireless
!
l2tpv3 policy default
!
profile br71xx default-br71xx
 bridge vlan 1
  bridging-mode tunnel
  ip igmp snooping
  ip igmp snooping querier
 bridge vlan 500
  bridging-mode tunnel
  ip igmp snooping
  ip igmp snooping querier
 autoinstall configuration
 autoinstall firmware
 crypto ikev1 policy ikev1-default 
  isakmp-proposal default encryption aes-256 group 2 hash sha 
 crypto ikev2 policy ikev2-default 
  isakmp-proposal default encryption aes-256 group 2 hash sha 
 crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
 crypto ikev1 remote-vpn
 crypto ikev2 remote-vpn
 crypto auto-ipsec-secure
 interface radio1
 interface radio2
  power 30
 mesh client
  mesh psk 0 Passkey
  wlan turnonradio bss 1 primary
 interface radio3
 interface ge1
  switchport mode trunk
  switchport trunk native vlan 1
  no switchport trunk native tagged
  switchport trunk allowed vlan 1,500
  ip dhcp trust
  qos trust dscp
  qos trust 802.1p
 interface ge2
  ip dhcp trust
  qos trust dscp
  qos trust 802.1p
 interface vlan1
  ip address 192.168.1.8/24
  ip address zeroconf secondary
  ip dhcp client request options all
 interface wwan1
 interface pppoe1
 use firewall-policy default
 service pm sys-restart
 router ospf
!
rf-domain mcx
 location somewhereelse
 timezone Etc/GMT-6
 country-code us
 use smart-rf-policy mcx
!
br71xx 74-8E-F8-88-34-CC
 use profile default-br71xx
 use rf-domain mcx
 hostname ClientAP
 country-code us
 ip default-gateway 192.168.1.1
 interface radio1
  rf-mode 2.4GHz-wlan
  channel smart
  power smart
  data-rates default
  placement indoor
no mesh
  mesh psk 0 default-mesh-psk
  no preamble-short
  antenna-mode default
 interface radio2
  rf-mode 5GHz-wlan
  channel 60
  power 27
  placement outdoor
  mesh client
  mesh psk 0 Passkey
 interface ge1
 interface ge2
 interface vlan1
  ip address 192.168.1.8/24
 logging on
 logging console warnings
 logging buffered warnings
!
!
end

ClientAP#  

2 comments:

  1. Forgive me but how is it Mesh-less if they are in Portal-Client mode?

    ReplyDelete
    Replies
    1. You are right. It is a mesh. Im going to change this now. Thanks for pointing that out.

      Delete

Your comment will be reviewed for approval. Thank you for submitting your comments.