Modern enterprise-grade wireless networks have the ability to provision multiple SSIDs on the same radios. This is very beneficial to support varying wireless requirements using the same physical infrastructure.
This is not a new concept, and has been around for quite some time. However, with the common practice by most wireless manufacturers to use a unique BSSID for every SSID, administrators often have to figure out which BSSID maps to each SSID when performing protocol analysis. This can get tricky at times, especially when SSIDs are not broadcast and client traffic is minimal. It may take a while for a protocol analyzer to capture a probe response or association response that includes the SSID. Manual verification of the BSSID can be quicker in some cases.
Cisco Autonomous BSSID Mapping
The older Cisco Autonomous access points gave administrators this capability, but with two slightly different configuration options. By default Autonomous access points supported multiple SSIDs overlaid on top of a single BSSID. This meant that only one beacon was sent out and supported all SSIDs configured on the radio. The restriction with this method was that only one of the SSIDs could be used in guest-mode, which was Cisco's terminology for broadcasting the SSID. It also made supporting different capabilities between SSIDs more difficult, since there was reliance on the client to perform active scanning and be able to correctly interpret differences between the beacon information and probe response information, if different.
The second option was to enable multiple-BSSID, which then created a unique BSSID for every SSID created on the radio. Additionally, since beacons are sent for every BSSID, SSID broadcasting could be configured independently for each. Enable multiple-BSSID globally with the command: dot11 mbssid, or on individual radios with the command: mbssid.
To view Autonomous BSSID mappings for either scenario, issue the following command:
show dot11 bssid
AP01#sh dot11 bssid
Interface BSSID Guest SSID
Dot11Radio1 001c.0ed1.ac80 No bridge
Dot11Radio1 001c.0ed1.ac80 No wgb
Dot11Radio0 001c.0ed5.ac70 No ccie
Cisco Unified BSSID Mapping
The newer Cisco Unified wireless network only allows one option, using multiple BSSIDs. Beacons are sent out for each SSID, and each can support varying capabilities.
To view Unified BSSID mappings using the controller, issue the following command:
show ap wlan { 802.11a | 802.11b } ap-name
(Cisco Controller) >show ap wlan 802.11a OFFICEAP01
Site Name........................................ voicepilot
Site Description................................. Voice Pilot Floor
WLAN ID Interface BSSID
-------- ----------- --------------------------
1 vlan102 b4:a4:e3:59:be:af
2 vlan103 b4:a4:e3:59:be:ae
4 vlan104 b4:a4:e3:59:be:ac
6 vlan105 b4:a4:e3:59:be:ab
To view Unified BSSID mappings from the access point, issue the following command:
show controllers Dot11Radio { 0 | 1 }
Vlan BSSID Clients PSP Pri HT Encr Key0 Key1 Key2 Key3 SSIDs MFP
0n BEAF 0 0 0 0 0 0
1 BEAF 0 1 7 3 2 204 x128 corp_ssid 0
2 BEAE 1 0 0 3 2 224 x128 guest_ssid 0
4 BEAC 3 0 0 3 2 204 x128 handhelds 0
5 BEAB 4 2 4 6 0 24 x128 voice 0
This should help you make sense of all these BSSIDs you now support!
Cheers,
Andrew
Other Posts You Might Like:
No comments:
Post a Comment