用于思科Aironet无线接入点的思科IOS软件配置指南

AnyConnect：使用CLI为Cisco IOS路由器头端配置基本SSL VPN简介目录简介先决条件要求使用的组件背景信息不同IOS版本的许可信息显着的软件增强功能配置步骤1.确认许可证已启用步骤2.在路由器上上传和安装AnyConnect安全移动客户端软件包步骤3.生成RSA密钥对和自签名证书步骤4.配置本地VPN用户帐户步骤5.定义客户端使用的地址池和拆分隧道访问列表步骤6.配置虚拟模板接口(VTI)步骤7.配置WebVPN网关步骤8.配置WebVPN环境和组策略第9步（可选）配置客户端配置文件验证故障排除相关信息本文档介绍Cisco IOS®路由器作为AnyConnect安全套接字层VPN(SSL VPN)头端的基本配置。

先决条件要求Cisco 建议您了解以下主题：Cisco IOSqAnyConnect 安全移动客户端q常规SSL操作q使用的组件本文档中的信息基于以下软件和硬件版本：运行15.3(3)M5的思科892W路由器qAnyConnect安全移动客户端3.1.08009q本文档中的信息都是基于特定实验室环境中的设备编写的。

本文档中使用的所有设备最初均采用原始（默认）配置。

如果您的网络处于活动状态，请确保您了解所有命令的潜在影响。

背景信息不同IOS版本的许可信息无论使用哪个Cisco IOS版本，使用SSL VPN功能都需要securityk9功能集。

qCisco IOS 12.x - SSL VPN功能集成到以12.4(6)T开头的所有12.x映像中，这些映像至少具有安q全许可证(即advsecurityk9、adventerprisek9等)。

Cisco IOS 15.0 — 早期版本要求在路由器上安装LIC文件，该文件允许10、25或100个用户连q接。

使用权*许可证在15.0(1)M4中实施Cisco IOS 15.1 — 早期版本要求在路由器上安装LIC文件，该文件允许10、25或100个用户连q接。

用于思科Aironet无线接入点的思科IOS软件配置指南适用于思科IOS发行版本12.4（3g）JA和12.3（8）JEB2007年4月Robur Pace译于2010年3月谨以此译本献给Yuanyuan Ma。

没有你的鼓励，我难以完成这些工作。

感谢James Wang给我最无私的支持，你是我坚实的后盾。

<Cisco IOS Software Configuration Guide for Cisco Aironet Access Points>为Cisco Systems™公司的出版物，一切权利归Cisco Systems™公司所有。

第一章纵览（25）客户端设备漫游如果你的无线网络设备超过一台，无限客户端可以从一台设备无缝地漫游到另一台。

漫游是基于信号质量的，与物理距离无关。

当客户端的信号质量变差，它将漫游到另一台设备。

无线网络用户有时会担心客户端设备保持与远距离的AP关联，而不是漫游到更近的AP。

然而，如果客户端到远距离AP的信号仍然很强并且信号质量很高，客户端不会漫游到更近的AP。

经常性地检查临近的AP是不可能的，而且额外的无线流量会降低无线网络的吞吐量。

使用CCKM，并且设备提供WDS，客户端设备可以从一个AP快速漫游到另一个AP，并且不会对语音或者其他延迟敏感应用产生可察觉的延迟。

根AP（Root Access Point）一台AP直接连接到有线网络为无线客户提供接入。

如果超过一台AP接入有线网络，用户可以从一台设备的覆盖区域漫游到另一个而不会丢失网络连接。

当用户移出了AP的覆盖范围，他们会自动通过另一台AP连接到网络。

漫游过程对于用户来说是无缝且透明的。

中继AP（Repeater Access Point）一台AP被配置为中继以扩展基你的础设施的覆盖范围或者用来克服障碍物阻挡无线信号。

中继通过向任意其他中继或连接到网络的AP发送数据包，在客户端和有线网络之间转发流量。

数据通过对客户端性能最佳的路径传送。

Apple iOS 版 Cisco AnyConnect 安全移动客户端 4.0.x 版本说明Apple iOS版AnyConnect版本说明2Apple iOS移动设备版AnyConnect2可用于Apple iOS的AnyConnect版本2支持的Apple iOS设备3在Apple iOS上升级AnyConnect4Apple iOS版AnyConnect4.0.07x的新功能5Apple iOS版旧版AnyConnect4.0.05x的新功能6Apple iOS版AnyConnect功能表11自适应安全设备要求14其他思科头端支持14已知问题和限制15AnyConnect Mobile相关文档21Revised: October 26, 2017,Apple iOS版 AnyConnect 版本说明Apple iOS 移动设备版 AnyConnectAnyConnect安全移动客户端为远程用户提供与思科ASA5500系列的安全VPN连接。

通过该客户端，用户能够无缝、安全地远程访问企业网络，使安装的应用可如同直接连接到企业网络一般进行通信。

AnyConnect支持通过IPv4或IPv6隧道连接到IPv4和IPv6资源。

本文档适用于AnyConnect安全移动客户端和自适应安全设备(ASA)5500的管理员，为思科AnyConnect安全移动客户端管理员指南，版本4.0提供补充，并为Apple iOS设备上运行的AnyConnect提供版本特定的信息。

该AnyConnect应用仅在Apple iTunes App Store中提供。

思科不分发AnyConnect移动版应用，您也不能从ASA部署该移动应用，但是，您可以从ASA为桌面设备部署其他版本的AnyConnect，并同时支持此移动版本。

AnyConnect 移动版支持策略思科支持应用商店当前提供的AnyConnect版本；但是，修复和增强功能仅在最新发行的版本中提供。

Ordering GuideCisco Aironet 1300 Series Outdoor Access Point or BridgeThe Cisco® Aironet® 1300 Series Outdoor Access Point or Bridge is available with the following choices:●Operating autonomously or with a Cisco wireless LAN controller as part of a unified architecture●With a 13-dBi integrated antenna or with RP-TNC connectors for an externally attached antenna●For the FCC, ETSI, or TELEC regulatory domainsTwelve versions are available for different combinations of these options:●Cisco Aironet 1310 Outdoor Access Point/Bridge with 13-dBi integrated antenna, FCC config●Cisco Aironet 1310 Outdoor Access Point/Bridge with 13-dBi integrated antenna, ETSI config●Cisco Aironet 1310 Outdoor Access Point/Bridge with 13-dBi integrated antenna, TELEC config●Cisco Aironet 1310 Outdoor Access Point/Bridge with RP-TNC type Connectors, FCC config●Cisco Aironet 1310 Outdoor Access Point/Bridge with RP-TNC type Connectors, ETSI config●Cisco Aironet 1310 Outdoor Access Point/Bridge with RP-TNC type Connectors, TELEC config●Cisco Aironet 1310 LWAPP Outdoor Access Point with 13-dBi integrated antenna, FCC config●Cisco Aironet 1310 LWAPP Outdoor Access Point with 13-dBi integrated antenna, ETSI config●Cisco Aironet 1310 LWAPP Outdoor Access Point with 13-dBi integrated antenna, TELEC config●Cisco Aironet 1310 LWAPP Outdoor Access Point with RP-TNC type connectors, FCC config●Cisco Aironet 1310 LWAPP Outdoor Access Point with RP-TNC type connectors, ETSI config●Cisco Aironet 1310 LWAPP Outdoor Access Point with RP-TNC type connectors, TELEC configA Cisco Aironet 1300 Series device operating autonomously is an intelligent access point or bridge, capable of functioning as a standalone device. As an LWAPP access point, the Cisco Aironet 1300 Series works along with the Cisco wireless LAN controller to enable centralized configuration and management, application of security policies, and seamless mobility. When operating with wireless LAN controllers, Cisco Aironet 1300 Series Outdoor Access Points/Bridges function only as access points and are not capable of bridging.The integrated antenna versions feature a radio and high-gain patch antenna for user installations of either point-to-point links or non-root nodes of point-to-multipoint networks. The connectorized versions provide professional installers with RP-TNC type connectors that allow the deployment of nodes with omnidirectional, sector, or high-gain dish antennas for longer links. In all cases, the mounting kit must be ordered separately.All parts, along with accessories such as the Roof Mount Kit, Wall Mount Kit, cable, antennas, and power supplies, are available on the Cisco Systems® global and wholesale price lists.Cisco Aironet 1300 Series Outdoor Access Point or Bridge with 13-dBi Integrated AntennaThe Cisco Aironet 1300 Series Outdoor Access Point or Bridge features an 802.11g 2.4-GHz radio, which supports data rates up to 54 Mbps. With this option, a 13-dBi patch antenna is integrated into the ruggedized enclosure (Table 1).Table 1. Cisco Aironet 1300 Series Outdoor Access Point or Bridge with Integrated Antenna Product Number Product DescriptionAIR-BR1310G-A-K9 (FCC regulatory domain) AIR-BR1310G-E-K9 (EMEA regulatory domain) AIR-BR1310G-J-K9 (TELEC regulatory domain) ●Cisco Aironet 1300 Series Outdoor Access Point or Bridge with integrated patch antenna ●Cisco IOS® Software●Ships with:◦Power cord (configurable)◦100 to 240 VAC power supply (AIR-PWR-A=) providing 48 VDC to the power injector ◦48 VDC power injector (AIR-PWRINJ-BLR2=)◦1-ft dual RG-6 cable assembly (Ethernet uplink from power injector)●Roof Mount Kit available separately (AIR-ACCRMK1300=)●12 to 40 VDC power injector (AIR-PWRINJ-BLR2T=) for use with DC power supply installations available separatelyAIR-LAP1310G-A-K9 (FCC regulatory domain) AIR-LAP1310G-E-K9 (EMEA regulatory domain) AIR-LAP1310G-J-K9 (TELEC regulatory domain) ●Cisco Aironet 1300 Series Outdoor Access Point with integrated patch antenna●Cisco Lightweight Access Point Protocol●Ships with:◦Power cord (configurable)◦100 to 240 VAC power supply (AIR-PWR-A=) providing 48 VDC to the power injector ◦48 VDC power injector (AIR-PWRINJ-BLR2=)◦1-ft dual RG-6 cable assembly (Ethernet uplink from power injector)●Roof Mount Kit available separately (AIR-ACCRMK1300=)●12 to 40 VDC power Injector (AIR-PWRINJ-BLR2T=) for use with DC power supply installations available separatelyCisco Aironet 1300 Series Outdoor Access Point/Bridge with RP-TNC Type ConnectorsA connectorized version of the Cisco Aironet 1300 Series Outdoor Access Point or Bridge provides professional installers with RP-TNC type connectors that allow the deployment of nodes with omnidirectional, sector, or high-gain dish antennas for custom installations (Table 2).Table 2. Cisco Aironet 1300 Series Outdoor Access Point/Bridge with RP-TNC Type ConnectorsProduct Number Product DescriptionAIR-BR1310G-A-K9-R (FCC regulatory domain) AIR-BR1310G-E-K9-R (EMEA regulatory domain) AIR-BR1310G-J-K9-R (TELEC regulatory domain) ●Cisco Aironet 1300 Series Outdoor Access Point or Bridge with RP-TNC type connector ●Cisco IOS Software●Ships with:◦Power cord (configurable)◦100 to 240 VAC power supply (AIR-PWR-A=) providing 48 VDC to the power injector ◦48 VDC power injector (AIR-PWRINJ-BLR2=)◦1-ft dual RG-6 cable assembly (Ethernet uplink from power injector)●Roof Mount Kit (AIR-ACCRMK1300=) and Wall Mount Kit (AIR-ACCWAMK1300=) available separately●Optional 5-ft, 2.4-GHz RF jumper cable available separately●Antennas available separatelyAIR-LAP1310G-A-K9R (FCC regulatory domain) AIR-LAP1310G-E-K9R (EMEA regulatory domain) AIR-LAP1310G-J-K9R (TELEC regulatory domain) ●Cisco Aironet 1300 Series Outdoor Access Point with RP-TNC type connector●Cisco Lightweight Access Point Protocol●Ships with:◦Power cord (configurable)◦100 to 240 VAC power supply (AIR-PWR-A=) providing 48 VDC to the power injector ◦48 VDC power injector (AIR-PWRINJ-BLR2=)◦1-ft dual RG-6 cable assembly (Ethernet uplink from power injector)●Roof Mount Kit (AIR-ACCRMK1300=) and Wall Mount Kit (AIR-ACCWAMK1300=) available separately●Optional 5-ft, 2.4-GHz RF jumper cable available separately●Antennas available separatelyAIR_BR1310G-A-K9-T(FCC regulatory domain for Transportation) ●Ships with:◦12 to 40 VDC power injector (AIR-PWRINJ-BLR2T=) for use with DC power supply installations◦1-ft dual RG-6 cable assembly (Ethernet uplink from power injector)◦Threaded power connectorSoftware OptionsCisco Aironet 1300 Series devices can be ordered as an autonomous access point or bridge (AIR-BR1310G-x-K9 or AIR-BR1310G-x-K9 R). Alternatively, you can order an LWAPP-based version that works along with Cisco wireless LAN controllers (AIR-LAP1310G-x-K9 orAIR-LAP1310AG-x-K9R). When you order an autonomous Cisco Aironet 1300 Series device, you must select the software image as part of the configuration. When you order an LWAPP-based Cisco Aironet 1300 Series device, no software need be specified because this is managed by the controller.Mounting Kits for Cisco Aironet 1300 Series Outdoor Access Point/BridgesA Roof Mount Kit is available for use with the Cisco Aironet 1300 Series Outdoor Access Point or Bridge (integrated antenna and connectorized versions). A Wall Mount Kit is available for use with the Cisco Aironet 1300 Series Outdoor Access Point or Bridge with the RP-TNC type connector. The Wall Mount Kit is for indoor use only. These kits must be ordered separately (Table 3).Table 3. Mounting Kits for Cisco Aironet 1300 Series Outdoor Access Point or BridgeProduct Number Product DescriptionAIR-ACCWAMK1300= ●Cisco Aironet 1300 Series Wall Mount Kit for use with AIR-BR1310G-x-K9-R or AIR-LAP1310G-x-K9R●Kit includes:◦Wall-mount bracket◦Mounting hardware◦1-ft, dual RG-59 cable assembly (Ethernet uplink from power injector)AIR-ACCRMK1300= ●Cisco Aironet 1300 Series Roof Mount Kit for use with AIR-BR1310G-x-K9, AIR-BR1310G-x-K9-R, AIR-LAP1310G-x-K9, or AIR-LAP1310G-x-K9R●Kit includes:◦Roof-mount mast (pole and mounting base)◦Multifunction mount (allows mounting to roof-mount mast, or directly to a wall)◦Mounting hardware◦20-ft dual RG-6 cable assembly with F-Type connectors◦50-ft dual RG-6 cable assembly with F-Type connectors◦Coaxial sealant◦One Cisco Aironet grounding block◦Grounding lug◦Anticorrosion gel◦U-bolts◦Optional 100-ft dual RG-6 cable available separatelyAntennas for Cisco Aironet 1300 Series Outdoor Access Point or Bridge with RP-TNC Type ConnectorsThe Cisco Aironet 1300 Series Outdoor Access Point or Bridge with RP-TNC type connectors is certified to operate with the complete range of Cisco 2.4-GHz antennas listed in Table 4. Note that some high-gain antennas are applicable only for the Cisco Aironet 1300 Series operating as a bridge. Because of this, and because the LWAPP-based Cisco Aironet 1300 Series operates only as an access point, these antennas are not supported by Cisco wireless LAN controllers or in the Cisco Wireless Control Software (WCS). The antennas that are not supported by wireless LAN controllers or WCS are marked by an asterisk in Table 4.Antennas must be ordered separately.Table 4. Antennas for the Cisco Aironet 1300 Series Outdoor Access Point or Bridge with RP-TNC Type ConnectorProduct Number Product DescriptionAIR-ANT2414S-R* Cisco Aironet 2.4-GHz, 14-dBi sector antennaAIR-ANT2506 Cisco Aironet 2.4-GHz, 5.2-dBi omnidirectional mast-mount antennaAIR-ANT24120* Cisco Aironet 2.4-GHz, 12-dBi omnidirectional mast-mount antennaProduct Number Product DescriptionAIR-ANT1949* Cisco Aironet 2.4-GHz, 13.5-dBi Yagi antennaAIR-ANT2410Y-R Cisco Aironet 2.4-GHz , 10-dBi Yagi antennaAIR-ANT3338* Cisco Aironet 2.4-GHz, 21-dBi dish antennaAIR-ANT3549 Cisco Aironet 2.4-GHz, 9-dBi patch antenna* This antenna is not supported by the wireless LAN controllers or by WCSOptional Cables for Cisco Aironet 1300 Series Outdoor Access Point or Bridge Additional cables are available for use with 2.4-GHz antennas (Table 5).Table 5. Optional Cables for Cisco Aironet 1300 Series Outdoor Access Point or BridgeProduct Number Product DescriptionAIR-CAB005LL-R Cisco Aironet 5-ft, low-loss, 2.4-GHz RF cable with RP-TNC connectorsAIR-CAB020LL-R 20-ft low loss cable assembly with RP-TNC connectorsAIR-CAB050LL-R 50 ft low loss cable assembly with RP-TNC connectorsAIR-CAB100ULL-R 100 ft ultra low loss cable assembly with RP-TNC connectors。

cisco无线路由器设置步骤cisco无线路由器设置步骤是什么，怎么设置?店铺整理了相关资料，给大家介绍。

有需要学习的同学可参考参考。

cisco无线路由器设置步骤一、思科路由器的简介所有思科路由器配置的IOS都是一个嵌入式软件体系结构。

和普通计算机一样，路由器也需要一个操作系统，思科把这个操作系统叫作思科互联网络操作系统，也就是我们知道的IOS。

思科IOS软件提供以下网络服务：可扩展的网络结构、基本的路由和交换功能、可靠和安全的访问网络资源。

思科命令行界面(CLI)用一个分等级的结构，这个结构需要在不同的模式下来完成特定的任务。

例如配置一个路由器的接口，用户就必须进入到路由器的接口配置模式下，所有的配置都只会应用到这个接口上。

每一个不同的配置模式都会有特定的命令提示符。

EXEC为IOS软件提供一个命令解释服务，当每一个命令键入后EXEC便会执行该命令。

二、思科路由器的配置在第一次进行思科路由器配置的时候，我们需要从console端口来进行配置。

以下就是如何连接到控制端口及设置虚拟终端程序的方法：(1)使用rollover线和一个RJ45和DB9或者DB25的转换适配器连接路由器控制端口和终端计算机。

如何连接到思科路由器的控制端口：控制端口(consoleport)和辅助端口(AUXport)是思科路由器的两个管理端口，这两个端口都可以在第一次进行思科路由器配置时使用，但是我们一般都推荐使用控制端口，因为并不是所有的路由器都会有AUX端口。

(2)当路由器第一次启动时，默认的情况下是没有网络参数的，路由器不能与任何网络进行通信。

所以我们需要一个RS-232ASCLL终端或者计算机仿真ASCLL终端与控制端口进行连接。

(3)连接到CONSOLE端口的方法连接线缆：连接到console端口我们需要一根rollover线缆和RJ-45转DB-9的适配器。

一般在思科路由器的产品附件中我们可以见到。

无线路由器终端仿真软件：PC或者终端必须支持VT100仿真终端，通常我们在WindowsOS环境下都使用的是HyperTerminal软件。

实验–使用IOSCLI配置基本路由器设置介绍在网络中，路由器是重要的网络设备之一，用于将数据包从一个网络转发到另一个网络。

配置路由器是网络管理员的一个重要任务之一。

本文将介绍如何使用IOSCLI（Cisco Internetwork Operating System Command Line Interface）配置基本路由器设置。

实验环境•一台运行IOS操作系统的路由器•一台连接路由器的计算机•编辑器（例如Notepad ++）•控制台连接（例如Tera Term）步骤连接到路由器1.使用控制台线缆将计算机连接到路由器的控制台端口。

2.打开控制台连接程序，例如Tera Term，选择正确的串口并打开连接。

3.在串口连接窗口中，以默认配置连接到路由器。

进入特权模式1.在路由器登录提示符下，输入用户名和密码进行身份验证。

2.输入enable命令进入特权模式。

进入全局配置模式1.在特权模式下，输入configure terminal命令进入全局配置模式。

创建主机名1.在全局配置模式下，输入hostname <hostname>命令，将路由器的主机名设置为给定的主机名。

配置管理IP地址1.在全局配置模式下，输入interface <interface>命令，选择要配置的接口。

2.输入ip address <ip-address> <subnet-mask>命令，为接口分配一个管理IP地址和子网掩码。

3.输入no shutdown命令，启用接口。

配置默认网关1.在全局配置模式下，输入ip route 0.0.0.00.0.0.0 <next-hop>命令，将默认路由设置为给定的下一跳地址。

保存配置1.输入exit命令返回特权模式。

2.输入write memory命令保存配置。

结论本文介绍了如何使用IOSCLI配置基本的路由器设置。

通过按照上述步骤连接到路由器、进入特权模式、进入全局配置模式、创建主机名、配置管理IP地址、配置默认网关和保存配置，您可以成功配置基本路由器设置。

Data SheetCisco Aironet 1130AG Series IEEE 802.11A/B/GAccess PointLow-profile enterprise-class access point with integrated antennas for easy deployment in offices and similar RF environments.Product OverviewCisco® Aironet® 1130AG Series IEEE 802.11a/b/g access points provide high-capacity, high-security, enterprise-class features in an unobtrusive, office-class design, delivering WLAN access with the lowest total cost of ownership. With high-performing dual IEEE 802.11a and 802.11g radios, the Cisco Aironet 1130AG Series provides a combined capacity of up to 108 Mbps to meet the needs of growing WLANs. Hardware-assisted Advanced Encryption Standard (AES) or temporal key integrity protocol (TKIP) encryption provides uncompromised support for interoperable IEEE 802.11i, Wi-Fi Protected Access 2 (WPA2) or WPA security. The Cisco Aironet 1130AG Series uses radio and network management features for simplified deployment, along with built-in omnidirectional antennas that provide robust and predictable WLAN coverage for offices and similar RF environments. The competitively priced Cisco Aironet 1130AG Series is ready to install and easy to manage, reducing the cost of deployment and ongoing maintenance.The Cisco Aironet 1130AG Series is available in two versions: unified or autonomous. Unified access points operate with the Lightweight Access Point Protocol (LWAPP) and work in conjunction with Cisco wireless LAN controllers and the Cisco Wireless Control System (WCS). When configured with LWAPP, the Cisco Aironet 1130AG Series can automatically detect the best-available Cisco wireless LAN controller and download appropriate policies and configuration information with no manual intervention. Autonomous access points are based on Cisco IOS® Software and may optionally operate with the CiscoWorks Wireless LAN Solution Engine (WLSE). Autonomous access points, along with the CiscoWorks WLSE, deliver a core set of features and may be field-upgraded to take advantage of the full benefits of the Cisco Unified Wireless Network as requirements evolve.The Cisco Aironet 1130AG Series delivers optimal value for offices and similar environments. Built-in antennas provide omnidirectional coverage specifically designed for today’s open workspaces. A multipurpose mounting bracket easily secures Cisco Aironet 1130AG Series access points to ceilings and walls. With an unobtrusive design, Cisco Aironet 1130AG Series access points are aesthetically pleasing and blend into their environments. Formaximum concealment, the access point may be placed above ceilings or suspended ceilings. The UL 2043 rating of the Cisco Aironet 1130AG Series allows the access point to be placed above ceilings in plenum areas regulated by municipal fire codes. Offered at a competitive price, and optimized for easy installation and operation, the Cisco Aironet 1130AG Series helps organizations attain a lower total cost of ownership.ApplicationsIn offices and similarly open environments, Cisco Aironet 1130AG Series access points may be installed on the ceiling to provide users with continuous coverage as they roam throughout a facility. In school buildings and similar facilities, the access points may be installed on the ceiling of each room and hallway to provide users with full coverage and high network availability. In areas where a ceiling installation may not be practical such as retail hotspots or similar small facilities, the access points can be mounted simply and securely on walls for complete coverage with minimal installation cost.Award-Winning SecurityThe Cisco Aironet 1130AG Series has achieved National Institute of Standards and Technology (NIST) FIPS 140-2 level 2 validation and is in process for Information Assurance validation under the National Information Assurance Partnership (NIAP) Common Criteria program. The Cisco Aironet 1130AG Series supports 802.11i, Wi-Fi Protected Access (WPA), WPA2, and numerous Extensible Authentication Protocol (EAP) types. WPA and WPA2 are the Wi-Fi Alliance certifications for interoperable, standards-based WLAN security. These certifications support IEEE 802.1X for user-based authentication, Temporal Key Integrity Protocol (TKIP) for WPA encryption, and Advanced Encryption Standard (AES) for WPA2 encryption. These certifications help to ensure interoperability between Wi-Fi-certified WLAN devices from different manufacturers.The Cisco Aironet 1130AG Series hardware-accelerated AES encryption supports enterprise-class, government-grade secure encryption over the WLAN without compromising performance. IEEE 802.1X authentication helps to ensure that only authorized users are allowed on the network. Backward compatibility and support for WPA client devices running TKIP, the RC4 encryption algorithm, is also supported by the Cisco Aironet 1130AG Series.Cisco Aironet 1130AG Series Access Points operating with LWAPP support Cisco Unified Intrusion Detection System/Intrusion Prevention System (IDS/IPS), a software feature that is part of the Cisco Self-Defending Network and is the industry’s first integrated wired and wireless security solution. Cisco Unified IDS/IPS takes a comprehensive approach to security—at the wireless edge, wired edge, WAN edge, and through the data center. When an associated client sends malicious traffic through the Cisco Unified Wireless Network, a Cisco wired IDS device detects the attack and sends shun requests to Cisco wireless LAN controllers, which will then disassociate the client device.Autonomous or unified Cisco Aironet 1130AG Series Access Points support management frame protection for the authentication of 802.11 management frames by the wireless network infrastructure. This allows the network to detect spoofed frames from access points or malicious users impersonating infrastructure access points. If an access point detects a malicious attack, an incident will be generated by the access point and reports will be gathered on the Cisco wireless LAN controller, Cisco WCS, or CiscoWorks WLSE.Features and BenefitsTable 1 lists features and benefits of Cisco Aironet 1130AG Series access points.Table 1. Features and Benefits of Cisco Aironet 1130AG Series Access PointsFeature BenefitDual 802.11a and 802.11g Radios ●Provides up to 108 Mbps of capacity in a single device for industry-leading capacity and backward compatibility with legacy 802.11b clients.Feature BenefitSupports 15 Nonoverlapping Channels ●Lower potential interference with neighboring access points simplifies deployment ●Fewer transmission errors deliver greater throughputIndustry-Leading Radio Design ●Provides robust signals to long distances●Mitigates the effects of multipath signal propagation for more consistent coverageVariable Transmit Power Settings ●Allows access point coverage to be tuned for differing requirements●Low—dBm setting supports closer spacing of access points in high-density deploymentsIntegrated Antennas ●Complete system is deployable out of the box without external antennas●Specifically designed to provide omnidirectional coverage for offices and similar radio frequency environments Hardware-Assisted AESEncryption●Provides high security without performance degradationCisco Unified IDS/IPS ●This integrated software feature is part of the Cisco Self-Defending Network and is the industry’s firstintegrated wired and wireless security solution. When a trusted client acts maliciously, the wired IDS detectsthe attack and sends shun requests to Cisco WLAN controllers, which will then disassociate the client device. Management Frame Protection ●This feature provides for the authentication of 802.11 management frames by the wireless networkinfrastructure. This allows the network to detect spoofed frames from access points or malicious usersimpersonating infrastructure access points. If an access point detects a malicious attack, an incident will begenerated by the access points and reports will be gathered on the Cisco wireless LAN controller, Cisco WCS,or CiscoWorks WLSE.IEEE 802.11i-Compliant; WPA2-Certified and WPA-Certified●Helps to ensure interoperable security with wireless LAN client devices from other manufacturersLow-Profile Design ●Unobtrusive design blends in to environment●“Quiet” LED does not draw attention to it when operating normally and no action is requiredMultipurpose and Lockable Mounting Bracket ●Installs easily to walls, ceilings, and suspended ceiling railways ●Accommodates standard padlock to prevent theftInline Power Support (IEEE 802.3af and Cisco Inline Power) ●Provides an interoperable alternative to AC power●Simplifies deployment by allowing power to be supplied over the Ethernet cable ●Compatible with 802.3af-compliant power sourcesCisco Green Bulk Packaging To reduce product packaging and preserve the environment, the Cisco Aironet 1130 Series may be ordered in abulk package that includes 10 access points and 10 mounting kits.Summary/ConclusionThe Cisco Aironet 1130AG Series provides the ideal enterprise access point for offices and similar environments. With two high-performance radios, these access points provide simultaneous support for the 802.11a and 802.11g standards, offering 108 Mbps of capacity for your growing WLAN. Incorporating AES encryption in hardware, the Cisco Aironet 1130AG Series complies with the 802.11i security standard and is WPA2-certified, helping to assure that your network employs the strongest security available while maintaining interoperability with products from other manufacturers. Additional design features, including diversity antennas with omnidirectional coverage and an unobtrusive form factor, along with an attractive price, provide low total cost of ownership.For office environments, the Cisco Aironet 1130AG Series is a cost-compelling solution for a high-capacity, high-security, enterprise-class WLAN.Product SpecificationsTable 2 lists the product specifications for Cisco Aironet 1130AG access points.Table 2. Product Specifications for Cisco Aironet 1130AG Access Points Item SpecificationPart Number for Individual Access Points●AIR-AP1131AG-x-K9 (Cisco IOS Software)●AIR-LAP1131AG-x-K9 (Cisco Unified Wireless Network Software)Note: The Cisco Aironet 1130AG Series may be ordered with Cisco IOS Software to operate as an autonomous AP with Cisco Unified Wireless Network Software using LWAPP. When the 1130AG is operating as a lightweight AP a WLAN controller is required.●Regulatory Domains: (x = Regulatory Domain)●A = FCC●C = China●E = ETSI●I = Israel●J = TELEC (Japan)●K = Korea●N = North America (Excluding FCC)●P = Japan2●S = Singapore●T = TaiwanCustomers are responsible for verifying approval for use in their individual countries. To verify approval and to identify the regulatory domain that corresponds to a particular country please visit:/go/aironet/complianceNot all regulatory domains have been approved. As they are approved, the part numbers will be available on the Global Price List.Part Number for Cisco Green Bulk Packaging●AIR-AP1131-x-K9-10 (Cisco IOS Software)●AIR-LAP1131-xK9-10 (Cisco Unified Wireless Network Software)Note: The Cisco Aironet 1130AG Series may be ordered with Cisco IOS Software to operate as an autonomous AP with Cisco Unified Wireless Network Software using LWAPP. When the 1130AG is operating as a lightweight AP a WLAN controller is required.●Regulatory Domains: (x = Regulatory Domain)●A = FCC●E = ETSI●Customers are responsible for verifying approval for use in their individual countries. To verify approval and toidentify the regulatory domain that corresponds to a particular country please visit:/go/aironet/complianceSoftware ●Cisco IOS Software Release 12.3(8)JA or later (autonomous).●Cisco IOS Software Release 12.3(11)JX or later (Lightweight Mode).●Cisco Unified Wireless Network Software Release 4.0 or later. Data Rates Supported ●802.11a: 6, 9, 12, 18, 24, 36, 48, and 54 Mbps●802.11g: 1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, and 54 Mbps Network Standard IEEE 802.11a, 802.11b, and 802.11gUplink Autosensing 802.3 10/100BASE-T EthernetFrequency Band and Operating Channels Americas (FCC)●2.412 to 2.462 GHz; 11 channels●5.15 to 5.35, 5.725 to 5.825 GHz; 12 channelsChina●2.412 to 2.472 GHz; 13 channels●5.725 to 5.825 GHz; 4 channelsETSI●2.412 to 2.472 GHz; 13 channels●5.15 to 5.725 GHz; 19 channelsIsrael●2.432 to 2.472 GHz; 9 channels●5.15 to 5.35 GHz, 8 channelsJapan (TELEC)●2.412 to 2.472 GHz; 13 channels Orthogonal Frequency Division Multiplexing (OFDM) ●2.412 to 2.484 GHz; 14 channels Complementary Code Keying (CCK)●5.15 to 5.25 GHz; 4 channelsJapan–P (TELEC 2 (Japan2) Cnfg)●2.412 to 2.472 GHz; 13 channels Orthogonal Frequency Division Multiplexing (OFDM) ●2.412 to 2.484 GHz; 14 channels Complementary Code Keying (CCK)●5.15 to 5.35 GHz, 8 channelsJapan-Q●2.412 to 2.472 GHz; 13 channels Orthogonal Frequency Division Multiplexing (OFDM)●2.412 to 2.484 GHz; 14 channels Complementary Code Keying (CCK)●5.15 to 5.35 GHz, 8 channels●5.470 to 5.725 GHz, 11 channelsKorea●2.412 to 2.472 GHz; 13 channels●5.15 to 5.35, 5.46 to 5.72, 5.725 to 5.825, 19 channelsNorth America●2.412 to 2.462 GHz; 11 channels●5.15 to 5.35, 5.725 to 5.825 GHz; 12 channelsSingapore●2.412 to 2.472 GHz, 13 channels●5.15 to 5.35 GHz, 8 channels and 5.725 to 5.825 GHz, 12 channelsTaiwan●2.412 to 2.462 GHz, 11 channels●5.25-5.35 GHz, 5.725 to 5.825, 7 channelsNonoverlapping Channels 802.11a: Up to 19 802.11b/g: 3Receive Sensitivity (Typical) 802.11a:6 Mbps: -87 dBm9 Mbps: -86 dBm12 Mbps: -85 dBm18 Mbps: -84 dBm24 Mbps: -80 dBm36 Mbps: -78 dBm48 Mbps: -73 dBm54 Mbps: -71 dBm 802.11g:1 Mbps: -93 dBm2 Mbps: -91 dBm5.5 Mbps: -88 dBm6 Mbps: -86 dBm 9 Mbps: -85 dBm11 Mbps: -85 dBm12 Mbps: -84 dBm 18 Mbps: -83 dBm 24 Mbps: -79 dBm 36 Mbps: -77 dBm 48 Mbps: -72 dBm 54 Mbps: -70 dBmAvailable Transmit Power Settings (Maximum Power Setting Will Vary by Channel and According to Individual Country Regulations) 802.11a:OFDM:17 dBm (50 mW)15 dBm (30 mW)14 dBm (25 mW)11 dBm (12 mW)8 dBm (6 mW)5 dBm (3 mW)2 mW (2 dBm)-1 dBm (1 mW)802.11b:CCK:20 dBm (100 mW)17 dBm (50 mW)14 dBm (25 mW)11 dBm (12 mW)8 dBm (6 mW)5 dBm (3 mW)2 dBm (2 mW)-1 dBm (1 mW)802.11g:OFDM:17 dBm (50 mW)14 dBm (25 mW)11 dBm (12 mW)8 dBm (6 mW)5 dBm (3 mW)2 dBm (2 mW)-1 dBm (1 mW)Indoor (Distance AcrossOpen Office Environment):Outdoor:Range802.11a:80 ft (24 m) @ 54 Mbps150 ft (45 m) @ 48Mbps200 ft (60 m) @ 36Mbps225 ft (69 m) @ 24Mbps250 ft (76 m) @ 18Mbps275 ft (84 m) @ 12Mbps300 ft (91 m) @ 9 Mbps325 ft (100 m) @ 802.11g:100 ft (30 m) @54Mbps175 ft (53 m) @48Mbps250 ft (76 m) @36Mbps275 ft (84 m) @24Mbps325 ft (100 m) @18Mbps350 ft (107 m) @12Mbps360 ft (110 m) @11Mbps375 ft (114 m) @802.11a:100 ft (30 m) @54Mbps300 ft (91 m) @48Mbps425 ft (130 m) @36Mbps500 ft (152 m) @24Mbps550 ft (168 m) @18Mbps600 ft (183 m) @12Mbps625 ft (190 m) @9Mbps650 ft (198 m) @802.11g:120 ft (37 m) @ 54Mbps350 ft (107 m) @ 48Mbps550 ft (168 m) @ 36Mbps650 ft (198 m) @ 24Mbps750 ft (229 m) @ 18Mbps800 ft (244 m) @ 12Mbps820 ft (250 m) @ 11Mbps875 ft (267 m) @ 9Mbps900 ft (274 m) @ 6Mbps910 ft (277 m) @ 5.5Mbps940 ft (287 m) @ 2Mbps950 ft (290 m) @ 1Mbps6Mbps6Mbps 9Mbps400 ft (122 m) @6Mbps420 ft (128 m) @5.5Mbps440 ft (134 m) @2Mbps450 ft (137 m) @1MbpsRanges and actual throughput vary based upon numerous environmental factors so individual performance may differ. Compliance StandardsSafety●UL 60950-1●CAN/CSA-C22.2 No. 60950-1●UL 2043●IEC 60950-1●EN 60950-1●NIST FIPS 140-2 level 2 validationRadio Approvals●FCC Part 15.247, 15.407●RSS-210 (Canada)●EN 300.328, EN 301.893 (Europe)●ARIB-STD 33 (Japan)●ARIB-STD 66 (Japan)●ARIB-STD T71 (Japan)●AS/NZS 4268.2003 (Australia and New Zealand)EMI and Susceptibility (Class B)●FCC Part 15.107 and 15.109●ICES-003 (Canada)●VCCI (Japan)●EN 301.489-1 and -17 (Europe)Security●802.11i, WPA2, WPA●802.1X●AES, TKIP●FIPS 140-2 Pre-Validation List●Common Criteria (when running Cisco IOS software)Other●IEEE 802.11g and IEEE 802.11a●FCC Bulletin OET-65C●RSS-102Antennas ●2.4 GHz◦Gain 3.0 dBi◦Horizontal Beamwidth 360°●5 GHz◦Gain 4.5 dBi◦Horizontal Beamwidth 360°Security AuthenticationSecurity Standards●WPA●WPA2 (802.11i)●Cisco TKIP●Cisco message integrity check (MIC)●IEEE 802.11 WEP keys of 40 bits and 128 bits802.1X EAP types:●EAP-Flexible Authentication via Secure Tunneling (EAP-FAST)●Protected EAP-Generic Token Card (PEAP-GTC)●PEAP-Microsoft Challenge Authentication Protocol Version 2 (PEAP-MSCHAP)●EAP-Transport Layer Security (EAP-TLS)●EAP-Tunneled TLS (EAP-TTLS)●EAP-Subscriber Identity Module (EAP-SIM)●Cisco LEAPEncryption●AES-CCMP encryption (WPA2)●TKIP (WPA)●Cisco TKIP●WPA TKIP●IEEE 802.11 WEP keys of 40 bits and 128 bitsStatus LEDs External:●Status LED indicates operating state, association status, error/warning condition, boot sequence, and maintenancestatusInternal:●Ethernet LED indicates activity over the Ethernet, status●Radio LED indicates activity over the radios, statusDimensions (H x W x D) 7.5 in. x 7.5 in. x 1.3 in. (19.1 x 19.1 x 3.3 cm)Weight 1.5 lb (0.67 kg)Environmental Operating●Altitude: 0 to 2500m●32 to 104°F (0 to 40°C)●10 to 90% humidity (noncondensing)Non Operating●-40 to 158F (-40 to 70C)●Up to 95% humidity (noncondensing)System Memory ●32 MB RAM●16 MB FLASHInput Power Requirements ●100-240 VAC; 50-60Hz (power supply)●36-57 VDC (device)Power Draw 12.2W maximumWarranty One yearWi-Fi CertificationSystem RequirementsTable 3 lists the system requirements for Cisco Aironet 1130AG access points.Table 3. System Requirements for Cisco Aironet 1130AG Access PointsAccess Utilizing DescriptionBrowser Using the Web browser management GUI, requires a computer running Internet Explorer Version 6.0 or newer, orNetscape Navigator Version 7.0 or newer.Power over Ethernet (PoE)Power sourcing equipment (PSE) compliant with Cisco Inline Power or IEEE 802.3af, and providing at least 12.2W at48 VDC.Service and SupportCisco Systems® offers a wide range of services programs to accelerate customer success. These innovative services programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you protect your network investment, optimize network operations, and prepare your network for new applications to extend network intelligence and the power of your business. For more information about Cisco services, visit Cisco Technical Support Services or Cisco Advanced Services.For More InformationFor more information about the Cisco Aironet 1130AG Series, visit /go/wireless or contact your local account representative.。