Cisco BR350 Bridge Only Mode

Configuration and operational information about stumbled AP's

Cisco BR350 Bridge Only Mode

Postby murrayg » Tue Mar 18, 2003 6:51 am

Hi,

I have a question regarding Cisco Aironet BR350 radios. These are to be used for a point to point link between two buildings.

In order to implement securely I would like to achieve the following but cant seem to find exact reference if all this is possible from the product documentation. Perhaps someone can help.

1. Configure the radios in Bridge only mode. Since there are no clients using wireless NICs the radios only need to communicate with eachother. At present these are running as AP's and bridges.

2. Enable MAC address filtering. Set filters to allow only the two bridges to particpate in wireless networking.

3. Disable SSID Broadcasting. The documentation says you can stop devices associating with bridge if they do not specify the correct SSID. This does not explicitly say that SSID broadcasting is disbabled, but is this implied.

Thanks
murrayg
Mini Stumbler
 
Posts: 1
Joined: Mon Mar 10, 2003 1:37 am

Postby Spammy » Tue Mar 18, 2003 2:57 pm

They can't operate in Bridge and Access Point mode simultaneously (unless you are referring to wireless client mode - in which case the setting would be different on each, as one would be the AP, and the other a client).

Anyway, RTFM, and put them in bridge only mode. Whilst doing that it'll ask you for the other devices MAC address (hence your MAC filtering). Once bridged, they can't be seen from Netstumbler. Programs like Kismet (and anything in RFMon) will see it, but theres nothing you can do about that.

For additional security, again, read the manual. Stick WEP on, play with LEAP and RADIUS (I'm not sure how they would apply to bridge only mode though).

Regards,

Sam
Spammy
Mini Stumbler
 
Posts: 78
Joined: Thu Sep 19, 2002 5:05 am
Location: Bournemouth, UK

Postby fitzStewart » Wed Mar 19, 2003 7:36 am

Originally posted by Spammy
They can't operate in Bridge and Access Point mode simultaneously (unless you are referring to wireless client mode - in which case the setting would be different on each, as one would be the AP, and the other a client).


Not quite.....

When bridging single point to single point or multi point to single point, one of the bridges must be designated as the prime node (in multi to single, it must be the single node, in single to single, it is the node on the destination network). The prime node must be configured to allow wireless clients to attach, to allow the other side of the bridge to connect. The downside of this is, that the prime node will also allow wireless clients to attach, such as us.
I know this from practice, and have actually stumbled a BR350 which had allow wireless clients to attach enabled.
fitzStewart
 
Posts: 103
Joined: Tue Apr 16, 2002 5:15 am
Location: Toronto, Canada


Return to AP Information

Who is online

Users browsing this forum: No registered users and 8 guests

cron