First things first. Cisco Wireless Access Points were designed to work with a wireless controller. If you plug them into your home network, your Access Point will not find a controller to download its information from and will keep rebooting and remain offline. Luckily, there is a workaround. It is possible to update Cisco IOS of a Cisco Aironet C1140 Acess Point so that it is converted to Autonomous mode, aka “do not need a controller” mode. Here are basic steps you should follow to perform the upgrade.
Download Autonomous IOS file for C1140 Wireless Access Point. I have successfully used IOS file version c1140-k9w7-mx.124-25d.JA2
Install TFTP server on your desktop PC and place the file in its root. TFTPd32 should work fine.
Connect to your Access Point with a USB console cable, also connect it to your home network with an Ethernet cable
Open console on your PC, change IP address on WAP to your home networks, and update the IOS on your C1140. Make sure your actual IP address and mask match you home subnet. (Confirm that you can ping Access Point from your PC if you have setup a Cisco router at home, you can also verify that you can ping it from the router.
ap#conf t ap(config)#debug capwap console cli ap(config-if)#interface GigabitEthernet0 ap(config-if)#ip addr 10.0.0.100 255.255.255.0 ap(config-if)#no shut
Perform the conversion. On your Access Point console screen. Change the IP address of TFTP to the IP address of your actual PC running TFTP server.
In our case it is 10.0.0.10
ap#archive download-sw /force-reload /overwrite tftp://10.0.0.10/c1140-k9w7-tar.124-25d.JA2.tar
Once your Access Point finishes the upgrade and reboots, confirm that it runs new IOS by running “show ver” command. On the output screen verify that System Image File section contains the name of your new IOS image file.
This is it! Your Cisco AP is now running in autonomous mode and is ready to be configured for usage.
Apply Commands for Home Usage
Let us get ready to work with Cisco IOS CLI instead of very familiar Graphical Interfaces of your everyday Netgears and Linksys’s. This means that we will need to add a command line for SSID name, encryption, WiFi password will need to be entered via command line. But this is what makes it so much fun! Here is the configuration. Please note that “service password-encryption” has been removed from the configuration, so all passwords and usernames will be shown in plain text. You can later apply this command so in case someone sees your configuration, they will not know your password. Here is the config file. Be sure to replace YOUR-SSID-NAME, YOUR-WIFI-PASSWORD, YOUR-USERNAME and YOUR-PASSWORD with the actual values. Enjoy!
AP#show run Building configuration... Current configuration : 2116 bytes ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec ! hostname AP ! logging rate-limit console 9 logging console informational ! no aaa new-model ! ! dot11 syslog ! dot11 ssid YOUR-SSID-NAME vlan 1 authentication open authentication key-management wpa version 2 guest-mode infrastructure-ssid optional wpa-psk ascii 7 YOUR-WIFI-PASSWORD ! ! ! username Cisco password 7 YOUR-USERNAME username telco privilege 15 password 7 YOUR-PASSWORD ! ! bridge irb ! ! interface Dot11Radio0 no ip address no ip route-cache ! encryption vlan 1 mode ciphers aes-ccm tkip ! encryption mode ciphers aes-ccm ! ssid YOUR-SSID-NAME ! antenna gain 0 station-role root ! interface Dot11Radio0.1 encapsulation dot1Q 1 native no ip route-cache bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface Dot11Radio1 no ip address no ip route-cache ! encryption mode ciphers aes-ccm ! encryption vlan 1 mode ciphers aes-ccm tkip ! ssid YOUR-SSID-NAME ! antenna gain 0 no dfs band block channel dfs station-role root ! interface Dot11Radio1.1 encapsulation dot1Q 1 native no ip route-cache bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface GigabitEthernet0 no ip address no ip route-cache duplex auto speed auto no keepalive ! interface GigabitEthernet0.1 encapsulation dot1Q 1 native no ip route-cache bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled ! interface BVI1 ip address dhcp no ip route-cache ! ip http server no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag bridge 1 route ip ! ! ! line con 0 login local line vty 0 4 login local ! end