Discover the IP Address of a Cisco Aironet 1200 Series on Linux without IPSU

I got an Aironet 1200 and didn't have the serial cable, so I tried to use IPSU to find the IP address. I ran it in a VM, bridged the ethernet interface, and it failed. (I think the return message doesn't get forwarded to the VM.) Then I found a better way to find the address is to use Wireshark. Once in a while the Aironet will send an ARP broadcast packet looking for its gateway. The return address is the AP's address.

Once you have that, set up an IP address on that subnet, and access the web inteface, or use Telnet if that's enabled.

Of course, I didn't have a password, so that kind of failed. The default I tried is username Cisco, password Cisco.

So I had to reset the device. You unplug the Aironet 1200, press the MODE button (next to the ethernet port), then power up. Release the MODE button when the status light (the middle light) glows amber -- this takes around 1 second.

The AP will get an address via DHCP. (So check your router or server to see what IP address it got. Better yet, before resetting, assign an IP address.) Go to that address, and login as Cisco / Cisco.

Getting the AP going with WPA is kind of a pain. Here's my config:
I'm not sure if ip helper-address settings are necessary.
Broadcast address seems to help.

ap>enable
ap#show running-config interface Dot11Radio 0   
Building configuration...

Current configuration : 612 bytes
!
interface Dot11Radio0
 no ip address
 ip broadcast-address 192.168.111.255
 ip helper-address 192.168.111.253
 ip helper-address 192.168.111.1
 no ip route-cache
 !
 encryption mode ciphers tkip 
 !
 ssid STN3
 !
 speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
 station-role root access-point
 no dot11 extension aironet
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
end

The other thing was, I had to get the file "Cisco IOS Software Configuration Guide for Cisco Aironet Access Points" for instructions pertaining to iOS. Download it and savor it :) SSID instructions on page 132.

Ramblings

I got the Aironet because it's got a lot of features and they're going cheap at $30 or so. If you like OpenWRT on a Linksys, it's going to feel a little "lame" compared to busybox, but the hardware's better. It can do up to 16 SSIDs, and has full support for mapping SSIDs to VLANs. It can run on POE. It can do WDS, or be a wireless bridge, just like the WRT54GL. You can also get a variety of antennae for it, ranging from the rubber duck omnis, to downward pointing omnis, directional patch antennas, and directional yagi outdoor antennas.

The big PITA is that Cisco is a closed system, so you have to rely on getting the old firmware to bring the device up to date. That means piracy, because Cisco wants you to pay for support. I had to get a file named c1200-k9w7-tar.123-8.JEE.tar to bring the 1200 up to 2009 standards. At least Cisco is widespread -- you can get firmware -- with more exotic hardware, the firmware is hidden away. That alone really makes me consider the diy routerboards, because there's less long-term risk, as long as you can cross-compile the system.

Programming it is kind of hard. It's hard in the way that ipchains is hard, or using "route" is hard -- you have to configure every little thing before it works, and know IPv4 networking. It doesn't "just work" like a Linksys or Netgear consumer router, nor does it come with a reasonable configuration like a stock OpenWRT install. The instruction book is 500+ pages. LOL. "Thou shalt read the book, sysadmin."

Once you know it, though, it's probably very easy to make the hardware do magic. But, like building Linux routers, if you're away from the system for six months, you'll forget almost everything you did to configure the system, and need to read manual pages to remember the commands.