Currently trending on twitter, #junipered means a few different things to a few different people. For anyone with marketing experience, it represents the blatent disregard for the cardinal rule of advertising. For Cisco fans, it's a reference to http://www.overpromisesunderdelivers.net , saying Juniper over promises and is a vendor of vaporware that is only hurting its customers. For Juniper fans, its a sign that Cisco is launching a childish advertising campaign as they're loosing market share to Juniper.

For me, it's sad. As a cisco fan, I'm a little worried that they're stooping this low, and certainly taken away from their image they I had of them. This is the first time I've seen them actually acknowledging the competition in any other way besides performance comparisons (and always retaliated against with TCO comparisons).

I'm sure everyone can see many sides to this, but what will be most interesting, is Junipers response, if any.

This project will be broken up into parts.

1 - Additional Range

well, this one is easy. While at the park, I'd like to get about 500meters out of the unit, rather than the 100 (or so) it gets currently. I'm thinking that I'll start small(ish) and attach a Cisco access point to a car battery via an inverter with some 10db antennas and see how far we can extend the range. From here a world of signal boosters and specialized antennas opens up - But I'm going to suggest the AP1232 should be more than enough for our purposes. This will give us the ability to be Xmeters from the AP and the drone to be Xmeters from the AP... so we'll have quite a large effective range radius. Car battery means we'll get a few hours of fun and can leave this unit somewhere, covered in gaff while we kill each other at distance.

2 - Long distance remote control

by Long distance... I mean other side of the city. I work at west end and live int he valley - I'd love to be able to fly the drone from work, via a tunnel of sorts, or at least a vpn - shouldn't be hard at all I'd imagine, again the Cisco AP will become a client to the Parrot Drone, encapsulated dot1q to my PC which will see the drone interface as a subint.

3 - Autonomous Flight

Well... this is the most complicated, and a combination of the other two. I want the drone to be able to fly by coordinate and follow waypoints around a large zone and come back to land. Sounds simple? a few issues here - 1. drone doesn't have GPS. 2. if it did, GPS probably isn't accurate enough. 3. I don't know anything about this kind of automation.

more to come!

AR Parrot Drone @ WOW

Spare AR Parrot Drone Battery @ WOW (highly recommended)

Networking Brokers (where I keep getting cheap second hand cisco aps for these little projects)

[facebook_ilike]

Well, my 1232 plugs into a port on my Cisco 877, so the first step is to get the switchport set up in trunk mode. This sends tags all of your vlans over the port so that your accesspoint can deal with them and you can set up multiple BSSID.

we needs its ip... now, we could look in the dhcp table, but... cdp is so much more fun.. So, from the router (877 in my case)

cisco877#sh cdp neighbors
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
ap                 Fas 3              126           T       AIR-AP123 Fas 0

davetopia#sh cdp entry ap
-------------------------
Device ID: ap
Entry address(es):  IP address: 192.168.1.2

next step is to telnet into 192.168.1.2. By default, the AP will have the username and password of Cisco (yes, capital "C"). This probably needs to change, but we can do that in the config. The AP will also ask for a dhcp when it first boots up.. this means you can generally get away without using a console cable.

and now for the config. Replace network1 with your first wireless network ssid, it will use VLAN1 (native). replace network2 with your second ssid, it will use vLAN2. Replace newpassword with your desired password (username is still "Cisco" in this example), and finally network1-psk and network2-psk with your new wpa PSKs.

version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname davetopia-AP
!
enable secret 0 newpassword
!
ip subnet-zero
ip name-server 172.16.1.11
!
!
no aaa new-model
!
dot11 ssid network2
vlan 2
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 0 network2-psk
!
dot11 ssid network1
vlan 1
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 0 network1-psk
!
!
!
username Cisco password 0 newpassword
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm tkip
!
encryption vlan 1 mode ciphers tkip
!
encryption vlan 2 mode ciphers aes-ccm tkip
!
ssid network1
!
ssid network2
!
mbssid
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
bridge-group 2 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
!
encryption vlan 1 mode ciphers tkip
!
encryption vlan 2 mode ciphers aes-ccm tkip
!
encryption mode ciphers aes-ccm tkip
!
ssid network1
!
ssid network2
!
no dfs band block
mbssid
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
channel dfs
station-role root
!
interface Dot11Radio1.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
bridge-group 2 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
hold-queue 160 in
!
interface FastEthernet0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
no bridge-group 2 source-learning
bridge-group 2 spanning-disabled
!
interface BVI1
ip address dhcp client-id FastEthernet0
no ip route-cache
!
interface BVI2
no ip address
no ip route-cache
!
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
!
control-plane
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
!
end

Xbox Live needs TCP/3074, UDP/3074, UPD/88 forwarded to the xbox from the outside interface of the router

Xbox Connect needs TCP/8602 forwarded

Assumptions

Xbox - 10.1.1.2
Router - 10.1.1.1
Internet Interface - Dialer1

Instructions

Log into your router (usually something like telnet 10.1.1.1 from your pc, and enter the login credentials)

Enter configure mode

Configure Terminal

Add the Forwards

ip nat inside source static tcp 10.1.1.2 3074 interface Dialer1 3074
ip nat inside source static udp 10.1.1.2 3074 interface Dialer1 3074
ip nat inside source static udp 10.1.1.2 88 interface Dialer1 88
ip nat inside source static tcp 10.1.1.2 8602 interface Dialer1 8602


Exit Configure mode

Exit

Write the config & Exit

Write Memory
Exit

Easy huh?

Cisco hide this password in the cookie (which holds amongst other things mac addresses and serial numbers).

Take the top line from the "cookie" command from the rommon prompt and paste it in here - http://ers.msk.ru/cgi-bin/priv.cgi .

I'll post the relevant sections below

config working on IOS 12.4(24)T3

replace [username] with your TPG username and [password] with your TPG password.

hostname router
ip dhcp pool general
network 10.10.10.0 255.255.255.0
dns-server 10.10.10.1
default-router 10.10.10.1
domain-name router.local
!

ip dns server
ip domain name router.local

ip name-server 203.12.160.35
ip name-server 203.12.160.36
ip name-server 203.12.160.37

interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
switchport access vlan 1
!
interface FastEthernet1
switchport access vlan 1
!
interface FastEthernet2
switchport access vlan 1
!
interface FastEthernet3
switchport access vlan 1
!
interface Vlan1
description --- INSIDE INTERFACE ---
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Dialer1
description --- OUTSIDE INTERFACE ---
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap callin
ppp pap sent-username [USERNAME]@tpg.com.au password 0 [PASSWORD]
!
ip access-list extended nat
permit ip 10.10.10.0 0.0.0.255 any
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
no ip http secure-server
ip dns server
ip nat inside source list nat interface Dialer1 overload

[facebook_ilike]

Thanks Narkotix for correcting a mistake with the dns server config.