Okay, for some backstory, this has taken forever to understand. Turns out half the documentation for the Aironet 2700 is scuffed, and is completely misleading. So, this is a small guide that I'm writing for myself so whenever I need to set up another box of these, I won't have to spend two days trying to figure it out.
Okay, so assuming you've picked up a couple of these bad boys from your local electronics recycler or got them second hand some other way, you need to set it up. There are two ways of doing that: Getting a Cisco Wireless LAN Controller, or putting the AP into autonomous mode.
If you've got a Cisco WLC you probably don't need this guide, so assuming the WLC is a no-go lets get to converting this to autonomous mode.
The hardware that's needed is a router, a network switch, a computer, and a RS-232 RJ45 serial cable. The software you'll need is a copy of tftpd64, and a copy of the autonomous IOS Software from Cisco.
This last one may be tricky since Cisco is a dogshit company that charges for access to firmware. Thankfully there are incredibly generous people that happen to host copies of these firmware files. I shouldn't link to them, but Google will get you there. If you are concerned about downloading firmware from some potentially sketchy website, a simple checksum comparison will help. Despite not offering firmware downloads, Cisco does show the MD5 and SHA512 checksums for their files.
Now that we have all the stuff, lets get to flashing. This can be risky since if the AP loses power while it's flashing, it can just brick your AP. Just keep it plugged in.
So start by connecting the serial cable to the AP and your computer. Open a serial monitor (I use PuTTY) and connect to the COM port for the serial cable. This can be found in Device Manager on Windows.
Once you've got a serial connection going, hold down the Mode button on the AP, and plug in the power. Keep holding the button until the light goes SOLID RED. Every other guide says wait for an amber light, but the 2700 does not have an amber light. Over the serial connection it should mention waiting for the button to be released.
This should put the AP into reset mode where it can be flashed. Now it's time for commands. First we need to clear the flash storage. Run the following command, confirm that you want to wipe, and wait for a few minutes while it clears it out.
format flash:
Once it's wiped we need to set some IP settings so we can send files to the AP. Get the IP address for your computer's network and give the AP an address inside that network. Eg: 192.168.1.100 if your computer's IP is 192.168.1.54. We also need to set the gateway of the network. You can get this value from ipconfig on Windows or ifconfig on Linux. Finally we initialize the AP's software.
set IP_ADDR 192.168.1.100
set NETMASK 255.255.255.0
set DEFAULT_ROUTER 192.168.1.1
tftp_init
ether_init
flash_init
At this point we need TFTP. So, get TFTPD64 running, bind it to the IP that shares the network with the AP, and set the folder to the location of the firmware download. Do not decompress the firmware file. We send it to the AP as a tarball, and it does the unpacking. Run the following command, substituting your computer's IP address, and the filepath of the firmware.
tar -xtract tftp://192.168.1.54/ap3g2-k9w7-tar.157-3.JPO.tar flash:
This will take some time. While this is running feel free to get a snack or start formatting the next 2700 if you're doing multiple. While it's downloading you can detatch the serial cable and it will continue running. Once it's finished we need to set the boot target. To set the boot target properly we need the path of the firmware on the flash.
dir flash:
Now we can see the current contents of the flash. Copy the directory name that should be similar to as3g3-k9w7-mx.153-3.JPO. The boot target is a file with that name, inside a directory with that name. So the duplicate is intended.
set boot flash:/ap3g2-k9w7-mx.153-3.JPO/ap3g2-k9w7-mx.153-3.JPO
boot
And boom! This AP is now in autonomous mode. It's far from being set up though.
Now that we have control over the AP, we can configure it's SSID, IP, and password. First we need to get into admin mode. Run the following command, and when prompted for a password, enter Cisco. This is the default password for nearly all Cisco hardware.
enable
Next we need to configure the IP settings. Here I am using the same IP that I gave to this AP earlier. Adjust this so it falls inside your network. The default-gateway IP should be the same IP as your router.
configure terminal
interface bvi 1
ip address 192.168.1.100 255.255.255.0
exit
ip default-gateway 192.168.1.1
Now we get to the SSID, and authentication. The next few commands set the SSID to Cisco_AP, disable device whitelist, and sets up WPA2 with the password Cisco123. Change the SSID and password as you see fit, but unless you're running VERY VERY old hardware that REQUIRES WEP, leave it with WPA2.
dot11 ssid Cisco_AP
guest-mode
authentication open
authentication key-management wpa version 2
wpa-psk ascii Cisco123
exit
Now it's time to configure the 2.4 GHz radio. The encryption mode should be aes-ccm when using WPA2. Change the SSID to match the previously used one, and feel free to set a specific channel if you have a WiFi analyzer. Using least-congested will have the AP scan and pick a channel with the highest signal to noise ratio. Finally, no shutdown causes the radio to start broadcasting.
interface dot11Radio 0
encryption mode ciphers aes-ccm
ssid Cisco_AP
channel least-congested
no shutdown
exit
I still have to do some homework on getting the 5 GHz radio working, but I'm assuming it's the same as the 2.4 GHz, but using dot11Radio 1 instead.
With that, you have a fully functional Cisco 2700 Access Point. If you want to enable the Web UI, you need to change the admin password. It will NOT allow you to enable the Web UI with the default password. Once the Web UI is enabled, you login with no username, and the new secret you've set.
enable secret <password>
ip http server
Congrats on navigating the hell that is buying second hand Cisco gear. There is a reason it's this cheap and it's because unless you want to create your own special hell, just buy Ubiquiti. If I had known that it was gonna take me 2 days to figure this out, I wouldn't have bought 5 of these boxes.
I hope this guide is helpful to either future me, or anyone else that is trying to use enterprise grade hardware either in the home, or in a small business. Buying second hand is great, but it's worth noting that it can be a lot harder to get some gear working.
Dear Sir. Thank you very much for this guide. It is working great.