Cisco AIR-CAP3702I-E-K9 Wireless Access points, are (as of 2025) about 10 years old and largely redundant in the face of WiFi's evolution over the past decade. However, they still are useful for most Home/Home Office use cases as the 5Ghz througput is up to 1300mbps, and unless you have gigabit internet, then one of these could be a cheap way to extend your WiFi.
They can be purchased for about $10 off eBay (as of 2025) these days, and are cheaper than spending money on a new Wireless AP, when you probably don't need most of the requirements.
The Cisco AIR-CAP3702I-E-K9's sold on eBay will be most likely old infrastructure from an Office, and as such, will be running the wrong firmware for home use. They'll be running 'lightweight' firmware which means they AP's themselves are 'dumb' and require a central Cisco wireless controller. You won't have this and therefore will want to flash these with the 'standalone' (autonomous) firmware, which basically turns the AP into it's own device, like any consumer-grade WiFi AP. i.e. You'll have the ability to configure this through the web browser.
There are plenty of guides on how to do this. Refer to:
- https://administrator.de/tutorial/cisco-wlan-access-points-3800-3702-2702-fuer-den-heimgebrauch-umruesten-647100.html
- https://mrncciew.com/2012/10/20/lightweight-to-autonomous-conversion/
- https://www.reddit.com/r/Cisco/comments/15yzsvd/firmware_update_for_ap3g2_k9w7/
Basically
- Setup a TFTP server on a windows or Linux PC WITH DHCP
- Connect the AP directly to PC
- Power the AP, holding down the Mode Button for 20+ seconds
- The device will then look for firmware file named 'ap3g2-k9w7-tar.default'
- You can find such firmware files doing a google search, for example, searching for "ap3g2-k9w7-tar.153-3.JPQ5.tar" reveals https://wdho.ru/c8P9
- Rename this file to 'ap3g2-k9w7-tar.default'
- The Access Point will download the firmware, flash itself. This could take a while. Monitor the TFTPd server.
- The device should then factory reset. i.e. The LED on the device will stop flashing green and then be a solid green.
- It should after reboot, get an IP address from the DHCP server. Telnet to this address and login with username 'Cisco' password 'Cisco'.
- If not, you may need to factory reset the configuration. Do this by disabling the TFTPd server (so it doesn't download the firmware again), disconnect the power to the AP, then hold the Mode button THEN reconnect the power. Wait until the Led light goes solid RED (could take 20+ seconds).
If you are able to connect to the device after it has been flashed via. Telnet then you can use the running TFTP server to load the below configurations, which will setup a basic 5Ghz WiFi AP with the SSID 'Cisco_5G' and password 'wifipass1234'
Note:
- Thes config files change the 'enable' password to 'secretpass'
- Creates user 'admin' with 'adminpass'
- Changes 'Cisco' user account password to 'adminpass'
Load any of the blow configuration by saving them to a file on your TFTP server and then doing the following:
enable
write erase
copy tftp: startup-config
reload
Before you do the above, save the below to a text file on the TFTP server such as wifiap.txt
! Write:
! write erase
! copy tftp: startup-config
! reload
! NVRAM config last updated at 22:25:17 +0000 Sat Oct 11 2025
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap3702
!
!
logging rate-limit console 9
enable password secretpass
!
aaa new-model
!
!
aaa authentication login default local
!
!
!
!
!
aaa session-id common
clock timezone +0000 0 0
no ip source-route
no ip cef
ip domain name wap3702.local
!
!
!
!
dot11 pause-time 100
dot11 syslog
!
dot11 ssid Cisco_5G
authentication open
authentication key-management wpa version 2
guest-mode
! Plain text password:
wpa-psk ascii 0 wifipass1234
!
dot11 ssid Cisco 2_4G
authentication open
authentication key-management wpa version 2
guest-mode
wpa-psk ascii 0 wifipass1234
!
!
!
no ipv6 cef
!
!
!
! Save this stuff as plain text.
username Cisco password adminpass
username admin privilege 15 password adminpass
!
!
bridge irb
!
!
!
interface Dot11Radio0
encryption mode ciphers aes-ccm
ssid Cisco 2_4G
no shutdown
channel least-congested
no ip address
antenna gain 0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
no ip address
!
encryption mode ciphers aes-ccm
!
ssid Cisco_5G
!
antenna gain 0
peakdetect
no dfs band block
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15. m16. m17. m18. m19. m20. m21. m22. m23. a1ss9 a2ss9 a3ss9
power local 11
channel width 80
channel 5180
station-role root
no dot11 extension aironet
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface GigabitEthernet0
no ip address
duplex auto
speed auto
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
!
interface BVI1
ip address dhcp client-id GigabitEthernet0
ipv6 address dhcp
ipv6 address autoconfig
ipv6 enable
!
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
no ip ssh version 2
!
!
!
bridge 1 route ip
!
!
!
line con 0
speed 9600
line vty 0 4
transport input ssh
!
sntp server uk.pool.ntp.org
sntp broadcast client
end
Use a Cisco AIR-CAP3702I-E-K9 as a 'cheap' (overkill) WiFi repeater in the house to improve coverage.
After much testing, it was discovered you cannot do this with a single Cisco AIR WAP. "Repeating" mode can only done with two or more devices and it uses a propriatary means.