无线控制器的配置步骤(必须配置的)


与交换机连接的接口配置,vlan 13为设备管理IP接口,vlan12为无线vlan接口,通过trunk连接交换机传输vlan数据流。这里vlan13ap接入vlanvlan12为无线终端接入vlan


wKiom1MYDfjTvxvyAAHuwLRLiFU667.jpg

配置无线设备vlan的管理IP配置以及无线APDHCP地址池配置
wKioL1MYDjywD0GCAAKDdVUEtQs870.jpg


配置无线客户端vlan的接口IP以及无线客户端的DHCP地址池

wKiom1MYDw2x76k2AALAEUIJjx4654.jpg


配置无线SSIDwKiom1MYD02wz5GRAAHVHZtKjCc494.jpg

配置无线连接的加密算法和认证方式wKiom1MYEDDRHfRIAAIkVw6phLI687.jpg


monitor界面可以看到LAP连接

wKioL1MYED3T8QRRAASXXGhxpvQ714.jpg


!交换机与控制器之间做trunk连接

interfaceGigabitEthernet1/0/6

descriptionLINK-WLC

switchport trunkencapsulation dot1q

switchport modetrunk

!
vlan 12
name WIRELESS
!
vlan 13
name WLC
!
ip dhcp pool wireless
network 10.40.58.0255.255.255.0
default-router10.40.58.254
!
ip dhcp pool ap-dhcp
network 10.40.59.0255.255.255.0
default-router10.40.59.254
interface Vlan12
ip address 10.40.58.254 255.255.255.0
!
interface Vlan13
ip address 10.40.59.254255.255.255.0
接下来只要将接入层交换机配置如下:(接入层交换机与3层交换机通过trunk连接)
将连接AP的端口都划到AP的vlan中,这样AP获取到10.40.59.9段的IP,无线客户端获取到10.40.58.0的地址段
interfaceFastEthernet0/21
switchportaccess vlan 13
!




配置时发生错误的一个案例


原始拓扑图
wKioL1MYEQ-zHUm1AACEi-qGTMo677.jpg

在上述的拓扑图,3层交换机和WLC之间通过trunk连接,配置为untagged报错

wKioL1MYETuhFY8sAAFStSB-j8E472.jpg

估计是bug,后来只好将拓扑图修改为如下,将WLC和3层交换机之间的连接改为port-channel,顺便改变了无线获取的要求:
wKioL1MYEZ6BsS_1AACPuhkdoK8108.jpg

然后在WLC的LAG里改为enable,即启用trunk连接,打上port-channel。

wKiom1MYEZ7B_bHCAAGf3aUbHXM105.jpg要求拓扑图实现的效果如下:
1、LAP获取的地址段同WLC的网段相同,为192.168.33.0/24
2、无线终端获取的地址为汇聚层交换机上另外定义的网段,为10.40.24.0/24.
汇聚层交换机的配置如下
ip routing
ip dhcp excluded-address 10.40.24.1 10.40.24.9
ip dhcp excluded-address 10.40.24.240 10.40.24.254
ip dhcp excluded-address 192.168.33.1 192.168.33.189
ip dhcp excluded-address 192.168.33.240 192.168.33.254
!
ip dhcp pool wireless  无线客户端的地址池
network 10.40.24.0 255.255.255.0
default-router10.40.24.254
!
ip dhcp pool ap  ap获取的地址
network 192.168.33.0 255.255.255.0
default-router 192.168.33.254
option 43 hex f108.c0a8.21f9
lease 7
!

!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 2
name OFFICE
!
vlan 8
name Wireless
!
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet1/0/1
!
interface FastEthernet1/0/2
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet1/0/3
!
interface FastEthernet1/0/4
!
interface FastEthernet1/0/5
!
interface FastEthernet1/0/6
!
interface FastEthernet1/0/7
!
interface FastEthernet1/0/8
!
interface FastEthernet1/0/9
!
interface FastEthernet1/0/10
!
interface FastEthernet1/0/11
!
interface FastEthernet1/0/12
!
interface FastEthernet1/0/13
!
interface FastEthernet1/0/14
!
interface FastEthernet1/0/15
!
interface FastEthernet1/0/16
!
interface FastEthernet1/0/17
!
interface FastEthernet1/0/18
!
interface FastEthernet1/0/19
!
interface FastEthernet1/0/20
!
interface FastEthernet1/0/21
!
interface FastEthernet1/0/22
!
interface FastEthernet1/0/23
!
interface FastEthernet1/0/24
!
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/2
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode on
!
interface Vlan1
ip address 192.168.33.254 255.255.255.0
no ip mroute-cache
!
interface Vlan2
no ip address
no ip mroute-cache
!
interface Vlan8
ip address 10.40.24.254 255.255.255.0
ip helper-address 192.168.33.249

option 43 hexf108.c0a8.21f9 option43属性主要应用在WLAN中AP设备从dhcp服务器获取地址后,通过dhcp服务器下发的option43属性去找AC注册,本例中主要用于AP通过192.168.33.249的WLC上获取ip地址
ip helper-address 192.168.33.249 dhcp中继,通过WLC的DHCP地址池中转获取地址,但是这里我们在WLC上配置了主要DHCPserver为192.168.33.254