思科有线无线混合环境下VLAN设置

   该实验实现思科有线无线混合环境下Vlan的配置。

    实验目的:  

      1.     掌握思科胖AP基本配置概念
      2.     掌握思科无线AP与思科交换机在VLAN环境下的配置
      3.     掌握利用思科交换机搭建DHCP角色
     
    实验拓扑:

 

                  

          WS-C3550-24-EMI交换机上划分了3个VLAN,VLAN的划分如上图所示。并且交换机上设定了DHCP功能,分别作了两个池---VLAN3:192.168.3.0和VLAN4:192.168.4.0.交换机和AP间做TRUNK。AP上设定两个SSID分别是:VLAN3和VLAN4.PC1通过SSID VLAN3获得VLAN 3的IP,PC2通过SSID VLAN4获得VLAN4的IP。

 

实验配置:
一.交换机配置:
Switch>en
Switch#show run
Building configuration...
 
Current configuration : 2601 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
!
no aaa new-model
ip subnet-zero
ip routing
ip dhcp excluded-address 192.168.3.1
ip dhcp excluded-address 192.168.4.1
!
ip dhcp pool vlan3
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.1
!
ip dhcp pool vlan4
   network 192.168.4.0 255.255.255.0
   default-router 192.168.4.1
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0/1
 switchport mode dynamic desirable
!
interface FastEthernet0/2
 switchport mode dynamic desirable
!
interface FastEthernet0/3
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 2
 switchport mode trunk
 switchport nonegotiate
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan2
 ip address 192.168.2.1 255.255.255.0
!
interface Vlan3
 ip address 192.168.3.1 255.255.255.0
!
interface Vlan4
 ip address 192.168.4.1 255.255.255.0
!
ip classless
ip http server
!
!
control-plane
!
!
line con 0
line vty 5 15
!
End
 
二.无线AP配置
ap#show run
Building configuration...
 
Current configuration : 2597 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap
!
enable secret 5 $1$z9wN$KTFEPgpYJES8rClAE7oxW0
!
no aaa new-model
!
!
dot11 mbssid
dot11 syslog
dot11 vlan-name device vlan 2
dot11 vlan-name vlan3 vlan 3
dot11 vlan-name vlan4 vlan 4
!
dot11 ssid vlan3
   vlan 3
   authentication open
   mbssid guest-mode
!
dot11 ssid vlan4
   vlan 4
   authentication open
   mbssid guest-mode
!
!
!
username Cisco password 7 106D000A0618
!
!
bridge irb
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 ssid vlan3
 !
 ssid vlan4
 !
 station-role root
!
interface Dot11Radio0.2
 encapsulation dot1Q 2 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio0.3
 encapsulation dot1Q 3
 no ip route-cache
 bridge-group 3
 bridge-group 3 subscriber-loop-control
 bridge-group 3 block-unknown-source
 no bridge-group 3 source-learning
 no bridge-group 3 unicast-flooding
 bridge-group 3 spanning-disabled
!         
interface Dot11Radio0.4
 encapsulation dot1Q 4
 no ip route-cache
 bridge-group 4
 bridge-group 4 subscriber-loop-control
 bridge-group 4 block-unknown-source
 no bridge-group 4 source-learning
 no bridge-group 4 unicast-flooding
 bridge-group 4 spanning-disabled
!
interface Dot11Radio1
 no ip address
 no ip route-cache
 shutdown
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface FastEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
!
interface FastEthernet0.2
 encapsulation dot1Q 2 native
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface FastEthernet0.3
 encapsulation dot1Q 3
 no ip route-cache
 bridge-group 3
 no bridge-group 3 source-learning
 bridge-group 3 spanning-disabled
!
interface FastEthernet0.4
 encapsulation dot1Q 4
 no ip route-cache
 bridge-group 4
 no bridge-group 4 source-learning
 bridge-group 4 spanning-disabled
!
interface BVI1
 ip address 192.168.2.2 255.255.255.0
 ip helper-address 192.168.2.1
 no ip route-cache
!
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
 login local
!
end
实验中遇到的问题和需要澄清的一些概念:
   要想理解思科无线AP的配置需要弄懂一些概念,否则不太容易理解,这里列出几个相关的关键字,大家可以拜一下百度或Google大神,多看几种解释可能对概念的理解更加全面些,还有对于思科的相关设备配置千万不要忽视官网的作用,不多说,关键字如下:
1.     Native VLAN
2.     MBSSID
3.     Bridge Group
4.     BVI
5.     类似于Dot11Radio0.3之类的子接口
 
 
          实验环境说明: