Wlan配置
主要包括AC的基本业务配置,Wlan认证模板的配置方法,WEP认证的方法、以及WPA2 PSK的认证的方法。
实验拓扑
实验环境:华为ENSP
配置情况:
| 设备 | IP地址 | 网关 |
|---|---|---|
| STA1 | DHCP | 192.168.100.254 |
| Cellphone1 | DHCP | 192.168.100.254 |
| AR1 vlanif 100 | 192.168.100.1 | - |
| AC1 vlanif 100 | 192.168.100.3 | - |
| AC1 vlanif 101 | 192.168.101.1 | - |
详细配置
注意:AP1设备先不需要启动,等到将AP1绑定到AP组后再启动。
AR1
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysn AR1
[AR1]vlan batch 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[AR1]int vlanif 100
[AR1-Vlanif100]ip add 192.168.100.1 24
[AR1-Vlanif100]q
[AR1]
AC1
<AC6605>sys
Enter system view, return user view with Ctrl+Z.
[AC6605]sysn AC1
//创建VLAN100 101
[AC1]vlan batch 100 101
Info: This operation may take a few seconds. Please wait for a moment...done.
//基本接口配置
[AC1]int g0/0/1
[AC1-GigabitEthernet0/0/1]port link-type trunk
[AC1-GigabitEthernet0/0/1]port trunk all
[AC1-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[AC1-GigabitEthernet0/0/1]q
[AC1]int g0/0/3
[AC1-GigabitEthernet0/0/3]port link-type tru
[AC1-GigabitEthernet0/0/3]port link-type trunk
[AC1-GigabitEthernet0/0/3]port trunk pvid vlan 101
[AC1-GigabitEthernet0/0/3]port trunk all
[AC1-GigabitEthernet0/0/3]port trunk allow-pass vlan all
[AC1-GigabitEthernet0/0/3]
//DHCP功能配置
[AC1]dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.
//创建地址池
[AC1]ip pool huawei
Info: It is successful to create an IP address pool.
[AC1-ip-pool-huawei]gate
[AC1-ip-pool-huawei]gateway-list 192.168.100.254
[AC1-ip-pool-huawei]network 192.168.100.0 mask 255.255.255.0
[AC1-ip-pool-huawei]ex
[AC1-ip-pool-huawei]excluded-ip-address 192.168.100.201 192.168.100.253
[AC1-ip-pool-huawei]ddn
[AC1-ip-pool-huawei]dn
[AC1-ip-pool-huawei]dns-list 192.168.100.254
[AC1-ip-pool-huawei]q
[AC1]int vlanif 100
[AC1-Vlanif100]ip add 192.168.100.3 24
[AC1-Vlanif100]dhcp select global
[AC1-Vlanif100]q
[AC1]int vlanif 101
[AC1-Vlanif101]ip add 192.168.101.1 24
[AC1-Vlanif101]dhcp select interface
[AC1-Vlanif101]q
[AC1]
//AP 上线配置
//创建AP组
[AC1]wlan
[AC1-wlan-view]ap-group name ap1
Info: This operation may take a few seconds. Please wait for a moment.done.
[AC1-wlan-ap-group-ap1]q
[AC1-wlan-view]regulatory-domain-profile name domain1
[AC1-wlan-regulate-domain-domain1]country
[AC1-wlan-regulate-domain-domain1]country-code CN
Info: The current country code is same with the input country code.
[AC1-wlan-regulate-domain-domain1]q
[AC1-wlan-view]ap-group name ap
[AC1-wlan-ap-group-ap]regulatory-domain-profile domain1
Warning: Modifying the country code will clear channel, power and antenna gain c
onfigurations of the radio and reset the AP. Continue?[Y/N]:y
[AC1-wlan-ap-group-ap]q
[AC1-wlan-view]q
[AC1]capwap source int vlanif 101
[AC1]
//将AP绑定至AP组
[AC1]wlan
[AC1-wlan-view]ap a
[AC1-wlan-view]ap auth-mode mac-auth
[AC1-wlan-view]ap-id 0 ap-mac 00E0-FC81-71B0 //该MAC地址为AP1MAC地址
[AC1-wlan-ap-0]ap-name area_1
[AC1-wlan-ap-0]ap-group ap
Warning: This operation may cause AP reset. If the country code changes, it will
clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC1-wlan-ap-0]q
[AC1-wlan-view]
启动AP1,启动成功后,在AC1使用display ap all 查看AP上线情况,若State值为NOR,则上线成功。
//配置WLAN业务参数
//配置安全模板
[AC1]wlan
[AC1-wlan-view]security-profile name secur
[AC1-wlan-sec-prof-secur]security WPA2 PSK pass-phrase ensp8888 aes
//认证类型WPA2,密码为ensp8888
[AC1-wlan-sec-prof-secur]q
[AC1-wlan-view]
//配置ssid模板
[AC1-wlan-view]ssid-profile name ssid
[AC1-wlan-ssid-prof-ssid]ssid huawei
//配置ssid 的名称为huawei
Info: This operation may take a few seconds, please wait.done.
[AC1-wlan-ssid-prof-ssid]q
[AC1-wlan-view]
//创建VAP模板,配置业务数据转发模式、业务VLAN,并且引用安全模板和SSID模板。
[AC1-wlan-view]vap-p
[AC1-wlan-view]vap-profile name vap
[AC1-wlan-vap-prof-vap]forward-mode tunnel //隧道模式转发
Info: This operation may take a few seconds, please wait.done.
[AC1-wlan-vap-prof-vap]service-vlan vlan-id 100 //绑定VLAN业务
Info: This operation may take a few seconds, please wait.done.
[AC1-wlan-vap-prof-vap]security-profile secur //安全模板
Info: This operation may take a few seconds, please wait.done.
[AC1-wlan-vap-prof-vap]ssid-profile ssid //ssid模板
Info: This operation may take a few seconds, please wait.done.
[AC1-wlan-vap-prof-vap]q
[AC1-wlan-view]
//配置AP组引用VAP模板,AP上射频0使用VAP模板的配置,因为实验中只有一个AP,所以使用射频0。
[AC1-wlan-view]ap-group name ap
[AC1-wlan-ap-group-ap]vap-profile vap wlan 1 radio 0
Info: This operation may take a few seconds, please wait...done.
[AC1-wlan-ap-group-ap]q
[AC1-wlan-view]
配置结束,使用display vap all查看
STA1/Cellphone1
可以看到设置好的vap,输入密码ensp8888连接
连接成功后
到这里就算基本完成了wlan的一些配置。
397
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
