tft每日頭條

 > 圖文

 > 無線網絡設置全流程

無線網絡設置全流程

圖文 更新时间:2024-11-14 06:44:44
WLAN的基本業務配置流程
  • 創建AP組。
  • 配置網絡互通。
  • 配置AC系統參數。
  • 配置AC為瘦AP下發WLAN業務

無線網絡設置全流程(無線網絡如何配置)1

案例:組建直連式二層無線局域網

無線網絡設置全流程(無線網絡如何配置)2

配置以及參數數據

無線網絡設置全流程(無線網絡如何配置)3

VLAN部署

在交換機以及AC上配置VLAN、Trunk。配置接入交換機S1的G0/0/1-3接口為Trunk接口,并且加入VLAN 100、VLAN 101。

G0/0/1、G0/0/2接口的默認VLAN為VLAN 100,當AP1、AP2加電啟動後會加入VLAN 100,VLAN 100是AP的管理VLAN。G0/0/3接口的默認VLAN保持為默認值VLAN 1

[S1]vlan batch 100 101

[S1]interface gigabitethernet 0/0/1

[S1-GigabitEthernet0/0/1]port link-type trunk

[S1-GigabitEthernet0/0/1]port trunk pvid vlan 100

[S1-GigabitEthernet0/0/1]port trunk allow-pass vlan 100 101

[S1]interface gigabitethernet 0/0/2

[S1-GigabitEthernet0/0/2]port link-type trunk

[S1-GigabitEthernet0/0/2]port trunk pvid vlan 100

[S1-GigabitEthernet0/0/2]port trunk allow-pass vlan 100 101

[S1]interface gigabitethernet 0/0/3

[S1-GigabitEthernet0/0/3]port link-type trunk

[S1-GigabitEthernet0/0/3]port trunk allow-pass vlan 100 101

配置AC的接口G0/0/1加入VLAN 100和VLAN 101,接口G0/0/2加入VLAN 101。

[AC]vlan batch 100 101

[AC]interface gigabitethernet 0/0/1

[AC-GigabitEthernet0/0/1]port link-type trunk

[AC-GigabitEthernet0/0/1]port trunk allow-pass vlan 100 101

[AC-GigabitEthernet0/0/1]quit

[AC]interface gigabitethernet 0/0/2

[AC-GigabitEthernet0/0/2]port link-type trunk

[AC-GigabitEthernet0/0/2]port trunk allow-pass vlan 101

[AC-GigabitEthernet0/0/2]quit

IP地址部署

AC、R1上配置IP地址。在AC上配置VLANIF 100接口、VLANIF 101接口的IP地址。在R1上配置VLAN 101子接口G0/0/0.101的IP地址;創建LoopBack 10接口用于測試,該接口地址也模拟為DNS服務器的地址。

[AC]interface vlanif 100

[AC-Vlanif100]ip address 10.23.100.1 24

[AC]interface vlanif 101

[AC-Vlanif101]ip address 10.23.101.1 24

[R1]interface GigabitEthernet0/0/0.101

[R1-GigabitEthernet0/0/0.101]dot1q termination vid 101

[R1-GigabitEthernet0/0/0.101]ip address 10.23.101.2 255.255.255.0

[R1-GigabitEthernet0/0/0.101]arp broadcast enable

[R1]interface LoopBack 10

[R1-LoopBack10]ip address 10.10.10.10 24

VLAN間路由部署

VLAN間路由是由AC實現,AC、R1上配置合适的路由表,使得全網互通。

[AC]ip route-static 0.0.0.0 0.0.0.0 10.23.101.2

[R1]ip route-static 10.23.100.0 255.255.255.0 10.23.101.1

DHCP服務部署

在AC上部署DHCP,為AP和無線終端提供IP地址。在AC上配置VLANIF 100接口為AP提供IP地址,配置VLANIF 101接口為無線終端(STA)提供IP地址。

[AC]dhcp enable

[AC]interface vlanif 100

[AC-Vlanif100]dhcp select interface

[AC-Vlanif100]quit

[AC]interface vlanif 101

[AC-Vlanif101]dhcp select interface

[AC-Vlanif101]dhcp server excluded-ip-address 10.23.101.2

[AC-Vlanif101]dhcp server dns-list 10.10.10.10[AC-Vlanif101]quit

創建AP組

創建AP組,用于将相同配置的AP都加入同一AP組中。

[AC]wlan[AC-wlan-view]ap-group name ap-group1

創建域管理模闆,在域管理模闆下配置AC的國家碼,并在AP組下引用域管理模闆。

[AC-wlan-view]regulatory-domain-profile name default

[AC-wlan-regulate-domain-default]country-code cn (國家代碼中國cn)

[AC-wlan-regulate-domain-default]quit

[AC-wlan-view]ap-group name ap-group1

[AC-wlan-ap-group-ap-group1]regulatory-domain-profile defaultWarning: Modifying the country code will clear channel, power and antenna gain configurations of the radio and reset the AP. Continue?[Y/N]:y

[AC-wlan-ap-group-ap-group1]quit

AP上線

配置AC的源接口。

[AC]capwap source interface vlanif 100

在AC上離線導入AP1、AP2,AP的ID分别為0和1,并将AP加入AP組“ap-group1”中。假設AP1的MAC地址為ac85-3d92-3340、AP2的MAC地址為ac85-3d92-1b60,并且根據AP的部署位置為AP配置名稱,便于從名稱上就能夠了解AP的部署位置。例如,命名AP1為area_1、AP2為area_2。ap auth-mode用于配置AC對AP的認證模式,命令默認情況下為MAC認證,即通過MAC檢查AP是否合法。

[AC]wlan

[AC-wlan-view]ap auth-mode mac-auth

[AC-wlan-view]ap-id 0 ap-mac ac85-3d92-3340

[AC-wlan-ap-0]ap-name area_1

[AC-wlan-ap-0]ap-group ap-group1Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configurations of the radio, Whether to continue? [Y/N]:y

[AC-wlan-ap-0]quit

将AP上電後,當執行命令查看到AP的“State”字段為“nor”時,表示AP正常上線。AP正常能上線是整個WLAN組網的關鍵一步,如果AP沒有正常上線,請先仔細考慮有線網絡的VLAN、Trunk、VLAN路由、DHCP代理、DHCP服務器是否正确?

[AC-wlan-view]display ap allInfo: This operation may take a few seconds. Please wait for a moment.done.Total AP information:nor : normal [2]------------------------------------------------------------------------ID MAC Name Group IP Type State STA Uptime---------------------------------------------------------------------------------------------0 00e0-fc4f-3de0 area_1 ap-group1 10.23.100.239 AP5030DN nor 1 1H:10M:48S1 00e0-fc3e-2040 area_2 ap-group1 10.23.100.6 AP5030DN nor 1 1H:10M:39S-------------------------Total: 2

配置WLAN業務參數

創建名為“wlan-net”的安全模闆,并配置安全策略,這個安全策略就是STA連接WLAN時要使用的認證方式。例中配置的安全策略為WPA-WPA2 PSK AES,密碼為“a1234567”。

[AC-wlan-view]security-profile name wlan-net

[AC-wlan-sec-prof-wlan-net]security wpa-wpa2 psk pass-phrase a1234567 aes

[AC-wlan-sec-prof-wlan-net]quit

創建名為“wlan-net”的ssid模闆,并配置SSID的名稱為“wlan-net”,SSID就是STA掃描到的無線網絡的名稱。

[AC-wlan-view]ssid-profile name wlan-net

[AC-wlan-ssid-prof-wlan-net]ssid wlan-net

[AC-wlan-ssid-prof-wlan-net]quit

創建名為“wlan-net”的VAP模闆,配置業務數據轉發模式為直接轉發、業務VLAN為VLAN 101,并且引用安全模闆和SSID模闆。

[AC-wlan-view]vap-profile name wlan-net

[AC-wlan-vap-prof-wlan-net]forward-mode direct-forward

[AC-wlan-vap-prof-wlan-net]service-vlan vlan-id 101

[AC-wlan-vap-prof-wlan-net]security-pr

,

更多精彩资讯请关注tft每日頭條,我们将持续为您更新最新资讯!

查看全部

相关圖文资讯推荐

热门圖文资讯推荐

网友关注

Copyright 2023-2024 - www.tftnews.com All Rights Reserved