1、区域无线AP与AC通信,拓扑如下:
2、交换机配置如下:
<Huawei> <Huawei>sys Enter system view, return user view with Ctrl+Z. [Huawei]sysname sw1 [sw1]un info eb Sep 13 2023 09:55:31-08:00 sw1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25 .191.3.1 configurations have been changed. The current change number is 4, the c hange loop count is 0, and the maximum number of records is 4095 Info: Information center is disabled. [sw1]un in en Info: Information center is disabled. [sw1]vlan batch 100 101 #批量创建vlan Info: This operation may take a few seconds. Please wait for a moment...done. [sw1]inter Vlan [sw1]inter Vlanif 100 #创建网关 [sw1-Vlanif100]ip add 10.1.100.254 24 [sw1-Vlanif100]description TO-AP-GL #表示vlan100的用途 [sw1-Vlanif100]quit [sw1]inter Vlanif 101 [sw1-Vlanif101]ip add 10.1.101.254 24 [sw1-Vlanif101]des [sw1-Vlanif101]description TO-AP [sw1-Vlanif101]quit [sw1]dhcp enable #全局开启DHCP服务 Info: The operation may take a few seconds. Please wait for a moment.done. [sw1]ip pool AP-GL #地址池命令 Info:It's successful to create an IP address pool. [sw1-ip-pool-ap-gl]ga [sw1-ip-pool-ap-gl]gateway-list 10.1.100.254 #配置网关 地址池范围 [sw1-ip-pool-ap-gl]network 10.1.100.0 mask 24 [sw1-ip-pool-ap-gl]quit [sw1]inter Vl [sw1]inter Vlanif 100 [sw1-Vlanif100]dhcp select global #全局地址池给DHCP客户端使用 [sw1-Vlanif100]quit [sw1]ip pool AP Info:It's successful to create an IP address pool. [sw1-ip-pool-ap]gateway-list 10.1.101.254 [sw1-ip-pool-ap]network 10.1.101.0 mask 24 [sw1-ip-pool-ap]dns-list 114.114.114.114 [sw1-ip-pool-ap]dns-list 8.8.8.8 [sw1-ip-pool-ap]quit [sw1]interface Vlanif 101 [sw1-Vlanif101]dhcp select global [sw1-Vlanif101]quit [sw1]quit <sw1>sys
sw1的接口配置
Enter system view, return user view with Ctrl+Z. [sw1]inter GigabitEthernet 0/0/2 [sw1-GigabitEthernet0/0/2]port link-type trunk [sw1-GigabitEthernet0/0/2]port trunk allow-pass vlan 100 101 [sw1-GigabitEthernet0/0/2]quit [sw1]dis this # sysname sw1 # undo info-center enable # vlan batch 100 to 101 # cluster enable ntdp enable ndp enable # drop illegal-mac alarm # dhcp enable # return [sw1]
sw2的接口配置
[sw2]inter Eth 0/0/1 [sw2-Ethernet0/0/1]port link-type trunk [sw2-Ethernet0/0/1]port trunk allow-pass vlan 100 to 101 [sw2-Ethernet0/0/1]quit [sw2]inter Eth 0/0/2 [sw2-Ethernet0/0/2]port link-type trunk [sw2-Ethernet0/0/2]port trunk allow-pass vlan 100 to 101 [sw2-Ethernet0/0/2]quit [sw2]inter Eth 0/0/3 [sw2-Ethernet0/0/3]port link-type trunk [sw2-Ethernet0/0/3]port trunk allow-pass vlan 100 to 101 [sw2-Ethernet0/0/3]quit [sw2]quit
无线AC的配置
The device is running! <AC6005>sys Enter system view, return user view with Ctrl+Z. [AC6005]un in en Info: Information center is disabled. [AC6005]sysname AC [AC]vlan batch 100 101 Info: This operation may take a few seconds. Please wait for a moment...done. [AC]inter G [AC]inter GigabitEthernet 0/0/1 [AC-GigabitEthernet0/0/1]port link-type trunk [AC-GigabitEthernet0/0/1]port trunk allow-pass vlan 100 101 [AC-GigabitEthernet0/0/1]quit [AC]inter v [AC]inter Vlanif 100 [AC-Vlanif100]ip add 10.1.100.253 24 [AC-Vlanif100]quit [AC]inter Vlanif 101 [AC-Vlanif101]ip add 10.10.101.253 24 [AC-Vlanif101]quit [AC]ping 10.1.100.254 PING 10.1.100.254: 56 data bytes, press CTRL_C to break Reply from 10.1.100.254: bytes=56 Sequence=1 ttl=255 time=70 ms Reply from 10.1.100.254: bytes=56 Sequence=2 ttl=255 time=40 ms Reply from 10.1.100.254: bytes=56 Sequence=3 ttl=255 time=10 ms --- 10.1.100.254 ping statistics --- 3 packet(s) transmitted 3 packet(s) received 0.00% packet loss round-trip min/avg/max = 10/40/70 ms [AC]
AP连接AC认证-采用MAC认证及源地址
[AC]wlan [AC-wlan-view]ap auth [AC-wlan-view]ap auth-mode ? ap认证配置模式选择 mac、sn或者不认证 mac-auth MAC authenticated mode, default authenticated mode no-auth No authenticated mode sn-auth SN authenticated mode
[AC]capwap source ip-address 10.1.100.253 #配置AC源地址
AP1与AP2 MAC认证
[AC]wlan [AC-wlan-view]ap auth [AC-wlan-view]ap auth-mode ? mac-auth MAC authenticated mode, default authenticated mode no-auth No authenticated mode sn-auth SN authenticated mode [AC-wlan-view]ap auth-mode mac-auth [AC-wlan-view]quit [AC]capwap [AC]capwap sou [AC]capwap source ip-add [AC]capwap source ip-address 10.1.100.253 [AC-wlan-view]ap auth-mode mac-auth [AC-wlan-view]ap-id 1 ap-mac 00E0-FC8F-5AD0 [AC-wlan-ap-1]ap-name AP-1 [AC-wlan-ap-1]quit [AC-wlan-view]ap-id 2 ap-mac 00E0-FC8F-5AD0 Error: AP already exists. [AC-wlan-view]ap-id 2 ap-mac [AC-wlan-view]ap-id 2 ap-mac 00E0-FCEB-4680 [AC-wlan-ap-2]quit [AC-wlan-view]quit [AC]quit <AC>save
查看AP设备
建立AP组将AP1、AP2 加入 组内
<AC>dis capwap configuration #查询capwap情况 --------------------------------------------------------------- Source interface : - Source ip-address : 10.1.100.253 Echo interval(seconds) : 25 Echo times : 6 Control priority(server to client) : 7 Control priority(client to server) : 7 Control-link DTLS encrypt : disable DTLS PSK value : ****** PSK mandatroy match switch : disable Control-link inter-controller DTLS encrypt : disable Inter-controller DTLS PSK value : ****** IPv6 status : disable Message-integrity PSK value : ****** Message-integrity check switch : enable --------------------------------------------------------------- <AC>sys Enter system view, return user view with Ctrl+Z. [AC]wlan [AC-wlan-view]ap-group name ap-group Info: This operation may take a few seconds. Please wait for a moment.done. [AC-wlan-ap-group-ap-group]dis regulatory-domain-profile all ------------------------------------------------------------ Profile name Reference ------------------------------------------------------------ default 2 ------------------------------------------------------------ Total: 1 [AC-wlan-ap-group-ap-group]dis regulatory-domain-profile name default ------------------------------------------------------------ Profile name : default Country code : CN 2.4G dca channel-set : 1,6,11 5G dca bandwidth : 20mhz 5G dca channel-set : 149,153,157,161,165 Wideband switch : disable ------------------------------------------------------------ [AC-wlan-ap-group-ap-group]regu [AC-wlan-ap-group-ap-group]regulatory-domain-profile default Warning: Modifying the country code will clear channel, power and antenna gain c onfigurations of the radio and reset the AP. Continue?[Y/N]:y [AC-wlan-ap-group-ap-group]quit [AC-wlan-view]ap-name Ap [AC-wlan-view]ap-name Ap- [AC-wlan-view]ap-name Ap-1 Error: The AP does not exist. [AC-wlan-view]ap-id 1 ap-mac [AC-wlan-view]ap-id 1 ap-mac 00E0 [AC-wlan-view]ap-id 1 ap-mac 00E0-FC8F-5AD0 [AC-wlan-ap-1]ap-group ap-gr [AC-wlan-ap-1]ap-group ap-group Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configurations of the radio, Whether to c ontinue? [Y/N]:y Info: This operation may take a few seconds. Please wait for a moment.. done. [AC-wlan-ap-1]quit [AC-wlan-view]dis ap all Info: This operation may take a few seconds. Please wait for a moment.done. Total AP information: idle : idle [2] -------------------------------------------------------------------------------- ID MAC Name Group IP Type State STA Uptime -------------------------------------------------------------------------------- 1 00e0-fc8f-5ad0 AP-1 ap-group - - idle 0 - 2 00e0-fceb-4680 AP-2 default - - idle 0 - -------------------------------------------------------------------------------- Total: 2 [AC-wlan-view]ap-id 2 ap-mac 00E0-FCEB-4680 [AC-wlan-ap-2]ap-group ap-group Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configurations of the radio, Whether to c ontinue? [Y/N]:y Info: This operation may take a few seconds. Please wait for a moment.. done. [AC-wlan-ap-2]quit [AC-wlan-view]dis ap all Info: This operation may take a few seconds. Please wait for a moment.done. Total AP information: idle : idle [2] -------------------------------------------------------------------------------- ID MAC Name Group IP Type State STA Uptime -------------------------------------------------------------------------------- 1 00e0-fc8f-5ad0 AP-1 ap-group - - idle 0 - 2 00e0-fceb-4680 AP-2 ap-group - - idle 0 - -------------------------------------------------------------------------------- Total: 2 [AC-wlan-view]
AP-1、AP-2 都已加入组内 ap-group