华为eNSP 基础企业级WLAN无线局域网配置
![](https://img2023.cnblogs.com/blog/2280763/202302/2280763-20230219153138859-977865419.png)
目标:STA可以扫描并连接到两个ssid,STA可以ping通ip:200.200.200.200
步骤:1 实现AP与AC之间的连通性。
2 在AC上配置与WLAN相关的各项参数
3 把AP加入到AP组中,并配置用户的DHCP
4 配置路由器
实现过程:
(1)实现AP与AC的连通
AC: 配置AC与用户的VLAN,将与核心交换机的接口设置为trunk模式
<AC6005>undo terminal trapping
<AC6005>system-view
[AC6005]vlan 100
[AC6005-vlan100]int vlan 100
[AC6005-Vlanif100]ip add 192.168.100.100 24
[AC6005-Vlanif100]quit
[AC6005]vlan batch 10 20
[AC6005]int g0/0/1
[AC6005-GigabitEthernet0/0/1]port link-type trunk
[AC6005-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[AC6005-GigabitEthernet0/0/1]quit
三层核心交换机:创建并配置AC,AP,以及用户设备的VLAN,配置各个接口,创建AP的DHCP地址池
<Huawei>undo terminal trapping
<Huawei>system-view
[Huawei]vlan batch 10 20 192 100
[Huawei]interface g0/0/1
[Huawei-GigabitEthernet0/0/1]port link-type trunk
[Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[Huawei-GigabitEthernet0/0/1]q
[Huawei]interface vlan 100
[Huawei-Vlanif100]ip address 192.168.100.254 24
[Huawei-Vlanif100]q
[Huawei]interface g0/0/2
[Huawei-GigabitEthernet0/0/2]port link-type trunk
[Huawei-GigabitEthernet0/0/2]port trunk allow-pass vlan all
[Huawei-GigabitEthernet0/0/2]q
[Huawei]interface vlan 192
[Huawei-Vlanif192]ip address 192.168.10.254 24
[Huawei-Vlanif192]q
[Huawei]dhcp enable
[Huawei]ip pool forap
[Huawei-ip-pool-forap]network 192.168.10.0 mask 255.255.255.0
[Huawei-ip-pool-forap]gateway-list 192.168.10.254
[Huawei-ip-pool-forap]option 43 sub-option 2 ip-address 192.168.100.100 #告诉AP在哪个地址向AC发请求下发配置
[Huawei-ip-pool-forap]int vlan 192
[Huawei-Vlanif192]dhcp select global
[Huawei-Vlanif192]q
二层交换机:创建AP的VLAN,配置各个接口
<Huawei>undo terminal trapping
<Huawei>system-view
[Huawei]vlan 192
[Huawei]interface e0/0/3
[Huawei-Ethernet0/0/3]port link-type trunk
[Huawei-Ethernet0/0/3]port trunk allow-pass vlan all
[Huawei-Ethernet0/0/3]q
[Huawei]interface e0/0/1
[Huawei-Ethernet0/0/1]port link-type access
[Huawei-Ethernet0/0/1]port default vlan 192
[Huawei-Ethernet0/0/1]q
[Huawei]interface e0/0/2
[Huawei-Ethernet0/0/2]port link-type access
[Huawei-Ethernet0/0/2]port default vlan 192
[Huawei-Ethernet0/0/2]q
AC: 配置AP与AC相连的静态路由
[AC6005]ip route-static 192.168.10.0 24 192.168.100.254
查看AP的IP地址并查看与AC的连通性:
(2)在AC上配置WLAN相关参数
AC: 配置ssid,security,vap模板
[AC6005]wlan
[AC6005-wlan-view]ssid-profile name ssid-wzr #创建wzr的SSID模板
[AC6005-wlan-ssid-prof-ssid-wzr]ssid wzr
[AC6005-wlan-ssid-prof-ssid-wzr]q
[AC6005-wlan-view]security-profile name sec-wzr #创建wzr的安全模板
[AC6005-wlan-sec-prof-sec-wzr]security wpa-wpa2 psk pass-phrase a1234567 aes
[AC6005-wlan-sec-prof-sec-wzr]q
[AC6005-wlan-view]vap-profile name vap-wzr #创建wzr的VAP模板
[AC6005-wlan-vap-prof-vap-wzr]forward-mode tunnel #设置转发模式为集中转发
[AC6005-wlan-vap-prof-vap-wzr]service-vlan vlan-id 10 #SSID的所在VLAN
[AC6005-wlan-vap-prof-vap-wzr]ssid-profile ssid-wzr #关联SSID模板
[AC6005-wlan-vap-prof-vap-wzr]security-profile sec-wzr #关联安全模板
[AC6005-wlan-vap-prof-vap-wzr]q
[AC6005-wlan-view]ssid-profile name ssid-wzr1 #创建wzr1的SSID模板
[AC6005-wlan-ssid-prof-ssid-wzr1]ssid wzr1
[AC6005-wlan-ssid-prof-ssid-wzr1]q
[AC6005-wlan-view]security-profile name sec-wzr1 #创建wzr1的安全模板
[AC6005-wlan-sec-prof-sec-wzr1]security wpa-wpa2 psk pass-phrase b1234567 aes
[AC6005-wlan-sec-prof-sec-wzr1]q
[AC6005-wlan-view]vap-profile name vap-wzr1 #创建wzr1的VAP模板
[AC6005-wlan-vap-prof-vap-wzr1]forward-mode tunnel
[AC6005-wlan-vap-prof-vap-wzr1]service-vlan vlan-id 20
[AC6005-wlan-vap-prof-vap-wzr1]ssid-profile ssid-wzr1
[AC6005-wlan-vap-prof-vap-wzr1]security-profile sec-wzr1
[AC6005-wlan-vap-prof-vap-wzr1]q
(3)把AP加入到AP组中,配置用户的DHCP
AC: 用vap模板将两个ssid加入到AP组中,再通过AP的MAC地址来把AP添加到AC上
[AC6005-wlan-view]ap-group name group-xm #创建AP组
[AC6005-wlan-ap-group-group-xm]vap-profile vap-wzr wlan 1 radio all #设置信号发射频率
[AC6005-wlan-ap-group-group-xm]vap-profile vap-wzr1 wlan 2 radio all
[AC6005-wlan-view]ap auth-mode mac-auth #设置添加AP的方式为添加AP的MAC地址
[AC6005-wlan-view]ap-id 0 ap-mac 00e0-fce9-6440
[AC6005-wlan-ap-0]ap-name ap-wzr #设置AP的名字
[AC6005-wlan-ap-0]ap-group group-xm #设置所要加入的AP组
[AC6005-wlan-ap-0]q
[AC6005-wlan-view]ap-id 1 ap-mac 00e0-fcbf-2cb0
[AC6005-wlan-ap-1]ap-name ap-wzr1
[AC6005-wlan-ap-1]ap-group group-xm
[AC6005-wlan-ap-1]q
[AC6005-wlan-view]q
[AC6005]capwap source interface Vlanif 100 #配置与AP连接的Vlanif接口
三层核心交换机:配置用户的网关及地址池
[Huawei]ip pool forwzr
[Huawei-ip-pool-forwzr]network 172.16.1.0 mask 255.255.255.0
[Huawei-ip-pool-forwzr]gateway-list 172.16.1.254
[Huawei-ip-pool-forwzr]q
[Huawei]interface vlan 10
[Huawei-Vlanif10]dhcp select global
[Huawei-Vlanif10]ip add 172.16.1.254 24
[Huawei-Vlanif10]q
[Huawei]ip pool forwzr1
[Huawei-ip-pool-forwzr1]network 172.16.2.0 mask 255.255.255.0
[Huawei-ip-pool-forwzr1]gateway-list 172.16.2.254
[Huawei-ip-pool-forwzr1]q
[Huawei]int vlan 20
[Huawei-Vlanif20]dhcp select global
[Huawei-Vlanif20]ip add 172.16.2.254 24
[Huawei-Vlanif20]q
查看STA是否能扫描到两个ssid并连接:
(4)配置路由器
AR2: 配置接口及默认路由
<Huawei>undo terminal trapping
<Huawei>system-view
[Huawei]interface g0/0/0
[Huawei-GigabitEthernet0/0/0]ip add 200.200.200.200 24
[Huawei-GigabitEthernet0/0/0]q
[Huawei]ip route-static 0.0.0.0 0.0.0.0 200.200.200.254
[Huawei]q
三层核心交换机:通过VLAN来配置接口
[Huawei]vlan 200
[Huawei-vlan200]int vlan 200
[Huawei-Vlanif200]ip add 200.200.200.254 24
[Huawei-Vlanif200]q
[Huawei]interface g0/0/3
[Huawei-GigabitEthernet0/0/3]port link-type access
[Huawei-GigabitEthernet0/0/3]port default vlan 200
[Huawei-GigabitEthernet0/0/3]q
查看用户STA与路由器的连通性:
至此目标达成!
相关文章
- EasyCVR对接华为iVS订阅摄像机和用户变更请求接口介绍
- 精选 | 腾讯云CDN内容加速场景有哪些?
- 模块化网络防止基于模型的多任务强化学习中的灾难性干扰
- 用搜索和注意力学习稳健的调度方法
- 用于多变量时间序列异常检测的学习图神经网络
- 助力政企自动化自然生长,华为WeAutomate RPA是怎么做到的?
- 使用腾讯轻量云搭建Fiora聊天室
- TSRC安全测试规范
- 云计算“功守道”
- 助力成本优化,腾讯全场景在离线混部系统Caelus正式开源
- Flink 利器:开源平台 StreamX 简介
- 腾讯云实践 | 一图揭秘腾讯碳中和?解决方案
- 深度学习中的轻量级网络架构总结与代码实现
- 信息系统项目管理师(高项复习笔记三)
- Adobe国际认证让科技赋能时尚
- c++该怎么学习(面试吃土记)
- 面试官问发布订阅模式是在问什么?
- 面试官:请实现一个通用函数把 callback 转成 promise
- 空中悬停、翻滚转身、成功着陆,我用强化学习「回收」了SpaceX的火箭
- 中山大学林倞解读视觉语义理解新趋势:从表达学习到知识及因果融合