WLAN实验

您所在的位置：网站首页 › 财务AP AC › WLAN实验

WLAN实验

2024-06-02 16:27| 来源: 网络整理| 查看: 265

实验拓扑：

数据

配置

AP管理VLAN

VLAN100

AP所在VLANVLAN10

STA业务VLAN

VLAN101

与路由器互联接口

VLAN102：10.0.2.1/24

DHCP服务器

AC作为DHCP服务器为AP分配IP地址

汇聚交换机LSW1作为DHCP服务器为STA分配IP地址，STA的默认网关为10.0.1.1

AP的IP地址池

192.168.1.2～192.168.1.254/24

STA的IP地址池

10.0.1.2～10.0.1.254/24

AC的源接口IP地址

VLANIF100：192.168.100.254/24

AP组

名称：ap-group1；引用模板：VAP模板wlan-net、域管理模板

域管理模板

名称：default

国家码：中国

SSID模板

名称：wlan-net

SSID名称：wlan-net

安全模板

名称：wlan-net

安全策略：WPA-WPA2+PSK+AES

密码：a1234567

VAP模板

名称：wlan-net

转发模式：直接转发

业务VLAN：VLAN101

引用模板：SSID模板wlan-net、安全模板wlan-net

业务需求：

1.组网方式：三层组网

2.AC连接方式：旁挂组网

3.AC作为DHCP服务器为AP分配IP地址

4.LSW1作为DHCP服务器为STA分配IP地址

5.业务数据转发方式：直接转发

配置思路：

一、配置AP、AC和周边网络设备之间实现网络互通

二、配置AP上线。

1.创建AP组，用于将需要进行相同配置的AP都加入到AP组，实现统一配置。

2.配置AC的系统参数，包括国家码、AC与AP之间通信的源接口。

3.配置AP上线的认证方式并离线导入AP，实现AP正常上线。

三、配置WLAN业务参数，实现STA访问WLAN网络功能。

配置步骤：一.配置AP、AC和周边网络设备之间实现网络互通 1.LSW1、LSW2、AC创建对应VLAN及接口

LSW1配置：

vlan batch 10 100 101 102 interface Vlanif10 ip address 192.168.10.1 255.255.255.0 dhcp select relay dhcp relay server-ip 192.168.100.254 # interface Vlanif100 ip address 192.168.100.1 255.255.255.0 # interface Vlanif101 ip address 10.0.1.1 255.255.255.0 dhcp select global # interface Vlanif102 ip address 10.0.2.1 255.255.255.0 # interface MEth0/0/1 # interface GigabitEthernet0/0/1 port link-type trunk port trunk pvid vlan 102 port trunk allow-pass vlan 102 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 10 101 # interface GigabitEthernet0/0/3 port link-type trunk port trunk allow-pass vlan 100 #

LSW2配置：

vlan batch 10 101 interface Ethernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 101 # interface Ethernet0/0/2 port link-type trunk port trunk pvid vlan 10 port trunk allow-pass vlan 10 101 # interface Ethernet0/0/3 port link-type trunk port trunk pvid vlan 10 port trunk allow-pass vlan 10 101 #

AC配置

vlan batch 100 interface Vlanif100 ip address 192.168.100.254 255.255.255.0 interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 100

R1配置

interface Ethernet0/0/0 ip address 10.0.2.2 255.255.255.0 ip route-static 0.0.0.0 0.0.0.0 10.0.2.1 2.DHCP配置

AC配置

dhcp enable ip pool ap gateway-list 192.168.10.1 network 192.168.10.0 mask 255.255.255.0 option 43 sub-option 3 ascii 192.168.100.254 interface Vlanif100 dhcp select global ip route-static 0.0.0.0 0 192.168.100.1

LSW1配置

dhcp enable ip pool sta gateway-list 10.0.1.1 network 10.0.1.0 mask 255.255.255.0 interface Vlanif10 dhcp select relay dhcp relay server-ip 192.168.100.254 interface Vlanif101 dhcp select global ip route-static 0.0.0.0 0 192.168.100.1

3.结果验证

两个AP分别由DHCP分配到了192.168.10.78、192.168.10.248的ip地址：

二.配置AP上线 1.在AC上创建AP组 [AC] wlan [AC-wlan-view] ap-group name ap-group1 [AC-wlan-ap-group-ap-group1] quit 2.创建域管理模板，并配置AC的国家码。 AC-wlan-view] regulatory-domain-profile name default [AC-wlan-regulate-domain-default] country-code cn [AC-wlan-regulate-domain-default] quit [AC-wlan-view] ap-group name ap-group1 [AC-wlan-ap-group-ap-group1] regulatory-domain-profile default Warning: Modifying the country code will clear channel, power and antenna gain configurations of the radio and reset the AP. Continue?[Y/N]:y 3.配置AC的源接口。 [AC] capwap source interface vlanif 100 4、在AC上离线导入AP。 [AC] wlan [AC-wlan-view] ap auth-mode mac-auth [AC-wlan-view] ap-id 0 ap-mac 00e0-fcc1-1ff0 [AC-wlan-ap-0] ap-name area_1 Warning: This operation may cause AP reset. Continue? [Y/N]:y [AC-wlan-ap-0] ap-group ap-group1 Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configurations of the radio, Whether to continue? [Y/N]:y [AC-wlan-view] ap-id 1 ap-mac 00e0-fc6d-2fb0 [AC-wlan-ap-0] ap-name area_2 Warning: This operation may cause AP reset. Continue? [Y/N]:y [AC-wlan-ap-0] ap-group ap-group1 Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configurations of the radio, Whether to continue? [Y/N]:y 注：ap-mac可通过在AP上执行'dis interface Vlanif 1'查看，和本实验的mac地址是不一样的。 5.查看AP上线

dis ap all Info: This operation may take a few seconds. Please wait for a moment.done. Total AP information: nor : normal [2] -------------------------------------------------------------------------------- ---------------- ID MAC Name Group IP Type State STA Up time -------------------------------------------------------------------------------- ---------------- 0 00e0-fcc1-1ff0 area_1 ap-group1 192.168.10.78 AP2050DN nor 0 24 M:19S 1 00e0-fc6d-2fb0 area_2 ap-group1 192.168.10.248 AP2050DN nor 0 24 M:26S -------------------------------------------------------------------------------- ---------------- Total: 2

三、配置WLAN业务参数，实现STA访问WLAN网络功能。 1、创建名为“wlan-net”的安全模板，并配置安全策略。 [AC-wlan-view] security-profile name wlan-net [AC-wlan-sec-prof-wlan-net] security wpa-wpa2 psk pass-phrase a1234567 aes [AC-wlan-sec-prof-wlan-net] quit 2、创建名为“wlan-net”的SSID模板，并配置SSID名称为“wlan-net”。 [AC-wlan-view] ssid-profile name wlan-net [AC-wlan-ssid-prof-wlan-net] ssid wlan-net [AC-wlan-ssid-prof-wlan-net] quit 3、创建名为“wlan-net”的VAP模板，配置业务数据转发模式、业务VLAN，并且引用安全模板和SSID模板。 [AC-wlan-view] vap-profile name wlan-net [AC-wlan-vap-prof-wlan-net] forward-mode direct-forward [AC-wlan-vap-prof-wlan-net] service-vlan vlan-id 101 [AC-wlan-vap-prof-wlan-net] security-profile wlan-net [AC-wlan-vap-prof-wlan-net] ssid-profile wlan-net [AC-wlan-vap-prof-wlan-net] quit 4、配置AP组引用VAP模板，AP上射频0使用VAP模板“wlan-net”的配置。 [AC-wlan-view] ap-group name ap-group1 [AC-wlan-ap-group-ap-group1] vap-profile wlan-net wlan 1 radio 0 [AC-wlan-ap-group-ap-group1] quit 5、查看VAP模板信息

WLAN业务配置会自动下发给AP，配置完成后，通过执行命令display vap ssid wlan-net查看如下信息，当“Status”项显示为“ON”时，表示AP对应的射频上的VAP已创建成功。

Info: This operation may take a few seconds, please wait. WID : WLAN ID ----------------------------------------------------------------------------- AP ID AP name RfID WID BSSID Status Auth type STA SSID ----------------------------------------------------------------------------- 0 area_1 0 1 00E0-FCC1-1FF0 ON WPA/WPA2-PSK 0 wlan-net 1 area_2 0 1 00E0-FC6D-2FB0 ON WPA/WPA2-PSK 0 wlan-net ----------------------------------------------------------------------------- Total: 2

此时AP附近出现了无线信号圈