拓扑图:
1、创建管理VLAN与AP管理VLAN、终端接入VLAN、配置管理VLAN IP地址
设备管理VLAN 56、AP管理VLAN 101、终端接入VLAN 10
AC、HeXin、JieRu。(创建VLAN)
[H3C]vlan 101
[H3C-vlan101]description AP-vlan
[H3C]vlan 56
[H3C-vlan56]description GuanLi-vlan
[H3C]vlan 10
[H3C-vlan10]description Terminal-vlan
AC、HeXin、JieRu。(设备管理IP)
[AC]interface Vlan-interface 56
[AC-Vlan-interface56]ip add 192.168.56.11 24
[HeXin]interface Vlan-interface 56
[HeXin-Vlan-interface56]ip add 192.168.56.10 24
[JieRu]interface Vlan-interface 56
[JieRu-Vlan-interface56]ip add 192.168.56.12 24
核心上配置终端接入VLAN网关和AP管理VLAN网关
[HeXin]interface Vlan-interface 10
[HeXin-Vlan-interface10]ip address 192.168.10.1 24
[HeXin]interface Vlan-interface 101
[HeXin-Vlan-interface101]ip address 192.168.101.1 24
2、核心上配置DHCP,AP管理VLAN、终端接入VLAN
终端接入获取的上网IP
[HeXin]dhcp enable
[HeXin]dhcp server ip-pool Terminal-vlan
[HeXin-dhcp-pool-Terminal-vlan]gateway-list 192.168.10.1
[HeXin-dhcp-pool-Terminal-vlan]network 192.168.10.0 mask 255.255.255.0
[HeXin-dhcp-pool-Terminal-vlan]dns-list 8.8.8.8
[HeXin-dhcp-pool-Terminal-vlan]expired day 0 hour 8 minute 0 second 0
[HeXin-dhcp-pool-Terminal-vlan]forbidden-ip 192.168.10.1
[HeXin-dhcp-pool-Terminal-vlan]quit
AP获取的管理IP
[HeXin]dhcp server ip-pool AP-GuanLi
[HeXin-dhcp-pool-AP-GuanLi]gateway-list 192.168.101.1
[HeXin-dhcp-pool-AP-GuanLi]network 192.168.101.0 mask 255.255.255.0
[HeXin-dhcp-pool-AP-GuanLi]forbidden-ip 192.168.101.13、配置交换机的接口为trunk口允许VLAN通行
通常接口配置是:port trunk permit vlan 2-4094
下面的配置只是为了方便,这样做配置对以后添加新VLAN不方便,
AC(配置连接核心交换机端口)
[AC]interface GigabitEthernet 1/0/0
[AC-GigabitEthernet1/0/0]port link-type trunk
[AC-GigabitEthernet1/0/0]port trunk permit vlan 10 56 101
[AC-GigabitEthernet1/0/0]undo port trunk permit vlan 1
HeXin(配置AC和接入的对接端口)
[HeXin]interface GigabitEthernet 1/0/1
[HeXin-GigabitEthernet1/0/1]port link-type trunk
[HeXin-GigabitEthernet1/0/1]port trunk permit vlan 10 56 101
[HeXin-GigabitEthernet1/0/1]undo port trunk permit vlan 1
[HeXin-GigabitEthernet1/0/1]quit
[HeXin]interface GigabitEthernet 1/0/2
[HeXin-GigabitEthernet1/0/2]port link-type trunk
[HeXin-GigabitEthernet1/0/2]port trunk permit vlan 10 56 101
[HeXin-GigabitEthernet1/0/2]undo port trunk permit vlan 1
JieRu(配置上联端口、将AP加入到AP管理VLAN)
[JieRu]interface GigabitEthernet 1/0/1
[JieRu-GigabitEthernet1/0/1]port link-type trunk
[JieRu-GigabitEthernet1/0/1]port trunk permit vlan 10 56 101
[JieRu-GigabitEthernet1/0/1]undo port trunk permit vlan 1
[JieRu-GigabitEthernet1/0/1]quit
将AP加入到AP管理VLAN,将所有AP加入到AP管理VLAN中
[JieRu]interface GigabitEthernet 1/0/2
[JieRu-GigabitEthernet1/0/2]poe enable(开启POE供电,给无线AP供电)
[JieRu-GigabitEthernet1/0/2]port access vlan 101
[JieRu]interface GigabitEthernet 1/0/3
[JieRu-GigabitEthernet1/0/3]poe enable(这条命令在真机上需要输入,模拟器上不用)
[JieRu-GigabitEthernet1/0/3]port access vlan 1014、配置路由
将路由指向核心交换机
JieRu
[JieRu]ip route-static 0.0.0.0 0.0.0.0 192.168.56.10
AC
[AC]ip route-static 0.0.0.0 0.0.0.0 192.168.56.105、配置AC
5.1、配置AP管理同网段IP地址
在AC上配置一个和AP管理VLAN同网段的IP地址,AP获取到IP地址后可以访问到AC
[AC]interface Vlan-interface 101
[AC-Vlan-interface101]ip address 192.168.101.250 255.255.255.05.2、配置AP自动上线
配置AP自动上线
[AC] wlan auto-ap enable 开启自动AP功能
[AC] wlan auto-persistent enable 开启自动AP自动固化功能5.3、创建无线服务模板
模拟器服务模板(因为模拟器的终端不能输入密码连接WiFi)
[AC]wlan service-template wuxian-1
[AC-wlan-st-wuxian-1]ssid ceshi-1
[AC-wlan-st-wuxian-1]service-template enable
真实机设备服务模板
[AC]wlan service-template wuxian
[AC-wlan-st-wuxian]ssid ceshi
[AC-wlan-st-wuxian]akm mode psk
[AC-wlan-st-wuxian]preshared-key pass-phrase simple h3c@123.com
[AC-wlan-st-wuxian]cipher-suite ccmp
[AC-wlan-st-wuxian]security-ie rsn
[AC-wlan-st-wuxian]service-template enable 5.4、创建AP绑定服务模板并启动射频
wlan ap 3034-5d38-0400 model WA6320-HCL
serial-id H3C_30-34-5D-38-04-00
vlan 1
radio 1
radio enable
service-template wuxian-1 vlan 10
radio 2
gigabitethernet 1
