python自动化管理和zabbix监控网络设备（无线AC控制瘦ap配置部分）

前言

拓扑

一、AC-SW1

二、AC1

三、SW1-6

前言

具体原理和操作可以访问我的主页视频

白帽小丑的个人空间-白帽小丑个人主页-哔哩哔哩视频

拓扑

一、AC-SW1

sys
sysname AC-SW1
vlan batch 100 200 210 220 230 240 250


stp region-configuration 
region-name huawei
revision-level 1
instance 3 vlan 200 210 220
instance 4 vlan 230 240 250
instance 5 vlan 100
active region-configuration
q

interface gi0/0/1
port link-type trunk
port trunk allow-pass vlan all

interface gi0/0/2
port link-type trunk
port trunk allow-pass vlan all

interface gi0/0/3
port link-type trunk
port trunk allow-pass vlan all

二、AC1

sys
sysname AC1
vlan batch 100 200 210 220 230 240 250


stp region-configuration 
region-name huawei
revision-level 1
instance 3 vlan 200 210 220
instance 4 vlan 230 240 250
instance 5 vlan 100
active region-configuration
q


interface Vlanif 200
ip address 172.200.1.253 23


interface Vlanif 210
ip address 172.210.3.253 23


interface Vlanif 220
ip address 172.220.5.253 23


interface Vlanif 230
ip address 172.230.7.253 23


interface Vlanif 240
ip address 172.240.9.253 23


interface Vlanif 250
ip address 172.250.11.253 23


interface Vlanif 100
ip address 192.168.100.253 24

inter gi0/0/1
port link trun
port trun a vlan all
quit


wlan
ap auth-mode no-auth
quit
capwap source ip-address 192.168.100.253


wlan
ap-mac 00e0-fc21-40b0
ap-name RA1_AP

ap-mac 00e0-fc70-64c0
ap-name RA2_AP

ap-mac 00e0-fc37-3860
ap-name HL_AP

ap-mac 00e0-fcab-0a90
ap-name CF_AP

ap-mac 00e0-fc7f-5cc0
ap-name DI_AP

ap-mac 00e0-fc19-4ff0
ap-name ET_AP


wlan
ap-group name RA1
regulatory-domain-profile defualt
Y
ap-group name RA2
regulatory-domain-profile defualt
Y
ap-group name HL
regulatory-domain-profile defualt
Y
ap-group name CF
regulatory-domain-profile defualt
Y
ap-group name DI
regulatory-domain-profile defualt
Y
ap-group name ET
regulatory-domain-profile defualt
Y


ap-name RA1_AP
ap-group RA1
Y
quit

ap-name RA2_AP
ap-group RA2
Y
quit

ap-name HL_AP
ap-group HL
Y
quit

ap-name CF_AP
ap-group CF
Y
quit

ap-name DI_AP
ap-group DI
Y
quit

ap-name ET_AP
ap-group ET
Y
quit


#RA1调优
wlan
security-profile name RA1
security wpa2 psk pass-phrase Aa1bB2Cc3 aes
quit

wlan
ssid-profile name Room_Area1
ssid Room_Area1
quit

wlan
vap-profile name Room_Area1
security-profile RA1
ssid-profile Room_Area1
forward-mode tunnel
service-vlan vlan-id 200
quit

#开启4G和5G频段

wlan
ap-name RA1_AP
vap-profile Room_Area1 wlan 1 radio 0
vap-profile Room_Area1 wlan 1 radio 1

quit





wlan
security-profile name RA2_AP
security wpa2 psk pass-phrase De4FgH5iJ aes
quit

wlan
ssid-profile name Room_Area2
ssid Room_Area2
quit

wlan
vap-profile name Room_Area2
security-profile RA2
ssid-profile Room_Area2
forward-mode tunnel
service-vlan vlan-id 210
quit

开启4G和5G频段

wlan
ap-name RA2_AP
vap-profile Room_Area2 wlan 1 radio 0
vap-profile Room_Area2 wlan 1 radio 1

quit


HL_AP

wlan
security-profile name HL_AP
security wpa2 psk pass-phrase K6lLmNo7P aes
quit

wlan
ssid-profile name Hotel_Lobby
ssid Hotel_Lobby
quit

wlan
vap-profile name Hotel_Lobby
security-profile HL_AP
ssid-profile Hotel_Lobby
forward-mode tunnel
service-vlan vlan-id 220
quit

开启4G和5G频段


wlan
ap-name HL_AP
vap-profile Hotel_Lobby wlan 1 radio 0
vap-profile Hotel_Lobby wlan 1 radio 1

quit


流量限速，上行和下行限速为3M
traffic-profile name wlan-traffic-HL_AP
rate-limit client down 3000     
rate-limit client up 3000
vap-profile name HL_AP
traffic-profile wlan-traffic-HL_AP

禁止低速率
ap-name HL_AP
radio-2g-profile name 0
dot11bg basic-rate 6 9 
ap-name HL_AP
radio-5g-profile name 0
dot11a basic-rate 6 9 
q

CF_AP

wlan
security-profile name CF_AP
security wpa2 psk pass-phrase Qr8sT9uUv aes
quit

wlan
ssid-profile name Conference
ssid Conference
quit

wlan
vap-profile name Conference
security-profile CF_AP
ssid-profile Conference
forward-mode tunnel
service-vlan vlan-id 230
quit

开启4G和5G频段

wlan
ap-name CF_AP
vap-profile Conference wlan 1 radio 0
vap-profile Conference wlan 1 radio 1

quit


流量限速，上行和下行限速为3M
traffic-profile name wlan-traffic-CF_AP
rate-limit client down 3000     
rate-limit client up 3000
vap-profile name CF_AP
traffic-profile wlan-traffic-CF_AP

禁止低速率
ap-name CF_AP
radio-2g-profile name 0
dot11bg basic-rate 6 9 
ap-name CF_AP
radio-5g-profile name 0
dot11a basic-rate 6 9 

DI_AP
wlan
security-profile name DI_AP
security wpa2 psk pass-phrase Wx5Yz6A7B aes
quit

wlan
ssid-profile name Dining
ssid Dining
quit

wlan
vap-profile name Dining
security-profile DI_AP
ssid-profile Dining
forward-mode tunnel
service-vlan vlan-id 240
quit

开启4G和5G频段

wlan
ap-name DI_AP
vap-profile Dining wlan 1 radio 0
vap-profile Dining wlan 1 radio 1

quit


流量限速，上行和下行限速为3M
traffic-profile name wlan-traffic-DI_AP
rate-limit client down 3000     
rate-limit client up 3000
vap-profile name DI_AP
traffic-profile wlan-traffic-DI_AP

禁止低速率
ap-name DI_AP
radio-2g-profile name 0
dot11bg basic-rate 6 9 
ap-name DI_AP
radio-5g-profile name 0
dot11a basic-rate 6 9 
q

ET_AP
wlan
security-profile name ET_AP
security wpa2 psk pass-phrase Wx5Yz6A7B aes
quit

wlan
ssid-profile name Entertainment
ssid Entertainment
quit

wlan
vap-profile name Entertainment
security-profile ET_AP
ssid-profile Entertainment
forward-mode tunnel
service-vlan vlan-id 250
quit

开启4G和5G频段

wlan
ap-name ET_AP
vap-profile Entertainment wlan 1 radio 0
vap-profile Entertainment wlan 1 radio 1

quit


流量限速，上行和下行限速为3M
traffic-profile name wlan-traffic-ET_AP
rate-limit client down 3000     
rate-limit client up 3000
vap-profile name ET_AP
traffic-profile wlan-traffic-ET_AP

禁止低速率
ap-name ET_AP
radio-2g-profile name 0
dot11bg basic-rate 6 9 
ap-name ET_AP
radio-5g-profile name 0
dot11a basic-rate 6 9 
q

三、SW1-6

SW1

system-view
sysname SW1
vlan batch 10 100 200

  inter gi0/0/1
  port link-type trunk
  port trunk allow-pass vlan 10 100 200
  quit

  inter gi0/0/2
  port link-type trunk
  port trunk allow-pass vlan 10 100 200
  quit

  inter gi0/0/3
  port link-type access
  port default vlan 10
  quit


stp region-configuration 
region-name huawei
revision-level 1
instance 1 vlan 10 20 30
instance 2 vlan 40 50 60
instance 3 vlan 200 210 220
instance 4 vlan 230 240 250
instance 5 vlan 100
active region-configuration
q

vlan 200
interface g 0/0/4
port link-type trunk
port trunk allow vlan 100 200
port trunk pvid vlan 100
q

SW2

system-view
sysname SW2
vlan batch 20 100 210

  inter gi0/0/1
  port link-type trunk
  port trunk allow-pass vlan 20 100 210
  quit

  inter gi0/0/2
  port link-type trunk
  port trunk allow-pass vlan 20 100 210
  quit

  inter gi0/0/3
  port link-type access
  port default vlan 20
  quit

stp region-configuration 
region-name huawei
revision-level 1
instance 1 vlan 10 20 30
instance 2 vlan 40 50 60
instance 3 vlan 200 210 220
instance 4 vlan 230 240 250
instance 5 vlan 100
active region-configuration
q

interface g 0/0/4
port link-type trunk
port trunk allow vlan 100 210
port trunk pvid vlan 100
q

SW3

system-view
sysname SW3
vlan batch 30 100 220

  inter gi0/0/1
  port link-type trunk
  port trunk allow-pass vlan 30 100 220
  quit

  inter gi0/0/2
  port link-type trunk
  port trunk allow-pass vlan 30 100 220
  quit

  inter gi0/0/3
  port link-type access
  port default vlan 30
  quit

stp region-configuration 
region-name huawei
revision-level 1
instance 1 vlan 10 20 30
instance 2 vlan 40 50 60
instance 3 vlan 200 210 220
instance 4 vlan 230 240 250
instance 5 vlan 100
active region-configuration
q

interface g 0/0/4
port link-type trunk
port trunk allow vlan 100 220
port trunk pvid vlan 100
q

SW4

system-view
sysname SW4
vlan batch 40 100 230

  inter gi0/0/1
  port link-type trunk
  port trunk allow-pass vlan 40 100 230
  quit

  inter gi0/0/2
  port link-type trunk
  port trunk allow-pass vlan 40 100 230
  quit

  inter gi0/0/3
  port link-type access
  port default vlan 40
  quit

stp region-configuration 
region-name huawei
revision-level 1
instance 1 vlan 10 20 30
instance 2 vlan 40 50 60
instance 3 vlan 200 210 220
instance 4 vlan 230 240 250
instance 5 vlan 100
active region-configuration
q

interface g 0/0/4
port link-type trunk
port trunk allow vlan 100 230
port trunk pvid vlan 100
q

SW5

system-view
sysname SW5
vlan batch 50 100 240

  inter gi0/0/1
  port link-type trunk
  port trunk allow-pass vlan 50 100 240
  quit

  inter gi0/0/2
  port link-type trunk
  port trunk allow-pass vlan 50 100 240
  quit

  inter gi0/0/3
  port link-type access
  port default vlan 50
  quit

stp region-configuration 
region-name huawei
revision-level 1
instance 1 vlan 10 20 30
instance 2 vlan 40 50 60
instance 3 vlan 200 210 220
instance 4 vlan 230 240 250
instance 5 vlan 100
active region-configuration
q

interface g 0/0/4
port link-type trunk
port trunk allow vlan 100 240
port trunk pvid vlan 100
q

SW6

system-view
sysname SW6
vlan batch 60 100 250

  inter gi0/0/1
  port link-type trunk
  port trunk allow-pass vlan 60 100 250
  quit

  inter gi0/0/2
  port link-type trunk
  port trunk allow-pass vlan 60 100 250
  quit

  inter gi0/0/3
  port link-type access
  port default vlan 60
  quit

stp region-configuration 
region-name huawei
revision-level 1
instance 1 vlan 10 20 30
instance 2 vlan 40 50 60
instance 3 vlan 200 210 220
instance 4 vlan 230 240 250
instance 5 vlan 100
active region-configuration
q

interface g 0/0/4
port link-type trunk
port trunk allow vlan 100 250
port trunk pvid vlan 100
q