拓扑图
一、配置DHCP地址池
[AC6005]
[AC6005]int vlan1
[AC6005-Vlanif1]dhcp select global
[AC6005-Vlanif1]q
[AC6005]ip pool vlan_10
Info: It is successful to create an IP address pool.
[AC6005-ip-pool-vlan_10]network 192.168.10.0 mask 24
[AC6005-ip-pool-vlan_10]gateway-list 192.168.10.100
[AC6005-ip-pool-vlan_10]q
[AC6005]
[AC6005]int vlan10
[AC6005-Vlanif10]dhcp select global
[AC6005-Vlanif10]q
二、配置AP上线
[AC6005]capwap source interface vlan 1 #配置VLANIF或Loopback接口为CAPWAP源接口
[AC6005]wlan
[AC6005-wlan-view]ap-group name ap-1 #创建AP组
Info: This operation may take a few seconds. Please wait for a moment.done.
[AC6005-wlan-ap-group-ap-1]ap-id 0 ap-mac 00e0-fcae-2560 #在ac上设置ap的编号,并且把ap的mac绑定在ac上
[AC6005-wlan-ap-0]ap-name area0 #设置名字
[AC6005-wlan-ap-0]ap-group ap-1 #加入到ap-1组里
Warning: This operation may cause AP reset. If the country code changes, it will
clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC6005-wlan-ap-0]
[AC6005-wlan-ap-0]ap-id 2 ap-mac 00e0-fcb0-20c0
[AC6005-wlan-ap-2]ap-name area1
[AC6005-wlan-ap-2]ap-group ap-1
Warning: This operation may cause AP reset. If the country code changes, it will
clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC6005-wlan-view]ap-id 3 ap-mac 00e0-fc37-43a0
[AC6005-wlan-ap-3]ap-name area3
[AC6005-wlan-ap-3]ap-group ap-1
Warning: This operation may cause AP reset. If the country code changes, it will
clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC6005-wlan-ap-3]dis ap all
Info: This operation may take a few seconds. Please wait for a moment.done.
Total AP information:
nor : normal [3]
--------------------------------------------------------------------------------
---------
ID MAC Name Group IP Type State STA Uptime
--------------------------------------------------------------------------------
---------
0 00e0-fcae-2560 area0 ap-1 192.168.1.110 AP2050DN nor 0 4M:30S
2 00e0-fcb0-20c0 area1 ap-1 192.168.1.103 AP2050DN nor 0 2M:55S
3 00e0-fc37-43a0 area3 ap-1 192.168.1.227 AP2050DN nor 0 8S
--------------------------------------------------------------------------------
---------
Total: 3
[AC6005-wlan-ap-3]q
三、配置并关联模板
创建安全模板,设置ssid,设置认证密码
[AC6005-wlan-view]security-profile name lu #创建安全模板lu
[AC6005-wlan-sec-prof-lu]security wpa2 psk pass-phrase a1234567 aes #设置无线认证方式为wpa2,密码存储的加密为aes,密码为12345678
[AC6005-wlan-sec-prof-lu]q
[AC6005-wlan-view]
[AC6005-wlan-view]ssid-profile name xn #创建无线模板xn
[AC6005-wlan-ssid-prof-xn]ssid XFWL #设置对外映射ssid上网无线名字
Info: This operation may take a few seconds, please wait.done.
[AC6005-wlan-ssid-prof-xn]q
- wpa2:IEEE802.11i安全增加功能的产品认证,2004年问世,是IEEE发布的一种新的加密方式,使用AES的加密算法
- psk:预共享密钥(也就是我们常说的密码)
- pass-phrase:通过认证的语句(可以通过授权的密码)
- aes:一种加密算法,密码学中的高级加密算法,美国联邦政府采用的加密标准
创建vap模板,配置业务转发模式,业务vlan,引用安全模板和ssid模板
[AC6005-wlan-view]vap-profile name fw #创建vap模板fw
[AC6005-wlan-vap-prof-fw]security-profile lu #关联安全模板lu
Info: This operation may take a few seconds, please wait.done.
[AC6005-wlan-vap-prof-fw]ssid-profile xn #关联ssid模板
Info: This operation may take a few seconds, please wait.done.
[AC6005-wlan-vap-prof-fw]forward-mode tunnel #设置隧道转发模式
Info: This operation may take a few seconds, please wait.done.
[AC6005-wlan-vap-prof-fw]service-vlan vlan-id 10 #配置转发的业务vlan 10
Info: This operation may take a few seconds, please wait.done.
[AC6005-wlan-vap-prof-fw]q
转发模式
- 直接转发:数据报文不经过ac转发 ,ac压力小,转发效率高,但是不方便集中管理,扩展不灵活
- GRE转发:有线无线融合,不需要经过ac转发数据,ac压力小,转发效率高,部署方便,扩展灵活
- 隧道转发:ac集中转发数据报文,安全性好,集中管理,扩展灵活
关联vap模板
[AC6005-wlan-view]ap-group name ap-1
[AC6005-wlan-ap-group-ap-1]vap-profile fw wlan 1 radio all
Info: This operation may take a few seconds, please wait...done.
[AC6005-wlan-ap-group-ap-1]q
验证结果
实现自动漫游
