IP级AC、AP配置实验案例(包含链路聚合、VLAN、DHCP、中继等内容)

由于这个是之前做的实验配置，那我就不过多备注了，直接就发各个交换机的配置了

LSW1：

sysname SW1

undo info-center enable

vlan batch 2 4 6

interface Ethernet0/0/2
port link-type access
port default vlan 6

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 4

interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 4 6

LSW2：

sysname SW2

扫描二维码关注公众号，回复： 14540306 查看本文章

undo info-center enable

vlan batch 2 4 6

interface Ethernet0/0/1
port link-type access
port default vlan 6

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 4 6

interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 4 6

LSW3：

sysname SW3

undo info-center enable

vlan batch 2 4 6

interface Ethernet0/0/1
port link-type access
port default vlan 6

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 4

interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 4 6

LSW4：

sysname SW4

undo info-center enable

vlan batch 3 5 7

interface Ethernet0/0/1
port link-type access
port default vlan 7

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 3 5

interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 3 5 7

LSW5：

sysname SW5

undo info-center enable

vlan batch 3 5 7

interface Ethernet0/0/1
port link-type access
port default vlan 7

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 3 5

interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 3 5 7

LSW6：

sysname SW6

undo info-center enable

vlan batch 8 to 10

interface Eth-Trunk3
port link-type trunk
port trunk allow-pass vlan 8 to 10
mode lacp-static
load-balance src-dst-mac
max active-linknumber 2

interface GigabitEthernet0/0/1
port link-type access
port default vlan 8

interface GigabitEthernet0/0/2
port link-type access
port default vlan 9

interface GigabitEthernet0/0/3
port link-type access
port default vlan 10

LSW7：

sysname SW7

undo info-center enable

vlan batch 2 4 6 11

dhcp enable

interface Vlanif2
ip address 192.1.2.254 255.255.255.0
dhcp select interface
dhcp server dns-list 192.1.10.1

interface Vlanif4
ip address 192.1.4.254 255.255.255.0
dhcp select interface
dhcp server dns-list 192.1.10.1

interface Vlanif6
ip address 192.1.6.254 255.255.255.0
dhcp select interface
dhcp server dns-list 192.1.10.1

interface Vlanif11
ip address 192.1.11.254 255.255.255.0

interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 2 4 11
mode lacp-static
load-balance src-dst-mac
max active-linknumber 2

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 4 6

interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 4 6

interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 2 4 6

interface GigabitEthernet0/0/4
eth-trunk 1

interface GigabitEthernet0/0/5
eth-trunk 1

ospf 1
area 0.0.0.1
network 192.1.2.0 0.0.0.255
network 192.1.4.0 0.0.0.255
network 192.1.6.0 0.0.0.255
network 192.1.11.0 0.0.0.255

LSW8：

sysname SW8

undo info-center enable

vlan batch 3 5 7 12
dhcp enable

interface Vlanif3
ip address 192.1.3.254 255.255.255.0
dhcp select interface
dhcp server dns-list 192.1.10.1

interface Vlanif5
ip address 192.1.5.254 255.255.255.0
dhcp select interface
dhcp server dns-list 192.1.10.1

interface Vlanif7
ip address 192.1.7.254 255.255.255.0
dhcp select interface
dhcp server dns-list 192.1.10.1

interface Vlanif12
ip address 192.1.12.254 255.255.255.0

interface Eth-Trunk2
port link-type trunk
port trunk allow-pass vlan 3 5 7 12
mode lacp-static
load-balance src-dst-mac
max active-linknumber 2

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 3 5 7

interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 3 5 7

interface GigabitEthernet0/0/3
eth-trunk 2

interface GigabitEthernet0/0/4
eth-trunk 2

ospf 1
area 0.0.0.1
network 192.1.3.0 0.0.0.255
network 192.1.5.0 0.0.0.255
network 192.1.7.0 0.0.0.255
network 192.1.12.0 0.0.0.255

LSW9：

sysname SW9

undo info-center enable

vlan batch 2 to 5 8 to 12

dhcp enable

interface Vlanif1
ip address 192.1.1.254 255.255.255.0
dhcp select relay
dhcp relay server-ip 192.1.1.253

interface Vlanif8
ip address 192.1.8.254 255.255.255.0

interface Vlanif9
ip address 192.1.9.254 255.255.255.0

interface Vlanif10
ip address 192.1.10.254 255.255.255.0

interface Vlanif11
ip address 192.1.11.254 255.255.255.0

interface Vlanif12
ip address 192.1.12.254 255.255.255.0

inteface MEth0/0/1

interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 2 4 11
mode lacp-static
load-balance src-dst-mac
max active-linknumber 2

interface Eth-Trunk2
port link-type trunk
port trunk allow-pass vlan 3 5 12
mode lacp-static
load-balance src-dst-mac
max active-linknumber 2

interface Eth-Trunk3
port link-type trunk
port trunk allow-pass vlan 8 to 10
mode lacp-static
load-balance src-dst-mac
max active-linknumber 2

interface GigabitEthernet0/0/1
eth-trunk 1

interface GigabitEthernet0/0/2
eth-trunk 1

interface GigabitEthernet0/0/3
eth-trunk 2

interface GigabitEthernet0/0/4
eth-trunk 2

interface GigabitEthernet0/0/5
eth-trunk 3

interface GigabitEthernet0/0/6
eth-trunk 3

interface GigabitEthernet0/0/7
port link-type trunk
port trunk allow-pass vlan 2 to 5

ospf 1
area 0.0.0.1
network 192.1.1.0 0.0.0.255
network 192.1.8.0 0.0.0.255
network 192.1.9.0 0.0.0.255
network 192.1.10.0 0.0.0.255
network 192.1.11.0 0.0.0.255
network 192.1.12.0 0.0.0.255

AC：

sysname AC

vlan batch 2 to 5

authentication-profile name default_authen_profile
authentication-profile name dot1x_authen_profile
authentication-profile name mac_authen_profile
authentication-profile name portal_authen_profile
authentication-profile name macportal_authen_profile

dhcp enable

pki realm default
rsa local-key-pair default
enrollment self-signed

ike proposal default
encryption-algorithm aes-256
dh group14
authentication-algorithm sha2-256
authentication-method pre-share
integrity-algorithm hmac-sha2-256
prf hmac-sha2-256

free-rule-template name default_free_rule

portal-access-profile name portal_access_profile

aaa
authentication-scheme default
authentication-scheme radius
authentication-mode radius
authorization-scheme default
accounting-scheme default
domain default
authentication-scheme radius
radius-server default
domain default_admin
authentication-scheme default
local-user admin password irreversible-cipher 123456
local-user admin privilege level 15
local-user admin service-type http

interface Vlanif1
ip address 192.1.1.253 255.255.255.0
dhcp select interface
dhcp server dns-list 192.1.10.1

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 5

interface GigabitEthernet0/0/21
undo negotiation auto
duplex half

interface GigabitEthernet0/0/22
undo negotiation auto
duplex half

interface GigabitEthernet0/0/23
undo negotiation auto
duplex half

interface GigabitEthernet0/0/24
undo negotiation auto
duplex half

snmp-agent local-engineid 800007DB03000000000000
snmp-agent

ssh server secure-algorithms cipher aes256_ctr aes128_ctr
ssh server key-exchange dh_group14_sha1
ssh client secure-algorithms cipher aes256_ctr aes128_ctr
ssh client secure-algorithms hmac sha2_256
ssh client key-exchange dh_group14_sha1

capwap source interface vlanif1

user-interface con 0
authentication-mode password
user-interface vty 0 4
protocol inbound all
user-interface vty 16 20
protocol inbound all

wlan
traffic-profile name default
security-profile name xiaoze1
security wpa2 psk pass-phrase 123456 aes
security-profile name xiaoze2
security wpa2 psk pass-phrase 123456 aes
ssid-profile name ssid1
ssid xiaoze1
ssid-profile name ssid2
ssid xiaoze2
ssid-profile name ssid3
ssid xiaoze3
ssid-profile name ssid4
ssid xiaoze4
ssid-profile name default
vap-profile name vap1
forward-mode tunnel
service-vlan vlan-id 2
ssid-profile ssid1
security-profile xiaoze1
vap-profile name vap2
forward-mode tunnel
service-vlan vlan-id 4
ssid-profile ssid2
security-profile xiaoze2
vap-profile name vap3
forward-mode tunnel
service-vlan vlan-id 3
ssid-profile ssid3
security-profile xiaoze1
vap-profile name vap4
forward-mode tunnel
service-vlan vlan-id 5
ssid-profile ssid4
security-profile xiaoze2
vap-profile name default
wds-profile name default
mesh-handover-profile name default
mesh-profile name default
regulatory-domain-profile name default
air-scan-profile name default
rrm-profile name default
radio-2g-profile name default
radio-5g-profile name default
wids-spoof-profile name default
wids-profile name default
wireless-access-specification
ap-system-profile name default
port-link-profile name default
wired-port-profile name default
serial-profile name preset-enjoyor-toeap
ap-group name apzu1
radio 0
vap-profile vap1 wlan 1
vap-profile vap2 wlan 2
radio 1
vap-profile vap1 wlan 1
vap-profile vap2 wlan 2
ap-group name apzu2
radio 0
vap-profile vap3 wlan 3
vap-profile vap4 wlan 4
radio 1
vap-profile vap3 wlan 3
vap-profile vap4 wlan 4
ap-group name default
ap-id 1 type-id 61 ap-mac 00e0-fc22-6350 ap-sn 210235448310D73D370B
ap-name AP1
ap-group apzu1
ap-id 2 type-id 61 ap-mac 00e0-fca3-28d0 ap-sn 210235448310BE27A030
ap-name AP2
ap-group apzu1
ap-id 3 type-id 61 ap-mac 00e0-fc2e-48f0 ap-sn 210235448310B7605154
ap-name AP3
ap-group apzu1
ap-id 4 type-id 61 ap-mac 00e0-fc79-03f0 ap-sn 2102354483103E328202
ap-name AP4
ap-group apzu2
ap-id 5 type-id 61 ap-mac 00e0-fccc-3100 ap-sn 2102354483103B09A541
ap-name AP5
ap-group apzu2
provision-ap