拓扑图:
1、创建管理VLAN与AP管理VLAN、终端接入VLAN、配置管理VLAN IP地址
设备管理VLAN 56、AP管理VLAN 101、终端接入VLAN 10
AC、HeXin、JieRu。(创建VLAN)[H3C]vlan 101[H3C-vlan101]description AP-vlan[H3C]vlan 56[H3C-vlan56]description GuanLi-vlan[H3C]vlan 10[H3C-vlan10]description Terminal-vlanAC、HeXin、JieRu。(设备管理IP)[AC]interface Vlan-interface 56[AC-Vlan-interface56]ip add 192.168.56.11 24[HeXin]interface Vlan-interface 56[HeXin-Vlan-interface56]ip add 192.168.56.10 24[JieRu]interface Vlan-interface 56[JieRu-Vlan-interface56]ip add 192.168.56.12 24核心上配置终端接入VLAN网关和AP管理VLAN网关[HeXin]interface Vlan-interface 10[HeXin-Vlan-interface10]ip address 192.168.10.1 24[HeXin]interface Vlan-interface 101[HeXin-Vlan-interface101]ip address 192.168.101.1 24
2、核心上配置DHCP,AP管理VLAN、终端接入VLAN
终端接入获取的上网IP[HeXin]dhcp enable[HeXin]dhcp server ip-pool Terminal-vlan[HeXin-dhcp-pool-Terminal-vlan]gateway-list 192.168.10.1[HeXin-dhcp-pool-Terminal-vlan]network 192.168.10.0 mask 255.255.255.0[HeXin-dhcp-pool-Terminal-vlan]dns-list 8.8.8.8[HeXin-dhcp-pool-Terminal-vlan]expired day 0 hour 8 minute 0 second 0[HeXin-dhcp-pool-Terminal-vlan]forbidden-ip 192.168.10.1[HeXin-dhcp-pool-Terminal-vlan]quitAP获取的管理IP[HeXin]dhcp server ip-pool AP-GuanLi[HeXin-dhcp-pool-AP-GuanLi]gateway-list 192.168.101.1[HeXin-dhcp-pool-AP-GuanLi]network 192.168.101.0 mask 255.255.255.0[HeXin-dhcp-pool-AP-GuanLi]forbidden-ip 192.168.101.13、配置交换机的接口为trunk口允许VLAN通行
通常接口配置是:port trunk permit vlan 2-4094下面的配置只是为了方便,这样做配置对以后添加新VLAN不方便,AC(配置连接核心交换机端口)[AC]interface GigabitEthernet 1/0/0[AC-GigabitEthernet1/0/0]port link-type trunk[AC-GigabitEthernet1/0/0]port trunk permit vlan 10 56 101[AC-GigabitEthernet1/0/0]undo port trunk permit vlan 1HeXin(配置AC和接入的对接端口)[HeXin]interface GigabitEthernet 1/0/1[HeXin-GigabitEthernet1/0/1]port link-type trunk[HeXin-GigabitEthernet1/0/1]port trunk permit vlan 10 56 101[HeXin-GigabitEthernet1/0/1]undo port trunk permit vlan 1[HeXin-GigabitEthernet1/0/1]quit[HeXin]interface GigabitEthernet 1/0/2[HeXin-GigabitEthernet1/0/2]port link-type trunk[HeXin-GigabitEthernet1/0/2]port trunk permit vlan 10 56 101[HeXin-GigabitEthernet1/0/2]undo port trunk permit vlan 1JieRu(配置上联端口、将AP加入到AP管理VLAN)[JieRu]interface GigabitEthernet 1/0/1[JieRu-GigabitEthernet1/0/1]port link-type trunk[JieRu-GigabitEthernet1/0/1]port trunk permit vlan 10 56 101[JieRu-GigabitEthernet1/0/1]undo port trunk permit vlan 1[JieRu-GigabitEthernet1/0/1]quit将AP加入到AP管理VLAN,将所有AP加入到AP管理VLAN中[JieRu]interface GigabitEthernet 1/0/2[JieRu-GigabitEthernet1/0/2]poe enable(开启POE供电,给无线AP供电)[JieRu-GigabitEthernet1/0/2]port access vlan 101[JieRu]interface GigabitEthernet 1/0/3[JieRu-GigabitEthernet1/0/3]poe enable(这条命令在真机上需要输入,模拟器上不用)[JieRu-GigabitEthernet1/0/3]port access vlan 1014、配置路由
将路由指向核心交换机JieRu[JieRu]ip route-static 0.0.0.0 0.0.0.0 192.168.56.10
AC[AC]ip route-static 0.0.0.0 0.0.0.0 192.168.56.105、配置AC
5.1、配置AP管理同网段IP地址
在AC上配置一个和AP管理VLAN同网段的IP地址,AP获取到IP地址后可以访问到AC[AC]interface Vlan-interface 101
[AC-Vlan-interface101]ip address 192.168.101.250 255.255.255.05.2、配置AP自动上线
配置AP自动上线[AC] wlan auto-ap enable 开启自动AP功能[AC] wlan auto-persistent enable 开启自动AP自动固化功能5.3、创建无线服务模板
模拟器服务模板(因为模拟器的终端不能输入密码连接WiFi)
[AC]wlan service-template wuxian-1
[AC-wlan-st-wuxian-1]ssid ceshi-1
[AC-wlan-st-wuxian-1]service-template enable
真实机设备服务模板
[AC]wlan service-template wuxian
[AC-wlan-st-wuxian]ssid ceshi
[AC-wlan-st-wuxian]akm mode psk
[AC-wlan-st-wuxian]preshared-key pass-phrase simple h3c@123.com
[AC-wlan-st-wuxian]cipher-suite ccmp
[AC-wlan-st-wuxian]security-ie rsn
[AC-wlan-st-wuxian]service-template enable 5.4、创建AP绑定服务模板并启动射频
wlan ap 3034-5d38-0400 model WA6320-HCLserial-id H3C_30-34-5D-38-04-00vlan 1radio 1radio enableservice-template wuxian-1 vlan 10radio 2gigabitethernet 1
