先看拓扑图,配置完毕的状态:
配置出口路由器的接口sys [AR]intg0/0/0 [AR-GigabitEthernet0/0/0]ipad10.0.0.224
配置AC
sys [AC1]vlanbatch10 [AC1]intvlanif10 [AC1-Vlanif10]ipad172.16.1.224#与核心交换机直连的IP地址 [AC1-Vlanif10]intg0/0/1 [AC1-GigabitEthernet0/0/1]portlink-typetrunk [AC1-GigabitEthernet0/0/1]porttrunkallow-passvlanall
配置核心交换机
[LSW1]vlanbatch510#创建vlan5和10 [LSW1]intvlanif1 [LSW1-Vlanif1]ipad10.0.0.124#与路由器直连的IP地址 [LSW1-Vlanif1]intvlanif5 [LSW1-Vlanif5]ipad192.168.0.124#AP的网关地址,稍后要用到 [LSW1-Vlanif5]intvlanif10 [LSW1-Vlanif10]ipad172.16.1.124#与AC直连的地址 [LSW1-Vlanif10]intg0/0/4 [LSW1-GigabitEthernet0/0/4]portlink-typetrunk [LSW1-GigabitEthernet0/0/4]porttrunkallow-passvlanall
2.配置AC/出口路由器的路由,使其能相互通信。
AC的静态路由
[AC1]iproute-static0.0.0.00172.16.1.1
出口路由器的静态路由
[AR]iproute-static0.0.0.0010.0.0.1
在AC上ping一下路由器,测试网络是否联通:
ping10.0.0.2 PING10.0.0.2:56databytes,pressCTRL_Ctobreak Replyfrom10.0.0.2:bytes=56Sequence=1ttl=254time=60ms Replyfrom10.0.0.2:bytes=56Sequence=2ttl=254time=30ms Replyfrom10.0.0.2:bytes=56Sequence=3ttl=254time=40ms Replyfrom10.0.0.2:bytes=56Sequence=4ttl=254time=40ms Replyfrom10.0.0.2:bytes=56Sequence=5ttl=254time=50ms
确认无误再进行下一步
3.配置核心交换机DHCP,使其能分配IP地址给AP
配置与AP相连的端口
[LSW1]port-groupgroup-memberg0/0/1tog0/0/3#端口组 [LSW1-port-group]portlink-typetrunk [LSW1-port-group]porttrunkallow-passvlanall [LSW1-port-group]porttrunkpvidvlan5 [LSW1-port-group]quit
配置DHCP地址池
[LSW1]dhcpenable#使能DHCP [LSW1]ippoolvlan5#创建地址池 [LSW1-ip-pool-vlan5]network192.168.0.0mask24#配置要分配的网段 [LSW1-ip-pool-vlan5]gateway-list192.168.0.1#配置要分配的网关地址 [LSW1-ip-pool-vlan5]option43sub-option3ascii172.16.1.2#将AC的IP地址下发给AP [LSW1-ip-pool-vlan5]quit [LSW1]intvlanif5 [LSW1-Vlanif5]dhcpselectglobal#在接口上下发IP地址
看看AP的地址有没有上来
disipintbri InterfaceIPAddress/MaskPhysicalProtocol NULL0unassignedupup(s) Vlanif1192.168.0.252/24upup
ping一下AC看看通不通
ping172.16.1.2 PING172.16.1.2:56databytes,pressCTRL_Ctobreak Replyfrom172.16.1.2:bytes=56Sequence=1ttl=254time=30ms Replyfrom172.16.1.2:bytes=56Sequence=2ttl=254time=20ms Replyfrom172.16.1.2:bytes=56Sequence=3ttl=254time=10ms Replyfrom172.16.1.2:bytes=56Sequence=4ttl=254time=20ms Replyfrom172.16.1.2:bytes=56Sequence=5ttl=254time=40ms
确认无误,进行下一步
4.注册AP
以下配置,可能会弹出的警告,都选Y就行
指定capwap协议的信令源地址
[AC1]capwapsourceinterfaceVlanif10 [AC1]wlan#进入wlan视图 [AC1-wlan-view]apauth-modemac-auth#配置AC的验证方式为MAC验证
创建域配置并配置国家码,使AP的射频特性符合国家的法律法规要求
[AC1-wlan-view]regulatory-domain-profilenameCN#创建域配置 [AC1-wlan-regulate-domain-CN]country-codeCN#国家码:中国 [AC1-wlan-regulate-domain-CN]quit
创建AP-group
[AC1-wlan-view]ap-groupnameguest#创建guest组 [AC1-wlan-ap-group-guest]regulatory-domain-profileCN#关联刚才的域配置 [AC1-wlan-ap-group-guest]quit [AC1-wlan-ap-group-work]ap-groupnamework#创建work组 [AC1-wlan-ap-group-work]regulatory-domain-profileCN#关联刚才的域配置 [AC1-wlan-ap-group-work]quit
基于mac地址注册AP
[AC1-wlan-view]ap-id1ap-mac00e0-fc61-3600#加入AP。mac地址可以通过查看核心交换机的mac地址表,或者右键AP打开设置查看 [AC1-wlan-ap-1]ap-nameguest1#将AP名字更改为guest1 [AC1-wlan-ap-1]ap-groupguest#将AP加入刚才配置的guest组 [AC1-wlan-ap-1]quit [AC1-wlan-view]ap-id2ap-mac00e0-fc56-18b0 [AC1-wlan-ap-1]ap-nameguest2 [AC1-wlan-ap-1]ap-groupguest [AC1-wlan-ap-1]quit [AC1-wlan-view]ap-id3ap-mac00e0-fce3-7a10 [AC1-wlan-ap-1]ap-namework1 [AC1-wlan-ap-1]ap-groupwork [AC1-wlan-ap-1]quit
到此处AP会自动重启,且AP名字会被更改(如果没有自动重启,可以自己手动重启)
重启完在AC上查看AP是否注册成功:
[AC1-wlan-view]displayapall Info:Thisoperationmaytakeafewseconds.Pleasewaitforamoment.done. TotalAPinformation: nor:normal[1] -------------------------------------------------------------------------------- IDMACNameGroupIPTypeStateSTAUptime -------------------------------------------------------------------------------- 100e0-fc61-3600guest1guest192.168.0.252AP9131DNnor01M:3S 200e0-fc56-18b0guest2guest--idle0- 300e0-fce3-7a10work1work--idle0- -------------------------------------------------------------------------------- Total:1
可以看到state为nor,说明注册成功;余下两台设备显示为idle,说明注册失败(只是因为我还没重启,想给大家看看没注册成功的状态)
等三台设备全部上线,确认无误再进行下一步
5.分配无线参数
[AC1]vlanpoolsta-pool101#新建vlan地址池,名称为sta-pool101 [AC1-vlan-pool-sta-pool101]vlan101 [AC1-vlan-pool-sta-pool101]quit [AC1]vlanpoolsta-pool102 [AC1-vlan-pool-sta-pool102]vlan102 [AC1-vlan-pool-sta-pool102]quit
安全配置(WIFI密码)
[AC1]wlan [AC1-wlan-view]security-profilenameguest#新建安全配置,名称为guest [AC1-wlan-sec-prof-guest]securitywpa2pskpass-phrasea12345678aes#配置加密方式为wpa2-psk,aes密文存放 [AC1-wlan-sec-prof-guest]quit [AC1-wlan-view]security-profilenamework [AC1-wlan-sec-prof-work]securitywpa2pskpass-phrasea12345678aes [AC1-wlan-sec-prof-work]quit
SSID配置(WIFI名称)
[AC1-wlan-view]ssid-profilenameguest#新建SSID配置,名称为guest [AC1-wlan-ssid-prof-guest]ssidguest#配置SSID名为guest [AC1-wlan-ssid-prof-guest]quit [AC1-wlan-view]ssid-profilenamework [AC1-wlan-ssid-prof-work]ssidwork [AC1-wlan-ssid-prof-work]quit
虚拟接入点(vpa)配置
[AC1-wlan-view]vap-profilenameguest#新建vap配置,名称为guest [AC1-wlan-vap-prof-guest]service-vlanvlan-poolsta-pool101#应用vlan地址池 [AC1-wlan-vap-prof-guest]security-profileguest#应用安全配置 [AC1-wlan-vap-prof-guest]ssid-profileguest#应用SSID [AC1-wlan-vap-prof-guest]quit [AC1-wlan-view]vap-profilenamework [AC1-wlan-vap-prof-work]service-vlanvlan-poolsta-pool102 [AC1-wlan-vap-prof-work]security-profilework [AC1-wlan-vap-prof-work]ssid-profilework [AC1-wlan-vap-prof-work]quit
开启无线电信号
[AC1-wlan-view]ap-groupnameguest [AC1-wlan-ap-group-guest]vap-profileguestwlan1radio0#应用虚拟接入点配置,wlanid为1,radio0意思是使用2.4GHz的频段 [AC1-wlan-ap-group-guest]vap-profileguestwlan1radio1#配置双射频,radio1=5GHz [AC1-wlan-ap-group-guest]quit [AC1-wlan-view]ap-groupnamework [AC1-wlan-ap-group-work]vap-profileworkwlan1radio0 [AC1-wlan-ap-group-work]vap-profileworkwlan1radio1
6.配置客户端使用的地址池,结束。检验配置成果。
配置核心交换机
[LSW1]vlanbatch101102 [LSW1]ippool101 [LSW1-ip-pool-101]network192.168.10.0mask24 [LSW1-ip-pool-101]gateway-list192.168.10.1 [LSW1-ip-pool-101]quit [LSW1]ippool102 [LSW1-ip-pool-102]network192.168.20.0mask24 [LSW1-ip-pool-102]gateway-list192.168.20.1 [LSW1-ip-pool-102]quit [LSW1]intvlanif101 [LSW1-Vlanif101]ipad192.168.10.124 [LSW1-Vlanif101]dhcpselectglobal [LSW1]intvlanif102 [LSW1-Vlanif102]ipad192.168.20.124 [LSW1-Vlanif102]dhcpselectglobal
在终端设备连接AP,并输入密码
然后测试一下网络连通性:
STA>ipconfig LinklocalIPv6address...........::: IPv6address......................:::/128 IPv6gateway......................::: IPv4address......................:192.168.10.254 Subnetmask.......................:255.255.255.0 Gateway...........................:192.168.10.1 Physicaladdress..................:54-89-98-F0-37-1A DNSserver........................:
以上可以看到终端自动获取的IP地址信息是正确的
再ping一下出口路由器和AC:
STA>ping10.0.0.2 Ping10.0.0.2:32databytes,PressCtrl_Ctobreak From10.0.0.2:bytes=32seq=1ttl=254time=219ms From10.0.0.2:bytes=32seq=2ttl=254time=282ms From10.0.0.2:bytes=32seq=3ttl=254time=203ms From10.0.0.2:bytes=32seq=4ttl=254time=204ms From10.0.0.2:bytes=32seq=5ttl=254time=218ms STA>ping172.16.1.2 Ping172.16.1.2:32databytes,PressCtrl_Ctobreak From172.16.1.2:bytes=32seq=1ttl=254time=266ms From172.16.1.2:bytes=32seq=2ttl=254time=218ms From172.16.1.2:bytes=32seq=3ttl=254time=203ms From172.16.1.2:bytes=32seq=4ttl=254time=266ms From172.16.1.2:bytes=32seq=5ttl=254time=203ms
推荐本站淘宝优惠价购买喜欢的宝贝:
本文链接:https://sg.hqyman.cn/post/8767.html 非本站原创文章欢迎转载,原创文章需保留本站地址!
微信支付宝扫一扫,打赏作者吧~休息一下~~
萌ICP备20248119号
