根据enspv510版ac与ap配置

基于版与配置enspv510ac ap四川托普信息职业技术学院唐小军叩的地址池

一、拓扑图ip

10.

23.

100.2-

10.

23.

100.254/24sta的ip地址池i

16.

23.

101.3-

10.

23.

101.254/24管理vl an:vlanlOO vlaniflOl:

10.

23.

101.2/24vlanif:100:

10.

23.

100.1/24业务vlen:vlanl01版权所有©华为技术有限公vlanlOl司.

2018.保留一切权利vlanlOOGE0/0/1

三、相应设备-0/0/6-0O/TEtfiemet0/0/2GEDO149/5G/0Mbp6/

2.4G/600MbpsTTL无线AP:5030,AC:6605,LSW2AC2LSW3AP3vlaniflOO:

10.

23.

100.1/

242.交换二层，ap-groupl wlan-net defaultS3700,三层，S5700安全模板，ssid:wlan-net wlan-net:安全策略

3.电脑:STA

四、WPA-WPA2+PSK+AES实现目标密码，

312345671.STA3能通过无线方式访问到三层交换机接口地址，

10.

23.

101.2

五、配置思路

1.配置AP、AC和周边网络设备之间实现网络互通

2.配置AP上线

二、实验环境:a）创建AP组，用于将需要进行相同配置的AP都加入到AP组，实现统一配置£关于b）配置AC的系统参数，包括国家码、AC与AP之间通信的源接口eNSPc）配置AP上线的认证方式并离线导入AP,实现AP正常上线

3.配置WLAN业务参数，实现STA访问WLAN网络功能

六、实验过程

1.二层交换机配置HUAWEI system-vieweNSP

1.

2.

00.510[HUAWEI]sysname SwitchV100R002C00[Switch]vlan batch100101[Switch]interface Ethernet0/0/l[Switch-EthernetO/0/1]port link-type trunk[Switch-Ethernet0/0/1]port trunkpvid vlan100[Switch-EthernetO/0/1]port trunkallow-pass vlan100101[Switch-EthernetO/0/1]port-isolate enable[Switch-EthernetO/0/1]quit[Switch]interface gigabitethernet0/0/2[Switch-Ethernet0/0/2]port link-type trunk[Switch-Ethernet0/0/2]port trunkallow-pass vlan100101quit[Switch-Ethernet0/0/2]

2.三层交换机配置〈Huawei system-view[Huawei]sysname Router[Router]vlan batch101[Router]interface gigabitethernet0/0/1[Router-GigabitEthernetO/0/1]port link-type trunk[Router-GigabitEthernet0/0/l]port trunkallow-pass vlan101[Router-GigabitEthernet0/0/l]quit[Router]interface vlanif101[Router-Vlanif101J ip address

10.

23.

101.224[Router-Vlanif101]quit

3.配置AC与其它网络设备互通AC6605system-view[AC6605]sysname AC[AC]vlan batch100101[AC]interface gigabitethernet0/0/1[AC-GigabitEthernetO/0/1]port link-type trunk[AC-GigabitEthernetO/0/1]port trunkallow-pass vlan100101[AC-GigabitEthernetO/0/1]quit[AC]interface gigabitethernet0/0/2[AC-GigabitEthernetO/O/2]port link-type trunk[AC-GigabitEthernetO/O/2]port trunkallow-pass vlan101[AC-GigabitEthernetO/O/2]quit

4.在AC上配置DHCP服务器为STA和AP分配IP地址[AC]dhcp enable[AC]interface vlanif100[AC-VlaniflOO]ip address

10.

23.

100.124[AC-Vlanif100]dhcp selectinterface[AC-VlaniflOO]quit[AC]interface vlanif101[AC-VlaniflOl]ipaddress

10.

23.

101.124[AC-Vlanif101]dhcp selectinterface[AC-VlaniflOl]quit

5.在AC上配置AP上线#创建AP组，用于将相同配置的AP都加入同一AP组中[AC]wlan[AC-wlan-view]ap-group nameap-groupl[AC-wlan-ap-group-ap-group1]quit#创建域管理模板,在域管理模板下配置AC的国家码并在AP组下引用域管理模板[AC-wlan-view]regulatory-domain-profile namedefault[AC-wlan-regulate-domain-default]country-code cn[AC-wlan-regulate-domain-default]quit[AC-wlan-view]ap-group nameap-groupl[AC-wlan-ap-group-ap-group1]regu1atory-domain-profi1e defaultWarning:Modifying thecountry codewill clear channel,power andantenna gainconfigurationsof theradio andreset theAP.Continu e[Y/N]:y[AC-wlan-ap-group-ap-group1]quit[AC-wlan-view]quit#配置AC的源接口[AC]capwap sourceinterface vlanif

1006.查看ap的mac地址做好记录以备用，并为ap设置部署名称例如area」WAP3aaaoea mnsz串口号:APgfiMZMAC飒SN:2004信毫♦色出质信号交经透明度信道当前信通凝色:

7.AP具有射频0和射频1两个射频例如AP5030DN的射频0为

2.4GHz射频，射频1为5GHz射频[AC]wlan[AC-wlan-view]ap auth-mode mac-auth[AC-wlan-view]ap-id0ap-mac60de-4476-e360[AC-wlan-ap-O]ap-name area_l[AC-wlan-ap-Oj ap-group ap-grouplWarning:This operationmay causeAP reset.If thecountry codechanges,it willclearchannel,power andantenna gainconfiguration sof theradio,Whether tocontinue[Y/N]:y[AC-wlan-ap-O]quit

8.保证AP上电并与AC连接，当执行命令display apall查看到AP的State〃字段为〃nor时，表示AP正常上线[AC-wlan-view]display apallTotal APinformation:nor:normal

[1]ID MACName GroupIP TypeState STAUptime000e0-fcfe-le60areal ap-groupl

10.

23.

100.106AP5030DN nor010STotal:

19.配置WLAN业务参数,配置WPA-WPA2+PSK+AES的安全策略,密码为七1234567”[AC-wlan-view]security-profile name wlan-net[AC-wlan-sec-prof-wlan-net]security wpa-wpa2psk pass-phrase al234567aes[AC-wlan-sec-prof-wlan-net]quit#创建名为“wlan-net”的SSID模板，并配置SSID名称为“wlan-net”[AC-wlan-view]ssid-profile namewlan-net[AC-wlan-ssid-prof-wlan-net]ssid wlan-net[AC-wlan-ssid-prof-wlan-net]quit#创建名为“wlan-net”的VAP模板，配置业务数据转发模式、业务VLAN,并且引用安全模板和SSID模板[AC-wlan-vap-prof-wlan-net]forward-mode direct-forward[AC-wlan-vap-prof-wlan-net]service-vlan vlan-id101[AC-wlan-vap-prof-wlan-net]security-profi1ewlan-netLAC-w1an-vap-prof-wlan-netj ssid-profile wlan-net quit[AC-wlan-vap-prof-wlan-net][AC-wlan-view]vap-profile namewlan-net#配置AP组引用VAP模板，AP上射频0和射频1都使用VAP模板“wlan-net”的配置[AC-wlan-view]ap-group nameap-groupl[AC-wlan-ap-group-ap-group1]vap-profile wlan-net wlan1radio0[AC-wlan-ap-group-ap-group1]vap-profile wlan-net wlan1radio1[AC-wlan-ap-group-ap-group1]quit

10.配置AP射频的信道和功率，关闭射频的信道和功率自动调优功能射频的信道和功率自动调优功能默认开启，如果不关闭此功能则会导致手动配置不生效[AC-wlan-view]rrm-profile namedefault[AC-wlan-rrm-prof-default]calibrate auto-channel-select disable[AC-wlan-rrm-prof-default]calibrate auto-txpower-select disable[AC-wlan-rrm-prof-defau1t]quit#配置AP射频0的信道和功率[AC-wlan-view]ap-id0[AC-wlan-ap-O]radio0[AC-wlan-radio-0/0]channel20mhz6Warning:This actionmay causeservice interruption.Continue[Y/N]y[AC-wlan-radio-0/0]eirp127[AC-wlan-radio-0/0]quit#配置AP射频1的信道和功率[AC-wlan-ap-O]radio1[AC-wlan-radio_0/1]channel20mhz149Warning:This actionmay causeservice interruption.Continue[Y/N]y[AC-wlan-radio_0/1]eirp127[AC-wlan-radio-0/1]quit[AC-w1an-ap-0]quit

11.验证配置结果,WLAN业务配置会自动下发给AP,配置完成后，通过执行命令display vapssid wlan-net查看如下信息，当Status〃项显示为“ON〃时，表示AP对应的射频上的VAP已创建成功[AC-wlan-view]display vapsaid wlan-net Info:This operationmay takea fewseconds pleaserwait.WID:WLAN IDAP ID APname RfIDWID BSSIDStatus Authtype STASSID0area_l0100E0-FCFE-1E60ON WPA/WPA2-PSK1wlan-net0area2l1100E0-FCFE-1E70ON WPA/WPA2-PSK0wlan-netTotal:

212.STA搜索到名为〃wlan-net〃的无线网络，输入密码，1234567〃并正常关联后，在AC上执行display stationssid wlan-net命令，可以查看到用户已经接入到无线网络“wlan-net〃中[AC-wlan-view]dis stationssidwlan-necRf/WLAN:Radio ID/WLAN IDRx/Tx:link receiverate/link transmitrateMbpsSTA MACAPIDAp nameRf/WLAN BandType Rx/Tx RSSIVLAN IPa5489-985d-5ef40area10/

12.4G-

10110.

23.

101.253ddressTotal:

12.4G:15G:0在STA3上做如下操作:加密方式状态VAPMAC射频类型-o列表Vap未连接^■■O0wlan-net NULLOOEOfCFE-lES

6802.11bgn

410.

23.

101.253O琳态•DHCP

255.

255.

10.

23.

2.

5.

5.

255.

1.

0..

23.

10.

23.

101.1Pmg

10.

23.

101.1:32data bytes.Press CtrlC to breakFrom

10.

23.

101.1:bytes=32seq=l ttl=255time=156msFrom

10.

23.

101.1:bytes=32seq=2ttl=255time=125msFrom

10.

23.

101.1:bytes=32seq=3tt1=255time=141msFrom

10.

23.

101.1:bytes=32seq=4ttl=255time=125msFrom

10.

23.

101.1:bytes=32seq=5t11=255time=125ms---------------

10.

23.

101.1ping statistics5packets transmitted5packets received

0.00%packet lossround-trip min/avg/max—125/134/156msSTAping

10.

23.

101.2Ping

10.

23.

101.2:32data bytesPress Ctrl_Ctobreak.rFrom

10.

23.

101.2:bytes=32seq=l ttl=255time=125msFrom

10.

23.

101.2:bytes=32seq=2ttl=255time=125ms。