华为无线ac+ap旁挂二层组网常用配置案例

AC控制器理解配置步骤:

capwap source interface Vlanif 100 //源IP回包地址

wlan

ssid-profile name test //新建个模版名称为test

ssid test //wifi名称

wlan

security-profile name test //建立安全模版也叫test

security wpa-wpa2 psk pass-phrase admin123 aes //wifi密钥为admin123,数据包加密方式为aes

wlan

vap-profile name test //建立vap模版

ssid test //关联ssid模版

security-profile test //关联安全模版

service-vlan vlan-id 10 //关联业务vlan名称

forward-mode direct-forward //设备为本地直接转发(本地转发)

wlan

ap-group name test //建立ap组名称

vap-profile test wlan 1 radio all //关联vap模版

wlan

ap-mac 00e0-fc6e-6990 //添加ap的mac地址绑定,用sn号也可以

ap-name 1-lay-01 //ap改个位置名字

ap-group test //ap关联组进行信息发射

接入交换机配置:

dis current-configuration

sysname Huawei

undo info-center enable

vlan batch 10 100

cluster enable

ntdp enable

ndp enable

drop illegal-mac alarm

diffserv domain default

drop-profile default

interface Vlanif1

interface MEth0/0/1

interface GigabitEthernet0/0/1

port link-type trunk

port trunk pvid vlan 100

port trunk allow-pass vlan 10 100

interface GigabitEthernet0/0/2

port link-type trunk

port trunk allow-pass vlan 10 100

核心交换机配置:

dis cu

dis current-configuration

sysname Huawei

undo info-center enable

vlan batch 10 100

cluster enable

ntdp enable

ndp enable

drop illegal-mac alarm

dhcp enable

diffserv domain default

drop-profile default

ip pool vlan10 //业务vlan

gateway-list 192.168.1.1

network 192.168.1.0 mask 255.255.255.0

dns-list 8.8.8.8

interface Vlanif1

interface Vlanif10

ip address 192.168.1.1 255.255.255.0

dhcp select global

interface MEth0/0/1

interface GigabitEthernet0/0/1

port link-type trunk

port trunk allow-pass vlan 10 100

interface GigabitEthernet0/0/2

port link-type trunk

port trunk allow-pass vlan 100

AC控制器:

dis current-configuration

set memory-usage threshold 0

ssl renegotiation-rate 1

vlan batch 100

authentication-profile name default_authen_profile

authentication-profile name dot1x_authen_profile

authentication-profile name mac_authen_profile

authentication-profile name portal_authen_profile

authentication-profile name macportal_authen_profile

dhcp enable

diffserv domain default

radius-server template default

pki realm default

rsa local-key-pair default

enrollment self-signed

ike proposal default

encryption-algorithm aes-256

dh group14

authentication-algorithm sha2-256

authentication-method pre-share

integrity-algorithm hmac-sha2-256

prf hmac-sha2-256

free-rule-template name default_free_rule

portal-access-profile name portal_access_profile

interface Vlanif100

ip address 192.168.100.1 255.255.255.0

dhcp select interface

capwap source interface vlanif100

user-interface con 0

authentication-mode password

user-interface vty 0 4

protocol inbound all

user-interface vty 16 20

protocol inbound all

wlan

traffic-profile name default

security-profile name test

security wpa-wpa2 psk pass-phrase %^%#AfJX#b\wyH#hH"YN~;|'n@AcNMd|Z"</2vWAJWvW

%^%# aes

security-profile name default

security-profile name default-wds

security-profile name default-mesh

ssid-profile name test

ssid test

ssid-profile name default

vap-profile name test

service-vlan vlan-id 10

ssid-profile test

security-profile test

vap-profile name default

wds-profile name default

mesh-handover-profile name default

mesh-profile name default

regulatory-domain-profile name default

air-scan-profile name default

rrm-profile name default

radio-2g-profile name default

radio-5g-profile name default

wids-spoof-profile name default

wids-profile name default

wireless-access-specification

ap-system-profile name default

port-link-profile name default

wired-port-profile name default

serial-profile name preset-enjoyor-toeap

ap-group name test

radio 0

vap-profile test wlan 1

radio 1

vap-profile test wlan 1

radio 2

vap-profile test wlan 1

ap-group name default

ap-id 0 type-id 69 ap-mac 00e0-fc6e-6990 ap-sn 2102354483104175B31C

ap-name 1-lay-01

ap-group test

provision-ap

dot1x-access-profile name dot1x_access_profile

mac-access-profile name mac_access_profile

return

相关推荐
qq_1715388533 分钟前
TCP/IP协议精解:IP协议——互联网世界的邮政编码系统
网络·网络协议·tcp/ip
珹洺43 分钟前
计算机网络:(七)网络层(上)网络层中重要的概念与网际协议 IP
网络·tcp/ip·计算机网络
兮动人1 小时前
获取终端外网IP地址
java·网络·网络协议·tcp/ip·获取终端外网ip地址
怦然星动_2 小时前
eNSP中实现vlan间路由通信(路由器)
网络·智能路由器
zyx没烦恼4 小时前
TCP相关实验
服务器·网络·tcp/ip
(:满天星:)13 小时前
第31篇:块设备与字符设备管理深度解析(基于OpenEuler 24.03)
linux·运维·服务器·网络·centos
野蛮人6号15 小时前
虚拟机网络编译器还原默认设置后VMnet8和VMnet1消失了
网络·vmware·虚拟机网络编译器·vmnet8消失
scuter_yu15 小时前
主流零信任安全产品深度介绍
运维·网络·安全
江苏思维驱动智能研究院有限公司15 小时前
Sophos 网络安全:全球领先的自适应安全解决方案提供商
网络·安全·web安全
面朝大海,春不暖,花不开16 小时前
Java网络编程:TCP/UDP套接字通信详解
java·网络·tcp/ip