华为---企业WLAN组网基本配置示例---AC+AP组网

义一2023-10-18 16:44

AC+AP组网所需的物理条件

1、无线AP---收发无线信号;
2、无线控制器(AC)---用来控制管理多个AP;
3、PoE交换机---能给AP实现网络连接和供电的交换机;
4、授权:默认AC管理的AP数量有限,买授权才能管控更多AP。

WLAN创建步骤

一、AP上线

二、WLAN业务配置下发

三、无线网络终端接入WLAN

四、WLAN业务数据转发

WLAN网络中的数据包括控制报文(管理报文)和数据报文。控制报文是通过CAPWAP的控制隧道转发的,用户的数据报文分为隧道转发方式、直接转发方式。

**隧道转发方式:**用户数据报文-->AP(CAPWAP数据隧道封装后)-->AC-->转发到上层网络。

**直接转发方式:**用户数据报文-->AP(不经过AC)-->直接转发到上层网络。

网络拓扑图

代码段

system-view 
 sysname R
interface GigabitEthernet 0/0/0 
 ip address 192.168.11.253 24


system-view 
 sysname SW
 dhcp enable
 vlan batch 10 11
interface GigabitEthernet 0/0/1
 port link-type access
 port default vlan 11
 quit
interface GigabitEthernet 0/0/2
 port link-type trunk
 port trunk allow-pass vlan 10 11
 quit
interface GigabitEthernet 0/0/3
 port link-type trunk
 port trunk allow-pass vlan 10
 quit
interface Vlan 11
 ip address 192.168.11.254 24
 dhcp select interface
 quit


system-view 
sysname SW1
 vlan batch 10 11
interface GigabitEthernet 0/0/1 
 port link-type trunk
 port trunk allow-pass vlan 10 11
 quit
interface Ethernet 0/0/1
 port link-type trunk
 port trunk pvid vlan 10
 port trunk allow-pass vlan 10 11
 quit
interface Ethernet 0/0/2
 port link-type trunk
 port trunk pvid vlan 10
 port trunk allow-pass vlan 10 11
 quit


system-view 
 sysname AC
 dhcp enable
 vlan 10
 quit
interface GigabitEthernet 0/0/1 
 port link-type trunk
 port trunk pvid vlan 10
 port trunk allow-pass vlan 10
 quit
interface Vlan 10
 ip address 192.168.10.254 24
 dhcp select interface
 quit
wlan
 regulatory-domain-profile name test-d
 country-code CN
 quit
 ap-group name test-g
 regulatory-domain-profile test-d
 y
 quit
 ap auth-mode mac-auth
 ap-id 1 ap-mac 00e0-fcee-6470
 ap-name test-ap1
 ap-group test-g
 y
 ap-id 2 ap-mac 00e0-fc90-2b60
 ap-name test-ap2
 ap-group test-g
 y
 quit
 security-profile name test-s
 security wpa-wpa2 psk pass-phrase test@123 aes
 quit
 ssid-profile name test-w
 ssid test-wifi
 quit
 vap-profile name test-vap
 forward-mode direct-forward 
 service-vlan vlan-id 11
 security-profile test-s
 ssid-profile test-w
 quit
 ap-group name test-g
 vap-profile test-vap wlan 1 radio all
 quit
capwap source interface Vlanif 10
quit

配置步骤及代码---代码解析

配基础有线网络配置

<Huawei>system-view
[Huawei] sysname R
[R-GigabitEthernet0/0/0] ip address 192.168.11.253 24

<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei] sysname SW
[SW] dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.
[SW] vlan batch 10 11
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW]interface GigabitEthernet 0/0/1
[SW-GigabitEthernet0/0/1] port link-type access
[SW-GigabitEthernet0/0/1] port default vlan 11
[SW-GigabitEthernet0/0/1] quit
[SW]interface GigabitEthernet 0/0/2
[SW-GigabitEthernet0/0/2] port link-type trunk
[SW-GigabitEthernet0/0/2] port trunk allow-pass vlan 10 11
[SW-GigabitEthernet0/0/2] quit
[SW]interface GigabitEthernet 0/0/3
[SW-GigabitEthernet0/0/3] port link-type trunk
[SW-GigabitEthernet0/0/3] port trunk allow-pass vlan 10
[SW-GigabitEthernet0/0/3] quit
[SW]interface Vlan 11
[SW-Vlanif11] ip address 192.168.11.254 24
[SW-Vlanif11] dhcp select interface
[SW-Vlanif11] quit

<SW1>system-view
Enter system view, return user view with Ctrl+Z.
[SW1]sysname SW1
[SW1] vlan batch 10 11
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW1]interface GigabitEthernet 0/0/1
[SW1-GigabitEthernet0/0/1] port link-type trunk
[SW1-GigabitEthernet0/0/1] port trunk allow-pass vlan 10 11
[SW1-GigabitEthernet0/0/1] quit
[SW1]interface Ethernet 0/0/1
[SW1-Ethernet0/0/1] port link-type trunk
[SW1-Ethernet0/0/1] port trunk pvid vlan 10
[SW1-Ethernet0/0/1] port trunk allow-pass vlan 10 11
[SW1-Ethernet0/0/1] quit
[SW1]interface Ethernet 0/0/2
[SW1-Ethernet0/0/2] port link-type trunk
[SW1-Ethernet0/0/2] port trunk pvid vlan 10
[SW1-Ethernet0/0/2] port trunk allow-pass vlan 10 11
[SW1-Ethernet0/0/2] quit

<AC6605>system-view
Enter system view, return user view with Ctrl+Z.
[AC6605] sysname AC
[AC] dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.
[AC] vlan 10
Info: This operation may take a few seconds. Please wait for a moment...done.
[AC-vlan10] quit
[AC]interface GigabitEthernet 0/0/1
[AC-GigabitEthernet0/0/1] port link-type trunk
[AC-GigabitEthernet0/0/1] port trunk pvid vlan 10
[AC-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[AC-GigabitEthernet0/0/1] quit
[AC]interface Vlan 10
[AC-Vlanif10] ip address 192.168.10.254 24
[AC-Vlanif10] dhcp select interface
[AC-Vlanif10] quit

AP上线和业务配置

[AC]wlan
[AC-wlan-view] regulatory-domain-profile name test-d //创建域管理模板test-d
[AC-wlan-regulate-domain-test-d] country-code CN //国家代码选择中国
Info: The current country code is same with the input country code.
[AC-wlan-regulate-domain-test-d] quit
[AC-wlan-view] ap-group name test-g //创建AP组test-g
Info: This operation may take a few seconds. Please wait for a moment.done.
[AC-wlan-ap-group-test-g] regulatory-domain-profile test-d //AP组的域管理模板是test-d
Warning: Modifying the country code will clear channel, power and antenna gain c
onfigurations of the radio and reset the AP. Continue?[Y/N]:y
[AC-wlan-ap-group-test-g]quit
[AC-wlan-view] ap auth-mode mac-auth //AP的认证模式为MAC认证

AP离线加入

[AC-wlan-view] ap-id 1 ap-mac 00e0-fcee-6470 //AP的编号和MAC地址
[AC-wlan-ap-1] ap-name test-ap1 //AP的名字为test-ap1
[AC-wlan-ap-1] ap-group test-g //AP属于AP组test-g
Warning: This operation may cause AP reset. If the country code changes, it will
clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC-wlan-ap-1]ap-id 2 ap-mac 00e0-fc90-2b60
[AC-wlan-ap-2] ap-name test-ap2
[AC-wlan-ap-2] ap-group test-g
Warning: This operation may cause AP reset. If the country code changes, it will
clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC-wlan-ap-2]quit
[AC-wlan-view] security-profile name test-s //安全模板的名字为test-s
[AC-wlan-sec-prof-test-s] security wpa-wpa2 psk pass-phrase test@123 aes //无线网密码是test@123,用AES加密。
[AC-wlan-sec-prof-test-s] quit
[AC-wlan-view] ssid-profile name test-w //ssid的模板名字为test-w
[AC-wlan-ssid-prof-test-w] ssid test-wifi //ssid的名称为test-wifi
Info: This operation may take a few seconds, please wait.done.
[AC-wlan-ssid-prof-test-w] quit
[AC-wlan-view] vap-profile name test-vap //vap模板的名字叫test-vap
[AC-wlan-vap-prof-test-vap] forward-mode direct-forward //转发模式为直接转发
[AC-wlan-vap-prof-test-vap] service-vlan vlan-id 11 //服务VLAN的ID为11
Info: This operation may take a few seconds, please wait.done.
[AC-wlan-vap-prof-test-vap] security-profile test-s //调用安全模板test-s
Info: This operation may take a few seconds, please wait.done.
[AC-wlan-vap-prof-test-vap] ssid-profile test-w //调用SSID模板test-w
Info: This operation may take a few seconds, please wait.done.
[AC-wlan-vap-prof-test-vap] quit
[AC-wlan-view] ap-group name test-g
[AC-wlan-ap-group-test-g] vap-profile test-vap wlan 1 radio all //调用VAP模板test-vap,wlan所有频道
Info: This operation may take a few seconds, please wait...done.
[AC-wlan-ap-group-test-g] quit
[AC-wlan-view]capwap source interface Vlanif 10 //AC的capwap隧道源接口为vlan 10
[AC]quit

STA接入

测试验证




管理vlan和业务vlan通信正常。

相关推荐
小堃学编程7 小时前
计算机网络(十) —— IP协议详解,理解运营商和全球网络
网络·tcp/ip·计算机网络
IPFoxy66610 小时前
探索路由器静态IP的获取方式
网络·智能路由器
menge233310 小时前
VLAN:虚拟局域网
网络·智能路由器
baobao熊10 小时前
【HarmonyOS】时间处理Dayjs
华为·harmonyos
GZ_TOGOGO10 小时前
【2024最新】华为HCIE认证考试流程
大数据·人工智能·网络协议·网络安全·华为
ZachOn1y10 小时前
计算机网络:计算机网络概述 —— 初识计算机网络
网络·计算机网络·知识点汇总·考研必备
三金1213811 小时前
SpringIoC容器的初识
网络·网络协议·rpc
狼头长啸李树身12 小时前
眼儿媚·秋雨绵绵窗暗暗
大数据·网络·服务发现·媒体
SizeTheMoment13 小时前
初识HTTP协议
网络·网络协议·http
哲伦贼稳妥13 小时前
一天认识一个硬件之机房地板
运维·网络·经验分享·其他
热门推荐
01【经验分享】Ubuntu22.04安装微信(linux官方版)02安卓系列机型永久去除data分区加密 详细步骤解析032024年高教社杯数学建模国赛C题超详细解题思路分析04CTF网络安全大赛简单的web抓包题目:HEADache05组基轨迹建模 GBTM的介绍与实现(Stata 或 R)06【2024数模国赛赛题思路公开】国赛B题思路丨附可运行代码丨无偿自提07【极空间NAS】使用WebDAV服务 + DDNSTO内网穿透 实现思源笔记的内外网同步08苍穹外卖面试总结09【2024高教社杯全国大学生数学建模竞赛】B题 生产过程中的决策问题——解题思路 代码 论文10pve(Proxmox VE)安装i225v网卡驱动