分为三步:1、网络互通,2、AP上线,3、wlan业务
bash
1、网络互通
crow-sw:
vlan batch 20 100
dhcp enable
int vlan 20
ip add 192.168.20.1 24
dhcp select interface
interface GigabitEthernet0/0/2
port link-type access
port default vlan 100
interface GigabitEthernet0/0/3
port link-type trunk
port trunk pvid vlan 100
port trunk allow-pass vlan 20 100
dis port vlan active #查看
interface GigabitEthernet0/0/4
port link-type trunk
port trunk pvid vlan 100
port trunk allow-pass vlan 20 100
AC2:
vlan 100
dhcp enable
int vlan 100
ip add 192.168.100.1 24
dhcp select interface
interface GigabitEthernet0/0/1
port link-type access
port default vlan 100
2、AP上线
AC:
全局:capwap source interface vlan 100
wlan
ap auth-mode no-auth (默认是MAC)
ap-group name Group_D
ap-id 0
ap-group Group_D
ap-id 1
ap-group Group_D
3、WLAN业务
AC:
wlan
security-profile name A
security wpa-wpa2 psk pass-phrase 12345678 aes
# 使用安全策略 wpa-wpa2 共享秘钥文psk,pass-phrase 密码,用户和AP直接加密方式aes.
ssid-profile name B
ssid Huawei
vap-profile name C # vap 虚拟模版
forward-mode direct-for #默认直接转发
service-vlan vlan-id 20 #使用
ssid-profile B #调用B策略
security-profile A #调用A策略
ap-group name Group_D
vap-profile C wlan 1 radio all #关联16个VAP,一个vap对应一个信号
ping 9.9.9.9
AR:
interface GigabitEthernet0/0/0
ip address 192.168.80.2 255.255.255.0
ip route-static 192.168.20.0 255.255.255.0 192.168.80.1
int loo 0
interface LoopBack0
ip address 9.9.9.9 255.255.255.255
core
interface GigabitEthernet0/0/1
port link-type access
port default vlan 800
ip route-static 0.0.0.0 0.0.0.0 192.168.80.2
interface Vlanif800
ip address 192.168.80.1 255.255.255.0