一、拓朴:
要求:vlan20 用于笔记本上网,使用Huawei信号,vlan30 用于手机上网,使用 Huawei-5G 信号
二、配置过程:
1、SW1 基本配置:
起 vlan batch 10 20 30,10 为管理 vlan,20、30分别为办公vlan和guestvlan
到 AC 接口为 trunk,允许vlan 10 通过
到 AP 接口为 trunk,允许vlan 10 20 30 通过,其中vlan10为 pvid(不打标记vlan)
vlan 20、30 分别起网关 10.1.20.1/24 10.1.30.1/24,接口开启 dhcp
2、AC1 基本配置 :
AC 起vlan batch 10,到 SW1 接口配置为 trunk,允许 vlan 10通过
起dhcp服务,应用到vlanif 10上
3、AC 指定 CAPWAP 隧道源地址为 vlanif 10,用于AP、AC的通信地址
capwap source interface vlanif10
dis capwap configuration
4、AC 配置 AP 组:
1)配置AP模板:创建域管理组、AP组、添加AP
wlan
regulatory-domain-profile name A #创建域管理组
country-code CN
dis regulatory-doman-profile name all
ap-group name APs #创建 AP 组,调用域管理组
regulatory-domain-profile A
dis ap-group all
ap-id 0 ap-mac 00e0-fc06-4a00 #添加AP,归入AP组
ap-name AP1
ap-group APs
dis ap all
2)配置VAP模板:创建安全组、SSID组、用VAP模板进行关联(配置业务)
wlan
security-profile name A # 创建安全组
security wpa-wpa2 psk pass-phrase 12345678 aes
ssid-profile name A #创建 SSID 组:
ssid Huawei
vap-profile name A #建 VAP 组,关联安全组--SSID 组
service-vlan vlan-id 20
ssid-profile A
security-profile A
3) AP-group 调用 VAP 组:
wlan
ap-group name APs #为指定的VAP组指定射频
radio 0 #取值范围0~2,radio0 = 2.4G
vap-profile A wlan 1 #wlan取值范围1~16,1-12、15为离线管理;13、14为WDS业务;16为mesh
dis vap-profile all | name x
5、为手机上网增加5G射频:
1)增加vap模板B:
vap-profile name B
service-vlan vlan-id 30
ssid-profile B
security-profile A
2)在AP组APs中,引入vap模板B,并为它引入到射频组:
ap-group name APs
radio 1
vap-profile B wlan 4
三、验证:双击其中一个频,输入密码,看到连接状态
四、所有配置:
[SW1]
vlan batch 10 20 30
#
vlan 10
description management
vlan 20
description office
vlan 30
description mobile
#
dhcp enable
#
interface Vlanif20
ip address 10.1.20.254 255.255.255.0
dhcp select interface
#
interface Vlanif30
ip address 10.1.30.254 255.255.255.0
dhcp select interface
#
interface GigabitEthernet0/0/1
description toAC
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
description toAP
port link-type trunk
port trunk pvid vlan 10
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 10 20 30
#
[AC1]
vlan batch 10
#
dhcp enable
#
interface Vlanif10
ip address 10.1.10.1 255.255.255.0
dhcp select interface
#
interface GigabitEthernet0/0/1
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 10
#
capwap source interface vlanif10
#
wlan
traffic-profile name default
security-profile name A
security wpa-wpa2 psk pass-phrase 12345678 aes
security-profile name default
security-profile name default-wds
security-profile name default-mesh
ssid-profile name A
ssid Huawei
ssid-profile name B
ssid Huawei-5G
ssid-profile name default
vap-profile name A
service-vlan vlan-id 20
ssid-profile A
security-profile A
vap-profile name B
service-vlan vlan-id 30
ssid-profile B
security-profile A
ap-group name APs
regulatory-domain-profile A
radio 0
vap-profile A wlan 1
radio 1
vap-profile B wlan 4
ap-group name APs2
regulatory-domain-profile A
radio 1
vap-profile B wlan 4
ap-group name default
ap-id 0 type-id 45 ap-mac 00e0-fc06-4a00 ap-sn 2102354483101D18984A
ap-name AP1
ap-group APs