华为FAT AP配置 真机

ax一号街阿楠2025-05-13 8:33

FAT AP 的主要特点

特性 说明
独立工作 不需要AC(无线控制器),自己处理认证、加密、漫游等功能。
内置完整功能 支持SSID、安全策略(WPA/WPA2)、VLAN、QoS、DHCP等。
适合小型网络 适用于家庭、小企业、分支机构等少量AP的场景。
成本较高(相比FIT AP) 功能集成度高,硬件成本通常比FIT AP高。
配置复杂(大规模部署) 每个AP需要单独配置,管理维护麻烦。

简单组网示例

AP相关规划

设备:

AP:4050DN-HD

POE交换机 :S2700-9TP-PWR-EI

项目 说明
终端的业务VLAN 10
DHCP服务器 AP作为终端的DHCP服务器
终端地址池 10.23.10.2~10.23.10.254 / 24
SSID模板 名称 : anan_test SSID名称: anan_wlan
安全模板 名称:anan_sec 安全策略:WPA-WPA2+PSK+AES 密码:anan123456@
VAP模板 名称:anan_vap 业务VLAN : vlan10 引用模板:SSID模板anan_test ,安全模板anan_sec
NAT Outbound 私网ip地址网段:10.23.10.0/24映射到私网网关

1.配置AP和上层接口网络互通

复制代码 
[AP]int Vlanif 100
[AP-Vlanif100]ip address 192.168.1.193 255.255.255.0
[AP-Vlanif100]quit
[AP]int GigabitEthernet 0/0/0
#如果上行直连路由器,那么上行口可以配置为access
[AP-GigabitEthernet0/0/0]port link-type trunk 
[AP-GigabitEthernet0/0/0]port trunk allow-pass vlan 100
[AP-GigabitEthernet0/0/0]port trunk pvid vlan 100
[AP-GigabitEthernet0/0/0]quit
#配置缺省路由
[AP]ip route-static 0.0.0.0 0.0.0.0 192.168.1.1
#完成后可以找一个外网ip  ping一下试试

配置后看能不能访问外网ip

配置DHCP

复制代码 
[AP]dhcp enable 
[AP]vlan batch 10
Info: This operation may take a few seconds. Please wait for a moment...done.
[AP]int vlan 10
[AP-Vlanif10]ip address 10.23.10.1 24
#开启接口采用接口地址池的DHCP server功能
[AP-Vlanif10]dhcp select interface 
[AP-Vlanif10]quit

配置国家码

复制代码 
[AP]wlan 
#CN表示中国 ,不同国家射频特性不同
[AP-wlan-view]country-code CN

配置安全模板-创建名为anan_sec的安全模板,并配置安全策略WPA-WPA2+PSK+AES

复制代码 
[AP-wlan-view]security-profile name anan_sec
[AP-wlan-sec-prof-anan_sec]security wpa-wpa2 psk pass-phrase anan123456@ aes
[AP-wlan-sec-prof-anan_sec]quit

配置SSID模板,模板名为anan_test , SSID名称(WIFI名称)为anan_wlan

复制代码 
[AP-wlan-view]ssid-profile name anan_test
[AP-wlan-ssid-prof-anan_test]ssid anan_wlan
Info: This operation may take a few seconds, please wait.done.
[AP-wlan-ssid-prof-anan_test]quit

创建名为VAP模板,配置业务vlan,并引用安全模板和SSID模板

复制代码 
[AP-wlan-view]vap-profile name anan_vap
[AP-wlan-vap-prof-anan_vap]service-vlan vlan-id 10
Info: This operation may take a few seconds, please wait.done.
[AP-wlan-vap-prof-anan_vap]security-profile anan_sec
Info: This operation may take a few seconds, please wait.done.
[AP-wlan-vap-prof-anan_vap]ssid-profile anan_test
Info: This operation may take a few seconds, please wait.done.
[AP-wlan-vap-prof-anan_vap]quit

关闭AP射频的信道和功率自动调优功能 , 配置ap射频的信道和功率

复制代码 
[AP]interface Wlan-Radio 0/0/0
[AP-Wlan-Radio0/0/0]vap-profile anan_vap wlan 2
Info: This operation may take a few seconds, please wait.done.

[AP-Wlan-Radio0/0/0]calibrate auto-channel-select disable 
Info: This operation will recover the redundant radio.

[AP-Wlan-Radio0/0/0]calibrate auto-txpower-select disable 

[AP-Wlan-Radio0/0/0]channel 20mhz 1
Warning: This action may cause service interruption. Continue?[Y/N]Y
Info: The channel value and bandwidth value take effect only when automatic channel selection is disabled, and the value depends on the AP specifications and local laws and regulations.

[AP-Wlan-Radio0/0/0]eirp 127
Info: The EIRP value takes effect only when automatic transmit power selection is disabled, and the value depends on the AP specifications and local laws and regulations.

[AP-Wlan-Radio0/0/0]quit 
[AP]int Wlan-Radio 0/0/1
[AP-Wlan-Radio0/0/1]vap-profile anan_vap wlan  2
Info: This operation may take a few seconds, please wait.done.
[AP-Wlan-Radio0/0/1]calibrate auto-txpower-select disable 
[AP-Wlan-Radio0/0/1]calibrate auto-channel-select disable 
Info: This operation will recover the redundant radio.
[AP-Wlan-Radio0/0/1]channel 20mhz 165
Warning: This action may cause service interruption. Continue?[Y/N]y
Info: The channel value and bandwidth value take effect only when automatic channel selection is disabled, and the value depends on the AP specifications and local laws and regulations.
[AP-Wlan-Radio0/0/1]eirp 127
Info: The EIRP value takes effect only when automatic transmit power selection is disabled, and the value depends on the AP specifications and local laws and regulations.
[AP-Wlan-Radio0/0/1]quit

配置NAT地址转换(这步配置完终端连上就能用了)

复制代码 
[AP]acl 2000
[AP-acl-basic-nat]ru
[AP-acl-basic-nat]rule 5 pe
[AP-acl-basic-nat]rule 5 permit s
[AP-acl-basic-nat]rule 5 permit source 10.23.10.0 0.0.0.255
[AP-acl-basic-nat]quit
[AP]int Vlanif 100
[AP-Vlanif100]nat outbound 2000
[AP-Vlanif100]quit

配置完成后验证下

关闭SSID广播 (隐藏wifi名称)

复制代码 
[AP-wlan-ssid-prof-anan_test]ssid-hide enable

配置DNS

复制代码 
[AP]dns proxy enable 
[AP]dns resolve
[AP]dns server source-ip 192.168.1.193
Info: The source IP address used to exchange packets with the DNS server must belong to the same VPN as the DNS server IP address or the two IP addresses belong to a public network, and this source IP address must be the local device IP address. Otherwise, this function does not take effect.
[AP]dns server 61.139.2.69
#查看配置是否正确
[AP]dis current-configuration | include dns
portal pass dns enable
dns resolve
dns server 61.139.2.69
dns server source-ip 192.168.1.193
dns proxy enable

验证访问域名

相关推荐
麒麟ZHAO8 分钟前
鸿蒙flutter第三方库适配 - 实时天气查询
flutter·华为·harmonyos
攻城狮在此13 分钟前
华为企业网二层交换、三层交换、出口路由组网配置案例(OSPF动态路由)
网络·架构
七夜zippoe14 分钟前
OpenClaw 多代理协作编排:构建企业级智能协作网络
网络·工作流·openclaw·多代理协作·对等协作
会员果汁2 小时前
网络工程-路由策略概述
网络
mounter6258 小时前
【硬核前沿】CXL 深度解析:重塑数据中心架构的“高速公路”,Linux 内核如何应对挑战?-- CXL 协议详解与 LSF/MM 最新动态
linux·服务器·网络·架构·kernel
autumn200510 小时前
Flutter 框架跨平台鸿蒙开发 - 虚拟纪念馆
flutter·华为·harmonyos
ACP广源盛1392462567310 小时前
破局 Type‑C 切换器痛点@ACP#GSV6155+LH3828/GSV2221+LH3828 黄金方案
c语言·开发语言·网络·人工智能·嵌入式硬件·计算机外设·电脑
2301_8227032011 小时前
渐变壁纸生成:基于鸿蒙Flutter的跨平台壁纸创建工具
flutter·华为·harmonyos·鸿蒙
人间打气筒(Ada)11 小时前
「码动四季·开源同行」HarmonyOS应用开发:常见组件
华为·开源·harmonyos·组件·布局·鸿蒙开发
嵌入式小企鹅12 小时前
蓝牙学习系列(八):BLE L2CAP 协议详解
网络·学习·蓝牙·ble·协议栈·l2cap
热门推荐
01GitHub 镜像站点02一周AI热点速览(2026.03.31-04.06):GPT-6曝光、谷歌开源Gemma 4、资本狂飙与模型军备竞赛03基于 Docker 部署 Hermes Agent 并接入飞书机器人的完整指南042026年4月技术前沿:AI大模型爆发、智能体革命与量子安全新纪元05VMware Workstation Pro 17 虚拟机完整安装教程(2026最新)06OpenClaw 请求超时 llm request timed out 怎么解决?3 种方案实测,附完整排查流程07实测!Gemma 4 成功跑在安卓手机上:离线 AI 助手终于来了08AI Weekly | 2026年4月第二周 · GitHub热门项目与AI发展趋势深度解析09CodeBuddy与WorkBuddy深度对比:腾讯两款AI工具差异及实操指南10免费!不限量!用opencode接入英伟达(NVIDIA)大模型,轻松打造你的 AI 编程助手