(eNSP)配置WDS手拉手业务

1.实验拓扑

2.基础配置

复制代码
[SW1]dis cu
#
sysname SW1
#
vlan batch 10 100 110 120
#
dhcp enable
#
interface Vlanif10
 ip address 192.168.10.2 255.255.255.0
#
interface Vlanif100
 ip address 192.168.100.2 255.255.255.0
 dhcp select interface
 dhcp server excluded-ip-address 192.168.100.1
#
interface Vlanif110
 ip address 192.168.110.1 255.255.255.0
 dhcp select interface
#
interface Vlanif120
 ip address 192.168.120.1 255.255.255.0
 dhcp select interface
#
interface GigabitEthernet0/0/1
 port link-type access
 port default vlan 10
#
interface GigabitEthernet0/0/2
 port link-type access
 port default vlan 100
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 100 110 120
#
ip route-static 8.8.8.8 255.255.255.255 192.168.10.1
#

[SW2]dis cu
#
sysname SW2
#
vlan batch 10
#
interface Vlanif10
 ip address 192.168.10.1 255.255.255.0
#
interface GigabitEthernet0/0/1
 port link-type access
 port default vlan 10
#
interface LoopBack0
 ip address 8.8.8.8 255.255.255.255
#
ip route-static 0.0.0.0 0.0.0.0 192.168.10.2
#

[AC1]dis cu
#
 sysname AC1
#
vlan batch 100 110 120
#
vlan pool 1
 vlan 110 120
#
interface Vlanif100
 ip address 192.168.100.1 255.255.255.0
#
interface GigabitEthernet0/0/1
 port link-type access
 port default vlan 100
#
ip route-static 0.0.0.0 0.0.0.0 192.168.100.2
#
capwap source interface vlanif100
#
wlan
 security-profile name huawei
  security wpa-wpa2 psk pass-phrase %^%#+hOW~@wYj$]V3"In*EC:{%%+9w/N"SS{rHLdV>IT%^%# aes
 security-profile name wds-sec
  security wpa2 psk pass-phrase %^%#LVE>*]9}2D)gSDUcuSE*Gxkk.'X4)UZtd|'.@cW;%^%# aes
 security-profile name wlan-net
 ssid-profile name huawei
  ssid huawei
 ssid-profile name wlan-net
  ssid wlan-net
 vap-profile name huawei
  service-vlan vlan-pool 1
  ssid-profile huawei
  security-profile huawei
 vap-profile name wlan-net
  service-vlan vlan-pool 1
  ssid-profile wlan-net
  security-profile wlan-net
 wds-whitelist-profile name wds-list1
  peer-ap mac 00e0-fc65-7800
 wds-profile name wds-leaf
  security-profile wds-sec
  vlan tagged 110 120
  wds-name wlan-wds
 wds-profile name wds-root
  security-profile wds-sec
  vlan tagged 110 120
  wds-name wlan-wds
  wds-mode root
 ap-group name ap1
  radio 0
   vap-profile huawei wlan 1
  radio 1
   vap-profile huawei wlan 1
   wds-profile wds-root
   wds-whitelist-profile wds-list1
  radio 2
   vap-profile huawei wlan 1
 ap-group name ap2
  radio 0
   vap-profile wlan-net wlan 1
  radio 1
   vap-profile wlan-net wlan 1
   wds-profile wds-leaf
  radio 2
   vap-profile wlan-net wlan 1
 ap-id 0 type-id 47 ap-mac 00e0-fce0-3dd0 ap-sn 210235448310B80C4479
  ap-name AP1
  ap-group ap1
  radio 1
   channel 40mhz-plus 157
   coverage distance 4
 ap-id 1 type-id 47 ap-mac 00e0-fc65-7800 ap-sn 210235448310555B520A
  ap-name AP2
  ap-group ap2
  radio 1
   channel 40mhz-plus 149
   coverage distance 4
#

3.wds重点配置

(在WDS网络中,建立WDS链路的射频必须为同一信道。)

AC1-wlan-viewap-id 1

AC1-wlan-ap-1di th

ap-name AP2

ap-group ap2

radio 1

channel 40mhz-plus 149

coverage distance 4

return

AC1-wlan-viewap-id 0

AC1-wlan-ap-0dis th

ap-name AP1

ap-group ap1

radio 1

channel 40mhz-plus 157

coverage distance 4

return

#配置WDS链路使用的安全模板"wds-sec","wds-sec"的安全策略为WPA2+PSK+AES。

AC1-wlan-viewsecurity-profile name wds-sec

AC1-wlan-sec-prof-wds-secdi th

security wpa2 psk pass-phrase %^%#LVE>*]9}2D)gSDUcuSE*Gxkk.'X4)UZtd|'.@cW;%^%# aes

return

# 配置WDS白名单。配置AP_1绑定的WDS白名单"wds-list1",仅允许AP_2接入

AC1-wlan-viewwds-whitelist-profile name wds-list1

AC1-wlan-wds-whitelist-wds-list1di th

peer-ap mac 00e0-fc65-7800

return

# 配置WDS模板"wds-root"。网桥标识为"wlan-wds",网桥模式为"root",引用安全模板"wds-sec",以tagged形式允许无线业务VLAN101通过。

AC1-wlan-viewwds-profile name wds-root

AC1-wlan-wds-prof-wds-rootdi th

security-profile wds-sec

vlan tagged 110 120

wds-name wlan-wds

wds-mode root

return

# 配置WDS模板"wds-leaf"。网桥标识为"wlan-wds",网桥模式为"leaf",引用安全模板"wds-sec",以tagged形式允许无线业务VLAN101通过。

AC1-wlan-viewwds-profile name wds-leaf

AC1-wlan-wds-prof-wds-leafdi th

security-profile wds-sec

vlan tagged 110 120

wds-name wlan-wds

return

# 配置AP组"ap-group1"的射频1引用WDS白名单"wds-list1"。

AC1-wlan-ap-group-ap1radio 1

AC1-wlan-group-radio-ap1/1di th

wds-whitelist-profile wds-list1

return

# 配置AP组"ap-group1",引用WDS模板"wds-root"。

复制代码
[AC-wlan-view] ap-group name ap-group1
[AC-wlan-ap-group-ap-group1] wds-profile wds-root radio 1
Warning: This action may cause service interruption. Continue?[Y/N]y

# 配置AP组"ap-group2",引用WDS模板"wds-leaf"。

复制代码
[AC-wlan-view] ap-group name ap-group2
[AC-wlan-ap-group-ap-group2] wds-profile wds-leaf radio 1
Warning: This action may cause service interruption. Continue?[Y/N]y

配置WLAN业务参数

# 创建名为"wlan-net"的安全模板,并配置安全策略。

复制代码
[AC-wlan-view] security-profile name wlan-net
[AC-wlan-sec-prof-wlan-net] security open  #在ensp模拟器里面此处建议设置为开放,否则很难连接无线。
[AC-wlan-sec-prof-wlan-net] quit

# 创建名为"wlan-net"的SSID模板,并配置SSID名称为"wlan-net"。

复制代码
[AC-wlan-view] ssid-profile name wlan-net
[AC-wlan-ssid-prof-wlan-net] ssid wlan-net
[AC-wlan-ssid-prof-wlan-net] quit

# 创建名为"wlan-net"的VAP模板,配置业务数据转发模式、业务VLAN,并且引用安全模板和SSID模板。

复制代码
[AC-wlan-view] vap-profile name wlan-net
[AC-wlan-vap-prof-wlan-net] forward-mode direct-forward
[AC-wlan-vap-prof-wlan-net] service-vlan vlan-pool 1
[AC-wlan-vap-prof-wlan-net] security-profile wlan-net
[AC-wlan-vap-prof-wlan-net] ssid-profile wlan-net
[AC-wlan-vap-prof-wlan-net] quit

AC1-wlan-viewap-group name ap2

AC1-wlan-ap-group-ap2di th

radio 0
vap-profile wlan-net wlan 1

radio 1

vap-profile wlan-net wlan 1

wds-profile wds-leaf

radio 2

vap-profile wlan-net wlan 1

return

4.验证

相关推荐
星恒讯工业路由器1 分钟前
工业无线通信选型常见问题解答
网络·信息与通信·无线ap·设备选型·工业无线通信·防爆无线设备·4g/5g路由器
Web4Browser2 分钟前
Headless 浏览器自动化适合哪些任务?巡检、截图和提交动作要分级
运维·前端·自动化
難釋懷6 分钟前
Nginx浏览器强制缓存
运维·nginx·缓存
智慧光迅AINOPOL14 分钟前
校园全光网建设成本对比:全光网取代传统校园网建设成本分析
网络·全光网解决方案·全光网·校园全光网·校园全光网解决方案
大博士.J15 分钟前
视频号主体违规与认证上限?正确的解决方式
运维·python·自动化
2401_8734794037 分钟前
如何识别代理IP和伪装流量?用IP情报工具三步穿透住宅代理伪装
网络·数据库·网络协议·tcp/ip·ip
s090713637 分钟前
深入解析 Sensor Hub Transport Protocol (SHTP) 协议
网络·协议·传感器·shtp
hey you~1 小时前
400电话选型技术测评:一个开发视角的线路质量评估方案
运维·网络·数据库·400电话·企业通信
筱羽_筱羽1 小时前
跟着“Ubuntu18.04/20.04编译Linux5.10.76+Xenomai-3.2.1+IgH”教程遇到的问题
linux·运维·ubuntu
DolphinScheduler社区1 小时前
Apache DolphinScheduler 6 月治理优化,补齐调度运维全链路细节
大数据·运维·云原生·apache·海豚调度