简单的无线练习

一。配置接口类型

lsw1:

LSW1vlan batch 10 20 100

LSW1-GigabitEthernet0/0/1port link-type trunk

LSW1-GigabitEthernet0/0/1port trunk allow-pass vlan 10 20 100

LSW1port-group group-member GigabitEthernet 0/0/2 to GigabitEthernet 0/0/4

LSW1-GigabitEthernet0/0/2port link-type trunk

LSW1-GigabitEthernet0/0/3port link-type trunk

LSW1-GigabitEthernet0/0/4port link-type trunk

LSW1port-group group-member GigabitEthernet 0/0/2 to GigabitEthernet 0/0/3

LSW1-GigabitEthernet0/0/2port trunk allow-pass vlan 10 100

LSW1-GigabitEthernet0/0/3port trunk allow-pass vlan 10 100

LSW1-GigabitEthernet0/0/2port trunk pvid vlan 100

LSW1-GigabitEthernet0/0/3port trunk pvid vlan 100

LSW1-GigabitEthernet0/0/4port trunk allow-pass vlan 20 100

LSW1-GigabitEthernet0/0/4port trunk pvid vlan 100

AC1:

  1. AC6605vlan batch 100

  2. AC6605-GigabitEthernet0/0/2port link-type trunk

  3. AC6605-GigabitEthernet0/0/2port trunk allow-pass vlan 10 20 100

**二。配置DHCP---**地址池配置,为AP分配IP地址

lsw1:

LSW1dhcp enable

LSW1ip pool wifi

LSW1-ip-pool-wifigateway-list 192.168.1.1

LSW1-ip-pool-wifinetwork 192.168.1.0 mask 24

LSW1interface Vlanif 100

LSW1-Vlanif100ip address 192.168.1.1 24

LSW1-Vlanif100dhcp select global

三。WLAN配置

AP与AC实现三层互递

  1. AC6605interface Vlanif 100

  2. AC6605-Vlanif100ip address 192.168.1.2 24

在AP与AC间建立CAPWAP隧道

AC6605capwap source interface Vlanif 100 --- 设置使用某个VLAN接口与AP进行隧道建立

创建域管理模板

AC6605wlan --- 进入WLAN配置视图

AC6605-wlan-viewregulatory-domain-profile name aa

AC6605-wlan-regulate-domain-aacountry-code CN ---- 设置采用的WLAN的频段

AC6605-wlan-viewap auth-mode mac-auth --- 设置AP的认证模式

创建AP组

AC6605-wlan-viewap-group name gourp-1 --- 创建AP组

AC6605-wlan-ap-group-gourp-1regulatory-domain-profile aa --- 将域管理模板绑定到该AP组内

Warning: Modifying the country code will clear channel, power and antenna gain c

onfigurations of the radio and reset the AP. Continue?Y/N:Y

AC6605-wlan-viewap-group name gourp-2 --- 创建AP组

AC6605-wlan-ap-group-gourp-2regulatory-domain-profile aa--- 将域管理模板绑定到该AP组内

Warning: Modifying the country code will clear channel, power and antenna gain c

onfigurations of the radio and reset the AP. Continue?Y/N:Y

AP接入

AC6605-wlan-viewap-id 0 ap-mac 00e0-fcea-2130

AC6605-wlan-viewap-id 1 ap-mac 00e0-fc45-1cd0

AC6605-wlan-viewap-id 2 ap-mac 00e0-fcc6-35a0

AP组中添加AP设备

AC6605-wlan-ap-0ap-name ap-0--- 设置该AP的名称

AC6605-wlan-ap-0ap-group gourp-1--- 将该AP绑定到AP组内

Warning: This operation may cause AP reset. If the country code changes, it will

clear channel, power and antenna gain configurations of the radio, Whether to c

ontinue? Y/N:Y

AC6605-wlan-ap-1ap-name ap-1

AC6605-wlan-ap-1ap-group gourp-1

Warning: This operation may cause AP reset. If the country code changes, it will

clear channel, power and antenna gain configurations of the radio, Whether to c

ontinue? Y/N:y

AC6605-wlan-ap-2ap-name ap-2

AC6605-wlan-ap-2ap-group gourp-2

Warning: This operation may cause AP reset. If the country code changes, it will

clear channel, power and antenna gain configurations of the radio, Whether to c

ontinue? Y/N:y

配置安全模板

AC6605-wlan-viewsecurity-profile name openlab-1

AC6605-wlan-sec-prof-openlab-1security wpa2 psk pass-phrase openlab-2 aes

AC6605-wlan-viewsecurity-profile name openlab-2

AC6605-wlan-sec-prof-openlab-2security wpa2 psk pass-phrase openlab-1 aes

配置SSID模板

AC6605-wlan-viewssid-profile name openlab-1

AC6605-wlan-ssid-prof-openlab-1ssid openlab-1

AC6605-wlan-viewssid-profile name openlab-2

AC6605-wlan-ssid-prof-openlab-2ssid openlab-2

配置VAP模板

AC6605-wlan-viewvap-profile name openlab-1

AC6605-wlan-vap-prof-openlab-1forward-mode tunnel --- 隧道转发模式

AC6605-wlan-vap-prof-openlab-1service-vlan vlan-id 10 ---设定转发的业务流量所属VLAN,就是 wifi用户所属的VLAN

AC6605-wlan-vap-prof-openlab-1security-profile openlab-1--- 绑定安全模板

AC6605-wlan-vap-prof-openlab-1ssid-profile openlab-1--- 绑定SSID模板

AC6605-wlan-viewvap-profile name openlab-2

AC6605-wlan-vap-prof-openlab-2forward-mode tunnel

AC6605-wlan-vap-prof-openlab-2service-vlan vlan-id 20

AC6605-wlan-vap-prof-openlab-2security-profile openlab-2

AC6605-wlan-vap-prof-openlab-2ssid-profile openlab-2

在AP组中调用AP模板

AC6605-wlan-viewap-group name gourp-1

AC6605-wlan-ap-group-gourp-1vap-profile openlab-1 wlan 1 radio all

AC6605-wlan-viewap-group name gourp-2

AC6605-wlan-ap-group-gourp-2vap-profile openlab-2 wlan 2 radio all

四。配置DHCP

LSW1interface Vlanif 10

LSW1-Vlanif10ip address 192.168.10.254 24

LSW1-Vlanif10dhcp select global

LSW1ip pool vlan10

LSW1-ip-pool-vlan10network 192.168.10.0 mask 24

LSW1-ip-pool-vlan10gateway-list 192.168.10.254

LSW1int v 20

LSW1-Vlanif20ip address 192.168.20.254 24

LSW1-Vlanif20dhcp select global

LSW1ip pool vlan20

LSW1-ip-pool-vlan20network 192.168.20.0 mask 24

LSW1-ip-pool-vlan20gateway-list 192.168.20.254

五。配置全网可通

AC6605vlan 200

AC6605-GigabitEthernet0/0/1p l a

AC6605-GigabitEthernet0/0/1port default vlan 200

AC6605int v 200

AC6605-Vlanif200ip address 192.168.200.1 24

AC6605ip route-static 1.1.1.0 24 192.168.200.2

AC6605ip route-static 192.168.10.0 24 192.168.1.1

AC6605ip route-static 192.168.20.0 24 192.168.1.1

R1-GigabitEthernet0/0/0ip address 192.168.200.2 24

R1-LoopBack0ip address 1.1.1.1 24

R1ip route-static 192.168.1.0 24 192.168.200.1

R1ip route-static 192.168.20.0 24 192.168.200.1

LSW1ip route-static 192.168.200.0 24 192.168.1.2

LSW1ip route-static 1.1.1.0 24 192.168.1.2