標籤:華為、無線控制器、交換器、路由器
最近一個項目十分噁心,反覆去了好多次都沒解決問題,最後在求助的情況下解決了問題,今天閑來無事進行一下總結,希望以後大家在遇到類似問題的時候會有所協助,少走彎路。
環境如下:
無線AP:華為AP7110DN-AGN 無線控制器:華為L-AC6605-16AP
交換器:華為S5700-28P-LI-AC 路由器:華為AR0M0022BA00
650) this.width=650;" title="jietu.JPG" src="http://s3.51cto.com/wyfs02/M02/38/1B/wKioL1OzW9OwVoklAADN1UD1TL8657.jpg" alt="wKioL1OzW9OwVoklAADN1UD1TL8657.jpg" />
配置過程如下:
路由器配置:
<router>dis cu
[V200R003C01SPC900]
#
sysname router
#
snmp-agent local-engineid 800007DB034846FBDD5110
snmp-agent
#
http timeout 3
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
dhcp enable 啟用dhcp服務
#
undo dhcp server bootp
#
pki realm default
enrollment self-signed
#
#
acl number 2000
rule 5 permit source 192.168.1.0 0.0.0.255 配置acl
#
ip pool ip-pool1
gateway-list 192.168.1.1
network 192.168.1.0 mask 255.255.255.0
excluded-ip-address 192.168.1.2 192.168.1.10 配置dhcp位址集區等相關資訊
lease day 999 hour 0 minute 0
dns-list 202.99.160.68
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$=i~>Xp&aY+*2cEVcS-A23Uwe%$%$
local-user admin service-type http
#
firewall zone Local
priority 64
#
nat address-group 1 10.48.183.249 10.48.183.249 nat地址
#
interface GigabitEthernet0/0/0
#
interface GigabitEthernet0/0/1
ip address 192.168.1.1 255.255.255.0 配置內網介面IP地址
dhcp select global
#
interface GigabitEthernet0/0/2
ip address 10.48.183.241 255.255.255.0 配置外網介面地址和地址映射
nat outbound 2000
#
interface Cellular0/0/0
link-protocol ppp
#
interface Cellular0/0/1
link-protocol ppp
#
interface NULL0
#
interface LoopBack1
#
ip route-static 0.0.0.0 0.0.0.0 10.48.183.254 配置預設靜態路由
#
user-interface con 0
authentication-mode password
set authentication password cipher %$%$v)eUQb:[email protected]@Dq>LQ]8_~(,.6ebgw1T<1nDK(Bi*MIy)4I.6h,%$%$
user-interface vty 0 4 配置遠程telnet登陸
#
wlan ac
#
voice
#
diagnose
#
return
交換器配置:
<switch>dis cu
#
!Software Version V200R001C00SPC300
sysname switch
#
vlan batch 100 to 101 800 配置通訊vlan和管理vlan
#
undo http server enable
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$I6.ASV)hJET,p"Dn.YM%3aXO%$%$
local-user admin service-type http
#
interface Vlanif1
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk pvid vlan 800
port trunk allow-pass vlan 101 800
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk pvid vlan 800
port trunk allow-pass vlan 101 800 配置交換器串連無線AP的介面模式
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk pvid vlan 800
port trunk allow-pass vlan 101 800
#
interface GigabitEthernet0/0/4
port link-type trunk
port trunk pvid vlan 800
port trunk allow-pass vlan 101 800
#
interface GigabitEthernet0/0/5
port link-type trunk
port trunk allow-pass vlan 101 800 配置交換器串連無線控制器的介面模式
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface GigabitEthernet0/0/9
#
interface GigabitEthernet0/0/10
#
interface GigabitEthernet0/0/11
#
interface GigabitEthernet0/0/12
#
interface GigabitEthernet0/0/13
port link-type access
port default vlan 101
#
interface GigabitEthernet0/0/14
port link-type access
port default vlan 101
#
interface GigabitEthernet0/0/15 配置交換器與伺服器串連的介面模式
port link-type access
port default vlan 101
#
interface GigabitEthernet0/0/16
port link-type access
port default vlan 101
#
interface GigabitEthernet0/0/17
#
interface GigabitEthernet0/0/18
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
#
interface GigabitEthernet0/0/22
#
interface GigabitEthernet0/0/23
#
interface GigabitEthernet0/0/24
#
interface GigabitEthernet0/0/25
#
interface GigabitEthernet0/0/26
#
interface GigabitEthernet0/0/27
#
interface GigabitEthernet0/0/28
#
interface NULL0
#
interface LoopBack1
#
user-interface con 0
authentication-mode password
set authentication password cipher %$%[email protected])[email protected]=!S>W,G>5dOgs,@68!%p,d{O)k‘f!>MD~%$%$
user-interface vty 0 4
user-interface vty 16 20
#
return
無線控制器配置:
[V200R003C00SPC300]
#
sysname AC-LSW
#
snmp-agent local-engineid 800007DB03DCD2FC9AF55A
undo snmp-agent community complexity-check disable
snmp-agent
#
http server enable 啟動http服務,用來通過web方式訪問無線控制器
http secure-server enable
#
info-center timestamp log format-date
#
vlan batch 101 800 建立相應的vlan
#
dhcp enable 啟動dhcp服務
#
diffserv domain default
#
pki realm default
enrollment self-signed
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %@%@4SD!O#B"vE‘%R>6/v7][email protected]%@%@
local-user admin privilege level 15
local-user admin service-type http 配置web登陸使用者
#
interface Vlanif1
#
interface Vlanif101
ip address 192.168.1.18 255.255.255.0 配置遠端管理地址
#
interface Vlanif800
ip address 172.1.1.1 255.255.255.0 配置無線AP的管理位址集區並通過dhcp下發ip地址給AP
dhcp select interface
#
interface MEth0/0/1
ip address 192.168.0.1 255.255.255.0 組態管理介面的ip地址,用來進行系統版本的升級
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 101 800 設定與交換器串連介面的連接埠類型和允許的vlan
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface GigabitEthernet0/0/9
#
interface GigabitEthernet0/0/10
#
interface GigabitEthernet0/0/11
#
interface GigabitEthernet0/0/12
#
interface GigabitEthernet0/0/13
#
interface GigabitEthernet0/0/14
#
interface GigabitEthernet0/0/15
#
interface GigabitEthernet0/0/16
#
interface GigabitEthernet0/0/17
#
interface GigabitEthernet0/0/18
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
#
interface GigabitEthernet0/0/22
#
interface GigabitEthernet0/0/23
#
interface GigabitEthernet0/0/24
#
interface XGigabitEthernet0/0/1
#
interface XGigabitEthernet0/0/2
#
interface Wlan-Ess0
port hybrid pvid vlan 101
port hybrid untagged vlan 101 配置wlan-ess虛介面
#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 192.168.1.1 配置預設路由,用於遠端管理
#
user-interface con 0
authentication-mode password
set authentication password cipher %$%$"GCEA{F!GFFR9-UtLm#Y,;,-8xu`X~H8=;M/;;ZHZm/B;,0,%$%$ 配置console介面認證
user-interface vty 0 4
authentication-mode password
user privilege level 15
set authentication password cipher %$%$vr‘(L4QuvI^ojOS1^jg7~.ZM>[&xDt.~xUj&P.1UJ[nY.ZP~%$%$
user-interface vty 16 20 配置vty介面的認證,用於遠端管理
#
wlan
wlan ac source interface vlanif800 配置無線AP的管理vlan
ap-auth-mode no-auth 配置無線vlan的認證方式
ap id 4 type-id 28 mac 04f9-38e8-6f80 sn 210235555310E3000596 添加相應的無線AP
ap id 5 type-id 28 mac 04f9-38ea-35a0 sn 210235555310E3000992
ap id 6 type-id 28 mac 04f9-38e5-78a0 sn 210235555310E3000446
ap id 7 type-id 28 mac 04f9-38ea-35c0 sn 210235555310E3000993
wmm-profile name huawei-ap id 0 配置vmm-profile名稱
traffic-profile name huawei-ap id 0 配置traffic-profile名字
security-profile name huawei-ap id 0 配置security-profile名字
security-policy wpa2 配置安全模板的認證方式
wpa2 authentication-method psk pass-phrase cipher %@%@bkz|%Dyw"RFrgoE‘@[email protected]%@%@ encryption-method ccmp 配置無線AP的加密方式和相應的密碼(會影響網速)
sta-load-balance enable 啟用負載平衡功能
service-set name huawei id 0 佈建服務集模板
forward-mode tunnel
wlan-ess 0
ssid DHJS208 配置ssid為DHJS208
traffic-profile id 0
security-profile id 0
service-vlan 101 服務vlan101
radio-profile name huawei-ap id 0
radio-type 80211n 強制設定radio的類型為802.11n,這樣只有網卡的速率可以到133Mbps,如果不設定速率只能達到54Mbps這樣會影響網速
wmm-profile id 0
#
return
本文出自 “閑的蛋疼” 部落格,謝絕轉載!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
