华为旁挂二层直接转发
规划表 | DHCP服务器 | Router作为有线STA的DHCP服务器 AC作为AP的DHCP服务器 CoreSW作为无线STA的DHCP服务器 | | AP地址池 | 192.168.200.2 ~ 192.168.200.199/24 | | STA地址池 | 有线STA 192.168.10.2 ~ 192.168.10.199/24 | 无线STA 192.168.101.3 ~ 92.168.101.199/24 | | AC源接口IP | VLANIF100:192.168.100.1/24 | | AP组 | 名称:zurkj 引用模板:VAP模板zurkj 引用域管理模板:zurkj | | 域管理模板
| | | 安全模板 | 名称:zurkj 安全策略:WPA2+PSK+AES 密码:qwe123123 | | SSID模板 | | | VAP模板 | 名称:zurkj 转发模式:直接转发 业务VLAN:101 引用模板:安全模板zurkj SSID模板zurkj |
注意:遂道转发模式下,管理VLAN和业务VLAN不能配置成同一个VLAN,并且AP和AC之间只能放通管理VLAN,不能放通业务VLAN。 周边设备通信配置 JRSW <Huawei>system-view [Huawei]sysname jrsw [jrsw]vlan batch 100 101 [jrsw]interface gigabitethernet 0/0/2 [jrsw-GigabitEthernet0/0/2]port link-type trunk [jrsw-GigabitEthernet0/0/2]port trunk pvid vlan 100 [jrsw-GigabitEthernet0/0/2]port trunk allow-pass vlan 100 101 [jrsw-GigabitEthernet0/0/2]undo port trunk allow-pass vlan 1 [jrsw-GigabitEthernet0/0/2]port-isolate enable [jrsw-GigabitEthernet0/0/2]quit [jrsw]interface gigabitethernet 0/0/1 [jrsw-GigabitEthernet0/0/1]port link-type trunk [jrsw-GigabitEthernet0/0/1]port trunk allow-pass vlan 100 101 [jrsw-GigabitEthernet0/0/1]undo port trunk allow-pass vlan 1 [jrsw-GigabitEthernet0/0/1]quit
CoreSW <Huawei>system-view [Huawei]sysname CoreSW [CoreSW]vlan batch 100 101 [CoreSW]interface gigabitethernet 0/0/2 [CoreSW-GigabitEthernet0/0/2]port link-type trunk [CoreSW-GigabitEthernet0/0/2]port trunk allow-pass vlan 100 101 [CoreSW-GigabitEthernet0/0/2]undo port trunk allow-pass vlan 1 [CoreSW-GigabitEthernet0/0/2]quit [CoreSW]interface gigabitethernet 0/0/3 [CoreSW-GigabitEthernet0/0/3]port link-type trunk [CoreSW-GigabitEthernet0/0/3]port trunk allow-pass vlan 100 [CoreSW-GigabitEthernet0/0/3]undo port trunk allow-pass vlan 1 [CoreSW-GigabitEthernet0/0/3]quit [CoreSW]interface gigabitethernet 0/0/1 [CoreSW-GigabitEthernet0/0/1]port link-type trunk [CoreSW-GigabitEthernet0/0/1]port trunk pvid vlan 101 [CoreSW-GigabitEthernet0/0/1]port trunk allow-pass vlan 101 [CoreSW-GigabitEthernet0/0/1]undo port trunk allow-pass vlan 1 [CoreSW-GigabitEthernet0/0/1]quit [CoreSW]dhcp enable [CoreSW]interface vlanif 101 [CoreSW-Vlanif100]ip address 192.168.101.1 24 [CoreSW-Vlanif100]dhcp select global [CoreSW-Vlanif100]quit [CoreSW]ip pool vlan101 [CoreSW-ip-pool-vlan100]gateway-list 192.168.101.2 [CoreSW-ip-pool-vlan100]network 192.168.101.0 mask 24 [CoreSW-ip-pool-vlan100]excluded-ip-address 192.168.101.1 [CoreSW-ip-pool-vlan100]excluded-ip-address 192.168.101.200 192.168.101.254 [CoreSW-ip-pool-vlan100]lease day 2 hour 0 minute 0 [CoreSW-ip-pool-vlan100]dns-list 114.114.114.114 8.8.8.8 [CoreSW-ip-pool-vlan100]quit [CoreSW]ip route-static 0.0.0.0 0.0.0.0 192.168.101.2
Gateway <Huawei>system-view [Huawei]sysname gateway [gateway]dhcp enable [gateway]interface gigabitethernet 0/0/2 [gateway-GigabitEthernet0/0/2]ip address 192.168.10.1 24 [gateway-GigabitEthernet0/0/2]dhcp select interface [gateway-GigabitEthernet0/0/2]dhcp server excluded-ip-address192.168.10.200 192.168.10.254 [gateway-GigabitEthernet0/0/2]dhcp server lease day 2 hour 0 minute 0 [gateway-GigabitEthernet0/0/2]dhcp server dns-list 114.114.114.1148.8.8.8 [gateway-GigabitEthernet0/0/2]quit [gateway]interface gigabitethernet 0/0/0 [gateway-GigabitEthernet0/0/0]ip address 192.168.101.2 24 [gateway-GigabitEthernet0/0/0]quit
AC <AC6005>system-view [AC6005]sysname ac [ac]vlan 100 [ac-vlan100]quit [ac]interface gigabitethernet 0/0/1 [ac-GigabitEthernet0/0/1]port link-type trunk [ac-GigabitEthernet0/0/1]port trunk allow-pass vlan 100 [ac-GigabitEthernet0/0/1]undo port trunk allow-pass vlan 1 [ac-GigabitEthernet0/0/1]quit [ac]dhcp enable [ac]interface vlanif 100 [ac-Vlanif100]ip address 192.168.100.1 24 [ac-Vlanif100]dhcp select global [ac-Vlanif100]quit [ac]ip pool vlan100 [ac-ip-pool-vlan100]gateway-list 192.168.100.1 [ac-ip-pool-vlan100]network 192.168.100.0 mask 24 [ac-ip-pool-vlan100]excluded-ip-address 192.168.100.200 192.168.100.254 [ac-ip-pool-vlan100]lease day 2 hour 0 minute 0 [ac-ip-pool-vlan100]dns-list 114.114.114.114 8.8.8.8 [ac-ip-pool-vlan100]quit 离线导入AP 配置AP组和AP域管理模板,并且AP组引用域管理模板 [ac]wlan [ac-wlan-view]ap-group name zurkj [ac-wlan-ap-group-zurkj]quit [ac-wlan-view]regulatory-domain-profile name zurkj [ac-wlan-regulate-domain-zurkj]country-code cn [ac-wlan-regulate-domain-zurkj]quit [ac-wlan-view]ap-group name zurkj [ac-wlan-ap-group-zurkj]regulatory-domain-profile zurkj [ac-wlan-ap-group-zurkj]quit [ac-wlan-view]quit 配置AC源接口 [ac]capwap source interface vlanif 100 配置AP的认证方式 [ac]wlan [ac-wlan-view]ap auth-mode sn-auth 导入AP并为AP命名加入对应AP组 [ac-wlan-view]ap-id 0 ap-sn 210235448310C762C05C [ac-wlan-ap-0]ap-name ap1 [ac-wlan-ap-0]ap-group zurkj 配置安全模板 [ac-wlan-ap-0]security-profile name zurkj [ac-wlan-sec-prof-zurkj]security wpa2 psk pass-phrase qwe123123 aes [ac-wlan-sec-prof-zurkj]quit 配置SSID模板 [ac-wlan-view]ssid-profile name zurkj [ac-wlan-ssid-prof-zurkj]ssid zurkj [ac-wlan-ssid-prof-zurkj]quit 配置VAP模板 [ac-wlan-view]vap-profile name zurkj [ac-wlan-vap-prof-zurkj]forward-mode direct-forward [ac-wlan-vap-prof-zurkj]service-vlan vlan-id 101 [ac-wlan-vap-prof-zurkj]security-profile zurkj [ac-wlan-vap-prof-zurkj]ssid-profile zurkj [ac-wlan-vap-prof-zurkj]quit 进入AP组并调用VAP模板 [ac-wlan-view]ap-group name zurkj [ac-wlan-ap-group-zurkj]vap-profile zurkj wlan 1 radio all [ac-wlan-ap-group-zurkj]quit [ac-wlan-view]quit | 
|Archiver|手机版|小黑屋|祖瑞科技 全国计算机 网络IT运维社区!
( 沪ICP备16021636号-2 )
发表于 2021-2-2 22:44:16
楼主