分享web开发知识

注册/登录|最近发布|今日推荐

主页 IT知识网页技术软件开发前端开发代码编程运营维护技术分享教程案例
当前位置:首页 > 网页技术

FAT AP v200R005 配置二层透明模式(web&命令行,开局)

发布时间:2023-09-06 02:04责任编辑:郭大石关键词:配置
背景:

vlan123:用户业务vlan,192.168.1.0/24

Vlan2001:管理vlan,172.168.129.0/24

vlan1:默认vlan,不建议使用。

注意事项:

配置服务集时,Wlan-bss接口不能重复使用,也不能缺少。

有线口的vlan配置,需要参考上行交换机进行。

特别注意:配置供参考,vlan和IP段以实际业务为准。



【前提准备】:添加管理ip 192.168.1.100,在切换vlan123后以新此的ip来登陆




a.       登录WEB界面,点击“配置向导”中的“WLAN配置向导”

b.       配置有线口。二层模式可用Access。

不同类型的差异与比较:http://forum.huawei.com/enterprise/thread-278705.html

c.       新建虚拟接口,以承载ip地址。此处仅为管理使用,不做三层交换。

之前已经配置,可以跳过

d.       DHCP服务,跳过,一般由上行设备去分配。

e.       配置AP的国家码。

f.        配置2.4G射频,双频AP可选择两个,但配置向导只能实现一个射频。

到新建射频模板页

输入参数。

特别注意:此版本开始,射频类型不能手动调节,会自动适配。(v200R003还要配置802.11bgn和802.11an)

到新建WMM模板页。

输入名称即可,其他不改。

g.       用户认证方式

h.       配置服务集

服务集有4个模块,需要依次配置。

-          配置SSID,对外显示的信号名称

-          流量模板,用于限速。如无特别需求,仅需配一个名称。

-          安全模板,无线网络安全设置

加密方式建议选择WPA2+PSK+CCMP。

如果要实现无密码的,使用默认参数即可。

-          BSS接口。无线空口,用于连接无线用户的逻辑接口。

确定后查看服务集

检查之前的配置,完成后,提示成功。

i.         配置路由(此处仅作管理使用,与业务无关)

j.         最后记得保存,页面右上角。

 

 

如果要开启双频功能,另一个射频,通过WLAN业务配置进行。

做法类似,需要创建模板,可到射频模板和服务集中 对应中操作。

 

修改射频模板:

修改服务集及子模板:

 

 

 
 

vlan batch 123 2001 

interface Vlanif123 
ip address 192.168.1.100 255.255.255.0 

interface Vlanif2001 
ip address 172.168.129.116 255.255.255.0 

interface GigabitEthernet0/0/0 
port link-type trunk 
port trunk allow-pass vlan 123 2001 

interface Wlan-Bss0 
port hybrid pvid vlan 123 
port hybrid untagged vlan 123 
#  
interface Wlan-Bss1 
port hybrid pvid vlan 123 
port hybrid untagged vlan 123 
#                                         
interface NULL0 

ip route-static 0.0.0.0 0.0.0.0 172.168.129.1   //用于管理AP,与业务无关 

wlan 
wmm-profile name wmmf id 0 
traffic-profile name hw-wm id 2        
security-profile name hw-sec id 0 
  security-policy wpa2 
  wpa2 authentication-method psk pass-phrase cipher %@%@Wk,1MS)36Cp~e8ViJ4I18K)M%@%@ encryption-method ccmp 
security-profile name default id 1 
service-set name hw-set id 0 
  Wlan-Bss 0 
  ssid hw-ssid 
  traffic-profile id 2 
  security-profile id 0 
service-set name hw-5G id 1 
  Wlan-Bss 1 
  ssid hw-5G 
  traffic-profile id 2 
  security-profile id 0 
radio-profile name radiof id 0 
  wmm-profile id 0 

interface Wlan-Radio0/0/0       //2.4G 
radio-profile id 0 
service-set id 0 

interface Wlan-Radio0/0/1       //5G 
radio-profile id 0 
service-set id 1 
return 


还可以更简化(以5G为例,前提上行交换机的pvid是业务vlan123): 


interface Vlanif1 
ip address 192.168.1.100 255.255.255.0 

interface Wlan-Bss0 
port hybrid pvid vlan 1 
port hybrid untagged vlan 1 

wlan 
wmm-profile name wmmf id 0 
traffic-profile name hw-wm id 2        
security-profile name hw-sec id 0 
  security-policy wpa2 
  wpa2 authentication-method psk pass-phrase cipher %@%@Wk,1MS)36Cp~e8ViJ4I18K)M%@%@ encryption-method ccmp 
security-profile name default id 1 
service-set name hw-5G id 1 
  Wlan-Bss 1 
  ssid hw-5G 
  traffic-profile id 2 
  security-profile id 0 
radio-profile name radiof id 0 
  wmm-profile id 0 

interface Wlan-Radio0/0/1 //5G 
radio-profile id 0 
service-set id 1 

 
 
实际配置:
 
 
命令行配置:
 
[Huawei]dis current-configuration # http secure-server ssl-policy default_policy http server enable# clock timezone Bei Jing Time add 08:00:00# dns resolve ?#vlan batch 123 2001#lldp enable #pki realm default enrollment self-signed#ssl policy default_policy type server pki-realm default#aaa ?authentication-scheme default ?authorization-scheme default ?accounting-scheme default ?domain default ??domain default_admin ??local-user admin password irreversible-cipher %@%@X"rg8gLdnWFsme+%Cme&|WpR_ry&%h+8uUz%T^ED_a&~WpU|%@%@ local-user admin privilege level 15 ??????local-user admin service-type ssh http ??# ????????????????????????????????????????interface Vlanif1 ?????????????????????????ip address 169.254.1.1 255.255.0.0 ??????# ????????????????????????????????????????interface Vlanif123 ???????????????????????ip address 192.168.1.100 255.255.255.0 ??# ????????????????????????????????????????interface Vlanif2001 ??????????????????????ip address 172.168.129.116 255.255.255.0 # ????????????????????????????????????????interface GigabitEthernet0/0/0 ????????????port link-type access ????????????????????port default vlan 123 ????????????????????mac-learning priority 3 ?????????????????# ????????????????????????????????????????interface Wlan-Bss0 ???????????????????????port hybrid pvid vlan 123 ????????????????port hybrid untagged vlan 123 ???????????# ????????????????????????????????????????interface Wlan-Bss1 ???????????????????????port hybrid pvid vlan 123 ????????????????port hybrid untagged vlan 123 ???????????# ????????????????????????????????????????interface NULL0 ??????????????????????????# ?????????????????????????????????????????info-center timestamp log format-date ???# ?????????????????????????????????????????undo snmp-agent ?????????????????????????# ?????????????????????????????????????????ssh client first-time enable ?????????????stelnet server enable ????????????????????undo telnet server enable ???????????????# ????????????????????????????????????????ip route-static 0.0.0.0 0.0.0.0 172.168.129.1# ????????????????????????????????????????user-interface con 0 ??????????????????????authentication-mode password ?????????????set authentication password cipher %@%@2#P:KfxTtO6:o(6g`U^<,.g`~CW;#TbyeC2e%QSe85^=.gc,%@%@user-interface vty 0 4 ????????????????????authentication-mode aaa ??????????????????protocol inbound ssh ????????????????????user-interface vty 16 20 ??????????????????protocol inbound all ????????????????????# ????????????????????????????????????????wlan ??????????????????????????????????????wmm-profile name wmmf id 0 ???????????????wmm-profile name default id 1 ????????????traffic-profile name default id 0 ????????traffic-profile name hw-wm id 2 ??????????security-profile name hw-sec id 0 ?????????security-policy wpa2 ?????????????????????wpa2 authentication-method psk pass-phrase cipher %@%@M)gP3kz1I;>Wiw$wX]a(zO7o%@%@ encryption-method ccmp security-profile name default id 1 ???????service-set name hw-set id 0 ??????????????Wlan-Bss 0 ???????????????????????????????ssid hw-ssid ?????????????????????????????traffic-profile id 2 ?????????????????????security-profile id 0 ???????????????????service-set name hw-5G id 1 ???????????????Wlan-Bss 1 ???????????????????????????????ssid hw-5G ???????????????????????????????traffic-profile id 2 ?????????????????????security-profile id 0 ???????????????????radio-profile name radiof id 0 ????????????wmm-profile id 0 ????????????????????????radio-profile name default id 1 ???????????wmm-profile id 1 ????????????????????????radio-profile name huawei-5g id 2 ?????????calibrate-interval 720 ???????????????????wmm-profile id 0 ???????????????????????# ????????????????????????????????????????interface Wlan-Radio0/0/0 ?????????????????radio-profile id 0 ???????????????????????service-set id 0 wlan 1 ?????????????????# ????????????????????????????????????????interface Wlan-Radio0/0/1 ?????????????????radio-profile id 2 ???????????????????????service-set id 1 wlan 1 ?????????????????# ?????????????????????????????????????????undo ntp-service enable ?????????????????# ????????????????????????????????????????return ???????????????????????????????????[Huawei]
 参考:http://forum.huawei.com/enterprise/zh/thread-236265-1-1.html

FAT AP v200R005 配置二层透明模式(web&命令行,开局)

原文地址:https://www.cnblogs.com/weifeng1463/p/9337772.html

知识推荐

我的编程学习网——分享web前端后端开发技术知识。 垃圾信息处理邮箱 tousu563@163.com 网站地图
icp备案号 闽ICP备2023006418号-8 不良信息举报平台 互联网安全管理备案 Copyright 2023 www.wodecom.cn All Rights Reserved