任务一 无线网络的基本配置
信科公司的WLAN集群管理采用AC+FitAP的模式。在AC上面可以对AP进行基本的配置管理操作,包括向Valided AP表中添加AP、配置AP的位置信息。本任务介绍了在AC上配置AP的具体操作,网络拓扑图如图4-1所示。
图4-2 网络拓扑图
步骤1 安装无线路由器和无线AP,连接方式如下网络拓扑图
进行终端登录,Windows XP可以使用系统自带的管理终端进行登录,Windows 7可下载软件“SecureCRT”进行登录。登录前在“快速连接”对话框中设置软件参数并点击“连接”,如图4-3所示。
步骤2 在AC上面对与之关联的AP进行配置。配置AP的位置信息为“cn”,代码如下:
sys /*进入系统视图/
wlan /*进入到wlan视图下/
regulatory-domain-profile name domain1 /*创建域管理的模板,名称为domain1/
country-code cn /*国家编码为cn(中国)/
quit /*返回到wlan视图下/
ap-group name apg-lhh /*创建ap管理组,组名为apg-lhh/
regulatory-domain-profile domain1 /*将域管理模板引入到apg-lhh组里/
/返回系统视图下/
wlan /*进入到wlan视图下/
ap auth-mode mac-auth /*ap的认证方式为mac认证/
ap-id 1 ap-mac 00e0-fcc6-2a10 /*ap序号为1,mac地址为00e0-fcc6-2a10 /
ap-name ap-wifi1 /*将此ap命名为ap-wifi1 /
ap-group apg-lhh /*将此ap放入到apg-lhh组里/
/返回系统视图下/
任务二 无线网络的接入
信科公司部署无线网络之后,陆续因无线接入出现网络故障,影响了网络的稳定。经过分析研究,公司决定把办公无线接入和来宾接入隔离,使用两个SSID标识,负载均衡,提高网络安全,网络拓扑图如图4-4所示。具体操作如下:
图4-4 网络拓扑图
注:云端开启步骤:
(1)双击“云朵”,使用端口选项选择GE
(2)端口映射设置
步骤1 配置出口路由器/核心交换机/AC的IP地址、端口
(1)配置出口路由器端口
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname AR
[AR]int g0/0/0
[AR-GigabitEthernet0/0/0]ip add 10.0.0.2 24
Oct 4 2022 19:50:58-08:00 AR %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
on the interface GigabitEthernet0/0/0 has entered the UP state.
[AR-GigabitEthernet0/0/0]q
[AR]
(2)配置AC
<AC6005>sys
Enter system view, return user view with Ctrl+Z.
[AC6005]sysname AC1
[AC1]vlan ba
[AC1]vlan batch 10
Info: This operation may take a few seconds. Please wait for a moment...done.
[AC1]int vlan
[AC1]int Vlanif 10
[AC1-Vlanif10]ip add 172.16.1.2 24 # 与核心交换机直连的IP地址
[AC1-Vlanif10]int g0/0/1
[AC1-GigabitEthernet0/0/1]port link-type trunk
[AC1-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[AC1-GigabitEthernet0/0/1]q
[AC1]
(3) 配置核心交换机
<Huawei>sys
[Huawei]sysname LSW1
[LSW1]vlan batch 5 10
[LSW1]int vlanif 1
[LSW1-Vlanif1]ip add 10.0.0.1 24
[LSW1-Vlanif1]int vlanif 5
[LSW1-Vlanif5]ip add 192.168.0.1 24
[LSW1-Vlanif5]int vlanif 10
[LSW1-Vlanif10]ip add 172.16.1.1 24
[LSW1-Vlanif10]int g0/0/4
[LSW1-GigabitEthernet0/0/4]port link-type trunk
[LSW1-GigabitEthernet0/0/4]port trunk allow-pass vlan all
步骤2 配置AC/出口路由器的路由,使其能相互通信。
(1)首先AC设置静态路由
<AC1>sys
Enter system view, return user view with Ctrl+Z.
[AC1]ip route-static 0.0.0.0 0 172.16.1.1
[AC1](2)其次 路由器设置静态路由
<AR>sys
Enter system view, return user view with Ctrl+Z.
[AR]ip route-static 0.0.0.0 0 10.0.0.1
[AR]
(3)最后 在AC上测试连通性
## 在AC上ping一下路由器,测试网络是否联通:
<AC1>ping 10.0.0.2
PING 10.0.0.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.0.2: bytes=56 Sequence=1 ttl=254 time=60 ms
Reply from 10.0.0.2: bytes=56 Sequence=2 ttl=254 time=30 ms
Reply from 10.0.0.2: bytes=56 Sequence=3 ttl=254 time=40 ms
Reply from 10.0.0.2: bytes=56 Sequence=4 ttl=254 time=40 ms
Reply from 10.0.0.2: bytes=56 Sequence=5 ttl=254 time=50 ms
## 确认无误再进行下一步步骤3 配置核心交换机DHCP,使其能分配IP地址给AP
## 配置与AP相连的端口
<Huawei>sys
[LSW1]port-group group-member g0/0/1 to g0/0/3 # 端口组
[LSW1-port-group]port link-type trunk
[LSW1-port-group]port trunk allow-pass vlan all
[LSW1-port-group]port trunk pvid vlan 5
[LSW1-port-group]quit
## 配置DHCP地址池
[LSW1]dhcp enable # 使能DHCP
[LSW1]ip pool vlan5 # 创建地址池
[LSW1-ip-pool-vlan5]network 192.168.0.0 mask 24 # 配置要分配的网段
[LSW1-ip-pool-vlan5]gateway-list 192.168.0.1 # 配置要分配的网关地址
[LSW1-ip-pool-vlan5]option 43 sub-option 3 ascii 172.16.1.2 # 将AC的IP地址下发给AP
[LSW1-ip-pool-vlan5]quit
[LSW1]int vlanif 5
[LSW1-Vlanif5]dhcp select global #在接口上下发IP地址 
查看AP的地址有没有上来;以AP1为例,双击AP设备,输入以下代码:
<Huawei>dis ip int bri
ping一下AC看看通不通
<Huawei>ping 172.16.1.2
PING 172.16.1.2: 56 data bytes, press CTRL_C to break
Reply from 172.16.1.2: bytes=56 Sequence=1 ttl=254 time=30 ms
Reply from 172.16.1.2: bytes=56 Sequence=2 ttl=254 time=30 ms
Reply from 172.16.1.2: bytes=56 Sequence=3 ttl=254 time=20 ms
Reply from 172.16.1.2: bytes=56 Sequence=4 ttl=254 time=40 ms
Reply from 172.16.1.2: bytes=56 Sequence=5 ttl=254 time=30 ms
--- 172.16.1.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/30/40 ms
确认无误,进行下一步
步骤4 注册AP
注:以下配置,可能会弹出的警告,都选Y。
<AC1>sys
Enter system view, return user view with Ctrl+Z.
#指定capwap协议的信令源地址
[AC1]capwap source interface Vlanif 10
[AC1]wlan # 进入wlan视图
[AC1-wlan-view]ap auth-mode mac-auth # 配置AC的验证方式为MAC验证
## 创建域配置并配置国家码,使AP的射频特性符合国家的法律法规要求
[AC1-wlan-view]regulatory-domain-profile name CN # 创建域配置
[AC1-wlan-regulate-domain-CN]country-code CN # 国家码:中国
Info: The current country code is same with the input country code.
[AC1-wlan-regulate-domain-CN]q
## 创建AP-group
[AC1-wlan-view]ap-group name guest # 创建guest组
[AC1-wlan-ap-group-guest]regulatory-domain-profile CN # 关联刚才的域配置
Warning: Modifying the country code will clear channel, power and antenna gain c
onfigurations of the radio and reset the AP. Continue?[Y/N]:y
[AC1-wlan-ap-group-guest]q
[AC1-wlan-view]ap-group name work # 创建work组
Info: This operation may take a few seconds. Please wait for a moment.done.
[AC1-wlan-ap-group-work]regulatory-domain-profile CN # 关联刚才的域配置
Warning: Modifying the country code will clear channel, power and antenna gain c
onfigurations of the radio and reset the AP. Continue?[Y/N]:y
[AC1-wlan-ap-group-work]q
查看AP的MAC地址如下:
(1)依次双击AP1,AP2,AP3,输入指令:
将mac地址复制备用:
AP1:00e0-fc54-49d0
AP2: 00e0-fc4d-4a80
AP3: 00e0-fc15-5570
## 基于mac地址注册AP
<AC1>sys
Enter system view, return user view with Ctrl+Z.
[AC1]wlan
[AC1-wlan-view]ap-id 1 ap-mac 00e0-fc54-49d0 # 加入AP。mac地址可以通过查看核心交换机的mac地址表,或者右键AP打开设置查看
[AC1-wlan-ap-1]ap-name guest1 # 将AP名字更改为guest1
[AC1-wlan-ap-1]ap-group guest # 将AP加入刚才配置的guest组
Warning: This operation may cause AP reset. If the country code changes, it will
clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC1-wlan-ap-1]q
[AC1-wlan-view]ap-id 2 ap-mac 00e0-fc4d-4a80
[AC1-wlan-ap-2]ap-name guest2
[AC1-wlan-ap-2]ap-group guest
Warning: This operation may cause AP reset. If the country code changes, it will
clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC1-wlan-ap-2]q
[AC1-wlan-view]ap-id 3 ap-mac 00e0-fc15-5570
[AC1-wlan-ap-3]ap-name work1
[AC1-wlan-ap-3]ap-group work
Warning: This operation may cause AP reset. If the country code changes, it will
clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC1-wlan-ap-3]q
[AC1-wlan-view]
注: 到此处AP会自动重启,且AP名字会被更改(如果没有自动重启,可以自己手动重启) ; 重启完在AC上查看AP是否注册成功:
<AC1>
<AC1>sys
Enter system view, return user view with Ctrl+Z.
[AC1]wlan
[AC1-wlan-view]dis ap all
Info: This operation may take a few seconds. Please wait for a moment.done.
Total AP information:
nor : normal [3]
--------------------------------------------------------------------------------
----------
ID MAC Name Group IP Type State STA Uptime
--------------------------------------------------------------------------------
----------
1 00e0-fc54-49d0 guest1 guest 192.168.0.254 AP2050DN nor 0 9M:21S
2 00e0-fc4d-4a80 guest2 guest 192.168.0.253 AP2050DN nor 0 8M:15S
3 00e0-fc15-5570 work1 work 192.168.0.252 AP2050DN nor 0 7M:14S
--------------------------------------------------------------------------------
----------
Total: 3
[AC1-wlan-view] 
可以看到state为nor,说明注册成功;
等三台设备全部上线,确认无误再进行下一步
步骤5 分配无线参数
[AC1]vlan pool sta-pool101 # 新建vlan地址池,名称为sta-pool101
[AC1-vlan-pool-sta-pool101]vlan 101
[AC1-vlan-pool-sta-pool101]quit
[AC1]vlan pool sta-pool102
[AC1-vlan-pool-sta-pool102]vlan 102
[AC1-vlan-pool-sta-pool102]quit
## 安全配置(WIFI密码)
[AC1]wlan
[AC1-wlan-view]security-profile name guest # 新建安全配置,名称为guest
[AC1-wlan-sec-prof-guest]security wpa2 psk pass-phrase a12345678 aes # 配置加密方式为wpa2-psk,aes密文存放
[AC1-wlan-sec-prof-guest]quit
[AC1-wlan-view]security-profile name work
[AC1-wlan-sec-prof-work]security wpa2 psk pass-phrase a12345678 aes
[AC1-wlan-sec-prof-work]quit
## SSID配置(WIFI名称)
[AC1-wlan-view]ssid-profile name guest # 新建SSID配置,名称为guest
[AC1-wlan-ssid-prof-guest]ssid guest # 配置SSID名为guest
[AC1-wlan-ssid-prof-guest]quit
[AC1-wlan-view]ssid-profile name work
[AC1-wlan-ssid-prof-work]ssid work
[AC1-wlan-ssid-prof-work]quit
## 虚拟接入点(vpa)配置
[AC1-wlan-view]vap-profile name guest # 新建vap配置,名称为guest
[AC1-wlan-vap-prof-guest]service-vlan vlan-pool sta-pool101 # 应用vlan地址池
[AC1-wlan-vap-prof-guest]security-profile guest # 应用安全配置
[AC1-wlan-vap-prof-guest]ssid-profile guest # 应用SSID
[AC1-wlan-vap-prof-guest]quit
[AC1-wlan-view]vap-profile name work
[AC1-wlan-vap-prof-work]service-vlan vlan-pool sta-pool102
[AC1-wlan-vap-prof-work]security-profile work
[AC1-wlan-vap-prof-work]ssid-profile work
[AC1-wlan-vap-prof-work]quit
## 开启无线电信号
[AC1-wlan-view]ap-group name guest
[AC1-wlan-ap-group-guest]vap-profile guest wlan 1 radio 0 # 应用虚拟接入点配置,wlanid为1,radio 0意思是使用2.4GHz的频段
[AC1-wlan-ap-group-guest]vap-profile guest wlan 1 radio 1 # 配置双射频,radio 1=5GHz
[AC1-wlan-ap-group-guest]quit
[AC1-wlan-view]ap-group name work
[AC1-wlan-ap-group-work]vap-profile work wlan 1 radio 0
[AC1-wlan-ap-group-work]vap-profile work wlan 1 radio 1 
此时 网络拓扑图显示信号覆盖范围,如下图所示:
步骤6 配置客户端使用的地址池,结束。检验配置成果。
## 配置核心交换机
[LSW1]vlan batch 101 102
[LSW1]ip pool 101
[LSW1-ip-pool-101]network 192.168.10.0 mask 24
[LSW1-ip-pool-101]gateway-list 192.168.10.1
[LSW1-ip-pool-101]quit
[LSW1]ip pool 102
[LSW1-ip-pool-102]network 192.168.20.0 mask 24
[LSW1-ip-pool-102]gateway-list 192.168.20.1
[LSW1-ip-pool-102]quit
[LSW1]int vlanif 101
[LSW1-Vlanif101]ip ad 192.168.10.1 24
[LSW1-Vlanif101]dhcp select global
[LSW1]int vlanif 102
[LSW1-Vlanif102]ip ad 192.168.20.1 24
[LSW1-Vlanif102]dhcp select global 
步骤7 在终端设备连接AP,并输入密码
双击 phone,具体链接过程如下图:
笔记本联网模拟:
笔记本单独联通后拓扑图如下图:文章来源:https://www.toymoban.com/news/detail-446035.html
有时间的话可以测试一下网络连通性:文章来源地址https://www.toymoban.com/news/detail-446035.html
STA>ipconfig
Link local IPv6 address...........: ::
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.10.254
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.10.1
Physical address..................: 54-89-98-F0-37-1A
DNS server........................:
## 以上可以看到终端自动获取的IP地址信息是正确的
## 再ping一下出口路由器和AC:
STA>ping 10.0.0.2
Ping 10.0.0.2: 32 data bytes, Press Ctrl_C to break
From 10.0.0.2: bytes=32 seq=1 ttl=254 time=219 ms
From 10.0.0.2: bytes=32 seq=2 ttl=254 time=282 ms
From 10.0.0.2: bytes=32 seq=3 ttl=254 time=203 ms
From 10.0.0.2: bytes=32 seq=4 ttl=254 time=204 ms
From 10.0.0.2: bytes=32 seq=5 ttl=254 time=218 ms
STA>ping 172.16.1.2
Ping 172.16.1.2: 32 data bytes, Press Ctrl_C to break
From 172.16.1.2: bytes=32 seq=1 ttl=254 time=266 ms
From 172.16.1.2: bytes=32 seq=2 ttl=254 time=218 ms
From 172.16.1.2: bytes=32 seq=3 ttl=254 time=203 ms
From 172.16.1.2: bytes=32 seq=4 ttl=254 time=266 ms
From 172.16.1.2: bytes=32 seq=5 ttl=254 time=203 ms到了这里,关于项目四 无线网络配置(使用华为模拟器eNSP)的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!
