华为AirEgine9700S AC配置示例

这篇具有很好参考价值的文章主要介绍了华为AirEgine9700S AC配置示例。希望对大家有所帮助。如果存在错误或未考虑完全的地方,请大家不吝赐教,您也可以点击"举报违法"按钮提交疑问。

AC软件版本:V200R021C00SPC100
管理Vlan:Vlan97
业务Vlan:150,160等

最终配置

<AirEgine9700S>dis cu
Software Version V200R021C00SPC100
#
 sysname AirEgine9700S
#
 http timeout 60
 http secure-server ssl-policy default_policy
 http secure-server server-source -i all
 http server enable
#
  set np rss hash-mode 5-tuple
#
mdns permit service-type _airplay._tcp.local id 0
mdns permit service-type _raop._tcp.local id 1
mdns permit service-type _printer._tcp.local id 2
mdns permit service-type _ipp._tcp.local id 3
mdns permit service-type _universal._sub._ipp._tcp.local id 4
mdns permit service-type _cups._sub._ipp._tcp.local id 5
#
kpi disable
#
vlan batch 8 10 to 14 20 97 to 100 110 120 130 140 150 160
#
stp enable
#
authentication-profile name default_authen_profile
authentication-profile name dot1x_authen_profile
authentication-profile name mac_authen_profile
authentication-profile name macportal_authen_profile
authentication-profile name portal_authen_profile
#
dns resolve 
dns proxy enable
#
dhcp enable
#
diffserv domain default
vlan 150
 description WIFI_Office
vlan 160
 description WIFI_Device
#
radius-server template default
#
pki realm default
 certificate-check none
#
ssl policy default_policy type server
 pki-realm default
 version tls1.2 
 ciphersuite ecdhe_rsa_aes128_gcm_sha256 ecdhe_rsa_aes256_gcm_sha384 
#
ike proposal default
 encryption-algorithm aes-256 
 dh group14 
 authentication-algorithm sha2-256 
 authentication-method pre-share
 integrity-algorithm hmac-sha2-256 
 prf hmac-sha2-256 
#
free-rule-template name default_free_rule
#
portal-access-profile name portal_access_profile
#
aaa
 authentication-scheme default
  authentication-mode local
 authentication-scheme radius
  authentication-mode radius
 authorization-scheme default
  authorization-mode local
 accounting-scheme default
  accounting-mode none
 local-aaa-user password policy administrator
 domain default
  authentication-scheme default
  accounting-scheme default
  radius-server default
 domain default_admin
  authentication-scheme default
  accounting-scheme default
 local-user admin password irreversible-cipher $1a$70hU8lq&U8$^\lQClf^PH70e]Ai/T#=JH/B.o>_2@:TIc*5
 local-user admin privilege level 15
 local-user admin service-type telnet ssh http
#
interface Vlanif1
 ip address dhcp-alloc unicast
#
interface Vlanif97
 description Huawei_AP_Management
 ip address 192.168.97.1 255.255.255.0
 dhcp select interface
#
interface Vlanif99
 ip address 192.168.99.14 255.255.255.0
#
interface Ethernet0/0/47
 ip address 169.254.3.1 255.255.255.0
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk pvid vlan 97
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk pvid vlan 97
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk pvid vlan 97
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/4
 port link-type trunk
 port trunk pvid vlan 97
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/5
 port link-type trunk
 port trunk pvid vlan 97
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/6
 port link-type trunk
 port trunk pvid vlan 97
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/7
 port link-type trunk
 port trunk pvid vlan 97
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/8
 port link-type trunk
 port trunk pvid vlan 97
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/9
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/10
 port link-type access
#               
interface XGigabitEthernet0/0/1
#
interface XGigabitEthernet0/0/2
#
interface NULL0
#
 ftp server-source -i Vlanif1
#
 info-center timestamp log date precision-time millisecond
 info-center timestamp trap date precision-time millisecond
#
undo icmp name timestamp-request receive
#
 undo snmp-agent 
#
 ssh server-source -i Vlanif1
 stelnet server enable 
 undo telnet ipv6 server enable 
 telnet server-source -i all
ssh server secure-algorithms cipher aes256_ctr aes128_ctr
ssh server secure-algorithms hmac sha2_256
ssh server key-exchange dh_group16_sha512 dh_group15_sha512 dh_group_exchange_sha256
ssh client secure-algorithms cipher aes256_ctr aes128_ctr
ssh client secure-algorithms hmac sha2_256
ssh client key-exchange dh_group16_sha512 dh_group15_sha512 dh_group_exchange_sha256
#
ip route-static 0.0.0.0 0.0.0.0 192.168.99.2
#
capwap source interface vlanif97
capwap dtls psk %^%#]lL\@l`~V01y4k&yGds;u
capwap dtls inter-controller psk %^%#y#it7qr4lEBfmj"64wf*-0)wAI
#
user-interface con 0
 authentication-mode password
 set authentication password irreversible-cipher $1b$yLn\E><a[($jmB=GQiO%9f'$@LX9bi.qIv*'D"S|U,deHK{7j:K$
 idle-timeout 120 0
user-interface vty 0 4
 authentication-mode aaa
 idle-timeout 120 0
 protocol inbound all
user-interface vty 16 20
 authentication-mode aaa
 protocol inbound ssh
#
wmi-server
#
wmi-server2
#               
wlan
 temporary-management psk %^%#9%#HB6rgA1g8A,'LjmwC|EJ`LC'Il3MgbJ
 ap username admin password cipher %^%#He1C-To#\%zv]kVML<e9gqfB#)=G#Pfg(
 traffic-profile name default
 security-profile name CEST
  security wpa-wpa2 psk pass-phrase %^%#*w)%"FGyd1+**xFybfE9gs/*"<}.I%^%# aes
 security-profile name Admin
  security wpa-wpa2 psk pass-phrase %^%#6to$7l'm9U6wp,ITj9F3_Nx!<km,h+"ZiA$%^%# aes
 security-profile name Device
  security wpa-wpa2 psk pass-phrase %^%#8:1y5eC72-K-~PP5fmi;lEE/Sb-sV70nB}`:h7%^%# aes
 security-profile name Mobile
  security wpa-wpa2 psk pass-phrase %^%#+7!1S3bB`Nt[];3vn*>;}w)0{ONd.C)|jv9HQ%^%# aes
 security-profile name default
 security-profile name default-wds
 security-profile name default-mesh
 ssid-profile name CEST
  ssid CEST
 ssid-profile name Admin
  ssid Admin
 ssid-profile name Device
  ssid Device
 ssid-profile name Mobile
  ssid Mobile
 ssid-profile name default
 vap-profile name CEST
  service-vlan vlan-id 20
  ssid-profile CEST
  security-profile CEST
 vap-profile name Admin
  service-vlan vlan-id 10
  ssid-profile Admin
  security-profile Admin
 vap-profile name Device
  service-vlan vlan-id 160
  ssid-profile Device
  security-profile Device
 vap-profile name Mobile
  service-vlan vlan-id 150
  ssid-profile Mobile
  security-profile Mobile
 vap-profile name default
 wds-profile name default
 mesh-handover-profile name default
 mesh-profile name default
 regulatory-domain-profile name default
 regulatory-domain-profile name domain1
 air-scan-profile name default
 rrm-profile name default
 radio-2g-profile name default
 radio-5g-profile name default
 wids-spoof-profile name default
 wids-whitelist-profile name default
 wids-profile name default
 wireless-access-specification
 ap-system-profile name default
 port-link-profile name default
 wired-port-profile name default
 ap-group name default
 ap-group name ap-group1
  regulatory-domain-profile domain1
  radio 0
   vap-profile Device wlan 1
   vap-profile Mobile wlan 2
   vap-profile Admin wlan 3
   vap-profile CEST wlan 4
  radio 1
   vap-profile Device wlan 1
   vap-profile Mobile wlan 2
   vap-profile Admin wlan 3
   vap-profile CEST wlan 4
 ap-id 0 type-id 79 ap-mac a47c-c940-6140 ap-sn 21500831133GMB000229
  ap-name area_0
  ap-group ap-group1
 ap-id 1 type-id 79 ap-mac a47c-c940-7da0 ap-sn 21500831133GMB000023
  ap-name area_1
  ap-group ap-group1
 ap-id 2 type-id 79 ap-mac a47c-c940-8ce0 ap-sn 21500831133GMB000126
  ap-name area_2
  ap-group ap-group1
 ap-id 3 type-id 79 ap-mac a47c-c940-7d20 ap-sn 21500831133GMB000019
  ap-name area_3
  ap-group ap-group1
 ap-id 4 type-id 79 ap-mac a47c-c940-9300 ap-sn 21500831133GMB000166
  ap-name area_4
  ap-group ap-group1
 ap-id 5 type-id 79 ap-mac a47c-c940-8a40 ap-sn 21500831133GMB000147
  ap-name area_5
  ap-group ap-group1
 ap-id 6 type-id 79 ap-mac a47c-c940-8300 ap-sn 21500831133GMB000066
  ap-name area_6
  ap-group ap-group1
 ap-id 7 type-id 79 ap-mac a47c-c940-90e0 ap-sn 21500831133GMB000189
  ap-name area_7
  ap-group ap-group1
 ap-id 8 type-id 79 ap-mac a47c-c940-8a20 ap-sn 21500831133GMB000145
  ap-name area_8
  ap-group ap-group1
 ap-id 9 type-id 79 ap-mac a47c-c940-8520 ap-sn 21500831133GMB000083
  ap-name area_9
  ap-group ap-group1
 provision-ap
#
device-profile profile-name @default_device_profile
 device-type default_type_phone
 enable
 rule 0 user-agent sub-match Android 
 rule 1 user-agent sub-match iPhone 
 rule 2 user-agent sub-match iPad 
 if-match rule 0 or rule 1 or rule 2
#
dot1x-access-profile name dot1x_access_profile
#
mac-access-profile name mac_access_profile
#
 undo ntp-service enable
 ntp-service server server-source -i Vlanif1
#
return
<AirEgine9700S> 
<AirEgine9700S>
<AirEgine9700S>dis int bri
PHY: Physical
*down: administratively down
(l): loopback
(s): spoofing
(b): BFD down
(e): ETHOAM down
InUti/OutUti: input utility/output utility
Interface                   PHY   Protocol  InUti OutUti   inErrors  outErrors
Ethernet0/0/47              up    up           0%     0%          0          0
GigabitEthernet0/0/1        down  down         0%     0%          0          0
GigabitEthernet0/0/2        down  down         0%     0%          0          0
GigabitEthernet0/0/3        down  down         0%     0%          0          0
GigabitEthernet0/0/4        down  down         0%     0%          0          0
GigabitEthernet0/0/5        down  down         0%     0%          0          0
GigabitEthernet0/0/6        down  down         0%     0%          0          0
GigabitEthernet0/0/7        down  down         0%     0%          0          0
GigabitEthernet0/0/8        down  down         0%     0%          0          0
GigabitEthernet0/0/9        up    up        0.03%  0.01%          0          0
GigabitEthernet0/0/10       down  down         0%     0%          0          0
NULL0                       up    up(s)        0%     0%          0          0
Vlanif1                     up    down         --     --          0          0
Vlanif97                    up    up           --     --          0          0
Vlanif99                    up    up           --     --          0          0
XGigabitEthernet0/0/1       down  down         0%     0%          0          0
XGigabitEthernet0/0/2       down  down         0%     0%          0          0
<GA-AirEgine9700S>
<GA-AirEgine9700S>dis ip rou
<GA-AirEgine9700S>dis ip routing-table 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 14       Routes : 14       

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface

        0.0.0.0/0   Static  60   0          RD   192.168.99.2    Vlanif99
      127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0
    169.254.3.0/24  Direct  0    0           D   169.254.3.1     Ethernet0/0/47
    169.254.3.1/32  Direct  0    0           D   127.0.0.1       Ethernet0/0/47
  169.254.3.255/32  Direct  0    0           D   127.0.0.1       Ethernet0/0/47
   192.168.97.0/24  Direct  0    0           D   192.168.97.1    Vlanif97
   192.168.97.1/32  Direct  0    0           D   127.0.0.1       Vlanif97
 192.168.97.255/32  Direct  0    0           D   127.0.0.1       Vlanif97
   192.168.99.0/24  Direct  0    0           D   192.168.99.198   Vlanif99
  192.168.99.14/32  Direct  0    0           D   127.0.0.1       Vlanif99
 192.168.99.255/32  Direct  0    0           D   127.0.0.1       Vlanif99
255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

<GA-AirEgine9700S>
<GA-AirEgine9700S>dis ap all
Total AP information:
fault : fault           [9]
nor   : normal          [1]
ExtraInfo : Extra information
--------------------------------------------------------------------------------------------------------
ID    MAC            Name   Group     IP             Type       State  STA  Uptime     ExtraInfo
--------------------------------------------------------------------------------------------------------
0     a47c-c940-6140 area_0 ap-group1 192.168.97.239 AP4051DN-S nor    4    3H:57M:17S -
1     a47c-c940-7da0 area_1 ap-group1 -              AP4051DN-S fault  0    -          -
2     a47c-c940-8ce0 area_2 ap-group1 -              AP4051DN-S fault  0    -          -
3     a47c-c940-7d20 area_3 ap-group1 -              AP4051DN-S fault  0    -          -
4     a47c-c940-9300 area_4 ap-group1 -              AP4051DN-S fault  0    -          -
5     a47c-c940-8a40 area_5 ap-group1 -              AP4051DN-S fault  0    -          -
6     a47c-c940-8300 area_6 ap-group1 -              AP4051DN-S fault  0    -          -
7     a47c-c940-90e0 area_7 ap-group1 -              AP4051DN-S fault  0    -          -
8     a47c-c940-8a20 area_8 ap-group1 -              AP4051DN-S fault  0    -          -
9     a47c-c940-8520 area_9 ap-group1 -              AP4051DN-S fault  0    -          -
--------------------------------------------------------------------------------------------------------
Total: 10
<GA-AirEgine9700S>

配置脚本参考

在AC6005上运行文章来源地址https://www.toymoban.com/news/detail-686868.html

dhcp enable
vlan batch 8 50 97
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk pvid vlan 97
 port trunk allow-pass vlan 2 to 4094

interface Vlanif97
 description Huawei_AP_Management
 ip address 192.168.97.1 255.255.255.0
 dhcp select interface

interface Vlanif8
 ip address 192.168.8.222 255.255.255.0
#                                    

interface GigabitEthernet0/0/8
 port link-type access
 port default vlan 8

ip route-static 0.0.0.0 0.0.0.0 192.168.8.1

dis ip pool

capwap source interface vlanif97

wlan

security-profile name LDS
  security wpa-wpa2 psk pass-phrase qq47198093 aes

ssid-profile name LDS
  ssid LDS


ssid-profile name LDS2_4
  ssid LDS2_4

 ssid-profile name LDS_5G
  ssid LDS_5G
 
vap-profile name LDS
  service-vlan vlan-id 50
  ssid-profile LDS
  security-profile LDS

vap-profile name LDS2_4
  service-vlan vlan-id 50
  ssid-profile LDS2_4
  security-profile LDS
 
vap-profile name LDS_5G
  service-vlan vlan-id 50
  ssid-profile LDS_5G
  security-profile LDS  

   
ap-group name ap-group1
  radio 0
   vap-profile LDS wlan 1
   vap-profile LDS2_4 wlan 2

  radio 1
   vap-profile LDS wlan 1
   vap-profile LDS_5G wlan 3


 ap-id 0 ap-mac 3c9d-56e2-fdc0
  ap-name area_0
  y
  ap-group ap-group1

到了这里,关于华为AirEgine9700S AC配置示例的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处: 如若内容造成侵权/违法违规/事实不符,请点击违法举报进行投诉反馈,一经查实,立即删除!

领支付宝红包 赞助服务器费用

相关文章

  • 华为无线AC内三层漫游配置详解

    1、在一台ac中实现三层漫游 2、ac和核心的互联vlan和ap的管理vlan是同一个广播域,可以不用配option 43 3、直接转发模式,ac上可以不起业务vlan,ac和核心交换机上可以只放行一个互联vlan 10 4、ac上要启两个vap魔板,两个ap-group,每个ap-group对应一个vap魔板 5、2个vap和ap-group魔板可

    2024年02月03日
    浏览(34)
  • 华为ac+ap 3层组网架构web配置+命令行配置

    1、所有的dhcp都在核心 2、ap管理地址dhcp也在核心 3、接入交换机接ap口要设置pvlan 4、业务vlan 10 20 5、ap管理vlan 100 这个vlan下要有一条option 43 sub-option 3 ascii 10.0.0.2 10.0.0.2为ac的vlan999 地址用于和核心互连 核心配置: dis cu dis current-configuration sysname HX undo info-center enable vlan batch 1

    2024年02月08日
    浏览(35)
  • 华为无线AC双机热备三层组网配置案例

    vrrp+hsb双机热备,最好用直接转发模式,隧道转发主备切换时会丢包,直接转发不会丢包 dis current-configuration sysname hx undo info-center enable vlan batch 10 66 88 99 to 100 ip pool vlan10 gateway-list 192.168.10.254 network 192.168.10.0 mask 255.255.255.0 dns-list 8.8.8.8 ip pool vlan100 gateway-list 172.16.100.254 network

    2024年02月08日
    浏览(39)
  • 华为无线ac+ap旁挂二层组网常用配置案例

    AC控制器理解配置步骤: capwap source interface Vlanif 100 //源IP回包地址 wlan ssid-profile name test //新建个模版名称为test ssid test //wifi名称 wlan security-profile name test //建立安全模版也叫test security wpa-wpa2 psk pass-phrase admin123 aes //wifi密钥为admin123,数据包加密方式为aes wlan vap-profile name test

    2024年02月16日
    浏览(47)
  • 华为ensp AC+AP组网案例及ACweb界面配置

    Cloud1 拓扑图 PVID的理解 我们知道PC发送的数据并不带VLAN标签,那么VLAN ID的标签是什么时候打上的呢,其实是在数据中进入交换机端口的时候打上的。在标准的以太网帧的源地址SA和类型Type之间打上的Tag标签,此tag标签中含有VLAN ID,VLAN ID的范围为4096,去掉一个默认的vlan 1和

    2024年01月19日
    浏览(42)
  • 专项技能训练五《云计算网络技术与应用》实训5-6:Docker之间网络互联通信配置

    实验前准备:在5-5环境下继续做。 1. 使用VMware安装CentOS 7虚拟机,将其命名为“Docker”。 2. 安装完虚拟机后,进入虚拟机,修改网络配置(onboot改为yes)并重启网络服务,查看相应IP地址,并使用远程连接软件进行连接。 3. 配置默认镜像yum源。 配置教程详见:[https://blog.cs

    2024年04月25日
    浏览(44)
  • 【网络技术】IP配置与子网掩码基础详解(基础详解)

    👉博__主👈:米码收割机 👉技__能👈:C++/Python语言 👉公众号👈:测试开发自动化 👉荣__誉👈:阿里云博客专家博主、51CTO技术博主 👉专__注👈:专注主流机器人、人工智能等相关领域的开发、测试技术。 作用:IP分配给用户上网使用网际协议设备的数字标签,分为IP

    2024年02月12日
    浏览(40)
  • 高级网络技术ENSP(1-2章原理详情和配置)手敲有误请私信修正

    第一章 1.企业网体系结构 1.1接入层 (Access layer):为终端设备提供接入和转发。 汇聚层(aggregation Layer):这一层的交换机需要将接入层各个交换机发来的流量进行汇聚。 核心层 (Core Layer):使用高性能的核心层交换机提供流量快速转发。 2.网络可靠性 2.1 BFD(Bidirectional Forwarding

    2024年01月16日
    浏览(34)
  • 华为配置基本QinQ示例

    组网需求 如图1所示,网络中有两个企业,企业1有两个分支,企业2有两个分支。这两个企业的各办公地的企业网都分别和运营商网络中的SwitchA和SwitchB相连,且公网中存在其它厂商设备,其外层VLAN Tag的TPID值为0x9100。 现需要实现: 企业1和企业2独立划分VLAN,两者互不影响。

    2024年02月04日
    浏览(31)
  • 华为---PPP协议简介及示例配置

             PPP 是Point-to-Point Protocol的简称,中文翻译为点到点协议。与以太网协议一样,PPP也是一个数据链路层协议。以太网协议定义了以太帧的格式,PPP协议也定义了自己的帧格式,这种格式的帧称为PPP帧。         利用PPP协议建立的二层网络称为PPP网络。一个PPP网络

    2024年02月07日
    浏览(40)

觉得文章有用就打赏一下文章作者

支付宝扫一扫打赏

博客赞助

微信扫一扫打赏

请作者喝杯咖啡吧~博客赞助

支付宝扫一扫领取红包,优惠每天领

二维码1

领取红包

二维码2

领红包