AP自动注册改标识、AC虚拟配置管理、PC连接WiFi(华为ENSP)

发布于:2022-11-09 ⋅ 阅读:(11) ⋅ 点赞:(0) ⋅ 评论:(0)

目录

项目背景

配置思路

一、配置AP获取IP地址

1、需求

2、步骤

1)配置SW2

2)配置DHCP中继(SW1)

3)配置DHCP服务器

二、 实现AP自动注册

1、需求

2 、步骤

1)配置DHCP服务器,为AP 分配 AC 服务器的IP地址

2)配置网关,实现AC和AP互通

3)配置AC,离线导入AP,实现AP注册

三、配置WLAN业务参数

1 、需求

2、 步骤

1)配置AC上的相关业务参数(配置后如图)

2)配置 DHCP 服务器,为无线终端用户分配IP地址

3)配置DHCP中继(SW1)

项目背景

  • 企业内网大量AP通过DHCP的方式获得IP地址。
  • 为了实现后期大量AP的统一管理,希望通过AC实现集中控制。
  • 在AC设备上,为了便于设备管理,按照统一的格式进行命名。
  • 不同的无线终端,动态分配IP地址。
  • 配置AC,为不同的AP下发不同的配置,确保可以发射无线信号。
  • 实现不同无线终端互通,PC连接WIFI。 

配置思路

一、配置AP获取IP地址

1、需求

  1. 企业的“无线网络”改造,使用“旁挂式”组网,确保可扩展性
  2. 无线控制器(AC)连接在核心交换机上,属于 VLAN 200
  3. AP连接在汇聚层交换机上,AP的管理IP地址属于 VLAN 100
  4. 企业内网中存在4个VLAN,分别服务于内网员工和外部人员
  5. AP的网关以及所有无线用户的终端的网关,都配置在核心交换机
  6. AP和无线用户终端的IP地址都是通过 DHCP 的方式获得
  7. 最终确保连接到不同AP的无线终端之间可以互通

2、步骤

1)配置SW2

<Huawei>sy
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname SW2
[SW2]vlan batch 100 101 102 103 104
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW2]port-g	
[SW2]port-group g	
[SW2]port-group group-member g0/0/2 to g0/0/5
[SW2-port-group]port link-type trunk 
[SW2-GigabitEthernet0/0/2]port link-type trunk 
[SW2-GigabitEthernet0/0/3]port link-type trunk 
[SW2-GigabitEthernet0/0/4]port link-type trunk 
[SW2-GigabitEthernet0/0/5]port link-type trunk 
[SW2-port-group]port trunk allow-pass vlan all 
[SW2-GigabitEthernet0/0/2]port trunk allow-pass vlan all 
[SW2-GigabitEthernet0/0/3]port trunk allow-pass vlan all 
[SW2-GigabitEthernet0/0/4]port trunk allow-pass vlan all 
[SW2-GigabitEthernet0/0/5]port trunk allow-pass vlan all 
[SW2-port-group]port trunk pvid vlan 100
[SW2-GigabitEthernet0/0/2]port trunk pvid vlan 100
[SW2-GigabitEthernet0/0/3]port trunk pvid vlan 100
[SW2-GigabitEthernet0/0/4]port trunk pvid vlan 100
[SW2-GigabitEthernet0/0/5]port trunk pvid vlan 100
[SW2-port-group]q
[SW2]int g0/0/1
[SW2-GigabitEthernet0/0/1]port link-type trunk 
[SW2-GigabitEthernet0/0/1]port trunk allow-pass vlan all 

2)配置DHCP中继(SW1)

<Huawei>sy
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname SW1
[SW1]vlan batch 100 101 102 103 104 200 210
[SW1]int g0/0/2
[SW1-GigabitEthernet0/0/2]port link-type trunk 
[SW1-GigabitEthernet0/0/2]port trunk allow-pass vlan all 
[SW1-GigabitEthernet0/0/2]q
[SW1]int g0/0/1
[SW1-GigabitEthernet0/0/1]port link-type access 
[SW1-GigabitEthernet0/0/1]port default vlan 210
[SW1-GigabitEthernet0/0/1]q
[SW1]dhcp enable 
Info: The operation may take a few seconds. Please wait for a moment.done.
[SW1]int Vlanif 100
[SW1-Vlanif100]ip address 192.168.100.254 24
[SW1-Vlanif100]dhcp select relay 
[SW1-Vlanif100]dhcp relay server-ip 192.168.210.1
[SW1-Vlanif100]q
[SW1]int Vlanif 210
[SW1-Vlanif210]ip add 192.168.210.254 24
[SW1-Vlanif210]q

3)配置DHCP服务器

<Huawei>sy
[Huawei]sysname R1
[R1]dhcp enable 
Info: The operation may take a few seconds. Please wait for a moment.done.
[R1]ip pool vlan100
Info: It's successful to create an IP address pool.
[R1-ip-pool-vlan100]network 192.168.100.0 mask 24
[R1-ip-pool-vlan100]gateway-list 192.168.100.254
[R1-ip-pool-vlan100]dns-list 8.8.8.8
[R1-ip-pool-vlan100]lease day 1
[R1-ip-pool-vlan100]q
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 192.168.210.1 24
[R1-GigabitEthernet0/0/0]dhcp select global 
[R1-GigabitEthernet0/0/0]q
[R1]ip route-static 0.0.0.0 0 192.168.210.254

二、 实现AP自动注册

1、需求

  1. 企业内网的大量AP已经通过 DHCP 的方式获得 IP 地址
  2. 为了实现后期大量AP的统一管理,希望通过 AC 实现集中控制
  3. 在AC设备上,为了便于设备管理,按照统一的命名格式

2 、步骤

1)配置DHCP服务器,为AP 分配 AC 服务器的IP地址

<R1>sy
Enter system view, return user view with Ctrl+Z.
[R1]ip pool vlan100
[R1-ip-pool-vlan100]option 43 sub-option 3 ascii 192.168.200.1

2)配置网关,实现AC和AP互通

[SW1]int Vlanif 200
[SW1-Vlanif200]ip add 192.168.200.254 24
[SW1-Vlanif200]q                                 
[SW1]int g0/0/3
[SW1-GigabitEthernet0/0/3]port link-type access 
[SW1-GigabitEthernet0/0/3]port default vlan 200
[SW1-GigabitEthernet0/0/3]q
<AC6605>sy
Enter system view, return user view with Ctrl+Z.
[AC6605]sysname AC
[AC]vlan 200
Info: This operation may take a few seconds. Please wait for a moment...done.
[AC-vlan200]q
[AC]int g0/0/1
[AC-GigabitEthernet0/0/1]port link-type access 
[AC-GigabitEthernet0/0/1]port default vlan 200
[AC-GigabitEthernet0/0/1]q
[AC]int Vlanif 200
[AC-Vlanif200]ip add 192.168.200.1 24
[AC-Vlanif200]q
[AC]ip route-static 0.0.0.0 0 192.168.200.254

3)配置AC,离线导入AP,实现AP注册

[AC]wlan 
[AC-wlan-view]ap-group name nei
Info: This operation may take a few seconds. Please wait for a moment.done.
[AC-wlan-ap-group-nei]q
[AC-wlan-view]ap-group name wai
Info: This operation may take a few seconds. Please wait for a moment.done.
[AC-wlan-ap-group-wai]q
[AC-wlan-view]regulatory-domain-profile name china
[AC-wlan-regulate-domain-china]country-code cn
Info: The current country code is same with the input country code.
[AC-wlan-regulate-domain-china]q
[AC-wlan-view]ap-group name nei
[AC-wlan-ap-group-nei]regulatory-domain-profile china
Warning: Modifying the country code will clear channel, power and antenna gain c
onfigurations of the radio and reset the AP. Continue?[Y/N]:y
[AC-wlan-ap-group-nei]q
[AC-wlan-view]ap-group name wai
[AC-wlan-ap-group-wai]regulatory-domain-profile china
Warning: Modifying the country code will clear channel, power and antenna gain c
onfigurations of the radio and reset the AP. Continue?[Y/N]:y
[AC-wlan-ap-group-wai]q
[AC-wlan-view]ap-id 1 ap-mac 00e0-fcab-18a0
[AC-wlan-ap-1]ap-name nei-1
[AC-wlan-ap-1]ap-group nei
Warning: This operation may cause AP reset. If the country code changes, it will
 clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC-wlan-ap-1]q
[AC-wlan-view]ap-id 2 ap-mac 00e0-fca1-2f50
[AC-wlan-ap-2]ap-name nei-2
[AC-wlan-ap-2]ap-group nei
Warning: This operation may cause AP reset. If the country code changes, it will
 clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC-wlan-ap-2]q
[AC-wlan-view]ap-id 3 ap-mac 00e0-fc34-2680
[AC-wlan-ap-3]ap-name wai-1
[AC-wlan-ap-3]ap-group wai
Warning: This operation may cause AP reset. If the country code changes, it will
 clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC-wlan-ap-3]q
[AC-wlan-view]ap-id 4 ap-mac 00e0-fc94-7170
[AC-wlan-ap-4]ap-name wai-2
[AC-wlan-ap-4]ap-group wai
Warning: This operation may cause AP reset. If the country code changes, it will
 clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC-wlan-ap-4]q
[AC-wlan-view]q
[AC]capwap source interface Vlanif 200
[AC]dis ap all
Info: This operation may take a few seconds. Please wait for a moment.done.
Total AP information:
nor  : normal          [4]
--------------------------------------------------------------------------------
-----------
ID   MAC            Name  Group IP              Type            State STA Uptime
--------------------------------------------------------------------------------
-----------
1    00e0-fcab-18a0 nei-1 nei   192.168.100.253 AP4050DN-E      nor   0   1M:42S
2    00e0-fca1-2f50 nei-2 nei   192.168.100.252 AP4050DN-E      nor   0   16S
3    00e0-fc34-2680 wai-1 wai   192.168.100.251 AP4050DN-E      nor   0   43S
4    00e0-fc94-7170 wai-2 wai   192.168.100.250 AP4050DN-E      nor   0   57S
--------------------------------------------------------------------------------
-----------
Total: 4

三、配置WLAN业务参数

1 、需求

  1. 基于分配好的IP方案,为不同的无线终端,动态分配IP地址
  2. 配置AC,为不同的AP下发不同的配置,确保可以发射无线信号
  3. 实现不同的“无线终端”可以成功连接 AP ,并成功获得 IP 地址
  4. 实现不同的“无线终端”之间的互通

2、 步骤

1)配置AC上的相关业务参数(配置后如图)

[AC]wlan 	
[AC-wlan-view]ssid-profile name nei
[AC-wlan-ssid-prof-nei]ssid nei
Info: This operation may take a few seconds, please wait.done.
[AC-wlan-ssid-prof-nei]q
[AC-wlan-view]ssid-profile name wai
[AC-wlan-ssid-prof-wai]ssid wai
Info: This operation may take a few seconds, please wait.done.
[AC-wlan-ssid-prof-wai]q
[AC-wlan-view]security-profile name nei	
[AC-wlan-sec-prof-nei]security wpa2 psk pass-phrase a123456789 aes
[AC-wlan-sec-prof-nei]q
[AC-wlan-view]security-profile name wai
[AC-wlan-sec-prof-wai]security wpa2 psk pass-phrase b123456789 aes
[AC-wlan-sec-prof-wai]q
[AC-wlan-view]q
[AC]vlan pool nei
[AC-vlan-pool-nei]vlan 101 102
[AC-vlan-pool-nei]q
[AC]vlan pool wai
[AC-vlan-pool-wai]vlan 103 104
[AC-vlan-pool-wai]q
[AC]wlan
[AC-wlan-view]vap-profile name nei
[AC-wlan-vap-prof-nei]ssid-profile nei
Info: This operation may take a few seconds, please wait.done.
[AC-wlan-vap-prof-nei]security-profile nei
Info: This operation may take a few seconds, please wait.done.
[AC-wlan-vap-prof-nei]service-vlan vlan-pool nei
Info: This operation may take a few seconds, please wait.done.
[AC-wlan-vap-prof-nei]q
[AC-wlan-view]vap-profile name wai
[AC-wlan-vap-prof-wai]ssid-profile wai
Info: This operation may take a few seconds, please wait.done.
[AC-wlan-vap-prof-wai]security-profile wai
Info: This operation may take a few seconds, please wait.done.
[AC-wlan-vap-prof-wai]service-vlan vlan-pool wai
Info: This operation may take a few seconds, please wait.done.
[AC-wlan-vap-prof-wai]q
[AC-wlan-view]ap-group name nei
[AC-wlan-ap-group-nei]vap-profile nei wlan 1 radio 1
Info: This operation may take a few seconds, please wait...done.
[AC-wlan-ap-group-nei]vap-profile nei wlan 1 radio 0
Info: This operation may take a few seconds, please wait...done.
[AC-wlan-ap-group-nei]q
[AC-wlan-view]ap-group name wai
[AC-wlan-ap-group-wai]vap-profile wai wlan 1 radio 1
Info: This operation may take a few seconds, please wait...done.
[AC-wlan-ap-group-wai]vap-profile wai wlan 1 radio 0
Info: This operation may take a few seconds, please wait...done.

2)配置 DHCP 服务器,为无线终端用户分配IP地址

[R1]ip pool vlan101
Info: It's successful to create an IP address pool.
[R1-ip-pool-vlan101]network 192.168.101.0 mask 24
[R1-ip-pool-vlan101]gateway-list 192.168.101.254
[R1-ip-pool-vlan101]dns-list 8.8.8.8
[R1-ip-pool-vlan101]lease  day 1
[R1-ip-pool-vlan101]q
[R1]ip pool vlan102
Info: It's successful to create an IP address pool.
[R1-ip-pool-vlan102]network 192.168.102.0 mask 24
[R1-ip-pool-vlan102]gateway-list 192.168.102.254
[R1-ip-pool-vlan102]dns-list 8.8.8.8
[R1-ip-pool-vlan102]lease day 1
[R1-ip-pool-vlan102]q
[R1]ip pool vlan103
Info: It's successful to create an IP address pool.
[R1-ip-pool-vlan103]network 192.168.103.0 mask 24
[R1-ip-pool-vlan103]gateway-list 192.168.103.254
[R1-ip-pool-vlan103]dns-list 8.8.8.8
[R1-ip-pool-vlan103]lease  day 1
[R1-ip-pool-vlan103]q
[R1]ip pool vlan104
Info: It's successful to create an IP address pool.	
[R1-ip-pool-vlan104]network 192.168.104.0 mask 24
[R1-ip-pool-vlan104]gateway-list 192.168.104.254
[R1-ip-pool-vlan104]dns-list 8.8.8.8
[R1-ip-pool-vlan104]lease day 1
[R1-ip-pool-vlan104]q

3)配置DHCP中继(SW1)

[SW1]vlan batch  101 102 103 104
[SW1]interface Vlanif  101
[SW1-Vlanif101]ip address 192.168.101.254 24
[SW1-Vlanif101]dhcp select relay 
[SW1-Vlanif101]dhcp relay  server-ip 192.168.210.1
[SW1-Vlanif101]quit
[SW1]interface Vlanif  102
[SW1-Vlanif102]ip address 192.168.102.254 24
[SW1-Vlanif102]dhcp select relay 
[SW1-Vlanif102]dhcp relay  server-ip 192.168.210.1
[SW1-Vlanif102]quit
[SW1]interface Vlanif  103
[SW1-Vlanif103]ip address 192.168.103.254 24
[SW1-Vlanif103]dhcp select relay 
[SW1-Vlanif103]dhcp relay  server-ip 192.168.210.1
[SW1-Vlanif103]quit
[SW1]interface Vlanif  104
[SW1-Vlanif104]ip address 192.168.104.254 24
[SW1-Vlanif104]dhcp select relay 
[SW1-Vlanif104]dhcp relay  server-ip 192.168.210.1
[SW1-Vlanif104]quit