- 產品與解決方案
- 行業解決方案
- 服務
- 支持
- 合作夥伴
- 關於我們
01-配置業務板與交換機互通
本章節下載: 01-配置業務板與交換機互通 (517.68 KB)
本手冊以Release 7180版本的S7506E-X交換機,Release 5419版本的LSUM1WCMX40RT插卡為例進行介紹。
WLAN不同的特性和功能需要在不同類型的模板下進行配置和維護。當用戶需要配置WLAN基本業務功能時,需要在無線服務模板下進行相應參數的配置。配置完成後,將該無線服務模板綁定到AP或者AP組下,配置下發給AP,進而配置的功能在AP上生效。
如圖1-1所示,Switch直接與AP相連,Switch的2號槽位上安裝有一塊業務板,由業務板管理AP。某企業分支機構為了保證企業員工能夠使用無線終端隨時隨地訪問公司網絡,因此需要部署WLAN基本業務實現移動辦公。
現有的網絡中已經部署了框式交換機,為了簡化網絡部署,采用框式交換機+業務板的方案部署無線網絡:
(1) 配置AP、業務板和上層網絡設備之間實現二層互通。為增加業務板與Switch間的鏈路帶寬和提高鏈路可靠性,分別將交換機和業務板上連接的Ten-GE2/0/1~Ten-GE2/0/4接口加入到聚合組中。
(2) 在業務板上開啟DHCP Server功能,為AP和Client分配IP地址。
(3) 配置AP上線的認證方式。
(4) 配置無線服務模板,下發WLAN業務,實現Client訪問WLAN網絡的功能。
本手冊僅以Switch工作在獨立運行模式為例進行介紹。
# 配置Switch,創建二層聚合接口並加入VLAN 10和VLAN 20,將接口Ten-GigabitEthernet2/0/1~Ten-GigabitEthernet2/0/4加入聚合組。
<Switch> system-view
[Switch] vlan 10
[Switch-vlan10] quit
[Switch] vlan 20
[Switch-vlan20] quit
[Switch] interface bridge-aggregation 1
[Swtich-Bridge-Aggregation1] quit
[Switch] interface ten-gigabitethernet 2/0/1
[Switch-Ten-GigabitEthernet2/0/1] port link-aggregation group 1
[Switch-Ten-GigabitEthernet2/0/1] quit
[Switch] interface ten-gigabitethernet 2/0/2
[Switch-Ten-GigabitEthernet2/0/2] port link-aggregation group 1
[Switch-Ten-GigabitEthernet2/0/2] quit
[Switch] interface ten-gigabitethernet 2/0/3
[Switch-Ten-GigabitEthernet2/0/3] port link-aggregation group 1
[Switch-Ten-GigabitEthernet2/0/3] quit
[Switch] interface ten-gigabitethernet 2/0/4
[Switch-Ten-GigabitEthernet2/0/4] port link-aggregation group 1
[Switch-Ten-GigabitEthernet2/0/4] quit
[Switch] interface bridge-aggregation 1
[Swtich-Bridge-Aggregation1] port link-type trunk
[Swtich-Bridge-Aggregation1] port trunk permit vlan 10 20
[Swtich-Bridge-Aggregation1] quit
# 配置Switch,將接口GE3/0/1加入VLAN 10。
[Switch] interface gigabitethernet 3/0/1
[Swtich-GigabitEthernet3/0/1] port link-type trunk
[Swtich-GigabitEthernet3/0/1] port trunk permit vlan 10
[Swtich-GigabitEthernet3/0/1] quit
[Swtich] quit
# 配置業務板,創建二層聚合接口並加入VLAN 10和VLAN 20。
<Switch> oap connect slot 2
<AC> system-view
[AC] vlan 10
[AC-vlan10] quit
[AC] vlan 20
[AC-vlan20] quit
[AC] interface bridge-aggregation 1
[AC-Bridge-Aggregation1] port link-type trunk
[AC-Bridge-Aggregation1] port trunk permit vlan 10 20
[AC-Bridge-Aggregation1] quit
[AC] interface ten-gigabitethernet 1/0/1
[AC-Ten-GigabitEthernet1/0/1] port link-aggregation group 1
[AC-Ten-GigabitEthernet1/0/1] quit
[AC] interface ten-gigabitethernet 1/0/2
[AC-Ten-GigabitEthernet1/0/2] port link-aggregation group 1
[AC-Ten-GigabitEthernet1/0/2] quit
[AC] interface ten-gigabitethernet 1/0/3
[AC-Ten-GigabitEthernet1/0/3] port link-aggregation group 1
[AC-Ten-GigabitEthernet1/0/3] quit
[AC] interface ten-gigabitethernet 1/0/4
[AC-Ten-GigabitEthernet1/0/4] port link-aggregation group 1
[AC-Ten-GigabitEthernet1/0/4] quit
# 配置Switch上行接口GE3/0/2加入VLAN 20。
在業務板係統視圖下,執行Ctrl+k,返回到Switch的操作界麵。
<Switch> system-view
[Switch] interface gigabitethernet 3/0/2
[Swtich-GigabitEthernet3/0/2] port link-type trunk
[Swtich-GigabitEthernet3/0/2] port turnk permit vlan 20
[Swtich-GigabitEthernet3/0/2] quit
# 開啟DHCP server功能。
<Switch> oap connect slot 2
<AC> system-view
[AC] dhcp enable
# 配置DHCP地址池1為AP分配地址範圍為192.168.10.0/24,網關地址為192.168.10.1。
[AC] dhcp server ip-pool 1
[AC-Server-dhcp-pool-1] network 192.168.10.0 mask 255.255.255.0
[AC-Server-dhcp-pool-1] gateway-list 192.168.10.1
[AC-Server-dhcp-pool-1] quit
# 配置DHCP地址池2為客戶端分配地址範圍為192.168.20.0/24,網關地址為192.168.20.1。
[AC] dhcp server ip-pool 2
[AC-Server-dhcp-pool-2] network 192.168.20.0 mask 255.255.255.0
[AC-Server-dhcp-pool-1] gateway-list 192.168.20.1
[AC-Server-dhcp-pool-2] quit
# 創建VLAN 10、VLAN 20對應的VLAN接口,並為VLAN接口配置IP地址。
[AC] interface vlan-interface 10
[AC-Vlan-interface10] ip address 192.168.10.1 255.255.255.0
[AC-Vlan-interface10] quit
[AC] interface vlan-interface 20
[AC-Vlan-interface20] ip address 192.168.20.1 255.255.255.0
[AC-Vlan-interface20] quit
# 創建手工AP,命令為ap1,選擇AP型號並配置序列號。
[AC] wlan ap ap1 model WA4320i-ACN
[AC-wlan-ap-ap1] serial-id 219801A0CNC138011454
[AC-wlan-ap-ap1] quit
# 將AP上電後,執行display wlan ap all命令,查看到AP的“State”字段為“R”時,表示AP正常上線。
[AC] display wlan ap all
Total number of APs: 1
Total number of connected APs: 1
Total number of connected manual APs: 1
Total number of connected auto APs: 0
Total number of connected common APs: 1
Total number of connected WTUs: 0
Total number of inside APs: 0
Maximum supported APs: 128
Remaining APs: 127
Total AP licenses: 128
Local AP licenses: 128
Server AP licenses: 0
Remaining local AP licenses: 127
Sync AP licenses: 0
AP information
State : I = Idle, J = Join, JA = JoinAck, IL = ImageLoad
C = Config, DC = DataCheck, R = Run M = Master, B = Backup
AP name APID State Model Serial ID
ap1 1 R WA4320i-ACN 219801A0CNC138011454
舉例中以PSK身份認證與密鑰管理模式+Bypass認證為例,密碼為“12345678”,實際配置中請根據實際情況,配置符合實際要求的安全策略。
# 創建無線服務模板service1,配置SSID為trade-off,配置客戶端從無線服務模板service1上線後將被加入到VLAN 20。
[AC] wlan service-template service1
[AC-wlan-st-service1] ssid trade-off
[AC-wlan-st-service1] vlan 20
[AC-wlan-st-service1] quit
# 配置身份認證與密鑰管理模式為PSK模式,配置PSK密鑰為明文字符串12345678。
[AC-wlan-st-1] akm mode psk
[AC-wlan-st-1] preshared-key pass-phrase simple 12345678
# 配置加密套件為CCMP,安全信息元素為RSN。
[AC-wlan-st-1] cipher-suite ccmp
[AC-wlan-st-1] security-ie rsn
# 使能無線服務模板。
[AC-wlan-st-1] service-template enable
[AC-wlan-st-1] quit
#進入AP1的Radio 1視圖,將無線服務模板trade-off綁定到Radio 1上,並且開啟Radio 1射頻功能。
[AC] wlan ap ap1
[AC-wlan-ap-ap1] radio 1
[AC-wlan-ap-ap1-radio-1] service-template trade-off
[AC-wlan-ap-ap1-radio-1] radio enable
[AC-wlan-ap-ap1-radio-1] quit
[AC-wlan-ap-ap1] quit
配置完成後,WLAN基本業務配置會自動下發給AP。Client搜索到名稱為“trade-off”的無線網絡,輸入密碼“12345678”並正常關聯後,在AC上執行display wlan client命令,可以查看到Client已經接入到無線網絡“trade-off”中。
[AC] display wlan client
Total number of clients: 1
MAC address Username AP name RID IPv4 address VLAN
000f-e265-6400 N/A ap1 1 192.168.20.2 20
不同款型規格的資料略有差異, 詳細信息請向具體銷售和400谘詢。H3C保留在沒有任何通知或提示的情況下對資料內容進行修改的權利!
支持
