• 产品与解决方案
  • 行业解决方案
  • 服务
  • 支持
  • 合作伙伴
  • 新华三人才研学中心
  • 关于我们

20-无线控制器业务板与交换机互通配置指导

目录

01-配置业务板与交换机互通

本章节下载 01-配置业务板与交换机互通  (517.66 KB)

docurl=/cn/Service/Document_Software/Document_Center/Home/Wlan/00-Public/Configure/Operation_Manual/H3C_CG(R5426P02)-6W102/20/202006/1309848_30005_0.htm

01-配置业务板与交换机互通

1 配置业务板与交换机互通

说明

本手册以Release 7180版本的S7506E-X交换机,Release 5419版本的LSUM1WCMX40RT插卡为例进行介绍。

 

1.1  配置流程

WLAN不同的特性和功能需要在不同类型的模板下进行配置和维护。当用户需要配置WLAN基本业务功能时,需要在无线服务模板下进行相应参数的配置。配置完成后,将该无线服务模板绑定到AP或者AP组下,配置下发给AP,进而配置的功能在AP上生效。

1.2  组网需求

图1-1所示,Switch直接与AP相连,Switch的2号槽位上安装有一块业务板,由业务板管理AP。某企业分支机构为了保证企业员工能够使用无线终端随时随地访问公司网络,因此需要部署WLAN基本业务实现移动办公。

图1-1 配置企业分支机构WLAN基本业务组网图

 

1.3  配置思路

现有的网络中已经部署了框式交换机,为了简化网络部署,采用框式交换机+业务板的方案部署无线网络:

(1)     配置AP、业务板和上层网络设备之间实现二层互通。为增加业务板与Switch间的链路带宽和提高链路可靠性,分别将交换机和业务板上连接的Ten-GE2/0/1~Ten-GE2/0/4接口加入到聚合组中。

(2)     在业务板上开启DHCP Server功能,为AP和Client分配IP地址。

(3)     配置AP上线的认证方式。

(4)     配置无线服务模板,下发WLAN业务,实现Client访问WLAN网络的功能。

1.4  配置步骤

说明

本手册仅以Switch工作在独立运行模式为例进行介绍。

 

1. 配置Switch和业务板,使AP与业务板之间能够传输CAPWAP报文

# 配置Switch,创建二层聚合接口并加入VLAN 10和VLAN 20,将接口Ten-GigabitEthernet2/0/1~Ten-GigabitEthernet2/0/4加入聚合组。

<Switch> system-view

[Switch] vlan 10

[Switch-vlan10] quit

[Switch] vlan 20

[Switch-vlan20] quit

[Switch] interface bridge-aggregation 1

[Swtich-Bridge-Aggregation1] quit

[Switch] interface ten-gigabitethernet 2/0/1

[Switch-Ten-GigabitEthernet2/0/1] port link-aggregation group 1

[Switch-Ten-GigabitEthernet2/0/1] quit

[Switch] interface ten-gigabitethernet 2/0/2

[Switch-Ten-GigabitEthernet2/0/2] port link-aggregation group 1

[Switch-Ten-GigabitEthernet2/0/2] quit

[Switch] interface ten-gigabitethernet 2/0/3

[Switch-Ten-GigabitEthernet2/0/3] port link-aggregation group 1

[Switch-Ten-GigabitEthernet2/0/3] quit

[Switch] interface ten-gigabitethernet 2/0/4

[Switch-Ten-GigabitEthernet2/0/4] port link-aggregation group 1

[Switch-Ten-GigabitEthernet2/0/4] quit

[Switch] interface bridge-aggregation 1

[Swtich-Bridge-Aggregation1] port link-type trunk

[Swtich-Bridge-Aggregation1] port trunk permit vlan 10 20

[Swtich-Bridge-Aggregation1] quit

# 配置Switch,将接口GE3/0/1加入VLAN 10。

[Switch] interface gigabitethernet 3/0/1

[Swtich-GigabitEthernet3/0/1] port link-type trunk

[Swtich-GigabitEthernet3/0/1] port trunk permit vlan 10

[Swtich-GigabitEthernet3/0/1] quit

[Swtich] quit

# 配置业务板,创建二层聚合接口并加入VLAN 10和VLAN 20。

<Switch> oap connect slot 2

<AC> system-view

[AC] vlan 10

[AC-vlan10] quit

[AC] vlan 20

[AC-vlan20] quit

[AC] interface bridge-aggregation 1

[AC-Bridge-Aggregation1] port link-type trunk

[AC-Bridge-Aggregation1] port trunk permit vlan 10 20

[AC-Bridge-Aggregation1] quit

[AC] interface ten-gigabitethernet 1/0/1

[AC-Ten-GigabitEthernet1/0/1] port link-aggregation group 1

[AC-Ten-GigabitEthernet1/0/1] quit

[AC] interface ten-gigabitethernet 1/0/2

[AC-Ten-GigabitEthernet1/0/2] port link-aggregation group 1

[AC-Ten-GigabitEthernet1/0/2] quit

[AC] interface ten-gigabitethernet 1/0/3

[AC-Ten-GigabitEthernet1/0/3] port link-aggregation group 1

[AC-Ten-GigabitEthernet1/0/3] quit

[AC] interface ten-gigabitethernet 1/0/4

[AC-Ten-GigabitEthernet1/0/4] port link-aggregation group 1

[AC-Ten-GigabitEthernet1/0/4] quit

2. 配置Switch与上层网络互通

# 配置Switch上行接口GE3/0/2加入VLAN 20。

在业务板系统视图下,执行Ctrl+k,返回到Switch的操作界面。

<Switch> system-view

[Switch] interface gigabitethernet 3/0/2

[Swtich-GigabitEthernet3/0/2] port link-type trunk

[Swtich-GigabitEthernet3/0/2] port turnk permit vlan 20

[Swtich-GigabitEthernet3/0/2] quit

3. 配置业务板作为DHCP服务器,为AP和Client分配IP地址

# 开启DHCP server功能。

<Switch> oap connect slot 2

<AC> system-view

[AC] dhcp enable

# 配置DHCP地址池1为AP分配地址范围为192.168.10.0/24,网关地址为192.168.10.1。

[AC] dhcp server ip-pool 1

[AC-Server-dhcp-pool-1] network 192.168.10.0 mask 255.255.255.0

[AC-Server-dhcp-pool-1] gateway-list 192.168.10.1

[AC-Server-dhcp-pool-1] quit

# 配置DHCP地址池2为客户端分配地址范围为192.168.20.0/24,网关地址为192.168.20.1。

[AC] dhcp server ip-pool 2

[AC-Server-dhcp-pool-2] network 192.168.20.0 mask 255.255.255.0

[AC-Server-dhcp-pool-1] gateway-list 192.168.20.1

[AC-Server-dhcp-pool-2] quit

# 创建VLAN 10、VLAN 20对应的VLAN接口,并为VLAN接口配置IP地址。

 [AC] interface vlan-interface 10

[AC-Vlan-interface10] ip address 192.168.10.1 255.255.255.0

[AC-Vlan-interface10] quit

[AC] interface vlan-interface 20

[AC-Vlan-interface20] ip address 192.168.20.1 255.255.255.0

[AC-Vlan-interface20] quit

4. 配置AP上线

# 创建手工AP,命令为ap1,选择AP型号并配置序列号。

[AC] wlan ap ap1 model WA4320i-ACN

[AC-wlan-ap-ap1] serial-id 219801A0CNC138011454

[AC-wlan-ap-ap1] quit

# 将AP上电后,执行display wlan ap all命令,查看到AP的“State”字段为“R”时,表示AP正常上线。

[AC] display wlan ap all

Total number of APs: 1

Total number of connected APs: 1

Total number of connected manual APs: 1

Total number of connected auto APs: 0

Total number of connected common APs: 1

Total number of connected WTUs: 0

Total number of inside APs: 0

Maximum supported APs: 128

Remaining APs: 127

Total AP licenses: 128

Local AP licenses: 128

Server AP licenses: 0

Remaining local AP licenses: 127

Sync AP licenses: 0

 

                                 AP information

 State : I = Idle,       J  = Join,       JA = JoinAck,    IL = ImageLoad

         C = Config,     DC = DataCheck,  R  = Run   M = Master,  B = Backup

 

AP name                        APID  State Model           Serial ID

ap1                             1      R     WA4320i-ACN    219801A0CNC138011454

5. 配置WLAN基本业务参数

说明

举例中以PSK身份认证与密钥管理模式+Bypass认证为例,密码为“12345678”,实际配置中请根据实际情况,配置符合实际要求的安全策略。

 

# 创建无线服务模板service1,配置SSID为trade-off,配置客户端从无线服务模板service1上线后将被加入到VLAN 20。

[AC] wlan service-template service1

[AC-wlan-st-service1] ssid trade-off

[AC-wlan-st-service1] vlan 20

[AC-wlan-st-service1] quit

# 配置身份认证与密钥管理模式为PSK模式,配置PSK密钥为明文字符串12345678。

[AC-wlan-st-1] akm mode psk

[AC-wlan-st-1] preshared-key pass-phrase simple 12345678

# 配置加密套件为CCMP,安全信息元素为RSN。

[AC-wlan-st-1] cipher-suite ccmp

[AC-wlan-st-1] security-ie rsn

# 使能无线服务模板。

[AC-wlan-st-1] service-template enable

[AC-wlan-st-1] quit

#进入AP1的Radio 1视图,将无线服务模板trade-off绑定到Radio 1上,并且开启Radio 1射频功能。

[AC] wlan ap ap1

[AC-wlan-ap-ap1] radio 1

[AC-wlan-ap-ap1-radio-1] service-template trade-off

[AC-wlan-ap-ap1-radio-1] radio enable

[AC-wlan-ap-ap1-radio-1] quit

[AC-wlan-ap-ap1] quit

6. 验证配置

配置完成后,WLAN基本业务配置会自动下发给AP。Client搜索到名称为“trade-off”的无线网络,输入密码“12345678”并正常关联后,在AC上执行display wlan client命令,可以查看到Client已经接入到无线网络“trade-off”中。

[AC] display wlan client

Total number of clients: 1

 

MAC address     Username         AP name       RID   IPv4 address        VLAN

000f-e265-6400 N/A               ap1            1     192.168.20.2        20

不同款型规格的资料略有差异, 详细信息请向具体销售和400咨询。H3C保留在没有任何通知或提示的情况下对资料内容进行修改的权利!

新华三官网
联系我们