- 产品与解决方案
- 行业解决方案
- 服务
- 支持
- 合作伙伴
- 关于我们
01-配置业务板与交换机互通
本章节下载: 01-配置业务板与交换机互通 (463.56 KB)
本手册以Release 7180版本的S7506E-X交换机,Release 5429版本的LSUM1WBCZ720XRT插卡为例进行介绍。
WLAN不同的特性和功能需要在不同类型的模板下进行配置和维护。当用户需要配置WLAN基本业务功能时,需要在无线服务模板下进行相应参数的配置。配置完成后,将该无线服务模板绑定到AP或者AP组下,配置下发给AP,进而配置的功能在AP上生效。
如图1-1所示,Switch直接与AP相连,Switch的2号槽位上安装有一块业务板,由业务板管理AP。某企业分支机构为了保证企业员工能够使用无线终端随时随地访问公司网络,因此需要部署WLAN基本业务实现移动办公。
现有的网络中已经部署了框式交换机,为了简化网络部署,采用框式交换机+业务板的方案部署无线网络:
(1) 配置AP、业务板和上层网络设备之间实现二层互通。为增加业务板与Switch间的链路带宽和提高链路可靠性,分别将交换机和业务板上连接的Forty-GE1/0/1~Forty-GE1/0/4接口加入到聚合组中。
(2) 在业务板上开启DHCP Server功能,为AP和Client分配IP地址。
(3) 配置AP上线的认证方式。
(4) 配置无线服务模板,下发WLAN业务,实现Client访问WLAN网络的功能。
本手册仅以Switch工作在独立运行模式为例进行介绍。
# 配置Switch,创建二层聚合接口并加入VLAN 10和VLAN 20,将接口Forty-GigabitEthernet1/0/1~Forty-GigabitEthernet1/0/4加入聚合组。
<Switch> system-view
[Switch] vlan 10
[Switch-vlan10] quit
[Switch] vlan 20
[Switch-vlan20] quit
[Switch] interface bridge-aggregation 1
[Swtich-Bridge-Aggregation1] quit
[Switch] interface forty-gigabitethernet 1/0/1
[Switch-Forty-GigabitEthernet1/0/1] port link-aggregation group 1
[Switch-Forty-GigabitEthernet1/0/1] quit
[Switch] interface forty-gigabitethernet 1/0/2
[Switch-Forty-GigabitEthernet1/0/2] port link-aggregation group 1
[Switch-Forty-GigabitEthernet1/0/2] quit
[Switch] interface forty-gigabitethernet 1/0/3
[Switch-Forty-GigabitEthernet1/0/3] port link-aggregation group 1
[Switch-Forty-GigabitEthernet1/0/3] quit
[Switch] interface forty-gigabitethernet 1/0/4
[Switch-Forty-GigabitEthernet1/0/4] port link-aggregation group 1
[Switch-Forty-GigabitEthernet1/0/4] quit
[Switch] interface bridge-aggregation 1
[Swtich-Bridge-Aggregation1] port link-type trunk
[Swtich-Bridge-Aggregation1] port trunk permit vlan 10 20
[Swtich-Bridge-Aggregation1] quit
# 配置Switch,将接口GE3/0/1加入VLAN 10。
[Switch] interface gigabitethernet 3/0/1
[Swtich-GigabitEthernet3/0/1] port link-type trunk
[Swtich-GigabitEthernet3/0/1] port trunk permit vlan 10
[Swtich-GigabitEthernet3/0/1] quit
[Swtich] quit
# 配置业务板,创建二层聚合接口并加入VLAN 10和VLAN 20。
<Switch> oap connect slot 2
<AC> system-view
[AC] vlan 10
[AC-vlan10] quit
[AC] vlan 20
[AC-vlan20] quit
[AC] interface bridge-aggregation 1
[AC-Bridge-Aggregation1] port link-type trunk
[AC-Bridge-Aggregation1] port trunk permit vlan 10 20
[AC-Bridge-Aggregation1] quit
[AC] interface forty-gigabitethernet 1/0/1
[AC-Forty-GigabitEthernet1/0/1] port link-aggregation group 1
[AC-Forty-GigabitEthernet1/0/1] quit
[AC] interface forty-gigabitethernet 1/0/2
[AC-Forty-GigabitEthernet1/0/2] port link-aggregation group 1
[AC-Forty-GigabitEthernet1/0/2] quit
[AC] interface forty-gigabitethernet 1/0/3
[AC-Forty-GigabitEthernet1/0/3] port link-aggregation group 1
[AC-Forty-GigabitEthernet1/0/3] quit
[AC] interface forty-gigabitethernet 1/0/4
[AC-Forty-GigabitEthernet1/0/4] port link-aggregation group 1
[AC-Forty-GigabitEthernet1/0/4] quit
# 配置Switch上行接口GE3/0/2加入VLAN 20。
在业务板系统视图下,执行Ctrl+k,返回到Switch的操作界面。
<Switch> system-view
[Switch] interface gigabitethernet 3/0/2
[Swtich-GigabitEthernet3/0/2] port link-type trunk
[Swtich-GigabitEthernet3/0/2] port turnk permit vlan 20
[Swtich-GigabitEthernet3/0/2] quit
# 开启DHCP server功能。
<Switch> oap connect slot 2
<AC> system-view
[AC] dhcp enable
# 配置DHCP地址池1为AP分配地址范围为192.168.10.0/24,网关地址为192.168.10.1。
[AC] dhcp server ip-pool 1
[AC-Server-dhcp-pool-1] network 192.168.10.0 mask 255.255.255.0
[AC-Server-dhcp-pool-1] gateway-list 192.168.10.1
[AC-Server-dhcp-pool-1] quit
# 配置DHCP地址池2为客户端分配地址范围为192.168.20.0/24,网关地址为192.168.20.1。
[AC] dhcp server ip-pool 2
[AC-Server-dhcp-pool-2] network 192.168.20.0 mask 255.255.255.0
[AC-Server-dhcp-pool-1] gateway-list 192.168.20.1
[AC-Server-dhcp-pool-2] quit
# 创建VLAN 10、VLAN 20对应的VLAN接口,并为VLAN接口配置IP地址。
[AC] interface vlan-interface 10
[AC-Vlan-interface10] ip address 192.168.10.1 255.255.255.0
[AC-Vlan-interface10] quit
[AC] interface vlan-interface 20
[AC-Vlan-interface20] ip address 192.168.20.1 255.255.255.0
[AC-Vlan-interface20] quit
# 创建手工AP,命令为ap1,选择AP型号并配置序列号。
[AC] wlan ap ap1 model WA4320i-ACN
[AC-wlan-ap-ap1] serial-id 219801A0CNC138011454
[AC-wlan-ap-ap1] quit
# 将AP上电后,执行display wlan ap all命令,查看到AP的“State”字段为“R”时,表示AP正常上线。
[AC] display wlan ap all
Total number of APs: 1
Total number of connected APs: 1
Total number of connected manual APs: 1
Total number of connected auto APs: 0
Total number of connected common APs: 1
Total number of connected WTUs: 0
Total number of inside APs: 0
Maximum supported APs: 128
Remaining APs: 127
Total AP licenses: 128
Local AP licenses: 128
Server AP licenses: 0
Remaining local AP licenses: 127
Sync AP licenses: 0
AP information
State : I = Idle, J = Join, JA = JoinAck, IL = ImageLoad
C = Config, DC = DataCheck, R = Run M = Master, B = Backup
AP name APID State Model Serial ID
ap1 1 R WA4320i-ACN 219801A0CNC138011454
举例中以PSK身份认证与密钥管理模式+Bypass认证为例,密码为“12345678”,实际配置中请根据实际情况,配置符合实际要求的安全策略。
# 创建无线服务模板service1,配置SSID为trade-off,配置客户端从无线服务模板service1上线后将被加入到VLAN 20。
[AC] wlan service-template service1
[AC-wlan-st-service1] ssid trade-off
[AC-wlan-st-service1] vlan 20
[AC-wlan-st-service1] quit
# 配置身份认证与密钥管理模式为PSK模式,配置PSK密钥为明文字符串12345678。
[AC-wlan-st-1] akm mode psk
[AC-wlan-st-1] preshared-key pass-phrase simple 12345678
# 配置加密套件为CCMP,安全信息元素为RSN。
[AC-wlan-st-1] cipher-suite ccmp
[AC-wlan-st-1] security-ie rsn
# 使能无线服务模板。
[AC-wlan-st-1] service-template enable
[AC-wlan-st-1] quit
#进入AP1的Radio 1视图,将无线服务模板trade-off绑定到Radio 1上,并且开启Radio 1射频功能。
[AC] wlan ap ap1
[AC-wlan-ap-ap1] radio 1
[AC-wlan-ap-ap1-radio-1] service-template trade-off
[AC-wlan-ap-ap1-radio-1] radio enable
[AC-wlan-ap-ap1-radio-1] quit
[AC-wlan-ap-ap1] quit
配置完成后,WLAN基本业务配置会自动下发给AP。Client搜索到名称为“trade-off”的无线网络,输入密码“12345678”并正常关联后,在AC上执行display wlan client命令,可以查看到Client已经接入到无线网络“trade-off”中。
[AC] display wlan client
Total number of clients: 1
MAC address Username AP name RID IPv4 address VLAN
000f-e265-6400 N/A ap1 1 192.168.20.2 20
不同款型规格的资料略有差异, 详细信息请向具体销售和400咨询。H3C保留在没有任何通知或提示的情况下对资料内容进行修改的权利!
支持
