Cisco 12系列 AP 初始化配置-2-初始化配置

用于SSH登陆这个设备

 

bridge irb

bridge 1 route ip  开启路由功能

 

interface BVI1

 ip address 10.15.106.44 255.255.255.0   自己的地址

!

ip default-gateway 10.15.106.1  网关

ip forward-protocol nd

ip http server

no ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

ip route 0.0.0.0 0.0.0.0 10.15.106.1

 

 

 

 

 

VLAN 配置

 

dot11 vlan-name mgmt vlan 330   330是用来登陆这个AP的

dot11 vlan-name user vlan 332    332 是提供给用户用来连接的

 

 

开启SSH

 

crypto key gene rsa general-key mod 1024

 

ip ssh ver 2

 

interface GigabitEthernet0

 no ip address

 duplex auto

 speed auto

!

interface GigabitEthernet0.330             //物理子接口的号要和dot1Q 后面的VLAN号一致

 encapsulation dot1Q 330 native           //让管理VLAN330 从这个物理子接口提供服务

 bridge-group 1                 //调用bridge group 1 来激活这个口的路由功能,到这一步就能SSH了, 当然还有个前提就是设置了本地账号和enable密码

 bridge-group 1 spanning-disabled

 no bridge-group 1 source-learning

!

 

 

 

用于给用户提供无线服务

SSID 配置

 

dot11 ssid pchome-1

   vlan 332

   authentication open

   authentication key-management wpa version 2   加密方式

   guest-mode  //这条命令是用来开启的,相当于一个开关的作用!很重要!

   wpa-psk ascii 7 045D0F1E1A78145A1B1A57    这地方打密码,show的时候是乱码,其实这个7加空格后面就是你们的密码

 

 

无线radio配置

 

radio 0 就是2.4GHz, radio 1就是5GHz,两个的配置是一样的,这里就贴0的了

 

interface Dot11Radio0

 no ip address

 ip helper-address 192.168.0.1

 !

 encryption vlan 332 mode ciphers aes-ccm tkip    //这里说明发送给用户的是332 VLAN

 !

 ssid pchome-1  调用刚刚创建的SSID

 !

 antenna gain 0

 stbc

 beamform ofdm

 station-role root

 bridge-group 1

 bridge-group 1 subscriber-loop-control

 bridge-group 1 block-unknown-source

 no bridge-group 1 source-learning

 no bridge-group 1 unicast-flooding

!

interface Dot11Radio0.332

 encapsulation dot1Q 332        //这里也是调用VLAN,子接口和dot1Q后面的VLAN号也要一致

 ip helper-address 192.168.0.1

 bridge-group 255

 bridge-group 255 subscriber-loop-control

 bridge-group 255 spanning-disabled

 bridge-group 255 block-unknown-source

 no bridge-group 255 source-learning

 no bridge-group 255 unicast-flooding

 

 

 

别忘记把dot11 0 和1 都 no shut才能开启这两个频段的radio

 

 

常用的几个show命令

 

pchome-ap7#sho ip int br

Interface                  IP-Address      OK? Method Status                Protocol

BVI1                       10.15.106.44    YES manual up                    up     

Dot11Radio0                unassigned      YES unset  up                    up     

Dot11Radio0.332            unassigned      YES unset  up                    up     

Dot11Radio1                unassigned      YES unset  up                    up     

Dot11Radio1.332            unassigned      YES unset  up                    up     

GigabitEthernet0           unassigned      YES unset  up                    up     

GigabitEthernet0.330       unassigned      YES unset  up                    up     

GigabitEthernet0.332       unassigned      YES unset  up                    up     

Show ip int br 是用来看端口的up down 的,如果看到radio1 和它的子接口是down的说明5GHz没在发

 

pchome-ap7#sho dot11 bssid

Interface      BSSID         Guest  SSID

Dot11Radio0   08cc.6867.5320  Yes  pchome-1

Dot11Radio1   08cc.6869.5160  Yes  pchome-1

 

用来看两个频段的radio的状态, guest下面显示Yes说明在发射信号

 

pchome-ap7#show dot11 associations client

 

802.11 Client Stations on Dot11Radio1:

 

SSID [pchome-1] :

 

MAC Address    IP address      Device        Name            Parent         State    

c0ee.fb01.3bb6 192.168.1.108   unknown       -               self           Assoc   

 

pchome-ap7#

 

用来看有哪个客户端在上面连着,连了哪个radio

 

 

上行交换机的配置

interface GigabitEthernet1/0/48
description cn-sha1-10-ap1242ag-1
switchport trunk native vlan 330 // native vlan 写AP的管理VLAN
switchport mode trunk
end

 

posted @ 2015-06-25 16:14  Vooom  阅读(1332)  评论(0编辑  收藏  举报