WLAN组网实验

实验拓扑：

配置命令：

SW1

sys
sys SW1
vlan 10
vlan 20
int vlan 10
 description AP-GL
 ip add 192.168.10.254 24
int vlan 20
 description YW
 ip add 192.168.20.254 24
 
int g0/0/1
 ip add 10.1.12.2 24
 
ip route-static 0.0.0.0 0 10.1.12.1
# DHCP地址池
dhcp enable
ip pool AP-GL
 gateway-list 192.168.10.254
 network 192.168.10.0 mask 24
int vlan 10
 dhcp select global
ip pool YW
 gateway-list 192.168.20.254
 network 192.168.20.0 mask 24
int vlan 20
 dhcp select global

# 修改接口类型
int g0/0/2
 port link-type trunk
 p t a v 10 20
int g0/0/3
 p l t
 p t a v 10 20

SW2

sys
sys SW2
vlan 10
vlan 20
int e0/0/3
 p l t
 p t a v 10 20
int e0/0/1
 p l t
 p t a v 10 20
 p t p v 10		# 设置接口VLAN ID为10，使AP能够正常接收到AP-GL地址池的地址

AC

sys
sys AC
vlan 10
vlan 20
int g0/0/2
 p l t
 p t a v 10 20
int vlan 10
 ip add 192.168.10.253 24
int vlan 20
 ip add 192.168.20.253 24

# AP认证方式
wlan
 ap auth-mode mac-auth
# 配置CAPWAP源隧道地址
capwap source ip-address 192.168.10.253
# AP配置
wlan
 ap-mac 00e0-fc46-4770
  ap-name ap1

# 配置无线安全
wlan
 security-profile name test
  security wpa-wpa2 psk pass-phrse 12345678 aes
# 配置SSID
wlan
 ssid-profile name test
  ssid test
# 配置VAP模板
wlan
 vap-profile name test
 forward-mode tunnel	# 业务数据转发模式，tunnel为集中转发，direct-forward为本地转发
 service-vlan vlan-id 20	# 业务vlan
 security-profile test
 ssid-profile test
# 引用VAP模板
wlan
 ap-name ap1
  vap-profile test wlan 1 radio 0
  vap-profile test wlan 1 radio 1

# 也可以通过创建AP组的方式，引用VAP模板，进行管理
# 创建AP组
wlan
 ap-group name ap-group1
  regulatory-domain-profile test	# 引用域管理模板，默认引用的是defalut
# ap加入组
wlan
 ap-name ap1
  ap-group ap-group1
# AP组引用VAP模板
ap-group name ap-group1
 vap-profile test wlan 1 radio 0
 vap-profile test wlan 1 radio 1

# 验证AP是否上线
display ap all
# 查看连接的终端用户
display station all

## 可选配置
# 创建域管理模板
wlan
 regultory-domain-profile name test
  country-code cn	# 国家码
# 查看默认域管理模板配置
dis regulatory-domain-profile name default

# 无线优化
# 关闭自动调优
undo calibrate enable
# 关闭自动信道改为手动信道
calibrate auto-channel-select disable
# 流量限速
traffic-profile name wlan-traffic
 rate-limit client down 4000	# 下载限速4M
 rate-limit client up 4000	# 上传限速4M
vap-profile name test
 traffic-profile wlan-traffic
# 禁止低速率
dot11bg basic-rate 6 9 12 18 24 36 48 54

R1

sys
sys R1
int g0/0/0
 ip add 100.0.0.2 24

R2

sys
sys R2
int g0/0/0
 ip add 100.0.0.1 24
int g0/0/1
 ip add 10.1.12.1 24

ip route-static 192.168.10.0 24 10.1.12.2
ip route-static 192.168.20.0 24 10.1.12.2

acl name test		# 编号为3999
 rule permit ip source 192.168.10.0 0.0.0.255
 rule permit ip source 192.168.20.0 0.0.0.255
int g0/0/0
 nat outbound 3999	# Easy nat

测试

AP上线

ping测试