设备:WX5540H一台、AP5530两台、S5120V2一台、STA二台
网络规划:vlan 10 20 30 其中vlan 10为办公网、vlan 20 为生产网 vlan 30为互联。
[AC] vlan 10
[AC-vlan10] quit
[AC] interface vlan-interface10
[AC-Vlan-interface10] ip address 10.0.10.250 255.255.255.0
[AC-Vlan-interface10] quit
# 创建VLAN 20,AC需要使用该VLAN转发无线客户端数据报文。
[AC] vlan 20
[AC-vlan20] quit
# 配置AC和L3 switch相连的接口GigabitEthernet1/0/1为Trunk类型,禁止VLAN 1报文通过,允许VLAN 10和VLAN 20通过。
[AC] interface gigabitethernet 1/0/1
[AC-GigabitEthernet1/0/1] port link-type trunk
[AC-GigabitEthernet1/0/1] undo port trunk permit vlan 1
[AC-GigabitEthernet1/0/1] port trunk permit vlan 10 20
[AC-GigabitEthernet1/0/1] quit
(2)配置三层路由
# 配置AC到10.152.7.0网段的静态路由,指定下一跳的IP地址为10.0.10.254
[AC] ip route-static 0.0.0.0 0 10.0.10.254
(3)配置无线服务
# 创建无线服务模板1,并进入无线服务模板视图。
[AC] wlan service-template bg
# 配置SSID为Somidezoffice。
[AC-wlan-st-bg] ssid Somidezoffice
# 使能服务模板。
[AC-wlan-st-bg] service-template enable
[AC-wlan-st-bg] vlan 20
[AC-wlan-st-bg] akm mode psk
[AC-wlan-st-bg] preshared-key pass-phrase cipher $c$3$9ZCAoVZgGIcIjU2Ggn0NGPRsD0GoGI9mCYRKe+KZkQ==
[AC-wlan-st-bg] cipher-suite ccmp
[AC-wlan-st-bg] cipher-suite tkip
[AC-wlan-st-bg] security-ie rsn
[AC-wlan-st-bg] security-ie wpa
[AC-wlan-st-bg] multicast-optimization enable 漫游启用
[AC-wlan-st-bg] service-template enable 服务棋牌启用
[AC-wlan-st-bg] quit
(4)配置AP
# 创建手工AP1,名称为officeap1(增加一个ap,增加一个名字),型号名称为WA4320i-ACN。
[AC] wlan ap officeap1 model WA4320i-ACN
# 设置AP的序列号为210235A1GPC177000751。
[AC-wlan-ap-officeap1] serial-id 210235A1GPC177000751
# 进入AP的Radio 1视图,并将无线服务模板1绑定到Radio 1(5GHz)上,并指定客户端上线的VLAN为VLAN 20。
[AC-wlan-ap-officeap1] radio 1
[AC-wlan-ap-officeap1-radio-1] service-template 1 vlan 20
# 开启Radio 1的射频功能。
[AC-wlan-ap-officeap1-radio-1] radio enable
[AC-wlan-ap-officeap1-radio-1] return
# 进入AP的Radio 2视图,并将无线服务模板1绑定到Radio 2(2.4GHz)上,并指定客户端上线的VLAN为VLAN 20。
[AC-wlan-ap-officeap1] radio 2
[AC-wlan-ap-officeap1-radio-2] service-template 1 vlan 20
# 开启Radio 1的射频功能。
[AC-wlan-ap-officeap1-radio-2] radio enable
[AC-wlan-ap-officeap1-radio-2] return