H3C AC+AP三层组网架构,AP自动上线自动固化
核心交换机:
[HX]dis cu
[HX]dis current-configuration
version 7.1.075, Alpha 7571
sysname HX
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
dhcp enable
lldp global enable
system-working-mode standard
xbar load-single
password-recovery enable
lpu-type f-series
vlan 1
vlan 10
description ap_yeng
vlan 20
description ap_guest
vlan 100
description AC_conter
vlan 999
dhcp server ip-pool vlan10
gateway-list 192.168.10.1
network 192.168.10.0 mask 255.255.255.0
dns-list 8.8.8.8
dhcp server ip-pool vlan20
gateway-list 192.168.20.1
network 192.168.20.0 mask 255.255.255.0
dns-list 8.8.8.8
dhcp server ip-pool vlan100
gateway-list 172.16.0.1
network 172.16.0.0 mask 255.255.255.0
dns-list 8.8.8.8
option 43 hex 80070000010a000002
option 43 解释:
例如参考如下:
07:表示后面有 7 位(两个数字为一位),如果携带两台 AC 地址,则该字段为 0B;
01:表示携带的 AC IP 数量,如果是两台 AC,则该字段为 02;
C0 A8 01 01:AC 地址的十六进制字符;可以使用 windows 电脑自带的计算器将十进制换算为十六进制。方法如下:
#AC 的地址是 192.168.1.1,首先将计算器修改为“程序员”模式:
#使用一样的方法,分别 168、1、1 的十六进制计算出来,分别为:A8、01、01。所以 192.168.1.1 对应的十六进制值为 C0 A8 01 01。
interface NULL0
interface Vlan-interface10
ip address 192.168.10.1 255.255.255.0
dhcp server apply ip-pool vlan10
interface Vlan-interface20
ip address 192.168.20.1 255.255.255.0
dhcp server apply ip-pool vlan20
interface Vlan-interface100
ip address 172.16.0.1 255.255.255.0
dhcp server apply ip-pool vlan100
interface Vlan-interface999
ip address 10.0.0.1 255.255.255.0
interface FortyGigE1/0/53
port link-mode bridge
interface FortyGigE1/0/54
port link-mode bridge
interface GigabitEthernet1/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan all
combo enable fiber
interface GigabitEthernet1/0/2
port link-mode bridge
port link-type trunk
port trunk permit vlan all
combo enable fiber
interface GigabitEthernet1/0/3
port link-mode bridge
port access vlan 999
combo enable fiber
scheduler logfile size 16
line class aux
user-role network-operator
line class console
user-role network-admin
line class tty
user-role network-operator
line class vty
user-role network-operator
line aux 0
user-role network-operator
line con 0
user-role network-admin
line vty 0 63
user-role network-operator
radius scheme system
user-name-format without-domain
domain name system
domain default enable system
role name level-0
description Predefined level-0 role
role name level-1
description Predefined level-1 role
role name level-2
description Predefined level-2 role
role name level-3
description Predefined level-3 role
role name level-4
description Predefined level-4 role
role name level-5
description Predefined level-5 role
role name level-6
description Predefined level-6 role
role name level-7
description Predefined level-7 role
role name level-8
description Predefined level-8 role
role name level-9
description Predefined level-9 role
role name level-10
description Predefined level-10 role
role name level-11
description Predefined level-11 role
role name level-12
description Predefined level-12 role
role name level-13
description Predefined level-13 role
role name level-14
description Predefined level-14 role
user-group system
return
接入交换机:
%Dec 2 15:03:27:377 2022 jieru SHELL/5/SHELL_LOGIN: Console logged in from con0.dis cu
dis current-configuration
version 7.1.075, Alpha 7571
sysname jieru
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
lldp global enable
system-working-mode standard
xbar load-single
password-recovery enable
lpu-type f-series
vlan 1
vlan 10
vlan 20
vlan 100
vlan 999
interface NULL0
interface Vlan-interface100
interface Vlan-interface999
ip address 10.0.0.3 255.255.255.0
interface FortyGigE1/0/53
port link-mode bridge
interface FortyGigE1/0/54
port link-mode bridge
interface GigabitEthernet1/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan all
combo enable fiber
interface GigabitEthernet1/0/2
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20 100
port trunk pvid vlan 100
combo enable fiber
interface GigabitEthernet1/0/3
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 2 to 4094
port trunk pvid vlan 100
combo enable fiber
interface GigabitEthernet1/0/4
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 10 20 100
port trunk pvid vlan 100
combo enable fiber
line class aux
user-role network-operator
line class console
user-role network-admin
line class tty
user-role network-operator
line class vty
user-role network-operator
line aux 0
user-role network-operator
line con 0
user-role network-admin
line vty 0 63
user-role network-operator
radius scheme system
user-name-format without-domain
domain name system
domain default enable system
user-group system
return
AC控制器命令行配置:
dis cu
dis current-configuration
version 7.1.064, Alpha 7165
sysname ac
wlan global-configuration
firmware-upgrade disable
xbar load-single
password-recovery enable
lpu-type f-series
vlan 1
vlan 10
vlan 20
vlan 100
vlan 999
wlan service-template service1
description nwy
ssid office
vlan 10
client forwarding-location ap vlan 10
akm mode psk
preshared-key pass-phrase cipher $c 3 3 3dKW/rawuku3LG+T8sgfu8BrYHnKc05xgps+kVnQ=
cipher-suite ccmp
cipher-suite tkip
security-ie rsn
security-ie wpa
service-template enable
wlan service-template service2
description guest
ssid guest
vlan 20
client forwarding-location ap vlan 20
service-template enable
interface NULL0
interface Vlan-interface999
ip address 10.0.0.2 255.255.255.0
interface GigabitEthernet1/0/0
port link-mode bridge
combo enable fiber
interface GigabitEthernet1/0/1
port link-mode bridge
combo enable fiber
interface GigabitEthernet1/0/2
port link-mode bridge
port link-type trunk
port trunk permit vlan all
combo enable fiber
scheduler logfile size 16
line class aux
user-role network-operator
line class console
user-role network-admin
line class tty
user-role network-operator
line class vty
user-role network-operator
line aux 0
user-role network-operator
line con 0
user-role network-admin
line vty 0 31
user-role network-operator
ip route-static 0.0.0.0 0 10.0.0.1
domain system
domain default enable system
role name level-0
description Predefined level-0 role
user-group system
local-user admin class manage
password hash $h 6 6 6aolzY39ZnrIHwY3u$r4gIlJ+FAe+IGfcgfefRHXAbeAYqHFgbDPkaWNMOmMUvAleovt7p8w8lDml3VVmUzx9TXVxQyWcsVTbXiGW8zg==
service-type telnet http https
authorization-attribute user-role 15
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
ip http enable
ip https enable
wlan auto-ap enable
wlan auto-persistent enable
wlan ap-group default-group
vlan 1
wlan ap JXL_1L model WA6320-HCL
serial-id H3C_0E-9B-A8-78-07-00
vlan 1
radio 1
radio enable
service-template service1
service-template service2
radio 2
radio enable
service-template service1
service-template service2
gigabitethernet 1
wlan ap JXL_2L model WA6320-HCL
serial-id H3C_06-C7-14-C7-04-00
vlan 1
radio 1
radio enable
service-template service1
service-template service2
radio 2
radio enable
service-template service1
service-template service2
gigabitethernet 1
wlan ap JXL_3L model WA6320-HCL
serial-id H3C_06-C7-2C-DA-05-00
vlan 1
radio 1
radio enable
service-template service1
service-template service2
radio 2
radio enable
service-template service1
service-template service2
gigabitethernet 1
return
AC控制器web配置:
默认路由配置:
ac接口配置:
添加vlan:
配置和核心互联地址:
新增2个ssid:
绑定已上线的AP到ssid:
查看已上线的ap:
开启发射信号出来:
把上线的ap加入到ssid组中去,因为我们用的是默认的魔板组default-group,所以ap也自动加入到了这个组中:
对上线后的ap重命名:
