华为ac+fit漫游配置案例

华为ac+fit漫游配置案例_第1张图片

Ap漫游配置:
其它配置上面一样,ap管理dhcp和业务dhcp全在汇聚交换机

R1:
interface GigabitEthernet0/0/0
ip address 11.1.1.1 255.255.255.0

ip route-static 12.2.2.0 255.255.255.0 11.1.1.2
ip route-static 192.168.0.0 255.255.0.0 11.1.1.2

lsw1:
vlan batch 100 200 300

interface Vlanif100
ip address 13.1.1.1 255.255.255.0

interface Vlanif200
ip address 12.2.2.1 255.255.255.0

interface Vlanif300
ip address 11.1.1.2 255.255.255.0

interface GigabitEthernet0/0/1
port link-type access
port default vlan 300

interface GigabitEthernet0/0/2
port link-type access
port default vlan 200

interface GigabitEthernet0/0/3
port link-type access
port default vlan 100

ospf 1 router-id 1.1.1.1
silent-interface GigabitEthernet0/0/1
silent-interface GigabitEthernet0/0/3
area 0.0.0.0
network 12.2.2.0 0.0.0.255
network 13.1.1.0 0.0.0.255
network 11.1.1.0 0.0.0.255

Lsw2:
vlan batch 10 20 200 1000
interface Vlanif10
ip address 192.168.10.1 255.255.255.0
dhcp select interface
dhcp server dns-list 8.8.8.8

interface Vlanif20
ip address 192.168.20.1 255.255.255.0
dhcp select interface
dhcp server dns-list 8.8.8.8

interface Vlanif200
ip address 12.2.2.2 255.255.255.0

interface Vlanif1000 (给ap自动获取管理地址)
ip address 192.168.100.1 255.255.255.0
dhcp select interface
dhcp server option 43 sub-option 3 ascii 13.1.1.2

interface GigabitEthernet0/0/1
port link-type access
port default vlan 200

interface GigabitEthernet0/0/2
port link-type trunk
undo port trunk allow-pass vlan 1 这条应该可以不用配置
port trunk allow-pass vlan 10 20 1000

ospf 1 router-id 2.2.2.2
silent-interface GigabitEthernet0/0/2
area 0.0.0.0
network 12.2.2.0 0.0.0.255
network 192.168.10.0 0.0.0.255
network 192.168.20.0 0.0.0.255
network 192.168.100.0 0.0.0.255

lsw3:
vlan batch 10 20 1000
interface MEth0/0/1

interface Ethernet0/0/1
port link-type trunk
undo port trunk allow-pass vlan 1 这条应该可以不用配置
port trunk allow-pass vlan 10 20 1000

interface Ethernet0/0/2
port link-type access
port default vlan 10

interface Ethernet0/0/3
port link-type trunk
port trunk pvid vlan 1000
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 20 1000

interface Ethernet0/0/4
port link-type trunk
port trunk pvid vlan 1000
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 20 1000

interface GigabitEthernet0/0/2
port link-type access
port default vlan 10

Ac配置:
interface Vlanif100
ip address 13.1.1.2 255.255.255.0

interface GigabitEthernet0/0/1
port link-type access
port default vlan 100

interface GigabitEthernet0/0/2
port link-type access
port default vlan 100

ip route-static 0.0.0.0 0.0.0.0 13.1.1.1

capwap source interface vlanif100

display ip pool interface vlanif1000 used //在lsw2上查看dhcp的ap物理地址

wlan
ap auth-mode mac-auth 用ap的网卡地址验证
ap-id 1 type-id 69 ap-mac 00e0-fc2e-2990 第一个ap就用1,ap2050编号69
ap-id 2 type-id 69 ap-mac 00e0-fc4c-6110 第二个ap就用2

  1. 配置WLAN业务(都要先进入wlan命令下配置)
    (1)配置员工网络的VAP模板(employee)
    [AC-wlan-view] security-profile name employee //创建名为“employee”的安全模板
    [AC-wlan-sec-prof-employee] security wpa2 psk pass-phrase huawei@123 aes //设置无线密码。如果出现提示信息,则输入y确认
    [AC-wlan-sec-prof-employee] quit
    [AC-wlan-view] ssid-profile name employee //创建名为“employee”的SSID模板
    [AC-wlan-ssid-prof-employee] ssid employee //指定SSID为“employee”。如果出现提示信息,则输入y确认
    [AC-wlan-ssid-prof-employee] quit
    [AC-wlan-view] vap-profile name employee //创建名为“employee”的VAP模板,引用安全模板和SSID模板,
    [AC-wlan-vap-prof-employee] security-profile employee
    [AC-wlan-vap-prof-employee]forward-mode direct-forward //用直接转发
    [AC-wlan-vap-prof-employee] ssid-profile employee
    [AC-wlan-vap-prof-employee] service-vlan vlan-id 20 //指定VAP对应的业务VLAN
    [AC-wlan-vap-prof-employee] quit

配置漫游模板,名为rrm
rrm-profile name rrm
smart-roam enable
smart-roam roam-threshold check-snr check-rate
smart-roam roam-threshold snr 30
smart-roam roam-threshold rate 30

创建2g模板,关联rrm漫游模板
radio-2g-profile name 2g
rrm-profile rrm

创建5g模板,关联rrm漫游模板
radio-5g-profile name 5g
rrm-profile rrm

创建ap模板名为ap,关联vap模板,并且关联射频模板2g和5g
ap-group name ap
radio 0
radio-2g-profile 2g
vap-profile employee wlan 1
radio 1
radio-5g-profile 5g
vap-profile employee wlan 1

把ap关联ap组,化进ap组之后,ap会重启,
重启完成后会有wifi的范围圈圈出来,此时就可以打开电脑进行连接
ap-id 1
ap-group ap
ap-id 2
ap-group ap

你可能感兴趣的:(网络工程,华为,网络,运维)