思科有线无线混合环境下VLAN设置

            思科有线无线混合环境下VLAN设置

   该实验实现思科有线无线混合环境下Vlan的配置。

    实验目的：  

      1.     掌握思科胖AP基本配置概念

      2.     掌握思科无线AP与思科交换机在VLAN环境下的配置

      3.     掌握利用思科交换机搭建DHCP角色

     

    实验拓扑：

 

                  

          WS-C3550-24-EMI交换机上划分了3个VLAN，VLAN的划分如上图所示。并且交换机上设定了DHCP功能，分别作了两个池---VLAN3:192.168.3.0和VLAN4:192.168.4.0.交换机和AP间做TRUNK。AP上设定两个SSID分别是：VLAN3和VLAN4.PC1通过SSID VLAN3获得VLAN 3的IP，PC2通过SSID VLAN4获得VLAN4的IP。

 

实验配置：

一．交换机配置：

Switch>en

Switch#show run

Building configuration...

 

Current configuration : 2601 bytes

!

version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Switch

!

!

no aaa new-model

ip subnet-zero

ip routing

ip dhcp excluded-address 192.168.3.1

ip dhcp excluded-address 192.168.4.1

!

ip dhcp pool vlan3

   network 192.168.3.0 255.255.255.0

   default-router 192.168.3.1

!

ip dhcp pool vlan4

   network 192.168.4.0 255.255.255.0

   default-router 192.168.4.1

!

!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

!

!

interface FastEthernet0/1

 switchport mode dynamic desirable

!

interface FastEthernet0/2

 switchport mode dynamic desirable

!

interface FastEthernet0/3

 switchport trunk encapsulation dot1q

 switchport trunk native vlan 2

 switchport mode trunk

 switchport nonegotiate

!

interface Vlan1

 no ip address

 shutdown

!

interface Vlan2

 ip address 192.168.2.1 255.255.255.0

!

interface Vlan3

 ip address 192.168.3.1 255.255.255.0

!

interface Vlan4

 ip address 192.168.4.1 255.255.255.0

!

ip classless

ip http server

!

!

control-plane

!

!

line con 0

line vty 5 15

!

End

 

二．无线AP配置

ap#show run

Building configuration...

 

Current configuration : 2597 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname ap

!

enable secret 5 $1$z9wN$KTFEPgpYJES8rClAE7oxW0

!

no aaa new-model

!

!

dot11 mbssid

dot11 syslog

dot11 vlan-name device vlan 2

dot11 vlan-name vlan3 vlan 3

dot11 vlan-name vlan4 vlan 4

!

dot11 ssid vlan3

   vlan 3

   authentication open

   mbssid guest-mode

!

dot11 ssid vlan4

   vlan 4

   authentication open

   mbssid guest-mode

!

!

!

username Cisco password 7 106D000A0618

!

!

bridge irb

!

!

interface Dot11Radio0

 no ip address

 no ip route-cache

 !

 ssid vlan3

 !

 ssid vlan4

 !

 station-role root

!

interface Dot11Radio0.2

 encapsulation dot1Q 2 native

 no ip route-cache

 bridge-group 1

 bridge-group 1 subscriber-loop-control

 bridge-group 1 block-unknown-source

 no bridge-group 1 source-learning

 no bridge-group 1 unicast-flooding

 bridge-group 1 spanning-disabled

!

interface Dot11Radio0.3

 encapsulation dot1Q 3

 no ip route-cache

 bridge-group 3

 bridge-group 3 subscriber-loop-control

 bridge-group 3 block-unknown-source

 no bridge-group 3 source-learning

 no bridge-group 3 unicast-flooding

 bridge-group 3 spanning-disabled

!         

interface Dot11Radio0.4

 encapsulation dot1Q 4

 no ip route-cache

 bridge-group 4

 bridge-group 4 subscriber-loop-control

 bridge-group 4 block-unknown-source

 no bridge-group 4 source-learning

 no bridge-group 4 unicast-flooding

 bridge-group 4 spanning-disabled

!

interface Dot11Radio1

 no ip address

 no ip route-cache

 shutdown

 station-role root

 bridge-group 1

 bridge-group 1 subscriber-loop-control

 bridge-group 1 block-unknown-source

 no bridge-group 1 source-learning

 no bridge-group 1 unicast-flooding

 bridge-group 1 spanning-disabled

!

interface FastEthernet0

 no ip address

 no ip route-cache

 duplex auto

 speed auto

!

interface FastEthernet0.2

 encapsulation dot1Q 2 native

 no ip route-cache

 bridge-group 1

 no bridge-group 1 source-learning

 bridge-group 1 spanning-disabled

!

interface FastEthernet0.3

 encapsulation dot1Q 3

 no ip route-cache

 bridge-group 3

 no bridge-group 3 source-learning

 bridge-group 3 spanning-disabled

!

interface FastEthernet0.4

 encapsulation dot1Q 4

 no ip route-cache

 bridge-group 4

 no bridge-group 4 source-learning

 bridge-group 4 spanning-disabled

!

interface BVI1

 ip address 192.168.2.2 255.255.255.0

 ip helper-address 192.168.2.1

 no ip route-cache

!

ip http server

no ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

bridge 1 route ip

!

!

!

line con 0

line vty 0 4

 login local

!

end

实验中遇到的问题和需要澄清的一些概念：

   要想理解思科无线AP的配置需要弄懂一些概念，否则不太容易理解，这里列出几个相关的关键字，大家可以拜一下百度或Google大神，多看几种解释可能对概念的理解更加全面些，还有对于思科的相关设备配置千万不要忽视官网的作用，不多说，关键字如下：

1.     Native VLAN

2.     MBSSID

3.     Bridge Group

4.     BVI

5.     类似于Dot11Radio0.3之类的子接口

 

 

          实验环境说明：

本文出自 “dudu” 博客，谢绝转载！