运维开发网

华为WLAN配置——二层互通数据采用隧道转发

运维开发网 https://www.qedev.com 2021-01-23 10:18 出处:51CTO 作者:Tony7483
华为WLAN配置——二层互通数据采用隧道转发

华为WLAN配置——二层互通数据采用隧道转发

1.接入交换机连通性配置

[SW1]vlan batch 300 to 303

[SW1-GigabitEthernet0/0/1]port link-type access

[SW1-GigabitEthernet0/0/1]port default vlan 300

[SW1-GigabitEthernet0/0/2]port link-type access

[SW1-GigabitEthernet0/0/2]port default vlan 300

[SW1-GigabitEthernet0/0/4]port link-type access

[SW1-GigabitEthernet0/0/4]port default vlan 303

[SW1-GigabitEthernet0/0/3]port link-type trunk

[SW1-GigabitEthernet0/0/3]port trunk allow-pass vlan all

2.汇聚交换机的连通性配置:

[SW2]vlan batch 300 to 303

[SW2-GigabitEthernet0/0/1]port link-type trunk

[SW2-GigabitEthernet0/0/1]port trunk allow-pass vlan all

[SW2-GigabitEthernet0/0/2]port link-type trunk

[SW2-GigabitEthernet0/0/2]port trunk allow-pass vlan all

3.AC的连通性配置:

[AC]vlan batch 300 to 303

[AC-GigabitEthernet0/0/1]port link-type trunk

[AC-GigabitEthernet0/0/1]port trunk allow-pass vlan all

[AC-Vlanif300]ip add 10.1.30.3 24

4.配置汇聚交换机作为网关

[SW2-Vlanif300]ip add 10.1.30.1 24

[SW2-Vlanif301]ip add 10.1.31.1 24

[SW2-Vlanif302]ip add 10.1.32.1 24

[SW2-Vlanif303]ip add 10.1.33.1 24

5.配置汇聚交换机为DHCP服务器

[SW2]dhcp enable

[SW2]ip pool ap-pool

[SW2-ip-pool-ap-pool]gateway-list 10.1.30.1

[SW2-ip-pool-ap-pool]network 10.1.30.0 mask 24

[SW2-ip-pool-ap-pool]dns-list 114.114.114.114

[SW2]ip pool ssid-b-1

[SW2-ip-pool-ssid-b-1]gateway-list 10.1.31.1

[SW2-ip-pool-ssid-b-1]network 10.1.31.0 mask 24

[SW2-ip-pool-ssid-b-1]dns-list 114.114.114.114

[SW2-ip-pool-ssid-b-1]ip pool ssid-b-2

[SW2-ip-pool-ssid-b-2]gateway-list 10.1.32.1

[SW2-ip-pool-ssid-b-2]network 10.1.32.0 mask 24

[SW2-ip-pool-ssid-b-2]dns-list 114.114.114.114

[SW2-ip-pool-ssid-b-2]ip pool vlan303

[SW2-ip-pool-vlan303]gateway-list 10.1.33.1

[SW2-ip-pool-vlan303]network 10.1.33.0 mask 24

[SW2-ip-pool-vlan303]dns-list 114.114.114.114

[SW2-Vlanif300]dhcp select global

[SW2-Vlanif301]dhcp select global

[SW2-Vlanif302]dhcp select global

[SW2-Vlanif303]dhcp select global

6.AP的配置

[AC-wlan-view]ap-group name ap-group1 //创建AP组

[AC]capwap source interface Vlanif 300 //配置与AP通信的源接口

[AC-wlan-view]regulatory-domain-profile name domain1 //创建域管理模板

[AC-wlan-regulate-domain-domain1]country-code CN //配置国家代码

[AC-wlan-view]ap-group name ap-group1 //创建AP组

[AC-wlan-ap-group-ap-group1]regulatory-domain-profile domain1 //绑定域管理模板到AP组

[AC-wlan-view]ap auth-mode mac-auth //配置认证方式

[AC-wlan-view]ap-mac 00e0-fc69-3d90 ap-id 0 //绑定AP1

[AC-wlan-ap-0]ap-name b-1

[AC-wlan-ap-0]ap-group ap-group1 //加入到AP组

[AC-wlan-view]ap-mac 00e0-fc25-80f0 ap-id 1 //绑定AP2

[AC-wlan-ap-1]ap-name b-2

[AC-wlan-ap-1]ap-group ap-group1

华为WLAN配置——二层互通数据采用隧道转发

7.WLAN业务配置:

[AC-wlan-view]security-profile name security-1 //创建安全模板

[AC-wlan-view]ssid-profile name b-1

[AC-wlan-ssid-prof-b-1]ssid b-1

[AC-wlan-view]ssid-profile name b-2

[AC-wlan-ssid-prof-b-2]ssid b-2

[AC-wlan-view]vap-profile name b-1-vap //创建vap模板

[AC-wlan-vap-prof-b-1-vap]forward-mode tunnel //转发方式选择隧道

[AC-wlan-vap-prof-b-1-vap]service-vlan vlan-id 301 //绑定AP1

[AC-wlan-vap-prof-b-1-vap]security-profile security-1 //选择安全模板

[AC-wlan-vap-prof-b-1-vap]ssid-profile b-1

[AC-wlan-view]vap-profile name b-2-vap

[AC-wlan-vap-prof-b-2-vap]forward-mode tunnel

[AC-wlan-vap-prof-b-2-vap]service-vlan vlan-id 302

[AC-wlan-vap-prof-b-2-vap]security-profile security-1

[AC-wlan-vap-prof-b-2-vap]ssid-profile b-2

[AC-wlan-view]ap-group name ap-group1 //进入AP组

[AC-wlan-ap-group-ap-group1]vap-profile b-1-vap wlan 1 radio all //绑定VAP模板

[AC-wlan-ap-group-ap-group1]vap-profile b-2-vap wlan 2 radio all

华为WLAN配置——二层互通数据采用隧道转发

华为WLAN配置——二层互通数据采用隧道转发

8.验证隧道转发

让AP1连接到b-1的channel 1,AP2连接到b-2的channel 149

STA1可以ping通STA2

在STA1上抓包如下:

华为WLAN配置——二层互通数据采用隧道转发

在AP1上抓包如下:验证了隧道封装

华为WLAN配置——二层互通数据采用隧道转发

扫码领视频副本.gif

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号