运维开发网

华为WLAN的配置——三层互通采用直接转发

运维开发网 https://www.qedev.com 2021-01-23 10:19 出处:51CTO 作者:Tony7483
华为WLAN的配置——三层互通采用直接转发

华为WLAN的配置——三层互通采用直接转发

1.连通接入交换机

[sw-jr]vlan batch 10 to 13

[sw-jr-GigabitEthernet0/0/1]port link-type trunk

[sw-jr-GigabitEthernet0/0/1]port trunk pvid vlan 10

[sw-jr-GigabitEthernet0/0/1]port trunk allow-pass vlan 10 to 12

[sw-jr-GigabitEthernet0/0/2]port link-type trunk

[sw-jr-GigabitEthernet0/0/2]port trunk pvid vlan 10

[sw-jr-GigabitEthernet0/0/2]port trunk allow-pass vlan 10 to 12

[sw-jr-GigabitEthernet0/0/3]port link-type trunk

[sw-jr-GigabitEthernet0/0/3]port trunk allow-pass vlan all

[sw-jr-GigabitEthernet0/0/4]port link-type access

[sw-jr-GigabitEthernet0/0/4]port default vlan 13

2.连通汇聚交换机

[sw-hj]vlan batch 10 to 13

[sw-hj-GigabitEthernet0/0/1]port link-type trunk

[sw-hj-GigabitEthernet0/0/1]port trunk allow-pass vlan all

[sw-hj-GigabitEthernet0/0/2]port link-type trunk

[sw-hj-GigabitEthernet0/0/2]port trunk allow-pass vlan all

3.连通AC

[AC]vlan batch 10 to 13

[AC-GigabitEthernet0/0/1]port link-type trunk

[AC-GigabitEthernet0/0/1]port trunk allow-pass vlan all

[AC-Vlanif13]ip add 10.1.13.13 24

[AC]ip route-static 0.0.0.0 0.0.0.0 10.1.13.1 //配置指向网关的缺省路由

4.汇聚交换机作为网关

[sw-hj-Vlanif10]ip add 10.1.10.1 24

[sw-hj-Vlanif11]ip add 10.1.11.1 24

[sw-hj-Vlanif12]ip add 10.1.12.1 24

[sw-hj-Vlanif13]ip add 10.1.13.1 24

5.汇聚交换机作为DHCP服务器

[sw-hj]dhcp enable

[sw-hj]ip pool ap-pool

[sw-hj-ip-pool-ap-pool]gateway-list 10.1.10.1

[sw-hj-ip-pool-ap-pool]network 10.1.10.0 mask 24

[sw-hj-ip-pool-ap-pool]dns-list 114.114.114.114

[sw-hj-ip-pool-ap-pool]option 43 sub-option 3 ascii 10.1.13.13 //指定AC的ip

[sw-hj]ip pool ssid-c-1

[sw-hj-ip-pool-ssid-c-1]network 10.1.10.0 mask 24

[sw-hj-ip-pool-ssid-c-1]gateway-list 10.1.11.1

[sw-hj-ip-pool-ssid-c-1]network 10.1.11.0 mask 24

[sw-hj-ip-pool-ssid-c-1]dns-list 114.114.114.114

[sw-hj-ip-pool-ssid-c-1]ip pool ssid-c-2

[sw-hj-ip-pool-ssid-c-2]gateway-list 10.1.12.1

[sw-hj-ip-pool-ssid-c-2]dns-list 114.114.114.114

[sw-hj-ip-pool-ssid-c-2]network 10.1.12.0 mask 24

[sw-hj]ip pool PC

[sw-hj-ip-pool-pc]gateway-list 10.1.13.1

[sw-hj-ip-pool-pc]network 10.1.13.0 mask 24

[sw-hj-ip-pool-pc]dns-list 114.114.114.114

[sw-hj-ip-pool-pc]excluded-ip-address 10.1.13.13

[sw-hj-Vlanif10]dhcp select global

[sw-hj-Vlanif11]dhcp select global

[sw-hj-Vlanif12]dhcp select global

[sw-hj-Vlanif13]dhcp select global

华为WLAN的配置——三层互通采用直接转发

华为WLAN的配置——三层互通采用直接转发

6.配置AP上线

[AC]wlan

[AC-wlan-view]ap-group name ap-group1 //创建AP组

[AC]capwap source interface Vlanif 13 //AC管理地址

[AC-wlan-view]regulatory-domain-profile name domain1

[AC-wlan-regulate-domain-domain1]country-code CN

[AC-wlan-view]ap-group name ap-group1

[AC-wlan-ap-group-ap-group1]regulatory-domain-profile domain1

[AC-wlan-view]ap-mac 00e0-fc6e-2bb0 ap-id 0

[AC-wlan-ap-0]ap-group ap-group1

[AC-wlan-view]ap-mac 00e0-fc3c-3f60 ap-id 1

[AC-wlan-ap-1]ap-group ap-group1

华为WLAN的配置——三层互通采用直接转发

7.配置WLAN业务下发

[AC-wlan-view]security-profile name security-c //创建安全模板

[AC-wlan-view]ssid-profile name c-1 //创建SSID模板

[AC-wlan-ssid-prof-c-1]ssid c-1 //绑定ssid

[AC-wlan-view]ssid-profile name c-2

[AC-wlan-ssid-prof-c-2]ssid c-2

[AC-wlan-view]vap-profile name c-1-vap //创建vap模板

[AC-wlan-vap-prof-c-1-vap]forward-mode direct-forward //转发方式为直接转发

[AC-wlan-vap-prof-c-1-vap]service-vlan vlan-id 11 //绑定服务vlan

[AC-wlan-vap-prof-c-1-vap]security-profile security-c //绑定安全模板

[AC-wlan-vap-prof-c-1-vap]ssid-profile c-1 //绑定ssid模板

[AC-wlan-view]vap-profile name c-2-vap

[AC-wlan-vap-prof-c-2-vap]forward-mode direct-forward

[AC-wlan-vap-prof-c-2-vap]service-vlan vlan-id 12

[AC-wlan-vap-prof-c-2-vap]security-profile security-c

[AC-wlan-vap-prof-c-2-vap]ssid-profile c-2

[AC-wlan-view]ap-group name ap-group1 //进入AP组

[AC-wlan-ap-group-ap-group1]vap-profile c-1-vap wlan 1 radio all

[AC-wlan-ap-group-ap-group1]vap-profile c-2-vap wlan 2 radio all

华为WLAN的配置——三层互通采用直接转发

8.验证

STA1连接信道1,STA2连接信道149

华为WLAN的配置——三层互通采用直接转发

华为WLAN的配置——三层互通采用直接转发

可以互相ping通,可以抓包验证

扫码领视频副本.gif

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号