恢復出廠
<WA2620i-AGN>reset save
The saved configuration file will be erased. Are you sure? [Y/N]:y
Configuration file in flash is being cleared.
Please wait ...
....
Configuration file is cleared.
<WA2620i-AGN>reboot
Start to check configuration with next startup configuration file, please wait.
........DONE!
This command will reboot the device. Current configuration will be lost, save c
urrent configuration? [Y/N]:n
This command will reboot the device. Continue? [Y/N]:y
#Nov 24 03:03:52:580 2014 WA2620i-AGN DEVM/1/REBOOT:
Reboot device by command.
配置交換機名稱
<WA2620i-AGN>sys
System View: return to User View with Ctrl+Z.
[WA2620i-AGN]sysname IT-WA2620-3
配置管理地址
interface Vlan-interface1
ip address 172.16.1.10 255.255.255.0
配置管理員賬號及密碼,爲該用戶開啓telnet、con、web服務
[IT-WA2620-3]local-user admin
[IT-WA2620-3-luser-admin]password cipher 12345678
[IT-WA2620-3-luser-admin]service-type telnet terminal
[IT-WA2620-3-luser-admin]service-type web
配置con接口與telnet
[IT-WA2620-3]user-interface con 0
[IT-WA2620-3-ui-console0]authentication-mode scheme
[IT-WA2620-3-ui-console0]quit
[IT-WA2620-3]user-interface vty 0 4
[IT-WA2620-3-ui-vty0-4]authentication-mode scheme
[IT-WA2620-3-ui-vty0-4]quit
配置SSH(最好逐行復制輸入,中間有對話框,不要全部複製粘貼)
ssh server enable
public-key local create rsa
1024
user-interface vty 0 4
authentication-mode scheme
protocol inbound ssh
quit
local-user admin
service-type ssh
authorization-attribute level 3
quit
ssh user admin service-type stelnet authentication-type password
配置用戶之間不隔離
undo wlan-client-isolation enable
添加缺省路由
ip route-static 0.0.0.0 0.0.0.0 172.16.1.1
配置SNMP
snmp-agent
snmp-agent community read public
snmp-agent sys-info version all
配置NTP
ntp-service unicast-server 210.72.145.44
ntp-service unicast-server 202.120.2.101
配置上行鏈路爲Trunk
interface g1/0/1
port link-type trunk
port trunk permit vlan all
配置需要通過VLAN
vlan 10
Description Server-Lan
vlan 20
Description Desktop-Lan
vlan 30
Description Laptop-Lan
vlan 40
Description Guest-Lan
。
。
。
配置多VLAN無線接口
interface WLAN-BSS 11
port link-type access
port access vlan 30
interface WLAN-BSS 12
port link-type access
port access vlan 30
interface WLAN-BSS 13
port link-type access
port access vlan 40
interface WLAN-BSS 14
port link-type access
port access vlan 40
配置模板與SSID參數(通常所謂的AES加密)
wlan service-template 11 crypto
ssid YYE5G-H3C
cipher-suite tkip
security-ie rsn
wlan service-template 12 crypto
ssid YYE-H3C
cipher-suite tkip
security-ie rsn
wlan service-template 13 crypto
ssid Guest5G-H3C
cipher-suite tkip
security-ie rsn
wlan service-template 14 crypto
ssid Guest-H3C
cipher-suite tkip
security-ie rsn
interface WLAN-BSS 11
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase simple 12345678
interface WLAN-BSS 12
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase simple 12345678
interface WLAN-BSS 13
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase simple 12345678
interface WLAN-BSS 14
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase simple 12345678
配置開放SSID(舉例)
wlan service-template 1 clear
ssid H3C
配置射頻綁定SSID、模板、信道
[IT-WA2620-3]interface WLAN-Radio1/0/1
[IT-WA2620-3-WLAN-Radio1/0/1]service-template 11 interface wlan-bss 11
[IT-WA2620-3-WLAN-Radio1/0/1]service-template 13 interface wlan-bss 13
[IT-WA2620-3-WLAN-Radio1/0/1]interface WLAN-Radio1/0/2
[IT-WA2620-3-WLAN-Radio1/0/1]service-template 12 interface wlan-bss 12
[IT-WA2620-3-WLAN-Radio1/0/1]service-template 14 interface wlan-bss 14
[IT-WA2620-3-WLAN-Radio1/0/1]channel 6
清理默認模板H3C
[IT-WA2620-3]interface WLAN-Radio1/0/2
[IT-WA2620-3-WLAN-Radio1/0/2]undo service-template 1
[IT-WA2620-3-WLAN-Radio1/0/2]quit
[IT-WA2620-3]undo wlan service-template 1
[IT-WA2620-3]undo interface WLAN-BSS32
[IT-WA2620-3]undo interface WLAN-BSS33
啓用模板(放出SSID信號)
wlan service-template 11 crypto
service-template enable
wlan service-template 12 crypto
service-template enable
wlan service-template 13 crypto
service-template enable
wlan service-template 14 crypto
service-template enable