如下拓扑图
- 配置AP上线,PC可以连接使用
![在这里插入图片描述]()
配置交换机
- SW1配置相关VLAN,配置接口类型
[SW1]vlan batch 10 20 30
[SW1]int g0/0/1
[SW1-GigabitEthernet0/0/1]port link-type trunk
[SW1-GigabitEthernet0/0/1]port trunk pvid vlan 10
[SW1-GigabitEthernet0/0/1]port trunk allow-pass vlan 10 20 30
[SW1-GigabitEthernet0/0/1]int g0/0/2
[SW1-GigabitEthernet0/0/2]port link-type trunk
[SW1-GigabitEthernet0/0/2]port trunk pvid vlan 10
[SW1-GigabitEthernet0/0/2]port trunk allow-pass vlan 10 20 30
[SW1-GigabitEthernet0/0/2]int g0/0/3
[SW1-GigabitEthernet0/0/3]port link-type trunk
[SW1-GigabitEthernet0/0/3]port trunk allow-pass vlan 10 20 30
- SW2配置相关VLAN,配置接口类型
[SW2]vlan batch 10 20 30
[SW2]int g0/0/1
[SW2-GigabitEthernet0/0/1]port link-type trunk
[SW2-GigabitEthernet0/0/1]port trunk allow-pass vlan 10 20 30
[SW2-GigabitEthernet0/0/1]int g0/0/2
[SW2-GigabitEthernet0/0/2] port link-type trunk
[SW2-GigabitEthernet0/0/2] port trunk allow-pass vlan 10 20 30
配置AC
- AC配置相关VLAN,配置接口类型
[AC]vlan batch 10 20 30
[AC]int g0/0/1
[AC-GigabitEthernet0/0/1]port link-type trunk
[AC-GigabitEthernet0/0/1]port trunk allow-pass vlan 10 20 30
- 配置管理VLAN
[AC]int Vlanif 10
[AC-Vlanif10]ip ad 10.1.1.1 24
- 创建AP组
[AC]wlan
[AC-wlan-view]ap-group name Bad
- 开启基于接口的DHCP功能
[AC]dhcp enable
[AC]int Vlanif 10
[AC-Vlanif10]dhcp select interface
[AC-Vlanif10]int vlan 20
[AC-Vlanif20]ip ad 20.1.1.1 24
[AC-Vlanif20]dhcp select interface
[AC-Vlanif20]int vlan 30
[AC-Vlanif30]ip ad 30.1.1.1 24
[AC-Vlanif30]dhcp select interface
- 创建管理域,配置国家码
[AC]wlan
[AC-wlan-view]regulatory-domain-profile name YGL //创建管理域模板
[AC-wlan-regulate-domain-YGL]country-code CN //配置AC国家码
[AC-wlan-regulate-domain-YGL]q
[AC-wlan-view]ap-group name Bad //域管理绑定至AP组
[AC-wlan-ap-group-Bad]regulatory-domain-profile YGL //绑定域管理模板
- 建立capwap隧道
[AC]capwap source interface Vlanif 10
- 配置AP认证
# 配置AP1
[AC]wlan
[AC-wlan-view]ap auth-mode mac-auth //使用MAC地址认证
[AC-wlan-view]ap-mac 00E0-FC90-7B80 ap-id 0 //配置认证
[AC-wlan-ap-0]ap-group Bad //添加至AP组
# 配置AP2
[AC-wlan-view]ap-mac 00E0-FCC3-6E60 ap-id 1
[AC-wlan-ap-1]ap-group Bad
AC配置VAP模板
- 配置安全模板
[AC-wlan-view]security-profile name 1
- 配置SSID模板
[AC-wlan-view]ssid-profile name 1 //配置SSID模板1
[AC-wlan-ssid-prof-1]ssid 1 //SSID配置1
[AC-wlan-ssid-prof-1]q
[AC-wlan-view]ssid-profile name 2
[AC-wlan-ssid-prof-2]ssid 2
- VAP模板调用SSID模板
[AC]wlan
[AC-wlan-view]vap-profile name 1 //配置VAP模板1
[AC-wlan-vap-prof-1]forward-mode direct-forward //配置直接转发
[AC-wlan-vap-prof-1]service-vlan vlan-id 20 //指定业务VLAN
[AC-wlan-vap-prof-1]security-profile 1 //调用安全模板
[AC-wlan-vap-prof-1]ssid-profile 1 //调用SSID模板
[AC-wlan-vap-prof-1]q
[AC-wlan-view]vap-profile name 2
[AC-wlan-vap-prof-2]forward-mode direct-forward
[AC-wlan-vap-prof-2]service-vlan vlan-id 30
[AC-wlan-vap-prof-2]security-profile 1
[AC-wlan-vap-prof-2]ssid-profile 2
配置AP
- 加入所有模板
[AC-wlan-view]ap-group name Bad
[AC-wlan-ap-group-Bad]vap-profile 1 wlan 1 radio all
[AC-wlan-ap-group-Bad]vap-profile 2 wlan 2 radio all
实验完成效果图
以上内容均属原创,如有不详或错误,敬请指出。
本文链接:
https://blog.csdn.net/qq_45668124/article/details/105958730
版权声明:
本博客所有文章除特别声明外,均采用
CC BY-NC-SA 4.0
许可协议。转载请注明出处!