WLAN无线直接转发和隧道转发实验-小魏谈seo织梦建站

WLAN无线直接转发和隧道转发实验：

实验用的设备：

1.交换机lsw1和lsw2用的型号是s5700

2.ap用的是ap6050，路由器用的是AR2220，AC用的是AC6605

配置如下：

AC6605配置：

<AC6605>dis cu
#
vlan batch 100 to 102
#
dhcp enable
#
interface Vlanif100
ip address 192.168.100.254 255.255.255.0
dhcp select interface
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
capwap source interface vlanif100
#
wlan
security-profile name sec_gust
security wpa-wpa2 psk pass-phrase %^%#w#)CHu\aF8[s2yBxrzwM{CU&X{JZ=;Wj{}2ix”r&
%^%# aes
security-profile name sec_work
security wpa-wpa2 psk pass-phrase %^%#evE+0a|hsAYNO3<T@5/TYpG,Z&Hr#/8gIUEhM8%~
%^%# aes
ssid-profile name profile_gust
ssid gust
ssid-profile name profile_work
ssid work
vap-profile name vap_gust
service-vlan vlan-id 102
ssid-profile profile_gust
security-profile sec_work
vap-profile name vap_work
forward-mode tunnel
service-vlan vlan-id 101
ssid-profile profile_work
security-profile sec_work
regulatory-domain-profile name china
regulatory-domain-profile name default
radio-2g-profile name default
radio-5g-profile name default
ap-group name jiaoxue
regulatory-domain-profile china
radio 0
vap-profile vap_work wlan 1
vap-profile vap_gust wlan 2
radio 1
vap-profile vap_work wlan 1
vap-profile vap_gust wlan 2
radio 2
vap-profile vap_gust wlan 2
ap-id 1 type-id 56 ap-mac 00e0-fc9d-3740 ap-sn 21023544831080558718
ap-name jx001
ap-group jiaoxue
provision-ap
<AC6605>

路由器AR1配置如下：

<AR1>dis cu
[V200R003C00]
#
sysname AR1
#
undo info-center enable
#
interface GigabitEthernet0/0/0
ip address 192.168.200.2 255.255.255.252
#
ip route-static 192.168.101.0 255.255.255.0 192.168.200.1
ip route-static 192.168.102.0 255.255.255.0 192.168.200.1

交换机lsw2配置：

<lsw2>dis cu
#
sysname lsw2
#
undo info-center enable
#
vlan batch 100 to 102 200
#
dhcp enable
#
interface Vlanif101
ip address 192.168.101.254 255.255.255.0
dhcp select interface
dhcp server lease day 8 hour 0 minute 0
dhcp server dns-list 8.8.8.8
#
interface Vlanif102
ip address 192.168.102.254 255.255.255.0
dhcp select interface
#
interface Vlanif200
ip address 192.168.200.1 255.255.255.252
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 100 102
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 100 to 102
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 200

交换机lsw1配置：

<lsw1>dis cu
#
sysname lsw1
#
undo info-center enable
#
vlan batch 100 102
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk pvid vlan 100
port trunk allow-pass vlan 100 102
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 100 102

附上配置命令：

附上配置命令：
wlan隧道转发配置如下：
[AC6605]capwap source interface Vlanif 100
[AC6605]wlan
[AC6605-wlan-view]ap au
[AC6605-wlan-view]ap auth-mode ?
mac-auth MAC authenticated mode, default authenticated mode
no-auth No authenticated mode
sn-auth SN authenticated mode
[AC6605-wlan-view]ap auth-mode mac-auth
[AC6605-wlan-view]ap-id 1 ap-mac 00e0-fc9d-3740
[AC6605-wlan-ap-1]ap-name jx001
[AC6605-wlan-ap-1]ap-group jiaoxue
Warning: This operation may cause AP reset. If the country code changes, it will
clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC6605]dis ap all
Info: This operation may take a few seconds. Please wait for a moment.done.
Total AP information:
fault: fault [1]
——————————————————————————–
ID MAC Name Group IP Type State STA Uptime
——————————————————————————–

1 00e0-fc9d-3740 jx001 jiaoxue – AP6050DN fault 0 –
——————————————————————————–
Total: 1

[AC6605]dis ap all
Info: This operation may take a few seconds. Please wait for a moment.done.
Total AP information:
nor : normal [1]
——————————————————————————–
————-
ID MAC Name Group IP Type State STA Upti
me
——————————————————————————–
————-
1 00e0-fc9d-3740 jx001 jiaoxue 192.168.100.239 AP6050DN nor 0 3S
——————————————————————————–
————-
Total: 1
[AC6605]

Please check whether system data has been changed, and save data in time

Configuration console time out, please press any key to log on

<AC6605>
[AC6605]wlan
[AC6605-wlan-view]security-profile name sec_work
[AC6605-wlan-sec-prof-sec_work]security wpa-wpa2 psk pass-phrase a1234567 aes
[AC6605-wlan-sec-prof-sec_work]q
[AC6605-wlan-view]q

[AC6605]wlan
[AC6605-wlan-view]ssid-profile name profile_work
[AC6605-wlan-ssid-prof-profile_work]ssid work
Warning: This action may cause service interruption. Continue?[Y/N]y
Info: This operation may take a few seconds, please wait…done.

[AC6605-wlan-ssid-prof-profile_work]q
[AC6605-wlan-view]vap-profile name vap_work
[AC6605-wlan-vap-prof-vap_work]forward-mode tunnel
Info: This operation may take a few seconds, please wait.done.
[AC6605-wlan-vap-prof-vap_work]service-vlan vlan-id 101
Info: This operation may take a few seconds, please wait.done.
[AC6605-wlan-vap-prof-vap_work]security-profile sec_work
Info: This operation may take a few seconds, please wait.done.
[AC6605-wlan-vap-prof-vap_work]q
[AC6605-wlan-view]ap-group name jiaoxue
[AC6605-wlan-ap-group-jiaoxue]vap-profile vap_work wlan 1 radio 0
Info: This operation may take a few seconds, please wait…done.
[AC6605-wlan-ap-group-jiaoxue]
[AC6605-wlan-ap-group-jiaoxue]vap-profile vap_work wlan 1 radio 1
Info: This operation may take a few seconds, please wait…done.
[AC6605-wlan-view]vap-profile name vap_work
[AC6605-wlan-vap-prof-vap_work]ssi
[AC6605-wlan-vap-prof-vap_work]ssid-profile pro
[AC6605-wlan-vap-prof-vap_work]ssid-profile profile_work
Warning: This action may cause service interruption. Continue?[Y/N]y
Info: This operation may take a few seconds, please wait…done.
访客配置：直接转发
[AC6605]wlan

[AC6605-wlan-view]ssid-profile name profile_gust
[AC6605-wlan-ssid-prof-profile_gust]ssid gust
Info: This operation may take a few seconds, please wait.done.

[AC6605-wlan-ssid-prof-profile_gust]q
[AC6605-wlan-view]vap-profile name vap_gust
[AC6605-wlan-vap-prof-vap_gust]forward-mode direct-forward

[AC6605-wlan-vap-prof-vap_gust]service-vlan vlan-id 102
Info: This operation may take a few seconds, please wait.done.

[AC6605-wlan-vap-prof-vap_gust]security-profile sec_work /绑定安全认证模版，绑定之后需要输入模版的密码a1234567
Warning: This action may cause service interruption. Continue?[Y/N]y
Info: This operation may take a few seconds, please wait…done.
[AC6605-wlan-vap-prof-vap_gust]ssid-profile profile_gust /代表绑定哪个ssid
Warning: This action may cause service interruption. Continue?[Y/N]y
Info: This operation may take a few seconds, please wait…done.
[AC6605-wlan-vap-prof-vap_gust]q

[AC6605-wlan-view]ap-group name jiaoxue

[AC6605-wlan-ap-group-jiaoxue]vap-profile vap_gust wlan 2 radio all
Info: This operation may take a few seconds, please wait…done.
[AC6605-wlan-ap-group-jiaoxue]