小型校园网wlan案例实验
配置如下:
[AC6605]dis cu
#
vlan batch 10
#
interface Vlanif10
ip address 172.16.10.100 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 10
#
capwap source interface vlanif10
#
wlan
traffic-profile name default
security-profile name laoshi
security wpa-wpa2 psk pass-phrase %^%#jxMEWV;djP[aR<4H$#^U{5,l$RHG7MD!u%VAd**D
%^%# aes
security-profile name default
security-profile name lingdao
security wpa-wpa2 psk pass-phrase %^%#ih2>UZ&xADY63,(DjmjAg)^x9(ev[0W$\:F0$\{!
%^%# aes
security-profile name default-wds
security-profile name default-mesh
ssid-profile name laoshi
ssid laoshi
ssid-profile name default
ssid-profile name lingdao
ssid lingdao
vap-profile name laoshi
service-vlan vlan-id 30
ssid-profile laoshi
security-profile laoshi
vap-profile name default
vap-profile name lingdao
service-vlan vlan-id 20
ssid-profile lingdao
security-profile lingdao
ap-group name xuexiao
radio 0
vap-profile lingdao wlan 1
vap-profile laoshi wlan 2
radio 1
vap-profile lingdao wlan 1
vap-profile laoshi wlan 2
radio 2
vap-profile lingdao wlan 1
vap-profile laoshi wlan 2
ap-id 0 type-id 56 ap-mac 00e0-fc17-4b50 ap-sn 2102354483109735BE4B
ap-group xuexiao
lsw1配置如下:
<lsw1>dis cu
#
sysname lsw1
#
undo info-center enable
#
vlan batch 10 20 30 100
#
dhcp enable
#
ip pool ap
gateway-list 172.16.10.1
network 172.16.10.0 mask 255.255.255.0
excluded-ip-address 172.16.10.100
dns-list 8.8.8.8
#
ip pool laoshi
gateway-list 172.16.30.1
network 172.16.30.0 mask 255.255.255.0
dns-list 8.8.8.8
#
ip pool lingdao
gateway-list 172.16.20.1
network 172.16.20.0 mask 255.255.255.0
dns-list 8.8.8.8
#
interface Vlanif10
ip address 172.16.10.1 255.255.255.0
dhcp select global
#
interface Vlanif20
ip address 172.16.20.1 255.255.255.0
dhcp select global
#
interface Vlanif30
ip address 172.16.30.1 255.255.255.0
dhcp select global
#
interface Vlanif100
ip address 10.10.10.1 255.255.255.0
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/4
port link-type trunk
port trunk allow-pass vlan 10 20 30
#
interface GigabitEthernet0/0/5
port link-type trunk
port trunk allow-pass vlan 10
#
ip route-static 0.0.0.0 0.0.0.0 10.10.10.2
lsw2配置如下:
[lsw2]dis cu
#
sysname lsw2
#
vlan batch 10 20 30
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20 30
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk pvid vlan 10
port trunk allow-pass vlan 10 20 30
AR1配置如下:
[AR1]dis cu
#
sysname AR1
#
acl number 2000
rule 5 permit source 172.16.0.0 0.0.255.255
#
interface GigabitEthernet0/0/0
ip address 10.10.10.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 64.1.1.1 255.255.255.0
nat outbound 2000
#
ip route-static 0.0.0.0 0.0.0.0 64.1.1.2
ip route-static 172.16.0.0 255.255.0.0 10.10.10.1
AR2配置如下:
<AR2>dis cu
#
sysname AR2
#
interface GigabitEthernet0/0/0
ip address 64.1.1.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 6.6.6.1 255.255.255.0
LSW3和LSW4无配置
ap中的vlan batch 20 30是通过ac进行下发配置生成的,本身未做任何配置。ap上线需要提供ap的mac地址或者sn号即可
vap包含啥东西,想实现啥效果
1.想让他放出什么wifi信号,lingdao,laoshi两个。关联ssid模板
2.想让他实现,从lingdao进来放到vlan 20,从老师进来放到vlan 30 配置service vlan id
3.想让他实现,领导密码a1234567,老师密码:b1234567,关联安全模板。
4.想让他实现,本地转发,(配置转发模式)
<00e0-fc17-4b50>dis cu
#
vlan batch 20 30
#
广播找ac原理如下:
无线上网现象:
ssid图:
中型wlan部署有线和无线实验
ospf的路由策略实验
路由过滤与路由策略实验
策略路由实验
企业通过dhcp中继自动获取ip地址原理分析
mpls部分php倒数第二跳抓包分析
mpls vpn ldp动态lsp配置
防火墙gre vpn隧道技术