華爲無線AC,AC案例

路由器的基本配置

[Huawei]interface GigabitEthernet 0/0/2

[Huawei-GigabitEthernet0/0/2]ip address 11.0.0.1 30

[Huawei]int LoopBack 1

[Huawei-LoopBack1]ip add 1.1.1.1 30

AC的配置

規劃vlan ：vlan 102 爲上行和路由器接口vlan ，vlan100爲AC管理vlan  ，vlan101爲AP下發業務vlan.

[AC6605]vlan batch 100 101 102

[AC6605]dhcp enable

[AC6605]int vlan 100

[AC6605-Vlanif100]ip address 192.168.100.1 24

[AC6605-Vlanif100]dhcp select interface 

[AC6605]int vlan 101

[AC6605-Vlanif101]ip add 192.168.101.1 24

[AC6605-Vlanif101]dhcp select interface

[AC6605-Vlanif101]dhcp server dns-list 8.8.8.8 

[AC6605]int vlan 102

[AC6605-Vlanif102]ip address 11.0.0.2 30

[AC6605]ip route 0.0.0.0 0 11.0.0.1

[AC6605-GigabitEthernet0/0/2]port hybrid pvid vlan 102

[AC6605-GigabitEthernet0/0/2]port hybrid untagged vlan 102

配置AC的wlan功能

[AC6605]wlan ac-global carrier id cmcc ac id 1    AC編號爲一、運營商爲cmcc

[AC6605]wlan

[AC6605-wlan-view]ac sysnetid ac01   網元名稱爲ac01

[AC6605-wlan-view]wlan ac source interface vlan 100   用管理vlan100

por爲下面AP創建隧道

[AC6605]interface GigabitEthernet 0/0/1

[AC6605-GigabitEthernet0/0/1]port link-type trunk 

[AC6605-GigabitEthernet0/0/1]port trunk pvid vlan 100

[AC6605-GigabitEthernet0/0/1]port trunk allow-pass vlan 100 101   

配置AP上線

[AC6605]wlan 

[AC6605-wlan-view]ap-auth-mode mac-auth      用AP的MAC認證

[AC6605-wlan-view]ap id 1 type-id 19 mac 00e0-fc7a-39a0    輸入ap的MAC地址

配置區域

[AC6605-wlan-view]ap-region id 1    至關創建個區域編號爲1 ，也能夠任意定義

[AC6605-wlan-ap-r]ap id 1    把第一臺AP加入

[AC6605-wlan-ap-1]region-id 1  實行加入區域1

配置wmm模版

[AC6605-wlan-view]wmm-profile id 1 name wmm   配置wmm模版名字爲wmm

[AC6605-wlan-view]radio-profile id 1 name radio    配置射頻模版名字爲radio

[AC6605-wlan-view]security-profile id 1 name secu   配置安全模版名字爲secu

                                   security-policy wep 

                                    wep authentication-method share-key          在安全模版下調用密碼， 這個可選。

                                     wep key wep-40 pass-phrase 0 cipher    xxxxx

[AC6605-wlan-view]traffic-profile id 1 name tarff      配置流量模版名字爲tarff

[AC6605-wlan-view]radio-profile id 1    進入射頻模版

[AC6605-wlan-radio-prof-radio]wmm-profile id 1

建立服務集

[AC6605]int Wlan-Ess 1

[AC6605-Wlan-Ess1]port hybrid pvid vlan 101 

[AC6605-Wlan-Ess1]port hybrid untagged vlan 101

[AC6605]wlan

[AC6605-wlan-view]service-set id 1 name s01

[AC6605-wlan-service-set-s01]wlan-ess 1

[AC6605-wlan-service-set-s01]traffic-profile id 1

[AC6605-wlan-service-set-s01]security-profile id 1

[AC6605-wlan-service-set-s01]ssid huawei

[AC6605-wlan-service-set-s01]service-vlan 101

創建虛擬ap

[AC6605-wlan-view]ap  1 radio 0          radio 0意思是工做頻率2.4GH      若是是radio 1 工做頻率是5GH

[AC6605-wlan-radio-1/0]radio-profile id 1         服務集推給AP

[AC6605-wlan-radio-1/0]service-set id 1             綁定射頻模版

[AC6605-wlan-view]commit ap 1                         下發給AP1 ，此命令是必不可少

可選：配置同一個網段中，不能互訪ping

[AC6605-wlan-view]service-set id 1    1表示某個AP的編號。

[AC6605-wlan-service-set-s01]user-isolate     拒絕互訪

[AC6605-wlan-view]commit ap 1      最後要記得應用到AP才能生效。