H3C WX系列AC下两个FIT AP桥接配置一、 组网需求
无线控制器(AC)、无线接入点(FIT AP)、无线笔记本
二、 组网图
本次配置举例中使用AC为WX3010,FIT AP为WA2210-AG/WA2220-AG,AC作为DHCP 服务器,AP在AC上自动获取IP地址(192.168.1.0),并在AC上注册成功;笔记终端通过5GHz接入无线服务,在AC上获取IP地址(192.168.2.0),并通过AC转发外网数据。
三、 特性介绍
无线网桥是无线射频技术和传统的有线网桥技术相结合的产物,无线网桥可以无缝地将相隔较远距离的局域网络连接在一起,创建统一的企业或小型城域网络系统,在最简单的网络构架中,网桥的以太网端口连接到局域网中的某个接入层的交换机上,信号发射端口则通过电缆和天线相连接;通过这样的方式实现现有网络系统的扩展。其优势和特点就是省去了有线的架设难度,可以简单的将有线网络或者无线网络孤岛连接到一个现有的网络中,或者将几个有线或者无线网络的孤岛链接一个局域网络。并且在两点之间提供数据传输,具备基本功能:
? 链路的建立:通过在对等体之间交换消息来建立连接
? 链路的安全:提供PSK+CCMP的无线安全连接
AC + FIT AP建立桥接组网中,近端AP 2通过有线与AC通信,远端AP 1是通过默认的桥接与AP 2建立桥接连接(该桥接可以维持2分钟,2分钟之后将断开连接),AP 1通过默认的桥接链路到AC注册,并下载新的桥接配置,然后使用新的桥接配置建立桥接关系。AP 1上通过无线接入的终端数据报文,使用桥接链路将数据报文上传到AC,由AC统一转发;如果数据报文从AP的以太网口传送过来,那数据报文通过桥接链路传送到AP 2之后,AP 2二层转发数据。
四、 主要配置步骤
1. 开启端口安全
[AC]port-security enable
2. 使能MKD服务绑定,为Mesh Profile使能MKD服务
[AC]mkd-service enable mesh-profile 1
3. 配置桥接接口
[AC]int wlan-mesh 1
[AC-WLAN-MESH1] port link-type trunk
[AC-WLAN-MESH1] port trunk permit vlan all
[AC-WLAN-MESH1]port-security port-mode psk
[AC-WLAN-MESH1] port-security tx-key-type 11key
[AC-WLAN-MESH1]port-security preshared-key pass-phrase mesh1234
4. 配置桥接mesh-profile
[AC]wlan mesh-profile 1
[AC-wlan-mshp-1]mesh-id mesh1
[AC-wlan-mshp-1]bind WLAN-MESH 1
[AC-wlan-mshp-1]mesh-profile enable
5. 配置无线服务
[AC]wlan ser 1 clear
[AC-wlan-st-1]wlan service-template 1 clear
[AC-wlan-st-1]ssid H3C-WLAN
[AC-wlan-st-1]bind WLAN-ESS 0
[AC-wlan-st-1]service-template enable
6. 配置AP模板
[AC]wlan ap 1 model WA2220-AG id 1
[AC-wlan-ap-1]serial-id 000F-E2F2-0340
[AC-wlan-ap-1]radio 1
[AC-wlan-ap-1-radio-1]service-template 1
[AC-wlan-ap-1-radio-1] radio enable
[AC-wlan-ap-1-radio-1]quit
[AC-wlan-ap-1]radio 2
[AC-wlan-ap-1-radio-2]channel 11
[AC-wlan-ap-1-radio-2]mesh-profile 1
[AC-wlan-ap-1-radio-2]mesh peer-mac-address 0023-892f-42a0
[AC-wlan-ap-1-radio-2]radio enable
[AC]wlan ap 2 model WA2210-AG id 2
[AC-wlan-ap-2] serial-id 0023-892F-42A0
[AC-wlan-ap-2] portal-service enable
[AC-wlan-ap-2]radio 1
[AC-wlan-ap-2-radio-1]channel 11
[AC-wlan-ap-2-radio-1]mesh-profile 1
[AC-wlan-ap-2-radio-1]mesh peer-mac-address 0023-892f-42a0
[AC-wlan-ap-2-radio-1]radio enable
AP 1为远端AP,AP 2 为近端AP。
五、 配置信息:
1. AC软件版本
[AC]_ ver
H3C Comware Platform Software
Comware Software, Version 5.20, Release 3111P12
Comware Platform Software Version COMWAREV500R002B71D024
H3C WX3010 Software Version V300R001B71D024
Copyright (c) 2004-2011 Hangzhou H3C Tech. Co., Ltd. All rights reserved.
Compiled Nov 29 2011 16:26:24, RELEASE SOFTWARE
H3C WX3010 uptime is 0 week, 0 day, 23 hours, 32 minutes
H3C WX3010 with 1 RMI XLS 208 750MHz Processor
256M bytes DDR2
56M bytes Flash Memory
Config Register points to FLASH
Hardware Version is Ver.A
CPLD Version is 003
Basic Bootrom Version is 1.16
Extend Bootrom Version is 1.16
[Slot 0]WX3010LSW Hardware Version is NA
[Slot 1]WX3010RPU Hardware Version is Ver.A
2. 配置信息
dis cu #
version 5.20, Release 3111P12
#
sysname AC
#
domain default enable system
#
telnet server enable
#
port-security enable
#
portal trap server-down
#
oap management-ip 192.168.0.101 slot 0
#
vlan 1
#
vlan 2 to 100
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
dhcp server ip-pool 1
network 192.168.1.0 mask 255.255.255.0
gateway-list 192.168.1.1
#
dhcp server ip-pool 2
network 192.168.2.0 mask 255.255.255.0
gateway-list 192.168.2.1
#
user-group system
#
local-user admin
password simple admin
authorization-attribute level 3
access-limit 1024
service-type telnet
#
wlan mesh-profile 1
mesh-id mesh1
bind WLAN-MESH 1
mesh-profile enable
#
wlan rrm
dot11a mandatory-rate 6 12 24
dot11a supported-rate 9 18 36 48 54
dot11b mandatory-rate 1 2
dot11b supported-rate 5.5 11
dot11g mandatory-rate 1 2 5.5 11
dot11g supported-rate 6 9 12 18 24 36 48 54
#
wlan service-template 1 clear
ssid H3C-WLAN
bind WLAN-ESS 0
service-template enable
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.1.1 255.255.255.0
#
interface Vlan-interface2
ip address 192.168.2.1 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-type trunk
port trunk permit vlan all
#
interface WLAN-ESS0
#
interface WLAN-ESS1
port access vlan 2
#
interface WLAN-MESH1
port link-type trunk
port trunk permit vlan all
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase cipher 2MbQwnFxVIuBQNiR6GZCew==
#
wlan ap 1 model WA2220-AG id 1
serial-id 000F-E2F2-0340
radio 1
service-template 1
radio enable
radio 2
channel 11
mesh-profile 1
mesh peer-mac-address 0023-892f-42a0
radio enable
#
wlan ap 2 model WA2210-AG id 2
serial-id 0023-892F-42A0
portal-service enable
radio 1
channel 11
mesh-profile 1
mesh peer-mac-address 000f-e2f2-0340
mesh peer-mac-address 000f-e2f2-0350
radio enable
#
dhcp enable
#
mkd-service enable mesh-profile 1
#
load xml-configuration
#
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
user privilege level 3
#
return
六、 结果验证:
1. 查看桥接链路
[WA2210-AG]dis wlan mesh-link all
Peer Link Information
--------------------------------------------------------------
Nbr-Mac BSSID Interface Link-state Uptime (hh:mm:ss)
--------------------------------------------------------------000f-e2f2-0350 0023-892f-42a0 WLAN-MESHLINK7 Active 5: 8:50
2. 查看桥接链路详细信息
[WA2210-AG-hidecmd]dis wlan mesh neighbors all
Mesh Neighbor Parameters
--------------------------------------------------------------
Neighbor MINDEX :20488
BSS ID :0023-892f-42a0
Peer Mac Addr :000f-e2f2-0350
Mesh ID :mesh1
Neighbor state :Connected peer
Mean RSSI :84
Zero Config State :No
--------------------------------------------------------------
Link FSM State :Established
Peer's LinkId :0008
Interface Index :00CC0000
--------------------------------------------------------------
[WA2210-AG-hidecmd]
3. 查看接入终端信息
[AC]dis wlan cl
Total Number of Clients : 1
Total Number of Clients Connected : 1
Client Information
MAC Address BSSID AID State PS Mode QoS Mode
--------------------------------------------------------------
001e-654c-6708 000f-e2f2-0340 1 Running Active WMM
--------------------------------------------------------------
[AC]
4. 终端ping AC
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作