WX5002对无线客户端访问控制功能的典型配置(1)
适用WX5002版本:Comware Software, Version 5.20, Release 1106P01
一、组网需求
WX5002、WA2110、H3C POE交换机、便携机(安装有11b/g无线网卡)
二、组网图
假设WA2110的序列号为210235A22W0074000003。
使用的SSID的名称为h3c-qos。
只允许无线客户端访问192.168.1.10的主机,不允许访问其它任何地址。
三、WX交换机的典型配置
#
version 5.20, Release 1106P01
#
sysname H3C
#
domain default enable system
#
undo l2fw fast-forwarding
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
traffic classifier 1 operator and
if-match acl 3000
#
traffic behavior 1
filter deny
#
qos policy 1
classifier 1 behavior 1
#
dhcp server ip-pool pool1
network 192.168.1.0 mask 255.255.255.0
gateway-list 192.168.1.254
expired day 3
#
acl number 3000
rule 0 deny ip destination 192.168.1.10 0
rule 5 permit ip
#
wlan service-template 1 clear
ssid h3c-qos
bind WLAN-ESS 1
authentication-method open-system
service-template enable
#
wlan rrm
11a mandatory-rate 6 12 24
11a supported-rate 9 18 36 48 54
11b mandatory-rate 1 2
11b supported-rate 5.5 11
11g mandatory-rate 1 2 5.5 11
11g supported-rate 6 9 12 18 24 36 48 54
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.1.99 255.255.255.0
#
interface GigabitEthernet1/0/1
#
interface GigabitEthernet1/0/2
#
interface M-Ethernet1/0/1
#
interface WLAN-ESS1
qos apply policy 1 inbound
#
wlan ap ap1 model WA2100
serial-id 210235A22W0074000003
radio 1
service-template 1
radio enable
#
ip route-static 0.0.0.0 0.0.0.0 192.168.1.254
#
dhcp server forbidden-ip 192.168.1.10
dhcp server forbidden-ip 192.168.1.99
dhcp server forbidden-ip 192.168.1.254
#
dhcp enable
#
load xml-configuration
#
user-interface aux 0
user-interface vty 0 4
#
return
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作