WA4320-ACN-SI 胖AP WDS桥接后无法上网的问题
- 0关注
- 1收藏,1381浏览
问题描述:
用两台胖模式的WA4320-ACN-SI进行WDS桥接
1号AP做主路由器,配置好拨号,mesh,无线服务,DHCP SERVER等,无线终端上网正常。
只有一个VLAN,即VLAN1,2.4G射频口建立无线服务ABC,并绑定MESH-PROFILE 1,5G射频口也建立一个ABC-5G无线服务
2号AP配置2.4G下的WDS,MESH接口和配置方面与1号AP相同,二者均未绑定对方的MAC地址,现在在两个AP的命令行下都可以用display wlan mesh-link all查看到mesh-link已经建立,且无线终端连接2号AP也可以获得到由1号AP的DHCP SERVER分配的IP地址和网关及DNS,但是连接在2呺AP下的无线终端却不能正常上网,手机显示WLAN已经连接,无网络。
在1号AP上用TELNET登录2号AP正常,且ping一个外网的IP地址也正常。
问题会出现在哪里呢?2号AP还需要配置默认路由吗?两个AP是二层桥接的呀
组网及组网描述:
无
- 2022-03-07提问
- 举报
-
(0)
最佳答案
AP1上的配置:
#
version 5.20, Release 1508P11
#
sysname WA4320_ZHU
#
domain default enable system
#
telnet server enable
#
port-security enable
#
password-recovery enable
#
undo attack-defense tcp fragment enable
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
dhcp server ip-pool vlan10 extended
network ip range 192.168.10.101 192.168.10.200
network mask 255.255.255.0
gateway-list 192.168.10.1
dns-list 202.96.64.68 180.76.76.76
#
user-group system
group-attribute allow-guest
#
local-user admin
password cipher $c$3$eUx7gBX8sHlgaxD1/H1p9KzswNz2JDSkUWqpnus=
authorization-attribute level 3
service-type telnet
service-type web
#
wlan mesh-profile 1
mesh-id bri
bind WLAN-MESH 1
mesh-profile enable
#
wlan rrm
dot11a mandatory-rate 6 12 24
dot11a supported-rate 9 18 36 48 54
dot11b mandatory-rate 1 2
dot11b supported-rate 5.5 11
dot11g mandatory-rate 1 2 5.5 11
dot11g supported-rate 6 9 12 18 24 36 48 54
#
wlan service-template 1 crypto
ssid ABC-5G
cipher-suite ccmp
security-ie rsn
service-template enable
#
wlan service-template 2 crypto
ssid ABC
cipher-suite ccmp
security-ie rsn
service-template enable
#
cwmp
undo cwmp enable
#
interface Dialer1
nat outbound
link-protocol ppp
ppp chap user 123456786
ppp chap password cipher $c$3$DmFoh63HbhgsRMMrUVlvfCXxSLn2Bwp8oA==
ppp pap local-user 12345678 password cipher $c$3$jdd4tJPXQ+735QP4n8KaCb+Xzy8NcNcGPg==
ppp ipcp dns request
mtu 1480
ip address ppp-negotiate
dialer user pppoeclient
dialer-group 1
dialer bundle 1
#
interface NULL0
#
interface Vlan-interface1
pppoe-client dial-bundle-number 1
ip address 192.168.10.1 255.255.255.0
dhcp server apply ip-pool vlan10
#
interface GigabitEthernet1/0/1
#
interface WLAN-MESH1
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase cipher $c$3$vaJdmyoslTQvypjMpacZqEO6Paju2JMpw2VIrLLk5bg=
#
interface WLAN-BSS1
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase cipher $c$3$fvSjloZxjPSCHqZHfNG7jEvBhyQO04dep+TAv7HVcfM=
#
interface WLAN-BSS2
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase cipher $c$3$vfT1aaJbfMJFirxWHc8d9pkkBDNIWw2/TUKIRcYf3Po=
#
interface WLAN-Radio1/0/1
channel 40
service-template 1 interface wlan-bss 1
#
interface WLAN-Radio1/0/2
channel 11
service-template 2 interface wlan-bss 2
mesh-profile 1
#
ip route-static 0.0.0.0 0.0.0.0 Dialer1
#
dhcp enable
#
dialer-rule 1 ip permit
#
load xml-configuration
#
load tr069-configuration
#
user-interface con 0
user-interface vty 0 4
authentication-mode scheme
#
return
AP2上只做了无线MESH,无线服务,与AP1相同,只在5G射频接口下的工作信道不同,为157。VLAN1接口IP为为192.168.10.2/24。
# version 5.20, Release 1508P11
# sysname WA4320_FU
# domain default enable system
# telnet server enable
# port-security enable
# password-recovery enable
# undo attack-defense tcp fragment enable
# vlan 1
# domain system access-limit disable state active idle-cut disable self-service-url disable
# user-group system
group-attribute allow-guest
# local-user admin password cipher $c$3$eUx7gBX8sHlgaxD1/H1p9KzswNz2JDSkUWqpnus=
authorization-attribute level 3
service-type telnet
service-type web
# wlan mesh-profile 1
mesh-id bri
bind WLAN-MESH 1
mesh-profile enable
# wlan rrm dot11a
mandatory-rate 6 12 24
dot11a supported-rate 9 18 36 48 54
dot11b
mandatory-rate 1 2
dot11b
supported-rate 5.5 11
dot11g mandatory-rate 1 2 5.5 11
dot11g supported-rate 6 9 12 18 24 36 48 54
# wlan service-template 1 crypto
ssid ABC-5G
cipher-suite ccmp
security-ie rsn
service-template enable
# wlan service-template 2 crypto
ssid ABC cipher-suite
ccmp security-ie rsn
service-template enable
# cwmp
undo cwmp enable
# interface NULL0
# interface Vlan-interface1
ip address 192.168.10.2 255.255.255.0
# interface GigabitEthernet1/0/1
# interface WLAN-MESH1
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase cipher $c$3$vaJdmyoslTQvypjMpacZqEO6Paju2JMpw2VIrLLk5bg=
# interface WLAN-BSS1
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase cipher $c$3$fvSjloZxjPSCHqZHfNG7jEvBhyQO04dep+TAv7HVcfM=
# interface WLAN-BSS2
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase cipher $c$3$vfT1aaJbfMJFirxWHc8d9pkkBDNIWw2/TUKIRcYf3Po=
# interface WLAN-Radio1/0/1
channel 157
service-template 1 interface wlan-bss 1
# interface WLAN-Radio1/0/2
channel 11
service-template 2 interface wlan-bss 2
mesh-profile 1
# dhcp enable
# load xml-configuration
# load tr069-configuration
# user-interface
con 0
user-interface vty 0 4
authentication-mode scheme
# return
- 2022-03-07回答
- 评论(0)
- 举报
-
(0)
确保AP1上用vlan1到外网可达,修改加密方式不加密看是否加密有关,检查组网是否有对终端的限制,包过滤或者安全设备的限制等
- 2022-03-07回答
- 评论(1)
- 举报
-
(0)
AP1上访问外网正常,其下连的无线终端上网也正常
编辑答案
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
- 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
- 3. 是哪家企业?(营业执照,单位登记证明等证件)
- 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
抄袭了我的内容
×
原文链接或出处
诽谤我
×
- 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
对根叔社区有害的内容
×
不规范转载
×
举报说明