组网及说明
组网说明:
本案例采用H3C HCL模拟器来模拟AC+AP跨公网注册的典型组网,现有分部的一台AP,要在总部的AC注册上线,因此需要完成AC+AP跨公网的注册来满足需求。
特别说明:
1、组网采用AC+AP跨公网注册,并采用集中转发的方式。
2、vlan 10用于AP注册上线,vlan 20用于无线业务的接入。
3、开局前请注意收集AP的序列号,一般在AP的表面或使用命令行dis device manunifo查看。
配置思路:
1、按照网络拓扑图完成交换机VLAN配置、路由器和AC1的IP地址配置。
2、按照网络拓扑图配置路由。
3、R1与R2均分别配置NAT
4、在R2将AC1映射到外网。
5、在AC1完成AP注册上线配置及无线接入的配置。
配置步骤
(1)SW1:
<H3C>sys
System View: return to User View with Ctrl+Z.
[H3C]sysname SW1
[SW1]vlan 10
[SW1-vlan10]quit
[SW1]vlan 20
[SW1-vlan20]quit
[SW1]int gi 1/0/1
[SW1-GigabitEthernet1/0/1]po acc vlan 10
[SW1-GigabitEthernet1/0/1]quit
[SW1]vlan 100
[SW1-vlan100]quit
[SW1]int vlan 100
[SW1-Vlan-interface100]ip address 10.0.0.1 30
[SW1-Vlan-interface100]quit
[SW1]int gi 1/0/2
[SW1-GigabitEthernet1/0/2]po li tr
[SW1-GigabitEthernet1/0/2]undo po tr pe vlan 1
[SW1-GigabitEthernet1/0/2]po tr pe vlan 10 20 100
[SW1-GigabitEthernet1/0/2]quit
[SW1]int vlan 10
[SW1-Vlan-interface10]ip address 192.168.10.1 24
[SW1-Vlan-interface10]quit
[SW1]int vlan 20
[SW1-Vlan-interface20]ip address 192.168.20.1 24
[SW1-Vlan-interface20]quit
[SW1]int gi 1/0/2
[SW1-GigabitEthernet1/0/2]port link-mode route
[SW1-GigabitEthernet1/0/2]ip address 10.0.0.1 30
[SW1-GigabitEthernet1/0/2]quit
[SW1]ospf 1 router-id 10.0.0.1
[SW1-ospf-1]area 0.0.0.0
[SW1-ospf-1-area-0.0.0.0]network 10.0.0.0 0.0.0.3
[SW1-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0]quit
[SW1]dhcp enable
[SW1]dhcp server ip-pool vlan10
[SW1-dhcp-pool-vlan10]network 192.168.10.0 mask 255.255.255.0
[SW1-dhcp-pool-vlan10]gateway-list 192.168.10.1
[SW1-dhcp-pool-vlan10]option 138 ip-address 202.1.100.2
[SW1-dhcp-pool-vlan10]quit
[SW1]dhcp server ip-pool vlan20
[SW1-dhcp-pool-vlan20]network 192.168.20.0 mask 255.255.255.0
[SW1-dhcp-pool-vlan20]gateway-list 192.168.20.1
[SW1-dhcp-pool-vlan20]dns-list 114.114.114.114
[SW1-dhcp-pool-vlan20]quit
(2)R1:
<H3C>sys
System View: return to User View with Ctrl+Z.
[H3C]sysname R1
[R1]vlan 10
[R1-vlan10]quit
[R1]vlan 20
[R1-vlan20]quit
[R1]vlan 100
[R1-vlan100]quit
[R1]int vlan 100
[R1-Vlan-interface100]ip address 10.0.0.2 30
[R1-Vlan-interface100]quit
[R1]int gi 0/1
[R1-GigabitEthernet0/1]port link-mode bridge
[R1-GigabitEthernet0/1]po li tr
[R1-GigabitEthernet0/1]undo po tr pe vlan 1
[R1-GigabitEthernet0/1]po tr pe vlan 10 20 100
[R1-GigabitEthernet0/1]quit
[R1]vlan 10
[R1-vlan10]quit
[R1]vlan 20
[R1-vlan20]quit
[R1]vlan 200
[R1-vlan200]quit
[R1]int vlan 200
[R1-Vlan-interface200]ip address 202.1.100.1 30
[R1-Vlan-interface200]nat outbound
[R1-Vlan-interface200]quit
[R1]int gi 0/0
[R1-GigabitEthernet0/0]port link-mode bridge
[R1-GigabitEthernet0/0]po li tr
[R1-GigabitEthernet0/0]undo po tr pe vlan 1
[R1-GigabitEthernet0/0]po tr pe vlan 10 20 200
[R1-GigabitEthernet0/0]quit
[R1]ip route-static 0.0.0.0 0.0.0.0 202.1.100.2
[R1]ospf 1 router-id 10.0.0.2
[R1-ospf-1]area 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.0.0 0.0.0.3
[R1-ospf-1-area-0.0.0.0]quit
[R1-ospf-1]import-route static
[R1-ospf-1]default-route-advertise type 2
[R1-ospf-1]quit
[R1]
(3)R2
<H3C>sys
System View: return to User View with Ctrl+Z.
[H3C]sysname R2
[R2]vlan 10
[R2-vlan10]quit
[R2]vlan 20
[R2-vlan20]quit
[R2]vlan 100
[R2-vlan100]quit
[R2]int vlan 100
[R2-Vlan-interface100]ip address 10.1.1.2 30
[R2-Vlan-interface100]quit
[R2]vlan 200
[R2-vlan200]quit
[R2]int vlan 200
[R2-Vlan-interface200]ip address 202.1.100.2 30
[R2-Vlan-interface200]nat outbound
[R2-Vlan-interface200]nat server global current-interface inside 10.1.1.1
[R2-Vlan-interface200]quit
[R2]int gi 0/0
[R2-GigabitEthernet0/0]port link-mode bridge
[R2-GigabitEthernet0/0]po li tr
[R2-GigabitEthernet0/0]undo po tr pe vlan 1
[R2-GigabitEthernet0/0]po tr pe vlan 10 20 200
[R2-GigabitEthernet0/0]quit
[R2]int gi 0/1
[R2-GigabitEthernet0/1]port link-mode bridge
[R2-GigabitEthernet0/1]po li tr
[R2-GigabitEthernet0/1]undo po tr pe vlan 1
[R2-GigabitEthernet0/1]po tr pe vlan 10 20 100
[R2-GigabitEthernet0/1]quit
[R2]ip route-static 0.0.0.0 0.0.0.0 202.1.100.2
(4)AC1
<H3C>sys
System View: return to User View with Ctrl+Z.
[H3C]sysname AC1
[AC1]ip route-static 0.0.0.0 0.0.0.0 10.1.1.2
[AC1]vlan 10
[AC1-vlan10]quit
[AC1]vlan 20
[AC1-vlan20]quit
[AC1]vlan 100
[AC1-vlan100]quit
[AC1]int vlan 100
[AC1-Vlan-interface100]ip address 10.1.1.1 30
[AC1-Vlan-interface100]quit
[AC1]int gi 1/0/1
[AC1-GigabitEthernet1/0/1]po li tr
[AC1-GigabitEthernet1/0/1]undo po tr pe vlan 1
[AC1-GigabitEthernet1/0/1]po tr pe vlan 10 20 100
[AC1-GigabitEthernet1/0/1]quit
[AC1]wlan auto-ap enable
[AC1]wlan auto-persistent enable
[AC1]wlan global-configuration
[AC1-wlan-global-configuration]firmware-upgrade disable
[AC1-wlan-global-configuration]quit
[AC1]wlan service-template weijianing
[AC1-wlan-st-weijianing]ssid weijianing
[AC1-wlan-st-weijianing]vlan 20
[AC1-wlan-st-weijianing]client forwarding-location ac
[AC1-wlan-st-weijianing]service-template enable
[AC1-wlan-st-weijianing]quit
[AC1]wlan ap AP1 model WA6320-HCL
[AC1-wlan-ap-AP1]serial-id H3C_b2-1a-44-95-05-00
[AC1-wlan-ap-AP1]vlan 10
[AC1-wlan-ap-AP1-vlan10]quit
[AC1-wlan-ap-AP1]vlan 20
[AC1-wlan-ap-AP1-vlan20]quit
[AC1-wlan-ap-AP1]radio 1
[AC1-wlan-ap-AP1-radio-1]radio enable
[AC1-wlan-ap-AP1-radio-1]service-template weijianing
[AC1-wlan-ap-AP1-radio-1]quit
[AC1-wlan-ap-AP1]radio 2
[AC1-wlan-ap-AP1-radio-2]radio enable
[AC1-wlan-ap-AP1-radio-2]service-template weijianing
[AC1-wlan-ap-AP1-radio-2]quit
[AC1-wlan-ap-AP1]quit
在AC1查看AP已注册上线。
(5)测试
加入手机进来并启动
选中手机,右键点击“配置”
打开WIFI
选中要连接的SSID,并打开。
手机能获取到IP地址
手机能PING通外网IP
在AC1能看到手机注册上线的信息。
至此,AC+AP跨公网注册典型组网配置案例(集中转发)已完成!