EWP-WX2520X-LI怎么调试及添加ap(ewp-wx2510h-pwr如何设置)
问题描述:
怎么调试及帮定ap
组网及组网描述:
3小时前提问
手册:
https://www.h3c.com/cn/Service/Document_Software/Document_Center/Wlan/WX/WX2500X-LI/?category=474946
二层注册 案例:
1.2 配置需求及实现的效果
当AP的管理地址与AC的LAN口地址在同一个网段时,我们称之为二层注册。本案例实现WAC380 下联AP二层注册,配置无线加密,同时使用WAC360给下联的AP和无线客户端分配192.168.0.0/24的地址。
需要使用配置线登录设备Console口。具体操作参考《Console登录方法》。
2 组网图
配置步骤
1.1 登录命令行,配置国家码cn
#首次登入会出现如下提示,要求输入国家码。需要配置国家码为CN,如选择其他区域可能会造成部分功能无法使用。以下标红色部分为设备自动打印部分。加粗的CN是需要手动输入的国家码。
Press ENTER to get started.
Please set your country/region code.
Input ? to get the country code list, or input q to log out.
CN
1.2 配置DHCP服务,给AP和无线客户端分配地址
#全局开启dhcp功能
system-view
[H3C]dhcp enable
#配置地址池1
[H3C]dhcp server ip-pool 1
#分配192.168.0.0/24网段地址,网关为192.168.0.100,dns服务器地址为8.8.8.8 114.114.114.114
[H3C-dhcp-pool-1]network 192.168.0.0 mask 255.255.255.0
[H3C-dhcp-pool-1]gateway-list 192.168.0.100
[H3C-dhcp-pool-1]dns-list 8.8.8.8 114.114.114.114
[H3C-dhcp-pool-1]quit
1.3 配置无线加密服务模板
# 配置创建无线服务模板,ssid为test
[H3C] wlan service-template 1
[H3C-wlan-st-1] ssid test
# 配置AKM为PSK,配置PSK密钥,使用明文的字符串12345678作为共享密钥。
[H3C-wlan-st-1] akm mode psk
[H3C-wlan-st-1] preshared-key pass-phrase simple 12345678
# 配置CCMP为加密套件,配置WPA2为安全信息元素。
[H3C-wlan-st-1] cipher-suite ccmp
[H3C-wlan-st-1] security-ie rsn
# 使能无线服务模板。
[H3C-wlan-st-1] service-template enable
[H3C-wlan-st-1] quit
1.4 配置AP模板,并绑定无线加密服务模板
#创建型号为wap712c的AP模板,配置AP对应的序列号。有几个AP就需要配置几个AP模板。在两个射频上绑定服务模板。WAP712C为双射频AP,有两个射频口。如若是单射频AP,只需配置radio 1 即可。
[H3C]wlan ap ap1 model WAP712c
[H3C-wlan-ap-ap1]serial-id
[H3C-wlan-ap-ap1]radio 1
[H3C-wlan-ap-ap1-radio-1]service-template 1
[H3C-wlan-ap-ap1-radio-1]quit
[H3C-wlan-ap-ap1]radio 2
[H3C-wlan-ap-ap1-radio-2]service-template 1
[H3C-wlan-ap-ap1-radio-2]quit
[H3C-wlan-ap-ap1]quit
[H3C]wlan ap ap2 model WAP712c
[H3C-wlan-ap-ap2]serial-id
[H3C-wlan-ap-ap2]radio 1
[H3C-wlan-ap-ap2-radio-1]service-template 1
[H3C-wlan-ap-ap2-radio-1]quit
[H3C-wlan-ap-ap2]radio 2
[H3C-wlan-ap-ap2-radio-2]service-template 1
[H3C-wlan-ap-ap2-radio-2]quit
[H3C-wlan-ap-ap2]quit
#待大概1~5分钟左右,可以使用display wlan ap all查看。如若有状态为R/M的AP,说明AP正常上线。
display wlan ap all
Total Number of APs configured : 2
Total Number of configured APs connected : 2
Total Number of auto APs connected : 0
Total Number of APs connected : 0
Maximum AP capacity : 32
Remaining AP capacity : 32
AP Profiles
State : I = Idle, J = Join, JA = JoinAck, IL = ImageLoad
C = Config, R = Run, KU = KeyUpdate, KC = KeyCfm
M = Master, B = Backup
--------------------------------------------------------------------------------
AP Name State Model Serial-ID
--------------------------------------------------------------------------------
ap1 R/M WAP712C
ap2 R/M WAP712C
-------------------------------------------------------------------------------
1.5 保存配置
[H3C]save force
暂无
参考配置案例:
H3C无线控制器自动AP典型配置举例
二层网络注册配置举例
3 二层网络注册配置举例
3.1 组网需求
如图1所示,集中式转发架构下,AC旁挂在L2 switch1上,L3 switch做DHCP server为AP、Client和Host分配IP地址。需要实现无线客户端Client通过AP连接到AC上,并能与有线客户端Host互相访问,具体要求如下:
· 无线客户端Client通过VLAN
· AC属于VLAN 100,AC和AP之间通过二层网络建立连接。
· L2 switch 1通过PoE方式给AP供电。
图1 Fit AP通过二层网络注册到AC配置举例组网图
3.2 配置思路
· 在L3 switch上开启DHCP server功能,AP、无线客户端Client和有线客户端Host都能通过DHCP server自动获取IP地址。
· 在L2 switch 1上开启PoE功能,为AP设备供电。
· 在AC上配置无线服务,确保Client可以通过配置的无线服务接入网络,并访问Host。
3.3 配置注意事项
· 配置AP的序列号时请确保该序列号与AP唯一对应。
· 配置L2 switch 1和AP相连的接口为Access口,禁止VLAN 1报文通过,以防止VLAN 1内报文过多。
3.4 配置步骤
3.4.1 配置L3 switch
1. 配置L3 switch的接口
# 创建VLAN 100,并配置IP地址,用于转发AC和AP间的CAPWAP隧道内的流量。
<L3 switch> system-view
[L3 switch] vlan 100
[L3 switch-vlan100] quit
[L3 switch] interface vlan-interface 100
[L3 switch-Vlan-interface100] ip address 192.168.10.1 255.255.255.0
[L3 switch-Vlan-interface100] quit
# 创建VLAN
[L3 switch] vlan
[L3 switch-vlan
[L3 switch] interface vlan-interface
[L3 switch-Vlan-interface
[L3 switch-Vlan-interface
# 创建VLAN 300,并为该接口配置IP地址。Host使用该VLAN与AC建立连接。
[L3 switch] vlan 300
[L3 switch-vlan300] quit
[L3 switch] interface vlan-interface 300
[L3 switch-Vlan-interface300] ip address 192.168.30.1 255.255.255.0
[L3 switch-Vlan-interface300] quit
# 配置L3 switch和L2 switch1相连的接口GigabitEthernet1/0/1为Trunk类型,禁止VLAN 1报文通过,允许VLAN100和VLAN
[L3 switch] interface gigabitEthernet 1/0/1
[L3 switch-GigabitEthernet1/0/1] port link-type trunk
[L3 switch-GigabitEthernet1/0/1] undo port trunk permit vlan 1
[L3 switch-GigabitEthernet1/0/1] port trunk permit vlan 100
[L3 switch-GigabitEthernet1/0/1] quit
# 配置L3 switch和L2 switch2相连的接口GigabitEthernet1/0/3为Trunk类型,禁止VLAN 1报文通过,允许VLAN 300通过。
[L3 switch] interfac gigabitEthernet 1/0/3
[L3 switch-GigabitEthernet1/0/3] port link-type trunk
[L3 switch-GigabitEthernet1/0/3] undo port trunk permit vlan 1
[L3 switch-GigabitEthernet1/0/3] port trunk permit vlan 300
[L3 switch-GigabitEthernet1/0/3] quit
2. 配置DHCP server
开启DHCP server功能。
# 开启DHCP server功能。
<L3 switch> system-view
[L3 switch] dhcp enable
配置DHCP地址池,为AP、无线客户端Client和有线客户端Host自动分配IP地址。
# 配置DHCP地址池1为AP分配地址范围为192.168.10.0/24,网关地址为192.168.10.1。
[L3 switch] dhcp server ip-pool 1
[L3 switch-dhcp-pool-1] network 192.168.10.0 mask 255.255.255.0
[L3 switch-dhcp-pool-1] gateway-list 192.168.10.1
# 配置DHCP地址池1中不参与自动分配的IP地址为AC的VLAN100的IP地址192.168.10.2。
[L3 switch-dhcp-pool-1] forbidden-ip 192.168.10.2
[L3 switch-dhcp-pool-1] quit
# 配置DHCP地址池2为Client分配地址范围为192.168.
[L3 switch] dhcp server ip-pool 2
[L3 switch-dhcp-pool-2] network 192.168.
[L3 switch-dhcp-pool-2] gateway-list 192.168.
[L3 switch-dhcp-pool-2] dns-list 192.168.
[L3 switch-dhcp-pool-2] quit
# 配置DHCP地址池3为Host分配地址范围为192.168.30.0/24,为Host分配的DNS服务器地址为网关地址(实际使用过程中请根据实际网络规划配置无线客户端的DNS服务器地址),网关地址为192.168.30.1。
[L3 switch] dhcp server ip-pool 3
[L3 switch-dhcp-pool-3] network 192.168.30.0 mask 255.255.255.0
[L3 switch-dhcp-pool-3] gateway-list 192.168.30.1
[L3 switch-dhcp-pool-3] dns-list 192.168.30.1
[L3 switch-dhcp-pool-3] quit
3.4.2 配置AC
配置AC的接口
# 创建VLAN 100及其对应的VLAN接口,并为该接口配置IP地址。AP将获取该IP地址与AC建立CAPWAP隧道。
[AC] vlan 100
[AC-vlan100] quit
[AC] interface vlan-interface 100
[AC-Vlan-interface100] ip address 192.168.10.2 255.255.255.0
[AC-Vlan-interface100] quit
# 创建VLAN
[AC] vlan
[AC-vlan
# 配置AC和L2 switch 1相连的接口GigabitEthernet1/0/1为Trunk类型,禁止VLAN 1报文通过,允许VLAN 100和VLAN
[AC] interface gigabitethernet 1/0/1
[AC-GigabitEthernet1/0/1] port link-type trunk
[AC-GigabitEthernet1/0/1] undo port trunk permit vlan 1
[AC-GigabitEthernet1/0/1] port trunk permit vlan 100
[AC-GigabitEthernet1/0/1] quit
配置无线服务
# 创建无线服务模板1,并进入无线服务模板视图。
[AC] wlan service-template 1
# 配置SSID为service。
[AC-wlan-st-1] ssid service
# 配置身份认证与密钥管理模式为PSK模式,配置PSK密钥为明文字符串12345678。
[AC-wlan-st-1] akm mode psk
[AC-wlan-st-1] preshared-key pass-phrase simple 12345678
# 配置加密套件为CCMP,安全信息元素为RSN。
[AC-wlan-st-1] cipher-suite ccmp
[AC-wlan-st-1] security-ie rsn
# 配置客户端数据报文转发位置为AC。(如果客户端数据报文的缺省转发位置与本配置相同,请跳过此步骤)
[AC-wlan-st-1] client forwarding-location ac
# 使能服务模板。
[AC-wlan-st-1] service-template enable
[AC-wlan-st-1] quit
配置AP
在大规模组网时,推荐在AP组内进行配置。
# 创建手工AP,名称为officeap,型号名称为WA63
[AC] wlan ap officeap model WA63
# 设置AP的序列号为
[AC-wlan-ap-officeap] serial-id
[AC-wlan-ap-officeap] quit
# 创建AP组group1,并配置AP名称入组规则。
[AC] wlan ap-group group1
[AC-wlan-ap-group-group1] ap officeap
# 将无线服务模板1绑定到AP组group1下的Radio 1上,并指定客户端上线的VLAN为VLAN
[AC-wlan-ap-group-group1] ap-model WA63
[AC-wlan-ap-group-group1-ap-model-WA63
[AC-wlan-ap-group-group1-ap-model-WA63
[AC-wlan-ap-group-group1-ap-model-WA63
[AC-wlan-ap-group-group1-ap-model-WA63
[AC-wlan-ap-group-group1-ap-model-WA63
[AC-wlan-ap-group-group1] quit
3.4.3 配置L2 switch 1
# 创建VLAN 100和VLAN
<L2 switch 1> system-view
[L2 switch 1] vlan 100
[L2 switch 1-vlan100] quit
[L2 switch 1] vlan
[L2 switch 1-vlan
# 配置L2 switch 1和AC相连的接口GigabitEthernet1/0/1为Trunk类型,禁止VLAN 1报文通过,允许VLAN 100和VLAN
[L2 switch 1] interface gigabitEthernet 1/0/1
[L2 switch 1-GigabitEthernet1/0/1] port link-type trunk
[L2 switch 1-GigabitEthernet1/0/1] undo port trunk permit vlan 1
[L2 switch 1-GigabitEthernet1/0/1] port trunk permit vlan 100
[L2 switch 1-GigabitEthernet1/0/1] quit
# 配置L2 switch 1和AP相连的接口GigabitEthernet1/0/2为Access类型,允许VLAN 100通过,并开启PoE远程供电功能。
[L2 switch 1] interfac gigabitEthernet 1/0/2
[L2 switch 1-GigabitEthernet1/0/2] port link-type access
[L2 switch 1-GigabitEthernet1/0/2] port access vlan 100
[L2 switch 1-GigabitEthernet1/0/2] poe enable
[L2 switch 1-GigabitEthernet1/0/2] quit
# 配置L2 switch 1与L3 switch相连的接口GigabitEthernet1/0/3为Trunk类型,禁止VLAN 1报文通过,允许VLAN 100和VLAN
[L2 switch 1] interface gigabitEthernet 1/0/3
[L2 switch 1-GigabitEthernet1/0/3] port link-type trunk
[L2 switch 1-GigabitEthernet1/0/3] undo port trunk permit vlan 1
[L2 switch 1-GigabitEthernet1/0/3] port trunk permit vlan 100
[L2 switch 1-GigabitEthernet1/0/3] quit
3.4.4 配置L2 switch 2
# 创建VLAN 300,VLAN 300为Host接入的VLAN。
<L2 switch 2> system-view
[L2 switch 2] vlan 300
[L2 switch 2-vlan300] quit
# 配置L2 switch 2与L3 switch相连的接口GigabitEthernet1/0/1为Trunk类型,禁止VLAN 1报文通过,允许VLAN 300通过。
[L2 switch 2] interface gigabitEthernet 1/0/1
[L2 switch 2-GigabitEthernet1/0/1] port link-type trunk
[L2 switch 2-GigabitEthernet1/0/1] undo port trunk permit vlan 1
[L2 switch 2-GigabitEthernet1/0/1] port trunk permit vlan 300
[L2 switch 2-GigabitEthernet1/0/1] quit
# 配置L2 switch 2与Host相连的接口GigabitEthernet1/0/2为Access类型,允许VLAN 300通过
[L2 switch 2] interface gigabitEthernet 1/0/2
[L2 switch 2-GigabitEthernet1/0/2] port link-type access
[L2 switch 2-GigabitEthernet1/0/2] port access vlan 300
[L2 switch 2-GigabitEthernet1/0/2] quit
3.5 验证配置
在AC上查看AP注册信息
# 在AC上使用命令display wlan ap all查看AP,可以看到AP的状态是R/M,表明AP已经成功注册到AC。
<AC> display wlan ap all
Total number of APs: 1
Total number of connected APs: 1
Total number of connected manual APs: 1
Total number of connected auto APs: 0
Total number of connected common APs: 1
Total number of connected WTUs: 0
Total number of inside APs: 0
Maximum supported APs: 3072
Remaining APs: 3071
Total AP Licenses: 512
Local AP licenses: 512
Server AP licenses: 0
Remaining local AP licenses: 511
Sync AP licenses: 0
AP information
State : I = Idle, J = Join, JA = JoinAck, IL = ImageLoad
C = Config, DC = DataCheck, R = Run, M = Master, B = Backup
AP name AP ID State Model Serial ID
officeap 1 R/M WA63
在AC上查看Client信息
# 在AC上使用命令display wlan client查看在线Client,可以看到Client已经连接到AP的radio1。
<AC> display wlan client
Total number of clients: 1
MAC address User name AP name R IP address VLAN
109a-dd9d-fc68 N/A officeap 1 192.168.
Host与Client可以相互ping通
# Client 通过DHCP server获取到IP地址192.168.
C:\Users\system32>ping 192.168.
Pinging 192.168.
Reply from 192.168.
Reply from 192.168.
Reply from 192.168.
Reply from 192.168.
Reply from 192.168.
Reply from 192.168.
Reply from 192.168.
Reply from 192.168.
Reply from 192.168.
Reply from 192.168.
Reply from 192.168.
Ping statistics for 192.168.
Packets: Sent = 11, Received = 11, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 8ms, Average = 0ms
Control-C
^C
C:\Users\system32>
3小时前回答暂无
你正在内容来源:知了社区,EWP-WX2520X-LI怎么调试及添加ap
