WLAN configuration example - layer 2 networking direct forwarding

Today, I will continue to introduce WLAN to you. This paper uses Huawei eNSP simulator to complete the relevant configuration of layer 2 direct networking in Fit AP scenario.

1, Experimental topology and requirements


The experimental topology is shown above. Now it is required to realize the configuration of AC, Switch and Router according to the requirements in the figure, and realize the two-layer networking and direct forwarding of Fit AP. Where DHCP server is on AC.

2, Experimental configuration idea

(1) Basic configuration

First, we configure the layer-2 VLAN, layer-3 IP address and routing interworking of Switch and Router according to the requirements in the figure. Create VLANif interface on AC and enable DHCP function.
In this experiment, the AC can be configured as a switch with WLAN function. The AC layer is connected to the router, the G0/0/1 interface is configured as the Access interface, the corresponding VLAN is enabled, the VLANif interface is created and the IP address is configured. The AC downlink G0/0/2 interface is a layer-2 interface configured as Trunk type, allowing VLANs of 10, 20 and 100 to pass through. The G0/0/2 interface of LSW1 is configured as Trunk type, pvid is VLAN100, allowing VLAN10100 to pass, and the G0/0/3 interface of LSW1 is configured as Trunk type, pvid is VLAN100, allowing VLAN20100 to pass.
In this way, the underlying networking interworking of WLAN has been configured. The next step is to configure AP online and STA access on AC.

(2) WLAN related configuration

After completing the above underlying network interworking, the next step is to configure the WLAN configuration of AC.
1. AC configuration CAPWAP enable interface
First, the CAPWAP tunnel interface of AC should be configured. Here, according to the experimental requirements, we select VLAN100 to establish VLAN for the CAPWAP of AC AP.
2. Configure WLAN related templates and associate
Configuring WLAN on AC involves many steps and is complex. You need to configure multiple settings of multiple templates and finally apply these configurations in AP ID. the configuration idea can be seen in the figure below:

3, Experimental configuration command

The underlying network interworking part of this experiment is not introduced here (if there are students who still have doubts about this part, they can ask questions in the private letter or comment area). It mainly introduces the key WLAN configuration commands of AC, as follows:

(1) Configuration of AC enabled CAPWAP interface

The configuration of AC enabled CAPWAP interface is as follows:

capwap source  interface Vlanif 100

(2) AC configuration security template

The security template mainly configures WLAN authentication mode and encryption mode. The configuration examples are as follows:

 security-profile name 1
  security wep share-key
  wep key 0 wep-40 pass-phrase 12345

(3) AC configuration SSID template

The SSID template mainly configures the SSID of WLAN, that is, our common Wi Fi name. The relevant configurations are as follows:

 ssid-profile name 1
  ssid huawei-1

(4) AC configuration VAP template

VAP template is mainly used to configure the forwarding mode of AC, the service VLAN of AP, and the associated security template and SSID template. The relevant configurations are as follows:

 vap-profile name 1
  service-vlan vlan-id 10
  ssid-profile 1
  security-profile 1

(5) AC configuration domain management template

The AC domain management template mainly configures the country (region) code of the AP. Since different countries and regions have their own regulations on the use of radio frequencies in their own countries (regions), in order to make the AC products sold worldwide, it is necessary to make the AC products comply with the relevant local radio access rules. Huawei series AC equipment is configured through the country (region) Code to achieve this setting. The relevant configurations are as follows:

 regulatory-domain-profile name 1
  country-code CN 

In the above configuration, the country code CN represents China, and cn is also the default configuration of the regulatory domain profile.

(6) AC configuration AP ID

After completing the above configuration, AC also needs to create an AP template, configure the radio related information of the AP, and apply the above template. The related configurations are as follows:

 ap-id 1 type-id 56 ap-mac 00e0-fcee-7810 ap-sn 210235448310F249C222
  regulatory-domain-profile 1
  radio 0
   vap-profile 1 wlan 1
   channel 20mhz 1

Note that in the first line of the above configuration, only the AP MAC or AP Sn information of the AP can be configured, and other information is automatically completed after the AP goes online.

4, Appendix - AC related configuration commands

AC related configuration commands are as follows:

wlan
 traffic-profile name default
 security-profile name 1
  security wep share-key
  wep key 0 wep-40 pass-phrase 12345
 security-profile name 2
  security wpa psk pass-phrase 12345678
aes
 security-profile name default
 security-profile name default-wds
 security-profile name default-mesh
 ssid-profile name 1
  ssid huawei-1
 ssid-profile name 2
  ssid huawei-2
 ssid-profile name default
 vap-profile name 1
  service-vlan vlan-id 10
  ssid-profile 1
  security-profile 1
 vap-profile name 2
  service-vlan vlan-id 20
  ssid-profile 2
  security-profile 2
 vap-profile name default
 wds-profile name default
 mesh-handover-profile name default
 mesh-profile name default
 regulatory-domain-profile name 1
 regulatory-domain-profile name default
 air-scan-profile name default
 rrm-profile name default
 radio-2g-profile name default
 radio-5g-profile name default
 wids-spoof-profile name default
 wids-profile name default
 wireless-access-specification
 ap-system-profile name default
 port-link-profile name default
 wired-port-profile name default
 serial-profile name preset-enjoyor-toeap 
 ap-group name default
 ap-id 1 type-id 56 ap-mac 00e0-fcee-7810 ap-sn 210235448310F249C222
  regulatory-domain-profile 1
  radio 0
   vap-profile 1 wlan 1
   channel 20mhz 1
 ap-id 2 type-id 56 ap-mac 00e0-fc4f-7910 ap-sn 2102354483109B606954
  regulatory-domain-profile 1
  radio 0
   vap-profile 2 wlan 1
   channel 20mhz 6
 provision-ap

5, Experimental effect

(1) STA accesses the Internet normally

(2) CAPWAP tunnel packet capture

(3) AC view AP Online

Tags: WLAN

Posted on Sun, 19 Sep 2021 21:52:38 -0400 by slushpuppie