Today, I will continue to introduce WLAN to you. This paper uses Huawei eNSP simulator to complete the relevant configuration of layer 2 direct networking in Fit AP scenario.
1, Experimental topology and requirements
The experimental topology is shown above. Now it is required to realize the configuration of AC, Switch and Router according to the requirements in the figure, and realize the two-layer networking and direct forwarding of Fit AP. Where DHCP server is on AC.
2, Experimental configuration idea
(1) Basic configuration
First, we configure the layer-2 VLAN, layer-3 IP address and routing interworking of Switch and Router according to the requirements in the figure. Create VLANif interface on AC and enable DHCP function.
In this experiment, the AC can be configured as a switch with WLAN function. The AC layer is connected to the router, the G0/0/1 interface is configured as the Access interface, the corresponding VLAN is enabled, the VLANif interface is created and the IP address is configured. The AC downlink G0/0/2 interface is a layer-2 interface configured as Trunk type, allowing VLANs of 10, 20 and 100 to pass through. The G0/0/2 interface of LSW1 is configured as Trunk type, pvid is VLAN100, allowing VLAN10100 to pass, and the G0/0/3 interface of LSW1 is configured as Trunk type, pvid is VLAN100, allowing VLAN20100 to pass.
In this way, the underlying networking interworking of WLAN has been configured. The next step is to configure AP online and STA access on AC.
(2) WLAN related configuration
After completing the above underlying network interworking, the next step is to configure the WLAN configuration of AC.
1. AC configuration CAPWAP enable interface
First, the CAPWAP tunnel interface of AC should be configured. Here, according to the experimental requirements, we select VLAN100 to establish VLAN for the CAPWAP of AC AP.
2. Configure WLAN related templates and associate
Configuring WLAN on AC involves many steps and is complex. You need to configure multiple settings of multiple templates and finally apply these configurations in AP ID. the configuration idea can be seen in the figure below:
3, Experimental configuration command
The underlying network interworking part of this experiment is not introduced here (if there are students who still have doubts about this part, they can ask questions in the private letter or comment area). It mainly introduces the key WLAN configuration commands of AC, as follows:
(1) Configuration of AC enabled CAPWAP interface
The configuration of AC enabled CAPWAP interface is as follows:
capwap source interface Vlanif 100
(2) AC configuration security template
The security template mainly configures WLAN authentication mode and encryption mode. The configuration examples are as follows:
security-profile name 1 security wep share-key wep key 0 wep-40 pass-phrase 12345
(3) AC configuration SSID template
The SSID template mainly configures the SSID of WLAN, that is, our common Wi Fi name. The relevant configurations are as follows:
ssid-profile name 1 ssid huawei-1
(4) AC configuration VAP template
VAP template is mainly used to configure the forwarding mode of AC, the service VLAN of AP, and the associated security template and SSID template. The relevant configurations are as follows:
vap-profile name 1 service-vlan vlan-id 10 ssid-profile 1 security-profile 1
(5) AC configuration domain management template
The AC domain management template mainly configures the country (region) code of the AP. Since different countries and regions have their own regulations on the use of radio frequencies in their own countries (regions), in order to make the AC products sold worldwide, it is necessary to make the AC products comply with the relevant local radio access rules. Huawei series AC equipment is configured through the country (region) Code to achieve this setting. The relevant configurations are as follows:
regulatory-domain-profile name 1 country-code CN
In the above configuration, the country code CN represents China, and cn is also the default configuration of the regulatory domain profile.
(6) AC configuration AP ID
After completing the above configuration, AC also needs to create an AP template, configure the radio related information of the AP, and apply the above template. The related configurations are as follows:
ap-id 1 type-id 56 ap-mac 00e0-fcee-7810 ap-sn 210235448310F249C222 regulatory-domain-profile 1 radio 0 vap-profile 1 wlan 1 channel 20mhz 1
Note that in the first line of the above configuration, only the AP MAC or AP Sn information of the AP can be configured, and other information is automatically completed after the AP goes online.
4, Appendix - AC related configuration commands
AC related configuration commands are as follows:
wlan traffic-profile name default security-profile name 1 security wep share-key wep key 0 wep-40 pass-phrase 12345 security-profile name 2 security wpa psk pass-phrase 12345678 aes security-profile name default security-profile name default-wds security-profile name default-mesh ssid-profile name 1 ssid huawei-1 ssid-profile name 2 ssid huawei-2 ssid-profile name default vap-profile name 1 service-vlan vlan-id 10 ssid-profile 1 security-profile 1 vap-profile name 2 service-vlan vlan-id 20 ssid-profile 2 security-profile 2 vap-profile name default wds-profile name default mesh-handover-profile name default mesh-profile name default regulatory-domain-profile name 1 regulatory-domain-profile name default air-scan-profile name default rrm-profile name default radio-2g-profile name default radio-5g-profile name default wids-spoof-profile name default wids-profile name default wireless-access-specification ap-system-profile name default port-link-profile name default wired-port-profile name default serial-profile name preset-enjoyor-toeap ap-group name default ap-id 1 type-id 56 ap-mac 00e0-fcee-7810 ap-sn 210235448310F249C222 regulatory-domain-profile 1 radio 0 vap-profile 1 wlan 1 channel 20mhz 1 ap-id 2 type-id 56 ap-mac 00e0-fc4f-7910 ap-sn 2102354483109B606954 regulatory-domain-profile 1 radio 0 vap-profile 2 wlan 1 channel 20mhz 6 provision-ap
5, Experimental effect
(1) STA accesses the Internet normally
(2) CAPWAP tunnel packet capture
(3) AC view AP Online