Skip to main content

 路由器网 > 新闻资讯 >

无线环境+一体机(52台)+联想传奇软件

2014-07-02 23:44 浏览:


最近一个项目十分恶心,反复去了好多次都没解决问题,最后在求助的情况下解决了问题,今天闲来无事进行一下总结,希望以后大家在遇到类似问题的时候会有所帮助,少走弯路。
 

环境如下:
 

无线AP华为AP7110DN-AGN   无线控制器:华为L-AC6605-16AP

交换机:华为S5700-28P-LI-AC  路由器:华为AR0M0022BA00

 wKioL1OzW9OwVoklAADN1UD1TL8657.jpg   

 配置过程如下:

路由器配置:

<router>dis cu
[V200R003C01SPC900]
#
 sysname router
#
 snmp-agent local-engineid 800007DB034846FBDD5110
 snmp-agent 
#
 http timeout 3
#
 drop illegal-mac alarm
#
 wlan ac-global carrier id other ac id 0
#
dhcp enable 启用dhcp服务
#
undo dhcp server bootp
#
pki realm default
 enrollment self-signed
#
#
acl number 2000  
 rule 5 permit source 192.168.1.0 0.0.0.255   配置acl

#
ip pool ip-pool1                          
 gateway-list 192.168.1.1 
 network 192.168.1.0 mask 255.255.255.0 
 excluded-ip-address 192.168.1.2 192.168.1.10       配置dhcp地址池等相关信息
 lease day 999 hour 0 minute 0 
 dns-list 202.99.160.68 
#

aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$=i~>Xp&aY+*2cEVcS-A23Uwe%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 64
#
 nat address-group 1 10.48.183.249 10.48.183.249    nat地址
#  
interface GigabitEthernet0/0/0
#
interface GigabitEthernet0/0/1
 ip address 192.168.1.1 255.255.255.0     配置内网接口IP地址
 dhcp select global

#
interface GigabitEthernet0/0/2
 ip address 10.48.183.241 255.255.255.0     配置外网接口地址和地址映射
 nat outbound 2000

#
interface Cellular0/0/0
 link-protocol ppp
#
interface Cellular0/0/1
 link-protocol ppp
#
interface NULL0
#
interface LoopBack1
#
ip route-static 0.0.0.0 0.0.0.0 10.48.183.254    配置默认静态路由
#   
user-interface con 0
 authentication-mode password
 set authentication password cipher %$%$v)eUQb:a@@Dq>LQ]8_~(,.6ebgw1T<1nDK(Bi*MIy)4I.6h,%$%$
user-interface vty 0 4    配置远程telnet登陆

#
wlan ac                                   
#
voice 
 #
 diagnose
#
return

 

交换机配置:

<switch>dis cu
#
!Software Version V200R001C00SPC300
sysname switch
#
vlan batch 100 to 101 800   配置通信vlan和管理vlan
#
undo http server enable
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password cipher %$%$I6.ASV)hJET,p"Dn.YM%3aXO%$%$
 local-user admin service-type http
#
interface Vlanif1
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk pvid vlan 800
 port trunk allow-pass vlan 101 800
#
interface GigabitEthernet0/0/2            
 port link-type trunk
 port trunk pvid vlan 800
 port trunk allow-pass vlan 101 800       配置交换机连接无线AP的接口模式
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk pvid vlan 800
 port trunk allow-pass vlan 101 800
#
interface GigabitEthernet0/0/4
 port link-type trunk
 port trunk pvid vlan 800
 port trunk allow-pass vlan 101 800
#

interface GigabitEthernet0/0/5
 port link-type trunk
 port trunk allow-pass vlan 101 800     配置交换机连接无线控制器的接口模式

#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#                                         
interface GigabitEthernet0/0/9
#
interface GigabitEthernet0/0/10
#
interface GigabitEthernet0/0/11
#
interface GigabitEthernet0/0/12
#
interface GigabitEthernet0/0/13
 port link-type access
 port default vlan 101
#
interface GigabitEthernet0/0/14
 port link-type access
 port default vlan 101
#
interface GigabitEthernet0/0/15      配置交换机与服务器连接的接口模式
 port link-type access
 port default vlan 101
#
interface GigabitEthernet0/0/16
 port link-type access
 port default vlan 101

#                                         
interface GigabitEthernet0/0/17
#
interface GigabitEthernet0/0/18
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
#
interface GigabitEthernet0/0/22
#
interface GigabitEthernet0/0/23
#
interface GigabitEthernet0/0/24
#
interface GigabitEthernet0/0/25
#
interface GigabitEthernet0/0/26
#
interface GigabitEthernet0/0/27
#
interface GigabitEthernet0/0/28
#                                         
interface NULL0
#
interface LoopBack1
#
user-interface con 0
 authentication-mode password
 set authentication password cipher %$%$@T4G)wr!n@xWkW1=!S>W,G>5dOgs,@68!%p,d{O)k'f!>MD~%$%$

user-interface vty 0 4
user-interface vty 16 20
#
return

 

无线控制器配置:


[V200R003C00SPC300]
#
 sysname AC-LSW
#
 snmp-agent local-engineid 800007DB03DCD2FC9AF55A
undo snmp-agent community complexity-check disable
 snmp-agent 
#
 http server enable                       启动http服务,用来通过web方式访问无线控制器
 http secure-server enable

#
 info-center timestamp log format-date
#
vlan batch 101 800    新建相应的vlan
#
dhcp enable     启动dhcp服务
#
diffserv domain default
#
pki realm default
 enrollment self-signed
#
drop-profile default
#
aaa 
 authentication-scheme default 
 authorization-scheme default 
 accounting-scheme default 
 domain default  
 domain default_admin  
 local-user admin password cipher %@%@4SD!O#B"vE'%R>6/v7]F@KaN%@%@
 local-user admin privilege level 15
 local-user admin service-type http     配置web登陆用户
#
interface Vlanif1
#
interface Vlanif101
 ip address 192.168.1.18 255.255.255.0      配置远程管理地址

#  
interface Vlanif800
 ip address 172.1.1.1 255.255.255.0  配置无线AP的管理地址池并通过dhcp下发ip地址给AP
 dhcp select interface

#
interface MEth0/0/1
 ip address 192.168.0.1 255.255.255.0    配置管理接口的ip地址,用来进行系统版本的升级

#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 101 800    设置与交换机连接接口的端口类型和允许的vlan

#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface GigabitEthernet0/0/9
#
interface GigabitEthernet0/0/10
#
interface GigabitEthernet0/0/11
#
interface GigabitEthernet0/0/12
#
interface GigabitEthernet0/0/13
#
interface GigabitEthernet0/0/14
#
interface GigabitEthernet0/0/15
#
interface GigabitEthernet0/0/16
#
interface GigabitEthernet0/0/17
#
interface GigabitEthernet0/0/18
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
#
interface GigabitEthernet0/0/22
#
interface GigabitEthernet0/0/23
#
interface GigabitEthernet0/0/24
#
interface XGigabitEthernet0/0/1
#
interface XGigabitEthernet0/0/2
#
interface Wlan-Ess0
 port hybrid pvid vlan 101
 port hybrid untagged vlan 101     配置wlan-ess虚接口

#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 192.168.1.1   配置默认路由,用于远程管理
#
user-interface con 0
 authentication-mode password
 set authentication password cipher %$%$"GCEA{F!GFFR9-UtLm#Y,;,-8xu`X~H8=;M/;;ZHZm/B;,0,%$%$                                                                    配置console接口认证


user-interface vty 0 4
 authentication-mode password
 user privilege level 15
 set authentication password cipher %$%$vr'(L4QuvI^ojOS1^jg7~.ZM>[&xDt.~xUj&P.1UJ[nY.ZP~%$%$
user-interface vty 16 20                     配置vty接口的认证,用于远程管理
#

wlan
 wlan ac source interface vlanif800    配置无线AP的管理vlan
 ap-auth-mode no-auth     配置无线vlan的认证方式
 ap id 4 type-id 28 mac 04f9-38e8-6f80 sn 210235555310E3000596     添加相应的无线AP
 ap id 5 type-id 28 mac 04f9-38ea-35a0 sn 210235555310E3000992
 ap id 6 type-id 28 mac 04f9-38e5-78a0 sn 210235555310E3000446
 ap id 7 type-id 28 mac 04f9-38ea-35c0 sn 210235555310E3000993


 wmm-profile name huawei-ap id 0                           配置vmm-profile名称
 traffic-profile name huawei-ap id 0                           配置traffic-profile名字


 security-profile name huawei-ap id 0                       配置security-profile名字
  security-policy wpa2                                                 配置安全模板的认证方式
  wpa2 authentication-method psk pass-phrase cipher %@%@bkz|%Dyw"RFrgoE'@yxR@QNf%@%@ encryption-method ccmp                                      配置无线AP的加密方式和相应的密码(会影响网速)


 sta-load-balance enable                                           启用负载均衡功能


 service-set name huawei id 0                                   配置服务集模板
  forward-mode tunnel                               
  wlan-ess 0
  ssid DHJS208                                  配置ssid为DHJS208
  traffic-profile id 0
  security-profile id 0
  service-vlan 101                               服务vlan101
 radio-profile name huawei-ap id 0
  radio-type 80211n      强制设置radio的类型为802.11n,这样只有网卡的速率可以到133Mbps,如果不设置速率只能达到54Mbps这样会影响网速


  wmm-profile id 0

 ap 4 radio 0
  radio-profile id 0
  service-set id 0 wlan 1
 ap 5 radio 0
  radio-profile id 0
  service-set id 0 wlan 1
 ap 6 radio 0
  radio-profile id 0
  service-set id 0 wlan 1
 ap 7 radio 0                                         配置AP所应用的服务集合radio-profile
  radio-profile id 0
  service-set id 0 wlan 1

 

#
return