Comprehensive design of enterprise campus network (3)

News 2024-01-09 00:58:38 views: null

3.8 Wireless network configuration

3.8.1 Configure IP routing

 

Figure 26 Schematic diagram of wireless network configuration equipment

Configuration steps: Configure IP address 192.168.x.1 for vlan2,4-8 of LSW1, configure IP address 192.168.x.2 for vlan3-8 of LSW2, configure management vlan4 for AC2 with the address 192.168.4.100, configure it for AC1 Management vlan4, the address is 192.168.4.200.

Configuration of LSW1 :

interface Vlanif2

ip address 192.168.2.1 255.255.255.0

#

interface Vlanif4

 ip address 192.168.4.1 255.255.255.0

#

interface Vlanif6

 ip address 192.168.6.1 255.255.255.0

#

interface Vlanif7

 ip address 192.168.7.1 255.255.255.0

#

interface Vlanif8

 ip address 192.168.8.1 255.255.255.0

interface GigabitEthernet0/0/4

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

Configuration of LSW2 :

interface Vlanif3

 ipv6 enable

 ip address 192.168.3.1 255.255.255.0

 ipv6 address 2003::1/64

 ipv6 address FE80::1 link-local

 ospfv3 1 area 0.0.0.0

#

interface Vlanif4

 ip address 192.168.4.2 255.255.255.0

#

interface Vlanif5

 ip address 192.168.5.1 255.255.255.0

#

interface Vlanif6

 ip address 192.168.6.2 255.255.255.0

#

interface Vlanif7

 ip address 192.168.7.2 255.255.255.0

 dhcp select interface

#

interface Vlanif8

 ip address 192.168.8.2 255.255.255.0

 dhcp select interface

interface GigabitEthernet0/0/4

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

ospf 1 router-id 2.2.2.2

 area 0.0.0.0

  network 2.2.2.2 0.0.0.0

  network 192.168.13.0 0.0.0.255

  network 192.168.14.0 0.0.0.255

  network 192.168.15.0 0.0.0.255

  network 192.168.16.0 0.0.0.255

  network 192.168.5.0 0.0.0.255

  network 192.168.3.0 0.0.0.255

  network 192.168.6.0 0.0.0.255

  network 192.168.7.0 0.0.0.255

  network 192.168.8.0 0.0.0.255

AC1 configuration:

interface Vlanif4

 ip address 192.168.4.100 255.255.255.0

#

interface GigabitEthernet0/0/1

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

ip route-static 0.0.0.0 0.0.0.0 192.168.4.1

AC2 configuration:

interface Vlanif4

 ip address 192.168.4.200 255.255.255.0

#

interface GigabitEthernet0/0/1

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

ip route-static 0.0.0.0 0.0.0.0 192.168.4.2

Verify that the device is properly configured with vlan and gateway:

Figure 27 LSW1vlan and gateway configuration diagram

Figure 28 LSW2vlan and gateway configuration diagram

 

3.8.2 Deploy DHCP for AP and AC

Configuration steps: Deploy DHCP for the AP on the LSW1 switch, and deploy DHCP for the STA on the LSW2 switch.

Configuration of LSW1 :

interface Vlanif6

 ip address 192.168.6.1 255.255.255.0

 dhcp select interface

 dhcp server option 43 sub-option 2 ip-address 192.168.4.100 192

Configuration of LSW2 :

interface Vlanif7

 ip address 192.168.7.2 255.255.255.0

 dhcp select interface

#

interface Vlanif8

 ip address 192.168.8.2 255.255.255.0

 dhcp select interface

3.8.3 AP goes online

 

Figure 29 AP1, AP2 topology diagram

Configuration steps: To ensure network interoperability from AP to DHCP server and AC to AP, configure the country code of AC1 and AC2 to cn, then specify the source IP address of AC1 as 192.168.4.100, and specify the source IP address of AC2 as 192.168.4.200 , establish two AP groups jsb and xsb, and configure corresponding MAC address values ​​for them.

AC1 configuration command:

[AC1]wlan

[AC1-wlan-view]regulatory-domain-profile name domain

[AC1-wlan-regulate-domain-domain]country-code cn

[AC1-wlan-view]ap-group name ap-group1

[AC1-wlan-ap-group-ap-group1]regulatory-domain-profile domain

Warning: Modifying the country code will clear channel, power and antenna gain configurations of the radio and reset the AP. Continue?[Y/N]:y

[AC1]capwap source ip-address 192.168.4.100

[AC1]wlan

[AC1-wlan-view]ap auth-mode mac-auth

[AC1-wlan-view]ap-id 1 ap-mac 00E0-FC5A-0390

[ AC1 - wlan - app - 1 ] app - name jsb

[AC1-wlan-ap-1]ap-group ap-group1

Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configurations of the radio, Whether to continue? [Y/N]:y

[AC1]wlan

[AC1-wlan-view]ap-id 2 ap-mac 00E0-FC4D-3B00

[AC1-wlan-ap-2]ap-name xsb

[AC1-wlan-ap-2]ap-group ap-group1

Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configurations of the radio, Whether to continue? [Y/N]:y

(For the configuration of AP online on AC2, please refer to the configuration process of AC1. Except for the source interface address, other configuration parameters are the same as AC1)

3.8.4 Check whether the AP comes online successfully

① Obtain IP address successfully

 

Figure 30 Schematic diagram of AP successfully obtaining an IP address

②AP successfully goes online

 

Figure 31 Schematic diagram of successful AP online

3.8.5 Configure WLAN service delivery

Configuration steps: Create two SSID templates named employees and guests on AC1, configure the security policy of wpa2 for the employee templates, and create two VAP templates named employees and guests. The employeesVAP template references the previously created employees security template. And configure the service vlan to vlan7, the guestVAP template refers to the guest security template created previously, and configure the service vlan to vlan8, and finally bind the two VAP templates to the AP. The configuration steps of AC2 are the same as those of AC1 and will not be described again.

AC1 configuration command:

[AC1-wlan-view]ssid-profile name employees

[AC1-wlan-ssid-prof-employees]ssid ZK-employess

[AC1-wlan-ssid-prof-employees]q

[AC1-wlan-view]ssid-profile name guest

[AC1-wlan-ssid-prof-guest]ssid ZK-guest

[AC1-wlan-view]security-profile name employees

[AC1-wlan-sec-prof-employees]security wpa2 psk pass-phrase zhongkai aes

Warning: The current password is too simple. For the sake of security, you are a

dvised to set a password containing at least two of the following: lowercase let

ters a to z, uppercase letters A to Z, digits, and special characters. Continue?

 [Y/N]:y

[AC1-wlan-sec-prof-employees]q

[AC1-wlan-view]security-profile name guest

[AC1-wlan-sec-prof-guest]security open

[AC1-wlan-view]vap-profile name employees

[AC1-wlan-vap-prof-employees]ssid-profile employees

[AC1-wlan-vap-prof-employees]security-profile employees

[AC1-wlan-vap-prof-employees]service-vlan vlan-id 7

Warning: This action may cause service interruption. Continue?[Y/N]y

[AC1-wlan-vap-prof-employees]forward-mode tunnel

Warning: This action may cause service interruption. Continue?[Y/N]y

[AC1-wlan-view]vap-profile name guest   

[AC1-wlan-vap-prof-guest]ssid-profile guest

[AC1-wlan-vap-prof-guest]security-profile guest

[AC1-wlan-vap-prof-guest]service-vlan vlan-id 8

Warning: This action may cause service interruption. Continue?[Y/N]y

[AC1-wlan-vap-prof-guest]forward-mode direct-forward

[AC1-wlan-view]ap-group name ap-group1

[AC1-wlan-ap-group-ap-group1]vap-profile employees wlan 1 radio all

[AC1-wlan-ap-group-ap-group1]vap-profile guest wlan 2 radio all

Verify that the wireless network is configured successfully:

 

Figure 32 wlan diagram

Figure 33 The host obtains the IP address through wlan

3.8.6 Deploy dual AC (dual-machine hot backup)

Configuration steps: Configure the IP address 192.168.4.200 of the backup AC2 on AC1 , configure the priority of the main AC1 to 0, enable the dual-link backup function and global switchback function of AC1, and finally restart the AP. Configure the IP address of backup AC1 192.168.4.100 on AC2 , configure the priority of backup AC2 to 1, enable the dual-link backup function and global switchback function of AC2, and finally restart the AP.

Configuration command:

AC1]wlan

[AC1-wlan-view]ac protect protect-ac 192.168.4.200 priority 0

Warning: Operation successful. It will take effect after AP reset.

[AC1-wlan-view]undo ac protect restore disable

[AC1-wlan-view]ac protect enable

Warning: This operation maybe cause AP reset, continue?[Y/N]:y

[AC1-wlan-view]ap-reset all

Warning: Reset AP(s), continue?[Y/N]:y

[AC2]wlan

[AC2-wlan-view]ac protect protect-ac 192.168.4.100 priority 1

Warning: Operation successful. It will take effect after AP reset.

[AC2-wlan-view]undo ac protect restore disable

[AC2-wlan-view]ac protect enable

Warning: This operation maybe cause AP reset, continue?[Y/N]:y

[AC2-wlan-view]ap-reset all

Warning: Reset AP(s), continue?[Y/N]:y

Verify whether AC dual-machine hot standby is deployed successfully:

 

Figure 34 AC1 dual-machine hot standby diagram

 

Figure 35 AC2 dual-machine hot standby diagram

Guess you like

Origin blog.csdn.net/qq_57052522/article/details/130044666
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com