WLAN小练习

2024-07-15 21:22:04
开发
18

今日所用拓扑

1.配置trunk

SW1配置：

[hj-SW1]vlan bat 100 200 210
[hj-SW1]port-g g g0/0/2 to g 0/0/5
[hj-SW1-port-group]p l t
[hj-SW1-port-group]p  t a v a
[hj-SW1-port-group]q
[hj-SW1]int g 0/0/1
[hj-SW1-GigabitEthernet0/0/1]p l t
[hj-SW1-GigabitEthernet0/0/1]p t a v a

SW2配置：

[HX-SW2]vlan bat 100 200 210
[HX-SW2]int g0/0/2
[HX-SW2-GigabitEthernet0/0/2]p l t 
[HX-SW2-GigabitEthernet0/0/2]p t a v a
[HX-SW2-GigabitEthernet0/0/2]int g0/0/1
[HX-SW2-GigabitEthernet0/0/1]p l a
[HX-SW2-GigabitEthernet0/0/1]p d v 210
[HX-SW2-GigabitEthernet0/0/1]int g 0/0/10
[HX-SW2-GigabitEthernet0/0/10]p l a
[HX-SW2-GigabitEthernet0/0/10]p d v 200

2.配置DHCP、DHCP中继以及IP

SW2配置：

[HX-SW2-GigabitEthernet0/0/10]int v 100
[HX-SW2-Vlanif100]ip add 192.168.100.254 24
[HX-SW2-Vlanif100]int v 200
[HX-SW2-Vlanif200]ip add 192.168.200.254 24
[HX-SW2-Vlanif200]int v 210
[HX-SW2-Vlanif210]ip add 192.168.210.254 24

[HX-SW2-Vlanif210]q
[HX-SW2]dhcp en
[HX-SW2]int v 100
[HX-SW2-Vlanif100]dhcp select relay
[HX-SW2-Vlanif100]dhcp relay server-ip 192.168.210.1

R1配置：

[DHCP-R1]int g 0/0/0
[DHCP-R1-GigabitEthernet0/0/0]ip add 192.168.210.1 24
[DHCP-R1-GigabitEthernet0/0/0]q
[DHCP-R1]dhcp en
[DHCP-R1]dhcp server ping pa	
[DHCP-R1]dhcp server ping packet 2
[DHCP-R1]dhcp server ping timeout 100
[DHCP-R1]ip pool vlan100
Info: It's successful to create an IP address pool.
[DHCP-R1-ip-pool-vlan100]net 192.168.100.0 mask 24
[DHCP-R1-ip-pool-vlan100]dns 100.100.100.100
[DHCP-R1-ip-pool-vlan100]gate 192.168.100.254
[DHCP-R1-ip-pool-vlan100]option ?
  INTEGER<1-254>  Option code, except values 1, 3, 6, 15, 44, 46, 50, 51, 52,   
                  53, 54, 55, 57, 58, 59, 61, 82, 121 and 184.
[DHCP-R1-ip-pool-vlan100]option 43 ?
  ascii       The DHCP option's type is a ASCII string
  hex         The DHCP option's type is a hex string
  ip-address  The DHCP option's type is IP address 
  sub-option  Configure the DHCP sub-options
[DHCP-R1-ip-pool-vlan100]option 43 sub-option 1 ip-address 192.168.200.10
[DHCP-R1-ip-pool-vlan100]int g 0/0/0
[DHCP-R1-GigabitEthernet0/0/0]dhcp select global
[DHCP-R1-GigabitEthernet0/0/0]q
[DHCP-R1]ip route-static 0.0.0.0 0 192.168.210.254

这里发现AP设备均无法获取IP，开始抓包检测：

SW2的g0/0/2口抓包：

SW2的g0/0/1口抓包：

发现AP设备发送的DHCP Discover报文并未通过SW2传递给R1，思考为什么中。。。。。。

！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！！

AP设备发送的无标记DHCP Discover报文源ip地址为0.0.0.0，目标IP为255.255.255.255全区域泛洪经过SW1的trunk口时，会被检查，没有标记则会被标记上相应接口的pvid，到达SW1的g0/0/1口时仍会被检查，发现带着标记则看与g0/0/1口的pvid一不一致，因为SW1 的g0/0/1 to g0/0/5口的pvid均为1，所以g0/0/1口会将Discover报文的标记去掉发送到SW2的g0/0/2口，同理会被打上1的标签，由于SW2剩余在用接口所在vlan均不为1，故Discover报文在SW2的g0/0/2口终结。

解决方案：

SW1配置：

[hj-SW1]port-g g g0/0/2 to g0/0/5
[hj-SW1-port-group]port trunk pvid vlan 100

这样从SW1的g0/0/1接口出来的Discover报文就能携带100的标签进入SW2的vlanif 100口了

验证：查看AP设备

<Huawei>dis system-information 
System Information
===============================================
Serial Number            : 2102354483109D3DB204
System Time              : 2024-07-15 16:30:20
System Up time           : 31min 14sec
System Name              : Huawei
Country Code             : US
MAC Address              : 00:e0:fc:74:68:e0
Radio 0 MAC Address      : 00:00:00:00:00:00
Radio 1 MAC Address      : 00:00:00:00:00:10
IP Address               : 192.168.100.250
Subnet Mask              : 255.255.255.0
Default Gateway          : 192.168.100.254
IPv6 IP Address          : 
IPv6 Default Gateway     : 
Management VLAN ID(AP)   : 
IP MODE                  : dhcp
Slot Status              : Dual band(802.11b/g/n;802.11a/n/ac)
AP Type                  : AP6050DN
Board Type               : AP6050DN
Board Serial Number      : 2102354483109D3DB204
Board Bom Version        : 0
Boot Rom Version         : -
Software Version         : V200R007C10SPC300
Hardware Version         : H86D2TT1D502 VER.A
Telnet Access            : Enable
User Name                : admin
LED Switch               : ON
===============================================

3.AP与AC实现三层互通

AC配置：

[AC6605]vlan bat 100 200 210
[AC6605]int g0/0/10
[AC6605-GigabitEthernet0/0/10]p l a
[AC6605-GigabitEthernet0/0/10]p d v 200
[AC6605-GigabitEthernet0/0/10]int v 200
[AC6605-Vlanif200]ip add 192.168.200.10 24
[AC6605-Vlanif200]q
[AC6605]ip route-s 0.0.0.0 0 192.168.200.254

验证：

[AC6605]ping 192.168.100.251
  PING 192.168.100.251: 56  data bytes, press CTRL_C to break
    Reply from 192.168.100.251: bytes=56 Sequence=1 ttl=254 time=30 ms
    Reply from 192.168.100.251: bytes=56 Sequence=2 ttl=254 time=40 ms
    Reply from 192.168.100.251: bytes=56 Sequence=3 ttl=254 time=30 ms
    Reply from 192.168.100.251: bytes=56 Sequence=4 ttl=254 time=30 ms
    Reply from 192.168.100.251: bytes=56 Sequence=5 ttl=254 time=60 ms

  --- 192.168.100.251 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 30/38/60 ms

4.在AP与AC设备间建立CAPWAP隧道

AC配置：

[AC6605]capwap source interface vlan 200








#或者[AC6605]capwap source ip-address 192.168.200.10

5.AP接入

AC配置：

[AC6605]wlan
[AC6605-wlan-view]ap-id 1 ap-mac 00:e0:fc:74:68:e0
                                 ^
Error: Wrong parameter found at '^' position.
[AC6605-wlan-view]ap-id 1 ap-mac 00e0-fc74-68e0
[AC6605-wlan-ap-1]q
[AC6605-wlan-view]ap-id 2 ap-mac 00e0-fc6c-3590
[AC6605-wlan-ap-2]q
[AC6605-wlan-view]ap-id 3 ap-mac 00e0-fc00-2010
[AC6605-wlan-ap-3]q
[AC6605-wlan-view]ap-id 4 ap-mac 00e0-fc5e-3700
[AC6605-wlan-ap-4]q

验证：

[AC6605-wlan-regulate-domain-hhh]dis ap all
Info: This operation may take a few seconds. Please wait for a moment.done.
Total AP information:
nor  : normal          [4]
--------------------------------------------------------------------------------
----------------------
ID   MAC            Name           Group   IP              Type            State
 STA Uptime
--------------------------------------------------------------------------------
----------------------
1    00e0-fc74-68e0 00e0-fc74-68e0 default 192.168.100.250 AP6050DN        nor  
 0   5M:31S
2    00e0-fc6c-3590 00e0-fc6c-3590 default 192.168.100.252 AP6050DN        nor  
 0   5M:14S
3    00e0-fc00-2010 00e0-fc00-2010 default 192.168.100.253 AP6050DN        nor  
 0   4M:3S
4    00e0-fc5e-3700 00e0-fc5e-3700 default 192.168.100.251 AP6050DN        nor  
 0   4M:6S
--------------------------------------------------------------------------------
----------------------
Total: 4

State列为nor即为正常

AP设备sysname已修改即为正常

6.创建域管理模板

AC配置：


[AC6605-wlan-view]regulatory-domain-profile name hhh
[AC6605-wlan-regulate-domain-hhh]country-code cn

验证：

<00e0-fc74-68e0>dis sys
System Information
===============================================
Serial Number            : 
System Time              : 2024-07-15 17:05:25
System Up time           : 1hour 6min 19sec
System Name              : 00e0-fc74-68e0
Country Code             : CN

7.创建AP组

AC配置：

[AC6605]wlan
[AC6605-wlan-view]ap-group name bangong
[AC6605-wlan-ap-group-bangong]regulatory-domain-profile xxx
Warning: Modifying the country code will clear channel, power and antenna gain c
onfigurations of the radio and reset the AP. Continue?[Y/N]:y
Error: The binding profile does not exist.
[AC6605-wlan-ap-group-bangong]regulatory-domain-profile hhh
Warning: Modifying the country code will clear channel, power and antenna gain c
onfigurations of the radio and reset the AP. Continue?[Y/N]:y
[AC6605-wlan-ap-group-bangong]q
[AC6605-wlan-view]ap-group name xuexi
[AC6605-wlan-ap-group-xuexi]regulatory-domain-profile hhh
Warning: Modifying the country code will clear channel, power and antenna gain c
onfigurations of the radio and reset the AP. Continue?[Y/N]:y
[AC6605-wlan-ap-group-xuexi]q

8.AP组中添加AP设备

AC配置：

[AC6605]wlan
[AC6605-wlan-view]ap-id 1
[AC6605-wlan-ap-1]ap-name bg1
[AC6605-wlan-ap-1]ap-group bangong
[AC6605-wlan-ap-1]q
[AC6605-wlan-view]ap-id 2 
[AC6605-wlan-ap-2]ap-name bg2
[AC6605-wlan-ap-2]ap-group bangong
[AC6605-wlan-ap-2]q
[AC6605-wlan-view]ap-id 3
[AC6605-wlan-ap-3]ap-name xx1
[AC6605-wlan-ap-3]ap-group xuexi
[AC6605-wlan-ap-3]q
[AC6605-wlan-view]ap-id 4
[AC6605-wlan-ap-4]ap-name xx2
[AC6605-wlan-ap-4]ap-group hhh
Warning: This operation may cause AP reset. If the country code changes, it will
 clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.
Error: The AP group does not exist.
[AC6605-wlan-ap-4]ap-group xuexi
Warning: This operation may cause AP reset. If the country code changes, it will
 clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y

验证：

[AC6605-wlan-ap-4]dis ap all
Info: This operation may take a few seconds. Please wait for a moment.done.
Total AP information:
fault: fault           [2]
nor  : normal          [2]
--------------------------------------------------------------------------------
------------
ID   MAC            Name Group   IP              Type            State STA Uptim
e
--------------------------------------------------------------------------------
------------
1    00e0-fc74-68e0 bg1  bangong 192.168.100.250 AP6050DN        nor   0   36S
2    00e0-fc6c-3590 bg2  bangong 192.168.100.252 AP6050DN        nor   0   3S
3    00e0-fc00-2010 xx1  xuexi   -               AP6050DN        fault 0   -
4    00e0-fc5e-3700 xx2  xuexi   -               AP6050DN        fault 0   -
--------------------------------------------------------------------------------
------------
Total: 4

原文地址:https://blog.csdn.net/MyJesus001/article/details/140444150 本文来自互联网用户投稿，该文观点仅代表作者本人，不代表本站立场。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如若转载，请注明出处：https://www.suanlizi.com/kf/1812840050665328640.html 如若内容造成侵权/违法违规/事实不符，请联系《酸梨子》网邮箱：1419361763@qq.com进行投诉反馈，一经查实，立即删除！

阅读全部