![图片[1]-第16章 WLAN-大赛人网](https://www.dsrw.com/wp-content/uploads/2023/03/图片54-1-1024x526.png)
![图片[2]-第16章 WLAN-大赛人网](https://www.dsrw.com/wp-content/uploads/2023/03/图片55-1-1024x816.png)
![图片[3]-第16章 WLAN-大赛人网](https://www.dsrw.com/wp-content/uploads/2023/03/图片56-1-1024x802.png)
16.1 WLAN VRRP
1.配置规划
AP管理VLAN :VLAN10
STA业务VLAN:VLAN11
DHCP服务器:SW1作为DHCP服务器为AP分配IP地址
SW1作为DHCP服务器为STA分配IP地址
AP的IP地址池:192.168.10.0/24
STA的IP地址池:192.168.11.0/24
AC的源接口IP地址:192.168.100.254/24(VRRP虚拟地址)
AP组:名称:dsrw,引用模板:VAP模板dsrw
域管理模板:名称:default,国家码:中国(CN)
SSID模板:名称:dsrw,SSID名称:HSB
安全模板:名称:dsrw,安全策略:WPA2+PSK+AES,密码:dsrw.com
VAP模板:名称:dsrw,转发模式:直连模式,业务VLAN:VLAN11,引用模板:SSID模板dsrw,安全模板:dsrw
VRRP备份组:VRRP组号:1,虚拟IP地址:192.168.100.254/24
HSB:AC1的主备通道IP地址和端口号:192.168.100.1/24
,10241
AC2的主备通道IP地址和端口号:192.168.100.2/24
,102412.有线侧网络配置
1)SW1配置VLAN,管理VLAN10、业务VLAN11,并将接口划分到对应的VLAN,SW1连接AP的接口PVID设置为VLAN10,连接AC的接口设置为VLAN100
[SW1]interface GigabitEthernet 0/0/23
[SW1-GigabitEthernet0/0/23]port link-type trunk
[SW1-GigabitEthernet0/0/23]port trunk allow-pass vlan 100
[SW1]interface GigabitEthernet 0/0/24
[SW1-GigabitEthernet0/0/24]port link-type trunk
[SW1-GigabitEthernet0/0/24]port trunk allow-pass vlan 100
[SW1]interface GigabitEthernet 0/0/21
[SW1-GigabitEthernet0/0/21]port link-type trunk
[SW1-GigabitEthernet0/0/21]port trunk pvid vlan 10
[SW1-GigabitEthernet0/0/21]port trunk allow-pass vlan 10 11
[SW1]interface GigabitEthernet 0/0/22
[SW1-GigabitEthernet0/0/22]port link-type trunk
[SW1-GigabitEthernet0/0/22]port trunk pvid vlan 10
[SW1-GigabitEthernet0/0/22]port trunk allow-pass vlan 10 112)AC1配置VLAN,并将接口划分到对应的VLAN
[AC1]vlan batch 100
[AC1]interface GigabitEthernet 0/0/23
[AC1-GigabitEthernet0/0/23]port link-type trunk
[AC1-GigabitEthernet0/0/23]port trunk allow-pass vlan 1003)AC2配置VLAN,并将接口划分到对应的VLAN
[AC2]vlan batch 100
[AC2]interface GigabitEthernet 0/0/24
[AC2-GigabitEthernet0/0/24]port link-type trunk
[AC2-GigabitEthernet0/0/24]port trunk allow-pass vlan 1005)SW1创建VLANIF,VLANIF10作为AP1、AP2的管理VLAN网关,VLANIF11作为AP1、AP2下终端业务VLAN的网关,VLANIF100用于和AC1、AC2进行三层通信
[SW1]interface Vlanif 10
[SW1-Vlanif10]ip address 192.168.10.1 24
[SW1]interface Vlanif 11
[SW1-Vlanif11]ip address 192.168.11.1 24
[SW1]interface Vlanif 100
[SW1-Vlanif100]ip address 192.168.100.3 245)AC1创建VLANIF,AC1的VLANIF100作为CAPWAP通信接口(不是CAPWAP源接口)
[AC1]interface Vlanif 100
[AC1-Vlanif100]IP address 192.168.100.1 246)AC2创建VLANIF,AC2的VLANIF100作为CAPWAP通信接口(不是CAPWAP源接口)
[AC2]interface Vlanif 100
[AC2-Vlanif100]IP address 192.168.100.2 247)在AC1、AC2上配置前往AP管理网段的路由,AC和获取到管理网段地址的AP进行CAPWAP通信,在AC上手动配置静态路由
[AC1]ip route-static 192.168.10.0 24 192.168.100.3
[AC2]ip route-static 192.168.10.0 24 192.168.100.38)在S3上配置DHCP服务
[SW1]dhcp enable
[SW1]ip pool ap
[SW1-ip-pool-ap]network 192.168.10.0 mask 24
[SW1-ip-pool-ap]gateway-list 192.168.10.1
[SW1-ip-pool-ap]option 43 sub-option 3 ascii 192.168.100.254
//地址池ap为AP分配管理地址,携带Option43指定AC地址,该处地址为VRRP虚拟IP
[SW1]ip pool service
[SW1-ip-pool-service]network 192.168.11.0 mask 24
[SW1-ip-pool-service]gateway-list 192.168.11.1
[SW1-ip-pool-service]dns-list 192.168.11.1
//地址池server为AP的无线终端分配地址,所有地址池的网关都设为SW1的VLANIF接口地址
[SW1]interface Vlanif 10
[SW1-Vlanif10]dhcp select global
[SW1]interface Vlanif 11
[SW1-Vlanif11]dhcp select global
//VLANIF下选择全局地址池1 2
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容