H3C-AC间漫游用户接入AP控制配置举例
H3C-AC间漫游用户怎么接入AP控制,接入AP控制配置过程有什么要点,配置命令是什么?下面跟yjbys小编一起来看看吧!
一、组网需求
两个无线控制器 AC 1 和AC 2 通过一个二层交换机连接,两个AC 处于同一个漫游组,客户端先通过AP 1 获取无线服务,然后漫游到与AC 2 相连的AP 2 上。要求客户端通过允许接入的AP 接入无线网络,并保证客户端在漫游后还能获取无线服务。
三、配置步骤
说明:radius服务的配置参考其他,本省略
(1) 配置AC 1
# 配置AP 1。
system-view
[AC1] port-security enable
[AC1] dot1x authentication-method eap
[AC1] interface wlan-ess 1
[AC1-WLAN-ESS1] port-security port-mode userlogin-secure-ext
[AC1-WLAN-ESS1] port-security tx-key-type 11key
[AC1-WLAN-ESS1] undo dot1x multicast-trigger
[AC1-WLAN-ESS1] undo dot1x handshake
[AC1-WLAN-ESS1] quit
[AC1] wlan service-template 1 crypto
[AC1-wlan-st-1] ssid abc
[AC1-wlan-st-1] bind wlan-ess 1
[AC1-wlan-st-1] authentication-method open-system
[AC1-wlan-st-1] cipher-suite ccmp
[AC1-wlan-st-1] security-ie rsn
[AC1-wlan-st-1] service-template enable
[AC1-wlan-st-1] quit
[AC1] wlan ap ap1 model WA2100
[AC1-wlan-ap-ap1] serial-id 210235A045B05B1236548
[AC1-wlan-ap-ap1] radio 1 type dot11g
[AC1-wlan-ap-ap1-radio-1] service-template 1
[AC1-wlan-ap-ap1-radio-1] radio enable
[AC1-wlan-ap-ap1-radio-1] quit
[AC1-wlan-ap-ap1] quit
# 配置AC 1 上的.漫游组,并使能IACTP 服务。
[AC1] wlan mobility-group abc
[AC1-wlan-mg-abc] source ip
[AC1-wlan-mg-abc] member ip
[AC1-wlan-mg-abc] mobility-group enable
[AC1-wlan-mg-abc] return
# 配置AP 组并应用在User Profile 下。
system-view
[AC1] wlan ap-group 1
[AC1-ap-group1] ap ap1 ap2
[AC1-ap-group1] quit
[AC1] user-profile management
[AC1-user-profile-management] wlan permit-ap-group 1
[AC1-user-profile-management] quit
[AC1] user-profile management enable
(2) 配置AC 2
# 配置AP 2。
system-view
[AC2] port-security enable
[AC2] dot1x authentication-method eap
[AC2] interface wlan-ess 1
[AC2-WLAN-ESS1] port-security port-mode userlogin-secure-ext
[AC2-WLAN-ESS1] port-security tx-key-type 11key
[AC2-WLAN-ESS1] undo dot1x multicast-trigger
[AC2-WLAN-ESS1] undo dot1x handshake
[AC2-WLAN-ESS1] quit
[AC2] wlan service-template 1 crypto
[AC2-wlan-st-1] ssid abc
[AC2-wlan-st-1] bind wlan-ess 1
[AC2-wlan-st-1] authentication-method open-system
[AC2-wlan-st-1] cipher-suite ccmp
[AC2-wlan-st-1] security-ie rsn
[AC2-wlan-st-1] service-template enable
[AC2-wlan-st-1] quit
[AC2] wlan ap ap2 model WA2100
[AC2-wlan-ap-ap2] serial-id 210235A22W0076000103
[AC2-wlan-ap-ap2] radio 1 type dot11g
[AC2-wlan-ap-ap2-radio-1] service-template 1
[AC2-wlan-ap-ap2-radio-1] radio enable
[AC2-wlan-ap-ap2-radio-1] quit
[AC2-wlan-ap-ap2] quit
# 配置AC 2 上的漫游组,并使能IACTP 服务。
[AC2] wlan mobility-group abc
[AC2-wlan-mg-abc] source ip
[AC2-wlan-mg-abc] member ip
[AC2-wlan-mg-abc] mobility-group enable
[AC2-wlan-mg-abc] quit
# 配置AP 组并应用在User Profile 下。
[AC2] wlan ap-group 1
[AC2-ap-group1] ap ap1 ap2
[AC2-ap-group1] quit
[AC2] user-profile management
[AC2-user-profile-management] wlan permit-ap-group 1
[AC2-user-profile-management] quit
[AC2] user-profile management enable
(3) 验证结果
AP 1 和AP 2 下的User Profile 均允许接入AP 1,AP 2,客户端漫游成功。
-
H3C云计算售前专家认证简介
H3C云计算售前专家认证是H3C公司推出的针对渠道售前工程师资质评定的能力认证,通过该认证的学员已具备扎实的服务器、存储和云管理平台等云计算产品知识,能够构建云计算的解决方案,对云计算产品技术和行业应用有着深刻理解,能够根据客户的需求和应用场景推荐并配置...
-
H3C FIT AP与AC连接时三种的注册流程
在无线网络实际应用中,存在一种场景,如客户需要覆盖一个校园,而校园的不同区域被划分了不同子网。在这种场景中,AC位于骨干网中,而AP需要分布在不同区域中,即分布在不同子网中。这种场景下,当用户从一个区域漫游到另一个区域时,就是一种三层漫游情况。那么这三层漫游的...
-
2016最新H3C认证体系介绍—H3CIE
H3CIE(H3CCertifiedInternetworkExpert,H3C认证互联网络专家)是H3C公司在网络技术领域的顶级专家认证,同时H3CIE也不是一个基于培训的认证。H3CIE认证的目标人群是在网络技术领域有长期的实践经验,熟悉网络设备产品和相关技术理论的网络工程技术人员,网络设计者和...
-
H3C认证网络排错专家
H3CTE(H3CCertifiedTroubleshootingExpert,H3C认证网络排错专家)。H3CTE认证不仅将帮助您掌握大中型数据网络中常用网络技术知识和H3C网络产品的性能,还将让您具备熟练操作H3C公司各种网络产品、完成大中型企业网和园区网络各种配置维护操作的能力,并能够进行网络...