1. 程式人生 > >華為AC6005做Mesh組網

華為AC6005做Mesh組網


1、基礎配置

system-view
vlan 10
description AP-Management-vlan
vlan 100
description service-vlan
quit
dhcp enable
int vlan 10
ip add 192.168.10.1 24
dhcp select interface
dhcp server excluded-ip-address 192.168.10.1 192.168.10.10
int vlan 100
description service
ip add 192.168.100.1 22
dhcp select interface
dhcp server excluded-ip-address 192.168.100.1 192.168.100.10
dhcp server dns-list 202.106.0.20 114.114.114.114
quit
capwap source interface Vlanif 10 #配置AC的源介面
ip route-static 0.0.0.0 0 192.168.10.2 description route-to-Core-SW

interface g0/0/1
description link-to-A-building-1F-3Room-AP
port link-type trunk
port trunk pvid vlan 10
port trunk allow-pass vlan 10 100
quit

2、無線部分
wlan
ap auth-mode no-auth #新增AP方式不認證

ap auth-mode mac-auth #新增AP方式MAC認證方式

regulatory-domain-profile name domain #建立域管理模板
country-code CN #配置AC的國家碼
quit
security-profile name security #建立安全模板
security open #安全為開放
quit
security-profile name security1 #配置Mesh鏈路使用的安全模板
security wpa2 psk pass-phrase e123qwer aes
quit

ssid-profile name ssid  #建立SSID模板
ssid Free-WIFI #SSID名稱為Free-WIFI
quit
vap-profile name vap #建立VAP模板
ssid-profile ssid #引用SSID模板
security-profile security #引用安全模板
service-vlan vlan-id 100 #引用業務vlan
forward-mode tunnel #轉發模式為隧道模式
quit

3、MESH部分配置
mesh-profile name mesh-profile           
security-profile security1
mesh-id mesh-net
quit
ap-system-profile name ap-system
mesh-role mesh-portal
quit
ap-group name service-group
ap-system-profile ap-system
y

mesh-whitelist-profile name mesh-whitelist
peer-ap mac 00e0-fc20-4320
peer-ap mac 00e0-fc04-4a50
quit
wired-port-profile name wired-port
vlan tagged 10 100
quit
ap-group name service-group
regulatory-domain-profile domain
y

vap-profile vap wlan 2 radio 1
quit   
ap-id 0
ap-group service-group
y

ap-group name mp-group
regulatory-domain-profile domain
y

vap-profile vap wlan 2 radio 1
quit
ap-id 1
ap-group mp-group
y

quit
ap-group name mp-group
radio 1
channel 20 157
y

mesh-whitelist-profile mesh-whitelist
quit
wired-port-profile wired-port gigabitethernet 0
quit

ap-group name service-group
radio 1
channel 20 157
y

mesh-whitelist-profile mesh-whitelist
quit
wired-port-profile wired-port gigabitethernet 0