第1页 / 共15页
第2页 / 共15页
第3页 / 共15页
第4页 / 共15页
第5页 / 共15页
第6页 / 共15页
第7页 / 共15页
第8页 / 共15页
第9页 / 共15页
第10页 / 共15页
AP做出口上网设备注意事项:不是所有AP都有NAT的功能,需要确认是否支持NAT组网描述:外网(拨号)AP无线终端(配置步骤:1. 登录设备地 址:用户名:admin密 码:h3capadmin2. 新建无线网段vlan2网络vlan,新建3. 新建interface vlan 2,地址192.168.10.1设备端口管理,新建4. 创建dhcp服务器,为无线终端分配地址网络DHCP,运营商给了DNS地址就填写运营商给的DNS,没给就填写网关5. 配置上网,以拨号为例(静态ip直接修改interface vlan 1地址即可)网络PPPoE6. 创建aclQoSACL IPv47. 配置NAT,以拨号为例(静态ip接口选择vlan-interface1,其他不变)8. 配置默认路由,以拨号为例(静态ip下一跳输入外网网关即可)9. 创建无线服务,其所属vlan修改为2无线服务接入服务10. 配置完成后不要忘记保存配置完成后,无线终端通过ssid 123连接并获得192.168.10.0网段地址上网命令行信息:dis cu# version 5.20, Release 1508# sysname WAP722E# domain default enable system# telnet server enable# port-security enable# password-recovery enable# undo attack-defense tcp fragment enable#acl number 2000 rule 0 permit#vlan 1#vlan 2#domain system access-limit disable state active idle-cut disable self-service-url disable#dhcp server ip-pool vlan2 network mask gateway-list dns-list expired day 0 hour 2#user-group system group-attribute allow-guest#local-user admin password cipher $c$3$jvHusdA/+2jovz+k0/tBMlWA+oeoRoUCoxGYKJo= authorization-attribute level 3 service-type telnet service-type web#wlan rrm dot11a mandatory-rate 6 12 24 dot11a supported-rate 9 18 36 48 54 dot11b mandatory-rate 1 2 dot11b supported-rate 5.5 11 dot11g mandatory-rate 1 2 5.5 11 dot11g supported-rate 6 9 12 18 24 36 48 54#wlan service-template 1 clear ssid H3C service-template enable#wlan service-template 2 crypto ssid 123 cipher-suite ccmp security-ie rsn service-template enable#cwmp undo cwmp enable#interface Dialer10 nat outbound 2000 link-protocol ppp ppp chap user 123 ppp chap password cipher $c$3$gj+V0+H4CkHE6N7cXOi3Il67a1CL5Q= ppp pap local-user 123 password cipher $c$3$4OwWg8nN4s0B8kG11cbg30MOnycEwA= ppp ipcp dns request ip address ppp-negotiate dialer user pppoeclient dialer-group 10 dialer bundle 10#interface NULL0#interface Vlan-interface1 pppoe-client dial-bundle-number 10 ip address Vlan-interface2 ip address GigabitEthernet1/0/1#interface GigabitEthernet1/0/2#interface WLAN-BSS32 port link-type hybrid port hybrid vlan 1 untagged#interface WLAN-BSS33 port link-type hybrid port hybrid vlan 1 untagged#interface WLAN-BSS34 port link-type hybrid port hybrid vlan 1 to 2 untagged port hybrid pvid vlan 2 port-security port-mode psk port-security tx-key-type 11key port-security preshared-key pass-phrase cipher $c$3$XoS+0NX77ZaNCdol742GHh9EuwtRdxRqgxdt#interface WLAN-BSS35 port link-type hybrid port hybrid vlan 1 to 2 untagged port hybrid pvid vlan 2 port-security port-mode psk port-security tx-key-type 11key port-security preshared-key pass-phrase cipher $c$3$XoS+0NX77ZaNCdol742GHh9EuwtRdxRqgxdt#interface WLAN-Radio1/0/1 service-template 2 interface wlan-bss 34#interface WLAN-Radio1/0/2 service-template 1 interface wlan-bss 33 service-template 2 interface wlan-bss 35# ip route-static Dialer10# dhcp enable# dialer-rule 10 ip permit# arp-snooping enable# load xml-configuration# load tr069-configuration#user-interface con 0user-interface vty 0 4 authentication-mode scheme#return
收藏 下载该资源
经营许可证:蜀ICP备13022795号 | 川公网安备 51140202000112号