CISCO控制器无线AP配置方法
合集下载
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
▪ Mobility/RF Group Name: demo
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
10
系统启动界面(续)
▪ Enable Symmetric Mobility Tunneling [yes][NO]: yes
2
PS准irz备ees工e3n0作tPaTtion Title Option 2: Live
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
3
基本设备
▪ 控制器 4400或者2100系列 ▪ AP:1130或者1240系列 ▪ 交换机: 最好是3560 POE交换机
▪ AP Manager Interface IP Address: 192.168.10.2 ▪ AP-Manager is on Management subnet, using same values ▪ AP Manager Interface DHCP Server (192.168.10.254): ▪ Virtual Gateway IP Address: 1.1.1.1
▪ Would you like to terminate autoinstall? [yes]:
▪ System Name [Cisco_51:2b:60] (31 characters max): 2106-demo ▪ AUTO-INSTALL: process terminated -- no configuration loaded
▪ 配置任务
1. 思科CSSC无线客户端的安装和简单配置 2. 构建一个OPEN和一个WEP的无线网络 3. 构建一个简单WEB认证的无线网络 4. 构建一个支持本地EAP认证的无线网络 5. 构建一个用ACS做AAA认证的无线网络
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
▪ Enter Administrative User Name (24 characters max): cisco
▪ Enter Administrative Password (24 characters max): cisco
▪ Re-enter Administrative Password
SSID:VLAN20
SSC
TRUNK
fa0/1
Si
port 1
VLAN1/20/30/40 WLC
说明:
1、VLAN1用于连接控制器、AP和 ACS; 2、VLAN20用于WPA/WPA2认证,认 证服务器用ACS。 3、VLAN30用作OPEN/WEP/GUEST 客户接入
3、VLAN40用作WPA/WPA2认证,认 SSID:VLAN30 证用本地EAP
▪ 型号 4402
支持 12, 25, 和50 AP
▪ 型号 4404
支持100 APs
6
准备工作
▪ 网线和Console线。如果是4400,需要两头是DB9接口的线,如果 是2106或者ISR,需要DB9+RJ45的线
▪ 如果是4400,需要GLC光纤模块和光纤 ▪ 确认控制器版本是否需要升级 (用命令show sysinfo查看系统版本) ▪ 是否需要将胖AP升级到瘦AP
▪ Network Name (SSID): open ▪ Allow Static IP Addresses [YES][no]:
▪ Configure a RADIUS Server now? [YES][no]: no ▪ Warning! The default WLAN security policy requires a RADIUS server. ▪ Please see documentation for more details.
The controller boot sequence will always have these option available since this is set in PROM to ensure controller recovery options
9
系统启动界面和配置 (OS 5.1)
▪ Enter Country Code list (enter 'help' for a list of countries) [US]: CN
▪ Enable 802.11b Network [YES][no]: ▪ Enable 802.11a Network [YES][no]: ▪ Enable 802.11g Network [YES][no]: ▪ Enable Auto-RF [YES][no]:
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
4
2100系列无线控制器
▪ 支持802.11a/b/g/n ▪ 支持PCI认证 ▪ WLC2100 硬件
8个FE口, 2个上联口,6个下联口 其中2个FE口有以太网供电
无线控制器配置基础
2014年6月3日
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
1
基本配置任务及过程
▪ 准备工作
1. 控制器启动配置和升级控制器软件版本 2. 熟悉控制器配置界面 3. 连接AP到控制器上
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
12
配置WEB访问
1、使用直通网线,连接交换机的trunk接口到控制器端口1 2、配置PC机的IP地址 192.168.10.100/24或者DHCP,网关192.168.10.254 3、测试PC能否Ping 通Controller的地址:192.168.10.1 3、用https://192.168.10.1访问控制器,如果要开启http访问,需要在系统里打开。
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
非常重要, Controller的 wireless的 domain要和AP 一致。
11
配置3层交换机
▪ p dhcp excluded-address 192.168.10.1 ▪ ip dhcp excluded-address 192.168.10.254 ▪ ip dhcp excluded-address 192.168.10.2 ▪! ▪ ip dhcp pool AP ▪ network 192.168.10.0 255.255.255.0 ▪ default-router 192.168.10.254 ▪! ▪ interface FastEthernet0/1 ▪ switchport trunk encapsulation dot1q ▪ switchport mode trunk ▪ …… ▪ interface Vlan1 ▪ ip address 192.168.10.254 255.255.255.0 ▪! ▪ interface Vlan20 ▪ ip address 192.168.20.254 255.255.255.0 ▪! ▪ interface Vlan30 ▪ ip address 192.168.30.254 255.255.255.0 ▪! ▪ interface Vlan40 ▪ ip address 192.168.40.254 255.255.255.0 ▪ …… ▪ line vty 0 4 ▪ privilege level 15 ▪ password cisco ▪ login
▪ Configure a NTP server now? [YES][no]: no ▪ Configure the system time now? [YES][no]: ▪ Enter the date in MM/DD/YY format: 09/28/08 ▪ Enter the time in HH:MM:SS format: 17:11:00
$18,890 $10,070
$4,875
5
4400系列无线控制器
▪ 1 RU 高度
2口 或者 4口千兆上联
▪ 支持 12, 25, 50 or 100 AP ▪ 支持 5000 MAC地址转发表 ▪ 10/100Base-TX 以太网 Service Port ▪ 9 pin 串口Console口 ▪ 2 扩展槽和1个utility port目前未使用 ▪ 2 热插拔电源模块插槽
▪ Configuration correct? If yes, system will save it and reset. [yes][NO]: yes
▪ Configuration saved! ▪ Resetting system with new configuration...
Presentation_ID
: cisco
▪ Management Interface IP Address: 192.168.10.1 ▪ Management Interface Netmask: 255.255.255.0 ▪ Management Interface Default Router: 192.168.10.254 ▪ Management Interface VLAN Identifier (0 = untagged): ▪ Management Interface Port Num [1 to 8]: 1 ▪ Management Interface DHCP Server IP Address: 192.168.10.254
*不能通过软件升级AP容量 *4400系列使用SFP光纤模块 *4400系列每port支持50个AP
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
44xx WLAN Controller
SSC
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
所有3层网关设置在3层交换机上,地址254 8
启动选项
按5清空配置
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
▪ 未使用端口
2个USB端口和一个扩展槽留作 将来扩展用
AIR-WLC2125-K9 AIR-WLC2112-K9 AIR-WLC2106-K9
2100 Series WLAN Controller for up to 25 Lightweight APs 2100 Series WLAN Controller for up to 12 Lightweight APs 2100 Series WLAN Controller for up to 6 Lightweight APs
*2106和2006不能作为guest access的anchor controller *不支持Link Aggregation *不能通过软件升级AP容量
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
1200/1100/1300需要upgrade tool做升级,1250不需要工具,直接在图 形化界面上升级
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential
7
实验拓扑示例
VLAN1
PC//AAA服务器