2023年12月25日发(作者:)
温州网新图灵数码科技有限公司 林初光
AC6005内置portal服务器配置
设备配置
网络配置,vlanif 88 管理 AP Vlanif 100 为业务vlan 为终端分配地址
开启DHCP
[AC6005]dhcp enable
Info: The operation may take a few seconds. Please wait for a .
创建VLAN 88
和100
[AC6005]vlan batch 88 100
Info: This operation may take a few seconds. Please wait for done.
配置与上行设备通信接口的地址
[AC6005]int Vlanif 1
[AC6005-Vlanif1]ip address 192.168.1.254 255.255.255.0
[AC6005-Vlanif1]dhcp select interface
[AC6005-Vlanif1]dhcp server dns-list 61.153.177.196
配置VLAN 88和100的网关
[AC6005]int vlan 88
[AC6005-Vlanif88]ip address 192.168.88.1 255.255.255.0
[AC6005-Vlanif88]dhcp select interface
[AC6005]int vlan 100
[AC6005-Vlanif100]ip address 192.168.100.1 255.255.255.0
[AC6005-Vlanif100]dhcp select interface
温州网新图灵数码科技有限公司 林初光
[AC6005-Vlanif100]dhcp server dns-list 61.153.177.196
配置AC与AP相连的端口
[AC6005]int g0/0/8
[AC6005-GigabitEthernet0/0/8]port link-type trunk
[AC6005-GigabitEthernet0/0/8]port trunk pvid vlan 88
[AC6005-GigabitEthernet0/0/8]undo port trunk allow-pass vlan 1
[AC6005-GigabitEthernet0/0/8]port trunk allow-pass vlan 88 100
[AC6005]int g0/0/7
[AC6005-GigabitEthernet0/0/7]port link-type a
[AC6005-GigabitEthernet0/0/7]port link-type access
[AC6005-GigabitEthernet0/0/7]port default vlan 100
[AC6005]ip route-static 0.0.0.0 0.0.0.0 192.168.1.1
创建登录用户
[AC6005]aaa
[AC6005-aaa]local-user huawei password cipher huawei123
Info: Add a new user.
创建登录用户最大连接数
[AC6005-aaa]local-user huawei access-limit 5
开启portal的web访问认证功,配置内置portal
的SSL策略和端口号(443已经被web端口启用,不可用)
[AC6005]portal local-server ip 192.168.100.1
[AC6005]portal local-server https ssl-policy default_policy port 2000
Info: Load web file successfully.
配置免认证规则
[AC6005]portal free-rule 0 destination ip 61.153.177.196 mask 255.255.255.255
Info: This free rule configured successfully, only <0-63> can be commit to AP.
配置wlan-ess接口,在接口调用内置portal与允许的认证域
[AC6005]interface Wlan-Ess 1
[AC6005-Wlan-Ess1]port hybrid pvid vlan 100
[AC6005-Wlan-Ess1]port hybrid untagged vlan 100
[AC6005-Wlan-Ess1]portal local-server enable
[AC6005-Wlan-Ess1]permit-domain name default
配置AC与AP之间的隧道通信
[AC6005]wlan
[AC6005-wlan-view]wlan ac source interface Vlanif 88
配置AP的认证方式为免认证
[AC6005-wlan-view]ap-auth-mode no-auth
查看AP
[AC6005-wlan-view]dis ap all
All AP information(Normal-1,UnNormal-0):
------------------------------------------------------------------------------
AP AP AP Profile AP AP
/Region
ID Type MAC ID State Sysname
温州网新图灵数码科技有限公司 林初光
------------------------------------------------------------------------------
0 AP6310SN-GN 4862-7602-35d0 0/0 normal ap-0
------------------------------------------------------------------------------
Total number: 1
配置名为wmm1的wmm模板,参数采用默认
[AC6005-wlan-view]wmm-profile name wmm1 id 1
配置名为radio1的radio模板,参数采用默认,调用wmm模板
[AC6005-wlan-view]radio-profile name radio1 id 1、
[AC6005-wlan-radio-prof-radio1]wmm-profile id 1
配置名为traffic1
的traffic模板,参数采用默认
[AC6005-wlan-view]traffic-profile name traffic1 id 1
配置名为security1的安全模板,认证方式为WEP认证,开放认证,不加密
[AC6005-wlan-view]security-profile name scurity1 id 1
创建名为service的服务集,并绑定流量模板和安全模板,wlan-ess
接口
[AC6005-wlan-view]service-set name service1 id 1
[AC6005-wlan-service-set-service1]wlan-ess 1
[AC6005-wlan-service-set-service1]ssid
[AC6005-wlan-service-set-service1]traffic-profile id 1
[AC6005-wlan-service-set-service1]security-profile id 1
[AC6005-wlan-service-set-service1]service-vlan 100
Info: This action may cause service interruption if you don't execute commit command.
配置AP对应的VAP,下发Wlan服务,
[AC6005-wlan-view]ap 0 radio 0
[AC6005-wlan-radio-0/0]radio-profile id 1
Warning: Modify the Radio type may cause some parameters of Radio resume default value, are you sure to
continue?[Y/N]:y
[AC6005-wlan-radio-0/0]service-set id 1 wlan 1
下发AP的WLAN配置
[AC6005-wlan-view]commit all
Warning: Committing configuration may cause service interruption,continue?[Y/N]y
温州网新图灵数码科技有限公司 林初光
搜索SSID
测试成功
温州网新图灵数码科技有限公司 林初光
发布评论