当前位置:首页 > 华为AC6005内置portal服务 配置指南
温州网新图灵数码科技有限公司 林初光
AC6005内置portal服务器配置
设备配置
网络配置,vlanif 88 管理 AP Vlanif 100 为业务vlan 为终端分配地址
开启DHCP
[AC6005]dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.
创建VLAN 88 和100
[AC6005]vlan batch 88 100
Info: This operation may take a few seconds. Please wait for a moment...done.
配置与上行设备通信接口的地址
[AC6005]int Vlanif 1
[AC6005-Vlanif1]ip address 192.168.1.254 255.255.255.0 [AC6005-Vlanif1]dhcp select interface
[AC6005-Vlanif1]dhcp server dns-list 61.153.177.196
配置VLAN 88和100的网关
[AC6005]int vlan 88
[AC6005-Vlanif88]ip address 192.168.88.1 255.255.255.0 [AC6005-Vlanif88]dhcp select interface [AC6005]int vlan 100
[AC6005-Vlanif100]ip address 192.168.100.1 255.255.255.0 [AC6005-Vlanif100]dhcp select interface
温州网新图灵数码科技有限公司 林初光
[AC6005-Vlanif100]dhcp server dns-list 61.153.177.196
配置AC与AP相连的端口
[AC6005]int g0/0/8
[AC6005-GigabitEthernet0/0/8]port link-type trunk [AC6005-GigabitEthernet0/0/8]port trunk pvid vlan 88
[AC6005-GigabitEthernet0/0/8]undo port trunk allow-pass vlan 1 [AC6005-GigabitEthernet0/0/8]port trunk allow-pass vlan 88 100 [AC6005]int g0/0/7
[AC6005-GigabitEthernet0/0/7]port link-type a [AC6005-GigabitEthernet0/0/7]port link-type access [AC6005-GigabitEthernet0/0/7]port default vlan 100 [AC6005]ip route-static 0.0.0.0 0.0.0.0 192.168.1.1
创建登录用户
[AC6005]aaa
[AC6005-aaa]local-user huawei password cipher huawei123 Info: Add a new user.
创建登录用户最大连接数
[AC6005-aaa]local-user huawei access-limit 5
开启portal的web访问认证功,配置内置portal 的SSL策略和端口号(443已经被web端口启用,不可用)
[AC6005]portal local-server ip 192.168.100.1
[AC6005]portal local-server https ssl-policy default_policy port 2000 Info: Load web file successfully.
配置免认证规则
[AC6005]portal free-rule 0 destination ip 61.153.177.196 mask 255.255.255.255 Info: This free rule configured successfully, only <0-63> can be commit to AP.
配置wlan-ess接口,在接口调用内置portal与允许的认证域
[AC6005]interface Wlan-Ess 1
[AC6005-Wlan-Ess1]port hybrid pvid vlan 100 [AC6005-Wlan-Ess1]port hybrid untagged vlan 100 [AC6005-Wlan-Ess1]portal local-server enable [AC6005-Wlan-Ess1]permit-domain name default
配置AC与AP之间的隧道通信
[AC6005]wlan
[AC6005-wlan-view]wlan ac source interface Vlanif 88
配置AP的认证方式为免认证
[AC6005-wlan-view]ap-auth-mode no-auth
查看AP
[AC6005-wlan-view]dis ap all
All AP information(Normal-1,UnNormal-0):
------------------------------------------------------------------------------ AP AP AP Profile AP AP /Region
ID Type MAC ID State Sysname
温州网新图灵数码科技有限公司 林初光
------------------------------------------------------------------------------ 0 AP6310SN-GN 4862-7602-35d0 0/0 normal ap-0 ------------------------------------------------------------------------------ Total number: 1
配置名为wmm1的wmm模板,参数采用默认
[AC6005-wlan-view]wmm-profile name wmm1 id 1
配置名为radio1的radio模板,参数采用默认,调用wmm模板
[AC6005-wlan-view]radio-profile name radio1 id 1、 [AC6005-wlan-radio-prof-radio1]wmm-profile id 1
配置名为traffic1 的traffic模板,参数采用默认
[AC6005-wlan-view]traffic-profile name traffic1 id 1
配置名为security1的安全模板,认证方式为WEP认证,开放认证,不加密
[AC6005-wlan-view]security-profile name scurity1 id 1
创建名为service的服务集,并绑定流量模板和安全模板,wlan-ess 接口
[AC6005-wlan-view]service-set name service1 id 1 [AC6005-wlan-service-set-service1]wlan-ess 1 [AC6005-wlan-service-set-service1]ssid tuling.com [AC6005-wlan-service-set-service1]traffic-profile id 1 [AC6005-wlan-service-set-service1]security-profile id 1 [AC6005-wlan-service-set-service1]service-vlan 100
Info: This action may cause service interruption if you don't execute commit command.
配置AP对应的VAP,下发Wlan服务,
[AC6005-wlan-view]ap 0 radio 0
[AC6005-wlan-radio-0/0]radio-profile id 1
Warning: Modify the Radio type may cause some parameters of Radio resume default value, are you sure to continue?[Y/N]:y
[AC6005-wlan-radio-0/0]service-set id 1 wlan 1
下发AP的WLAN配置
[AC6005-wlan-view]commit all
Warning: Committing configuration may cause service interruption,continue?[Y/N]y
温州网新图灵数码科技有限公司 林初光
搜索SSID 测试成功
温州网新图灵数码科技有限公司 林初光
本文作者:...共分享92篇相关文档
