H3C无线路由器配置样例之带认证接入
<div>1、基础配置见不带认证接入</div><div>2、开启认证开关和认证方式</div><div><div>wlan service-template 1 cry</div><div>authentication-method open-system</div></div><div>service-template enable</div><div><p style="margin-left: 0px"><font face="FMFHGA+SimSun"> <font style="font-size: 9pt;"> 缺省情况下,使用 </font> </font><font face="Helvetica Bold"> <font style="font-size: 9pt;">open-system </font> </font><font face="FMFHGA+SimSun"> <font style="font-size: 9pt;">认证<br>方式 </font></font><font face="FMFHGA+SimSun"><font style="font-size: 9pt;">需要注意的是: </font> </font><font face="Helvetica"> <font style="font-size: 9pt;"> </font> </font><font face="FMCKCL+Wingdings-Regular"> <font style="font-size: 9pt;"></font><font style="font-size: 6pt;"> <br></font> </font><font face="Helvetica"> <font style="font-size: 6pt;"> </font> </font><font face="FMFHBB+KaiTi_GB2312"> <font style="font-size: 6pt;"></font><font style="font-size: 9pt;">只有在使用 </font> </font><font face="Helvetica"> <font style="font-size: 9pt;">WEP </font> </font><font face="FMFHBB+KaiTi_GB2312"> <font style="font-size: 9pt;">加密时才可选用 </font></font><font face="Helvetica Bold"><font style="font-size: 9pt;">shared-key </font> </font><font face="FMFHBB+KaiTi_GB2312"> <font style="font-size: 9pt;">认证机制, 此时必须配</font></font><font><span class="Apple-style-span" style="font-size: 9pt; ">置命令 </span></font> <font face="Helvetica Bold"> <font style="font-size: 9pt;">authentication-method </font></font><span class="Apple-style-span" style="font-family: 'Helvetica Bold'; font-size: 12px; ">shared-key </span></p><p style="margin-left: 14px"> <font face="Helvetica"> <font style="font-size: 6pt;"> </font> </font><font face="FMFHBB+KaiTi_GB2312"> <font style="font-size: 6pt;"></font><font style="font-size: 9pt;">对于 </font> </font><font face="Helvetica"> <font style="font-size: 9pt;">RSN </font> </font><font face="FMFHBB+KaiTi_GB2312"> <font style="font-size: 9pt;">和 </font> </font><font face="Helvetica"> <font style="font-size: 9pt;">WPA </font> </font><font face="FMFHBB+KaiTi_GB2312"> <font style="font-size: 9pt;"> ,开放系统认证<br>方式要求必须配置,共享密钥认证<br>方式不作要求 </font> </font><font face="Helvetica"> <font style="font-size: 9pt;"> </font> </font></p></div><div>3、配置WPA</div><div>开启WPA</div><div>security-ie wpa</div><div>4、配置TKIP和ccmp加密套件</div><div><div>cipher-suite tkip</div><div>cipher-suite cc</div><div>cipher-suite ccmp</div></div><div>5、配置端口相关</div><div><p style="margin-left: 0px"><font face="FMFHGA+SimSun"> <font style="font-size: 11pt;"> 在配置端口安全之前,完成了以下任务: </font> </font><font face="Helvetica"> <font style="font-size: 11pt;"><br> </font> </font></p><p style="margin-left: 0px"><font face="Helvetica"> <font style="font-size: 11pt;"> (1)</font> </font><font face="FMFHGA+SimSun"> <font style="font-size: 11pt;">创建无线端口 </font></font><font face="Helvetica"><font style="font-size: 11pt;"><span class="Apple-style-span" style="font-family: Courier; font-size: 12px; "> interface wlan-bss 0</span></font></font></p><p style="margin-left: 0px"><font face="Helvetica"><font style="font-size: 11pt;"><font face="Courier"> </font></font></font></p><font face="Helvetica"><font style="font-size: 11pt;">(2)</font> </font><font face="FMFHGA+SimSun"> <font style="font-size: 11pt;">全局使能端口安全 </font></font><font face="Helvetica"><font style="font-size: 11pt;"></font></font><span class="Apple-style-span" style="font-family: Courier; font-size: 12px; "> port-security enable</span><p></p><p style="margin-left: 0px"><font face="Courier"><font style="font-size: 9pt;"> </font></font>5.1配置PSK认证</p></div><div>port-security tx-key-type 11key 开启密钥协商功能;</div><div>port-security preshared-key pass-phrase mis 配置共享密钥</div><div>port-security port-mode psk 配置端口安全模式</div><div><br></div><div>6、<span class="Apple-style-span" style="font-family: 'Helvetica Bold'; font-size: 12px; "><font face="FMFHGA+SimSun"><font style="font-size: 11pt;"> 将 </font> </font></span><span class="Apple-style-span" style="font-family: 'Helvetica Bold'; font-size: 12px; "><font face="Helvetica"> <font style="font-size: 11pt;">WLAN-BSS </font> </font></span><span class="Apple-style-span" style="font-family: 'Helvetica Bold'; font-size: 12px; "><font face="FMFHGA+SimSun"> <font style="font-size: 11pt;">接口与服务模板绑定。 这里没有做,无线客户端找补到</font></font></span></div><div><span class="Apple-style-span" style="font-family: 'Helvetica Bold'; font-size: 12px; "><font face="FMFHGA+SimSun"><font style="font-size: 11pt;"><div>int WLAN-Radio 2/0</div><div>radi</div><div>radio-type dot11</div><div>radio-type dot11b</div><div>radio-type dot11g</div><div>ser</div><div>service-template 1 int wlan-bss0</div></font></font></span></div><div><br></div><div>配置完成,检查:</div><div><div><Navigator>dis wlan client</div><div> Total Number of Clients : 1</div><div> Total Number of Clients Connected : 1</div><div> Client Information</div><div>-------------------------------------------------------------------</div><div> MAC Address BSSID AID State PS Mo</div><div>-------------------------------------------------------------------</div><div> 0013-cea9-9691 000f-e2bf-6b60 1 Running Activ</div></div><div><div><Navigator>dis port-security preshared-key user</div><div> Index Mac-Address VlanID Interface</div><div> -------------------------------------------------------</div><div> 0 0013-cea9-9691 1 WLAN-BSS0</div></div><div><br></div><div>特别说明带DHCP分配的配置:</div><div>1、全局启用DHCP功能;</div><div>dhcp en</div><div>2、配置DHCP服务器(本路由器作为服务器)</div><div><div>#</div><div>dhcp server ip-pool vlan1h3c extended</div><div> network ip range 192.168.192.100 192.168.192.199</div><div> network mask 255.255.255.0</div><div> gateway-list 192.168.192.254</div><div> dns-list 8.8.8.8</div><div>#</div></div><div>3、在INTERFACE VLAN 1接口中应用地址池vlan1h3c</div><div><div>interface Vlan-interface1</div><div> ip address 192.168.192.254 255.255.255.0</div><div> dhcp server apply ip-pool vlan1h3c</div><div>#</div></div><div>4、查看</div><div><div>dis dhcp server ip all</div><div>Global pool:</div><div> IP address Client-identifier/ Lease expiration Type</div><div> Hardware address</div><div> 192.168.192.100 0013-cea9-9691 Jan 2 2007 04:11:15 Auto:COMMITTED</div><div><br></div><div> --- total 1 entry ---</div></div><div><br></div><div><br></div><div><br></div><div><br></div>
页:
[1]