63无线客户端保活和空闲检测典型配置举例Word格式文档下载.docx
《63无线客户端保活和空闲检测典型配置举例Word格式文档下载.docx》由会员分享,可在线阅读,更多相关《63无线客户端保活和空闲检测典型配置举例Word格式文档下载.docx(13页珍藏版)》请在冰点文库上搜索。
![63无线客户端保活和空闲检测典型配置举例Word格式文档下载.docx](https://file1.bingdoc.com/fileroot1/2023-5/10/22ad224e-055d-4657-a647-ba73b189d884/22ad224e-055d-4657-a647-ba73b189d8841.gif)
∙为了能够在AC上显示上线Client的IP地址,需要在AC上开启ARPSnooping功能。
∙配置AP的序列号时请确保该序列号与AP唯一对应,AP的序列号可以通过AP设备背面的标签获取。
3.4配置步骤
3.4.1AC的配置
(1)配置AC接口
#创建VLAN100及其对应的VLAN接口,并为该接口配置IP地址。
AC将使用该接口的IP地址与AP建立LWAPP隧道。
<
AC>
system-view
[AC]vlan100
[AC-vlan100]quit
[AC]interfacevlan-interface100
[AC-Vlan-interface100]ipaddress128.100.1.18016
[AC-Vlan-interface100]quit
#创建VLAN200作为WLAN-ESS接口的缺省VLAN。
[AC]vlan200
[AC-vlan200]quit
#创建VLAN300作为Client接入的业务VLAN,配置VLAN300的接口IP地址。
[AC]vlan300
[AC]interfacevlan-interface300
[AC-Vlan-interface300]ipaddress128.30.1.18016
[AC-Vlan-interface300]quit
#配置AC连接Switch的接口GigabitEthernet1/0/1为Trunk类型,禁止VLAN1报文通过,允许VLAN100和VLAN300通过,设置PVID为VLAN100。
[AC]interfacegigabitethernet1/0/1
[AC-GigabitEthernet1/0/1]portlink-typetrunk
[AC-GigabitEthernet1/0/1]undoporttrunkpermitvlan1
[AC-GigabitEthernet1/0/1]porttrunkpermitvlan100300
[AC-GigabitEthernet1/0/1]porttrunkpvidvlan100
[AC-GigabitEthernet1/0/1]quit
#创建WLAN-ESS1接口。
[AC]interfacewlan-ess1
#配置WLAN-ESS1接口类型为Hybrid类型。
[AC-WLAN-ESS1]portlink-typehybrid
#配置当前hybrid端口的PVID为VLAN200,禁止VLAN1通过并允许VLAN200不带tag通过。
[AC-WLAN-ESS1]undoporthybridvlan1
[AC-WLAN-ESS1]porthybridvlan200untagged
[AC-WLAN-ESS1]porthybridpvidvlan200
#使能MACVLAN功能。
[AC-WLAN-ESS1]mac-vlanenable
[AC-WLAN-ESS1]quit
(2)配置无线服务
#创建clear类型的服务模板1。
[AC]wlanservice-template1clear
#设置当前服务模板的SSID为service。
[AC-wlan-st-1]ssidservice
#将WLAN-ESS1接口绑定到服务模板1。
[AC-wlan-st-1]bindwlan-ess1
#启用无线服务。
[AC-wlan-st-1]service-templateenable
[AC-wlan-st-1]quit
(3)配置射频接口并绑定服务模板
#创建AP的管理模板,名称为officeap,型号名称选择WA2620E-AGN。
[AC]wlanapofficeapmodelWA2620E-AGN
#设置officeap的序列号为210235A29G007C000020。
[AC-wlan-ap-officeap]serial-id210235A29G007C000020
#进入radio2射频视图。
[AC-wlan-ap-officeap]radio2
#将在AC上配置的clear类型的服务模板1与射频2进行绑定,设置绑定到射频接口的VLAN编号为VLAN300。
[AC-wlan-ap-officeap-radio-2]service-template1vlan-id300
#使能officeap的radio2。
[AC-wlan-ap-officeap-radio-2]radioenable
[AC-wlan-ap-officeap-radio-2]quit
(4)配置无线客户端的保活机制和空闲检测机制
#设置无线客户端的保活时间间隔为3秒。
[AC-wlan-ap-officeap]clientkeep-alive3
#设置无线客户端最大空闲时间为60秒。
[AC-wlan-ap-officeap]clientidle-timeout60
[AC-wlan-ap-officeap]quit
(5)开启ARPSnooping功能
[AC]arpsnoopingenable
3.4.2Switch的配置
#创建VLAN100和VLAN300,其中VLAN100用于转发AC和AP间LWAPP隧道内的流量,VLAN300为无线客户端接入的VLAN。
Switch>
[Switch]vlan100
[Switch-vlan100]quit
[Switch]vlan300
[Switch-vlan300]quit
#配置Switch与AC相连的GigabitEthernet1/0/1接口属性Trunk,禁止VLAN1报文通过,设置PVID为VLAN100,允许VLAN100和VLAN300通过。
[Switch]interfacegigabitethernet1/0/1
[Switch-GigabitEthernet1/0/1]portlink-typetrunk
[Switch-GigabitEthernet1/0/1]undoporttrunkpermitvlan1
[Switch-GigabitEthernet1/0/1]porttrunkpermitvlan100300
[Switch-GigabitEthernet1/0/1]porttrunkpvidvlan100
[Switch-GigabitEthernet1/0/1]quit
#配置Switch与AP相连的GigabitEthernet1/0/2接口属性为Access,并允许VLAN100通过。
[Switch]interfacegigabitethernet1/0/2
[Switch-GigabitEthernet1/0/2]portlink-typeaccess
[Switch-GigabitEthernet1/0/2]portaccessvlan100
#配置Switch与AP相连的GigabitEthernet1/0/2接口使能PoE功能。
[Switch-GigabitEthernet1/0/2]poeenable
[Switch-GigabitEthernet1/0/2]quit
#配置Switch与DHCP服务器相连的GigabitEthernet1/0/3接口属性为Access,并允许VLAN100通过。
[Switch]interfacegigabitethernet1/0/3
[Switch-GigabitEthernet1/0/3]portlink-typeaccess
[Switch-GigabitEthernet1/0/3]portaccessvlan100
[Switch-GigabitEthernet1/0/3]quit
3.5验证配置
#通过命令displaywlanapnameofficeapverbose可以看到无线客户端配置的保活时间间隔为3秒,空闲时间为60秒。
displaywlanapnameofficeapverbose
APProfile:
officeap
-------------------------------------------------------------------------------
APID:
1
AutoAP:
NO
APSystemName:
NotConfigured
MapConfiguration:
State:
Run
UpTime(hh:
mm:
ss):
00:
01:
54
Model:
WA2620E-AGN
Serial-ID:
210235A29G007C000020
ACIPAddress:
128.100.1.180
APIPAddress:
128.100.0.4
H/WVersion:
Ver.A
S/WVersion:
V100R001B96D037
Boot-RomVersion:
2.02
Description:
ConnectionType:
Master
PeerACMACAddress:
-NA-
PriorityLevel:
4
EchoInterval(s):
10
StatisticsreportInterval(s):
50
Cir(Kbps):
Cbs(Bytes):
JumboframeThreshold:
Disable
Transmittedcontrolpackets:
90
Receivedcontrolpackets:
Transmitteddatapackets:
79999
Receiveddatapackets:
73
EchoAverageDelay(ms):
13
EchoRequestCount:
EchoResponseLossCount:
0
ConfigurationFailureCount:
LastFailureReason:
LastRebootReason:
TunnelInitiated
LatestIPAddress:
TunnelDownReason:
ResponseTimerExpire
ConnectionCount:
67
AP-GroupName:
APMode:
Split
APoperationmode:
Normal
PortalService:
DeviceDetection:
MaximumNumberofRadios:
2
CurrentNumberofRadios:
ClientKeep-aliveInterval(s):
3
ClientIdleInterval(s):
60
Broadcast-probeReplyStatus:
Enable
Radio1:
BasicBSSID:
5866-ba94-71e0
CurrentBSSCount:
RunningClientsCount:
WirelessMode:
11an
ClientDot11n-only:
Disabled
ChannelBand-width:
20/40MHz
SecondaryChannelOffset:
SCN
HTProtectionMode:
noprotection
ShortGIfor20MHz:
Supported
ShortGIfor40MHz:
MandatoryMCSSet:
SupportMCSSet:
0,1,2,3,4,5,6,7,8,9,
10,11,12,13,14,15,16,17,18,19,
20,21,22,23
A-MSDU:
Enabled
A-MPDU:
GreenEnergyManagement:
MIMO:
Default
STBC:
LDPC:
ConfiguredChannel:
auto
ConfiguredPower(dBm):
20
RadioPolicy:
default_rp
MeshPolicy:
default_mp_plcy
ANISupport:
AdminState:
DOWN
PhysicalState:
UP
OperationalRates(Mbps):
6:
mandatory
9:
supported
12:
18:
24:
36:
48:
54:
RadardetectedChannels:
None
AntennaType:
InternalAntenna
ResourceUsingRatio(%):
NoiseFloor(dBm):
Radio2:
5866-ba94-71f0
11gn
20MHz
auto(11)
Interference(%):
54
ChannelLoad(%):
Utilization(%):
Co-channelNeighborCount:
ChannelHealth:
Bad
PreambleType:
short
ServiceTemplate:
SSID:
service
Port:
WLAN-DBSS1:
2147
11gProtection:
1:
2:
5.5:
11:
23
-110
#在AC上配置允许日志信息输出到监视终端。
terminalmonitor
#将client关机或者断电,使得client不能对AC发送下线通知。
#如果在保活时间间隔周期3秒周期后,AC未收到Client的Deauth通知,那么AC就会主动删除对应Client表项,通过命令行自动打印的信息验证Client被AC下线。
%Nov2809:
50:
54:
4412013ACWMAC/6/WMAC_CLIENT_GOES_OFFLINE:
Client000f-e212-8410disconnectedfromWLANservice.Reasoncodeis1.
#将client重新上线,然后60秒之内不发送任何数据。
在60秒周期内AC没有收到Client发送的数据报文,AC就会将Client下线,通过命令行自动打印的信息验证Client被AC下线。
%Nov2715:
42:
39:
2092013ACWMAC/6/WMAC_CLIENT_GOES_OFFLINE:
Client0021-632f-e17ddisconnectedfromWLANservice.Reasoncodeis4.
3.6配置文件
∙AC:
#
arpsnoopingenable
vlan100
vlan200
vlan300
wlanservice-template1clear
ssidservice
bindWLAN-ESS1
service-templateenable
interfaceGigabitEthernet1/0/1
portlink-typetrunk
porttrunkpermitvlan100300
undoporttrunkpermitvlan1
porttrunkpvidvlan100
interfaceVlan-interface100
ipaddress128.100.1.180255.255.0.0
interfaceVlan-interface300
ipaddress128.30.1.180255.255.0.0
interfaceWLAN-ESS1
portlink-typehybrid
undoporthybridvlan1
porthybridvlan200untagged
porthybridpvidvlan200
mac-vlanenable
wlanapofficeapmodelWA2620E-AGNid1
serial-id210235A29G007C000020
clientidle-timeout60
clientkeep-alive3
radio1
radio2
service-template1vlan-id300
radioenable
∙Switch:
interfaceGigabitEthernet1/0/2
portlink-typeacce