CISCO无线控制器配置基础合集课件.ppt

上传人(卖家):三亚风情 文档编号:3376910 上传时间:2022-08-25 格式:PPT 页数:110 大小:4.75MB
下载 相关 举报
CISCO无线控制器配置基础合集课件.ppt_第1页
第1页 / 共110页
CISCO无线控制器配置基础合集课件.ppt_第2页
第2页 / 共110页
CISCO无线控制器配置基础合集课件.ppt_第3页
第3页 / 共110页
CISCO无线控制器配置基础合集课件.ppt_第4页
第4页 / 共110页
CISCO无线控制器配置基础合集课件.ppt_第5页
第5页 / 共110页
点击查看更多>>
资源描述

1、 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID1无线控制器配置基础无线控制器配置基础Xiaogang Wu2008.10 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID2基本配置任务及过程基本配置任务及过程准备工作1.控制器启动配置和升级控制器软件版本控制器启动配置和升级控制器软件版本2.熟悉控制器配置界面熟悉控制器配置界面3.连接连接AP到控制器上到控制器上配置任务1.思科思科CS

2、SC无线客户端的安装和简单配置无线客户端的安装和简单配置2.构建一个构建一个OPEN和一个和一个WEP的无线网络的无线网络3.构建一个简单构建一个简单WEB认证的无线网络认证的无线网络4.构建一个支持本地构建一个支持本地EAP认证的无线网络认证的无线网络5.构建一个用构建一个用ACS做做AAA认证的无线网络认证的无线网络 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID3Presentation Title Size 30PTOption 2:Live准备工作 2006 Cisco Syst

3、ems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID4基本设备基本设备 控制器 4400或者2100系列 AP:1130或者1240系列 交换机:最好是3560 POE交换机 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID52100系列无线控制器系列无线控制器 支持支持802.11a/b/g/n 支持支持PCI认证认证 WLC2100 硬件硬件8个FE口,2个上联口,6个下联口其中2个FE口有以太网供电 未使用端口未使用

4、端口2个USB端口和一个扩展槽留作将来扩展用*2106和2006不能作为guest access的anchor controller*不支持Link Aggregation*不能通过软件升级AP容量AIR-WLC2125-K92100 Series WLAN Controller for up to 25 Lightweight APs$18,890AIR-WLC2112-K92100 Series WLAN Controller for up to 12 Lightweight APs$10,070AIR-WLC2106-K92100 Series WLAN Controller for u

5、p to 6 Lightweight APs$4,875 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID64400系列无线控制器系列无线控制器 1 RU 高度2口 或者 4口千兆上联 支持 12,25,50 or 100 AP 支持 5000 MAC地址转发表 10/100Base-TX 以太网 Service Port 9 pin 串口Console口 2 扩展槽和1个utility port目前未使用 2 热插拔电源模块插槽44xx WLAN Controller 型号 4402 支持

6、 12,25,和50 AP 型号 4404支持100 APs*不能通过软件升级AP容量*4400系列使用SFP光纤模块*4400系列每port支持50个AP 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID7准备工作准备工作 网线和Console线。如果是4400,需要两头是DB9接口的线,如果是2106或者ISR,需要DB9+RJ45的线 如果是4400,需要GLC光纤模块和光纤 确认控制器版本是否需要升级(用命令show sysinfo查看系统版本)是否需要将胖AP升级到瘦AP1200/

7、1100/1300需要upgrade tool做升级,1250不需要工具,直接在图形化界面上升级 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID8实验拓扑示例实验拓扑示例TRUNKVLAN1/20/30/40fa0/1port 1SSCWLC说明:说明:1、VLAN1用于连接控制器、AP和ACS;2、VLAN20用于WPA/WPA2认证,认证服务器用ACS。3、VLAN30用作OPEN/WEP/GUEST客户接入3、VLAN40用作WPA/WPA2认证,认证用本地EAPSSCSSID:VL

8、AN20SSID:VLAN30PC/AAA服务器服务器VLAN1所有3层网关设置在3层交换机上,地址254 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID9启动选项启动选项The controller boot sequence will always have these option available since this is set in PROM to ensure controller recovery options按5清空配置 2006 Cisco Systems,Inc

9、.All rights reserved.Cisco ConfidentialPresentation_ID10系统启动界面和配置系统启动界面和配置(OS 5.1)Would you like to terminate autoinstall?yes:System Name Cisco_51:2b:60(31 characters max):2106-demoAUTO-INSTALL:process terminated-no configuration loadedEnter Administrative User Name(24 characters max):ciscoEnter Adm

10、inistrative Password(24 characters max):ciscoRe-enter Administrative Password :ciscoManagement Interface IP Address:192.168.10.1Management Interface Netmask:255.255.255.0Management Interface Default Router:192.168.10.254Management Interface VLAN Identifier(0=untagged):Management Interface Port Num 1

11、 to 8:1Management Interface DHCP Server IP Address:192.168.10.254AP Manager Interface IP Address:192.168.10.2AP-Manager is on Management subnet,using same valuesAP Manager Interface DHCP Server(192.168.10.254):Virtual Gateway IP Address:1.1.1.1Mobility/RF Group Name:demo 2006 Cisco Systems,Inc.All r

12、ights reserved.Cisco ConfidentialPresentation_ID11系统启动界面(续)系统启动界面(续)Enable Symmetric Mobility Tunneling yesNO:yesNetwork Name(SSID):open Allow Static IP Addresses YESno:Configure a RADIUS Server now?YESno:noWarning!The default WLAN security policy requires a RADIUS server.Please see documentation fo

13、r more details.Enter Country Code list(enter help for a list of countries)US:CNEnable 802.11b Network YESno:Enable 802.11a Network YESno:Enable 802.11g Network YESno:Enable Auto-RF YESno:Configure a NTP server now?YESno:noConfigure the system time now?YESno:Enter the date in MM/DD/YY format:09/28/08

14、Enter the time in HH:MM:SS format:17:11:00Configuration correct?If yes,system will save it and reset.yesNO:yesConfiguration saved!Resetting system with new configuration.非常重要,非常重要,Controller的的wireless的的domain要和要和AP一致。一致。2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID12配置

15、配置3层交换机层交换机p dhcp excluded-address 192.168.10.1ip dhcp excluded-address 192.168.10.254ip dhcp excluded-address 192.168.10.2!ip dhcp pool AP network 192.168.10.0 255.255.255.0 default-router 192.168.10.254!interface FastEthernet0/1 switchport trunk encapsulation dot1q switchport mode trunkinterface V

16、lan1 ip address 192.168.10.254 255.255.255.0!interface Vlan20 ip address 192.168.20.254 255.255.255.0!interface Vlan30 ip address 192.168.30.254 255.255.255.0!interface Vlan40 ip address 192.168.40.254 255.255.255.0line vty 0 4 privilege level 15 password cisco login 2006 Cisco Systems,Inc.All right

17、s reserved.Cisco ConfidentialPresentation_ID13配置配置WEB访问访问1、使用直通网线,连接交换机的trunk接口到控制器端口12、配置PC机的IP地址 192.168.10.100/24或者DHCP,网关192.168.10.2543、测试PC能否Ping 通Controller的地址:192.168.10.13、用https:/192.168.10.1访问控制器,如果要开启http访问,需要在系统里打开。2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentatio

18、n_ID14使用使用IE浏览器进行浏览器进行WEB访问访问 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID15如果要升级控制器系统软件如果要升级控制器系统软件 tftp 服务器推荐tftpd32 支持64M以上文件传输 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID16在在CCO上下载新版本上下载新版本支持室内室外 mesh 版本支持802.11n和其他新功能的普通版本http:/ 2

19、006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID17Upgrade Path to Controller Software Release 5.0.148.0 or aboveCurrent Software Release Upgrade Path to 5.0.148.0 Software 3.2.78.0 or later 3.2 release Upgrade to a 4.1 release before upgrading to 5.0.148.0.4.0.155.5 or lat

20、er 4.0 release Upgrade to a 4.1 or 4.2 release before upgrading to 5.0.148.0 4.1.171.0 or later 4.1 release You can upgrade directly to 5.0.148.0.4.2.61.0 or later 4.2 release You can upgrade directly to 5.0.148.0.注意:由于配置存储格式不同,从3.x-4.x 升级到5.x后,原来的部分配置可能丢失 2006 Cisco Systems,Inc.All rights reserved.

21、Cisco ConfidentialPresentation_ID18Upgrade Path to Controller Software Release 4.1.171.0 Current Software Release Upgrade Path to 4.1.171.0 Software 3.2.78.0 Upgrade to 4.0.206.0 or a later 4.0 release before upgrading to 4.1.171.0.3.2.116.21 3.2.150.10 3.2.171.6 3.2.193.5 If your controller is conf

22、igured with the new J3 country code,upgrade to 3.2.195.10 or a later 3.2 release.If your controller is not configured for the new J3 country code,you can upgrade to 3.2.195.10 or a later 3.2 release or to 4.0.206.0 or a later 4.0 release.3.2.195.10 or later 3.2 release You can upgrade directly to 4.

23、1.171.0.4.0.155.5 Upgrade to 4.0.206.0 or a later 4.0 release before upgrading to 4.1.171.0.4.0.179.11 4.0.206.0 or later 4.0 release You can upgrade directly to 4.1.171.0.2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID19控制器软件升级控制器软件升级 命令行方式命令行方式 Step1.ping server-ip-add

24、ress 测试控制器与TFTP server的连通性 Step2.transfer download mode tftp 设置传输使用的协议:tftp Step3.transfer download datatype code 设置传输的数据类型 Step4.transfer download serverip server-ip-address 指定tftp server的IP地址 Step5.transfer download filename filename 制定Image的文件名 Step6.transfer download start 开始传输文件,确认时如果回答No,则显示TF

25、TP的参数设置 Step7.reset system WLC的系统重新启动注:TFTP服务器软件推荐tftpd32,可以在网上免费下载,支持64M以上大文件传输 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID20控制器软件升级控制器软件升级 图形界面图形界面电脑上设置好Tftp软件;填入Tftp地址和文件名后,选择右侧的 download 按钮开始。完成后按提示reboot。2006 Cisco Systems,Inc.All rights reserved.Cisco Confident

26、ialPresentation_ID21Presentation Title Size 30PTOption 2:Live熟悉无线控制器Controller配置界面 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID22命令行命令行(CLI)基本命令基本命令cisco 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID23命令行命令行(CLI)“clear”Commands 2006 Cisc

27、o Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID24命令行命令行(CLI)“config”Commands and more 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID25命令行命令行(CLI)“debug”Command 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID26命令行命令行(CLI)“

28、help”Commands 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID27命令行命令行(CLI)“show”Commands 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID28命令行命令行(CLI)“transfer”Commands 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_

29、ID29使用使用IE浏览器进行浏览器进行WEB访问访问 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID30控制器上查看和设置无线网络控制器上查看和设置无线网络SSID 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID31控制器配置页面控制器配置页面配置接口配置接口配置控制器配置控制器做做DHCP服务服务器器定义无线组定义无线组参看和配置参看和配置端口端口 2006 Cisco Syste

30、ms,Inc.All rights reserved.Cisco ConfidentialPresentation_ID32配置接口页面配置接口页面 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID33设置控制器做设置控制器做DHCP服务器服务器 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID34定义移动组定义移动组 2006 Cisco Systems,Inc.All rights r

31、eserved.Cisco ConfidentialPresentation_ID35设置端口页面设置端口页面 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID36多个控制器时,设定主控制器多个控制器时,设定主控制器 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID37点击点击WIRELESS/ALL APs 2006 Cisco Systems,Inc.All rights reserv

32、ed.Cisco ConfidentialPresentation_ID38安全页面安全页面Radius服务器配置服务器配置本地用户数据库本地用户数据库MAC地址过滤地址过滤WEB认证相关认证相关配置配置本地本地EAP 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID39管理界面管理界面定义能够进行定义能够进行Controller管管理的管理用户理的管理用户 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresen

33、tation_ID40控制器维护管理界面控制器维护管理界面系统和配置文系统和配置文件的上传、下件的上传、下载配置载配置控制器软重启控制器软重启 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID41AP射频模块配置界面射频模块配置界面 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID42AP发射功率调节发射功率调节(AP1131)Tx Power Num Of Supported Power

34、 Levels.6 Tx Power Level 1.14 dBm Tx Power Level 2.11 dBm Tx Power Level 3.8 dBm Tx Power Level 4.5 dBm Tx Power Level 5.2 dBm Tx Power Level 6.-1 dBmAP1242的level 1 是 17dBm 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID435.1版本对版本对HA的增强的增强Failover等级全局HA配置 2006 Cisco Syst

35、ems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID44Presentation Title Size 30PTOption 2:Live连接AP到控制器 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID45Controller里的里的Port还有还有Vlan以及以及Interface的对应关系的对应关系 Controller必需配置的接口带内管理接口“Management Interface”LWAPP Tunnel 终

36、结接口“AP Manager Interface”桥接的无线客户端接口“Dynamic Interfaces”.二三层漫游而设的虚拟接口“Virtual Interface”可选接口:服务接口带外管理接口带外管理接口*2100系列和WLCM没有service port 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID46确认控制器国家版本与确认控制器国家版本与AP一致一致目前版本支持同时支持多国家 2006 Cisco Systems,Inc.All rights reserved.Cisc

37、o ConfidentialPresentation_ID47确认时间配置无误确认时间配置无误 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID48在路由器或者在路由器或者3层交换机设置层交换机设置DHCP在在AP和控制器不在同一网段的情况下,建立和控制器不在同一网段的情况下,建立AP能够获取能够获取IP Address 的地址池,加上的地址池,加上Option 43WLC-router(config)#ip dhcp pool LWAPP-APWLC-router(dhcp-config)

38、#network 192.168.10.0 255.255.255.0WLC-router(dhcp-config)#default-router 192.168.0.254WLC-router(dhcp-config)#option 43 ascii 192.168.10.1“/很重要!通过很重要!通过Option 43 可以让可以让AP在获取和控制器不同网段在获取和控制器不同网段IP Address的时候,能够知道的时候,能够知道Controller的所在。的所在。如果如果AP和控制器在一个网段和广播域,则可以不配置和控制器在一个网段和广播域,则可以不配置option 43WLC-rout

39、er(dhcp-config)#exitWLC-router(config)#ip dhcp excluded-address 192.168.0.254 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID49在在IOS设备配置设备配置Option 43 对于1000/1500系列,直接写option 43 ascii“192.168.10.5,129.168.10.20“对于1100和1200,需要写option 60和option 43 假设要连接1240,控制器地址为192.168.10

40、.5和192.168.10.20ip dhcp pool APnetwork 192.168.10.0/24default-router 192.168.10.254dns-server 192.168.10.100option 60 ascii“Cisco AP c1240“option 43 hex f108c0a80a05c0a80a14 option 43的配置详见http:/ String1130的是Cisco AP c1130 类型=f1长度=2 x 4=08192.168.10.5192.168.10.20 2006 Cisco Systems,Inc.All rights re

41、served.Cisco ConfidentialPresentation_ID50可以在可以在console上打开上打开debug观察观察AP加入情况加入情况(Cisco Controller)debug lwapp events enable(Cisco Controller)*Oct 04 19:20:19.154:00:1a:e3:d0:19:50 Received LWAPP DISCOVERY REQUEST from AP 00:1a:e3:d0:19:50 to 00:1e:13:51:2b:60 on port 8*Oct 04 19:20:19.154:Received a

42、 packet which is a(type=DISCOVERY_REQUEST)with session id 0*Oct 04 19:20:19.154:Join Priority Processing status=0,Incoming Aps Priority 1,MaxLrads=6,joined Aps=0*Oct 04 19:20:19.155:00:1a:e3:d0:19:50 Successful transmission of LWAPP Discovery Response to AP 00:1a:e3:d0:19:50 on port 8*Oct 04 19:20:1

43、9.156:00:1a:e3:d0:19:50 Received LWAPP DISCOVERY REQUEST from AP 00:1a:e3:d0:19:50 to ff:ff:ff:ff:ff:ff on port 8*Oct 04 19:20:19.156:Received a packet which is a(type=DISCOVERY_REQUEST)with session id 0*Oct 04 19:20:19.156:Join Priority Processing status=0,Incoming Aps Priority 1,MaxLrads=6,joined

44、Aps=0*Oct 04 19:20:19.156:00:1a:e3:d0:19:50 Successful transmission of LWAPP Discovery Response to AP 00:1a:e3:d0:19:50 on port 8*Oct 04 19:20:31.162:00:1a:e3:d0:19:50 Received LWAPP JOIN REQUEST from AP 00:1a:e3:d0:19:50 to 00:1e:13:51:2b:67 on port 8*Oct 04 19:20:31.162:Received a packet which is

45、a(type=JOIN_REQUEST)with session id 0*Oct 04 19:20:31.177:00:1a:e3:d0:19:50 AP AP001b.5302.28f8:txNonce 00:1E:13:51:2B:60 rxNonce 00:1A:E3:D0:19:50*Oct 04 19:20:31.177:00:1a:e3:d0:19:50 LWAPP Join Request MTU path from AP 00:1a:e3:d0:19:50 is 1500,remote debug mode is 0*Oct 04 19:20:31.177:DTL Addin

46、g AP 1-192.168.10.10*Oct 04 19:20:31.177:00:1a:e3:d0:19:50 Successfully added NPU Entry for AP 00:1a:e3:d0:19:50(index 1)Switch IP:192.168.10.2,Switch Port:12223,intIfNum 8,vlanId 0AP IP:192.168.10.10,AP Port:8847,nex*Oct 04 19:20:31.911:00:1a:e3:d0:19:50 Successful transmission of LWAPP Join Reply

47、to AP 00:1a:e3:d0:19:50*Oct 04 19:20:31.912:00:1a:e3:d0:19:50 spam_lrad.c:1589-Operation State 0=4*Oct 04 19:20:31.913:00:1a:e3:d0:19:50 Register LWAPP event for AP 00:1a:e3:d0:19:50 slot 0*Oct 04 19:20:31.914:00:1a:e3:d0:19:50 Register LWAPP event for AP 00:1a:e3:d0:19:50 slot 1*Oct 04 19:20:33.192

48、:00:1a:e3:d0:19:50 Received LWAPP CONFIGURE REQUEST from AP 00:1a:e3:d0:19:50 to 00:1e:13:51:2b:67*Oct 04 19:20:33.194:00:1a:e3:d0:19:50 Updating IP info for AP 00:1a:e3:d0:19:50-static 0,192.168.10.10/255.255.255.0,gtw 192.168.10.254*Oct 04 19:20:33.194:00:1a:e3:d0:19:50 Updating IP 192.168.10.10=1

49、92.168.10.10 for AP 00:1a:e3:d0:19:50*Oct 04 19:20:33.194:00:1b:53:02:28:f8 Building Config Response Msg for 00:1b:53:02:28:f8 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID51确认确认AP连接到控制器连接到控制器图形界面命令行 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresenta

50、tion_ID52Presentation Title Size 30PTOption 2:LiveCSSC无线客户端 2006 Cisco Systems,Inc.All rights reserved.Cisco ConfidentialPresentation_ID53802.11 无线客户端概述无线客户端概述WLAN 特性CSSCMicrosoftCisco ACU/ADU多 WLAN Profile(不同的SSID,不同的安去策略)支持YesYesYesActive Probe(hidden SSID support)YesNoYes部署工具YesNoYesWPA/WPA2YesYe

展开阅读全文
相关资源
猜你喜欢
相关搜索

当前位置:首页 > 办公、行业 > 各类PPT课件(模板)
版权提示 | 免责声明

1,本文(CISCO无线控制器配置基础合集课件.ppt)为本站会员(三亚风情)主动上传,163文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。
2,用户下载本文档,所消耗的文币(积分)将全额增加到上传者的账号。
3, 若此文所含内容侵犯了您的版权或隐私,请立即通知163文库(发送邮件至3464097650@qq.com或直接QQ联系客服),我们立即给予删除!


侵权处理QQ:3464097650--上传资料QQ:3464097650

【声明】本站为“文档C2C交易模式”,即用户上传的文档直接卖给(下载)用户,本站只是网络空间服务平台,本站所有原创文档下载所得归上传人所有,如您发现上传作品侵犯了您的版权,请立刻联系我们并提供证据,我们将在3个工作日内予以改正。


163文库-Www.163Wenku.Com |网站地图|