Configuring WLAN Services on a Small-scale Network (V200R008) Highlighted

Hello everyone,

Today I will share with you how to configure WLAN services on a Small-scale network.

Specifications

This example applies to AR routers of V200R008C00 and later versions.

Networking Requirements

As shown in Figure 1-1, the AP is directly connected to the AC. An enterprise branch needs to deploy WLAN services for mobile office so that branch users can access the enterprise internal network from anywhere at any time.

The following requirements must be met:

• A WLAN named wlan-net is available.

• Branch users are assigned IP addresses on 10.10.11.0/24.

Figure 1-1 Networking diagram of configuring WLAN services on a small-scale network

Procedure

Step 1  Configure the AC.

#
 sysname AC
#
vlan batch 100 to 101     //Create VLAN 100 (management VLAN) and VLAN 101 (service VLAN). 
#
dhcp enable          //Enable DHCP.
#
interface Vlanif100                                                             
 ip address 10.10.10.1 255.255.255.0                                            
 dhcp select interface    //Enable DHCP on VLANIF 100 so that the AC can assign IP addresses to APs.
#
interface Vlanif101                                               
 ip address 10.10.11.1 255.255.255.0                                            
 dhcp select interface    //Enable DHCP on VLANIF 101 so that the AC can assign IP addresses to STAs associated with APs.
#
interface Ethernet2/0/0                                                         
 port link-type trunk                                                            
 port trunk pvid vlan 100                  //Configure VLAN 100 as the default VLAN ofEthernet2/0/0.                                                       
 port trunk allow-pass vlan 100 to 101     //Add Ethernet2/0/0 to VLAN 100 and VLAN 101.                                           
 port-isolate enable group 1
#
capwap source interface vlanif100      //Specify the AC's source interface.
#
wlan ac
 security-profile name wlan-security  //Create a security profile.
  security wpa2 psk pass-phrase %^%#m"tz0f>~7.[`^6RWdzwCy16hJj/Mc!,}s`X*B]}A%^%# aes   //Configure PSK authentication and CCMP encryption, and display the user password in ciphertext.
 ssid-profile name wlan-ssid  //Create an SSID profile.
  ssid wlan-net               //Set the SSID to wlan-net.
 vap-profile name wlan-vap    //Create a VAP profile.
  service-vlan vlan-id 101    //Configure VLAN 101 as a service VLAN.
  ssid-profile wlan-ssid      //Bind the SSID profile to the VAP profile.
  security-profile wlan-security             //Bind the security profile to the VAP profile.
 regulatory-domain-profile name domain1      //Create a regulatory domain profile.
 ap-group name ap-group1                     //Create an AP group.                                                         
  regulatory-domain-profile domain1          //Bind the domain profile to the AP group.                                             
  radio 0                                                                       
   vap-profile wlan-vap wlan 1              //Bind the VAP profile to the radio.                                                 
  radio 1                                                                       
   vap-profile wlan-vap wlan 1              //Bind the VAP profile to the radio.                                                   
  radio 2                                                                       
   vap-profile wlan-vap wlan 1               //Bind the VAP profile to the radio.                                                    
 ap-id 0 type-id 19 ap-mac 60de-4476-e360 ap-sn 210235554710CB000042       //Add an AP offline.            
  ap-name area_1           //Configure a name for the AP.                                                                 
  ap-group ap-group1       //Add the AP to the AP group.
#
return

Step 2  Verify the configuration.

# After the service configuration is complete, run the display vap ssid wlan-net command. If Status in the command output is displayed as ON, the VAPs have been successfully created on AP radios.

# Connect STAs to the WLAN with SSID wlan-net and enter the password a1234567. Run the display station ssid wlan-net command on the AC. The command output shows that the STAs are connected to the WLAN wlan-net.

----End

Configuration Notes

No ACK mechanism is provided for multicast packet transmission on air interfaces. In addition, wireless links are unstable. To ensure stable transmission of multicast packets, they are usually sent at low rates. If a large number of such multicast packets are sent from the network side, the air interfaces may be congested. You are advised to configure multicast packet suppression to reduce the impact of a large number of low-rate multicast packets on the wireless network. Exercise caution when configuring the rate limit; otherwise, the multicast services may be affected.

• Indirect forwarding mode, you are advised to configure multicast packet suppression on switch interfaces connected to APs.

• In tunnel forwarding mode, you are advised to configure multicast packet suppression in traffic profiles of the AC.

• The management VLAN and service VLAN cannot be configured the same.

• In V200R008C30 and later versions, when multiple VAP profiles are configured and share one service VLAN, enable inter-service VLAN proxy ARP if the data forwarding mode is set to the tunnel.

When serving as an AC, the device only in V200R008C30 and later versions support tunnel forwarding for data packets.

That is all I want to share with you! Thank you!