H3C WX3008无线控制器和WA2210-AG瘦AP配置 - 网络安全

博主:xiaoweixiaowei 2023-01-18 条评论

AC模块

<XAODC-SPark-WX3008-01>dis cu
#
 version 5.20, Release 3111P01
#
 sysname XAODC-SPark-WX3008-01
#
 super password level 3 cipher =HKQ#]ZB:0;Q=^Q`MAF4<1!!
#
 domain default enable system
#
 telnet server enable
#
 port-security enable
#
 portal trap server-down
#
 oap management-ip 192.168.3.21 slot 0
#
vlan 1
#
vlan 100
#
vlan 104
#
radius scheme system
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#
user-group system
#
local-user admin
 password simple admin
 authorization-attribute level 3
 service-type telnet
local-user super
 password cipher =HKQ#]ZB:0;Q=^Q`MAF4<1!!
 authorization-attribute level 3
 service-type telnet
#
 stp enable
#
wlan rrm
 dot11a mandatory-rate 6 12 24
 dot11a supported-rate 9 18 36 48 54
 dot11b mandatory-rate 1 2
 dot11b supported-rate 5.5 11
 dot11g mandatory-rate 1 2 5.5 11
 dot11g supported-rate 6 9 12 18 24 36 48 54
#
wlan radio-policy 257

#
wlan service-template 4 crypto
 ssid test
 bind WLAN-ESS 3
 cipher-suite tkip
 security-ie wpa
#
interface NULL0
#
interface Vlan-interface1
#
interface Vlan-interface100
 description manage
 ip address 192.168.100.20 255.255.255.0
#
interface Vlan-interface104
#
interface GigabitEthernet1/0/1
 port link-type trunk
 port trunk permit vlan all
 port trunk pvid vlan 100
#
interface WLAN-ESS0
 port link-type hybrid
 port hybrid vlan 1 104 untagged
 port hybrid pvid vlan 104
 port-security port-mode psk
 port-security tx-key-type 11key
 port-security preshared-key pass-phrase cipher PPdB0Qk3hQdATFWcUi79gQ==
#
interface WLAN-ESS1
 port link-type hybrid
 port hybrid vlan 1 104 untagged
 port hybrid pvid vlan 104
 port-security port-mode psk
 port-security tx-key-type 11key
 port-security preshared-key pass-phrase cipher PPdB0Qk3hQdATFWcUi79gQ==
#
interface WLAN-ESS2
 port access vlan 104
 port-security port-mode psk
 port-security tx-key-type 11key
 port-security preshared-key pass-phrase cipher KzAShwdSpQRI903K3IqhjQ==
#
interface WLAN-ESS3
 port link-type hybrid
 port hybrid vlan 1 untagged
 port-security port-mode psk
 port-security tx-key-type 11key
 port-security preshared-key pass-phrase cipher VKUtk/d+1TKphnFmYPIKRw==
#
interface WLAN-ESS4
 port link-type hybrid
 port hybrid vlan 1 untagged
 port-security max-mac-count 1024
 port-security port-mode psk
 port-security preshared-key pass-phrase cipher PPdB0Qk3hQdATFWcUi79gQ==
#
wlan ap 1 model WA2210-AG
 serial-id 210235A29DB10A000348
 radio 1
  radio-policy 257
  service-template 1
  service-template 3
  radio enable
#
 ip route-static 0.0.0.0 0.0.0.0 192.168.100.18(三层交换路由)
#
 load xml-configuration
#
user-interface aux 0
user-interface vty 0 4
 authentication-mode scheme
 user privilege level 3
#
return
<XAODC-SPark-WX3008-01>

交换模块  进入交换模块方式<XAODC-SPark-WX3008-01>oap connect slot 0

H3C WX3008无线控制器和WA2210-AG瘦AP配置 - 网络安全

<H3C>dis cu
#
 sysname H3C
#
 oap management-ip 192.168.100.21 slot 0
#
radius scheme system
#
domain system
#
local-user admin
 password simple admin
 service-type telnet
 level 3
#
 stp enable
#
vlan 1
#
vlan 100
#
vlan 104
#
interface Vlan-interface1
 ip address 192.168.0.101 255.255.255.0
#
interface Vlan-interface100
 ip address 192.168.100.21 255.255.255.0
#
interface Aux1/0/0
#
interface GigabitEthernet1/0/1
 poe enable
 port access vlan 104
#
interface GigabitEthernet1/0/2
 poe enable
 port access vlan 104
#
interface GigabitEthernet1/0/3
 poe enable
 port access vlan 104
#
interface GigabitEthernet1/0/4
 poe enable
 port access vlan 104
#
interface GigabitEthernet1/0/5
#
interface GigabitEthernet1/0/6
#
interface GigabitEthernet1/0/7
#
interface GigabitEthernet1/0/8
 port link-type trunk
 port trunk permit vlan all
 port trunk pvid vlan 100
#
interface GigabitEthernet1/0/9
 stp disable
 port link-type trunk
 port trunk permit vlan all
 port trunk pvid vlan 100
#
interface NULL0
#
 ip route-static 0.0.0.0 0.0.0.0 192.168.100.18 preference 60
#
user-interface aux 0
user-interface vty 0 4
 authentication-mode scheme
 user privilege level 3
#
return
<H3C>

AP配置

[WA2210-AG]dis cu
#
 version 5.20, Release 1115
#
 sysname WA2210-AG
#
 info-center source LWPC channel 4
#
 ipv6
#
 telnet server enable
#
 wlan ac ip 192.168.100.20 (指定AC地址)
#
vlan 1
#
interface NULL0
#
interface Vlan-interface1
 ip address dhcp-alloc client-identifier mac Vlan-interface1
#
interface Ethernet1/0/1
#
interface WLAN-Radio1/0/1
#              
 undo gratuitous-arp-learning enable
#
user-interface con 0
user-interface vty 0 4
 user privilege level 3
 set authentication password simple h4capadmin
#

The End

发布于:2023-01-18,除非注明,否则均为 主机评测原创文章,转载请注明出处。