§ 配置任务
1. 思科CSSC无线客户端的安装和简单配置 2. 构建一个OPEN和一个WEP的无线网络 3. 构建一个简单WEB认证的无线网络 4. 构建一个支持本地EAP认证的无线网络 5. 构建一个用ACS做AAA认证的无线网络
Presentation_ID
© 2019 Cisco Systems, Inc. All rights reserved.
§ Configuration correct? If yes, system will save it and reset. [yes][NO]: yes
§ Configuration saved! § Resetting system with new configuration...
Presentation_ID
Cisco Confidential
3
PDF 文件使用 "pdfFactory Pro" 试用版本创建 fineprint
基本设备
§ 控制器 4400或者2100系列 § AP：1130或者1240系列 § 交换机： 最好是3560 POE交换机
Presentation_ID
© 2019 Cisco Systems, Inc. All rights reserved.
§ Enter Administrative User Name (24 characters max): cisco
§ Enter Administrative Password (24 characters max): cisco
§ Re-enter Administrative Password
启动选项
按5清空配置
Presentation_ID
© 2019 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
PDF 文件使用 "pdfFactory Pro" 试用版本创建 fineprint
The controller boot sequence will always have these option available since this is set in PROM to ensure controller recovery options
*不能通过软件升级AP容量 *4400系列使用SFP光纤模块 *4400系列每port支持50个AP
44xx WLAN Controller
§ 型号 4402
支持 12, 25, 和50 AP
§ 型号 4404
支持100 APs
Presentation_ID
© 2019 Cisco Systems, Inc. All rights reserved.
§ Mobility/RF Group Name: demo
Presentation_ID
© 2019 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
10
PDF 文件使用 "pdfFactory Pro" 试用版本创建 fineprint
Cisco Confidential
4
PDF 文件使用 "pdfFactory Pro" 试用版本创建 fineprint
2100系列无线控制器
§ 支持802.11a/b/g/n
§ 支持PCI认证
§ WLC2100 硬件
8个FE口， 2个上联口，6个下联口 其中2个FE口有以太网供电
§ 未使用端口
§ AP Manager Interface IP Address: 192.168.10.2 § AP-Manager is on Management subnet, using same values § AP Manager Interface DHCP Server (192.168.10.254): § Virtual Gateway IP Address: 1.1.1.1
实验拓扑示例
VLAN1
PC//AAA服务器
SSID:VLAN20
SSC
TRUNKfa0/1Siport 1VLAN1/20/30/40 WLC
说明：
1、VLAN1用于连接控制器、AP和 ACS； 2、VLAN20用于WPA/WPA2认证， 认证服务器用ACS。 3、VLAN30用作OPEN/WEP/GUEST 客户接入 3、VLAN40用作WPA/WPA2认证，
© 2019 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
PDF 文件使用 "pdfFactory Pro" 试用版本创建 fineprint
非常重要， Controller的 wireless的 domain要和AP 一致。
11
1200/1100/1300需要upgrade tool做升级，1250不需要工具，直接在图 形化界面上升级
Presentation_ID
© 2019 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
7
PDF 文件使用 "pdfFactory Pro" 试用版本创建 fineprint
*2106和2019不能作为guest access的anchor controller *不支持Link Aggregation *不能通过软件升级AP容量
Presentation_ID
© 2019 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
§ default-router 192.168.10.254 §! § interface FastEthernet0/1 § switchport trunk encapsulation dot1q § switchport mode trunk § …… § interface Vlan1 § ip address 192.168.10.254 255.255.255.0 §! § interface Vlan20 § ip address 192.168.20.254 255.255.255.0 §! § interface Vlan30 §
9
系统启动界面和配置 (OS 5.1)
§ Would you like to terminate autoinstall? [yes]:
§ System Name [Cisco_51:2b:60] (31 characters max): 2106-demo § AUTO-INSTALL: process terminated -- no configuration loaded
Cisco Confidential
6
PDF 文件使用 "pdfFactory Pro" 试用版本创建 fineprint
准备工作
§ 网线和Console线。如果是4400，需要两头是DB9接口的线，如果 是2106或者ISR，需要DB9+RJ45的线
§ 如果是4400，需要GLC光纤模块和光纤 § 确认控制器版本是否需要升级 (用命令show sysinfo查看系统版本) § 是否需要将胖AP升级到瘦AP
2个USB端口和一个扩展槽留作 将来扩展用
AIR-WLC2125-K9 AIR-WLC2112-K9 AIR-WLC2106-K9
2100 Series WLAN Controller for up to 25 Lightweight APs 2100 Series WLAN Controller for up to 12 Lightweight APs 2100 Series WLAN Controller for up to 6 Lightweight APs
§ Enter Country Code list (enter 'help' for a list of countries) [US]: CN
§ Enable 802.11b Network [YES][no]: § Enable 802.11a Network [YES][no]: § Enable 802.11g Network [YES][no]: § Enable Auto-RF [YES][no]:
系统启动界面（续）
§ Enable Symmetric Mobility Tunneling [yes][NO]: yes
§ Network Name (SSID): open § Allow Static IP Addresses [YES][no]:
§ Configure a RADIUS Server now? [YES][no]: no § Warning! The default WLAN security policy requires a RADIUS server. § Please see documentation for more details.
§ Configure a NTP server now? [YES][no]: no § Configure the system time now? [YES][no]: § Enter the date in MM/DD/YY format: 09/28/08 § Enter the time in HH:MM:SS format: 17:11:00
PDF 文件使用 "pdfFactory Pro" 试用版本创建 fineprint
$18,890 $10,070
$4,875