恢复出厂
<WA2620i-AGN>reset save
The saved configuration file will be erased. Are you sure? [Y/N]:y
Configuration file in flash is being cleared.
Please wait ...
....
Configuration file is cleared.
<WA2620i-AGN>reboot
Start to check configuration with next startup configuration file, please wait.
........DONE!
This command will reboot the device. Current configuration will be lost, save c
urrent configuration? [Y/N]:n
This command will reboot the device. Continue? [Y/N]:y
#Nov 24 03:03:52:580 2014 WA2620i-AGN DEVM/1/REBOOT:
Reboot device by command.
配置交换机名称
<WA2620i-AGN>sys
System View: return to User View with Ctrl+Z.
[WA2620i-AGN]sysname IT-WA2620-3
配置管理地址
interface Vlan-interface1
ip address 172.16.1.10 255.255.255.0
配置管理员账号及密码,为该用户开启telnet、con、web服务
[IT-WA2620-3]local-user admin
[IT-WA2620-3-luser-admin]password cipher 12345678
[IT-WA2620-3-luser-admin]service-type telnet terminal
[IT-WA2620-3-luser-admin]service-type web
配置con接口与telnet
[IT-WA2620-3]user-interface con 0
[IT-WA2620-3-ui-console0]authentication-mode scheme
[IT-WA2620-3-ui-console0]quit
[IT-WA2620-3]user-interface vty 0 4
[IT-WA2620-3-ui-vty0-4]authentication-mode scheme
[IT-WA2620-3-ui-vty0-4]quit
配置SSH(最好逐行复制输入,中间有对话框,不要全部复制粘贴)
ssh server enable
public-key local create rsa
1024
user-interface vty 0 4
authentication-mode scheme
protocol inbound ssh
quit
local-user admin
service-type ssh
authorization-attribute level 3
quit
ssh user admin service-type stelnet authentication-type password
配置用户之间不隔离
undo wlan-client-isolation enable
添加缺省路由
ip route-static 0.0.0.0 0.0.0.0 172.16.1.1
配置SNMP
snmp-agent
snmp-agent community read public
snmp-agent sys-info version all
配置NTP
ntp-service unicast-server 210.72.145.44
ntp-service unicast-server 202.120.2.101
配置上行链路为Trunk
interface g1/0/1
port link-type trunk
port trunk permit vlan all
配置需要通过VLAN
vlan 10
Description Server-Lan
vlan 20
Description Desktop-Lan
vlan 30
Description Laptop-Lan
vlan 40
Description Guest-Lan
。
。
。
配置多VLAN无线接口
interface WLAN-BSS 11
port link-type access
port access vlan 30
interface WLAN-BSS 12
port link-type access
port access vlan 30
interface WLAN-BSS 13
port link-type access
port access vlan 40
interface WLAN-BSS 14
port link-type access
port access vlan 40
配置模板与SSID参数(通常所谓的AES加密)
wlan service-template 11 crypto
ssid YYE5G-H3C
cipher-suite tkip
security-ie rsn
wlan service-template 12 crypto
ssid YYE-H3C
cipher-suite tkip
security-ie rsn
wlan service-template 13 crypto
ssid Guest5G-H3C
cipher-suite tkip
security-ie rsn
wlan service-template 14 crypto
ssid Guest-H3C
cipher-suite tkip
security-ie rsn
interface WLAN-BSS 11
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase simple 12345678
interface WLAN-BSS 12
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase simple 12345678
interface WLAN-BSS 13
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase simple 12345678
interface WLAN-BSS 14
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase simple 12345678
配置开放SSID(举例)
wlan service-template 1 clear
ssid H3C
配置射频绑定SSID、模板、信道
[IT-WA2620-3]interface WLAN-Radio1/0/1
[IT-WA2620-3-WLAN-Radio1/0/1]service-template 11 interface wlan-bss 11
[IT-WA2620-3-WLAN-Radio1/0/1]service-template 13 interface wlan-bss 13
[IT-WA2620-3-WLAN-Radio1/0/1]interface WLAN-Radio1/0/2
[IT-WA2620-3-WLAN-Radio1/0/1]service-template 12 interface wlan-bss 12
[IT-WA2620-3-WLAN-Radio1/0/1]service-template 14 interface wlan-bss 14
[IT-WA2620-3-WLAN-Radio1/0/1]channel 6
清理默认模板H3C
[IT-WA2620-3]interface WLAN-Radio1/0/2
[IT-WA2620-3-WLAN-Radio1/0/2]undo service-template 1
[IT-WA2620-3-WLAN-Radio1/0/2]quit
[IT-WA2620-3]undo wlan service-template 1
[IT-WA2620-3]undo interface WLAN-BSS32
[IT-WA2620-3]undo interface WLAN-BSS33
启用模板(放出SSID信号)
wlan service-template 11 crypto
service-template enable
wlan service-template 12 crypto
service-template enable
wlan service-template 13 crypto
service-template enable
wlan service-template 14 crypto
service-template enable
