Click here to load reader

Cau Hinh Controler

  • View
    31

  • Download
    2

Embed Size (px)

Text of Cau Hinh Controler

  • Trn M Phc [email protected]

    Trang 1

    Cu hnh M hnh mng c dng thm Wlan Controller

    I./ Mng khng dy pht trin nh vo nhu cu ca con ngi !!! Yu cu ca doanh nghip dnh cho 1 nh trin khai v thit k mng nh sau :

    1) Anh ta rt ght s b bn v vng vu ca mng c dy v quan trng hn ht , anh y mun mi lc mi ni u c th truy cp d liu ca cng ty v vo c internet. (lu l trong phm vi ti a c th c )

    1.1 ) Nu nh doanh nghip y nh , khng yu cu nhiu lm v tc v khong cch qun tr

    khng xa lm , ta c th trin khai mt mng Adhoc (C 2 cch lm , chng ta s tho lun bi sau). Yu cu ti thiu v duy nht : ch cn 1 my c 2 card mng : card Lan i internet v Wireless Card.+ h thng mng gm cc PC c Wireless Card.

    1.2 ) Doanh nghip y va v nhu cu m rng , chnh sch qun tr h thng khng cao lm , ta c th gii thiu cho h , m hnh n gin sau : gm 1 Access Point (AP) + h thng my tnh c card wireless (ti a nn dng l 15 my) +( mt sever ACS gn vo cng fa0 ca AP bo mt ). Ngoi ra , ta cng c th dng nhng phng php bo mt nh Filter Mac, Wep,Wap .ngay trn AP. (Chng ta s ni v vn ny bi sau). Hn ch :Chng ta phi bit cu hnh AP.

    2) Tuy nhin , nu nh anh ta c mt vi yu cu thm: 2.1) Ti rt ght s b bn v phc tp, doanh nghip ca ti l mt doanh nghip ln rt cn mt mng Wireless m bo c tnh h thng + d qun l + d m rng + Chnh sch bo mt tht tt!!! 2.2) Quan trng hn ht l chng ta lm sao thit k 1 mng nh th no m bt c ai (k c anh ta ) , khng bit g v Wireless cng c th , m rng thm mt mng mi bng cch rt n gin :Gn AP vo mt port ca Switch !!! Cui cng gii quyt vn trn , nht l nguyn nhn 2.2 , tng nh khng th nhng vn c cch !!! l m hnh ch yu gm cc LightWeight Access Point (LAP) + Wireless Lan Controller (WLC) . Nh vy , AP m ta ni n 2.2 ) chnh l LAP (n khng cn phi cu hnh ch cm dy vo mng l t chy) Mt im lu : Ta c th thuyt phc khch hng rng , m bo yu cu 2 trn , nht l 2.2) (ci ny ai cng bit l do ti sao n tn ti!!!), rng anh c th cho chng ti lm ngi cung cp LAP( tc nhin n s cao gi hn AP bnh thng ri) nu nh cng ty cn m rng thm.

  • Trn M Phc [email protected]

    Trang 2

    II./ Topo mng n gin nht v mng c Wireless Lan Controller (WLC): Sau y , ti xin gii thiu v Topo mng n gin nht v mng c WLC, m qua mi ngi c th trin khai thm cho ph hp vi yu cu ca mnh . V d nh ta c th gn thm Switch gia Router v LAP di y p ng nhu cu 2.2 trn , ..

    V phn gn thm Module cho thit b to thnh 2 trong 1 ny c rt nhiu phng n . V d nh ta c th gn thm module WLC vo Switch 6500 _khi Switch ny s m nhn nhiu vic : nh tuyn cho Vlan thng v Wlan hay gn vo Router 2811 tr ln , nh thit b dng trong Topo Lab ny!!!

  • Trn M Phc [email protected]

    Trang 3

    Sau y s l m hnh , ta s trin khai trong bi ny

  • Trn M Phc [email protected]

    Trang 4

    Mt s ch thch trc khi bt u bi Lab: mi ngi d hnh dung sau y l hnh nh ca Wireless Lan Module:

    Khi dng cu lnh :show ip interface brief trong mode priviledge ca Router 2811, ta s thy interdace dng giao tip ca WLCModule l :interface Wlan-controller 1/0 hiu thm v a ch qun tr (IP manager + IP Ap-manager ) ta c th tham kho trong gio trnh v Wireless ca BCMSN. y l 2 interface mc nh (static) cn phi c cho WLC. Nhim v ch yu 2 interface y l : 1. IP manager :dng qun tr ton b WLC , cn phi c cu hnh WLC bng

    giao din Web. bi Lab ny l 192.168.1.24

    2. IP AP-manager dng qun tr cc LAP bi Lab ny l 192.168.1.25

  • Trn M Phc [email protected]

    Trang 5

    Ngoi nhng ch thch lin quan n Topo mng, ti xin b sung thm v cc kin thc ca : 1) DHCP

  • Trn M Phc [email protected]

    Trang 6

    2) NAT

    DHCP (Dynamic Host Control Protocol ) : Mt giao thc dng cp pht ng a ch Ip cho mt host. NAT : (Network Address Translate): Dng chuyn i a ch mng ni b thnh da ch bn ngoi , nhm mc ch gip cho mng ni b c th truyn thng c vi Internet hay th gii bn ngoi ca mng.

  • Trn M Phc [email protected]

    Trang 7

    By gi chng ta bt u cu hnh cho bi Lab O1.) Bc dng chung cho c 2 cch cu hnh bng cu lnh v bng giao din Web: Bc 1 : Ta xa ht tt c cu hnh ca cc thit b (khng cn xa cu hnh LAP)

    1.) i vi Router, ta vo mode privilege nh cu lnh : #erase start .Sau nh tip #reload

    2.) Sau khi router khi ng tr li ta cu hnh a ch Ip cho interface wlan-controller1/0 bng cu lnh :

    (config-if)#ip address 192.168.1.1 255.255.255.0 (config-if)#no shut

    3.)Sau , ta nhn Ctrl+Z tr v mode priviledge v nh tip cu lnh :#service wlan-controller 1/0 session 4..) Ta telnet vo WCLModule ( kt thc phin telnet ta nhn kt hp 3 phm Ctrl + Shilf + 6 , sau nhn x, mun vo li WCL , mode priviledge ca Router ta nhn Enter 2 ln . Tip theo ,khi vo cu hnh khi ng ,ta nh user: cisco password :cisco . Sau ta s vo du nhc nh sau :(Cisco Controller) >.G nh hng dn xa cu hnh ca WLCModule.:

    (Cisco Controller) >clear config Are you sure you want to clear the configuration? (y/n) y Configuration Cleared! (Cisco Controller) >reset system The system has unsaved changes. Would you like to save them now? (y/N) n Configuration Not Saved! Are you sure you would like to reset the system? (y/N) y

  • Trn M Phc [email protected]

    Trang 8

    Bc 2 : Ci t cc thng s khi to ban u ca WCLModule:

    Enter Administrative User Name (24 characters max): phuc # to username Enter Administrative Password (24 characters max): *****# to password Management Interface IP Address: 192.168.1.24 # To ip manager Management Interface Netmask: 255.255.255.0 #Subnetmask Management Interface Default Router: 192.168.1.1 # a ch ca intface WLC 1/0 Management Interface VLAN Identifier (0 = untagged): 0 Management Interface Port Num [1]: Management Interface DHCP Server IP Address: 192.168.1.24# Ip manager AP Manager Interface IP Address: 192.168.1.25 # Ip Ap-manager AP-Manager is on Management subnet, using same values AP Manager Interface DHCP Server (192.168.1.24): # press Enter Virtual Gateway IP Address: 1.1.1.1 # N s l a ch DHCP server cho user Mobility/RF Group Name: vnpro Network Name (SSID): vlan1# y l tn ca Vlan1 dng qun tr SSID Allow Static IP Addresses [YES][no]: no #cu hnh Ip ng Configure a RADIUS Server now? [YES][no]: no Warning! The default WLAN security policy requires a RADIUS server. Please see documentation for more details. Enter Country Code (enter 'help' for a list of countries) [US]: no Enable 802.11b Network [YES][no]: yes Enable 802.11a Network [YES][no]: yes Enable 802.11g Network [YES][no]: yes Enable Auto-RF [YES][no]: no Configure a NTP server now? [YES][no]: no Configure the system time now? [YES][no]: no Warning! No AP will come up unless the time is set. Please see documentation for more details. Configuration correct? If yes, system will save it and reset. [yes][NO]: yes

  • Trn M Phc [email protected]

    Trang 9

    Bc 3 : Cu hnh cho Router 2811 II./ Hai cch cu hnh cho Wireless Lan Controller Module :

    interface FastEthernet0/0 ip address 192.168.4.1 255.255.255.0# gn ip address cho fa0/0 ip nat inside # p chiu vo cho qu trnh NAT interface FastEthernet0/1 ip address 10.215.219.10 255.255.255.0#c th gn ng bng cu lnh ip address dhcp ip nat outside # p chiu ra ca qu trnh NAT ip dhcp pool lap # Pool a ch ng gn cho cng fa0 ca LAP network 192.168.4.0 255.255.255.0 default-router 192.168.4.1 # a ch cng fa0/0 option 43 hex f104.c0a8.0119 # Tham kho thm ch thch cui bi option 60 ascii "Cisco AP c1130"# Tham kho thm ch thch cui bi ! ip dhcp pool vlan2 network 192.168.2.0 255.255.255.0 default-router 192.168.2.1 dns-server 203.162.4.190 ! ip dhcp pool vlan3 network 192.168.3.0 255.255.255.0 default-router 192.168.3.1 dns-server 203.162.4.190 interface wlan-controller1/0.2 # To Sub interface WLC1/0 encapsulation dot1Q 2 # chun ng gi ip address 192.168.2.1 255.255.255.0 # Ip add = Ip add ca default-router tng ng ip nat inside # Cu lnh rt quan trng thng hay qun ! interface wlan-controller1/0.3 encapsulation dot1Q 3 ip address 192.168.3.1 255.255.255.0 ip nat inside # ip route 0.0.0.0 0.0.0.0 10.215.219.254# Cu lnh thng hay qun khi NAT , n dng to default route n ADSL router cho ton mng , ta c th i Internet. Nu m thiu cu lnh ny , ta ch c th PING n n m khng th ra Internet!!!

    Bc cui cng : Ta cu hnh NAT nh hng dn trn !!!!# Xem phn b sung bn trn

    Tm lc nhng ci quan trng trong cu hnh Router m ta thng hay qun : 1) a ch intface i ni ra ngoi mng (Fa0/1) nn cho Server DHCP cp a ch ng cho n trnh trng

    hp trng a ch. 2) option 43 hex f104.c0a8.0119# c0a8.0119 phi l a ch IP AP-Manager 3) l cu lnh Ip nat inside # Mi ngi thng qun khng t n vo cc

    Subinterface WLC 4) Cui cng l ip route 0.0.0.0 0.0.0.0

  • Trn M Phc [email protected]

    Trang 10

    O2.)C hai cch theo ti u hay : Nhng c th cu hnh cho nhng trng hp tng t mt cch nhanh chng bng giao din Web. Theo ti , chng ta nn tham kho v cu hnh theo giao din Command line trc : C1 :Giao din command Line: Bc 1 : To 2 dynamic interface c tn l Vlan 2 v Vlan3 (Cisco Controller)config > interface create vlan2 2 # 2 l Vlan ID (Cisco Controller)config > interface create vlan3 3

    Bc 2 : t Ip address , Subnet-mask, v Default Gateway cho nhng interface trn: Cisco Controller) config >interface address vlan2 92.168.2.254 255.255.255.0 192.168.2.1

    (Cisco Controller) config> interface address vlan3 192.168.3.254 255.255.255.0 192.168.3.1

    Bc 3 :To Wlan 2, 3 tng ng vi SSID vlan2 v vlan3 (Cisco Controller)config >wlan create 2 vlan2 # 2 l Wlan ID, vlan2 l SSID (Cisco Controller)config >wlan create 3 vlan3

    Bc 4: Rng buc