无线 AC 部署检查清单
基础系统配置
- [ ] 设置设备名称(
sysname 无线控制器)
- [ ] 设置时区为北京时间
- [ ] 启用 NTP 时间同步并配置服务器
基础服务启用
- [ ] 启用 Telnet、SSH、HTTP、HTTPS、Netconf
- [ ] 启用 DHCP 功能
- [ ] 启用 LLDP 邻居发现
- [ ] 启用密码恢复功能
VLAN 与地址池配置
- [ ] 创建 VLAN 23–26
- [ ] 配置 DHCP 地址池 1(192.168.0.0/24)ac自带配置
- [ ] 配置 DHCP 地址池 4094(10.40.92.0/22)ac自带配置
SSID 模板配置(service-template)
- [ ] 创建访客 SSID(GUEST → VLAN 25)
- [ ] 创建员工 SSID(STAFF → VLAN 24)
- [ ] 创建特定 SSID(Sub → VLAN 23)
- [ ] 创建特殊 SSID(H3C-G-4494D0 → VLAN 4094)ac自带配置
接口与 IP 配置
- [ ] Vlan-interface1 设置为 DHCP 获取 ac自带配置
- [ ] Vlan-interface26 设置为静态 IP(10.200.26.249)
- [ ] Vlan-interface4094 设置为静态 IP,并绑定地址池 ac自带配置
物理接口配置
- [ ] GE1/0/7、GE1/0/8 设置为三层接口,启用 NAT
- [ ] GE1/0/1 设置为二层 Trunk,允许 VLAN 23–26
- [ ] 移除 Trunk 接口上的 VLAN 1
射频优化与自动发现
- [ ] 启用自动信道优化
- [ ] 启用自动功率优化
- [ ] 启用自动 AP 功能与持久化
- [ ] 设置 TCP MSS(1360)
AP 组与射频绑定
- [ ] 创建 group1,绑定 AP Sub,radio1–3 → SSID Sub
- [ ] 创建 group2,绑定 AP ap2、qiant,radio1–3 → SSID guest + staff
AP 注册与序列号绑定
- [ ] 注册 AP Sub(WA5530,序列号 219801A0YFxxxxxxxxx)
- [ ] 注册 AP qiant(WA5530,序列号 219801A0YFxxxxxxxxxx)
用户与权限配置
- [ ] 创建管理员账号 admin,授权 network-admin
- [ ] 配置 console 和 vty 登录认证方式与角色
路由与日志配置
- [ ] 配置默认路由(0.0.0.0 → 10.200.26.254)
- [ ] 设置日志文件大小
- [ ] 禁用 info-center 日志输出
云管理与域配置
- [ ] 配置云管理服务器地址(cloudnet.h3c.com)
- [ ] 启用系统域与默认域
AC实际配置(型号:WX2520X)
一、基础系统配置
sysname 无线控制器
clock timezone Beijing add 08:00:00
clock protocol ntp
ntp-service enable
ntp-service unicast-server pool.ntp.org
二、启用基础服务
telnet server enable
ssh server enable
ip http enable
ip https enable
netconf soap http enable
dhcp enable
lldp global enable
password-recovery enable
三、创建 VLAN
vlan 1
vlan 23 to 26
vlan 4094
四、配置 DHCP 地址池(ac自带配置)
dhcp server ip-pool 1
gateway-list 192.168.0.100
network 192.168.0.0 mask 255.255.255.0
dns-list 192.168.0.100
dhcp server ip-pool 4094
gateway-list 10.40.94.1
network 10.40.92.0 mask 255.255.252.0
dns-list 10.40.94.1
五、配置 SSID 模板(service-template)
wlan service-template guest
ssid GUEST
vlan 25
akm mode psk
preshared-key pass-phrase cipher ...
cipher-suite ccmp
security-ie rsn
service-template enable
wlan service-template staff
ssid STAFF
vlan 24
akm mode psk
preshared-key pass-phrase cipher ...
cipher-suite ccmp
security-ie rsn
service-template enable
wlan service-template sub
ssid Sub
vlan 23
akm mode psk
preshared-key pass-phrase cipher ...
cipher-suite ccmp
security-ie rsn
service-template enable
wlan service-template h3c-g-4494d0
ssid H3C-G-4494D0
vlan 4094
service-template enable
六、配置接口 IP 与 DHCP 绑定
interface Vlan-interface1
ip address dhcp-alloc
interface Vlan-interface26
ip address 10.200.26.249 255.255.255.0
interface Vlan-interface4094
ip address 10.40.94.1 255.255.252.0
dhcp server apply ip-pool 4094
七、配置物理接口
interface GigabitEthernet1/0/7
port link-mode route
ip address dhcp-alloc
nat outbound
undo dhcp select server
interface GigabitEthernet1/0/8
port link-mode route
ip address dhcp-alloc
nat outbound
undo dhcp select server
interface GigabitEthernet1/0/1
port link-mode bridge
description TO-核心-g1/0/3
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 23 to 26
八、射频优化与自动发现
wlan global-configuration
calibrate-channel self-decisive enable all
calibrate-power self-decisive enable all
wlan auto-ap enable
wlan auto-persistent enable
wlan tcp mss 1360
九、配置 AP 组与射频绑定
wlan ap-group group1
led-mode quiet
vlan 1
ap Sub
ap ap1
ap-model WA5530
radio 1
service-template sub
radio 2
service-template sub
radio 3
service-template sub
wlan ap-group group2
vlan 1
ap ap2
ap qiant
ap-model WA5530
radio 1
service-template guest
service-template staff
radio 2
service-template guest
service-template staff
radio 3
service-template guest
service-template staff
十、注册 AP(绑定序列号)
wlan ap Sub model WA5530
serial-id 219801A0YFxxxxxxxxxx
vlan 1
radio 1/2/3
gigabitethernet 1/2
wlan ap qiant model WA5530
serial-id 219801A0YFxxxxxxxxxx
vlan 1
radio 1/2/3
gigabitethernet 1/2
十一、用户与权限配置
local-user admin class manage
password hash ...
service-type ssh terminal https
authorization-attribute user-role network-admin
line con 0
authentication-mode scheme
user-role network-admin
line vty 0 31
authentication-mode scheme
user-role network-operator
十二、路由与日志配置
ip route-static 0.0.0.0 0 10.200.26.254
scheduler logfile size 16
undo info-center logfile enable
十三、云管理与域配置
cloud-management server domain cloudnet.h3c.com
domain system
domain default enable system