分类: 系统运维
2011-08-30 16:06:50
version 12.4
service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RZTELE
!
enable secret 5 $1$WlqT$GgLfJfxBeZ.XgGuZfcajP.
!
no aaa new-model
!
!
dot11 vlan-name v-huiyishi vlan 271
dot11 vlan-name v-test vlan 270
dot11 vlan-name v-wangluobu vlan 263
dot11 vlan-name v-wangyunbu vlan 15
dot11 vlan-name vlan-1 vlan 1 \\给vlan命名
!
dot11 ssid ChinaNet \\定义ssid
vlan 1
authentication open
guest-mode
mbssid guest-mode \\以上不需要的
!
dot11 ssid HuiYiShi
vlan 271
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 0 1234567890 \\以上是wpa认证的配置
!
dot11 ssid WangLuobu
vlan 263
authentication open
mbssid guest-mode
!
dot11 ssid WangYunBu
vlan 15
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 0 wangyunbu.pass
!
!
!
username Cisco privilege 15 password 0 123456
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers tkip
!
encryption vlan 15 mode ciphers tkip
!
encryption vlan 270 mode ciphers tkip
!
encryption vlan 271 mode ciphers tkip 认证的加密配置
!
ssid ChinaNet
!
ssid HuiYiShi
!
ssid WangLuobu
!
ssid WangYunBu \\将ssid应用到端口上
!
mbssid \\启用多ssid功能
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1
no ip route-cache
!
interface Dot11Radio0.15
encapsulation dot1Q 15 native \\配置管理vlan要加上native
ip address 172.20.63.30 255.255.255.0
no ip route-cache
bridge-group 1 \\选择组别(范围是1-255),要和下面的interface FastEthernet0.15一致
bridge-group 1 port-protected
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.263
encapsulation dot1Q 263
ip address 172.20.62.109 255.255.255.240
no ip route-cache
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 port-protected
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
bridge-group 255 spanning-disabled
!
interface Dot11Radio0.270
encapsulation dot1Q 270
no ip route-cache
bridge-group 254
bridge-group 254 subscriber-loop-control
bridge-group 254 port-protected
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
bridge-group 254 spanning-disabled
!
interface Dot11Radio0.271
encapsulation dot1Q 271
no ip route-cache
bridge-group 253
bridge-group 253 subscriber-loop-control
bridge-group 253 port-protected
bridge-group 253 block-unknown-source
no bridge-group 253 source-learning
no bridge-group 253 unicast-flooding
bridge-group 253 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
speed 100
full-duplex
!
interface FastEthernet0.1
encapsulation dot1Q 1
no ip route-cache
!
interface FastEthernet0.15
encapsulation dot1Q 15 native
ip address dhcp
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.263
encapsulation dot1Q 263
ip address 172.20.62.110 255.255.255.240
no ip route-cache
bridge-group 255
no bridge-group 255 source-learning
bridge-group 255 spanning-disabled
!
interface FastEthernet0.270
encapsulation dot1Q 270
no ip route-cache
bridge-group 254
no bridge-group 254 source-learning
!
interface FastEthernet0.271
encapsulation dot1Q 271
ip address dhcp
no ip route-cache
bridge-group 253
no bridge-group 253 source-learning
bridge-group 253 spanning-disabled
!
interface BVI1
ip address 172.20.63.8 255.255.255.0 \\配置管理vlan的ip地址
no ip route-cache
!
ip http server
no ip http secure-server
ip http help-path
no cdp run
bridge 1 route ip
!
!
!
line con 0
password Cisco
line vty 0 4
password Cisco
login
!
end
