beautypg.com

Configuring the fat ap – H3C Technologies H3C MSR 50 User Manual

Page 53

background image

44

Figure 14 Network diagram

Configuring the fat AP

# Enable port security.

system-view

[Sysname] port-security enable

# Configure the port mode of the WLAN BSS interface as mac-and-psk (with the pre-shared key
12345678) and enable 802.11key negotiation.

[Sysname] interface wlan-bss 1

[Sysname-WLAN-BSS1] port-security port-mode mac-and-psk

[Sysname-WLAN-BSS1] port-security preshared-key pass-phrase 12345678

[Sysname-WLAN-BSS1] port-security tx-key-type 11key

[Sysname-WLAN-BSS1] quit

# Create service template 2 of crypto type and configure its SSID as mactest.

[Sysname] wlan service-template 1 crypto

[Sysname-wlan-st-1] ssid mactest

# Enable the RSN-IE in the beacon and probe responses and enable the AES-CCMP cipher suite in the
encryption of frames.

[Sysname-wlan-st-1] security-ie rsn

[Sysname-wlan-st-1] cipher-suite ccmp

# Configure the authentication method as open-system and enable the service template.

[Sysname-wlan-st-1] authentication-method open-system

[Sysname-wlan-st-1] service-template enable

[Sysname-wlan-st-1] quit

# Configure the IP addresses of the primary authentication server and accounting server as 10.18.1.88,

the shared key for RADIUS authentication/accounting packets as 12345678, and specify the extended
RADIUS server type.

[Sysname] radius scheme rad

[Sysname-radius-rad] primary authentication 10.18.1.88

[Sysname-radius-rad] primary accounting 10.18.1.88

[Sysname-radius-rad] server-type extended

# Configure the shared key for RADIUS authentication/accounting packets as 12345678.

[Sysname-radius-rad] key authentication 12345678

[Sysname-radius-rad] key accounting 12345678

[Sysname-radius-rad] user-name-format without-domain

[Sysname-radius-rad] quit

IP network

L2 switch

FAT AP

Client

10.18.1.88/24

RADIUS server

10.18.1.1/24

This manual is related to the following products: