2:
Npr konfiguracija kod mene, 'optix' ssid sa wpa2, 'test' open:
Code:
dot11 ssid optix
vlan 100
authentication open
authentication key-management wpa
guest-mode
mbssid guest-mode
wpa-psk ascii 7 *
!
dot11 ssid test
vlan 150
authentication open
mbssid guest-mode
information-element ssidl advertisement
!
interface Dot11Radio0
encryption vlan 100 mode ciphers aes-ccm
!
broadcast-key vlan 100 change 30 membership-termination capability-change
!
ssid optix
!
ssid test
!
mbssid
!
Odgovarajuci interfejsi (dodaj za svaki vlan):
Code:
!
interface Dot11Radio0.100
encapsulation dot1Q 100
no ip route-cache
no cdp enable
bridge-group 100
bridge-group 100 block-unknown-source
no bridge-group 100 source-learning
no bridge-group 100 unicast-flooding
bridge-group 100 spanning-disabled
!
!
interface FastEthernet0.100
encapsulation dot1Q 100
no ip route-cache
no cdp enable
bridge-group 100
no bridge-group 100 source-learning
bridge-group 100 spanning-disabled
!
Management interfejs (netagovan vlan1)
Code:
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
no cdp enable
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
no cdp enable
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 10.10.10.200 255.255.255.0
no ip route-cache
!
Na switch-u:
Code:
!
interface FastEthernet0/7
description trunk ka ap1120
switchport mode trunk
switchport trunk native vlan 1
switchport trunk allowed vlan add 100,150
switchport nonegotiate
spanning-tree portfast trunk
spanning-tree bpdufilter enable
!
Nije neophodno da budu konfigurisani iskljucivo vlan-ovi koji su na ap-u, mozes, ako hoces, da propustis i sve...
c2950-24#sh int fa0/7 trunk
Port Mode Encapsulation Status Native vlan
Fa0/7 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/7 1,100,150
Port Vlans allowed and active in management domain
Fa0/7 1,100,150
Port Vlans in spanning tree forwarding state and not pruned
Fa0/7 1,100,150
1:
Mozes li da posaljes output-e 'sh vlan' i 'sh int trunk' sa switcheva?
"99% of your thought process is protecting your self-conceptions,
and 98% of that is wrong."