Versions Compared

Old Version 16

changes.mady.by.user Robert Maltarić

Saved on

compared with

New Version Current

changes.mady.by.user Robert Maltarić

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleOsnovni tehnički preduvijeti i pretpostavke

U primjeru konfiguracije koriste se odvojeni management i klijentski VLAN:

  • AP MGMT (VLAN 100)
  • eduroam (VLAN 411) 

Switchport prema AP-u konfiguriran je na sljedeči sljedeći način*:

  • UNTAGGED za AP MGMT
  • TAGGED za eduroam i AP MGMT

Adresa DNS poslužitelja u primjeru: 161.53.2.70

Adresa NTP poslužitelja u primjeru: ntp.srce.hr 

Adresa RADIUS poslužitelja u primjeru: 161.53.2.74

RADIUS portovi u primjeru: 1812 i 1813

Management mreža za AP u primjeru: 10.10.10.0/24

Mreža za eduroam korisnike u primjeru: 10.111.0.0/16

...

  1. Ulazak u konfiguracijski mod:

    Code Block
    languagetext
    AP# configure terminal 
AP (config)#


  2. Kreirajte novi administrativni korisnički račun, šifru za ulazak u konfiguracijski mod te uklonite predefiniranog korisnika Cisco

    Code Block
    languagetext
    username admin secret 0 T@jnas1fr@
enable secret vrl0tajn@51fr@


  3. Postavljanje DNS-a i NTP-a

    Code Block
    languagetext
    ip name-server 161.53.2.70
sntp server ntp.srce.hr
clock timezone UTC +1


  4. Aktivacija AAA (Authentication, Authorization, and Accounting)

    Code Block
    languagetext
    aaa new-model


  5. Definiranje RADIUS poslužitelja

    Code Block
    languagetext
    radius-server host 161.53.2.73 auth-port 1812 acct-port 1813 key vrl0tajn@sifra!

aaa group server radius radsrv
server 161.53.2.73 auth-port 1812 acct-port 1813

aaa authentication login eap_methods group radsrv
aaa authorization network default group radsrv
aaa accounting send stop-record authentication failure
aaa accounting session-duration ntp-adjusted
aaa accounting update newinfo periodic 15
aaa accounting network default start-stop group radsrv
aaa accounting network acct_methods start-stop group radsrv


  6. Definiranje eduroam SSID-a

    Code Block
    languagetext
    dot11 ssid eduroam
vlan 411
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa version 2
accounting acct_methods
guest-mode


  7. Konfiguracija management sučelja i dodavanje defaultne route

    Code Block
    languagetext
    interface GigabitEthernet0
no shutdown

interface BVI1
ip address 10.10.10.150 255.255.255.0

ip default-gateway 10.10.10.1


  8. Dodavanje eduroam SSID-a na radio sučelja

    Code Block
    languagetext
    interface Dot11Radio0
encryption vlan 411 mode ciphers aes-ccm
ssid eduroam
no shutdown

interface Dot11Radio1
encryption vlan 411 mode ciphers aes-ccm
ssid eduuroam
no shutdown


  9. Povezivanje žičanih i radio sučelja u bridge grupu

    Code Block
    languagetext
    interface GigabitEthernet0.411
encapsulation dot1Q 411
bridge-group 2

interface dot11Radio0.411
encapsulation dot1Q 411
bridge-group 2

interface dot11Radio1.411
encapsulation dot1Q 411
bridge-group 2


  10. Podešavanje automatskog odabira kanala između 1-6-11 za 2.4 GHz radio sučelje

    Code Block
    languagetext
    interface Dot11Radio0
channel least-congested 1 6 11


  11. Izlazak iz konfiguracijskog moda i spremanje konfiguracije

    Code Block
    languagetext
    end
write memory


  12. Podesite ostale postavke prema vlastitim potrebama