LAB 2 : Configuring Layer 2 Direct Forwarding in Bypass Mode with Hand-

in-Hand WDS Services

Service Requirements

Enterprise users can access the network through WLANs, which is the basic requirement of
mobile office. Considering the high costs of wired AP deployment, enterprises need to set up
wireless distribution system (WDS) links for wireless backhaul to provide service coverage,
ensuring that enterprise users can access the WLAN.

Networking Requirements

 AC networking mode: Layer 2 networking in bypass mode

 DHCP deployment mode:
o The AC functions as a DHCP server to assign IP addresses to APs.
o The aggregation switch (Switch_A) functions as a DHCP server to assign IP
addresses to STAs.
 Wireless backhaul mode: hand-in-hand WDS
 Backhaul radio: 5 GHz
 Service data forwarding mode: direct forwarding
Data Planning

AP Type MAC Address

AP_1 AP4050DN @MAC-AP1
AP_2 AP4050DN @MAC-AP2
AP_3 AP4050DN @MAC-AP3

Item Data
Management VLAN for APs VLAN 100
Service VLAN for STAs VLAN 101

VLAN 102
DHCP server The AC functions as a DHCP server to assign
IP addresses to APs. Switch_A functions as a
DHCP server to assign IP addresses to STAs.
IP address pool for APs 10.23.100.2-10.23.100.254/24
IP address pool for STAs 10.23.101.3-10.23.101.254/24

10.23.102.3-10.23.102.254/24
AC's source interface address VLANIF 100
WDS mode  Radio 1 on AP_1: root
 Radio 1 on AP_2: leaf
 Radio 0 on AP_2: root
 Radio 1 on AP_3: leaf

Regulatory domain profile  Name: default

 Country code: TN

SSID profile  Name: WIFI-ENS

 SSID name: WIFI-ENS

 Name: WIFI-ETUD
 SSID name: WIFI-ETUD

Wireless service security profile  Name: WIFI-ENS

 Security policy: WPA-
WPA2+PSK+AES
 Password: Iset123

 Name: WIFI-ETUD
 Item Data
 Security policy: open

VAP profile  Name: WIFI-ENS

 Forwarding mode: direct forwarding
 Service VLAN: VLAN 101
 Referenced profiles: SSID profile
WIFI-ENS and security profile WIFI-
ENS

 Name: WIFI-ETUD
 Forwarding mode: direct forwarding
 Service VLAN: VLAN 102
 Referenced profiles: SSID profile
WIFI-ETUD and security profile
WIFI-ETUD

WDS link security profile  Name: wds-security

 Security policy: WPA2+PSK+AES
 Password type: PASS-PHRASE
 Password: Iset123

WDS whitelist profile  Name: wds-list1

 AP MAC address: MAC address of
AP_2 (leaf)

 Name: wds-list2
 AP MAC address: MAC address of
AP_3 (leaf)

WDS profile  Name: wds-root

 WDS name: wlan-wds
 WDS working mode: root
 Tagged VLAN: VLAN 101
 Referenced profile: security profile
wds-security

 Name: wds-leaf
 WDS name: wlan-wds
 WDS working mode: leaf
 Tagged VLAN: VLAN 101
 Referenced profile: security profile
wds-security
 Item Data
AP group  Name: ap-group1
 Root APs, such as AP_1, are added to
the group.
 Referenced profiles: WDS profile
wds-root, VAP profile wlan-net, and
regulatory domain profile default

 Name: ap-group2
 Root and leaf APs, such as AP_2, are
added to the group.
 Referenced profiles: WDS profiles
wds-root and wds-leaf, VAP profile
wlan-net, and regulatory domain
profile default

 Name: ap-group3
 Leaf APs, such as AP_3, are added to
the group.
 Referenced profiles: WDS profile
wds-leaf, VAP profile wlan-net, and
regulatory domain profile default

Configuration Roadmap

1. Configure root node AP_1 to go online on the AC.

a. Create an AP group and add APs that require the same configuration to the
group for unified configuration.
b. Configure AC system parameters, including the country code and source
interface used by the AC to communicate with the APs.
c. Configure the AP authentication mode and import the APs offline to allow the
APs to go online.
2. Configure WDS services so that APs in and Area C can go online through WDS
wireless virtual links.
3. Configure WLAN service parameters for STAs to access the WLAN.

Procedure

1. Configure the network devices.

 # Add GE0/0/1 and GE0/0/2 on Switch_B to VLAN 100 and VLAN 101. The default
VLAN of GE0/0/1 is VLAN 100.

<HUAWEI> system-view
[HUAWEI] sysname Switch_B
[Switch_B] vlan batch 100 to 102
[Switch_B] interface gigabitEthernet 0/0/1
[Switch_B-GigabitEthernet0/0/1] port link-type trunk
[Switch_B-GigabitEthernet0/0/1] port trunk pvid vlan 100
[Switch_B-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 to 102
[Switch_B-GigabitEthernet0/0/1] port-isolate enable
[Switch_B-GigabitEthernet0/0/1] quit
[Switch_B] interface gigabitEthernet 0/0/2
[Switch_B-GigabitEthernet0/0/2] port link-type trunk
[Switch_B-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 to 102
[Switch_B-GigabitEthernet0/0/2] quit

# Configure the aggregation switch Switch_A. Configure GE0/0/1 to allow packets

from VLAN 100 and VLAN 101 to pass through, GE0/0/2 to allow packets from
VLAN 100 to pass through, and GE0/0/3 to allow packets from VLAN 101 to pass
through.

<HUAWEI> system-view
[HUAWEI] sysname Switch_A
[Switch_A] vlan batch 100 to 102
[Switch_A] interface gigabitEthernet 0/0/1
[Switch_A-GigabitEthernet0/0/1] port link-type trunk
[Switch_A-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 to 102
[Switch_A-GigabitEthernet0/0/1] quit
[Switch_A] interface gigabitEthernet 0/0/2
[Switch_A-GigabitEthernet0/0/2] port link-type trunk
[Switch_A-GigabitEthernet0/0/2] port trunk allow-pass vlan 100
[Switch_A-GigabitEthernet0/0/2] quit
[Switch_A] interface gigabitEthernet 0/0/3
[Switch_A-GigabitEthernet0/0/3] port link-type trunk
[Switch_A-GigabitEthernet0/0/3] port trunk allow-pass vlan 101 to 102
[Switch_A-GigabitEthernet0/0/3] quit

# Add GE1/0/0 on Router to VLAN 101. Create VLANIF 101 and set its IP address to
10.23.101.2/24.

<Huawei> system-view
[Huawei] sysname Router
[Router] vlan batch 101 to 102
[Router] interface gigabitethernet 0/0/1
[Router-GigabitEthernet1/0/0] port link-type trunk
[Router-GigabitEthernet1/0/0] port trunk allow-pass vlan 101 to 102
[Router-GigabitEthernet1/0/0] quit
[Router] interface vlanif 101
[Router-Vlanif101] ip address 10.23.101.2 24
[Router-Vlanif101] quit
[Router] interface vlanif 102
[Router-Vlanif101] ip address 10.23.102.2 24
[Router-Vlanif101] quit

2. Configure the AC to communicate with the network devices.

 # On the AC, configure GE0/0/1 to allow packets from VLAN 100 to pass through.

<AC6605> system-view
[AC6605] sysname AC
[AC] vlan batch 100
[AC] interface gigabitEthernet 0/0/1
[AC-GigabitEthernet0/0/1] port link-type trunk
[AC-GigabitEthernet0/0/1] port trunk allow-pass vlan 100
[AC-GigabitEthernet0/0/1] quit

3. Configure the DHCP servers to assign IP addresses to APs and STAs.

# Configure Switch_A as a DHCP server to assign IP addresses to STAs from the

global address pool.

Configuring DHCP for users in WLAN-ENS

[Switch_A] dhcp enable

[Switch_A] ip pool pool-101
[Switch A-ip-pool-pool-101]gateway-list 10.23.101.2
[Switch A-ip-pool-pool-101] network 10.23.101.0 mask 255.255.255.0
[Switch A-ip-pool-pool-101]lease day 0 hour 1 minute 0
[Switch A-ip-pool-pool-101]dns-list 10.23.101.2
[Switch A-ip-pool-pool-101]quit

[Switch A] interface vlanif 101

[Switch A -Vlanif101] ip address 10.23.101.1 24
[Switch A -Vlanif101] quit

Configuring DHCP for users in WLAN-ETUD

[Switch_A] dhcp enable

[Switch_A] ip pool pool-102
[Switch A-ip-pool-pool-101]gateway-list 10.23.102.2
[Switch A-ip-pool-pool-101] network 10.23.102.0 mask 255.255.255.0
[Switch A-ip-pool-pool-101]lease day 0 hour 1 minute 0
[Switch A-ip-pool-pool-101]dns-list 10.23.102.2
[Switch A-ip-pool-pool-101]quit

[Switch A] interface vlanif 102

[Switch A -Vlanif101] ip address 10.23.102.1 24
[Switch A -Vlanif101] quit

# Enable DHCP on the AC to assign IP addresses to the APs from the interface
address pool.

[AC] dhcp enable

[AC] interface vlanif 100
[AC-Vlanif100] ip address 10.23.100.1 24
[AC-Vlanif100] dhcp select interface
[AC-Vlanif100] quit

4. Configure an AP to go online.
# Create AP groups ap-group1, ap-group2, and ap-group3.

[AC] wlan
[AC-wlan-view] ap-group name ap-group1
[AC-wlan-ap-group-ap-group1] quit
[AC-wlan-view] ap-group name ap-group2
[AC-wlan-ap-group-ap-group2] quit
[AC-wlan-view] ap-group name ap-group3
[AC-wlan-ap-group-ap-group3] quit

# Create a regulatory domain profile, configure the AC country code in the profile,
and apply the profile to the AP group.

[AC-wlan-view] regulatory-domain-profile name default

[AC-wlan-regulate-domain-default] country-code tn
[AC-wlan-regulate-domain-default] quit
[AC-wlan-view] ap-group name ap-group1
[AC-wlan-ap-group-ap-group1] regulatory-domain-profile default
Warning: Modifying the country code will clear channel, power and
antenna gain configurations of the radio and reset the AP. Continu
e?[Y/N]:y
[AC-wlan-ap-group-ap-group1] quit
[AC-wlan-view] ap-group name ap-group2
[AC-wlan-ap-group-ap-group2] regulatory-domain-profile default
Warning: Modifying the country code will clear channel, power and
antenna gain configurations of the radio and reset the AP. Continu
e?[Y/N]:y
[AC-wlan-ap-group-ap-group2] quit
[AC-wlan-view] ap-group name ap-group3
[AC-wlan-ap-group-ap-group3] regulatory-domain-profile default
Warning: Modifying the country code will clear channel, power and
antenna gain configurations of the radio and reset the AP. Continu
e?[Y/N]:y
[AC-wlan-ap-group-ap-group3] quit
[AC-wlan-view] quit

# Configure the AC's source interface.

[AC] capwap source interface vlanif 100

# Add (AP_1, AP_4), AP_2, and AP_3 to AP group ap-group1, ap-group2, and ap-
group3, respectively.

NOTE:

The default AP authentication mode is MAC address authentication. If the default

settings are retained, you do not need to run the ap auth-mode mac-auth command.

In this example, the AP4050DN is used and has two radios: radio 0 and radio 1.

[AC] wlan
[AC-wlan-view] ap auth-mode mac-auth
[AC-wlan-view] ap-id 1 ap-mac @MAC-AP1
[AC-wlan-ap-1] ap-name AP_1
[AC-wlan-ap-1] ap-group ap-group1
 Warning: This operation may cause AP reset. If the country code
changes, it will clear channel, power and antenna gain configuration
s of the radio, Whether to continue? [Y/N]:y
[AC-wlan-ap-1] quit

[AC-wlan-view] ap-id 4 ap-mac @MAC-AP4

[AC-wlan-ap-4] ap-name AP_4
[AC-wlan-ap-4] ap-group ap-group1
Warning: This operation may cause AP reset. If the country code
changes, it will clear channel, power and antenna gain configuration
s of the radio, Whether to continue? [Y/N]:y
[AC-wlan-ap-4] quit

[AC-wlan-view] ap-id 2 ap-mac @MAC-AP2

[AC-wlan-ap-2] ap-name AP_2
[AC-wlan-ap-2] ap-group ap-group2
Warning: This operation may cause AP reset. If the country code
changes, it will clear channel, power and antenna gain configuration
s of the radio, Whether to continue? [Y/N]:y
[AC-wlan-ap-2] quit

[AC-wlan-view] ap-id 3 ap-mac @MAC-AP3

[AC-wlan-ap-3] ap-name AP_3
[AC-wlan-ap-3] ap-group ap-group3
Warning: This operation may cause AP reset. If the country code
changes, it will clear channel, power and antenna gain configuration
s of the radio, Whether to continue? [Y/N]:y
[AC-wlan-ap-3] quit

5. Configure WLAN service parameters.

# Create security profile WIFI-ENS and set the security policy in the profile.

[AC-wlan-view] security-profile name WIFI-ENS

[AC-wlan-sec-prof-wlan-net] security wpa-wpa2 psk pass-phrase
Iset123456 aes
[AC-wlan-sec-prof-wlan-net] quit

# Create SSID profile wlan-net and set the SSID name to WIFI-ENS.

[AC-wlan-view] ssid-profile name WIFI-ENS

[AC-wlan-ssid-prof-wlan-net] ssid WIFI-ENS
[AC-wlan-ssid-prof-wlan-net] quit

# Create VAP profile WIFI-ENS, set the data forwarding mode and service VLAN, and
apply the security profile and SSID profile to the VAP profile.

[AC-wlan-view] vap-profile name WIFI-ENS

[AC-wlan-vap-prof-wlan-net] forward-mode direct-forward
[AC-wlan-vap-prof-wlan-net] service-vlan vlan-id 101
[AC-wlan-vap-prof-wlan-net] security-profile WIFI-ENS
[AC-wlan-vap-prof-wlan-net] ssid-profile WIFI-ENS
[AC-wlan-vap-prof-wlan-net] quit

# Create security profile WIFI-ETUD and set the security policy in the profile.

[AC-wlan-view] security-profile name WIFI-ETUD

[AC-wlan-sec-prof-wlan-net] security open
 [AC-wlan-sec-prof-wlan-net] quit

# Create SSID profile wlan-net and set the SSID name to WIFI-ETUD.

[AC-wlan-view] ssid-profile name WIFI-ETUD

[AC-wlan-ssid-prof-wlan-net] ssid WIFI-ETUD
[AC-wlan-ssid-prof-wlan-net] quit

# Create VAP profile WIFI-ETUD, set the data forwarding mode and service VLAN,
and apply the security profile and SSID profile to the VAP profile.

[AC-wlan-view] vap-profile name WIFI-ETUD

[AC-wlan-vap-prof-wlan-net] forward-mode direct-forward
[AC-wlan-vap-prof-wlan-net] service-vlan vlan-id 102
[AC-wlan-vap-prof-wlan-net] security-profile WIFI-ETUD
[AC-wlan-vap-prof-wlan-net] ssid-profile WIFI-ETUD
[AC-wlan-vap-prof-wlan-net] quit

# Bind the VAP profile to the AP groups. In this example, radio 1 on AP_1 and AP_3
is used for WDS backhaul, and radio 0 for wireless service coverage. Apply VAP
profile WIFI- to radio 0 of the AP_1 and AP_3.

[AC-wlan-view] ap-group name ap-group1

[AC-wlan-ap-group-ap-group1] vap-profile WIFI-ENS wlan 1 radio 0
[AC-wlan-ap-group-ap-group1] vap-profile WIFI-ETUD wlan 2 radio 0
[AC-wlan-ap-group-ap-group1] quit
[AC-wlan-view] ap-group name ap-group3
[AC-wlan-ap-group-ap-group1] vap-profile WIFI-ENS wlan 3 radio 0
[AC-wlan-ap-group-ap-group1] vap-profile WIFI-ETUD wlan 4 radio 0
[AC-wlan-ap-group-ap-group3] quit

6. Set WDS service parameters.

# Set key radio parameters for the WDS nodes. In this example, AP_1 and AP_3 use
radio 1, and AP_2 uses radio 0 and radio 1. Configure radio 0 of AP_2 to work on the
5 GHz frequency band. To reduce channel interference, configure radio 0 and radio 1
of AP_2 to work on different channels. Radio 1 and radio 0 are used to establish WDS
links with AP_1 and AP_3 respectively. The coverage distance parameter specifies
the radio coverage distance, which is 3 by default, in 100 m. In this example, 4 is used.
Set this parameter based on actual situations.

NOTE:

On a WDS network, radios used to create WDS links must work on the same channel.

[AC-wlan-view] ap-id 2
[AC-wlan-ap-2] radio 0
[AC-wlan-radio-2/0] frequency 5g
Warning: Modifying the frequency band will delete the channel, power,
and antenn
a gain configurations of the current radio on the AP and reboot the
AP. Continue
?[Y/N]:y
[AC-wlan-radio-2/0] quit
[AC-wlan-ap-2] quit

[AC-wlan-view] ap-id 1
[AC-wlan-ap-1] radio 1
[AC-wlan-radio-1/1] channel 20mhz 64
Warning: This action may cause service interruption. Continue?[Y/N]y
[AC-wlan-radio-1/1] quit
[AC-wlan-ap-1] quit

[AC-wlan-view] ap-id 2
[AC-wlan-ap-2] radio 0
[AC-wlan-radio-2/0] channel 20mhz 64
Warning: This action may cause service interruption. Continue?[Y/N]y
[AC-wlan-radio-2/0] quit
[AC-wlan-ap-2] radio 1
[AC-wlan-radio-2/1] channel 20mhz 60
Warning: This action may cause service interruption. Continue?[Y/N]y
[AC-wlan-radio-2/1] quit
[AC-wlan-ap-2] quit.

[AC-wlan-view] ap-id 3
[AC-wlan-ap-3] radio 1
[AC-wlan-radio-3/1] channel 20mhz 60
Warning: This action may cause service interruption. Continue?[Y/N]y
[AC-wlan-radio-3/1] quit
[AC-wlan-ap-3] quit

# Configure security profile wds-security for WDS links. The security policy for the
security profile is WPA2+PSK+AES.

[AC-wlan-view] security-profile name wds-security

[AC-wlan-sec-prof-wds-security] security wpa2 psk pass-phrase
a1234567 aes
[AC-wlan-sec-prof-wds-security] quit

# Configure a WDS whitelist profile. Bind WDS whitelist profile wds-list1 to AP_1,
and allow access of only AP_2. Bind WDS whitelist profile wds-list2 to AP_2, and
allow access of only AP_3.

[AC-wlan-view] wds-whitelist-profile name wds-list1

[AC-wlan-wds-whitelist-wds-list1] peer-ap mac @MAC-AP2
[AC-wlan-wds-whitelist-wds-list1] quit
[AC-wlan-view] wds-whitelist-profile name wds-list2
[AC-wlan-wds-whitelist-wds-list2] peer-ap @MAC-AP3
[AC-wlan-wds-whitelist-wds-list2] quit

# Configure WDS profile wds-root. Set the WDS name to wlan-wds, and the WDS
mode to root. Bind security profile wds-security to the WDS profile and permit
packets from VLAN 101 to pass through in tagged mode.

[AC-wlan-view] wds-profile name wds-root

[AC-wlan-wds-prof-wds-root] wds-name wlan-wds
[AC-wlan-wds-prof-wds-root] wds-mode root
[AC-wlan-wds-prof-wds-root] security-profile wds-security
[AC-wlan-wds-prof-wds-root] vlan tagged 101 to 102
[AC-wlan-wds-prof-wds-root] quit
 # Configure WDS profile wds-leaf. Set the WDS name to wlan-wds, and the WDS
mode to leaf. Bind security profile wds-security to the WDS profile and permit
packets from VLAN 101 to pass through in tagged mode.

[AC-wlan-view] wds-profile name wds-leaf

[AC-wlan-wds-prof-wds-leaf] wds-name wlan-wds
[AC-wlan-wds-prof-wds-leaf] wds-mode leaf
[AC-wlan-wds-prof-wds-leaf] security-profile wds-security
[AC-wlan-wds-prof-wds-leaf] vlan tagged 101 to 102
[AC-wlan-wds-prof-wds-leaf] quit

# Bind WDS whitelist profile wds-list1 to radio 1 of AP group ap-group1. # Bind

WDS whitelist profile wds-list2 to radio 1 of AP group ap-group2.

[AC-wlan-view] ap-group name ap-group1

[AC-wlan-ap-group-ap-group1] radio 1
[AC-wlan-group-radio-ap-group1/1] wds-whitelist-profile wds-list1
[AC-wlan-group-radio-ap-group1/1] quit
[AC-wlan-ap-group-ap-group1] quit
[AC-wlan-view] ap-group name ap-group2
[AC-wlan-ap-group-ap-group2] radio 1
[AC-wlan-group-radio-ap-group2/1] wds-whitelist-profile wds-list2
[AC-wlan-group-radio-ap-group2/1] quit
[AC-wlan-ap-group-ap-group2] quit

7. Bind required profiles to the AP groups to make WDS services take effect.

# Bind WDS profile wds-root to AP group ap-group1.

[AC-wlan-view] ap-group name ap-group1

[AC-wlan-ap-group-ap-group1] wds-profile wds-root radio 1
Warning: This action may cause service interruption. Continue?[Y/N]y
[AC-wlan-ap-group-ap-group1] quit

# Bind WDS profiles wds-root and wds-leaf to AP group ap-group2.

[AC-wlan-view] ap-group name ap-group2

[AC-wlan-ap-group-ap-group2] wds-profile wds-leaf radio 1
Warning: This action may cause service interruption. Continue?[Y/N]y
[AC-wlan-ap-group-ap-group2] wds-profile wds-root radio 0
Warning: This action may cause service interruption. Continue?[Y/N]y
[AC-wlan-ap-group-ap-group2] quit

# Bind WDS profile wds-leaf to AP group ap-group3.

[AC-wlan-view] ap-group name ap-group3

[AC-wlan-ap-group-ap-group3] wds-profile wds-leaf radio 1
Warning: This action may cause service interruption. Continue?[Y/N]y
[AC-wlan-ap-group-ap-group3] quit

8. Verify the configuration.

# After the configuration is complete, run the display ap all command to check
whether WDS nodes go online successfully. If State is displayed as nor, APs have
gone online successfully.
[AC-wlan-view] display ap all
Total AP information:
nor : normal [3]
Extra information:
P : insufficient power supply
---------------------------------------------------------------------
-----------------------------
ID MAC Name Group IP Type
State STA Uptime ExtraInfo
---------------------------------------------------------------------
-----------------------------
1 60de-4474-9640 AP_1 ap-group1 10.23.100.254 AP8130DN
nor 0 20M:16S -
2 dcd2-fc04-b500 AP_2 ap-group2 10.23.100.253 AP8130DN
nor 0 17S -
3 dcd2-fc96-e4c0 AP_3 ap-group3 10.23.100.252 AP8130DN
nor 0 3M:55S -
---------------------------------------------------------------------
-----------------------------
Total: 3

Run the display wlan wds link all command to display information about WDS links.

[AC-wlan-view] display wlan wds link all

Rf : radio ID Dis : coverage distance(100m)
Ch : channel Per : drop percent(%)
TSNR : total SNR(dB) P- : peer
WDS : WDS mode Re : retry ratio(%)
RSSI : RSSI(dBm) MaxR : max RSSI(dBm)
---------------------------------------------------------------------
----------------------------
APName P-APName Rf Dis Ch WDS P-Status RSSI MaxR
Per Re TS NR SNR(Ch0~3:dB)
---------------------------------------------------------------------
----------------------------
AP_1 AP_2 1 4 157 root normal -39 -30
0 5 55 42/57/-/-
AP_2 AP_3 0 4 149 root normal -56 -40
0 9 59 45/40/60/-
AP_2 AP_1 1 4 157 leaf normal -32 -30
0 15 58 41/36/60/-
AP_3 AP_2 1 4 149 leaf normal -33 -32
0 7 59 51/59/-/-
---------------------------------------------------------------------
------------------------------
Total: 4

The AC automatically delivers WLAN service configuration to the AP. After the
service configuration is complete, run the display vap ssid wlan-net command. If
Status in the command output is displayed as ON, the VAPs have been successfully
created on AP radios.

[AC-wlan-view] display vap ssid wlan-net

WID : WLAN ID
---------------------------------------------------------------------
-----------
AP ID AP name RfID WID BSSID Status Auth type STA
SSID
 ---------------------------------------------------------------------
-----------
1 AP_1 0 1 60DE-4474-9640 ON WPA/WPA2-PSK 0
wlan-net
3 AP_3 0 3 DCD2-FC96-E4C0 ON WPA/WPA2-PSK 0
wlan-net
---------------------------------------------------------------------
----------
Total: 2

Connect STAs to the WLAN with SSID wlan-net and enter the password a1234567.
Run the display station ssid wlan-net command on the AC. The command output
shows that the STAs are connected to the WLAN wlan-net.

[AC-wlan-view] display station ssid wlan-net

Rf/WLAN: Radio ID/WLAN ID
Rx/Tx: link receive rate/link transmit rate(Mbps)
---------------------------------------------------------------------
------------
STA MAC AP ID Ap name Rf/WLAN Band Type Rx/Tx RSSI
VLAN IP address
---------------------------------------------------------------------
------------
e019-1dc7-1e08 1 AP_1 0/1 2.4G 11n 3/34 -68
101 10.23.101.254
---------------------------------------------------------------------
------------
Total: 1 2.4G: 1 5G: 0

Configuration Files

 Switch_A configuration file

 #
 sysname Switch_A
 #
 vlan batch 100 to 101
 #
 dhcp enable
 #
 interface Vlanif101
 ip address 10.23.101.1 255.255.255.0
 dhcp select interface
 #
 interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 100 to 101
 #
 interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 100
 #
 interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 101
 #
return
 Switch_B configuration file
 #
 sysname Switch_B
 #
 vlan batch 100 to 101
 #
 interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 100 to 101
 port-isolate enable group 1
 #
 interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 100 to 101
 #
return

 Router configuration file

 #
 sysname Router
 #
 vlan batch 101
 #
 interface Vlanif101
 ip address 10.23.101.2 255.255.255.0
 #
 interface GigabitEthernet1/0/0
 port link-type trunk
 port trunk allow-pass vlan 101
 #
 return
 AC configuration file
 #
 sysname AC
 #
 vlan batch 100 to 101
 #
 dhcp enable
 #
 interface Vlanif100
 ip address 10.23.100.1 255.255.255.0
 dhcp select interface
 #
 interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 100
 #
 capwap source interface vlanif100
 #
 wlan
 security-profile name wlan-net
 security wpa-wpa2 psk pass-phrase
%^%#m"tz0f>~7.[`^6RWdzwCy16hJj/Mc!,}s`X*B]}A%^%# aes
 security-profile name wds-security
 security wpa2 psk pass-phrase
%^%#n}5+DgC3wLB.hJ34j5;*QMv<8"9#{Bq@ghBI3L9K%^%# aes
 ssid-profile name wlan-net
 ssid wlan-net
 vap-profile name wlan-net
 service-vlan vlan-id 101
 ssid-profile wlan-net
 security-profile wlan-net
 wds-whitelist-profile name wds-list1
 peer-ap mac dcd2-fc04-b500
 wds-whitelist-profile name wds-list2
 peer-ap mac dcd2-fc96-e4c0
 wds-profile name wds-leaf
 security-profile wds-security
 vlan tagged 101
 wds-name wlan-wds
 wds-profile name wds-root
 security-profile wds-security
 vlan tagged 101
 wds-name wlan-wds
 wds-mode root
 regulatory-domain-profile name default
 ap-group name ap-group1
 radio 0
 vap-profile wlan-net wlan 3
 radio 1
 wds-profile wds-root
 wds-whitelist-profile wds-list1
 ap-group name ap-group2
 radio 0
 wds-profile wds-root
 wds-whitelist-profile wds-list2
 radio 1
 wds-profile wds-leaf
 ap-group name ap-group3
 radio 0
 vap-profile wlan-net wlan 1
 radio 1
 wds-profile wds-leaf
 ap-id 1 type-id 39 ap-mac 60de-4474-9640 ap-sn 210235554710CB000042
 ap-name AP_1
 ap-group ap-group1
 radio 0
 channel 20mhz 6
 eirp 127
 calibrate auto-channel-select disable
 calibrate auto-txpower-select disable
 radio 1
 channel 40mhz-plus 157
 coverage distance 4
 calibrate auto-channel-select disable
 calibrate auto-txpower-select disable
 ap-id 2 type-id 39 ap-mac dcd2-fc04-b500 ap-sn 210235555310CC000094
 ap-name AP_2
 ap-group ap-group2
 radio 0
 frequency 5g
 channel 40mhz-plus 149
 eirp 127
 coverage distance 4
 calibrate auto-channel-select disable
 calibrate auto-txpower-select disable
 radio 1
 channel 40mhz-plus 157
 eirp 127
 coverage distance 4
 calibrate auto-channel-select disable
 calibrate auto-txpower-select disable
 ap-id 3 type-id 39 ap-mac dcd2-fc96-e4c0 ap-sn 210235557610DB000046
 ap-name AP_3
 ap-group ap-group3
 radio 0
 channel 20mhz 11
 eirp 127
 calibrate auto-channel-select disable
 calibrate auto-txpower-select disable
 radio 1
 channel 40mhz-plus 149
 coverage distance 4
 calibrate auto-channel-select disable
 calibrate auto-txpower-select disable
 #
return