No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
WLAN V200R019C00 Typical Configuration Examples
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring STAs on the Fat AP to Access the Public Network Through NAT

Example for Configuring STAs on the Fat AP to Access the Public Network Through NAT

Networking Requirements

As shown in Figure 5-10, a Fat AP is connected to the Internet in wired mode and connected to STAs in wireless mode. An enterprise branch needs to deploy basic WLAN services for mobile office so that enterprise employees can access the enterprise internal network anywhere, anytime. The administrator wants enterprise employees to access the public network using public IP addresses.

The requirements are as follows:
  • A WLAN named wlan-net is available.
  • Enterprise employees are assigned IP addresses on 10.23.101.0/24. These IP addresses are translated to the IP address of the Fat AP outbound interface using Easy-IP for employees to access the public network.
Figure 5-10 Networking diagram for configuring STAs to access the public network through NAT

Data planning

Item

Data

Service VLAN for STAs

VLAN 101

DHCP server

The AP functions as a DHCP server to assign IP addresses to STAs.

IP address pool for STAs

10.23.101.2 to 10.23.101.254/24

SSID profile

  • Name: wlan-net

  • SSID name: wlan-net

Security profile

  • Name: wlan-net

  • Security policy: WPA-WPA2+PSK+AES

  • Password: a1234567

VAP profile

  • Name: wlan-net

  • Service VLAN: VLAN 101

  • Referenced profiles: SSID profile wlan-net and security profile wlan-net

NAT Outbound

The private IP address segment 10.23.101.0/24 is mapped to the public IP address 1.1.1.1.

Configuration Roadmap

The configuration roadmap is as follows:
  1. Configure basic WLAN services using the WLAN configuration wizard.
  2. Configure the AP channel and transmit power.
  3. Configure NAT so that STAs can access the public network using public IP addresses.
  4. Associate STAs to the WLAN to verify services.

You are advised to log in to the Fat AP in wireless mode for service configuration. You can also log in to the Fat AP by directly connecting a PC to the Fat AP using network cables and then connect the Fat AP to the upstream device after services are configured and saved.

Configuration Notes

No ACK mechanism is provided for multicast packet transmission on air interfaces. In addition, wireless links are unstable. To ensure stable transmission of multicast packets, they are usually sent at low rates. If a large number of such multicast packets are sent from the network side, the air interfaces may be congested. You are advised to configure multicast packet suppression on switch interfaces connected to APs to reduce impact of a large number of low-rate multicast packets on the wireless network. Exercise caution when configuring the rate limit; otherwise, the multicast services may be affected. For details on how to configure traffic suppression, see How Do I Configure Multicast Packet Suppression to Reduce Impact of a Large Number of Low-Rate Multicast Packets on the Wireless Network?.

Procedure

  1. Configure basic WLAN services.
    1. Choose Wizard > Config Wizard. The Configure Wi-Fi Signals page is displayed.
    2. Configure Wi-Fi signals.

      # Click Create. The Basic Information page is displayed.

      # Configure basic information about an SSID.

      # Click Next. The IP and Rate page is displayed.

      # Set IP address parameters.

      Configure the DNS server address as required.



      # Click Finish.

    3. Configure Internet connections.

      # Click Next. The Configure Internet Connection page is displayed.

      # Add an interface to VLAN 200 in tagged mode.

      If the PC connects to the AP through GE0/0/0, modifying the interface may cause a network interruption. In this case, you need to change the PC's IP address to 1.1.1.x and access the AP's new IP address 1.1.1.1 to log in to the AP again for further operations.

      If the uplink NE of the AP is assigned to a VLAN, it is recommended that the uplink interface of the AP be configured in the same VLAN as the peer interface. If the AP directly connects to an uplink router that typically does not involve VLAN assignment, you can configure the uplink interface as an access interface.



      # Click Finish.

  2. Configure the AP channel and transmit power.
    1. Disable automatic channel and power calibration functions of AP radios and configure the AP channel and power.

      The automatic channel and power calibration functions are enabled by default. The manual channel and power configurations take effect only when these two functions are disabled.

      # Choose Configuration > WLAN Service > WLAN Config > Radio0. The Radio0 page is displayed.

      # Click Radio Management. The Radio 0 Setting(2.4G) page is displayed.

      # On the Radio 0 Setting(2.4G) page, disable automatic channel and power calibration functions, and set the AP channel to 20-MHz channel 6 and transmit power to 127 dBm.



      # Disable automatic channel and power calibration functions of Radio 1, and set the AP channel to 20-MHz channel 149 and transmit power to 127 dBm. The configuration of Radio 1 is similar to that of Radio 0, and is not mentioned here.

      # Click Apply. In the dialog box that is displayed, click OK.

  3. Configure a default route.

    # Choose Configuration > IP Service > Route. The Route page is displayed.

    # Click Create in Static Route Configuration Table and create a static route.

    # Click OK.

  4. Configure an ACL.
    1. Choose Configuration > Security > ACL. The Basic ACL Settings page is displayed.
    2. Click Create. On the Create Basic ACL page that is displayed, set ACL parameters.



    3. Click OK.
    4. In the new ACL, click Add Rule. On the Add Rule page, set ACL parameters.



    5. Click OK.
  5. Configure NAT.
    1. Choose Configuration > IP Service > NAT. The NAT page is displayed.
    2. Click Create in NAT Mapping and create a NAT mapping.



    3. Click OK.
  6. Verify the configuration.
    1. The WLAN with the SSID wlan-net is available.
    2. The STA can associate with the WLAN and obtain an IP address 10.23.101.x/24 and its gateway address is 10.23.101.1.
    3. Choose Monitoring > Terminal Manage > STA Management. In User, you can see that STAs go online properly and obtain IP addresses.
    4. STAs can access the public network successfully.

More Information

(Video) Example for Configuring Users on the Fat AP to Access the Public Network Through NAT

Translation
简体中文
Download
Updated: 2021-11-18

Document ID: EDOC1100096116

Views: 365539

Downloads: 2538

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :