LSW1;

interface Vlanif100
 ip address 192.168.121.2 255.255.255.0连接云的地址

interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094

interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 2 to 4094

interface GigabitEthernet0/0/4
 port link-type access
 port default vlan 100

interface GigabitEthernet0/0/5
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 2 to 4094
#

AC2:

dhcp enable

interface Vlanif100
 ip address 192.168.121.254 255.255.255.0  AC的地址
 dhcp select interface

i
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094

capwap source interface vlanif100

ap auth-mode no-auth

此时AP上线：

AP2和AP3获取到地址：

AP3:

AP2:

创建模板，以及调用模板：

wlan

ssid-profile name wlan-net
  ssid vlan101

security-profile name wlan-net
  security wpa2 dot1x aes

vap-profile name wlan-net

security-profile name wlan-net

ssid-profile name wlan-net

ap-id 0

vap-profile wlan-net wlan 1 radio 0

ap-id 1

vap-profile wlan-net wlan 1 radio 0

vap-profile wlan-net wlan 1 radio 1

此时STA上线，获取到地址

AP4:

Cellphone1Cellphone1

cellphone1：

（自己感觉后面的步骤没用！！！！！！）

之后在交换机上：

interface Vlanif100
 ip address 192.168.121.2 255.255.255.0连云的地址

interface GigabitEthernet0/0/4
 port link-type access
 port default vlan 100

在winradius：

AC:

radius-server template radius
 radius-server shared-key cipher huawei@123
 radius-server authentication 192.168.121.1 1812 weight 80

aaa

authentication-scheme radius

authentication-mode radius

//创建radius服务器

在winradius上：

此时会提示认证成功；

接下来是802.1X认证：

dot1x-access-profile name wlan-net

[AC6005-dot1x-access-profile-wlan-net]dot1x authentication-method eap

[AC6005]authentication-profile name wlan-net

[AC6005-authentication-profile-wlan-net]dot1x-access-profile wlan-net

[AC6005-authentication-profile-wlan-net]authentication-scheme radius

[AC6005-authentication-profile-wlan-net]radius-server radius