Network requirements, Configuration procedure – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

39

[AC2-wlan-st-1] bind WLAN-ESS 1

[AC2-wlan-st-1] authentication-method open-system

[AC2-wlan-st-1] service-template enable

[AC2-wlan-st-1] quit

# Specify the backup AC address.

[AC2] wlan backup-ac ip 10.18.1.1

# Configure the AP on AC 2.

[AC2] wlan ap ap1 model WA2100

[AC2-wlan-ap-ap1] serial-id 210235A29G007C000020

[AC2-wlan-ap-ap1] radio 1 type dot11g

[AC2-wlan-ap-ap1-radio-1] service-template 1

[AC2-wlan-ap-ap1-radio-1] radio enable

3.

Verify the configuration:
When AC 1 fails, AC 2 becomes the master AC immediately. You can use the display wlan ap
command on the AC to view the status of the APs.

Configuration example for CAPWAP tunnel encryption with
IPsec

Network requirements

•

The data and control packets between AP 1 and AC are transmitted in plain text.

•

Use IPsec to encrypt the CAPWAP control tunnel between AP 2 and the AC.

•

Use IPsec to encrypt the CAPWAP control and data tunnels between AP 3 and the AC.

Figure 19 Network diagram

Configuration procedure

Establish CAPWAP connections between AP 2, AP 3, and the AC before you configure AP 2 and AP 3

provision and make sure AP 2 and AP 3 are in Run state.
# Create AP 2 and enter AP configuration view, configure the AP to use IPsec key 12345 to encrypt the

control tunnel, and save the configuration to the wlan_ap_cfg.wcfg file of the AP.

<AC> system-view

[AC] wlan ap ap2 model WA2620E-AGN

[AC-wlan-ap-ap2] provision

10.1.1.1/24

AC

Switch

AP 1

AP 3

10.1.1.2/24

Client

Client

10.1.1.4/24

AP 2

Client

10.1.1.3/24