一、组网图
只允许无线客户端访问192.168.1.10的主机,不允许访问其它任何地址。
二、WX交换机的配置命令
# version 5.20, Release 1106P01 # sysname H3C # domain default enable system # undo l2fw fast-forwarding # vlan 1 # domain system access-limit disable state active idle-cut disable self-service-url disable # traffic classifier 1 operator and if-match acl 3000 # traffic behavior 1 filter deny # qos policy 1 classifier 1 behavior 1 dhcp server ip-pool pool1 network 192.168.1.0 mask 255.255.255.0 gateway-list 192.168.1.254 expired day 3 # acl number 3000 rule 0 deny ip destination 192.168.1.10 0 rule 5 permit ip # wlan service-template 1 clear ssid h3c-qos bind WLAN-ESS 1 authentication-method open-system service-template enable # wlan rrm 11a mandatory-rate 6 12 24 11a supported-rate 9 18 36 48 54 11b mandatory-rate 1 2 11b supported-rate 5.5 11 11g mandatory-rate 1 2 5.5 11 11g supported-rate 6 9 12 18 24 36 48 54 # interface NULL0 # interface Vlan-interface1 ip address 192.168.1.99 255.255.255.0 # interface GigabitEthernet1/0/1 # interface GigabitEthernet1/0/2 # interface M-Ethernet1/0/1 # interface WLAN-ESS1 qos apply policy 1 inbound # wlan ap ap1 model WA2100 serial-id 210235A22W0074000003 radio 1 service-template 1 radio enable # ip route-static 0.0.0.0 0.0.0.0 192.168.1.254 # dhcp server forbidden-ip 192.168.1.10 dhcp server forbidden-ip 192.168.1.99 dhcp server forbidden-ip 192.168.1.254 # dhcp enable # load xml-configuration # user-interface aux 0 user-interface vty 0 4 # return
