====== AP1101 Automatisierung ======
===== AP =====
* DHCP Server (zwingend)
* HTTPS Server (optional)
* HTTP Server (zwingend)
* TFTP Server (zwingend)
==== dhcpd.conf (isc-dhcp-server) ====
#
# Classify stellar Wireless AP as HANAP
#
class "HANAP" {
match if substring (option vendor-class-identifier, 0, 4) = "HAP.";
}
subnet 192.168.10.0 netmask 255.255.255.0 {
option routers 192.168.10.1;
option broadcast-address 192.168.10.255;
option domain-name-servers 192.168.10.1;
option domain-name "vlan10.home";
option ntp-servers 192.168.10.1;
default-lease-time 6000;
max-lease-time 72000;
# Pool for HANAP
pool {
allow members of "HANAP";
range 192.168.10.10 192.168.10.20;
# Option 66
option tftp-server-name "192.168.10.1";
# Option 67 (instruction file to download via tftp)
option bootfile-name "hap_instruction.ini";
}
pool {
range 192.168.10.21 192.168.10.50;
allow unknown-clients;
}
}
Instruction Datei muss via DHCP (Offer) Option 67 angeflogen kommen. **Die Namen der Dateien können nicht geändert werden!**
In Option 66 muss der Server stehen (IP für TFTP).
==== hap_instruction.ini ====
imgdesc:"http://192.168.10.1/oaw/hap_imgdesc.ini"
imgurlhead:"http://192.168.10.1/oaw/img/"
conf:"http://192.168.10.1/oaw/hap_conf.ini"
(conf: kann auch HTTPS sein!)
==== hap_imgdesc.ini ====
config model 'AP1101'
option version '2.1.0.110'
option filename 'AOS-WNG-2.1.0.110.bin'
option md5 '6f92c397067484ff5075484c24c529c5'
==== hap_conf.ini ====
config ap
option countrycode 'DE'
option password 'blubbla123' <- Needs to be unencrypted, this is for "Administrator" WebGUI password
config wifi-iface "Markt"
option ssid 'Markt'
option key 'vollsicher'
option encryption 'psk-mixed+tkip+aes'
option network_type 'employee'
option network 'wan'
config wifi-iface "Scanner"
option ssid 'Scanner'
option key 'vollsicher'
option encryption 'psk-mixed+tkip+aes'
option network_type 'employee'
option network 'wan'
config wifi-iface "FreeWIFI"
option ssid 'FreeWIFI'
option key 'vollsicher'
option encryption 'psk-mixed+tkip+aes'
option network_type 'employee'
option network 'wan'
===== Switch =====
(out of scope für den Moment)
Erstmal nur als Entwurf hier! -benny
* Prüfen welches AOS-WNG Release
* Konfiguration
* Update des AOS-WNG? => ja, aber nur 1x
* DHCP, HTTP(S), TFTP? => yep
OmniSwitch Modelle bzgl. die Vendor-Class-Identifier unterstützt von OXO:
# OXO <= R910
OmniSwitch-OS6450-P24
OmniSwitch-OS6450-P48
OmniSwitch-OS6450-P10
OmniSwitch-OS6450-P10L
OmniSwitch-OS6250-P24
OmniSwitch-OS6450-P24L
OmniSwitch-OS6450-P48L
# OXO R 10.2
OmniSwitch-OS6350-P24
OmniSwitch-OS6350-P48
OmniSwitch-OS6860-P24
OmniSwitch-OS6860-P48
OmniSwitch-OS6860E-P24
OmniSwitch-OS6860E-P48
# OXO R 10.3
OmniSwitch-OS6350-P10
OmniSwitch-OS6350-10
Switches erwarten os_instruction_file, os_configuration und os_script via DHCP bzgl. TFTP/FTP/SFTP
OmniSwitch mit Release 6 nehmen nur eine IP im RCL an wenn alle Informationen vorhanden sind!
# OmniSwitch Instruction File
! Alcatel-Lucent Enterprise OmniSwitch - Instruction file version 1.2.2 ! Firmware version
Firmware version:None
Firmware location:None
! Configuration file
Config filename:os_conf Config location:/tftpboot
! Debug file
Debug filename:None
Debug location:None
! Script file
Script filename:os_script
Script location:/tftpboot
! Primary file server
Primary server:192.168.92.246
Primary protocol:TFTP
Primary user:os_user
! Secondary file server
Secondary server:None
Secondary protocol:None
Secondary user:none
# OmniSwitch Script File
copy working certified
# OmniSwitch Konfiguration
system daylight savings time disable
vlan 1 enable name "VLAN 1"
ip service all
ip interface dhcp-client vlan 1 ifindex 1
ip interface dhcp-client vsi-accept-filter "alcatel.a4400.0" aaa authentication default "local"
aaa authentication console "local" bridge mode flat
qos enable
qos trust ports
qos no phones
swlog console level info
lanpower start 1
webview wlan cluster-virtual-ip 192.168.92.134