CN106231596A - A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus - Google Patents
A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus Download PDFInfo
- Publication number
- CN106231596A CN106231596A CN201610802931.2A CN201610802931A CN106231596A CN 106231596 A CN106231596 A CN 106231596A CN 201610802931 A CN201610802931 A CN 201610802931A CN 106231596 A CN106231596 A CN 106231596A
- Authority
- CN
- China
- Prior art keywords
- access point
- point apparatus
- ssid
- terminal
- management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W28/00—Network traffic management; Network resource management
- H04W28/02—Traffic management, e.g. flow control or congestion control
- H04W28/0215—Traffic management, e.g. flow control or congestion control based on user or device properties, e.g. MTC-capable devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
- H04W76/11—Allocation or use of connection identifiers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/08—Access point devices
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus, wherein, access point apparatus includes at least one common SSID and at least one management SSID.Include at this access point apparatus collocation method: S1 access point apparatus is connected with terminal by management SSID;S2 Dynamic Host Configuration Protocol server process is terminal distribution one IP address based on default address pool;S3, according to the iptables firewall rule preset, the limiting terminal access access point configuration page, achieves a butt joint into the configuration of point device with this.When access point apparatus is configured by needs, management personnel directly just can log in the access point configuration page by connection management SSID and carry out configuring (can only log in the access point configuration page and can not access other Internet resources), it is no longer necessary to by the way of accessing WAN mouth IP address realize, it is achieved that management convenient and efficient to access point apparatus.
Description
Technical field
The present invention relates to communication technical field, particularly relate to a kind of access point apparatus configuration devices and methods therefor, Yi Zhongjie
Enter point device.
Background technology
Wireless aps (Access Point, access point), is commonly called as " focus ", is the access point of a wireless network.Main bag
Including route switching and access equipment integrating and pure access point apparatus, wherein, equipment integrating performs to access and route work.Wireless aps is
The wireless device user such as (mobile phone the wireless device such as mobile device and notebook computer) is used to enter the access point of cable network, main
Inside bandwidth family to be used for, inside buildings, campus, inside garden, warehouse, factory etc. need the place of wireless monitor.Wireless
AP has liberated individual out from desk limit as a kind of replacement scheme of traditional wiring network or extension, WLAN,
Make people can obtain information whenever and wherever possible, provide convenient for people.
At present, in general, the SSID (Service Set Identifier, service set) of wireless aps is common
User SSID, the access Internet resources that user can be transparent after connecting SSID, it is achieved that the fast and easy of online.But, go out
In security consideration, domestic consumer is prohibited from accessing the AP page or cloud AC (Cloud Controller, cloud control after connecting upper SSID
Device processed) page.So, if management personnel want to configure wireless aps, only by logging in the AP page or accessing the cloud AC page
Mode realize.
Management personnel, when logging in the AP page, need by accessing WAN (Wide Area Network, wide area network) mouth IP
The mode of address realizes.And need management personnel to log in serial ports by Serial Port Line in this course to obtain WAN mouth IP address,
Operate undoubtedly and there is inconvenience.
Summary of the invention
For the problems referred to above, the invention provides a kind of access point apparatus configuration devices and methods therefor and a kind of access point
Equipment, efficiently solves the quick registration problem of the access point configuration page.
The technical scheme that the present invention provides is as follows:
A kind of access point apparatus collocation method, this access point apparatus includes at least one common SSID and at least one pipe
Reason SSID, wherein, terminal logs in described common SSID and accesses the Internet, and terminal logs in the configuration of described management SSID access points
The page;
Described access point apparatus collocation method includes:
S1 access point apparatus is connected with terminal by management SSID;
S2DHCP server processes are terminal distribution one IP address based on default address pool;
S3 is according to the iptables firewall rule preset, and the limiting terminal access access point configuration page, it is right to realize with this
The configuration of access point apparatus.
In the technical program, reservation management SSID mouth in access point apparatus, for management personnel's configuring access point equipment
Time use.When access point apparatus is configured by needs, management personnel directly just can log in access by connection management SSID
The point configuration page carries out configuring (can only log in the access point configuration page and can not access other Internet resources), it is no longer necessary to by visiting
Ask that the mode of WAN mouth IP address realizes, it is achieved that management convenient and efficient to access point apparatus.
It is further preferred that specifically include in step sl: described management SSID is operated in stealth mode, and terminal is passed through
Manual mode connection management SSID.
In the technical program, management SSID is set to stealth mode, so other users needing to access the Internet
Cannot search this management SSID, management personnel can log in access point configuration page in the way of manually connection management SSID
Face or access serial ports by telnet, carries out the operation such as order line configuration and logs in.Substantially increase the safety of management SSID
Energy.
It is further preferred that specifically include in step s3: according to the network address translation rule of iptables, limit eventually
End the access points configuration page, the described access point configuration page is the access point page or the cloud controller page.
In the technical program, the access being limited terminal by iptables firewall rule is connected, to realize purpose.
It is further preferred that included before step S1:
S01 sets the management SSID of access point apparatus;
S02 adds a Dynamic Host Configuration Protocol server process and distributes address pool;
S03 sets iptables firewall rule.
In the technical program, in order to realize the control that terminal connects, iptables firewall rule is according to accordingly
Pond, location is set, and directly be can be achieved with the login of the access point configuration page by connection management SSID with these management personnel.
It is further preferred that also include after step S01:
S012 creates a second bridge joint mouth being different from the first bridge joint mouth, and wherein, described first bridge joint mouth is as commonly
The passage of SSID, the second bridge joint mouth is as the passage of management SSID;
Step S02 specifically includes: add a Dynamic Host Configuration Protocol server process and distribute address pool, described address pool and second
The IP address of bridge joint mouth belongs to the same network segment.
In the technical program, creating a passage being specific to manage SSID, so, user SSID and management SSID is each
Will not interfere with each other each other while achieving different functions, it is achieved that efficient to access point apparatus of management personnel
Access and management, achieve again the user's quick access for Internet resources simultaneously.
Present invention also offers a kind of access point apparatus configuration device, including:
Terminal connecting module, for being connected with terminal by management SSID;
The address assignment module being connected with described terminal connecting module, is terminal distribution one IP ground based on default address pool
Location;
The access being connected with described address assignment module limits module, according to default iptables firewall rule, limit
Determine the terminal access access point configuration page.
In the technical program, reservation management SSID mouth in access point apparatus, for management personnel's configuring access point equipment
Time use.When access point apparatus is configured by needs, management personnel are directly by terminal connecting module connection management SSID
Just can log in the access point configuration page to configure, it is no longer necessary to realize by the way of accessing WAN mouth IP address, it is achieved that right
Convenient and the efficient management of access point apparatus.
It is further preferred that described management SSID is operated in stealth mode, terminal mode connection management manually
SSID;And/or,
Limit in module accessing, according to the network address translation rule of iptables, limit terminal access points
The configuration page, the described access point configuration page is the access point page or the cloud controller page.
In the technical program, management SSID is set to stealth mode, so other users needing to access the Internet
Cannot search this management SSID, management personnel can log in access point configuration page in the way of manually connection management SSID
Face or access serial ports by telnet, carries out the operation such as order line configuration and logs in.Substantially increase the safety of management SSID
Energy.
It is further preferred that described access point apparatus configuration device also includes:
The configuration module being connected with described terminal connecting module, access restriction module and address assignment module respectively, uses
In setting the management SSID of access point apparatus, distribution address pool and setting iptables firewall rule.
It is further preferred that described access point apparatus configuration device also includes:
The bridge joint mouth creation module being connected with described configuration module, for creating the second bridge joint being different from the first bridge joint mouth
Mouthful, wherein, described first bridge joint mouth is as the passage of common SSID, and the second bridge joint mouth is as the passage of management SSID.
In the technical program, creating a passage being specific to manage SSID, so, user SSID and management SSID is each
Will not interfere with each other each other while achieving different functions, it is achieved that efficient to access point apparatus of management personnel
Access and management, achieve again the user's quick access for Internet resources simultaneously.
Present invention also offers a kind of access point apparatus, this access point apparatus includes above-mentioned access point apparatus configuration dress
Put.
In the technical program, reservation management SSID mouth in access point apparatus, for management personnel's configuring access point equipment
Time use.When access point apparatus is configured by needs, management personnel directly just can log in access by connection management SSID
The point configuration page configures, it is achieved that management convenient and efficient to access point apparatus.It addition, in access point apparatus
Create the designated lane of each management SSID, each achieve phase while different functions with this user SSID and management SSID
Will not interfere with each other between Hu, it is achieved that management personnel's high-efficiency management to access point apparatus.
Accompanying drawing explanation
Below by the way of the most understandable, accompanying drawings preferred implementation, to above-mentioned characteristic, technical characteristic,
Advantage and implementation thereof are further described.
Fig. 1 is access point apparatus collocation method one embodiment schematic flow sheet in the present invention;
Fig. 2 is access point apparatus collocation method another embodiment schematic flow sheet in the present invention;
Fig. 3 is access point apparatus collocation method another embodiment schematic flow sheet in the present invention;
Fig. 4 is access point apparatus configuration device one embodiment schematic diagram in the present invention;
Fig. 5 is access point apparatus configuration device another embodiment schematic diagram in the present invention;
Fig. 6 is access point apparatus configuration device another embodiment schematic diagram in the present invention.
Drawing reference numeral illustrates:
100-access point apparatus configuration device, 110-terminal connecting module, 120-address assignment module, 130-accesses restriction
Module, 140-configures module, and 150-bridges mouth creation module.
Detailed description of the invention
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, below will comparison accompanying drawing explanation
The detailed description of the invention of the present invention.It should be evident that the accompanying drawing in describing below is only some embodiments of the present invention, for
From the point of view of those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to obtain other according to these accompanying drawings
Accompanying drawing, and obtain other embodiment.
It is illustrated in figure 1 the access point apparatus collocation method one embodiment flow chart that the present invention provides, specifically at this
Access point apparatus includes at least one common SSID and at least one management SSID, and wherein, terminal logs in common SSID and accesses
The Internet, terminal logs in the management SSID access points configuration page.It can be seen that in this access point apparatus configuration side
Method includes: S1 access point apparatus is connected with terminal by management SSID;S2DHCP server processes are based on default address pool
For terminal distribution one IP address;S3 configures the page according to the iptables firewall rule preset, limiting terminal access access point,
Achieve a butt joint into the configuration of point device with this.
It is known that in general, access point apparatus on startup, all can create a bridge joint mouth br-lan (following the
One bridge joint mouth).Specifically, under AP bridge mode, the IP address that terminal obtains after connecting upper common SSID automatically is that outer net provides
Resource can be directly accessed network.Under AP route pattern, time thus, open NAT (Network Address
Translation, network address translation) function, the IP address network segment that terminal obtains after connecting upper common SSID automatically is by connecing
Enter what Dynamic Host Configuration Protocol server process in point device provided, and the IP address got belongs to the same network segment with bridge joint mouth br-lan, it
After again by NAT rule realize to access Internet resources access.In a specific embodiment, if create bridge joint mouth br-
The IP address of lan is 192.168.200.1, under AP bridge mode, and the outer net that terminal gets after connecting upper common SSID automatically
Network segment IP address is 10.2.3.1, then terminal directly accesses network resource by this 10.2.3.1.Under AP route pattern, terminal
In connection after common SSID, Dynamic Host Configuration Protocol server distributes one and bridge joint mouth br-lan automatically from address pool 192.168.200.x
The IP address 192.168.200.6 of same network segment;Forward rule that this IP address is converted into outer net IP address by NAT afterwards, real
The now access to Internet resources.
Based on this, in the present embodiment, using access point apparatus collocation method that access point apparatus is configured it
Before, as in figure 2 it is shown, further comprising the steps of: S01 sets the management SSID of access point apparatus;S02 adds a Dynamic Host Configuration Protocol server and enters
Journey also distributes an address pool;S03 address pool based on distribution sets iptables firewall rule.It is noted that in this reality
Execute in mode, be different from the address pool of Dynamic Host Configuration Protocol server when connecting common SSID for the address pool of Dynamic Host Configuration Protocol server course allocation,
But two address pool all belong to the same network segment with bridge joint mouth br-lan.As, in a specific embodiment, bridge mouth br-lan
IP address be 192.168.200.1, two address pool broadly fall into the 192.168.200.x network segment, and original Dynamic Host Configuration Protocol server
The address pool of distribution, in the range of 192.168.200.2~192.168.200.150, newly adds the address of Dynamic Host Configuration Protocol server distribution
Iptables firewall rule, in the range of 192.168.200.151~192.168.200.255, is carried out by pond afterwards accordingly
Set.Specifically, the address being assigned to when terminal connects upper common SSID is 192.168.200.6, can access the Internet;When
The address that terminal is assigned to when connecting upper management SSID is 192.168.200.200, is only limited by iptables firewall rule
The page can be configured by access points, realize the purpose of present embodiment with this.
After above-mentioned setting, in the present embodiment, no matter it is at AP bridge mode or under AP route pattern, eventually
After end connects upper management SSID, newly-increased Dynamic Host Configuration Protocol server process is terminal distribution one and above-mentioned bridge based on default address pool
Interface br-lan belongs to the IP address of the same network segment.Now, the packet that terminal sends enters into the bridge br-in access point apparatus
Lan processes, according in iptables fire wall network address translation rule (specifically include in iptables with
Filter table FORWARD chain does rule, carries out the conversion of MASQUERADE address on NAT table POSTROUNTING chain), limit eventually
End access points configures the page and can not access other Internet resources, and specifically this access point configuration page is the access point page
(the AP page) or the cloud controller page (the cloud AC page).
It addition, access point apparatus is in the course of the work, in order to improve the security performance of management SSID, management SSID is arranged
For stealth mode, so other need the user accessing the Internet cannot search this management SSID, and management personnel can pass through
The mode of manual connection management SSID logs in the access point configuration page or accesses serial ports by telnet, carries out order line configuration
Log in Deng operation.
Above-mentioned embodiment is improved, in the present embodiment, is using access point apparatus collocation method to access
Before point device configures, as it is shown on figure 3, comprise the following steps: S01 sets the management SSID of access point apparatus;S012 creates
Build a second bridge joint mouth br-being different from the first bridge joint mouth (the first bridge joint mouth here is above-mentioned bridge joint mouth br-lan)
Mgt, wherein, the first bridge joint mouth is as the passage of common SSID, and the second bridge joint mouth br-mgt is as the passage of management SSID;S02
Adding a Dynamic Host Configuration Protocol server process and distribute an address pool, address pool belongs to the same network segment with the IP address of the second bridge joint mouth;S03
Address pool based on distribution sets iptables firewall rule.
It can be seen that in the present embodiment, one second bridge joint mouth br-mgt and the first bridge joint mouth br-lan has been increased newly
Independent, and using this second bridge joint mouth br-mgt as the passage being exclusively used in management SSID, with this user SSID and management
SSID will not interfere with each other while each achieving different functions each other, it is achieved that management personnel are to access point apparatus
Efficiently access and management, achieve again the user's quick access for Internet resources simultaneously.
In a specific embodiment, it is assumed that the IP address of the second newly-increased bridge joint mouth br-mgt is 192.168.3.1;Then
In newly-increased Dynamic Host Configuration Protocol server process, the address pool of distribution is 192.168.3.x;Afterwards, address pool based on this distribution exists
Entables, iptables arrange firewall rule.So, after managing SSID on terminal connects, no matter access point sets
Standby be operated under AP bridge mode or be operated under AP route pattern, terminal distribution to IP address be all 192.168.3.x
Address in the network segment, the IP address as being assigned to is 192.168.3.8, has reached the uniformity of implementation with this.
Now, terminal send packet through Ethernet fire wall (ebtables) and stamp mark (label) it
After, enter in the bridge br-mgt in access point apparatus and process, according to the network address translation in iptables fire wall
Rule (specifically includes in iptables and does rule with filter table FORWARD chain, carry out on NAT table POSTROUNTING chain
MASQUERADE address is changed), limit terminal the access points configuration page and other Internet resources can not be accessed, specifically should
The access point configuration page is the AP page or the cloud AC page, it is achieved purpose.
It is illustrated in figure 4 the access point apparatus configuration device one embodiment schematic diagram that the present invention provides, can from figure
To find out, include at this access point apparatus configuration device 100: terminal connecting module 110, address assignment module 120 and visit
Asking restriction module 130, wherein, address assignment module 120 is connected with terminal connecting module 110, accesses and limits module 130 and address
Distribution module 120 connects.
In the course of the work, access point apparatus is connected with terminal by terminal connecting module 110 and management SSID;Afterwards,
Address assignment module 120 (specially Dynamic Host Configuration Protocol server process) is terminal distribution one IP address based on default address pool;Finally,
Access and limit module 130 according to default iptables firewall rule, the limiting terminal access access point configuration page.
It is known that in general, access point apparatus on startup, all can create a bridge joint mouth br-lan (i.e. first
Bridge joint mouth).Specifically, under AP bridge mode, the IP address that terminal obtains after connecting upper common SSID automatically be outer net provide can
Directly access network resource.Under AP route pattern, open time thus NAT (Network Address Translation,
Network address translation) function, the IP address network segment that terminal obtains after connecting upper common SSID automatically is by access point apparatus
Dynamic Host Configuration Protocol server process provides, and the IP address got belongs to the same network segment with bridge joint mouth br-lan, passes through NAT the most again
Rule realizes the access accessing Internet resources.In a specific embodiment, if the IP address of bridge joint mouth br-lan created
For 192.168.200.1, under AP bridge mode, the outer net network segment IP address that terminal gets after connecting upper common SSID automatically is
10.2.3.1, then terminal directly accesses network resource by this 10.2.3.1.Under AP route pattern, terminal connects upper common
After SSID, Dynamic Host Configuration Protocol server distributes the IP of one and bridge joint mouth br-lan same network segment automatically from address pool 192.168.200.x
Address 192.168.200.6;Forward rule that this IP address is converted into outer net IP address by NAT afterwards, it is achieved network is provided
The access in source.
Based on this, in the present embodiment, using access point apparatus configuration device 100 that access point apparatus is configured
Before, as it is shown in figure 5, also include limiting with terminal connecting module 110, access respectively in this access point apparatus configuration device 100
The configuration module 140 that molding block 130 and address assignment module 120 connect, for setting the management SSID of access point apparatus, dividing
Join address pool and set iptables firewall rule.Specifically, during setting, first, the pipe of access point apparatus is set
Reason SSID;Afterwards, add an address assignment module 120 (Dynamic Host Configuration Protocol server process) and distribute an address pool;Then, based on distribution
Address pool set iptables firewall rule.It is noted that in the present embodiment, for Dynamic Host Configuration Protocol server course allocation
Address pool be different from the address pool of Dynamic Host Configuration Protocol server when connecting common SSID, but two address pool all belong to bridge joint mouth br-lan
In the same network segment.As, in a specific embodiment, the IP address of bridge joint mouth br-lan is 192.168.200.1, two ground
Pond, location broadly falls into the 192.168.200.x network segment, and the address pool of original Dynamic Host Configuration Protocol server distribution in the range of:
192.168.200.2~192.168.200.150, newly add the address pool of Dynamic Host Configuration Protocol server distribution in the range of
192.168.200.151~192.168.200.255, accordingly iptables firewall rule is set afterwards.Specifically,
The address being assigned to when terminal connects upper common SSID is 192.168.200.6, can access the Internet;On terminal connects
The address being assigned to during management SSID is 192.168.200.200, is limited by iptables firewall rule and can only access access
The point configuration page, realizes the purpose of present embodiment with this.
After above-mentioned setting, in the present embodiment, no matter it is at AP bridge mode or under AP route pattern, eventually
After end connects upper management SSID, newly-increased address assignment module 120 (Dynamic Host Configuration Protocol server process) based on default address pool is
Terminal distribution one and above-mentioned bridge joint mouth br-lan belong to the IP address of the same network segment.Now, the packet that terminal sends enters into
Bridge br-lan in access point apparatus processes, (concrete according to the network address translation rule in iptables fire wall
Do rule including in iptables with filter table FORWARD chain, NAT table POSTROUNTING chain carries out MASQUERADE
Address is changed), limit terminal the access points configuration page and other Internet resources can not be accessed, specifically this access point configuration
The page is the AP page or the cloud AC page.
It addition, access point apparatus is in the course of the work, in order to improve the security performance of management SSID, management SSID is arranged
For stealth mode, so other need the user accessing the Internet cannot search this management SSID, and management personnel can pass through
The mode of manual connection management SSID logs in the access point configuration page or accesses serial ports by telnet, carries out order line configuration
Log in Deng operation.
Above-mentioned embodiment is improved and obtains present embodiment, as shown in Figure 6, configure device at this access point apparatus
Also include a bridge joint mouth creation module 150 being connected with configuration module 140 in 100, be different from the first bridge joint mouth br-for establishment
The second bridge joint mouth br-mgt of lan, wherein, the first bridge joint mouth is as the passage of common SSID, the second bridge joint mouth br-mgt conduct
The passage of management SSID.Specifically, during setting, first, the management SSID of access point apparatus is set;Afterwards, bridge joint is used
Mouth creation module 150 creates the second bridge joint mouth br-mgt;Afterwards, an address assignment module 120 (Dynamic Host Configuration Protocol server process) is added
And distribute an address pool;Then, address pool based on distribution sets iptables firewall rule.
It can be seen that in the present embodiment, one second bridge joint mouth br-mgt and the first bridge joint mouth br-lan has been increased newly
Independent, and using this second bridge joint mouth br-mgt as the passage being exclusively used in management SSID, with this user SSID and management
SSID will not interfere with each other while each achieving different functions each other, it is achieved that management personnel are to access point apparatus
Efficiently access and management, achieve again the user's quick access for Internet resources simultaneously.
In a specific embodiment, it is assumed that the IP address of the second newly-increased bridge joint mouth br-mgt is 192.168.3.1;Then
In newly-increased address assignment module 120 (Dynamic Host Configuration Protocol server process), the address pool of distribution is 192.168.3.x;Afterwards, based on
The address pool of this distribution arranges firewall rule in entables, iptables.So, terminal connect on manage SSID it
After, no matter access point apparatus is operated under AP bridge mode or is operated under AP route pattern, the IP address that terminal distribution arrives
Being all the address in the 192.168.3.x network segment, the IP address as being assigned to is 192.168.3.8, has reached implementation with this
Uniformity.
Now, terminal send packet through Ethernet fire wall (ebtables) and stamp mark (label) it
After, enter in the bridge br-mgt in access point apparatus and process, according to the network address translation in iptables fire wall
Rule (specifically includes in iptables and does rule with filter table FORWARD chain, carry out on NAT table POSTROUNTING chain
MASQUERADE address is changed), limit terminal the access points configuration page and other Internet resources can not be accessed, specifically should
The access point configuration page is the AP page or the cloud AC page, it is achieved purpose.
Present invention also offers a kind of access point apparatus, this access point apparatus includes that above-mentioned access point apparatus configures device
100.Reservation management SSID mouth in access point apparatus, during for management personnel's configuring access point equipment.When needs are to access
When point device is configured, management personnel directly just can log in the access point configuration page by connection management SSID and configure,
Achieve management convenient and efficient to access point apparatus.It addition, create each management SSID's in access point apparatus
Designated lane, will not be concerned with while each achieving different functions with this user SSID and management SSID each other mutually
Disturb, it is achieved that management personnel's high-efficiency management to access point apparatus.
It should be noted that, above-described embodiment all can independent assortment as required.The above is only the preferred of the present invention
Embodiment, it is noted that for those skilled in the art, in the premise without departing from the principle of the invention
Under, it is also possible to making some improvements and modifications, these improvements and modifications also should be regarded as protection scope of the present invention.
Claims (10)
1. an access point apparatus collocation method, it is characterised in that described access point apparatus includes at least one common SSID
Managing SSID with at least one, wherein, terminal logs in described common SSID and accesses the Internet, and terminal logs in described management SSID and visits
Ask that access point configures the page;
Described access point apparatus collocation method includes:
S1 access point apparatus is connected with terminal by management SSID;
S2 Dynamic Host Configuration Protocol server process is terminal distribution one IP address based on default address pool;
S3 according to preset iptables firewall rule, limiting terminal access access point configuration the page, with this achieve a butt joint into
The configuration of point device.
2. access point apparatus collocation method as claimed in claim 1, it is characterised in that specifically include in step sl: described
Management SSID is operated in stealth mode, terminal mode connection management SSID manually.
3. access point apparatus collocation method as claimed in claim 1, it is characterised in that specifically include in step s3: according to
The network address translation rule of iptables, limits terminal the access points configuration page, and the described access point configuration page is
The access point page or the cloud controller page.
4. the access point apparatus collocation method as described in claim 1-3 any one, it is characterised in that wrapped before step S1
Include:
S01 sets the management SSID of access point apparatus;
S02 adds a Dynamic Host Configuration Protocol server process and distributes address pool;
S03 sets iptables firewall rule.
5. access point apparatus collocation method as claimed in claim 4, it is characterised in that also include after step S01: create
One the second bridge joint mouth being different from the first bridge joint mouth, wherein, described first bridge joint mouth is as the passage of common SSID, the second bridge joint
Mouth is as the passage of management SSID;
Step S02 specifically includes: add a Dynamic Host Configuration Protocol server process and distribute address pool, described address pool and the second bridge joint
The IP address of mouth belongs to the same network segment.
6. an access point apparatus configuration device, it is characterised in that described access point apparatus configuration device includes:
Terminal connecting module, for being connected with terminal by management SSID;
The address assignment module being connected with described terminal connecting module, is terminal distribution one IP address based on default address pool;
The access being connected with described address assignment module limits module, according to default iptables firewall rule, limits eventually
The end access points configuration page.
7. access point apparatus configuration device as claimed in claim 6, it is characterised in that
Described management SSID is operated in stealth mode, terminal mode connection management SSID manually;
And/or, limit in module accessing, according to the network address translation rule of iptables, limit terminal and only access access
The point configuration page, the described access point configuration page is the access point page or the cloud controller page.
Access point apparatus configuration device the most as claimed in claims 6 or 7, it is characterised in that described access point apparatus configuration dress
Also include in putting:
The configuration module being connected with described terminal connecting module, access restriction module and address assignment module respectively, is used for setting
Determine the management SSID of access point apparatus, distribution address pool and set iptables firewall rule.
9. access point apparatus configuration device as claimed in claim 8, it is characterised in that in described access point apparatus configuration device
Also include:
The bridge joint mouth creation module being connected with described configuration module, for creating the second bridge joint mouth being different from the first bridge joint mouth,
Wherein, described first bridge joint mouth is as the passage of common SSID, and the second bridge joint mouth is as the passage of management SSID.
10. an access point apparatus, it is characterised in that described access point apparatus includes such as claim 6-9 any one institute
The access point apparatus configuration device stated.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610802931.2A CN106231596A (en) | 2016-09-05 | 2016-09-05 | A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610802931.2A CN106231596A (en) | 2016-09-05 | 2016-09-05 | A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106231596A true CN106231596A (en) | 2016-12-14 |
Family
ID=58074680
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610802931.2A Pending CN106231596A (en) | 2016-09-05 | 2016-09-05 | A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106231596A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106713524A (en) * | 2016-12-28 | 2017-05-24 | 迈普通信技术股份有限公司 | AP device, network address conversion method and communication system |
CN106851787A (en) * | 2017-03-31 | 2017-06-13 | 上海斐讯数据通信技术有限公司 | The convenient method and system for logging in wireless network |
CN107040426A (en) * | 2017-06-09 | 2017-08-11 | 郑州云海信息技术有限公司 | The method and apparatus that a kind of equipment is accessed and managed |
CN115802361A (en) * | 2022-11-28 | 2023-03-14 | 广州通则康威智能科技有限公司 | Network management and control method, device, equipment and storage medium |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101605329A (en) * | 2009-06-30 | 2009-12-16 | 中兴通讯股份有限公司 | Cut-in method and access device |
CN101668290A (en) * | 2008-09-04 | 2010-03-10 | 深圳华为通信技术有限公司 | Method and device for configuring wireless local area network (WLAN) |
-
2016
- 2016-09-05 CN CN201610802931.2A patent/CN106231596A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101668290A (en) * | 2008-09-04 | 2010-03-10 | 深圳华为通信技术有限公司 | Method and device for configuring wireless local area network (WLAN) |
CN101605329A (en) * | 2009-06-30 | 2009-12-16 | 中兴通讯股份有限公司 | Cut-in method and access device |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106713524A (en) * | 2016-12-28 | 2017-05-24 | 迈普通信技术股份有限公司 | AP device, network address conversion method and communication system |
CN106851787A (en) * | 2017-03-31 | 2017-06-13 | 上海斐讯数据通信技术有限公司 | The convenient method and system for logging in wireless network |
CN106851787B (en) * | 2017-03-31 | 2020-01-07 | 上海斐讯数据通信技术有限公司 | Method and system for conveniently logging in wireless network |
CN107040426A (en) * | 2017-06-09 | 2017-08-11 | 郑州云海信息技术有限公司 | The method and apparatus that a kind of equipment is accessed and managed |
CN115802361A (en) * | 2022-11-28 | 2023-03-14 | 广州通则康威智能科技有限公司 | Network management and control method, device, equipment and storage medium |
CN115802361B (en) * | 2022-11-28 | 2023-08-11 | 广州通则康威智能科技有限公司 | Network management and control method, device, equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103476023B (en) | The collocation method of access point apparatus, access controller and communication system | |
CN105591863B (en) | A kind of method and apparatus for realizing virtual private cloud network Yu external network intercommunication | |
CN106231596A (en) | A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus | |
CN114301784A (en) | Network shooting range training environment construction method and device, electronic equipment and storage medium | |
CN103036810B (en) | The extranet access control method exported based on many outer nets and access device | |
CN112584393A (en) | Base station configuration method, device, equipment and medium | |
EP3993322A1 (en) | Network management method and device | |
CN103313230A (en) | Mesh points and configuration and issuing method thereof in WLN (Wireless Local Area Network) mesh network | |
CN106209430A (en) | The method of a kind of wireless network extension and wireless router | |
CN106060970A (en) | Intelligent terminal and network configuration method thereof | |
US12058514B2 (en) | Virtual tenant for multiple dwelling unit | |
US20140181279A1 (en) | Virtual Console-Port Management | |
CN104092684A (en) | Method and device for supporting VPN based on OpenFlow protocol | |
JP2021019348A (en) | Traffic management method and apparatus for efficiently managing network according to user needs | |
CN101459532A (en) | Method and apparatus for automatic networking by multi-port equipment | |
CN103067531A (en) | Public network Internet protocol (IP) address resource management allocation method | |
CN103684861A (en) | Method and device for processing network configuration and communication system | |
CN106027396B (en) | A kind of route control method, device and system | |
CN107547403A (en) | Message forwarding method, assisted method, device, controller and main frame | |
CN103167509B (en) | Wireless lan signal extension device and method | |
CN106330511B (en) | Network element equipment and method for opening data communication network | |
CN102984202A (en) | System achieving Telnet web management by traversing network address translation (NAT) device and method thereof | |
Cunha et al. | Policy-driven vCPE through dynamic network service function chaining | |
CN108848198A (en) | A kind of Portal differentiation method for pushing of multi-service forward mode AP | |
WO2015058413A1 (en) | Data configuration method and network management server |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161214 |
|
RJ01 | Rejection of invention patent application after publication |