CN106231596A - A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus - Google Patents

A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus Download PDF

Info

Publication number
CN106231596A
CN106231596A CN201610802931.2A CN201610802931A CN106231596A CN 106231596 A CN106231596 A CN 106231596A CN 201610802931 A CN201610802931 A CN 201610802931A CN 106231596 A CN106231596 A CN 106231596A
Authority
CN
China
Prior art keywords
access point
point apparatus
ssid
terminal
management
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610802931.2A
Other languages
Chinese (zh)
Inventor
于慧霞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Feixun Data Communication Technology Co Ltd
Original Assignee
Shanghai Feixun Data Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Feixun Data Communication Technology Co Ltd filed Critical Shanghai Feixun Data Communication Technology Co Ltd
Priority to CN201610802931.2A priority Critical patent/CN106231596A/en
Publication of CN106231596A publication Critical patent/CN106231596A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W28/00Network traffic management; Network resource management
    • H04W28/02Traffic management, e.g. flow control or congestion control
    • H04W28/0215Traffic management, e.g. flow control or congestion control based on user or device properties, e.g. MTC-capable devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/11Allocation or use of connection identifiers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/08Access point devices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus, wherein, access point apparatus includes at least one common SSID and at least one management SSID.Include at this access point apparatus collocation method: S1 access point apparatus is connected with terminal by management SSID;S2 Dynamic Host Configuration Protocol server process is terminal distribution one IP address based on default address pool;S3, according to the iptables firewall rule preset, the limiting terminal access access point configuration page, achieves a butt joint into the configuration of point device with this.When access point apparatus is configured by needs, management personnel directly just can log in the access point configuration page by connection management SSID and carry out configuring (can only log in the access point configuration page and can not access other Internet resources), it is no longer necessary to by the way of accessing WAN mouth IP address realize, it is achieved that management convenient and efficient to access point apparatus.

Description

A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus
Technical field
The present invention relates to communication technical field, particularly relate to a kind of access point apparatus configuration devices and methods therefor, Yi Zhongjie Enter point device.
Background technology
Wireless aps (Access Point, access point), is commonly called as " focus ", is the access point of a wireless network.Main bag Including route switching and access equipment integrating and pure access point apparatus, wherein, equipment integrating performs to access and route work.Wireless aps is The wireless device user such as (mobile phone the wireless device such as mobile device and notebook computer) is used to enter the access point of cable network, main Inside bandwidth family to be used for, inside buildings, campus, inside garden, warehouse, factory etc. need the place of wireless monitor.Wireless AP has liberated individual out from desk limit as a kind of replacement scheme of traditional wiring network or extension, WLAN, Make people can obtain information whenever and wherever possible, provide convenient for people.
At present, in general, the SSID (Service Set Identifier, service set) of wireless aps is common User SSID, the access Internet resources that user can be transparent after connecting SSID, it is achieved that the fast and easy of online.But, go out In security consideration, domestic consumer is prohibited from accessing the AP page or cloud AC (Cloud Controller, cloud control after connecting upper SSID Device processed) page.So, if management personnel want to configure wireless aps, only by logging in the AP page or accessing the cloud AC page Mode realize.
Management personnel, when logging in the AP page, need by accessing WAN (Wide Area Network, wide area network) mouth IP The mode of address realizes.And need management personnel to log in serial ports by Serial Port Line in this course to obtain WAN mouth IP address, Operate undoubtedly and there is inconvenience.
Summary of the invention
For the problems referred to above, the invention provides a kind of access point apparatus configuration devices and methods therefor and a kind of access point Equipment, efficiently solves the quick registration problem of the access point configuration page.
The technical scheme that the present invention provides is as follows:
A kind of access point apparatus collocation method, this access point apparatus includes at least one common SSID and at least one pipe Reason SSID, wherein, terminal logs in described common SSID and accesses the Internet, and terminal logs in the configuration of described management SSID access points The page;
Described access point apparatus collocation method includes:
S1 access point apparatus is connected with terminal by management SSID;
S2DHCP server processes are terminal distribution one IP address based on default address pool;
S3 is according to the iptables firewall rule preset, and the limiting terminal access access point configuration page, it is right to realize with this The configuration of access point apparatus.
In the technical program, reservation management SSID mouth in access point apparatus, for management personnel's configuring access point equipment Time use.When access point apparatus is configured by needs, management personnel directly just can log in access by connection management SSID The point configuration page carries out configuring (can only log in the access point configuration page and can not access other Internet resources), it is no longer necessary to by visiting Ask that the mode of WAN mouth IP address realizes, it is achieved that management convenient and efficient to access point apparatus.
It is further preferred that specifically include in step sl: described management SSID is operated in stealth mode, and terminal is passed through Manual mode connection management SSID.
In the technical program, management SSID is set to stealth mode, so other users needing to access the Internet Cannot search this management SSID, management personnel can log in access point configuration page in the way of manually connection management SSID Face or access serial ports by telnet, carries out the operation such as order line configuration and logs in.Substantially increase the safety of management SSID Energy.
It is further preferred that specifically include in step s3: according to the network address translation rule of iptables, limit eventually End the access points configuration page, the described access point configuration page is the access point page or the cloud controller page.
In the technical program, the access being limited terminal by iptables firewall rule is connected, to realize purpose.
It is further preferred that included before step S1:
S01 sets the management SSID of access point apparatus;
S02 adds a Dynamic Host Configuration Protocol server process and distributes address pool;
S03 sets iptables firewall rule.
In the technical program, in order to realize the control that terminal connects, iptables firewall rule is according to accordingly Pond, location is set, and directly be can be achieved with the login of the access point configuration page by connection management SSID with these management personnel.
It is further preferred that also include after step S01:
S012 creates a second bridge joint mouth being different from the first bridge joint mouth, and wherein, described first bridge joint mouth is as commonly The passage of SSID, the second bridge joint mouth is as the passage of management SSID;
Step S02 specifically includes: add a Dynamic Host Configuration Protocol server process and distribute address pool, described address pool and second The IP address of bridge joint mouth belongs to the same network segment.
In the technical program, creating a passage being specific to manage SSID, so, user SSID and management SSID is each Will not interfere with each other each other while achieving different functions, it is achieved that efficient to access point apparatus of management personnel Access and management, achieve again the user's quick access for Internet resources simultaneously.
Present invention also offers a kind of access point apparatus configuration device, including:
Terminal connecting module, for being connected with terminal by management SSID;
The address assignment module being connected with described terminal connecting module, is terminal distribution one IP ground based on default address pool Location;
The access being connected with described address assignment module limits module, according to default iptables firewall rule, limit Determine the terminal access access point configuration page.
In the technical program, reservation management SSID mouth in access point apparatus, for management personnel's configuring access point equipment Time use.When access point apparatus is configured by needs, management personnel are directly by terminal connecting module connection management SSID Just can log in the access point configuration page to configure, it is no longer necessary to realize by the way of accessing WAN mouth IP address, it is achieved that right Convenient and the efficient management of access point apparatus.
It is further preferred that described management SSID is operated in stealth mode, terminal mode connection management manually SSID;And/or,
Limit in module accessing, according to the network address translation rule of iptables, limit terminal access points The configuration page, the described access point configuration page is the access point page or the cloud controller page.
In the technical program, management SSID is set to stealth mode, so other users needing to access the Internet Cannot search this management SSID, management personnel can log in access point configuration page in the way of manually connection management SSID Face or access serial ports by telnet, carries out the operation such as order line configuration and logs in.Substantially increase the safety of management SSID Energy.
It is further preferred that described access point apparatus configuration device also includes:
The configuration module being connected with described terminal connecting module, access restriction module and address assignment module respectively, uses In setting the management SSID of access point apparatus, distribution address pool and setting iptables firewall rule.
It is further preferred that described access point apparatus configuration device also includes:
The bridge joint mouth creation module being connected with described configuration module, for creating the second bridge joint being different from the first bridge joint mouth Mouthful, wherein, described first bridge joint mouth is as the passage of common SSID, and the second bridge joint mouth is as the passage of management SSID.
In the technical program, creating a passage being specific to manage SSID, so, user SSID and management SSID is each Will not interfere with each other each other while achieving different functions, it is achieved that efficient to access point apparatus of management personnel Access and management, achieve again the user's quick access for Internet resources simultaneously.
Present invention also offers a kind of access point apparatus, this access point apparatus includes above-mentioned access point apparatus configuration dress Put.
In the technical program, reservation management SSID mouth in access point apparatus, for management personnel's configuring access point equipment Time use.When access point apparatus is configured by needs, management personnel directly just can log in access by connection management SSID The point configuration page configures, it is achieved that management convenient and efficient to access point apparatus.It addition, in access point apparatus Create the designated lane of each management SSID, each achieve phase while different functions with this user SSID and management SSID Will not interfere with each other between Hu, it is achieved that management personnel's high-efficiency management to access point apparatus.
Accompanying drawing explanation
Below by the way of the most understandable, accompanying drawings preferred implementation, to above-mentioned characteristic, technical characteristic, Advantage and implementation thereof are further described.
Fig. 1 is access point apparatus collocation method one embodiment schematic flow sheet in the present invention;
Fig. 2 is access point apparatus collocation method another embodiment schematic flow sheet in the present invention;
Fig. 3 is access point apparatus collocation method another embodiment schematic flow sheet in the present invention;
Fig. 4 is access point apparatus configuration device one embodiment schematic diagram in the present invention;
Fig. 5 is access point apparatus configuration device another embodiment schematic diagram in the present invention;
Fig. 6 is access point apparatus configuration device another embodiment schematic diagram in the present invention.
Drawing reference numeral illustrates:
100-access point apparatus configuration device, 110-terminal connecting module, 120-address assignment module, 130-accesses restriction Module, 140-configures module, and 150-bridges mouth creation module.
Detailed description of the invention
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, below will comparison accompanying drawing explanation The detailed description of the invention of the present invention.It should be evident that the accompanying drawing in describing below is only some embodiments of the present invention, for From the point of view of those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to obtain other according to these accompanying drawings Accompanying drawing, and obtain other embodiment.
It is illustrated in figure 1 the access point apparatus collocation method one embodiment flow chart that the present invention provides, specifically at this Access point apparatus includes at least one common SSID and at least one management SSID, and wherein, terminal logs in common SSID and accesses The Internet, terminal logs in the management SSID access points configuration page.It can be seen that in this access point apparatus configuration side Method includes: S1 access point apparatus is connected with terminal by management SSID;S2DHCP server processes are based on default address pool For terminal distribution one IP address;S3 configures the page according to the iptables firewall rule preset, limiting terminal access access point, Achieve a butt joint into the configuration of point device with this.
It is known that in general, access point apparatus on startup, all can create a bridge joint mouth br-lan (following the One bridge joint mouth).Specifically, under AP bridge mode, the IP address that terminal obtains after connecting upper common SSID automatically is that outer net provides Resource can be directly accessed network.Under AP route pattern, time thus, open NAT (Network Address Translation, network address translation) function, the IP address network segment that terminal obtains after connecting upper common SSID automatically is by connecing Enter what Dynamic Host Configuration Protocol server process in point device provided, and the IP address got belongs to the same network segment with bridge joint mouth br-lan, it After again by NAT rule realize to access Internet resources access.In a specific embodiment, if create bridge joint mouth br- The IP address of lan is 192.168.200.1, under AP bridge mode, and the outer net that terminal gets after connecting upper common SSID automatically Network segment IP address is 10.2.3.1, then terminal directly accesses network resource by this 10.2.3.1.Under AP route pattern, terminal In connection after common SSID, Dynamic Host Configuration Protocol server distributes one and bridge joint mouth br-lan automatically from address pool 192.168.200.x The IP address 192.168.200.6 of same network segment;Forward rule that this IP address is converted into outer net IP address by NAT afterwards, real The now access to Internet resources.
Based on this, in the present embodiment, using access point apparatus collocation method that access point apparatus is configured it Before, as in figure 2 it is shown, further comprising the steps of: S01 sets the management SSID of access point apparatus;S02 adds a Dynamic Host Configuration Protocol server and enters Journey also distributes an address pool;S03 address pool based on distribution sets iptables firewall rule.It is noted that in this reality Execute in mode, be different from the address pool of Dynamic Host Configuration Protocol server when connecting common SSID for the address pool of Dynamic Host Configuration Protocol server course allocation, But two address pool all belong to the same network segment with bridge joint mouth br-lan.As, in a specific embodiment, bridge mouth br-lan IP address be 192.168.200.1, two address pool broadly fall into the 192.168.200.x network segment, and original Dynamic Host Configuration Protocol server The address pool of distribution, in the range of 192.168.200.2~192.168.200.150, newly adds the address of Dynamic Host Configuration Protocol server distribution Iptables firewall rule, in the range of 192.168.200.151~192.168.200.255, is carried out by pond afterwards accordingly Set.Specifically, the address being assigned to when terminal connects upper common SSID is 192.168.200.6, can access the Internet;When The address that terminal is assigned to when connecting upper management SSID is 192.168.200.200, is only limited by iptables firewall rule The page can be configured by access points, realize the purpose of present embodiment with this.
After above-mentioned setting, in the present embodiment, no matter it is at AP bridge mode or under AP route pattern, eventually After end connects upper management SSID, newly-increased Dynamic Host Configuration Protocol server process is terminal distribution one and above-mentioned bridge based on default address pool Interface br-lan belongs to the IP address of the same network segment.Now, the packet that terminal sends enters into the bridge br-in access point apparatus Lan processes, according in iptables fire wall network address translation rule (specifically include in iptables with Filter table FORWARD chain does rule, carries out the conversion of MASQUERADE address on NAT table POSTROUNTING chain), limit eventually End access points configures the page and can not access other Internet resources, and specifically this access point configuration page is the access point page (the AP page) or the cloud controller page (the cloud AC page).
It addition, access point apparatus is in the course of the work, in order to improve the security performance of management SSID, management SSID is arranged For stealth mode, so other need the user accessing the Internet cannot search this management SSID, and management personnel can pass through The mode of manual connection management SSID logs in the access point configuration page or accesses serial ports by telnet, carries out order line configuration Log in Deng operation.
Above-mentioned embodiment is improved, in the present embodiment, is using access point apparatus collocation method to access Before point device configures, as it is shown on figure 3, comprise the following steps: S01 sets the management SSID of access point apparatus;S012 creates Build a second bridge joint mouth br-being different from the first bridge joint mouth (the first bridge joint mouth here is above-mentioned bridge joint mouth br-lan) Mgt, wherein, the first bridge joint mouth is as the passage of common SSID, and the second bridge joint mouth br-mgt is as the passage of management SSID;S02 Adding a Dynamic Host Configuration Protocol server process and distribute an address pool, address pool belongs to the same network segment with the IP address of the second bridge joint mouth;S03 Address pool based on distribution sets iptables firewall rule.
It can be seen that in the present embodiment, one second bridge joint mouth br-mgt and the first bridge joint mouth br-lan has been increased newly Independent, and using this second bridge joint mouth br-mgt as the passage being exclusively used in management SSID, with this user SSID and management SSID will not interfere with each other while each achieving different functions each other, it is achieved that management personnel are to access point apparatus Efficiently access and management, achieve again the user's quick access for Internet resources simultaneously.
In a specific embodiment, it is assumed that the IP address of the second newly-increased bridge joint mouth br-mgt is 192.168.3.1;Then In newly-increased Dynamic Host Configuration Protocol server process, the address pool of distribution is 192.168.3.x;Afterwards, address pool based on this distribution exists Entables, iptables arrange firewall rule.So, after managing SSID on terminal connects, no matter access point sets Standby be operated under AP bridge mode or be operated under AP route pattern, terminal distribution to IP address be all 192.168.3.x Address in the network segment, the IP address as being assigned to is 192.168.3.8, has reached the uniformity of implementation with this.
Now, terminal send packet through Ethernet fire wall (ebtables) and stamp mark (label) it After, enter in the bridge br-mgt in access point apparatus and process, according to the network address translation in iptables fire wall Rule (specifically includes in iptables and does rule with filter table FORWARD chain, carry out on NAT table POSTROUNTING chain MASQUERADE address is changed), limit terminal the access points configuration page and other Internet resources can not be accessed, specifically should The access point configuration page is the AP page or the cloud AC page, it is achieved purpose.
It is illustrated in figure 4 the access point apparatus configuration device one embodiment schematic diagram that the present invention provides, can from figure To find out, include at this access point apparatus configuration device 100: terminal connecting module 110, address assignment module 120 and visit Asking restriction module 130, wherein, address assignment module 120 is connected with terminal connecting module 110, accesses and limits module 130 and address Distribution module 120 connects.
In the course of the work, access point apparatus is connected with terminal by terminal connecting module 110 and management SSID;Afterwards, Address assignment module 120 (specially Dynamic Host Configuration Protocol server process) is terminal distribution one IP address based on default address pool;Finally, Access and limit module 130 according to default iptables firewall rule, the limiting terminal access access point configuration page.
It is known that in general, access point apparatus on startup, all can create a bridge joint mouth br-lan (i.e. first Bridge joint mouth).Specifically, under AP bridge mode, the IP address that terminal obtains after connecting upper common SSID automatically be outer net provide can Directly access network resource.Under AP route pattern, open time thus NAT (Network Address Translation, Network address translation) function, the IP address network segment that terminal obtains after connecting upper common SSID automatically is by access point apparatus Dynamic Host Configuration Protocol server process provides, and the IP address got belongs to the same network segment with bridge joint mouth br-lan, passes through NAT the most again Rule realizes the access accessing Internet resources.In a specific embodiment, if the IP address of bridge joint mouth br-lan created For 192.168.200.1, under AP bridge mode, the outer net network segment IP address that terminal gets after connecting upper common SSID automatically is 10.2.3.1, then terminal directly accesses network resource by this 10.2.3.1.Under AP route pattern, terminal connects upper common After SSID, Dynamic Host Configuration Protocol server distributes the IP of one and bridge joint mouth br-lan same network segment automatically from address pool 192.168.200.x Address 192.168.200.6;Forward rule that this IP address is converted into outer net IP address by NAT afterwards, it is achieved network is provided The access in source.
Based on this, in the present embodiment, using access point apparatus configuration device 100 that access point apparatus is configured Before, as it is shown in figure 5, also include limiting with terminal connecting module 110, access respectively in this access point apparatus configuration device 100 The configuration module 140 that molding block 130 and address assignment module 120 connect, for setting the management SSID of access point apparatus, dividing Join address pool and set iptables firewall rule.Specifically, during setting, first, the pipe of access point apparatus is set Reason SSID;Afterwards, add an address assignment module 120 (Dynamic Host Configuration Protocol server process) and distribute an address pool;Then, based on distribution Address pool set iptables firewall rule.It is noted that in the present embodiment, for Dynamic Host Configuration Protocol server course allocation Address pool be different from the address pool of Dynamic Host Configuration Protocol server when connecting common SSID, but two address pool all belong to bridge joint mouth br-lan In the same network segment.As, in a specific embodiment, the IP address of bridge joint mouth br-lan is 192.168.200.1, two ground Pond, location broadly falls into the 192.168.200.x network segment, and the address pool of original Dynamic Host Configuration Protocol server distribution in the range of: 192.168.200.2~192.168.200.150, newly add the address pool of Dynamic Host Configuration Protocol server distribution in the range of 192.168.200.151~192.168.200.255, accordingly iptables firewall rule is set afterwards.Specifically, The address being assigned to when terminal connects upper common SSID is 192.168.200.6, can access the Internet;On terminal connects The address being assigned to during management SSID is 192.168.200.200, is limited by iptables firewall rule and can only access access The point configuration page, realizes the purpose of present embodiment with this.
After above-mentioned setting, in the present embodiment, no matter it is at AP bridge mode or under AP route pattern, eventually After end connects upper management SSID, newly-increased address assignment module 120 (Dynamic Host Configuration Protocol server process) based on default address pool is Terminal distribution one and above-mentioned bridge joint mouth br-lan belong to the IP address of the same network segment.Now, the packet that terminal sends enters into Bridge br-lan in access point apparatus processes, (concrete according to the network address translation rule in iptables fire wall Do rule including in iptables with filter table FORWARD chain, NAT table POSTROUNTING chain carries out MASQUERADE Address is changed), limit terminal the access points configuration page and other Internet resources can not be accessed, specifically this access point configuration The page is the AP page or the cloud AC page.
It addition, access point apparatus is in the course of the work, in order to improve the security performance of management SSID, management SSID is arranged For stealth mode, so other need the user accessing the Internet cannot search this management SSID, and management personnel can pass through The mode of manual connection management SSID logs in the access point configuration page or accesses serial ports by telnet, carries out order line configuration Log in Deng operation.
Above-mentioned embodiment is improved and obtains present embodiment, as shown in Figure 6, configure device at this access point apparatus Also include a bridge joint mouth creation module 150 being connected with configuration module 140 in 100, be different from the first bridge joint mouth br-for establishment The second bridge joint mouth br-mgt of lan, wherein, the first bridge joint mouth is as the passage of common SSID, the second bridge joint mouth br-mgt conduct The passage of management SSID.Specifically, during setting, first, the management SSID of access point apparatus is set;Afterwards, bridge joint is used Mouth creation module 150 creates the second bridge joint mouth br-mgt;Afterwards, an address assignment module 120 (Dynamic Host Configuration Protocol server process) is added And distribute an address pool;Then, address pool based on distribution sets iptables firewall rule.
It can be seen that in the present embodiment, one second bridge joint mouth br-mgt and the first bridge joint mouth br-lan has been increased newly Independent, and using this second bridge joint mouth br-mgt as the passage being exclusively used in management SSID, with this user SSID and management SSID will not interfere with each other while each achieving different functions each other, it is achieved that management personnel are to access point apparatus Efficiently access and management, achieve again the user's quick access for Internet resources simultaneously.
In a specific embodiment, it is assumed that the IP address of the second newly-increased bridge joint mouth br-mgt is 192.168.3.1;Then In newly-increased address assignment module 120 (Dynamic Host Configuration Protocol server process), the address pool of distribution is 192.168.3.x;Afterwards, based on The address pool of this distribution arranges firewall rule in entables, iptables.So, terminal connect on manage SSID it After, no matter access point apparatus is operated under AP bridge mode or is operated under AP route pattern, the IP address that terminal distribution arrives Being all the address in the 192.168.3.x network segment, the IP address as being assigned to is 192.168.3.8, has reached implementation with this Uniformity.
Now, terminal send packet through Ethernet fire wall (ebtables) and stamp mark (label) it After, enter in the bridge br-mgt in access point apparatus and process, according to the network address translation in iptables fire wall Rule (specifically includes in iptables and does rule with filter table FORWARD chain, carry out on NAT table POSTROUNTING chain MASQUERADE address is changed), limit terminal the access points configuration page and other Internet resources can not be accessed, specifically should The access point configuration page is the AP page or the cloud AC page, it is achieved purpose.
Present invention also offers a kind of access point apparatus, this access point apparatus includes that above-mentioned access point apparatus configures device 100.Reservation management SSID mouth in access point apparatus, during for management personnel's configuring access point equipment.When needs are to access When point device is configured, management personnel directly just can log in the access point configuration page by connection management SSID and configure, Achieve management convenient and efficient to access point apparatus.It addition, create each management SSID's in access point apparatus Designated lane, will not be concerned with while each achieving different functions with this user SSID and management SSID each other mutually Disturb, it is achieved that management personnel's high-efficiency management to access point apparatus.
It should be noted that, above-described embodiment all can independent assortment as required.The above is only the preferred of the present invention Embodiment, it is noted that for those skilled in the art, in the premise without departing from the principle of the invention Under, it is also possible to making some improvements and modifications, these improvements and modifications also should be regarded as protection scope of the present invention.

Claims (10)

1. an access point apparatus collocation method, it is characterised in that described access point apparatus includes at least one common SSID Managing SSID with at least one, wherein, terminal logs in described common SSID and accesses the Internet, and terminal logs in described management SSID and visits Ask that access point configures the page;
Described access point apparatus collocation method includes:
S1 access point apparatus is connected with terminal by management SSID;
S2 Dynamic Host Configuration Protocol server process is terminal distribution one IP address based on default address pool;
S3 according to preset iptables firewall rule, limiting terminal access access point configuration the page, with this achieve a butt joint into The configuration of point device.
2. access point apparatus collocation method as claimed in claim 1, it is characterised in that specifically include in step sl: described Management SSID is operated in stealth mode, terminal mode connection management SSID manually.
3. access point apparatus collocation method as claimed in claim 1, it is characterised in that specifically include in step s3: according to The network address translation rule of iptables, limits terminal the access points configuration page, and the described access point configuration page is The access point page or the cloud controller page.
4. the access point apparatus collocation method as described in claim 1-3 any one, it is characterised in that wrapped before step S1 Include:
S01 sets the management SSID of access point apparatus;
S02 adds a Dynamic Host Configuration Protocol server process and distributes address pool;
S03 sets iptables firewall rule.
5. access point apparatus collocation method as claimed in claim 4, it is characterised in that also include after step S01: create One the second bridge joint mouth being different from the first bridge joint mouth, wherein, described first bridge joint mouth is as the passage of common SSID, the second bridge joint Mouth is as the passage of management SSID;
Step S02 specifically includes: add a Dynamic Host Configuration Protocol server process and distribute address pool, described address pool and the second bridge joint The IP address of mouth belongs to the same network segment.
6. an access point apparatus configuration device, it is characterised in that described access point apparatus configuration device includes:
Terminal connecting module, for being connected with terminal by management SSID;
The address assignment module being connected with described terminal connecting module, is terminal distribution one IP address based on default address pool;
The access being connected with described address assignment module limits module, according to default iptables firewall rule, limits eventually The end access points configuration page.
7. access point apparatus configuration device as claimed in claim 6, it is characterised in that
Described management SSID is operated in stealth mode, terminal mode connection management SSID manually;
And/or, limit in module accessing, according to the network address translation rule of iptables, limit terminal and only access access The point configuration page, the described access point configuration page is the access point page or the cloud controller page.
Access point apparatus configuration device the most as claimed in claims 6 or 7, it is characterised in that described access point apparatus configuration dress Also include in putting:
The configuration module being connected with described terminal connecting module, access restriction module and address assignment module respectively, is used for setting Determine the management SSID of access point apparatus, distribution address pool and set iptables firewall rule.
9. access point apparatus configuration device as claimed in claim 8, it is characterised in that in described access point apparatus configuration device Also include:
The bridge joint mouth creation module being connected with described configuration module, for creating the second bridge joint mouth being different from the first bridge joint mouth, Wherein, described first bridge joint mouth is as the passage of common SSID, and the second bridge joint mouth is as the passage of management SSID.
10. an access point apparatus, it is characterised in that described access point apparatus includes such as claim 6-9 any one institute The access point apparatus configuration device stated.
CN201610802931.2A 2016-09-05 2016-09-05 A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus Pending CN106231596A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610802931.2A CN106231596A (en) 2016-09-05 2016-09-05 A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610802931.2A CN106231596A (en) 2016-09-05 2016-09-05 A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus

Publications (1)

Publication Number Publication Date
CN106231596A true CN106231596A (en) 2016-12-14

Family

ID=58074680

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610802931.2A Pending CN106231596A (en) 2016-09-05 2016-09-05 A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus

Country Status (1)

Country Link
CN (1) CN106231596A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106713524A (en) * 2016-12-28 2017-05-24 迈普通信技术股份有限公司 AP device, network address conversion method and communication system
CN106851787A (en) * 2017-03-31 2017-06-13 上海斐讯数据通信技术有限公司 The convenient method and system for logging in wireless network
CN107040426A (en) * 2017-06-09 2017-08-11 郑州云海信息技术有限公司 The method and apparatus that a kind of equipment is accessed and managed
CN115802361A (en) * 2022-11-28 2023-03-14 广州通则康威智能科技有限公司 Network management and control method, device, equipment and storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101605329A (en) * 2009-06-30 2009-12-16 中兴通讯股份有限公司 Cut-in method and access device
CN101668290A (en) * 2008-09-04 2010-03-10 深圳华为通信技术有限公司 Method and device for configuring wireless local area network (WLAN)

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101668290A (en) * 2008-09-04 2010-03-10 深圳华为通信技术有限公司 Method and device for configuring wireless local area network (WLAN)
CN101605329A (en) * 2009-06-30 2009-12-16 中兴通讯股份有限公司 Cut-in method and access device

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106713524A (en) * 2016-12-28 2017-05-24 迈普通信技术股份有限公司 AP device, network address conversion method and communication system
CN106851787A (en) * 2017-03-31 2017-06-13 上海斐讯数据通信技术有限公司 The convenient method and system for logging in wireless network
CN106851787B (en) * 2017-03-31 2020-01-07 上海斐讯数据通信技术有限公司 Method and system for conveniently logging in wireless network
CN107040426A (en) * 2017-06-09 2017-08-11 郑州云海信息技术有限公司 The method and apparatus that a kind of equipment is accessed and managed
CN115802361A (en) * 2022-11-28 2023-03-14 广州通则康威智能科技有限公司 Network management and control method, device, equipment and storage medium
CN115802361B (en) * 2022-11-28 2023-08-11 广州通则康威智能科技有限公司 Network management and control method, device, equipment and storage medium

Similar Documents

Publication Publication Date Title
CN103476023B (en) The collocation method of access point apparatus, access controller and communication system
CN105591863B (en) A kind of method and apparatus for realizing virtual private cloud network Yu external network intercommunication
CN106231596A (en) A kind of access point apparatus configuration devices and methods therefor, a kind of access point apparatus
CN114301784A (en) Network shooting range training environment construction method and device, electronic equipment and storage medium
CN103036810B (en) The extranet access control method exported based on many outer nets and access device
CN112584393A (en) Base station configuration method, device, equipment and medium
EP3993322A1 (en) Network management method and device
CN103313230A (en) Mesh points and configuration and issuing method thereof in WLN (Wireless Local Area Network) mesh network
CN106209430A (en) The method of a kind of wireless network extension and wireless router
CN106060970A (en) Intelligent terminal and network configuration method thereof
US12058514B2 (en) Virtual tenant for multiple dwelling unit
US20140181279A1 (en) Virtual Console-Port Management
CN104092684A (en) Method and device for supporting VPN based on OpenFlow protocol
JP2021019348A (en) Traffic management method and apparatus for efficiently managing network according to user needs
CN101459532A (en) Method and apparatus for automatic networking by multi-port equipment
CN103067531A (en) Public network Internet protocol (IP) address resource management allocation method
CN103684861A (en) Method and device for processing network configuration and communication system
CN106027396B (en) A kind of route control method, device and system
CN107547403A (en) Message forwarding method, assisted method, device, controller and main frame
CN103167509B (en) Wireless lan signal extension device and method
CN106330511B (en) Network element equipment and method for opening data communication network
CN102984202A (en) System achieving Telnet web management by traversing network address translation (NAT) device and method thereof
Cunha et al. Policy-driven vCPE through dynamic network service function chaining
CN108848198A (en) A kind of Portal differentiation method for pushing of multi-service forward mode AP
WO2015058413A1 (en) Data configuration method and network management server

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20161214

RJ01 Rejection of invention patent application after publication