Concept Guide
Table Of Contents
- About this Guide
- About Instant
- Setting up a W-IAP
- Automatic Retrieval of Configuration
- Instant User Interface
- Initial Configuration Tasks
- Customizing W-IAP Settings
- Modifying the W-IAP Host Name
- Configuring Zone Settings on a W-IAP
- Specifying a Method for Obtaining IP Address
- Configuring External Antenna
- Configuring Radio Profiles for a W-IAP
- Configuring Uplink VLAN for a W-IAP
- Changing the W-IAP Installation Mode
- Changing USB Port Status
- Master Election and Virtual Controller
- Adding a W-IAP to the Network
- Removing a W-IAP from the Network
- VLAN Configuration
- IPv6 Support
- Wireless Network Profiles
- Configuring Wireless Network Profiles
- Configuring Fast Roaming for Wireless Clients
- Configuring Modulation Rates on a WLAN SSID
- Multi-User-MIMO
- Management Frame Protection
- Disabling Short Preamble for Wireless Client
- Editing Status of a WLAN SSID Profile
- Editing a WLAN SSID Profile
- Deleting a WLAN SSID Profile
- Wired Profiles
- Captive Portal for Guest Access
- Understanding Captive Portal
- Configuring a WLAN SSID for Guest Access
- Configuring Wired Profile for Guest Access
- Configuring Internal Captive Portal for Guest Network
- Configuring External Captive Portal for a Guest Network
- Configuring Facebook Login
- Configuring Guest Logon Role and Access Rules for Guest Users
- Configuring Captive Portal Roles for an SSID
- Configuring Walled Garden Access
- Authentication and User Management
- Managing W-IAP Users
- Supported Authentication Methods
- Supported EAP Authentication Frameworks
- Configuring Authentication Servers
- Understanding Encryption Types
- Configuring Authentication Survivability
- Configuring 802.1X Authentication for a Network Profile
- Enabling 802.1X Supplicant Support
- Configuring MAC Authentication for a Network Profile
- Configuring MAC Authentication with 802.1X Authentication
- Configuring MAC Authentication with Captive Portal Authentication
- Configuring WISPr Authentication
- Blacklisting Clients
- Uploading Certificates
- Roles and Policies
- DHCP Configuration
- Configuring Time-Based Services
- Dynamic DNS Registration
- VPN Configuration
- IAP-VPN Deployment
- Adaptive Radio Management
- Deep Packet Inspection and Application Visibility
- Voice and Video
- Services
- Configuring AirGroup
- Configuring a W-IAP for RTLS Support
- Configuring a W-IAP for Analytics and Location Engine Support
- Managing BLE Beacons
- Clarity Live
- Configuring OpenDNS Credentials
- Integrating a W-IAP with Palo Alto Networks Firewall
- Integrating a W-IAP with an XML API Interface
- CALEA Integration and Lawful Intercept Compliance
- Cluster Security
- W-IAP Management and Monitoring
- Uplink Configuration
- Intrusion Detection
- Mesh W-IAP Configuration
- Mobility and Client Management
- Spectrum Monitor
- W-IAP Maintenance
- Monitoring Devices and Logs
- Hotspot Profiles
- ClearPass Guest Setup
- IAP-VPN Deployment Scenarios
- Acronyms and Abbreviations
Using Sequence-Sensitive Commands
The Instant CLI does not support positioning or precedence of sequence-sensitive commands. Therefore, it is
recommended that you remove the existing configuration before adding or modifying the configuration
details for sequence-sensitive commands. You can either delete an existing profile or remove a specific
configuration by using the no… commands.
The following table lists the sequence-sensitive commands and the corresponding no commands to remove
the configuration:
Sequence-Sensitive Command Corresponding no command
opendns <username <password> no opendns
rule <dest> <mask> <match> <protocol> <start-port>
<end-port> {permit | deny | src-nat | dst-nat {<IP-
address> <port> | <port>}}[<option1....option9>]
no rule <dest> <mask> <match>
<protocol> <start-port> <end-port>
{permit | deny | src-nat | dst-nat}
mgmt-auth-server <auth-profile-name>
no mgmt-auth-server <auth-profile-
name>
set-role <attribute>{{equals| not-equals | starts-
with | ends-with | contains} <operator> <role> |
value-of}
no set-role <attribute>{{equals |
not-equals | starts-with | ends-with
| contains} <operator>| value-of}
no set-role
set-vlan <attribute>{{equals | not-equals | starts-
with | ends-with | contains} <operator> <VLAN-ID> |
value-of}
no set-vlan <attribute>{{equals |
not-equals | starts-with | ends-with
| contains} <operator> | value-of}
no set-vlan
auth-server <name> no auth-server <name>
Table 8: Sequence-Sensitive Commands
Banner and Loginsession Configuration using CLI
Starting from Instant 6.5.0.0-4.3.0.0, the Banner and Loginsession Configuration feature is introduced in the
W-IAP, wherein the text banner can be displayed at the login prompt when users are on a management (Telnet
or SSH) session of the CLI, and the management session can remain active even when there is no user activity
involved.
The banner command defines a text banner to be displayed at the login prompt of a CLI. Instant supports up
to 16 lines text, and each line accepts a maximum of 255 characters including spaces.
To configure a banner:
(Instant AP)(config)# banner motd <motd_text>
Example of a text banner configuration:
(Instant AP)(config)# banner motd "######welcome to login instant###########"
(Instant AP)(config)# banner motd "####please start to input admin and password#########"
(Instant AP)(config)# banner motd "###Don't leak the password###"
(Instant AP)(config)# end
(Instant AP)# commit apply
To display the banner:
(Instant AP)# show banner
Dell Networking W-Series Instant 6.5.1.0-4.3.1.0 | User Guide Setting up a W-IAP | 22