Manualshelf

Specifications

ManualsBrandsExtreme Networks ManualsComputer equipmentAltitude 3550
281282283284285286287288289290
AP Management From Controller
Altitude 35x0 Access Point Product Reference Guide286
LAN, ensure the LAN subnet is on a secure channel. The AP will connect to the controller and request a
configuration.
AP WLAN Topology
An AP can be deployed in the following WLAN topologies:
Extended WLANs - Extended WLANs are centralized WLANs created on the controller All wireless
client traffics are tunneled to the controller.
Independent WLANs - Independent WLANs are local to an AP and can be configured from the
controller. You must specify a WLAN as independent to stop traffic from being forwarded to the
controller. All wireless data traffics are locally bridged at the AP. Management traffic is forwarded to
the controller.
Both - Extended and independent WLANs are configured from the controller and operate
simultaneously.
NOTE
For a review of some important considerations impacting the use of extended and independent WLANs within an AP
deployment, see “AP Deployment Considerations” on page 297.
Configuration Updates
An AP receives its configuration from the controller initially as part of its adoption sequence.
Subsequent configuration changes on the controller are reflected on an AP when applicable.
An AP applies the configuration changes it receives from the controller after 30 seconds from the last
received controller configuration message. When the configuration is applied on the AP, the radios
shutdown and re-initialize (this process takes less than 2 seconds) forcing associated MUs to be
deauthenticated. MUs are quickly able to associate.
NOTE
When using a dependant mode AP, be aware that any configuration changes made directly on the AP will be
overwritten once the AP is adopted by the controller and the configuration file from the controller is received.
Securing Data Tunnels between the Controller and AP
If a secure link (site-to-site VPN) from a remote site to the central location already exists, the AP does
not require IPSec be configured for adoption.
For sites with no secure link to the central location, an AP can be configured to use an IPSec tunnel
(with AES 256 encryption) for adoption. The tunnel configuration is automatic on the AP side and
requires no manual VPN policy be configured. On the controller side, configuration updates are
required to adopt the AP using an IPSec tunnel.
To review a sample AP configuration, see “Sample Controller Configuration File for IPSec and
Independent WLAN” on page 298.