Summit WM Getting Started Guide Software Version 5.1 Extreme Networks, Inc. 3585 Monroe Street Santa Clara, California 95051 (888) 257-3000 (408) 579-2800 http://www.extremenetworks.
AccessAdapt, Alpine, Altitude, BlackDiamond, EPICenter, ESRP, Ethernet Everywhere, Extreme Enabled, Extreme Ethernet Everywhere, Extreme Networks, Extreme Standby Router Protocol, Extreme Turbodrive, Extreme Velocity, ExtremeWare, ExtremeWorks, Essentials, ExtremeXOS, the Go Purple Extreme Solution, ScreenPlay, Sentriant, ServiceWatch, Summit, SummitStack, Triumph, Unified Access Architecture, Unified Access RF Manager, UniStack, the Extreme Networks logo, the Alpine logo, the BlackDiamond logo, the Extreme
Table of Contents About this guide .............................................................................................................................. 7 Who should use this guide ...........................................................................................................7 What is in this guide ...................................................................................................................7 Formatting conventions....................................................
Table of Contents Summit WM100 Controller data port cabling specification ................................................28 Collecting information for installation..........................................................................................28 Chapter 2: Summit WM Controller configuration.............................................................................. 35 Accessing the Summit WM Controller for the first time .................................................................
Table of Contents Wireless AP’s default IP address and first-time configuration...................................................71 Configuring the Wireless APs for the first time .............................................................................72 Powering the Wireless APs ...................................................................................................74 Altitude AP ...............................................................................................................
Table of Contents Configuring privacy for WM-AD .................................................................................................106 Configuring privacy for SSID network assignment .................................................................106 Configuring Static WEP................................................................................................106 Configuring WPA-PSK..................................................................................................
About this guide The purpose of the Getting Started Guide is to assist you in deploying Extreme Networks® Summit® WM Wireless LAN (WLAN) Solution by mapping preparation, installation, and configuration tasks into a logical and efficient flow. You can use this guide independently of other documents. However, if you are looking for detailed information on any aspect of the system’s installation, configuration, or management, use this guide in conjunction with the Summit WM User Guide.
About this guide ● Chapter 8, “Availability and Mobility configuration” – Explains how to configure availability and mobility features via the Summit WM Controller. Formatting conventions The document uses the following formatting conventions to make it easier to find information and follow procedures: ● Bold text is used to identify components of the management interface, such as menu items and section of pages, as well as the names of buttons and text boxes.
1 Summit WM Controller, Access Points, and Software Solution This chapter describes the essential concepts of Summit WM Controller, Access Points, and Software Solution.
Summit WM Controller, Access Points, and Software Solution policy class in order to provide unique levels of service, access permissions, encryption, and device authorization. A WM-AD segment is a virtual network and each Wireless AP can support multiple WM-AD segments. WM-AD optimizes the dynamic nature of WLAN mobility as WM-AD groups can follow users without depending on the physical configuration of the network.
Wireless AP Wireless APs are enterprise-class access points that deliver secure wireless access via the layer 3 tunnel for enterprise deployments. They provide advanced RF capabilities, security, reliability and scalability. The Wireless APs provide an unmatched level of flexibility and performance for complex, time-sensitive functions including QoS, encryption and rogue AP detection. The Wireless AP physically connects to a LAN infrastructure and establishes an IP connection with the Summit WM Controller.
Summit WM Controller, Access Points, and Software Solution The Outdoor AP enables you to extend your Wireless LAN beyond the confines of indoor locations. They are resistant to harsh outdoor conditions and extreme temperatures. Using the advanced wireless distribution feature of Summit WM Wireless LAN, the Outdoor AP can extend your Wireless LAN to outdoor locations without Ethernet cabling. A mounting bracket is available to enable quick and easy mounting of the Outdoor APs to walls, rails and poles.
Summit WM Controller, Access Points, and Software Solution topology and network elements The following figure illustrates a typical configuration with a single Summit WM Controller and two Wireless APs, each supporting a wireless device. A RADIUS server on the network provides user authentication, and a DHCP server assigns IP addresses to the Wireless APs. Network inter-connectivity is provided by the infrastructure routing and switching devices.
Summit WM Controller, Access Points, and Software Solution are user agents and services that are advertised by a service agent. In larger installations, a directory agent collects information from service agents and creates a central repository. SLP is one of the several modes that the Summit WM Controller uses to discover the Wireless APs. ● Domain Name Server – A server that translates the domain names into IP addresses. The DNS is used as an alternative mechanism for the automatic discovery process.
● DHCP relay for WM-AD ● DHCP for traffic bridged locally at Wireless AP The following sections explain the four scenarios with the help of graphical illustrations. DHCP for Wireless APs Figure 2: DHCP for Wireless APs * The Wireless AP requests an IP address from the external DHCP server. DNS Server DHCP Server * The DHCP server responds by sending the IP address to the Wireless AP.
Summit WM Controller, Access Points, and Software Solution DHCP for WM-AD Figure 3: DHCP for WM-AD * The wireless device requests an IP address from Wireless AP. * The Wireless AP forwards the request to Summit WM Controller via WM-AD tunnel. DNS Server DHCP Server * The built-in DHCP server in Summit WM Controller responds by sending the IP address to Wireless AP. * The Wireless AP sends the IP address to the wireless device.
DHCP relay for WM-AD Figure 4: DHCP relay for WM-AD * A wireless device sends a request for IP address to Wireless AP. DNS Server DHCP Server * The Wireless AP forwards the request to Summit WM Controller via WM-AD tunnel. * The Summit WM Controller relays the request to the DHCP server. * The DHCP server responds by sending the IP address to the Summit WM Controller. * The Summit WM Controller relays the IP address to the Wireless AP.
Summit WM Controller, Access Points, and Software Solution DHCP for traffic bridged locally at Wireless AP Figure 5: DHCP for traffic bridged locally at Wireless AP DNS Server * A wireless device sends a request for IP address to Wireless AP. * The Wireless AP forwards the request to the DHCP server. * The DHCP server responds by sending the IP address to the Wireless AP. * The Wireless AP sends the IP address to the wireless device.
Summit WM200/2000 Controller front panel The Summit WM200/2000 Controller is composed of the following three cards: ● Media/Persistent Storage Card ● Network Processor Card ● Host Supervisor Card The following figure identifies the main components on the front panel of Summit WM200/2000 Controller.
Summit WM Controller, Access Points, and Software Solution Summit WM200/2000 Controller LEDs The Summit WM200/2000 Controller has five LED lights and two switches on its front panel. Figure 7: Summit WM200/2000 Controller’s LED lights and switches ACT LED Seven-Segment Display Reset Switch RUN LED ERROR LED LCT Switch WARNING LED INT LED The description of the LED states and switches is provided below: ● Reset Switch – Reboots the system.
Table 1: LED states and SSD codes during firmware initialization (Continued) Active LED Warning LED Error LED SSD Codes Condition Green 5 The system is formatting memory. Green 6 The system is initializing load device. Note: If the SSD code is stuck at 6 for more than a minute, it implies that the Network Processor Card is installed in wrong slot. Green 9 The system is loading subsystem. Green b The system is starting the operation system. The system is active.
Summit WM Controller, Access Points, and Software Solution Error conditions: Table 4: LED states and SSD codes during error conditions Active LED Warning LED Error LED SSD Code Condition Green Red 1 Failed to identify FDD. Possibly due to removal of FDD card. Green Red 2 Failed to initialize NPE card. Green Red 3 Critical threshold reached (95C for NPE). Green Red 4 The system will reboot. Full fan assembly failure (both trays). The system will reboot.
NOTE The hardware for the Summit WM200 Controller and the Summit WM2000 Controller are identical. For more information, see “Summit WM200/2000 Controller front panel” on page 19 and “Summit WM200/2000 Controller back panel” on page 22. Summit WM20 Controller front panel Figure 9: Summit WM20 Controller front panel LAN Ports Hot Swap Lever Management USB Server Reset Button USB Control LEDs Power Switch NOTE The hot swap button’s operation is not supported in the current release.
Summit WM Controller, Access Points, and Software Solution Summit WM20 Controller’s LEDs The Summit WM20 Controller has four lights on its front panel. Figure 10: Summit WM20 Controller LED lights Activity LED Status LED HDD Activity LED Hot Swap LED The functional definitions of the Summit WM20 Controller’s LEDs are provided below: ● ACTIVITY LED – Indicates the CPU activity, including the amount of traffic carried to and from the Wireless APs.
Table 5: Summit WM20 Controller’s LED states and their description Status LED Activity LED Condition Solid Amber Blinking Amber Startup Manager: Task Completes Startup — All Components Active Solid Amber Blinking Green A Component Fails to Start or Needs Restarting (Startup Manager Task Retrying That Component) Green Blinking Red Possible Hardware Failure (No More Retries) Solid Red Off A Component Fails (No More Retries) Blinking Red Off System About To be Reset By Watchdog Solid Red Sol
Summit WM Controller, Access Points, and Software Solution Summit WM1000 Controller back panel The following figure identifies the main components on the back panel of Summit WM1000 Controller. Figure 12: Summit WM1000 Controller back panel Data Ports Power Switch Redundant Power Supply Management Port Console Port LED Lights NOTE The Summit WM1000 Controller may have a standard power supply (one power supply) or a redundant power supply (two power supplies).
Summit WM1000 Controller LEDs The Summit WM1000 Controller has three LED lights on its back panel. Figure 13: Summit WM1000 Controller LED Lights Link-up LED Status LED Activity LED The description of the LED states is provided below: ● LINK-UP LED – Displays the link status of management port Ethernet link as seen by the system’s software. This LED is located only on the back panel of the Summit WM1000 Controller.
Summit WM Controller, Access Points, and Software Solution Summit WM100 Controller back panel The following figure identifies the main components on the back panel of Summit WM100 Controller. Figure 14: Summit WM100 Controller back panel Power Switch Power Supply Data Ports Console Port Management Port LED Lights NOTE The Summit WM100 Controller has the same number of LED lights on the back panel as the Summit WM1000 Controller. The LED description of their state is also identical to WM100.
Some of the information listed in the table may not be relevant to your network configuration. You should only record the information that is pertinent to your network configuration. Table 6: Information gathering table Configuration data Description Accessing the Summit WM Controller for the first time • Unused IP address in the 192.168.10.0/24 subnet – This IP address must be assigned to the Ethernet port of your laptop computer. You can use any IP address between 192.168.10.2 and 192.168.10.255.
Summit WM Controller, Access Points, and Software Solution Table 6: Information gathering table (Continued) Configuration data Description Your entry Data Ports information • IP address – IP address of the physical ethernet port. • Subnet mask – Subnet mask for the IP address, which separates the network portion from the host portion of the address (typically 255.255.255.0). • MTU – The maximum transmission unit or maximum packet size for this port. The default setting is 1500.
Table 6: Information gathering table (Continued) Configuration data Description Domain name for installing DHCP service Domain name – Your organization’s domain name. Windows 2003 Server’s IP address IP address – The IP address of Windows 2003 Server. SLP DA’s IP address Hexa values of SLP DA’s IP address – The Wireless APs use the SLP DA to discover the Summit WM Controller. Your entry The mobility agents use the SLP DA to discover the mobility manager.
Summit WM Controller, Access Points, and Software Solution Table 6: Information gathering table (Continued) Configuration data Description Your entry DHCP Relay in Routed WM-AD • Gateway – The Summit WM Controller advertises this address to the wireless devices when they sign on and get a dynamic IP address. The gateway corresponds to the IP address that is communicated to mobile users.
Table 6: Information gathering table (Continued) Configuration data Description Internal captive portal settings information • Login Label – The text that will appear as a label for the user name. Your entry • Password Label – The text that will appear as a label for the user password text box. • Header URL – The URL of the file to be displayed in the header of the Captive Portal screen. • Footer URL – The URL of the file to be displayed in the footer of the Captive Portal screen.
Summit WM Controller, Access Points, and Software Solution Table 6: Information gathering table (Continued) Configuration data Description Your entry Mobility manager information • Port – The interface of the Summit WM Controller that is to be used as the mobility manager. Ensure that the selected interface is routable on the network. • Heartbeat – The time interval (in seconds) at which the mobility manager sends a heartbeat message to the agent. The default is 5.
2 Summit WM Controller configuration This chapter explains how to configure the Summit WM Controller’s settings to make it operational.
Summit WM Controller configuration 4 In the address bar, type https://192.168.10.1:5825. The Summit WM GUI login screen is displayed. 5 In the User Name text box, type admin. 6 In the Password text box, type abc123. 7 Click Login. The Summit WM GUI is displayed. NOTE In the footer of the Summit WM GUI, the following is displayed: • [host name | product name | up time] • For example, [WM200/2000 | WM200/2000 | 01 days, 19:54].
• User is the user id you used to login in. For example, admin. • Port Status is the connectivity state of the port. M is for the Management interface, which is on eth0 and the numbered lights reflect the esa ports on the system. Green indicates the interface is active and running. Red indicates the interface is down. In the Summit WM100 Controller, the footer of the Wireless Manager does not include the link status of the physical interfaces. 8 From the main menu, click Summit Controller.
Summit WM Controller configuration • Summit WM200 Controller • Summit WM20 Controller 10 In the Management Port Settings section, click Modify. The System Port Configuration screen is displayed. 11 Type the following information: ● Hostname – Specifies the name of the Summit WM Controller by which it will be known. You must assign a unique name for the Summit WM Controller. ● Domain – Specifies the IP domain name of the enterprise network.
Connecting the Summit WM Controller to the enterprise network To connect the Summit WM Controller to the enterprise network: 1 Disconnect your laptop computer from the Summit WM Controller management port. 2 Connect the Summit WM Controller management port to the enterprise Ethernet LAN. The Summit WM Controller resets automatically. 3 Log on to the Summit WM GUI from any computer on the enterprise network.
Summit WM Controller configuration The Summit WM Controller provides you the following two options to synchronize the clocks of Summit WM Controller and the Wireless APs: ● Using the system’s time – The system’s time is the Summit WM Controller’s time. ● Using the network time protocol (NTP) – The Network Time Protocol is a protocol for synchronizing the clocks of computer systems over packet-switched data networks.
Configuring the network time using the NTP To configure the network time using the NTP: 1 Perform Step 1 to Step 7 of “Configuring the network time using the system’s time” on page 40. 2 Select Use NTP radio button. 3 In the Time Server 1 text box, type the IP address or FQDN (Full Qualified Domain Name) of a NTP Time Server that is accessible on the enterprise network. 4 Repeat Step 3 for Time Server2 and Time Server3 text boxes.
Summit WM Controller configuration 6 Click Apply Now. The software license key is applied, and the Summit WM Controller reboots. Now you should configure the Summit WM Controller’s physical ports. The following chapter describes how to configure the Summit WM Controller’s physical ports. 42 Summit WM Getting Started Guide, Software Version 5.
3 Physical ports configuration This chapter describes how to configure the Summit WM Controller’s physical ports. The topics in this chapter are organized as follows: ● Physical data ports overview ● Configuring physical data ports Physical data ports overview Port configuration defines the administrative state of each interface. By default, the data interface states are disabled. You must enable each of the data interfaces individually.
Physical ports configuration Configuring physical data ports To configure the data port interfaces on the Summit WM Controller: 1 From the main menu, click Summit Controller. The Summit Controller screen is displayed. 2 In the left pane, click IP Addresses. The Management Port Settings screen is displayed. The lower part of the screen displays the four ethernet ports, and each MAC address is displayed under the MAC column.
4 Type the following: ● IP address – The IP address of the physical ethernet port. ● Subnet mask – The subnet mask for the IP address, which separates the network portion from the host portion of the address (typically 255.255.255.0) ● MTU – The maximum transmission unit or maximum packet size for this port. The default setting is 1500. If you change this setting, and are using OSPF, you must make sure that the MTU of each port in the OSPF link matches.
Physical ports configuration 46 Summit WM Getting Started Guide, Software Version 5.
4 Routing Configuration This chapter explains how to configure static routing and OSPF routing on the Summit WM Controller. The topics in this chapter are organized as follows: ● Configuring a static route ● Configuring the OSPF routing Configuring a static route To configure a static route: 1 From the main menu, click Summit Controller. The Summit Controller screen is displayed. 2 In the left pane, click Routing Protocols. The Routing Protocols screen is displayed.
Routing Configuration 7 Select the Override dynamic routes check box to give priority over the OSPF routes that the Summit WM Controller uses for routing. By default, the Override dynamic routes is enabled. If you want to remove priority for static routes so that the routing is always controlled dynamically, clear the Override dynamic routes check box. 8 To save your changes, click Save.
● Define the global OSPF parameters. For more information, see “Defining the global OSPF parameters” on page 50. Ensure that the OSPF parameters defined for the Summit WM Controller are consistent with the adjacent routers in the OSPF area. The consistency includes the following: ● Timer Settings – If the peer router has different timer settings, the protocol timer settings in the Summit WM Controller must be changed to the peer router to match in order to achieve OSPF adjacency.
Routing Configuration 7 In the Area Type drop-down list, click one of the following: ● Default – Acts as the backbone area (also known as area zero). It forms the core of an OSPF network. All other areas are connected to it, and inter-area routing occurs via a router connected to the backbone area. ● Stub – Does not receive external routes. External routes are defined as routes, which are distributed in OSPF via another routing protocol.
Confirming the ports are set for OSPF To confirm the ports are set for OSPF: 1 From the main menu, click Summit Controller. The Summit Controller screen is displayed. 2 On the Routing Protocols screen, click View Forwarding Table. The Forwarding Table is displayed. 3 Click the OSPF Neighbor tab. If OSPF protocol is enabled, this report displays the current neighbors for OSPF. 4 Click the OSPF Linkstate tab.
Routing Configuration 52 Summit WM Getting Started Guide, Software Version 5.
5 Configuring DHCP, DNS and IAS services This chapter describes how to configure DHCP, DNS and IAS services on Windows 2003 Server. In addition, the chapter explains how to configure DHCP service on a Linux-based server. Note that your Windows 2003 or Linux server may have a different configuration process than what is described here. You must refer to your manufacturer’s document to know the configuration process that is specific to your server.
Configuring DHCP, DNS and IAS services 3 Click Next. The Scope Name window is displayed. 4 In the Name and Description text boxes, type the scope’s name and the description respectively. This can be any name that you want, but it should be descriptive enough so that you can identify the purpose of the scope on your network. 5 Click Next. The IP Address Range window is displayed.
14 In the IP address text box, type the network’s default gateway. You must use the default gateway provided by your network administrator. 15 Click Next. The Domain Name and DNS Servers window is displayed. 16 In the Parent domain text box, type your company’s domain name. You must use the Parent Domain provided by your network administrator. 17 In the Server name text box, type your server name. You must use the Server name provided by your network administrator.
Configuring DHCP, DNS and IAS services 21 Select Yes, I want to activate this scope now, and click Next. The wizard displays the following message: This server is now a DHCP server. 22 Click Start, point to Administrative Tool, and then click DHCP. The DHCP console tree is displayed. 23 Select the scope you configured, and right-click. 24 Select Configure Options. The Server Options window is displayed. 25 Enable 078 SLP DA.
Parameters (including options) declared before a section enclosed in curly brackets {} are considered global parameters. Global parameters apply to all the sections below it. NOTE If you change the configuration file, the changes will not take effect until you restart the DHCP daemon with the command service dhcpd restart. The following is the example of DHCP configuration on a Red Hat Linux Server. For Wireless AP subnet subnet 10.209.0.0 netmask 255.255.255.0 { option routers 10.209.0.
Configuring DHCP, DNS and IAS services subnet 172.29.2.0 netmask 255.255.255.224 option routers 172.29.2.1; #### This is the WM-AD 2 gateway. option subnet-mask 255. 255. 255.0 option domain-name toronto.xyznetworks.com”; option domain-name-servers 192.1.1.3; range 172.29.2.2 172.29.2.30; default-lease-time 36000; max-lease-time 7200000;###The figures are in seconds.
Configuring IAS properties To configure the IAS properties: 1 Click Start, point to Programs, point to Administrative Tools, and then click Internet Authentication Service. 2 Right-click Internet Authentication Service (Local), and then click Properties. 3 In the Description text box, type a name that you want to assign to this IAS server. 4 If you do not want to record the rejected authentication requests, clear the Log rejected or discarded authentication requests checkbox.
Configuring DHCP, DNS and IAS services You must note that the values you type in the Authentication text box should match the value that you define in the Port text box of Auth section on the Auth & Acct tab of Summit WM Controller’s WM-AD screen. For more information, see “Configuring authentication mechanism for WM-AD” on page 97 of Chapter 7, “WM-AD configuration.
Configuring Summit WM Controller as IAS client To configure Summit WM Controller as IAS client: 1 Click Start, point to Administrative Tool, and then click Internet Authentication Service. 2 Right-click Clients, and then New Client. 3 In the Friendly name text box, type the name that you want to assign to the Summit WM Controller, and then click Next. 4 In the Client address (IP or DNS) text box, type the IP address of the Summit WM Controller, and then click Verify. 5 Click Resolve.
Configuring DHCP, DNS and IAS services 6 On the Action menu, click New Remote Access Policy. The New Remote Access Policy Wizard is displayed. 7 Click Next. The Policy Configuration Method window is displayed. 62 Summit WM Getting Started Guide, Software Version 5.
8 Select Use the wizard to set up a typical policy for a common scenario. 9 In the Policy name text box, type the name you want to assign to the policy, and then click Next. The Access Method window is displayed. 10 Select Wireless and then click Next. The User or Group Access window is displayed. Summit WM Getting Started Guide, Software Version 5.
Configuring DHCP, DNS and IAS services 11 Select User or Group, and click Next. The Authentication Methods window is displayed. 12 Select Protected EAP (PEAP) or Smart card or other certificate, and click Next. 13 Click Finish. The new policy is displayed in the right pane. 14 In the right pane, select and right-click the newly configured remote access policy. 15 Select Properties. The Properties window is displayed. 16 Select Grant Remote Access Permission. 17 Click Apply and then click OK. 18 Click Add.
Configuring DNS for internet access To configure DNS for internet access: 1 Click Start, point to All Programs, point to Administrative Tools, and then click Configure Your Server Wizard. 2 Click Next. The Summary of Selections window is displayed. NOTE The Summary of Selections window should list the following two items: Install DNS and Run the Configure a DNS Wizard to configure DNS.
Configuring DHCP, DNS and IAS services 10 Click Finish. The wizard displays the following message: This server is Now a DNS Server. Configuring DNS for Wireless APs discovery To configure DNS for Wireless APs discovery: 1 Click Start, point to All Programs, point to Administrative Tools, and then click DNS. 2 Select the domain. 3 In the Action menu, select New Domain. The New DNS Domain window is displayed. 4 In the New DNS Domain window, type the name for the new domain. 5 Restart the service.
6 Wireless AP configuration This chapter describes how to configure and manage the Wireless APs.
Wireless AP configuration NOTE The configuration process is same for all three variants — Altitude AP, Outdoor AP, and Altitude 802.11n AP — and is done via the Summit WM Controller. Altitude AP The Altitude AP is meant for indoor environments. It can be mounted on walls or ceilings, using special brackets, and can be kept completely out of sight.
experience similar to wired networks while accessing high-bandwidth data, voice, and video applications. The Altitude 802.11n AP is available in the following two models: ● Altitude 450 – 3 internal antennas ● Altitude 451 – 3 internal antennas, RP-SMA connectors MIMO The pivot of 802.11 AP is MIMO (multiple input, multiple output) — a technology that uses advanced signal processing with multiple antennas to improve the throughput.
Wireless AP configuration Figure 15: MIMO in Altitude 802.11n AP The installation of 802.11n APs is also made easy – the 802.11n APs do not need to be deployed in the client device’s “line of sight”. On the contrary, the 802.11n APs work better when radio signals bounce off the obstructions that are typical of any indoor wireless LAN environment — cube walls, doors, partitions etc. — to reach the client device.
throughput. The 40-MHz channels in 802.11n are two adjacent 20-MHz channels, bonded together. This technique of using two channels at the same time is called channel bonding. Shortened guard interval The purpose of the guard interval is to introduce immunity to propagation delays, echoes and reflections of symbols in orthogonal frequency division multiplexing (OFDM) — a method by which information is transmitted via a radio signal in Wireless APs.
Wireless AP configuration default method for Wireless AP configuration. The Wireless AP default IP address impacts the first-time configuration processes for both methods: ● DHCP server – If successful, the Wireless AP is assigned an IP address by the network’s DHCP server when the Wireless AP is powered on. ● If the DHCP assignment is not successful in the first 60 seconds, the Wireless AP returns to its default IP address.
1 From the main menu, click Altitude APs. The Altitude AP screen is displayed. 2 In the left pane, click WAP Registration. 3 In the Security Mode section, select one of the following options: NOTE Security mode is a Summit WM Controller property. It defines how the Summit WM Controller behaves when registering new devices. During the registration process, the Summit WM Controller’s approval of the Wireless APs depends on the security mode that has been set.
Wireless AP configuration 4 In the Discovery Timers section, type the discovery timer values in the following text boxes: ● Number of retries – Limited to 255 in a five minute discovery period. The default value is 3. ● Default between retries – The default value is 1 second. 5 To save your changes, click Save. 6 To initiate the discovery and registration process, connect the Wireless AP to a power source. The Wireless APs can be connected and powered in several ways.
AP is in the pending state, it receives minimum configuration that only allows it to maintain an active link with the Summit WM Controller for future state change. To manually approve pending Wireless APs: 1 From the main menu, click Altitude APs. The Altitude AP screen is displayed 2 In the left pane, click Access Approval. The Access Approval screen is displayed. 3 In the Select Altitude APs section, click Pending. The pending Wireless APs are selected.
Wireless AP configuration Modifying Wireless APs’ properties After the Wireless APs are successfully registered, you can modify their properties. To modify the Wireless AP’s properties: 1 From the main menu, click Altitude APs. The Altitude AP screen is displayed. 2 In the Altitude APs list, click the Wireless AP for which you want to modify the properties. The AP Properties tab is displayed.
● User Broadcast for disassociation – Select this feature, if you want the Wireless AP to use broadcast disassociation when disconnecting all wireless devices instead of disassociating each client one by one. This feature is disabled by default. NOTE The Use broadcast for disassociation parameter is not displayed on the AP Properties page if the selected Wireless AP is 802.11n AP (Altitude 450/451). ● Country – Where the Wireless AP operates.
Wireless AP configuration 3 In the IP Address Assignment section, select Use DHCP. 4 In the Add text box, type the IP address of the Summit WM Controller that will manage this Wireless AP. 5 Click Add. The IP address is added to the list. 6 Repeat Steps 4 to 5 to add additional Summit WM Controllers. The Wireless AP attempts to connect to the IP addresses (of the Summit WM Controllers) in the order in which they are listed in the Summit Controller Search List.
9 Click Active Altitude APs. A list of active Wireless APs is displayed with the corresponding IP addresses assigned to them by the DHCP server. 10 Locate the Wireless AP for which you are configuring the static IP address in the list, and the corresponding IP address. 11 From the main menu, click Altitude APs. The Altitude APs screen is displayed. Summit WM Getting Started Guide, Software Version 5.
Wireless AP configuration 12 Click the Static Configuration tab. 13 In the IP Address Assignment section, select Static Values. 14 In the IP Address text box, type the IP address that you obtained by using the DHCP server (or any other assigned IP address). 15 In the Netmask text box, type the appropriate subnet mask to separate the network portion from the host portion of the address. 16 In the Gateway text box, type the default gateway of the network. 17 To save your changes, click Save.
3 In the Tagged - VLAN ID text box, type the VLAN ID on which the Wireless AP will operate. 4 To save your changes, click Save. The Wireless AP reboots and loses connection with the Summit WM Controller. 5 Log out from the Summit WM Controller. 6 Disconnect the Wireless AP from the central office network and move it to the target location. 7 Power the Wireless AP. The Wireless AP connects to the Summit WM Controller.
Wireless AP configuration Reset button (Hardware) Some models of the Altitude AP have a reset button. If your model is equipped with a reset button, you can set it to its factory default settings by pressing and holding the reset button for approximately six seconds. NOTE If you press the reset button and do not hold it over six seconds, the Altitude AP will merely reboot, and not reset to its factory defaults. The following figure illustrates the location of the reset button on the Altitude AP.
The following figure illustrates the location of the reset button on the Outdoor AP. Figure 17: Position of the reset button with the housing cover removed CAUTION The reset button is located below the housing cover beside the sockets for the external antennas. To access the reset button, you must remove the housing cover. For more information, see the Outdoor AP Installation Guide. Resetting the Altitude 802.11n AP to its factory default settings You can set the Altitude 802.
Wireless AP configuration Altitude AP LED status The following figure depicts the location of the three LEDs on the Altitude AP. Figure 19: Altitude AP LEDs Left LED Status LED Right LED WARNING! Never disconnect a Wireless AP from its power supply during a firmware upgrade. Disconnecting a Wireless AP from its power supply during a firmware upgrade may cause firmware corruption rendering the AP unusable.
Left LED The Left LED indicates the high-level state of the Wireless AP during the initialization and discovery process: Table 8: Left LED and Wireless AP’s high-level state Left LED Altitude AP’s high-level state Off Initialization Blinking Green Network Discovery Solid Green Connecting with the Summit WM Controller Left and Right LEDs The Right LED indicates the detailed state during the initialization and discovery processes.
Wireless AP configuration Table 10: Composite view of three LED lights (Continued) Left LED Right LED Centre LED Altitude AP’s Detailed state Blinking Green Off Blinking Green / Orange Network discovery: 802.1x authentication Blinking Red Failed 802.
Outdoor AP LED status The following figure depicts the location of the LEDs on the Outdoor AP. Figure 20: Outdoor AP LEDs NOTE Although Figure 5 depicts six LEDS, only R1, R2 and F LEDs are used in the current release. The remaining LEDs are disabled. The Center, Left and the Right LEDs work in conjunction to indicate the general, high-level state and the detailed state respectively. The following table provides a composite view of the three LED lights of the Outdoor AP’s state.
Wireless AP configuration Table 11: Outdoor AP LED status (Continued) R1 LED R2 LED F LED Outdoor AP’s detailed status Blinking Green/Yellow Blinking Red Connecting with WM: Image upgrade Solid Red Image upgrade failed Solid Green/ Yellow Blinking Red Connecting with WM: Configuration Solid Red Configuration failed Off AP operating and running normally: Forced image upgrade Solid Red Image upgrade failed Blinking Green/Yellow NOTE After discovery is finished, left and right LEDs will be
After initialization and discovery is completed and the 802.11n AP is connected to the Summit WM Controller, the LEDs L3 and L4 indicate the state of the corresponding radio — L3 for Radio 5 GHz, and L4 for Radio 2.4 GHz. The LED L2 indicates the status of the Ethernet port. LED color codes The AP LEDs indicate “normal-operation”, “warning/special”, or “failed” state of the Wireless AP in the following color codes: ● Green – Indicates the normal-operation state.
Wireless AP configuration Table 13: LEDs, L3, L4 and L1, and Wireless AP’s detailed state (Continued) L3 L4 L1 Altitude 802.11n AP’s detailed state Blink Green Off Blink Green Network discovery: 802.1x authentication Blink Red Failed 802.
7 WM-AD configuration This chapter explains how to configure the WM-AD through the Summit WM Controller using the Summit WM GUI.
WM-AD configuration ● Bridge at the AP WM-AD (Bridge Traffic Locally at AP) – The user traffic is directly bridged with VLAN at the AP’s point of access (switch port). ● VLAN bridged WM-AD (Bridge Traffic Locally at WM) – The user traffic is tunneled to the Summit WM Controller and is directly bridged with it to a specific VLAN.
Creating and configuring a Routed WM-AD The user traffic is tunneled to the Summit WM Controller in Routed WM-AD type. This is the default set-up. To create and configure a Routed WM-AD type: 1 From the main menu, click WM-AD Configuration. The WM-AD Configuration screen is displayed. 2 In the Add subnet text box, type the WM-AD name. 3 Click Add subnet. The name is displayed in the virtual networks list and the Topology tab is displayed. 4 From the WM-AD Mode drop-down list, click Routed.
WM-AD configuration assigned IP address. The default value for Lease default is 36000 seconds (10 hours), the default value for Lease Max is 2539000 seconds. ■ ● DNS Server – This text box relates to the IP address of the domain name server on the enterprise network. Use DHCP Relay: If you select Use DHCP Relay, the local DHCP server on the Summit WM Controller is disabled and the Summit WM Controller instead forwards DHCP requests to the external DHCP server for dynamic IP addresses allocation.
As a next step, you should configure the authentication mechanism for the WM-AD. For more information, see “Configuring authentication mechanism for WM-AD” on page 97. Creating and configuring a Bridge Traffic Locally at WM WM-AD NOTE Only the following models support VLAN bridged WM-AD (Bridge Traffic Locally at WM): • Summit WM2000 Controller • Summit WM200 Controller • Summit WM20 Controller To configure a bridge traffic locally at WM WM-AD: 1 From the main menu, click WM-AD Configuration.
WM-AD configuration To configure a Bridge traffic locally at AP WM-AD: 1 From the main menu, click WM-AD Configuration. The WM-AD Configuration screen is displayed. 2 In the Add subnet text box, located in the lower portion of the left pane, type the WM-AD name. 3 Click Add subnet. The name is displayed in the virtual networks list and the Topology tab is displayed. 4 From the WM-AD Mode drop-down list, click Bridge Traffic Locally At AP. The VLAN Setting text boxes are displayed.
● Enable proprietary IE – Select to enable radio channel reports to be sent to the Summit WM Controller for improving roaming time and reliability, as well as improving client power consumption. The Wireless AP channel report lists all channels on which the WM-AD can be found—all channels used by all APs that have been assigned to the WM-AD. The Wireless AP will provide this list in a proprietary information element to be included in Beacon and Probe response packets. By default this option is disabled.
WM-AD configuration ■ Internal Captive Portal –The Summit WM Controller uses its built-in web server and web page to accept authorization data. This web page can be customized over the Summit WM GUI. NOTE You must note here that the internal Captive Portal does not substitute the external RADIUS server. The RADIUS server is still needed. The internal Captive Portal within the Summit WM Controller displays the webpage to enable the users to supply their user name and password.
NOTE To set-up the RADIUS server for MAC-based authentication, you must set up a user account with User ID=MAC and Password= MAC or a password defined by the administrator for each user. To define MAC-based authentication for a WM-AD: 1 From the main menu, click WM-AD Configuration. The WM-AD Configuration is displayed. 2 In the left pane, select the SSID WM-AD for which you want to configure the authentication mechanism. The Topology tab is displayed. 3 Click the Auth & Acct tab.
WM-AD configuration 8 In the Password text box, type the password you want to use for MAC-based authentication requests. The Password is forwarded by the Summit WM Controller to the authentication server. If the Password box is left empty, the MAC address will act as the default password. Toggle between Mask/Unmask to view and hide the defined password. 9 To enable MAC-based authentication on roam, select the MAC-based authentication on roam checkbox.
4 Click Configure Captive Portal Settings. The Captive Portal Configurations screen is displayed. 5 Select the Internal Captive Portal option. 6 Type the values in the following text boxes: ● Login Label – The text that will appear as a label for the user name. ● Password Label –The text that will appear as a label for the user password text box. ● Header URL – The URL of the file to be displayed in the header of the Captive Portal screen.
WM-AD configuration ● MAC Address The selection of these VSAs dictate with what VSA the wireless users will be identified. For example, the wireless users can be identified by which Wireless AP or WM-AD they are using. 8 To provide the users with logoff button to sign out, select Logoff. If you select Logoff, the users will be provided with a logoff button to sign out. The logoff button launches a pop-up logoff screen, empowering the users to control their logoff.
3 Click the Auth & Acct tab. The Auth & Acct screen is displayed. 4 Click Configure Captive Portal Settings. The Captive Portal Configurations screen is displayed. 5 Select the External Captive Portal option. 6 In the WM Connection drop-down list, click the Summit WM Controller’s IP address. 7 In the Port text box, type the Summit WM Controller’s port.
WM-AD configuration Configuring filtering rules for Exception filter To configure rules for the Exception filter: 1 From the main menu, click WM-AD Configuration. The WM-AD Configuration screen is displayed. 2 In the left pane, click the SSID WM-AD for which you want to define the filtering rules. The Topology tab is displayed. 3 Click the Filtering tab. 4 From the Filter ID drop-down list, click Exception. 5 Define a filtering rule. a In the IP/subnet:port text box, type the destination IP address.
4 From the Filter ID drop-down list, click Non-authenticated. 5 Define a filtering rule. a In the IP/subnet:port text box, type the destination IP address. You can also specify the IP range, a port designation or a port range on the IP address in the IP/ subnet:port text box. b From the Protocol drop-down list, click the applicable protocol. The default is N/A.
WM-AD configuration Configuring filtering rules for filters in AAA network assignment The AAA network assignment type offers the following two default filters: ● Default ● Exception In AAA network assignment type, a Non-authenticated filter becomes unnecessary because the users are already authenticated. For more information, see “Configuring filtering rules for Exception filter” on page 104, and “Configuring filtering rules for Default filter” on page 105. Now you must configure privacy for the WM-AD.
4 Select Static Keys (WEP). 5 Type the values in the following text boxes: ● WEP Key Length – Size of a WEP Key. ● Input Hex – If you enable Input Hex, the WEP Key text box is displayed. Type the WEP Key manually in this text box. ● Input String – If you select Input String, the following two text boxes are displayed –Strings and WEP Key. Type the secret WEP Key string in the WEP Key String text box. The WEP Key text box is automatically filled by the corresponding Hex code.
WM-AD configuration 4 Select WPA-PSK. 5 Select WPA v1. If you select WPA v1, its subordinate Encryption drop-down menu is enabled. The Encryption drop-down menu offers you the following two options: ■ Auto – If you click Auto, the Wireless AP advertises both TKIP and CCMP (counter mode with cipher block chaining message authentication code protocol). CCMP is an IEEE 802.11i encryption protocol that uses the encryption cipher AES (Advanced Encryption Standard). Auto is the default.
9 In the Pre-shared Key text box, type the shared secret key that is to be used between the wireless device and the Wireless AP. The shared secret key is used to generate the 256 bit key. 10 To confirm your entry, click Unmask. The shared key entry is displayed. You must always unmask the shared secret key before you save your settings. 11 To save your changes, click Save.
WM-AD configuration ● Uses RADIUS protocols for authentication and key distribution; therefore, requires a RADIUS or other authentication server. ● Centralizes management of user credentials. The WPA authentication process involves the following steps: ● Step 1 – The wireless device associates with Wireless AP. ● Step 2 – The Wireless AP blocks the wireless device’s network access while the authentication process is carried out.
9 To save your changes, click Save. You have completed the WM-AD configuration. Now you should configure the Summit WM Controller’s availability and mobility features. The following chapter describes how to configure the Summit WM Controller’s availability and mobility features. Summit WM Getting Started Guide, Software Version 5.
WM-AD configuration 112 Summit WM Getting Started Guide, Software Version 5.
8 Availability and Mobility configuration The chapter describes how to configure the Summit WM Controller’s availability and mobility features. The topics in this chapter are organized as follows: ● Availability overview ● Configuring availability feature ● Mobility overview ● Configuring mobility Availability overview The Summit WM Wireless LAN (WLAN) Solution’s availability feature maintains service availability in the event of a Summit WM Controller outage.
Availability and Mobility configuration ● Step 3 – Assign the Wireless APs to their home Summit WM Controllers. ● Step 4 – Enable both the Summit WM Controllers as an availability pair. ● Step 5 – Define a primary Summit WM Controller. ● Step 6 – Select one of the security mode options: ● Allow all Wireless APs to connect – If the Summit WM Controller does not recognize the Wireless AP’s serial number, it sends a default configuration to the Wireless AP.
5 In the AP Properties section, confirm that the Poll Timeout is set to its default value i.e., 15. If the Poll Timeout value is not set to its default value, change it to the default value. The Poll Timeout is the time in which the polling to the Summit WM Controller ‘times out’. If the Poll Timeout value is less than 15 (seconds), the Wireless AP failover will not succeed because the secondary controller will not be ‘ready’ to accept the failover APs.
Availability and Mobility configuration 5 In the Security Mode section, click Allow only approved Altitude APs to connect. 6 From the main menu of the secondary Summit WM Controller, click Altitude APs. The Altitude AP screen is displayed. 7 Repeat Step 3 to Step 5. 8 From the main menu of the primary Summit WM Controller, click Altitude APs. The Altitude AP screen is displayed. 9 In the left menu, click Access Approval. The Access Approval screen is displayed.
10 From the main menu of the secondary Summit WM Controller, click Altitude APs. The Altitude AP is displayed. 11 In the Summit WM Controller IP Address, type the IP address of the management port or physical port of the primary Summit WM Controller. 12 Clear the Current Summit WM Controller is primary connection point checkbox. 13 From the main menu of the primary Summit WM Controller, click Altitude APs. The Altitude AP screen is displayed. 14 In the Security Mode, select one of the security mode options.
Availability and Mobility configuration Viewing the active Wireless APs report To view the active Wireless APs report: 1 From the main menu, click Reports & Displays. The Reports & Display screen is displayed. 2 In the List of Displays, click Active Wireless APs. The Active Wireless APs display appears. Mobility overview The Summit WM Wireless LAN (WLAN) Solution allows multiple Summit WM Controllers (up to 12) on a network to discover each other and exchange information about a client session.
The agent: ● Uses SLP or a statically configured IP address to locate the manager. ● Uses the information from every heartbeat message received to update its own tables and updates the manager with the information on the wireless device users and data tunnels it is managing. If a connection to a manager is lost: ● Agent to agent connections still remain active, allowing seamless roaming to continue. ● The data link between the agents remains active after the loss of the manager.
Availability and Mobility configuration NOTE The Mobility Manager link is not displayed in the left pane with the demo license. 3 To enable mobility for this Summit WM Controller, select the Enable Mobility checkbox. The mobility options are displayed. 4 Select the This Summit Controller is a Mobility Manager option. The mobility manager options are displayed. 5 In the Port drop-down list, click the interface of the Summit WM Controller that is to be used as the mobility manager.
8 In the Add text box, type the IP address of the Summit WM Controller mobility agent. The IP address is displayed in the Permission List box. You can add as many agents you want by repeating Step 8. 9 In the Permission List box, select the IP addresses you want to approve. 10 Click Approve. The IP addresses are approved.
Availability and Mobility configuration To view mobility manager display: 1 From the main menu, click Reports. The Reports & Displays screen is displayed. 2 Click the appropriate mobility manager display. ● Client Location in Mobility Zone – Displays the active wireless clients and their status. You can perform the following actions on the Client Location in Mobility Zone display screen. ● ■ Sort this display by home or foreign Summit WM Controller.
Index A aaa network assignment, configuring privacy, 109 about this guide, 7 accessing the Summit WM Controller for the first time, 35 administrator password, changing, 39 Altitude 802.11n AP, 68 Altitude 802.
Index D data port cabling specification, Summit WM200/ 2000 controller, 19 defining global ospf parameters, 50 defining primary Summit WM Controller, 116 defining WM-AD with same ssid on both Summit WM Controller, 114 detection, intrusion, 10 dhcp for traffic bridged locally at wireless ap, 18 dhcp for wireless aps, 15 dhcp for WM-AD, 16 dhcp in Summit WM Controller, access points, and software solution, 14 dhcp relay for WM-AD, 17 dhcp, configuring in red hat linux server, 56 dhcp, configuring in windows
Index O ospf on Summit WM Controller, enabling globally, 49 ospf routing, configuring, 48 Outdoor AP, 68 P pending wireless aps, manually approving, 74 physical data ports, configuring, 44 physical description, Summit WM Controller, 18 ports set for ospf, confirming, 51 primary Summit WM Controller, defining, 116 privacy for ssid network assignment, configuring, 106 Summit WM200/2000 controller data port cabling specification, 19 Summit WM200/2000 controller front panel, 19 Summit WM200/2000 controller l
Index 97 WM-AD, configuring privacy, 106 WM-AD, defining one with same ssid on both Summit WM Controller, 114 WM-AD, dhcp, 16 WM-AD, dhcp relay, 17 wpa-psk, configuring, 107 126 Summit WM Getting Started Guide, Software Version 5.
