Wireless LAN Mobility System Wireless LAN Switch Manager User’s Guide 3CRWXR10095A, 3CRWX120695A, 3CRWX440095A http://www.3com.com/ Part No.
3Com Corporation 350 Campus Drive Marlborough, MA USA 01752-3064 Copyright © 2005, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission from 3Com Corporation.
CONTENTS ABOUT THIS GUIDE Conventions 9 Documentation 10 Documentation Comments 1 11 GETTING STARTED Hardware Requirements for 3WXM Client 13 Hardware Requirements for 3WXM Services 14 Software Requirements 14 Preparing for Installation 15 User Privileges 15 Serial Number, License Key and Activation Key 15 HP OpenView Network Node Manager 16 Resource Allocation 16 3WXM Services Options 16 Installing 3WXM 18 Unpacking Files 18 Using the Installation Wizard 18 Start the 3WXM Services 18 Connect 3WXM Client
2 PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM Overview 29 Which Services To Provide? 30 Network Plan 31 RF Coverage Area 31 RF Auto-Tuning 32 RF Auto-Tuning with Modelling 32 RF Planning 33 Which Planning Method Should I Use? 33 Configuration 35 Wireless Configuration 36 AAA Security Configuration 38 Authentication 38 Authorization 40 Accounting 40 System and Administration Configuration 40 Configure Basic WX Switch Properties 41 Configure WX Switch Connection Information Configure Boot Informati
3 CONFIGURING WIRELESS SERVICES Overview 51 Configure Employee Access Services 52 Task Table 52 Step Summary 56 Example: Configure Employee Access 57 Create a Service Profile 57 Create a Radio Profile 59 Configure RADIUS Servers 61 Specify Network Access Rules 64 Set Up VLANs on WX Switches 66 What’s Next? 68 Configure Guest Access Services 69 Task Table 70 Step Summary 71 Optional: Configure Mobility Profiles 73 Configure Local Authentication 74 What’s Next? 76 Configure Voice over Wireless IP Service 77
5 USING RF AUTO-TUNING WITH MODELLING Overview 99 Add Site Information 100 Insert RF Obstacles 104 Create Your RF Coverage Area 106 Create a Wiring Closet 106 Create Your RF Coverage Area 107 Add MAPs 109 Associate MAPs to the Coverage Area What’s Next? 112 6 USING RF PLANNING Overview 113 Prepare the Floor Drawings 114 Define Site Information 115 Import a Floor Plan 120 Set the Scale 121 Clean Layout 122 Model RF Obstacles 125 Import a Site Survey 127 Plan RF Coverage 127 Add Wiring Closets 127 Create C
MANAGING AND MONITORING YOUR NETWORK Overview 143 Deploy Your Configuration 144 Perform Basic Administrative Tasks 146 Configuring WX Management Services 146 Distributing Image and Configuration Files 147 Using the Image Repository 148 Distributing System Images 148 Distributing WX Configuration Files 149 Saving Versions of Network Plans 150 Importing or Exporting Switch Configuration Files Monitoring Examples 153 Monitor an Individual User 153 Find the User 154 Place User on Watch List 155 Locate the Us
INDEX
ABOUT THIS GUIDE This manual shows you how to plan, configure, deploy, and manage a Mobility System wireless LAN (WLAN) using the 3Com Wireless LAN Switch Manager (3WXM). Read this manual if you are a network administrator or a person responsible for managing a WLAN. If release notes are shipped with your product and the information there differs from the information in this guide, follow the instructions in the release notes.
CHAPTER : ABOUT THIS GUIDE This manual uses the following text and syntax conventions: Table 2 Text Conventions Convention Description Menu Name > Command Indicates a menu item that you select. For example, File > New indicates that you select New from the File menu. Monospace text Sets off command syntax or sample commands and system responses. Bold text Highlights commands that you enter or items you select.
Documentation Comments 11 Wireless LAN Switch Manager Reference Manual This manual shows you how to plan, configure, deploy, and manage a Mobility System wireless LAN (WLAN) using the 3Com Wireless LAN Switch Manager (3WXM). Wireless LAN Switch and Controller Installation and Basic Configuration Guide This guide provides instructions and specifications for installing a WX wireless switch in a Mobility System WLAN, and basic instructions for deploying a secure IEEE 802.11 wireless service.
CHAPTER : ABOUT THIS GUIDE
1 GETTING STARTED This chapter contains information about recommended system requirements you should meet for optimum 3WXM performance, installing 3WXM client and 3WXM Services software, and an introduction to using the 3WXM interface. Hardware Requirements for 3WXM Client Table 3 shows the minimum and recommended requirements to run the 3WXM client in Windows.
CHAPTER 1: GETTING STARTED Hardware Requirements for 3WXM Services Table 4 shows the minimum and recommended requirements to run the 3WXM Services in Windows. Table 4 Hardware Requirements for Running 3WXM Services in Windows Software Requirements Minimum Recommended Processor Intel Pentium 4 2.4 GHz or equivalent Intel Pentium 4 3.
Preparing for Installation Preparing for Installation User Privileges 15 Before you install 3WXM, make sure you have the appropriate administrative privileges on the system and a license key if required. If you plan to install the HP OpenView plug-in for 3WXM, which allows you to integrate 3WXM into an HP OpenView environment, make sure that HP OpenView is already installed.
CHAPTER 1: GETTING STARTED Once the activation key has been accepted, you may enter an Unlimited Device license key. This will require its own activation key, which can be obtained in the same manner. If you are registering your product using the web browser on a different host, and you wish to register for the 30-day trial, then you will need to select 3CWXMA as the software that you are registering. If you have a license key, then you should select 3CWXM10A.
Preparing for Installation 17 application share 3WXM Services to access network plans and monitoring information. See Figure 1. Figure 1 3WXM Services in Shared Mode During the 3WXM installation, you can select to install the 3WXM Services and 3WXM client, or the client only. If you select the option that installs 3WXM Services, the services are installed with default settings that are adequate for getting started. Network plans are stored on the server. By default, only local access is allowed.
CHAPTER 1: GETTING STARTED Installing 3WXM The same 3WXM install program installs either just the 3WXM client or both the 3WXM client and 3WXM Services. This section contains information about the following topics: Unpacking Files “Unpacking Files” on page 18 “Using the Installation Wizard” on page 18 To unpack files on Windows systems: 1 Insert the 3WXM CD in the CD-ROM drive. If Autorun is enabled, wait briefly for the install program to start.
Installing 3WXM 19 Connect 3WXM Clients to 3WXM Services To connect the client to Services: 1 Select Start > Programs > 3Com > 3WXM > 3WXM. The 3WXM Services Connection wizard is displayed. 2 Enter the IP address or fully-qualified hostname of the machine on which the service is installed. If 3WXM Services is installed on the same machine as the one you are using to run 3WXM client, enter 127.0.0.1 as the IP address. This is a standard IP loopback address.
CHAPTER 1: GETTING STARTED To configure 3WXM Services: 1 Select Tools > 3WXM Services Setup dialog box from the 3WXM main tool bar. The 3WXM Services Setup wizard is displayed. 2 You can optionally configure the following: Select the arrow buttons to change the HTTPS Server Port, which is the port on which 3WXM Services listens for requests from 3WXM client. Select the arrow buttons to change the SNMP Trap Receiver Port, which is the port on which SNMP traps are received.
Installing 3WXM 21 On each switch in the network plan, you must enable notifications and configure 3WXM Services as a notification target (trap receiver). 3WXM Services does not start listening for SNMP notifications from switches until you save the network plan. From the Key Store area of the window, specify security settings. From the Access Control area, define user accounts. For more information about access control, see “3WXM Access Control” on page 21.
CHAPTER 1: GETTING STARTED 3 Select Add Admin Account, Add Provision Account, or Add Monitor Account. A dialog box is displayed. 4 Enter the account name and the password and click OK. 5 To remove an account, click Remove Account.
3WXM Interface 23 4 Information panel displays information about an object you select from the navigation tree under the Organizer panel. The information is dependent upon the object selected. The Network Activity icon displays statistics for management traffic between 3WXM and the WX switches in the network plan. You can click on the icon to display more details. The Lock icon indicates whether the network plan has been locked. When you make changes to a network plan, 3WXM locks it on the server.
CHAPTER 1: GETTING STARTED Using Menu Bar and Toolbars The Main window and individual panels have a menu bar at the top to select certain actions. Select an item from the menu bar, then select an action from the dropdown menu. See Figure 3. Figure 3 Menu Bar with Dropdown Menu Setting Preferences You can set network and user interface preferences, as well as preferences for save interval and autosave, certificate handling, RF monitoring, and logging.
3WXM Interface Easy Configuration Using Wizards 25 Wizards help walk administrators through configuration steps. There are several wizards in the 3WXM application. Enter the required fields and click Next at the bottom of the wizard to display the next step. Click Cancel to discard any changes made with the wizard. When you are done, click Finish to save changes. You can right-click on many objects to display the Insert option.
CHAPTER 1: GETTING STARTED Shortcut to Wizards and Editing Properties Shortcuts are built into the 3WXM interface to quickly access wizards and for editing properties for selected objects. To use shortcuts: 1 Right-click an object from the topology tree in the Organizer panel. 2 Select one of the options displayed. You can select Edit to edit object properties, or Insert to display a wizard that assists you to create a new object.
3WXM Interface Getting Help 27 Click Help from the Main menu bar to access different types of help: 1 Select Help > 3WXM Help to display HTML help about configuring and using 3WXM. 2 Select Help > Licensing to view product licensing information, or to add an Unlimited Device license to the installation. 3 Select Help > Report Problem to report a problem to 3Com Technical Support. 4 Select Help > About 3WXM to display information about 3WXM and to display the Release Notes.
CHAPTER 1: GETTING STARTED
2 PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM This chapter contains information about planning and managing your wireless network with 3WXM. Planning your wireless network is highly recommended because it not only helps you configure and deploy it, but also aids in scaling and monitoring your network. 3Com provides you with flexible tools to assist with network planning. Overview You plan your wireless network to support the services you want to offer your employees, guests, or customers.
CHAPTER 2: PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM Which Services To Provide? A service is a concept (not a selectable item in the 3WXM interface) that represents a set of options you configure and deploy on your wireless network. You configure services to support the different levels of network access you need to provide. For example, a service configured to support employee access will have different options configured to provide greater access to the network.
Network Plan Network Plan 31 A network plan is the workspace in 3WXM you use to design a wireless network. You can better manage and visualize your network topology by creating a detailed and accurate network plan. You can start by creating a device-oriented (WX switches and MAPs) view of your network without any geographic information about your site—no floor dimensions, building material information, or RF obstacle information.
CHAPTER 2: PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM RF Auto-Tuning with Modelling, as with the RF Auto-Tuning technique, lets you set the auto tuning feature to adjust power and channel settings to provide RF signals to the coverage area for your users. Enhance the auto tuning feature by providing modelling information about your geographic location.
RF Coverage Area RF Planning 33 To do RF Planning, you provide detailed information about your site and buildings by importing AutoCAD DXF™, AutoCAD DWG, JPEG, or GIF floor plan files of the buildings into 3WXM. As you import the floor plans, you can modify them to add or remove RF obstacles. 3WXM includes a library of attenuators for building obstacles. The library includes doors, walls, ceilings, and other physical obstructions that you can select.
CHAPTER 2: PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM Use the RF Auto-Tuning with Modelling technique if you want to better monitor your wireless network in terms of buildings, floors, or coverage areas. You may only be able to locate inaccurate or incomplete building and floor plans (perhaps only a JPEG file), but with even a bit more geographic modelling of your site, you boost your ability to manage and visualize your network.
Configuration 35 Table 7 Planning Techniques to Use Concern If yes, use If No, use Do I need to locate rogue APs? RF Planning or RF Auto-Tuning with Modelling RF Auto-Tuning Do I want to better monitor my wireless network in terms of buildings, floors, or coverage areas? RF Planning or RF Auto-Tuning with Modelling RF Auto-Tuning If RF Planning does not fit your requirements now, you can always use the RF Planning technique in the future when you have the need, the time, and the necessary floor p
CHAPTER 2: PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM This section contains information about: Wireless Configuration “Wireless Configuration” on page 36 “AAA Security Configuration” on page 38 “System and Administration Configuration” on page 40 Wireless configuration focuses on the configuration tasks (radio configuration and AAA configuration) you do to deliver the virtual wireless services you want to provide on your network.
Configuration 37 You must configure a radio profile to set attributes that you can apply to multiple radios. Rather than configuring each radio individually, you create a radio profile and apply it to multiple radios that you select. You can also create a radio profile as part of a domain policy and apply it to MAP access points on different WX switches. The radio profile can contain RF Auto-Tuning settings and IEEE 802.11 settings that control how the data is received and transmitted.
CHAPTER 2: PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM If services are being used for customer corporate entities (e.g. different airlines on an airport wireless net), then they would probably use 802.1X and strong encryption with web guest access for their airport club guests. If the services are being used to advertise multiple wireless service providers (WISP), such as T-MobileTM, Wayport ®, and Boingo WirelessTM, then these services would probably be completely open.
Configuration 39 Figure 8 Authentication Flowchart for Network Users Client associates with 3Com radio or requests access from wired authentication port Client requests encrypted SSID? Yes 802.1X rule that matches SSID? Client responds to 802.1X? Yes No No No Yes Authent. Allow succeeds? Yes Client No Refuse Client Authent.
CHAPTER 2: PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM Authorization Authorization is the method for providing users with specific rights to the network by associating attribute-value (AV) pairs to the user. AAA authorization works by assembling a set of attributes that describe what the user is authorized to perform.
Configuration 41 Using the default Mobility Domain or one you create, add a WX switch to the network plan that is a member or seed device of the Mobility Domain. You can then configure that WX, or you can just add it to the network plan, and configure it later. After you configure the WX switch and verify its configuration, you can deploy it to the network. You can create the following types of WX switches: WX4400—Provides four dual-interface gigabit Ethernet ports.
CHAPTER 2: PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM Basic configuration also includes specifying how you will manage the switch. You can manage it through HTTPS, telnet, and Secure Shell (SSH). You also can enable monitoring using the Simple Network Management Protocol (SNMP) to exchange information about network activity between your network devices. For more information about configuring basic WX switch properties, see “Perform Basic Administrative Tasks” on page 146.
Deployment 43 To physically install MAPs: 1 Instruct the cabling installer to run the Cat. 5 Ethernet cable from the closest wiring closet to intended location of the MAP. 2 Unpack the MAP, and select the appropriate mounting kit for your installation location. 3 Install the MAP at the indicated location on the floor. 4 Connect the Cat 5. Ethernet cable(s) to the MAP.
CHAPTER 2: PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM Management and Monitoring Understanding the management and monitoring tools available in 3WXM can help you to quickly identify and correct problems in your wireless network, as well as to provide you with the statistics and reporting information you need to optimize your network.
Management and Monitoring 45 You can display a topology view of your network, including the state and relationship of devices. You can right-mouse click on a device in the topology to display the status of that device. The display can include the wired network, third-party APs, and rogue access points (access points that are not authorized to operate in your network). You also can set thresholds for events.
CHAPTER 2: PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM You also can display trending information on a per-radio basis. Trending collects radio statistics and charts them on a time basis. For example, you could display average throughput rates for the previous 30 days, week, or day. You can display and print the charts from 3WXM, as well as generate a report.
Management and Monitoring 47 Rogue lifecycle events (when the rogue was first seen, by whom, and when it went away) Counter-measure activity The number of currently detected rogues is conveniently displayed in the Alerts panel. Event Logging Verification 3WXM incorporates a powerful and flexible display interface for all events collected by the system. Events are stored on a per-WX basis and are collected continuously.
CHAPTER 2: PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM Table 8 3WXM Reports Report Description Configuration Reports Inventory Report Provides information about the WX switches and MAPs in your network. Mobility domain configuration Provides a configuration overview, providing data that spans multiple WX switches. For example, it contains information about the AAA/RADIUS setup, SSIDs, and where they are configured.
RF Plan Optimization RF Plan Optimization 49 RF Plan Optimization is the importing of RF measurement data into an RF model to improve the accuracy of the model. A network plan contains the configuration settings that determine the performance of your wireless network. Optimization of the RF model leads to a more successful RF plan.
CHAPTER 2: PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM
3 Overview CONFIGURING WIRELESS SERVICES A service is a concept (not a selectable item in the 3wxm interface) that represents a set of options you configure and deploy on your wireless network. Services are configured to provide various levels of wireless network access to users, such as secure employee access, guest access, multi-hosted access, or Voice over Wireless IP (VoWIP) access.
CHAPTER 3: CONFIGURING WIRELESS SERVICES Configure Employee Access Services Services for Employee access are typically configured to provide secure, encrypted access to the wireless network. The following sections provide information about how to configure Employee access: “Task Table” on page 52 “Step Summary” on page 56 “Example: Configure Employee Access” on page 57 Table 9 on page 53 contains the tasks you need to perform to configure Employee access services.
Configure Employee Access Services 53 . Table 9 Creating a Service for Employee Access Task Path Primary Parameters to Configure “Step Expand the WX switch icon 1 From the Create Service Profile Summary” on in the Organizer panel; wizard: page 56 right-click Service Profiles SSID name: enter name > Insert > Service Profile. The Service Profile wizard is SSID type: select encrypted displayed Beacon: select yes (to advertise the SSID) 2 Click Encryption tab: Security mode: select WPA 802.
CHAPTER 3: CONFIGURING WIRELESS SERVICES Table 9 Creating a Service for Employee Access (continued) Task Path “Configure RADIUS Servers” on page 61 Expand the WX switch icon 1 From RADIUS Server tab: in the Organizer panel, Click New RADIUS server right-click AAA > Edit; then click RADIUS Name: enter server name Primary Parameters to Configure IP Address: enter server IP address Key: enter key Authorization password: enter password Click Next 2 From RADIUS Server Group tab:
Configure Employee Access Services 55 Table 9 Creating a Service for Employee Access (continued) Task Path “Specify Network Access Rules” on page 64 Expand the AAA icon in the 1 From 802.1X Network Access tab: Organizer panel; right-click Network Access Rules > User Glob: enter ** Insert > 802.1X Network Access. SSID: enter SSID name Primary Parameters to Configure 2 From 802.
CHAPTER 3: CONFIGURING WIRELESS SERVICES Step Summary The following list summarizes the fields selected or configuration items entered in the example that follows to configure Employee access: 1 Create a service profile. From the Service Profile wizard, enter “Employees” as the Name of the service profile and “Employees” as the SSID. Select SSID Type Encrypted. Select Beacon. Select the Fall Through Authentication as None. Select Encryption. Select WPA for the Security Mode. Click Finish.
Configure Employee Access Services Click 802.1X Policy tab. Select Enabled. Set EAP Type to Pass-Through. Click Choose Available. Select the RADIUS server group. Click Finish. Click Finish again. 57 6 Setup VLANs on the WX switches. Example: Configure Employee Access From the Create VLANs wizard, click VLAN Setup. Select the VLAN ID number. Enter the VLAN name and the IP address. Click VLAN Member Selection tab. From Available Members, select port(s).
CHAPTER 3: CONFIGURING WIRELESS SERVICES To create a service profile: 1 Expand the WX switch icon in the Organizer panel, and select Service Profiles > Insert > Service Profile. The Create Service Profile wizard is displayed. 2 Enter the service profile and SSID names, and select SSID Type Encrypted. 3 Select Beacon (to advertise this SSID). 4 Select None for the type of Fall Through Authentication. Authentication is generally attempted in the following order: 802.
Configure Employee Access Services 59 6 Click next to WPA to enable it. The 802.1X Auth Enabled and TKIP Enabled options are automatically selected when you enable WPA. 7 Click Finish. The service profile Employees is displayed in the Organizer panel. Create a Radio Profile You configure a radio profile to set attributes that you can apply to multiple radios. Rather than configuring each radio individually, the radio profile is applied to multiple radios that you select.
CHAPTER 3: CONFIGURING WIRELESS SERVICES MAPs (and consequently, radios) need to be added to 3WXM after creating a radio profile. For more information about adding radios, refer to one of the following: “Using RF Auto-Tuning” on page 91 “Using RF Auto-Tuning with Modelling” on page 99 “Using RF Planning” on page 113 To create a radio profile and map a service profile to it: 1 Expand the WX switch in the tree topology to which you want to add a radio profile.
Configure Employee Access Services 61 5 Click Finish to save the changes and close the wizard. Configure RADIUS Servers Remote Authentication Dial-In User Service (RADIUS) is a client-server security protocol that provides authentication, authorization, and accounting for network users and devices. A RADIUS server stores user profiles, which include usernames, passwords, and other user attributes.
CHAPTER 3: CONFIGURING WIRELESS SERVICES To configure the RADIUS server in 3WXM: 1 Expand the WX switch icon in the Organizer panel, right-click on AAA, and select Edit. The Modify AAA wizard is displayed. 2 Click RADIUS to display the Modify RADIUS wizard, and click Next. The Create RADIUS Server wizard is displayed. 3 Type the name, IP address, key, and authorization password for the server; then click Finish. 4 Click Next to display the RADIUS Server Group page. 5 Click New RADIUS Server Group.
Configure Employee Access Services 63 Configure Attributes on the RADIUS Server To authenticate users, you will need to configure users either in the local database or on RADIUS servers. To configure services for Employee access, the following items should be configured on the RADIUS server. To configure the RADIUS server: 1 Configure RADIUS server to perform 802.1X using the recommended EAP method PEAP + MS ChapV2. 2 Setup each WX switch as a RADIUS client.
CHAPTER 3: CONFIGURING WIRELESS SERVICES Table 10 3Com VSAs (continued) Attribute End-Date Type, Vendor ID, Vendor Type 26, 43, 7 Rcv in Access Resp? Sent in Access Reqst? Sent in Acct Reqst? Yes No No Description Date and time after which the user is no longer allowed to be on the network. Use the following format: YY/MM/DD-HH:MM Start-Date URL 26, 43, 8 Yes 26, 43, 9 Yes No No Date and time at which the user becomes eligible to access the network.
Configure Employee Access Services 65 4 From the 802.1X Policy tab, select Enabled and Pass-Through as the EAP Type. This option uses the RADIUS servers to perform all the EAP and AAA processing. An EAP certificate does not need to be installed on the WX switch. 5 Click Finish. You can also create an offload configuration. An offload configuration allows a WX switch to offload some of the work from the RADIUS servers. The WX switch will perform EAP processing on behalf of the RADIUS servers.
CHAPTER 3: CONFIGURING WIRELESS SERVICES 6 Click Choose Available and select the RADIUS server group from the dropdown list. 7 Click Finish to close the Modify AAA wizard. Set Up VLANs on WX Switches WX switches in a Mobility Domain contain a user’s traffic within the VLAN the user is assigned to. For example, if you assign a user to VLAN red, the WX switches in the Mobility Domain contain the user’s traffic within VLAN red configured on the switches.
Configure Employee Access Services 67 You can configure the Spanning Tree Protocol (STP) on a VLAN. STP is used to maintain a loop-free network; meaning, devices will recognize a loop in the topology and block one or more redundant paths, creating a loop-free path. The Mobility System Software (MSS) supports Per-VLAN Spanning Tree protocol (PVST+). PVST+ allows a separate spanning tree in each VLAN. STP, disabled by default on all VLANS, is configurable for individual VLANs.
CHAPTER 3: CONFIGURING WIRELESS SERVICES 4 Click Next. The VLAN Member Selection page is displayed. 5 From the Available Members pane, select the network ports that will be used to reach the router interface and click Add. If the network port is an 802.1Q tagged trunk link, select the Tag checkbox for the port or port group. By default, the checkbox is not selected. To remove a tag for a port or port. Double-click the Tag Value column for the port or port group. Change the tag value.
Configure Guest Access Services Configure Guest Access Services 69 Guest access is access for visitors at your location and is typically clear (no encryption). This section contains the following information about how to configure Guest access services: “Task Table” on page 70 “Step Summary” on page 71 “Optional: Configure Mobility Profiles” on page 73 Table 11 on page 70 contains the tasks you must perform to configure Guest access services.
CHAPTER 3: CONFIGURING WIRELESS SERVICES Task Table Table 11 contains the tasks you need to perform to create Guest access services. For a summary of configurable items, see “Step Summary” on page 71. Table 11 Creating a Service for Guest Access Task Path “Step Summary” Expand the WX switch icon in the on page 56 Organizer panel; right-click Service Profiles > Insert > Service Profile. The Create Service Profile wizard is displayed.
Configure Guest Access Services 71 Table 11 Creating a Service for Guest Access Task Path Primary Parameters to Configure “Set Up VLANs on WX Switches” on page 66 Expand the WX switch icon in the Organizer panel, right-click VLANs > Insert > VLAN Setup guest VLAN on an WX switch that can access the external DMZ subnet.
CHAPTER 3: CONFIGURING WIRELESS SERVICES 3 Configure local authentication. From the Local User Database wizard, click User Group. Select New > User Group, and enter a group name and a VLAN name. Add users to the group. Click Choose Available or New to add users. Click Next. Click User Attributes. Select User Attributes. Click Finish. Although normally, setting the VLAN is required, the special web-portal user that MSS creates for WebAAA assigns the VLAN instead.
Configure Guest Access Services 73 For detailed information about the steps, see the cross-references in the “Task Table” on page 70. New configuration items that were not part of the example “Configure Employee Access Services” on page 52 are included in the following sections. Optional: Configure Mobility Profiles Mobility Profile™ attributes allow or deny access to the network for a specific user or group of users.
CHAPTER 3: CONFIGURING WIRELESS SERVICES All—Include all MAP or wired authentication ports. Go to step 13. Selected—Include a selected list of ports. Go to the next step. None—Include no ports. Go to step 13. 7 Click Choose Available. The Physical Port Selection dialog box appears. 8 Select the ports to be included in the Mobility Profile. To make multiple selections. press Shift (for contiguous items) or Control (for noncontiguous items) while clicking items.
Configure Guest Access Services 75 MAC address users—These users are authenticated by a MAC address. For example, devices such as PDAs or cellular phones that do not support 802.1X authentication are identified when the WX switch discovers the MAC addresses of these devices from received frames. The MAC address is the username and is authenticated by the local database. You can group these users by creating user groups.
CHAPTER 3: CONFIGURING WIRELESS SERVICES 3 Click Choose Available to select users to add to the user group, or click Create to create new users. 4 Enter the user’s Name and user’s Password. Select the User Group to which the user belongs. Click Next. The Create User wizard is displayed. 5 Select any User Attributes you would like applied to the user. 6 Click Finish. What’s Next? After you create Guest services, you can create another service.
Configure Voice over Wireless IP Service 77 For information about deploying your configuration and enabling monitoring your network, refer to: Configure Voice over Wireless IP Service “Managing and Monitoring Your Network” on page 143. Voice over Wireless IP (VoWIP) is a new technology, merging VoIP (Voice over IP) with 802.11 wireless LANs to create a wireless telephone system.
CHAPTER 3: CONFIGURING WIRELESS SERVICES Task Table Table 12 contains the tasks you need to perform to create VoWIP access services. For a summary of configurable items, see “Step Summary” on page 81.
Configure Voice over Wireless IP Service 79 Table 12 Creating a Service for VoWIP Access (continued) Task Path “Configure Local Expand the WX switch icon in the Authentication” Organizer panel, right-click > AAA on page 82 > Edit; click Local User Database or Configure authentication using RADIUS Primary Parameters to Configure 1 Click User: Select New MAC Address User 2 Click User: User MAC Address: enter user’s VoWIP device MAC address (Optional) MAC User Group: select a group Click Ne
CHAPTER 3: CONFIGURING WIRELESS SERVICES Table 12 Creating a Service for VoWIP Access (continued) Task Path “Specify Network Access Rules” on page 64 1 From MAC Network Access page: Expand the AAA icon in the Organizer panel; right-click Network Access Rules > Insert > MAC Matching user Glob: enter ** Network Access SSID: enter SSID name Primary Parameters to Configure 2 From Authentication tab: “Set Up VLANs on WX Switches” on page 66 Expand the WX switch icon in the Organizer panel, right-
Configure Voice over Wireless IP Service Step Summary 81 The following list summarizes the fields selected or configuration items entered in the example that follows to configure VoWIP access: 1 Create a service profile. From the Service Profile wizard, enter “VoWIP” as the Name of the service profile and “VoWIP” as the SSID. Select SSID Type Encrypted. Do not select Beacon. Select the Fall Through Authentication as None. Select Encryption.
CHAPTER 3: CONFIGURING WIRELESS SERVICES Click VLAN Member Selection tab. From Available Members, select the VLAN name for the VoWIP phones. Select port(s) to reach other ports on the VoWIP VLAN or the VoWIP gateway/PBX. Click Add. Click Spanning Tree tab. Select STP options. Click Spanning Tree Port Setup tab. Select STP port options. Click VLAN IGMP tab. Uncheck enabled. Click Finish. 6 Create ACLs. From the Create ACL wizard, enter a name for the ACL.
Configure Voice over Wireless IP Service 83 MAC address users—These users are authenticated by a MAC address. For example, devices such as PDAs or cellular phones that do not support 802.1X authentication are identified when the WX switch discovers the MAC addresses of these devices from received frames. The MAC address is the username and is authenticated by the local database. You can group these users by creating user groups.
CHAPTER 3: CONFIGURING WIRELESS SERVICES Configure Access Control Lists You can control access using security access control lists (ACLs). Security ACLs permit or deny traffic based on IP protocol, IP addresses and, optionally, TCP or UDP port. They also can be used to set type-of-service (TOS) and class-of-service (CoS) values in a packet.
Configure Voice over Wireless IP Service 85 Example: Creating an ACL for SpectraLink Wireless Phones The following example illustrates how to define an ACL on a WX switch in an environment where SpectraLink® wireless phones are used. To define an ACL on a WX switch and add ACEs: 1 Expand the WX switch icon in the Organizer panel; right-click on ACLs > Insert > ACL. The Create ACL wizard is displayed. 2 Enter the name for the ACL in the ACL Name field. 3 Click New. Select New L4 Protocol ACE.
CHAPTER 3: CONFIGURING WIRELESS SERVICES 4 Click New. Select IP ACE. Create a second ACE as a “catch-all” ACE, permitting other traffic to pass at a normal priority through the WLAN. 5 Click Finish. The Create ACL wizard is displayed again with the two ACEs displayed.
Configure Voice over Wireless IP Service 87 6 Click Finish to save the ACL. 7 Click ACL Map at the top of the Create ACL wizard to map the ACL. Map the ACL to ports (or port groups), VLANs, or virtual ports. You cannot map an ACL to an MAP port or a wired authentication port. Example: Creating an ACL for Avaya Wireless Phones The following example illustrates how to define an ACL for an environment where Avaya® wireless phones are using Avaya Media Servers and Call Controllers in a WLAN.
CHAPTER 3: CONFIGURING WIRELESS SERVICES This ACE (as well as the next one) matches the DiffServ codepoints that Avaya equipment uses for call setup and call control traffic. Select 7 for the CoS value to map the ACL to an elevated priority. If Wi-Fi Multimedia (WMM) support is disabled, use 6 or 7 for SVP, and use 4 or 5 for other VoWIP types. When WMM is disabled, the MAP forwarding queue that maps to CoS values 6 and 7 is optimized for SVP.
Configure Voice over Wireless IP Service 89 d Click New. Select New IP ACE. This ACE is a generic “catch-all,” permitting other traffic to pass at a normal priority through the WLAN. Click Finish. 4 The ACL properties are displayed. 5 Click Finish to save the ACL. 6 Map the ACL to ports (or port groups), VLANs, or virtual ports. Click ACL Map at the top of the Create ACL wizard to map the ACL. You cannot map an ACL to a MAP port or a wired authentication port.
CHAPTER 3: CONFIGURING WIRELESS SERVICES What’s Next? After you create VoWIP access services, you can create another service. For information about configuring an additional service, refer to: “Configure Guest Access Services” on page 69 You can create your RF environment, and deploy your configuration and enable monitoring.
4 Overview USING RF AUTO-TUNING RF Auto-Tuning is a technique you can use to configure your RF (radio) network. RF Auto-Tuning is a quick method that requires minimal configuration and no RF planning or site surveys, and instead, relies on the AutoTune feature to set MAP channels and power settings. This is a great way to quickly install a WX switch and MAPs, and observe how the network operates. The RF Auto-Tuning technique is best suited to networks containing fewer MAPs.
CHAPTER 4: USING RF AUTO-TUNING Place Your Equipment You will need to unpack and physically install your WX switches and MAPs. For information about installing your equipment, see “Equipment Installation” on page 42. Configure Initial WX Switch Connectivity After installing a WX switch, you must use the command-line interface (CLI) to prepare it for configuration and management by 3WXM. Use the Web Quick Start (if available), or enter the quickstart command at the CLI prompt.
Upload the WX Switch Configuration into a 3WXM Network Plan 93 To upload the WX switch configuration into a 3WXN network plan: 1 From the main 3WXM window, select File > New. The Options wizard appears. 2 Enter a name for your network plan, select a Country Code, and click Finish. 3 Select Manage > Managed Devices from the main menu bar; then click Upload. The Upload Wireless Switch wizard is displayed. 4 Enter the IP address and the enable password for the WX switch containing the configuration.
CHAPTER 4: USING RF AUTO-TUNING 6 The certificate is verified, and the WX switch added to 3WXM. 7 The WX switch is now visible in the Equipment section of the Organizer panel on the left side of the 3WXM main window. Create a Service Profile A service profile contains the configuration for the service you want to offer, such as employee access, guest access, or multi-hosted access. For more information about service profiles, see “Wireless Configuration” on page 36.
Create a Radio Profile and Map the Service Profile to It 95 2 Click Wireless. Click Service Profile and select New Service Profile. 3 Enter the name and SSID for the service profile, and the type of encryption. 4 Select whether you want to Beacon (advertise) this SSID. 5 Select the type of Fall Through Authentication. Select None for no authentication, Web Portal for web authentication, or Last Resort. Authentication is attempted in the following order: 802.
CHAPTER 4: USING RF AUTO-TUNING 5 Click the Service Profile Selection tab. 6 Select the service profile that you want to map to the radio profile, and click Add. 7 Click Finish to save the radio profile configuration. 8 Click Finish again to close the Modify Switch wizard.
Create Your MAPs Create Your MAPs 97 Depending on how your MAPs are connected to a WX switch, you need to create a direct connect MAP or a distributed MAP in your network plan in 3WXM. A direct connect MAP is connected to the wired network through a direct 10/100 Ethernet connection to a WX switch. A distributed MAP is connected to the WX switch indirectly through other Layer 2 or Layer 3 wired networking devices.
CHAPTER 4: USING RF AUTO-TUNING Apply a Radio Profile to Each Radio When you create a MAP, a new radio (or radios, depending upon the type of MAP created) are added into 3WXM. The radios use the default radio profile in 3WXM unless you create a new radio profile and apply it to each radio on the MAP. For more information about creating a radio profile, see “Create a Radio Profile and Map the Service Profile to It” on page 95.
5 Overview USING RF AUTO-TUNING WITH MODELLING RF Auto-Tuning with modelling is a technique you can use to configure and implement your network that builds on the RF Auto-Tuning method. You will, as the name implies, still use RF Auto-Tuning (auto tuning) to adjust power and channel settings to provide RF signals to the coverage area for your users. You’ll then enhance the auto tuning feature by providing modelling information about your geographic location.
CHAPTER 5: USING RF AUTO-TUNING WITH MODELLING Add Site Information By adding minimal information about your buildings and floors at your site, you support improved monitoring for your network. You can manually add building and floor information or you can import a floor. For information about importing a floor plan, see “Import a Floor Plan” on page 120. To add site information: 1 Without selecting any object in the Organizer panel, select Config > Insert > Site from the main 3WXM menu.
Add Site Information 4 Click Next to configure building information. The Building page appears.
CHAPTER 5: USING RF AUTO-TUNING WITH MODELLING To create a building: 1 Click New Building to add a building to the site. The Create Building wizard appears. 2 In the Building Name box, type the name of the building (1 to 30 alphanumeric characters, with no spaces or tabs). 3 In the Number Of Floors box, specify how many floors the building has. 4 In the Starting Floor Level box, specify the floor number of the first floor in the building.
Add Site Information 103 5 In the Skip Floor Levels box, specify floor numbers you want to skip. Skipping floors is useful when you want to model only certain floors in a building. To enter a list of floors, use commas to separate the floor numbers (example: 1,3,7). To enter a range, use a hyphen (example: 8-12). 6 Click Apply Changes to apply the numbering changes to the plan.
CHAPTER 5: USING RF AUTO-TUNING WITH MODELLING Insert RF Obstacles Add major RF obstacles that will affect the placement of your MAPs, such as solid walls, barriers, or elevator shafts. To add RF obstacles: 1 The Organizer panel is displayed on the left. Expand Sites, right-click on a building, and select Edit. The Modify Building wizard is displayed. 2 Select a shape under Insert RF Obstacle that most closely matches the RF obstacle you wish to place.
Insert RF Obstacles 105 6 Click on the A, B, or G icon on the Floor View bar to display the coverage area for that technology.
CHAPTER 5: USING RF AUTO-TUNING WITH MODELLING Create Your RF Coverage Area Create a Wiring Closet To create your RF coverage area, you create a wiring closet (mandatory if you have direct MAPs in your plan), designate an area for RF coverage, and add your distributed MAPs or direct MAPs to the coverage area. Distributed MAPs are indirectly attached through intermediate Layer 2 or Layer 3 devices. Direct MAPs are directly attached to dedicated WX switch ports.
Create Your RF Coverage Area Create Your RF Coverage Area 107 To create your RF coverage area: 1 From the Modify Building wizard, click Plan RF coverage. 2 Select a shape from Insert Areas, and draw the RF coverage area you want to add to the floor by clicking and dragging the mouse. The Coverage Area Choices wizard is displayed. 3 Select one or more technologies you want to use in the coverage area. 4 Click Next.
CHAPTER 5: USING RF AUTO-TUNING WITH MODELLING 5 Enter a name for the area. 6 Click Next. 7 Select your Mobility Domain, Radio Profile, and Service Profile. If you do not have a Service Profile, click Create to create a Service Profile and associate the Service Profile to a Radio Profile. For more information about creating a Service Profile, see “Create a Service Profile” on page 94 and “Create a Radio Profile and Map the Service Profile to It” on page 95. 8 Click Finish.
Create Your RF Coverage Area 109 9 The coverage area is now displayed on your floor. Add MAPs Add your direct MAPs or distributed MAPs to your network. To add direct MAPs or distributed MAPs to your network: 1 If you have not already done so, create a wiring closet and associate your WX switches to the closet. For more information, see “Create a Wiring Closet” on page 106. 2 Go to “Create Your MAPs” on page 97 for information about adding direct MAPs or distributed MAPs to your network.
CHAPTER 5: USING RF AUTO-TUNING WITH MODELLING Associate MAPs to the Coverage Area Associate both your distributed MAPs and direct MAPs to a coverage area on the floor. To associate MAPs to the coverage area: 1 In the Organizer panel, expand Sites. Right-click on the coverage area, and select Edit. The Modify Coverage Area is displayed. 2 Select the Area Associations tab. 3 Click Choose Available.
Create Your RF Coverage Area 111 4 In the Sites section of the Organizer panel, right-click on the building and select Edit. The Modify Building wizard is displayed. Click on Plan RF Coverage at the top of the wizard. View the MAPs that have been associated to the coverage area. 5 Select the Object to Place tab. You can select the MAP to drag and drop it onto any location on the floor plan.
CHAPTER 5: USING RF AUTO-TUNING WITH MODELLING 6 The MAP is shown on your floor plan.
6 Overview USING RF PLANNING RF Planning is a technique you can use to import detailed information about your site into 3WXM, add RF obstacle information and third-party APs, and configure your RF coverage area at a finer level than is possible using the RF Auto-Tuning with modelling technique. By defining sites, buildings, and floors, you provide 3WXM with the necessary information to modularly manage large networks based on geographical or organizational boundaries.
CHAPTER 6: USING RF PLANNING Prepare the Floor Drawings If your floor drawings are contained in JPEG or GIF files, this step does not apply. Go directly to “Define Site Information” on page 115. If you plan to import AutoCAD DXF™ or AutoCAD DWG files into 3WXM, you should perform some “clean up” work before importing the files. Doing this work before you import the files into 3WXM creates a more compact file, requiring less storage space.
Define Site Information 115 After you import the file into 3WXM, you have the opportunity to remove any unnecessary objects overlooked during your initial preparation of the floor drawings. To do this, you can use the Clean Layout feature and other editing tools in the Building wizard. For more information about how to prepare the AutoCAD files for 3WXM, refer to the Wireless LAN Switch Manager Reference Manual.
CHAPTER 6: USING RF PLANNING 4 In the Network Plan Name box, type a name for the network plan. You can use 1 to 60 alphanumeric characters, with no spaces, tabs, or any of the following: slash (/), backslash (\), quotation marks (“ ”), asterisk (*), question mark (?), angle brackets (< >), or vertical bar (|). 5 In the Country Code list, select the country where the network is to be deployed. You must select a country code before continuing.
Define Site Information 117 7 If 3WXM detected third-party (non-3COm) APs, they appear in the Third Party AP list. If you want to include any of the listed third-party APs in your network plan, click Choose Available and select the APs from the list. 8 Click Next to save the network plan on the server and open it in 3WXM. To add site information: 1 Without selecting any object in the Organizer panel, select Config > Insert > Site from the main 3WXM menu. The Create Site wizard appears.
CHAPTER 6: USING RF PLANNING
Define Site Information 119 To configure building information: 1 Click New Building to add a building to the site. The Create Building wizard appears. 2 In the Building Name box, type the name of the building (1 to 30 alphanumeric characters, with no spaces or tabs). 3 In the Number Of Floors box, specify how many floors the building has. 4 In the Starting Floor Level box, specify the floor number of the first floor in the building.
CHAPTER 6: USING RF PLANNING 7 Select the Floor Defaults tab to modify floor defaults, such as ceiling height, ceiling type (ceiling building material), unit of measurement, and ceiling attenuation. Click Apply Changes. The default attenuation for ceilings is 10 dB for 802.11b/g and 802.11a. The ceiling height is based on the surface of the ceiling where the access points will be mounted, not on the center of the plenum space between floors. 8 Click Next. The Edit Content page is displayed.
Define Site Information 121 To import a floor plan: 1 Click the Import Floor Layout button on the Layout tab. Browse to the file you wish to import. The floor plan is imported. Set the Scale Set the scale on your floor plan to better define the distance between objects in your network. To set the scale: 1 The Organizer panel is displayed on the left. Expand Sites, right-click on a building, and select Edit. The Modify Building wizard is displayed. 2 Click the Ruler icon above the floor plan.
CHAPTER 6: USING RF PLANNING c Click OK. You may want to zoom in the object to be used to define the scale to make this task easier. Clean Layout Clean up your floor drawings further if unnecessary objects still remain after your initial floor drawing cleanup. For more information about cleaning up your floor plans, see “Prepare the Floor Drawings” on page 114. To clean the floor drawings: 1 The Organizer panel is displayed on the left. Expand Sites, right-click on a building, and select Edit.
Define Site Information 123 Select the items you would like to remove from the floor plan. Select the layers you want to affect.
CHAPTER 6: USING RF PLANNING 3 Click Next. Cleanup progress is displayed at the bottom of the wizard. 4 You can display a Before Cleanup and After Cleanup view when cleanup is complete. 5 When you are satisfied with the results, click Finish.
Model RF Obstacles Model RF Obstacles 125 When planning a 3Com network, you need to consider how the building layout and physical objects affect signal loss. Walls, windows, and doors absorb RF signals, and different building materials have different attenuation factors. You can model an RF obstacle on your floor plan and assign the obstacle type and attenuation factor, or you can assign an obstacle type and attenuation factor to objects in a DWG or DXF drawing.
CHAPTER 6: USING RF PLANNING To create RF obstacles for all objects in a layer: 1 The Organizer panel is displayed on the left. Expand Sites, right-click on a building, and select Edit. The Modify Building wizard is displayed. 2 Select the Edit Content tab. 3 Right-click on a layer and select Create RF Obstacle. Mouse over to the floor plan and draw the shape approximately. 4 Define the RF obstacle. 5 Click Finish. The layer’s objects are now obstacles in your floor plan.
Import a Site Survey Import a Site Survey 127 You can import RF measurement data by means of a site survey done outside of 3WXM. Using the Site Survey Order report from 3WXM, a map is created of your site that can be used in an Ekahau site survey. After the survey is complete, the measurement data can be imported back into 3WXM, and RF obstacles adjusted. In this way, actual, measured information about RF obstacles can be obtained and incorporated into your plan.
CHAPTER 6: USING RF PLANNING To add a wiring closet: 1 The Organizer panel is displayed on the left. Expand Sites, right-click on a building, and select Edit. The Modify Building wizard is displayed. 2 Click the Plan RF Coverage tab; then click the Door icon under Wiring Closet/Miscellaneous. The cursor in the floor view turns into a crosshair. 3 Mouse over and click on the floorplan to mark the location of the wiring closet. The Create Wiring Closet wizard is displayed.
Plan RF Coverage Create Coverage Areas 129 The RF coverage area is the geographical area in your network you define for RF coverage. As you configure the RF coverage area, consider the amount of bandwidth required for the area, as well as the number of users. You define the coverage area graphically on your floor plan using the coverage area drawing tool. Almost all shapes for a coverage area are possible.
CHAPTER 6: USING RF PLANNING 4 Specify the coverage area properties. To plan for capacity, check Capacity, select the number of users in the Expected Station Count, and leave the Data Rates baseline at the default. To plan for coverage, uncheck Capacity (if checked), and set baseline for Data Rates to the lowest value.
Plan RF Coverage 131 5 Click Next. 6 Specify the association information for the coverage area. Click Create or Modify beside Radio Profile. Specify a radio profile. Click Choose Available beside Service Profile List. Specify a service profile. 7 Select the primary and backup (optional) wiring closets. 8 Click Next.
CHAPTER 6: USING RF PLANNING 9 Specify additional area constraints. Select the WX Type and the Default MAP to be used in the network. Select how the MAPs are connected from the MAP Connection Type drop-down list.
Plan RF Coverage 10 Click Finish. The RF coverage area is displayed on the floor plan.
CHAPTER 6: USING RF PLANNING Compute and Place MAPs When you perform Compute and Place for one or more coverage areas, 3WXM automatically calculates the number of MAP access points you require and places them in appropriate locations on the floor. To do this, two calculations are performed in 3WXM: One is based on capacity (traffic engineering) and the other is based on pure RF coverage (at a given data rate).
Plan RF Coverage 135 4 The Building wizard displays the location for the MAPs in each coverage area. 5 Click Next.
CHAPTER 6: USING RF PLANNING Assign Channel Settings After identifying the MAP access points required for a coverage area, you need to assign channels to the MAP access points. Appropriate assignment of channels across the floor minimizes co-channel interference. The channel assignment algorithm assigns non-overlapping channels to neighboring APs from the selected channel set. Choose the starting floor and the ending floor (in the downward direction) for multi-floor channel assignment.
Plan RF Coverage 137 3 To change the starting floor for channel assignment, select the floor from Begin On Floor. By default, 3WXM starts at the top floor and works down. 4 To change the ending floor for channel assignment, select the floor from End On Floor. The ending floor number must be lower than or equal to the starting floor number. 5 Select the radio type from Technology. By default, 3WXM assigns channels for all radio types on the MAP access points placed in the building.
CHAPTER 6: USING RF PLANNING 7 Click Next. The Channel Assignment Progress page appears. 8 Review the results. The 802.11a channel assignments are listed on the 802.11a Radio(s) tab. The 802.11b/g channel assignments are listed on the 802.11b/g Radio(s) tab. 9 Click Finish to accept the channel assignments. The new channel assignments are reflected in the Coverage Areas pane.
Plan RF Coverage 139 3 You can checkbox Optimize AP Count. Use this option if you moved or added MAP access points on the floor plan after computing and placing them, or if you changed an MAP to model MP-262. This option is disabled by default. 4 Select Compute Power for the areas for which you want to compute power. 5 Click Next. The Compute Power For Progress page appears. Click Finish to see the results.
CHAPTER 6: USING RF PLANNING Data Rate—Coverage is shown in colored bands that represent each of the data transmit rates supported by the radio. These rates are standard for each radio type. RSSI—Coverage is shown based on the received signal strength indication (RSSI) of the radio’s signal heard by other radios. 2 Right-click on a coverage area and select Show RF Coverage. 3 Select the A, B, or G icon from the Floor View toolbar to view the coverage area for that technology.
Generate a Work Order Generate a Work Order 141 You can generate a work order as part of your wireless network planning. The work order provides all of the necessary information for the physical installation of the 3Com Mobility System. A work order shows where the MAP access points should be installed, WX initial setup configuration information, and projected RSSI information that is useful when verifying the installation. To generate a work order: 1 The Organizer panel is displayed on the left.
CHAPTER 6: USING RF PLANNING 5 To select the directory to which the work order report is saved, click Choose. The Select dialog box appears. 6 Click Generate Work Order. The work order is saved in the directory you specified in the format WO_scope_name_date. If you generate another order for the same scope on the same day, the old work order is overwritten. 7 After the work order is generated, click the View Work Order button. A browser window opens to display the work order in HTML format.
7 Overview MANAGING AND MONITORING YOUR NETWORK This chapter provides information to help you deploy the services you configured for your wireless network, enable communication between a 3WXM client and 3WXM Services, and enable and configure monitoring.
CHAPTER 7: MANAGING AND MONITORING YOUR NETWORK Deploy Your Configuration Any changes you make to your network in 3WXM are saved when you save the network plan on the server, but the changes are not applied to your network until they are deployed. You see the changes in 3WXM, but the changes are only local to 3WXM. When you deploy the configuration, you send the configuration from 3WXM to a live WX switch.
Deploy Your Configuration 145 a If you want to confirm that SNMP traps are enabled, expand the WX switch icon in the Organizer panel, right-click on SNMP, then select Edit. Click Notification Profile, select the profile, then click Modify to display the notification (trap or inform) setting for each notification type in the profile. For simplicity, modify the default profile, and select Enable to enable all notification types. Click Finish. b Click Notification Target.
CHAPTER 7: MANAGING AND MONITORING YOUR NETWORK To verify your deployment: 1 Select a WX switch from the Organizer panel. 2 Select the Status Summary tab. Up status (green) confirms a successful deploy. Perform Basic Administrative Tasks This section contains information about basic administrative tasks you can perform in 3WXM.
Perform Basic Administrative Tasks 147 Logging—The system log provides event information for monitoring and troubleshooting. You can send the log information to a local data buffer on a WX, to the console, to a Telnet session, and to a configured set of syslog servers. Tracing—Tracing allows you to review diagnostic information for debugging MSS. Tracing allows you to review messages about the status of a specific area of MSS.
CHAPTER 7: MANAGING AND MONITORING YOUR NETWORK Using the Image Repository Use the image repository to add or delete WX system images. The image file is checked and its version is verified when added to the image repository. Images are stored in the 3WXM_installation_directory\xml\images directory. To add a system image: 1 Select Tools > Image Repository. The Image Repository dialog box appears. 2 Click Add Image. The Add to Repository dialog box appears.
Perform Basic Administrative Tasks 149 2 In the Mobility Domain Selection list, select the Mobility Domain of the WX switch or switches you want to distribute images to. If the switches are not in a Mobility Domain, select None. 3 Select a WX or multiple WX switches. To select more than one WX, click Shift while clicking to select contiguous items, or click Ctrl while clicking to select noncontiguous items. 4 To select the system image to be distributed, click Select Image.
CHAPTER 7: MANAGING AND MONITORING YOUR NETWORK To distribute a WX configuration file: 1 In the main 3WXM window, select Manage > Distribute Images & Configuration. The Distribute Images & Configuration dialog box appears. 2 In the Mobility Domain Selection list, select the Mobility Domain of the WX switch or switches to which you want to distribute images. If the switches are not in a Mobility Domain, select None. 3 Select a WX or multiple WX switches.
Perform Basic Administrative Tasks 151 3 Click Next. The status of the saving process appears. 4 Click Finish. Saving Network Plans Automatically By default, 3WXM uses the autosave feature to automatically save changes to a network plan at regular intervals while you are working. To view or modify backup settings, select Tools > 3WXM Services Backup/Restore. The Backup/Restore dialog appears.
CHAPTER 7: MANAGING AND MONITORING YOUR NETWORK 3 To replace existing WX switch information in 3WXM with information from the configuration file, select Overwrite Existing WX Switches. 4 Click Select Files. The Select Files To Import dialog box appears. 5 Select one or more configuration files to be imported. To make multiple selections, press Shift (for contiguous items) or Control (for noncontiguous items) while clicking items. 6 Click Select Files To Import.
Monitoring Examples 153 6 To include the default configuration commands in the exported file, select Export Defaults. 7 Select the format for the exported file: CLI (ASCII) or XML. 8 For each WX whose configuration you want to export, make sure the Export checkbox is selected. 9 Click Export to begin the exporting process. Messages appear in the Status column in the WX List box and the Results box. The configuration is saved in the directory that you specified.
CHAPTER 7: MANAGING AND MONITORING YOUR NETWORK Find the User You can find a user or multiple users based on the following criteria: Username MAC address IP address VLAN name To find the user: 1 Select Monitor > New Monitor from the toolbar in the main 3WXM window. 2 On the Monitor tab, select Client Monitor from the Select a View drop-down list. 3 Click on the Client Monitor window’s toolbar. 4 Enter the type of search you want to perform, and select the scope for the search.
Monitoring Examples 155 Place User on Watch List If viewing the user’s current activity does not conclusively indicate the source of the problem, you can place the user on a watch list. Statistics polled for a watch list are gathered over time—up to 30 days. In this way, a pattern of events or statistics may be revealed, indicating the cause of the problem. To place a user on a watch list: 1 Click the Client Sessions tab in the Client Monitor window.
CHAPTER 7: MANAGING AND MONITORING YOUR NETWORK 6 The user’s location is shown as a contour on the floor plan. The user is somewhere on that contour line.
Monitoring Examples 157 Display User Activity You can display the event types displayed for the user. Disassociation events can occur, and users dropped from the network. These events can indicate the reason why access is barred or performance slow for the user. For example, typical authorization failures occur if the local database or RADIUS server fails to recognize a user. To display user activity: 1 On the Monitor tab, select Client Monitor from the Select a View drop-down list.
CHAPTER 7: MANAGING AND MONITORING YOUR NETWORK View Long-Term User Statistics If the user’s complaint cannot be traced to a specific problem using current statistics, you can view user activity for the next 30 days. To view long-term user statistics: 1 Click on the Client Watch List tab and select the user. 2 In the Client Details section of the window, select Trend: Lifetime MAP Stats to graph the watch list user’s activity over all MAPs.
Monitoring Examples 159 3 Select the Trend: Session Stats tab to display Operational Rate, SNR, and RSSI statistics. Signal to Noise Ratio (SNR) statistics can help you determine whether the interference is being created by too much noise on a channel. Receive Signal Strength (RSSI) statistics can indicate whether a low signal strength is creating the user’s performance problem. Operational rate statistics display the throughput per second. The following throughput rates are optimum: 802.
CHAPTER 7: MANAGING AND MONITORING YOUR NETWORK A high number of Transmit Timeouts for either the Current MAP or Lifetime of the user can indicate interference problems. 5 Select the Location History tab to view where the user has been roaming. These statistics indicate whether interference problems are occurring in specific areas of the WLAN.
Monitoring Examples Monitor a Group of Users 161 If a group of users in a specific area of a floor notify you that they are experiencing poor performance, target a radio or multiple radios, and view the noise and events. RF statistics are found under the RF Monitor and RF Trends tabs. To view the RF monitor statistics: 1 Expand the WX switch icon in the Equipment section of the Organizer panel, then expand Ports/MAPs. Expand a MAP, and select a radio.
CHAPTER 7: MANAGING AND MONITORING YOUR NETWORK To view trends: 1 Expand the WX switch icon in the Equipment section of the Organizer panel, then expand Ports/MAPs. Expand a MAP, and select a radio. Go to Monitor > New Monitor and select RF Trends from the Select a View drop-down list on the Monitor tab. You can view trends for a WX switch or a MAP, too. 2 View the Client Failures count. A high count can indicate a problem with the radio.
Monitoring Examples Monitor a Rogue 163 MAP radios automatically scan the RF spectrum for other devices transmitting in the same spectrum. The RF scans discover other radios, some of which may not be in the network plan. MSS considers the non-planned radios to be potential rogues, and places them on a rogue list. A rogue access point is an access point that is not authorized to operate in your network.
CHAPTER 7: MANAGING AND MONITORING YOUR NETWORK To locate a rogue: 1 From the Alerts panel, click on Rogue Detection. The Rogue Detection tab is displayed, containing the current rogue list. 2 View statistics on a single rogue. Select a rogue from the Rogue List. Select the Activity Log tab. The number of listeners (other MAPs) that detected the rogue are displayed. The larger the number of listeners detecting the rogue, the easier it is for 3WXM to locate the rogue in the RF coverage area.
Monitoring Examples 165
CHAPTER 7: MANAGING AND MONITORING YOUR NETWORK Configuring Countermeasures You can enable MSS to use countermeasures against rogues. Countermeasures consist of packets that interfere with a client’s ability to use the rogue. Countermeasures are disabled by default. When you enable them, all devices of interest that are not in the known devices list become viable targets for countermeasures. Countermeasures are enabled on an individual radio profile basis.
Monitoring Examples 167 6 To enable countermeasures against rogues detected by radios managed by this profile, select one of the following from the Countermeasures Type pull-down list: None—Radios do not use countermeasures. This is the default. All—Radios use countermeasures against devices classified by MSS as rogues and against devices classified by MSS as interfering devices. A rogue is a device that is in the 3Com network but does not belong there.
CHAPTER 7: MANAGING AND MONITORING YOUR NETWORK To verify that countermeasures are being taken against the rogue: 1 Select a rogue from the Rogue List in the Rogue Detection tab. Click the Activity Log tab. 2 The Status column will show countermeasure activity. If countermeasures start, stop, and start again, the rogue may have left the area, then returned, or another MAP in the coverage area may have taken over countermeasure activities from the last MAP to detect the rogue.
8 Overview OPTIMIZING A NETWORK PLAN Optimizing your network is a post-deployment technique. You can optimize your WLAN by importing RF measurement data to correct RF attenuation obstacle information in your network plan. You optimize your network plan because: You have a reported coverage problem in your network You want to verify your network RF coverage The RF measurement data you use to optimize your network plan can originate from: MAPs in your network.
CHAPTER 8: OPTIMIZING A NETWORK PLAN The following sections describe how to import RF measurements from your network, or how to import RF measurements from an Ekahau site survey. Using RF Measurements from MAPs You can apply the RF measurements derived from the MAPs in your WLAN (which regularly monitors the RF environment) to your network plan. The RF measurements are taken from MAP radios. After you apply the RF measurements, the floor’s RF model (obstacles) will be optimized with this data.
Using RF Measurements from MAPs 171 5 Click Next. The import progress is displayed. When the import is done, check the Total valid RF measurements found line in the progress messages. If the number is greater than 0, 3WXM successfully imported measurements. If the number is 0, no measurements were imported. Try the import again. If you are using a site survey file, verify that the map name is correct. After you apply the network RF measurements, you correct the attenuation factors for the floor.
CHAPTER 8: OPTIMIZING A NETWORK PLAN Using RF Measurements from an Ekahau Site Survey RF measurements come from a site survey file generated by the Ekahau Site Survey tool. To perform a site survey: In 3WXM—View your RF coverage area. In 3WXM—Generate a site survey work order, specifying the area you want to survey. A Joint Photographic Experts Group (JPEG) (.jpeg, .jpg) file is generated. Import the generated JPEG file into the Ekahau Site Survey tool. Set the scale of the drawing.
Using RF Measurements from an Ekahau Site Survey Generating an Ekahau Site Survey Work Order 173 The site survey order contains the locations and MAC addresses of the MAPs for use when conducting a site survey, and also provides a JPEG image of the floor. To generate a site survey order: 1 Select Reports > Site Survey Order from the toolbar in the main 3WXM window. The Site Survey Order Generation dialog box appears.
CHAPTER 8: OPTIMIZING A NETWORK PLAN 2 Select the scope for the work order. You can select the network plan, a site, a building, or an individual floor. 3 Select the language: English or German 4 To change the output directory for the report, click on the button next to output directory, navigate to the new directory, and click Select. 5 Click Generate. 6 When the report is generated, click View. A browser window containing the report opens.
Using RF Measurements from an Ekahau Site Survey 175 8 Browse to the output directory and locate the JPEG file. Copy this file and import it into your Ekahau Site Survey tool. Proceed with your site survey.
CHAPTER 8: OPTIMIZING A NETWORK PLAN Importing RF Measurements from the Ekahau Site Survey After you complete the site survey, you import the csv file containing the RF measurements from the Ekahau Site Survey tool into your network plan. After you import your RF measurements, you optimize to correct attenuation for obstacles on the floor. To import RF measurements: 1 Access the Building wizard. Expand the Sites section of the Organizer panel to the building or floor you want to view.
Using RF Measurements from an Ekahau Site Survey 177 3 Click Import Measurements. The Import RF Measurements wizard appears. 4 Select File as the source of the measurements (or, you can select both Network and File). 5 Select the file format from the File Format listbox. 6 Click Choose to navigate to the csv file that contains the RF measurement data. 7 In the Map Name field, verify the map name. 8 The map name in the RF Neighborhood Source window must match the map name in the top line of the .
CHAPTER 8: OPTIMIZING A NETWORK PLAN 9 Click Next. The import progress is displayed. When the import is done, check the Total valid RF measurements found line in the progress messages. If the number is greater than 0, 3WXM successfully imported measurements. If the number is 0, no measurements were imported. Try the import again. If you are using a site survey file, verify that the map name is correct.
Optimizing the RF Coverage Model 179 After you import your RF measurements, you correct the attenuation factors for the floor. Go to “Optimizing the RF Coverage Model” next for information about this topic. Optimizing the RF Coverage Model An attenuation library is a set of attenuation values for the RF obstacles on a floor.
CHAPTER 8: OPTIMIZING A NETWORK PLAN 2 On the Optimize RF Coverage page of the Modify Building wizard, click Optimize. A wizard appears, listing the progress of the request. The Total number of RF measurements that did not intersect any object line lists the number of measurements that did not experience attenuation due to an RF obstacle in the path between them.
Locating and Fixing Coverage Holes 181 For RF obstacles created by 3WXM, the description is auto-generated and the obstacle type is Other. You can edit these values by selecting the obstacle, clicking the Edit properties icon to open the Modify RF Obstacle wizard, and modifying the values. Click Finish to close the wizard and save the changes. 3 Click Finish. You have optimized your RF coverage model with the new RF obstacle information.
CHAPTER 8: OPTIMIZING A NETWORK PLAN 3 In the Show RF coverage using listbox, select how you want to display the coverage: Baseline Association Rate—Coverage is shown based on the MAP radio baseline association rate. The baseline association rate is the typical data rate the radio is expected to support for client associations. (The baseline association rate is specified during planning, on a coverage area basis.
Locating and Fixing Coverage Holes Locking Down MAPs 183 To prevent 3WXM from moving a MAP on your network plan that you do not want to be redistributed, lock the MAP down. To lock down a MAP: 1 Display the RF coverage area. If you need information about how to display the RF coverage area, see “Displaying the RF Coverage Area” on page 181. 2 Right-click on a MAP in the RF coverage area, and select Lock.
CHAPTER 8: OPTIMIZING A NETWORK PLAN Fixing a Coverage Hole After you import RF measurements, rebuild the attenuation library, and display coverage, you can observe any wireless coverage holes in the network. To fix a coverage hole, use any of the following methods: Use the Compute and Place MAPs option in the Plan RF coverage page of the Building wizard to recompute the number of MAPs needed and their recommended placement. If this option results in new MAPs being added, install the new MAPs.
What’s Next? 185 8 Click on the Objects to Place tab. 9 Click on the MAP icon, then click on the location where you installed the MAP. The MAP icon moves from the Objects To Place tab to its location on the floor. What’s Next? You can create a backup copy of your updated network plan, and distribute the updated 3WXM configuration to the WX switches. For information about administrative tasks, see “Perform Basic Administrative Tasks” on page 146.
CHAPTER 8: OPTIMIZING A NETWORK PLAN
INDEX Numbers 3WXM software requirements 14 3WXM client 16 connecting to 3WXM monitoring service 19 hardware requirements 13 installing 18 installing, preparing for 15 installing, resource allocation 16 installing, standalone mode 16 software requirements 14 3WXM GUI overview 22 3WXM monitoring service configuring 20 hardware requirements 14 installing 18 installing, preparing for 15 installing, resource allocation 16 installing, shared mode 16 software requirements 14 A AAA security configuring, accounti
INDEX distributed MAPs 97 creating 97 distributing system files 147 distributing WX software images 148 E Ekahau Site Survey tool 169 using RF measurements from 172 Ekahau Site Survey work order 173 employee access services configuring 52 Encryption-Type attribute 63 End-Date attribute description 64 event logging 47 exporting configurations 151 F fixing coverage holes 184 H hardware requirements for installation 13, 14 HP OpenView 16 I image repository adding image 148 deleting image 148 using 14
INDEX networks managing, overview 44 monitoring, clients 46 monitoring, logging 47 monitoring, overview 44 monitoring, reports 47 monitoring, RF area 45 monitoring, rogue detection 46 monitoring, status 44 monitoring, verification 47 planning, methods to use 33 planning, RF Auto-Tuning 32 planning, RF Auto-Tuning with Modelling 32 planning, RF planning 33 O optimal power 138 optimizing displaying RF coverage areas 181 generating Ekahau Site Survey work order 173 importing RF measurements 176 locking down
INDEX configuring, VoWIP 77 configuring, wireless services 35 definition of concept 51 process 29 shared mode 16 site surveys importing 127 sites adding 100 defining 115 software requirements for installation 14 SSID attribute description 63 standalone mode 16 Start-Date attribute description 64 system image files adding 148 deleting 148 image repository 148 T Time-Of-Day attribute description 63 U unpacking installation files 18 URL attribute description 64 user privileges for installation 15 users
