User's Manual

ManualsBrandsSiemens Communications ManualsElectronicsHiPath Wireless AP, Altitude 450, Altitude 451

141

142

143

144

145

146

147

148

149

150

hwc_vnsintro.fm

Virtual Network Services

Setting up a VNS checklist

A31003-W1050-U100-2-7619,

March 2008

HiPath Wireless Controller, Access Points and Convergence Software V5 R1 , C20/C2400 User Guide 149

• A user access plan for both individual users and user groups

• The RADIUS attribute values that support the user access plan

• The location and identity of the Wireless APs that will be used on the VNS

• The routing mechanism to be used on the VNS

• For tunneled configurations mostly, the network addresses that the VNS will

use

• A VLAN bridged VNS (at the controller) requires the specification of the IP

address for the controller's own interface point (Port) on that VLAN. In

addition, if the you elect to have the controller operate as the default DHCP

server for the VLAN, the corresponding IP topology for that subnet must also

be specified.

• The type of authentication for wireless device users on the VNS

• The specific filters to be applied to the defined users and user groups to

control network access

• The quality of service (QoS) requirements

• What privacy mechanisms should be employed between the Wireless APs

and the wireless devices

• Classification list for traffic priority. For example, whether the VNS is to be

used for voice traffic and if voice traffic is to be given priority.

• Whether the VNS traffic is to be bridged directly to the network at the AP or

tunneled to the controller for forwarding. Bridging at the AP is useful in branch

office deployments in which APs must provide service even when the

connection to the controller is unavailable.

User access plan

The user access plan should analyze the enterprise network and identify which

users should have access to which areas of the network. What areas of the

network should be separated? Which users can go out to the World Wide Web?

The Controller, Access Points and Convergence Software system relies on

authenticating users via a RADIUS server (or other authentication server). To

make use of this feature, an authentication server on the network is required.

Make sure that the server's database of registered users, with login identification

and passwords, is current.

In the case of certificate-based installations, you must ensure that the proper user

certificate profiles are setup on the RADIUS server.

Note: To deploy Controller, Access Points and Convergence Software without a

RADIUS server (and without authentication of users on the network), click SSID

for network assignment (on the Topology tab). On the Authentication -