User's Guide
Table Of Contents
- 1 About this Guide
- Contents
- 2 Overview of the HiPath Wireless Controller, Access Points and Convergence Software solution
- 2.1 Conventional wireless LANs
- 2.2 Elements of the HiPath Wireless Controller, Access Points and Convergence Software solution
- 2.3 HiPath Wireless Controller, Access Points and Convergence Software and your network
- 2.4 HiPath Wireless Controller product family
- 3 Configuring the HiPath Wireless Controller
- 3.1 System configuration overview
- 3.2 Logging on to the HiPath Wireless Controller
- 3.3 Working with the basic installation wizard
- 3.4 Configuring the HiPath Wireless Controller for the first time
- 3.4.1 Changing the administrator password
- 3.4.2 Applying product license keys
- 3.4.3 Setting up the data ports
- 3.4.4 Setting up Internal VLAN ID and multi-cast support
- 3.4.5 Setting up static routes
- 3.4.6 Setting up OSPF Routing
- 3.4.7 Configuring filtering at the interface level
- 3.4.8 Installing certificates on the HiPath Wireless Controller
- 3.4.9 Configuring the login authentication mode
- 3.4.10 Configuring network time
- 3.4.11 Configuring DNS servers for resolving host names of RADIUS servers
- 3.5 Additional ongoing operations of the system
- 4 Configuring the Wireless AP
- 4.1 Wireless AP overview
- 4.2 Discovery and registration overview
- 4.2.1 Wireless AP discovery
- 4.2.2 Registration after discovery
- 4.2.3 Understanding the Wireless AP LED status
- 4.2.4 Configuring the Wireless APs for the first time
- 4.2.5 Defining properties for the discovery process
- 4.2.6 Connecting the Wireless AP to a power source and initiating the discovery and registration process
- 4.3 Adding and registering a Wireless AP manually
- 4.4 Configuring Wireless AP settings
- 4.4.1 Modifying a Wireless AP’s status
- 4.4.2 Configuring a Wireless AP’s properties
- 4.4.3 AP properties tab configuration
- 4.4.4 Assigning Wireless AP radios to a VNS
- 4.4.5 Configuring Wireless AP radio properties
- 4.4.6 Setting up the Wireless AP using static configuration
- 4.4.7 Configuring Telnet/SSH Access
- 4.5 Configuring VLAN tags for Wireless APs
- 4.6 Modifying a Wireless AP’s properties based on a default AP configuration
- 4.7 Modifying the Wireless AP’s default setting using the Copy to Defaults feature
- 4.8 Configuring Wireless APs simultaneously
- 4.9 Configuring an AP as a sensor
- 4.10 Performing Wireless AP software maintenance
- 5 Virtual Network Services concepts
- 6 Configuring a VNS
- 6.1 High level VNS configuration flow
- 6.2 VNS global settings
- 6.2.1 Defining RADIUS servers and MAC address format
- 6.2.2 Configuring Dynamic Authorization Server support
- 6.2.3 Defining Wireless QoS Admission Control Thresholds
- 6.2.4 Defining Wireless QoS Flexible Client Access
- 6.2.5 Working with bandwidth control profiles
- 6.2.6 Configuring the Global Default Policy
- 6.2.7 Using the Sync Summary
- 6.3 Methods for configuring a VNS
- 6.4 Working with the VNS wizard to create a new VNS
- 6.5 Working with a GuestPortal VNS
- 6.6 Creating a VNS using the advanced method
- 6.7 Working with existing VNSs
- 6.8 Configuring a Topology
- 6.9 Configuring WLAN Services
- 6.9.1 Configuring a WLAN Service
- 6.9.2 Configuring privacy
- 6.9.3 Configuring accounting and authentication
- 6.9.3.1 Vendor Specific Attributes
- 6.9.3.2 Defining accounting methods for a WLAN Service
- 6.9.3.3 Configuring authentication for a WLAN Service
- 6.9.3.4 Defining the RADIUS server priority for RADIUS redundancy
- 6.9.3.5 Configuring assigned RADIUS servers
- 6.9.3.6 Defining a WLAN Service with no authentication
- 6.9.3.7 Configuring Captive Portal for internal or external authentication
- 6.9.4 Configuring the QoS policy
- 6.10 Configuring Policy
- 6.11 Working with a Wireless Distribution System
- 6.11.1 Simple WDS configuration
- 6.11.2 Wireless Repeater configuration
- 6.11.3 Wireless Bridge configuration
- 6.11.4 Examples of deployment
- 6.11.5 WDS WLAN Services
- 6.11.6 Key features of WDS
- 6.11.7 Deploying the WDS system
- 6.11.7.1 Connecting the WDS Wireless APs to the enterprise network for discovery and registration
- 6.11.7.2 Configuring the WDS Wireless APs through the HiPath Wireless Controller
- 6.11.7.3 Assigning the Satellite Wireless APs’ radios to the network WLAN Services
- 6.11.7.4 Connecting the WDS Wireless APs to the enterprise network for provisioning
- 6.11.7.5 Moving the WDS Wireless APs to the target location
- 6.11.8 Changing the pre-shared key in a WDS WLAN Service
- 7 Availability and session availability
- 8 Configuring Mobility
- 9 Working with third-party APs
- 10 Working with the Mitigator
- 11 Working with reports and displays
- 12 Performing system administration
- 13 Glossary
- A HiPath Wireless Controller’s physical description
- B Regulatory information
- C optiPoint WL2 Configuration
- D SpectraLink Wireless Telephones
- E Default GuestPortal source code
- 2 Overview of the HiPath Wireless Controller, Access Points and Convergence Software solution
hwc_glossary.fm
Glossary
Networking terms and abbreviations
9034530-02,
March 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.11, User Guide 471
Directory Agent (DA) A method of organizing and locating the resources (such as printers, disk drives, databases,
e-mail directories, and schedulers) in a network. Using SLP, networking applications can
discover the existence, location and configuration of networked devices.
With Service Location Protocol, client applications are 'User Agents' and services are
advertised by 'Service Agents'. The User Agent issues a multicast 'Service Request' (SrvRqst)
on behalf of the client application, specifying the services required. The User Agent will
receive a Service Reply (SrvRply) specifying the location of all services in the network which
satisfy the request.
For larger networks, a third entity, called a 'Directory Agent', receives registrations from all
available Service Agents. A User Agent sends a unicast request for services to a Directory
Agent (if there is one) rather than to a Service Agent.
(SLP version 2, RFC2608, updating RFC2165)
Diversity antenna and
receiver
The AP has two antennae. Receive diversity refers to the ability of the AP to provide better
service to a device by receiving from the user on which ever of the two antennae is receiving
the cleanest signal. Transmit diversity refers to the ability of the AP to use its two antenna to
transmit on a specific antenna only, or on a alternate antennae. The antennae are called
diversity antennae because of this capability of the pair.
DNS Domain Name Server
DSSS Direct-Sequence Spread Spectrum. A transmission technology used in Local Area Wireless
Network (LAWN) transmissions where a data signal at the sending station is combined with a
higher data rate bit sequence, or chipping code, that divides the user data according to a
spreading ratio. The chipping code is a redundant bit pattern for each bit that is transmitted,
which increases the signal's resistance to interference. If one or more bits in the pattern are
damaged during transmission, the original data can be recovered due to the redundancy of
the transmission. (Compare FHSS)
DTIM DTIM delivery traffic indication message (in 802.11 standard)
Dynamic WEP The IEEE introduced the concept of user-based authentication using per-user encryption keys
to solve the scalability issues that surrounded static WEP. This resulted in the 802.1X
standard, which makes use of the IETF's Extensible Authentication Protocol (EAP), which was
originally designed for user authentication in dial-up networks. The 802.1X standard
supplemented the EAP protocol with a mechanism to send an encryption key to a Wireless
AP. These encryption keys are used as dynamic WEP keys, allowing traffic to each individual
user to be encrypted using a separate key.
EAP-TLS
EAP-TTLS
EAP-TLS Extensible Authentication Protocol - Transport Layer Security. A general protocol for
authentication that also supports multiple authentication methods, such as token cards,
Kerberos, one-time passwords, certificates, public key authentication and smart cards. IEEE
802.1x specifies how EAP should be encapsulated in LAN frames.
In wireless communications using EAP, a user requests connection to a WLAN through an
access point, which then requests the identity of the user and transmits that identity to an
authentication server such as RADIUS. The server asks the access point for proof of identity,
which the access point gets from the user and then sends back to the server to complete the
authentication.
EAP-TLS provides for certificate-based and mutual authentication of the client and the
network. It relies on client-side and server-side certificates to perform authentication and can
be used to dynamically generate user-based and session-based WEP keys.
EAP-TTLS (Tunneled Transport Layer Security) is an extension of EAP-TLS to provide
certificate-based, mutual authentication of the client and network through an encrypted tunnel,
as well as to generate dynamic, per-user, per-session WEP keys. Unlike EAP-TLS, EAP-
TTLS requires only server-side certificates.
(See also PEAP)
Term Explanation