User's Guide
Table Of Contents
- 1 About this Guide
- Contents
- 2 Overview of the HiPath Wireless Controller, Access Points and Convergence Software solution
- 2.1 Conventional wireless LANs
- 2.2 Elements of the HiPath Wireless Controller, Access Points and Convergence Software solution
- 2.3 HiPath Wireless Controller, Access Points and Convergence Software and your network
- 2.4 HiPath Wireless Controller product family
- 3 Configuring the HiPath Wireless Controller
- 3.1 System configuration overview
- 3.2 Logging on to the HiPath Wireless Controller
- 3.3 Working with the basic installation wizard
- 3.4 Configuring the HiPath Wireless Controller for the first time
- 3.4.1 Changing the administrator password
- 3.4.2 Applying product license keys
- 3.4.3 Setting up the data ports
- 3.4.4 Setting up Internal VLAN ID and multi-cast support
- 3.4.5 Setting up static routes
- 3.4.6 Setting up OSPF Routing
- 3.4.7 Configuring filtering at the interface level
- 3.4.8 Installing certificates on the HiPath Wireless Controller
- 3.4.9 Configuring the login authentication mode
- 3.4.10 Configuring network time
- 3.4.11 Configuring DNS servers for resolving host names of RADIUS servers
- 3.5 Additional ongoing operations of the system
- 4 Configuring the Wireless AP
- 4.1 Wireless AP overview
- 4.2 Discovery and registration overview
- 4.2.1 Wireless AP discovery
- 4.2.2 Registration after discovery
- 4.2.3 Understanding the Wireless AP LED status
- 4.2.4 Configuring the Wireless APs for the first time
- 4.2.5 Defining properties for the discovery process
- 4.2.6 Connecting the Wireless AP to a power source and initiating the discovery and registration process
- 4.3 Adding and registering a Wireless AP manually
- 4.4 Configuring Wireless AP settings
- 4.4.1 Modifying a Wireless AP’s status
- 4.4.2 Configuring a Wireless AP’s properties
- 4.4.3 AP properties tab configuration
- 4.4.4 Assigning Wireless AP radios to a VNS
- 4.4.5 Configuring Wireless AP radio properties
- 4.4.6 Setting up the Wireless AP using static configuration
- 4.4.7 Configuring Telnet/SSH Access
- 4.5 Configuring VLAN tags for Wireless APs
- 4.6 Modifying a Wireless AP’s properties based on a default AP configuration
- 4.7 Modifying the Wireless AP’s default setting using the Copy to Defaults feature
- 4.8 Configuring Wireless APs simultaneously
- 4.9 Configuring an AP as a sensor
- 4.10 Performing Wireless AP software maintenance
- 5 Virtual Network Services concepts
- 6 Configuring a VNS
- 6.1 High level VNS configuration flow
- 6.2 VNS global settings
- 6.2.1 Defining RADIUS servers and MAC address format
- 6.2.2 Configuring Dynamic Authorization Server support
- 6.2.3 Defining Wireless QoS Admission Control Thresholds
- 6.2.4 Defining Wireless QoS Flexible Client Access
- 6.2.5 Working with bandwidth control profiles
- 6.2.6 Configuring the Global Default Policy
- 6.2.7 Using the Sync Summary
- 6.3 Methods for configuring a VNS
- 6.4 Working with the VNS wizard to create a new VNS
- 6.5 Working with a GuestPortal VNS
- 6.6 Creating a VNS using the advanced method
- 6.7 Working with existing VNSs
- 6.8 Configuring a Topology
- 6.9 Configuring WLAN Services
- 6.9.1 Configuring a WLAN Service
- 6.9.2 Configuring privacy
- 6.9.3 Configuring accounting and authentication
- 6.9.3.1 Vendor Specific Attributes
- 6.9.3.2 Defining accounting methods for a WLAN Service
- 6.9.3.3 Configuring authentication for a WLAN Service
- 6.9.3.4 Defining the RADIUS server priority for RADIUS redundancy
- 6.9.3.5 Configuring assigned RADIUS servers
- 6.9.3.6 Defining a WLAN Service with no authentication
- 6.9.3.7 Configuring Captive Portal for internal or external authentication
- 6.9.4 Configuring the QoS policy
- 6.10 Configuring Policy
- 6.11 Working with a Wireless Distribution System
- 6.11.1 Simple WDS configuration
- 6.11.2 Wireless Repeater configuration
- 6.11.3 Wireless Bridge configuration
- 6.11.4 Examples of deployment
- 6.11.5 WDS WLAN Services
- 6.11.6 Key features of WDS
- 6.11.7 Deploying the WDS system
- 6.11.7.1 Connecting the WDS Wireless APs to the enterprise network for discovery and registration
- 6.11.7.2 Configuring the WDS Wireless APs through the HiPath Wireless Controller
- 6.11.7.3 Assigning the Satellite Wireless APs’ radios to the network WLAN Services
- 6.11.7.4 Connecting the WDS Wireless APs to the enterprise network for provisioning
- 6.11.7.5 Moving the WDS Wireless APs to the target location
- 6.11.8 Changing the pre-shared key in a WDS WLAN Service
- 7 Availability and session availability
- 8 Configuring Mobility
- 9 Working with third-party APs
- 10 Working with the Mitigator
- 11 Working with reports and displays
- 12 Performing system administration
- 13 Glossary
- A HiPath Wireless Controller’s physical description
- B Regulatory information
- C optiPoint WL2 Configuration
- D SpectraLink Wireless Telephones
- E Default GuestPortal source code
- 2 Overview of the HiPath Wireless Controller, Access Points and Convergence Software solution
Glossary
hwc_glossary.fm
Networking terms and abbreviations
9034530-02, March 2010
476 HiPath Wireless Controller, Access Points and Convergence Software V7.11, User Guide
OSI Layer 2 At the Data Link layer (OSI Layer 2), data packets are encoded and decoded into bits. The
data link layer has two sublayers:
• the Logical Link Control (LLC) layer controls frame synchronization, flow control and error
checking
• The Media Access Control (MAC) layer controls how a computer on the network gains
access to the data and permission to transmit it.
OSI Layer 3 The Network layer (OSI Layer 3) provides switching and routing technologies, creating logical
paths, known as virtual circuits, for transmitting data from node to node. Routing and
forwarding are functions of this layer, as well as addressing, internetworking, error handling,
congestion control and packet sequencing.
OSPF Open Shortest Path First, an interior gateway routing protocol developed for IP networks
based on the shortest path first or link-state algorithm. Routers use link-state algorithms to
send routing information to all nodes in an internetwork by calculating the shortest path to
each node based on a topography of the Internet constructed by each node. Each router
sends that portion of the routing table (keeps track of routes to particular network destinations)
that describes the state of its own links, and it also sends the complete routing structure
(topography). Using OSPF, a host that obtains a change to a routing table or detects a change
in the network immediately multicasts the information to all other hosts in the network so that
all will have the same routing table information. The host using OSPF sends only the part that
has changed, and only when a change has taken place. (RFC2328)
OUI Organizationally Unique Identifier (used in MAC addressing).
Packet The unit of data that is routed between an origin and a destination on the Internet or any other
packet-switched network. When any file is sent from one place to another on the Internet, the
Transmission Control Protocol (TCP) layer of TCP/IP divides the file into packets. Each packet
is separately numbered and includes the Internet address of the destination. The individual
packets for a given file may travel different routes through the Internet. When they have all
arrived, they are reassembled into the original file (by the TCP layer at the receiving end).
PAP Password Authentication Protocol is the most basic form of authentication, in which a user's
name and password are transmitted over a network and compared to a table of name-
password pairs. Typically, the passwords stored in the table are encrypted. (See CHAP).
PDU Protocol Data Unit. A data object exchanged by protocol machines (such as management
stations, SMUX peers, and SNMP agents) and consisting of both protocol control information
and user data. PDU is sometimes used as a synonym for “packet''.
PEAP PEAP (Protected Extensible Authentication Protocol) is an IETF draft standard to authenticate
wireless LAN clients without requiring them to have certificates. In PEAP authentication, first
the user authenticates the authentication server, then the authentication server authenticates
the user. If the first phase is successful, the user is then authenticated over the SSL tunnel
created in phase one using EAP-Generic Token Card (EAP-GTC) or Microsoft Challenged
Handshake Protocol Version 2 (MSCHAP V2). (See also EAP-TLS).
PHP server Hypertext Preprocessor
PKI Public Key Infrastructure
PoE Power over Ethernet. The Power over Ethernet standard (802.3af) defines how power can be
provided to network devices over existing Ethernet connection, eliminating the need for
additional external power supplies.
POST Power On Self Test, a diagnostic testing sequence performed by a computer to determine if
its hardware elements are present and powered on. If so, the computer begins its boot
sequence.
Term Explanation