-
Wireless Mobility 5.4 Controller System Reference GuideSoftware
Version 5.4Extreme Networks, Inc.3585 Monroe StreetSanta Clara,
California 95051(888) 257-3000(408) 579-2800
http://www.extremenetworks.comPublished: January 2013Part
number: 120810-00 Rev 01
http://www.extremenetworks.com
-
AccessAdapt, Alpine, Altitude, BlackDiamond, Direct Attach,
EPICenter, ExtremeWorks Essentials, Ethernet Everywhere, Extreme
Enabled, Extreme Ethernet Everywhere, Extreme Networks, Extreme
Standby Router Protocol, Extreme Turbodrive, Extreme Velocity,
ExtremeWare, ExtremeWorks, ExtremeXOS, Go Purple Extreme Solution,
ExtremeXOS ScreenPlay, ReachNXT, Ridgeline, Sentriant,
ServiceWatch, Summit, SummitStack, Triumph, Unified Access
Architecture, Unified Access RF Manager, UniStack, XNV, the Extreme
Networks logo, the Alpine logo, the BlackDiamond logo, the Extreme
Turbodrive logo, the Summit logos, and the Powered by ExtremeXOS
logo are trademarks or registered trademarks of Extreme Networks,
Inc. or its subsidiaries in the United States and/or other
countries.
sFlow is the property of InMon Corporation.
Specifications are subject to change without notice.
All other registered trademarks, trademarks, and service marks
are property of their respective owners.
2012 Extreme Networks, Inc. All Rights Reserved.Wireless
Mobility 5.4 Controller System Reference Guide
2
-
Table of ContentsChapter 1: About this
Guide....................................................................................................................11
Documentation Set
.................................................................................................................................................11Document
Conventions
..........................................................................................................................................12Notational
Conventions
..........................................................................................................................................12
Chapter 2:
Overview.................................................................................................................................13
About the Extreme Networks
Software...................................................................................................................13
Chapter 3: Web UI
Overview....................................................................................................................15
Accessing the Web UI
............................................................................................................................................15Browser
and System
Requirements................................................................................................................15Connecting
to the Web UI
...............................................................................................................................16
Glossary of Icons Used
..........................................................................................................................................17Global
Icons
....................................................................................................................................................17Dialog
Box Icons
.............................................................................................................................................18Table
Icons......................................................................................................................................................18Status
Icons
....................................................................................................................................................19Configurable
Objects.......................................................................................................................................19Configuration
Objects......................................................................................................................................22Configuration
Operation Icons
........................................................................................................................22Access
Type Icons
..........................................................................................................................................23Administrative
Role
Icons................................................................................................................................23Device
Icons....................................................................................................................................................24
Chapter 4: Quick
Start..............................................................................................................................25
Using the Initial Setup Wizard
................................................................................................................................25Creating
a managed WLAN
...................................................................................................................................34
Assumptions....................................................................................................................................................34Design
.............................................................................................................................................................34Using
the Controller GUI to Configure the WLAN
...........................................................................................35
Configuring Access to the GUI Using the GE1
Port.................................................................................36Logging
into the Controller for the First
Time...........................................................................................37Creating
a RF Domain
.............................................................................................................................38Creating
a Wireless Controller Profile
......................................................................................................44Creating
a WLAN
Configuration...............................................................................................................53Creating
an AP Profile
.............................................................................................................................56Creating
an AP4511 Profile
.....................................................................................................................56Creating
an AP4700 Profile
.....................................................................................................................68Creating
a DHCP Server Policy
...............................................................................................................81Completing
and testing the
configurations...............................................................................................89
Chapter 5: Dashboard
..............................................................................................................................91
Summary
................................................................................................................................................................91Device
Listing..................................................................................................................................................92System
Screen................................................................................................................................................93
Health.......................................................................................................................................................93Inventory
..................................................................................................................................................98
Network View
.......................................................................................................................................................100Wireless
Mobility 5.4 Controller System Reference Guide
1
-
Chapter 6: Device
Configuration...........................................................................................................103
Basic Configuration
..............................................................................................................................................105Basic
Device Configuration
..................................................................................................................................106License
Configuration...........................................................................................................................................109Assigning
Certificates...........................................................................................................................................112
Certificate Management
................................................................................................................................114RSA
Key
Management..................................................................................................................................121Certificate
Creation
.......................................................................................................................................124Generating
a Certificate Signing Request
.....................................................................................................127
RF Domain
Overrides...........................................................................................................................................129Wired
802.1x
Configuration..................................................................................................................................135Profile
Overrides...................................................................................................................................................136
Controller Cluster Configuration Overrides (Controllers Only)
......................................................................137Access
Point Adoption Overrides (Access Points Only)
...............................................................................139Access
Point Radio Power Overrides (Access Points Only)
.........................................................................141Profile
Interface Override
Configuration........................................................................................................143
Ethernet Port Override
Configuration.....................................................................................................143Virtual
Interface Override
Configuration.................................................................................................151Port
Channel Override
Configuration.....................................................................................................156Radio
Override Configuration
................................................................................................................161WAN
Backhaul Override
Configuration..................................................................................................170
Overriding a Profiles Network Configuration
................................................................................................175Overriding
a Profiles DNS
Configuration...............................................................................................176Overriding
a Profiles ARP
Configuration...............................................................................................177Overriding
a Profiles L2TPV3 Configuration
.........................................................................................179Overriding
a Profiles IGMP Snooping
Configuration.............................................................................186Select
the OK button to save the changes and overrides to the IGMP
Snooping tab. Select Reset to revert to the last saved
configuration.
..............................................................................................................188Overriding
a Profiles Quality of Service (QoS)
Configuration................................................................188Overriding
a Profile Spanning Tree
Configuration.................................................................................190Overriding
a Profiles Routing
Configuration..........................................................................................193Dynamic
Routing (OSPF)
......................................................................................................................194Overriding
a Profiles Forwarding Database
Configuration....................................................................202Overriding
a Profiles Bridge VLAN
Configuration..................................................................................204Select
the OK button to save the changes and overrides to the General tab.
Select Reset to revert to the last saved configuration.
........................................................................................................................207Overriding
a Profiles Cisco Discovery Protocol Configuration
..............................................................207Overriding
a Profiles Link Layer Discovery Protocol
Configuration.......................................................209Overriding
a Profiles Miscellaneous Network Configuration
.................................................................210
Overriding a Profiles Security
Configuration.................................................................................................211Overriding
a Profiles General Security
Settings....................................................................................212Overriding
a Profiles Certificate Revocation List (CRL) Configuration
..................................................214Overriding a
Profiles VPN
Configuration...............................................................................................215Overriding
a Profiles NAT Configuration
...............................................................................................228Overriding
a Profiles Bridge NAT
Configuration....................................................................................234
Overriding a Profiles VRRP
Configuration....................................................................................................236Overriding
a Profiles Critical Resources Configuration
.........................................................................240Overriding
a Profiles Services
Configuration.........................................................................................242Overriding
a Profiles Management Configuration
.................................................................................244Overriding
a Profiles Advanced Configuration
......................................................................................249Advanced
Profile Miscellaneous
Configuration......................................................................................253Overriding
a Profiles Mesh Point Configuration
....................................................................................255
Auto Provisioning Policies
....................................................................................................................................257Configuring
an Auto Provisioning Policy
................................................................................................259
Critical Resource
Policy........................................................................................................................................262Managing
Critical Resource
Policies.............................................................................................................263Managing
Event
Policies...............................................................................................................................264Wireless
Mobility 5.4 Controller System Reference Guide
2
-
Managing MINT Policies
...............................................................................................................................265
Chapter 7: Wireless Configuration
.......................................................................................................267
Wireless LAN Policy
.............................................................................................................................................268Basic
WLAN
Configuration............................................................................................................................270
WLAN Basic Configuration Deployment Considerations
.......................................................................272Configuring
WLAN Security
..........................................................................................................................272
802.1x EAP, EAP PSK and EAP MAC
..................................................................................................273MAC
Authentication
...............................................................................................................................275Kerberos
................................................................................................................................................277PSK
/ None
............................................................................................................................................279Captive
Portal
........................................................................................................................................279MAC
Registration...................................................................................................................................280External
Controller
.................................................................................................................................281WPA/WPA2-TKIP
..................................................................................................................................282
WPA-TKIP Deployment
Considerations...............................................................................................................285WPA2-CCMP
.........................................................................................................................................285WEP
64..................................................................................................................................................289WEP
128................................................................................................................................................290KeyGuard...............................................................................................................................................292
Configuring WLAN Firewall
Support..............................................................................................................294Configuring
Client
Settings............................................................................................................................299
WLAN Client Setting Deployment Considerations
.................................................................................300Configuring
WLAN Accounting
Settings........................................................................................................301
Accounting Deployment Considerations
................................................................................................302Configuring
Client Load Balancing
Settings..................................................................................................302Configuring
Advanced WLAN Settings
.........................................................................................................303Configuring
Auto Shutdown Settings
............................................................................................................305
Configuring WLAN QoS Policies
..........................................................................................................................307Configuring
a WLANs QoS WMM Settings
..................................................................................................309Configuring
Rate Limit
Settings.....................................................................................................................313
WLAN QoS Deployment Considerations
...............................................................................................317Configuring
Multimedia
Optimizations...........................................................................................................318
WLAN QoS Deployment Considerations
...............................................................................................319Radio
QoS Policy
.................................................................................................................................................321
Configuring Radio QoS
Policies....................................................................................................................322Radio
QoS Configuration and Deployment Considerations
..........................................................................329
AAA
Policy............................................................................................................................................................331Association
ACL
...................................................................................................................................................340
Association ACL Deployment
Considerations...............................................................................................341Smart
RF Policy
...................................................................................................................................................342
Smart RF Configuration and Deployment Considerations
............................................................................352MeshConnex
Policy..............................................................................................................................................353Mesh
Qos Policy
..................................................................................................................................................358
Chapter 8: Profile Configuration
...........................................................................................................365
General Profile Configuration
...............................................................................................................................368General
Profile Configuration and Deployment
Considerations....................................................................369
Profile Cluster Configuration (Controllers Only)
...................................................................................................370Controller
Cluster Profile Configuration and Deployment
Considerations............................................................372Profile
Adoption Configuration (APs Only)
...........................................................................................................373
Profile 802.1x
Configuration..........................................................................................................................373Profile
Interface
Configuration..............................................................................................................................374
Ethernet Port
Configuration...........................................................................................................................375Virtual
Interface
Configuration.......................................................................................................................382Port
Channel
Configuration...........................................................................................................................385Wireless
Mobility 5.4 Controller System Reference Guide
3
-
Access Point Radio
Configuration.................................................................................................................391WAN
Backhaul Override
Configuration.........................................................................................................398PPPoE
Configuration
....................................................................................................................................400Profile
Interface Deployment
Considerations................................................................................................402
Profile Network
Configuration...............................................................................................................................404Setting
a Profiles DNS Configuration
...........................................................................................................404ARP...............................................................................................................................................................406L2TPV3
Configuration...................................................................................................................................407Quality
of Service (QoS) Configuration
.........................................................................................................415Routing
Configuration
...................................................................................................................................416Dynamic
Routing
(OSPF)..............................................................................................................................418Forwarding
Database....................................................................................................................................425Bridge
VLAN
.................................................................................................................................................426
Cisco Discovery Protocol Configuration
.......................................................................................................431Link
Layer Discovery Protocol Configuration
................................................................................................432Miscellaneous
Network
Configuration...........................................................................................................434Profile
Network Configuration and Deployment Considerations
...................................................................435
Profile Security
Configuration...............................................................................................................................436Defining
Security Settings
.............................................................................................................................436Setting
the Certificate Revocation List (CRL) Configuration
.........................................................................437Setting
the Profiles VPN Configuration
........................................................................................................438Setting
the Profiles NAT
Configuration.........................................................................................................451Bridge
NAT Configuration
.............................................................................................................................457Profile
Security Configuration and Deployment
Considerations....................................................................460
VRRP Configuration
.............................................................................................................................................461Critical
Resources
Configuration..........................................................................................................................466Profile
Services Configuration
..............................................................................................................................469
Profile Services Configuration and Deployment
Considerations...................................................................470Profile
Management
Configuration.......................................................................................................................471
Profile Management Configuration and Deployment
Considerations............................................................475Advanced
Profile
Configuration............................................................................................................................476
Configuring MINT
..........................................................................................................................................476Advanced
Profile Miscellaneous
Configuration.............................................................................................480Overriding
a Profiles Mesh Point
Configuration............................................................................................481
Chapter 9:
Network.................................................................................................................................483
Policy Based Routing
(PBR).................................................................................................................................483L2TPV3
Configuration
..........................................................................................................................................488
Network Deployment
Considerations............................................................................................................491
Chapter 10: RF Domain Configuration
.................................................................................................493
About RF Domains
...............................................................................................................................................493Default
RF
Domains......................................................................................................................................493User
Defined RF Domains
............................................................................................................................494
Managing RF
Domains.........................................................................................................................................494RF
Domain Basic
Configuration....................................................................................................................496RF
Domain Sensor Configuration
.................................................................................................................499RF
Domain Overrides
...................................................................................................................................500RF
Domain Deployment
Considerations.......................................................................................................503
Chapter 11: Security Configuration
......................................................................................................505
Wireless Firewall
..................................................................................................................................................505Configuring
a Firewall Policy
.........................................................................................................................506
Adding and Editing Wireless Firewall Policies
.......................................................................................507Configuring
IP Firewall
Rules........................................................................................................................516Configuring
MAC Firewall Rules
...................................................................................................................518Wireless
Mobility 5.4 Controller System Reference Guide
4
-
Firewall Deployment
Considerations.............................................................................................................521Wireless
Client Roles
...........................................................................................................................................521
Configuring a Clients Role Policy
.................................................................................................................522Intrusion
Prevention
.............................................................................................................................................529
Configuring a WIPS Policy
............................................................................................................................530Configuring
an Advanced WIPS Policy
.........................................................................................................538Configuring
a WIPS Device Categorization Policy
........................................................................................542Intrusion
Detection Deployment Considerations
...........................................................................................544
Chapter 12: Services Configuration
.....................................................................................................545
Configuring Captive Portal Policies
......................................................................................................................545Configuring
a Captive Portal
Policy...............................................................................................................546Creating
DNS
Whitelists................................................................................................................................553Captive
Portal Deployment
Considerations...................................................................................................554
Setting the Controllers DHCP
Configuration........................................................................................................555Defining
DHCP
Pools....................................................................................................................................556Defining
DHCP Server Global
Settings.........................................................................................................563DHCP
Class Policy Configuration
.................................................................................................................565DHCP
Deployment
Considerations...............................................................................................................566
Setting the RADIUS Configuration
.......................................................................................................................567Creating
RADIUS Groups
.............................................................................................................................567
Creating RADIUS Groups
......................................................................................................................569Defining
User Pools
......................................................................................................................................570Configuring
RADIUS Server Policies
............................................................................................................573
Configuring RADIUS Clients
..................................................................................................................577Configuring
a RADIUS
Proxy.................................................................................................................579Configuring
an LDAP Server Configuration
...........................................................................................580
RADIUS Deployment
Considerations............................................................................................................583
Chapter 13: Management Access Policy Configuration
.....................................................................585
Viewing Management Access Policies
.................................................................................................................585Adding
or Editing a Management Access
Policy...........................................................................................587
Creating an Administrator
Configuration................................................................................................588Setting
the Access Control Configuration
..............................................................................................590Setting
the Authentication
Configuration................................................................................................592Setting
the SNMP Configuration
............................................................................................................593SNMP
Trap
Configuration......................................................................................................................595
Management Access Deployment
Considerations...............................................................................................596
Chapter 14: Diagnostics
........................................................................................................................597
Fault Management
...............................................................................................................................................597Crash
Files
...........................................................................................................................................................601Advanced
Diagnostics..........................................................................................................................................602
UI Debugging
................................................................................................................................................602
Chapter 15:
Operations..........................................................................................................................607
Device
Operations................................................................................................................................................607Operations
Summary
....................................................................................................................................608
Upgrading Device Firmware
..................................................................................................................609Using
the AP Upgrade Browser
....................................................................................................................610Using
the File Management Browser
............................................................................................................611Managing
File Transfers
...............................................................................................................................613Restarting
Adopted
APs................................................................................................................................615
Certificates
...........................................................................................................................................................615Certificate
Management
................................................................................................................................616RSA
Key
Management..................................................................................................................................622Wireless
Mobility 5.4 Controller System Reference Guide
5
-
Certificate Creation
.......................................................................................................................................626Generating
a Certificate Signing Request
.....................................................................................................627
Smart RF
..............................................................................................................................................................629Managing
Smart RF for an RF
Domain.........................................................................................................630
Chapter 16:
Statistics.............................................................................................................................633
System Statistics
.................................................................................................................................................633Health
............................................................................................................................................................634Inventory
.......................................................................................................................................................636Adopted
Devices
...........................................................................................................................................637Pending
Adoptions
........................................................................................................................................638Offline
Devices
..............................................................................................................................................640Licenses
........................................................................................................................................................640
RF Domain Statistics
............................................................................................................................................641Health
............................................................................................................................................................642
Inventory
......................................................................................................................................................645
Access
Points...............................................................................................................................................647AP
Detection
.................................................................................................................................................648Wireless
Clients
............................................................................................................................................649Wireless
LANs...............................................................................................................................................651Radios
...........................................................................................................................................................652
Status.....................................................................................................................................................652RF
Statistics...........................................................................................................................................654Traffic
Statistics......................................................................................................................................655
Mesh
.............................................................................................................................................................656Mesh
Point
....................................................................................................................................................657SMART
RF....................................................................................................................................................668WIPS
.............................................................................................................................................................671
WIPS Client Blacklist
.............................................................................................................................671WIPS
Events..........................................................................................................................................672
Captive
Portal................................................................................................................................................674Historical
Data...............................................................................................................................................675
Viewing Smart RF
History......................................................................................................................675Access
Point Statistics
.........................................................................................................................................677
Health
............................................................................................................................................................678Device
...........................................................................................................................................................679AP
Upgrade...................................................................................................................................................682Adoption
........................................................................................................................................................683
Adoption.................................................................................................................................................683AP
Adoption
History...............................................................................................................................685AP
Self Adoption
History........................................................................................................................686Pending
Adoptions.................................................................................................................................687
AP Detection
.................................................................................................................................................688Wireless
Clients
............................................................................................................................................689Wireless
LANs...............................................................................................................................................690Policy
Based Routing
....................................................................................................................................692Radios
...........................................................................................................................................................693
Status.....................................................................................................................................................694RF
Statistics...........................................................................................................................................695Traffic
Statistics......................................................................................................................................696
Mesh
.............................................................................................................................................................697Mesh
Point
....................................................................................................................................................699Interfaces
......................................................................................................................................................705
General
Statistics...................................................................................................................................705Viewing
Interface Statistics Graph
.........................................................................................................708
RTLS
.............................................................................................................................................................709PPPoE...........................................................................................................................................................710OSPF
............................................................................................................................................................712Wireless
Mobility 5.4 Controller System Reference Guide
6
-
OSPF
Summary.....................................................................................................................................712OSPF
Neighbors....................................................................................................................................714OSPF
Area
Details.................................................................................................................................715OSPF
Route Statistics
...........................................................................................................................717OSPF
Interface
......................................................................................................................................720OSPF
State............................................................................................................................................722
L2TP V3
........................................................................................................................................................723VRRP
............................................................................................................................................................724Critical
Resources
.........................................................................................................................................726Network
.........................................................................................................................................................727
ARP Entries
...........................................................................................................................................727Route
Entries
.........................................................................................................................................728Bridge.....................................................................................................................................................729IGMP......................................................................................................................................................731DHCP
Options
.......................................................................................................................................732Cisco
Discovery Protocol
.......................................................................................................................733Link
Layer Discovery Protocol
...............................................................................................................734
DHCP Server
................................................................................................................................................736DHCP
Bindings
......................................................................................................................................737DHCP
Networks.....................................................................................................................................738
Firewall
..........................................................................................................................................................739Packet
Flows..........................................................................................................................................739Denial
of
Service....................................................................................................................................740IP
Firewall Rules
....................................................................................................................................741MAC
Firewall Rules
...............................................................................................................................742NAT
Translations
...................................................................................................................................743DHCP
Snooping.....................................................................................................................................744
VPN...............................................................................................................................................................746IKESA
....................................................................................................................................................746IPSec
.....................................................................................................................................................747
Certificates
....................................................................................................................................................749Trustpoints
.............................................................................................................................................749RSA
Keys...............................................................................................................................................750
WIPS
.............................................................................................................................................................751Client
Blacklist........................................................................................................................................752WIPS
Events..........................................................................................................................................753
Sensor Servers
.............................................................................................................................................754Captive
Portal................................................................................................................................................755Network
Time
................................................................................................................................................756
NTP
Status.............................................................................................................................................756NTP
Associations...................................................................................................................................758
Load Balancing
.............................................................................................................................................759Wireless
Controller
Statistics................................................................................................................................761
Health
............................................................................................................................................................762Device
...........................................................................................................................................................764Cluster
Peers
................................................................................................................................................766AP
Upgrade...................................................................................................................................................768Adoption
........................................................................................................................................................768
AP Adoption
History...............................................................................................................................769Pending
Adoptions.................................................................................................................................770
AP Detection
.................................................................................................................................................772Wireless
Clients
............................................................................................................................................773Wireless
LANs...............................................................................................................................................774Policy
Based Routing
....................................................................................................................................775Radios
...........................................................................................................................................................777Mesh
.............................................................................................................................................................780The
RF Domain Mesh screen provides the following information:Mesh Point
..............................................781Interfaces
......................................................................................................................................................791Wireless
Mobility 5.4 Controller System Reference Guide
7
-
General Interface Details
.......................................................................................................................792Network
Graph.......................................................................................................................................795
Power
Status.................................................................................................................................................796PPPoE...........................................................................................................................................................798OSPF
............................................................................................................................................................799
OSPF
Summary.....................................................................................................................................800OSPF
Neighbors....................................................................................................................................801OSPF
Area
Details.................................................................................................................................803OSPF
Route Statistics
...........................................................................................................................804OSPF
Interface
......................................................................................................................................807OSPF
State............................................................................................................................................808
L2TPv3..........................................................................................................................................................809VRRP
............................................................................................................................................................811Critical
Resource...........................................................................................................................................812Network
.........................................................................................................................................................813
ARP Entries
...........................................................................................................................................814Route
Entries
.........................................................................................................................................814Bridge.....................................................................................................................................................815IGMP......................................................................................................................................................816DHCP
Options
.......................................................................................................................................818Cisco
Discovery Protocol
.......................................................................................................................819Link
Layer Discovery Protocol
...............................................................................................................820
DHCP Server
................................................................................................................................................821Viewing
General DHCP Information
......................................................................................................821Viewing
DHCP Binding Information
.......................................................................................................822Viewing
DHCP Server Networks
Information.........................................................................................823
Firewall
..........................................................................................................................................................824Viewing
Packet Flow Statistics
..............................................................................................................825Viewing
Denial of Service Statistics
.......................................................................................................825IP
Firewall Rules
....................................................................................................................................826MAC
Firewall Rules
...............................................................................................................................828NAT
Translations
...................................................................................................................................829Viewing
DHCP Snooping
Statistics........................................................................................................830
VPN...............................................................................................................................................................831IKESA
....................................................................................................................................................831IPSEC
....................................................................................................................................................833
Viewing Certificate Statistics
.........................................................................................................................834Viewing
Trustpoints Statistics
................................................................................................................834Viewing
the RSA Key Details
.................................................................................................................836
WIPS
Statistics..............................................................................................................................................837Viewing
Client Blacklist
..........................................................................................................................837Viewing
WIPS Event
Statistics...............................................................................................................838
Advanced WIPS
............................................................................................................................................839Viewing
General WIPS Statistics
...........................................................................................................839Viewing
Detected AP
Statistics..............................................................................................................840Viewing
Detected Clients
.......................................................................................................................841Viewing
Event History
............................................................................................................................842
Sensor Server
...............................................................................................................................................843Captive
Portal Statistics
................................................................................................................................844Network
Time
................................................................................................................................................845
Viewing NTP Status
...............................................................................................................................846Viewing
NTP Associations
.....................................................................................................................847
Wireless Client Statistics
......................................................................................................................................849Health
............................................................................................................................................................849Details
...........................................................................................................................................................852Traffic
............................................................................................................................................................854WMM
TSPEC................................................................................................................................................856Association
History........................................................................................................................................857Wireless
Mobility 5.4 Controller System Reference Guide
8
-
Graph
............................................................................................................................................................858
Appendix A: Customer
Support............................................................................................................861Registration
..........................................................................................................................................................861Documentation
.....................................................................................................................................................861
Appendix B: General Information
.........................................................................................................863Open
Source Software
Used................................................................................................................................863
Wireless Controller
........................................................................................................................................864AP4600,
........................................................................................................................................................866AP4600,
........................................................................................................................................................867
OSS
Licenses......................................................................................................................................................868GNU
General Public License 2.0
..................................................................................................................868
Preamble................................................................................................................................................868GNU
Lesser General Public License
2.1.......................................................................................................874BSD
Style
Licenses.......................................................................................................................................880MIT
License...................................................................................................................................................881WU-FTPD
License
........................................................................................................................................881Open
SSL License
........................................................................................................................................882ZLIB
License
.................................................................................................................................................884Open
LDAP Public
License...........................................................................................................................884Apache
License
2.0.......................................................................................................................................885Drop
Bear License
........................................................................................................................................888Sun
Community Source
License...................................................................................................................889Wireless
Mobility 5.4 Controller System Reference Guide
9
-
Wireless Mobility 5.4 Controller System Reference Guide
10
-
1
Wireless Mobility 5.4 Controlle
C H A P T E RAbout this GuideThis guide provides information on
using the Extreme Networks access point software to manage
supported Extreme Networks access points (Altitude 4700 Series and
Altitude 4500 series) in either Standalone AP or Virtual Controller
AP mode.
NOTE
Screens and windows pictured in this guide are samples and can
differ from actual screens.
Documentation SetThe documentation set for the Extreme Networks
Wireless Controllers is partitioned into the following guides to
provide information for specific user needs.
Altitude Access Point Installation Guide Describes the basic
hardware and configuration setup required to transition to a more
advanced configuration of the access point. The installation guide
is unique to the particular access point model purchased
Wireless Mobility 5.4 Access Point System Reference Guide
Describes the configuration of either a Standalone AP or Virtual
Controller AP using the access points initial setup wizard and
resident access point specific software.
Wireless Mobility 5.4 Controller System Reference Guide (this
guide) Describes the configuration of a Dependent mode AP using the
controller software.
Wireless Mobility 5.4 CLI Reference guide Describes the commands
supported by the Summit WM3000 Series Controllers and Altitude
Access Points that support a command line interface.
For information on managing a dependent mode AP in a controller
managed network, go to
http://www.extremenetworks.com/go/documentation.r System Reference
Guide
11
-
Chapter 1: About this GuideDocument ConventionsThe following
conventions are used in this document to draw your attention to
important information:
NOTE
Indicates tips or special requirements.
CAUTION
Indicates conditions that can cause equipment damage or data
loss.
WARNING!
Indicates a condition or procedure that could result in personal
injury or equipment damage.
Notational ConventionsThe following additional notational
conventions are used in this document:
Italic text is used to highlight the following:
- Screen names
- Menu items
- Button names on a screen.
Bullets () indicate:
- Action items
- Lists of alternatives
- Lists of required steps that are not necessarily
sequential
Sequential lists (e.g., those that describe step-by-step
procedures) appear as numbered lists. Wireless Mobility 5.4
Controller System Reference Guide
12
-
2
Wireless Mobility 5.4 Controlle
C H A P T E ROverviewThe Extreme Networks family of wireless
controllers with the 802.11n access points enable the centralized
distribution of high performance, secure, and resilient wireless
voice and data services to remote locations with the scalability
required to meet the needs of large distributed enterprises.
An Extreme Networks Summit controller provides a single platform
capable of delivering wireless voice and data inside and outside
the enterprise for small, medium, and large enterprise deployments.
Improve operational efficiency and reduce the cost of mobility with
a powerful comprehensive feature set including adaptive AP, which
delivers unmatched performance, security, reliability and
scalability to enable networks for business mobility at a low
TCO.
Summit wireless controllers provide local centralized management
and control of 802.11n access points and provide the necessary core
switching and routing to eliminate additional routing and switching
infrastructure.
802.11n is the next generation WLAN standard that provides
improved performance and coverage compared with previous 802.11
specifications. 802.11n provides enhancements to support throughput
up to 450 Mbps. With these enhancements, Extreme Networks' next
generation 802.11n access points offer client data-rates of up to
300Mbps.
About the Extreme Networks SoftwareAn Extreme Networks managed
network uses 802.11n access points and peer controllers to adapt to
the dynamic circumstances of their deployment environment. This
architecture provides a customized site-specific deployment,
supporting the best path and routes based on the user, location,
the application, and the best route available (both wireless and
wired). A managed network assures end-to-end quality, reliability,
and security without latency and performance degradation. A managed
network supports rapid application delivery, mixed-media
application optimization, and quality assurance.
Deploying a new Extreme Networks Wireless Mobility v5 network
does not require the replacement of an existing Extreme Networks
wireless infrastructure. This enables the simultaneous use of
existing architectures from Extreme Networks and other vendors,
even if those other architectures are centralized models. A
wireless network administrator can retain and optimize legacy
infrastructure while evolving to software version 5 as required.
Adaptive access points can operate in a dependent environment and
are field-upgradable. Controllers can be upgraded to the version 5
operating system with ease.r System Reference Guide
13
-
OverviewThe Extreme Networks architecture is designed for
802.11n networking. It leverages the best aspects of independent
and dependent architectures to create a smart network that meets
the connectivity, quality, and security needs of each user
deployment and their application requirements, based on the
availability of network resources, including wired networks.
By distributing intelligence and control between the wireless
controllers and access points, a managed network can route data
directly using the best path, as determined by factors including
the user, the location, the application, and available wireless and
wired resources. As a result, the additional load placed on the
wired network from 802.11n is significantly reduced, as traffic
does not require an unnecessary backhaul to a central
controller.
Within a managed network, up to 80% of the network traffic can
remain on the wireless mesh and never touch the wired network, so
the 802.11n load impact on the wired network is negligible. In
addition, latency and associated costs are reduced while
reliability and scalability are increased. A managed network
enables the creation of dynamic wireless traffic flows, so any
bottleneck is avoided and the destination is reached without
latency or performance degradation. This behavior delivers a
significantly better quality of experience for the end user.
The same distributed intelligence enables more resilience and
survivability because the access points keep users connected and
traffic flowing with full QoS, security, and mobility, even if the
connection to the wireless controller is interrupted due to a wired
network or backhaul problem.
Even when the network is fully operational, outside RF
interference sources or unbalanced wireless network loading can be
automatically corrected by the Smart RF system. Smart RF senses
interference or potential client connectivity problems and makes
the required changes to channel and access point radio power while
minimizing the impact to latency-sensitive applications like VoIP.
Using Smart RF, the managed network can continuously adjust access
point power and channel assignments for self-recovery if an AP
fails or a coverage hole is detected.
Additionally, integrated access point sensors in conjunction
with AirDefense Network Assurance alerts administrators of
interference and network coverage problems; this shortens response
times and boosts overall reliability and availability of the
managed network.
Network traffic optimization protects managed networks from
broadcast storms and minimizes congestion on the wired network.
These networks provide VLAN load balancing, WAN traffic shaping and
optimizations in dynamic host configuration protocol (DHCP)
responses and Internet group management protocol (IGMP) snooping
for multicast traffic flows in wired and wireless networks. Thus,
users benefit from an extremely reliable network that adapts to
meet their needs and delivers mixed-media applications.
Firmware and configuration updates are supported within the
managed network, from one access point to another, over the air or
wire, and can be centrally managed by the controller. Controllers
no longer need to push firmware and configurations to each
individual access point, thus reducing unnecessary network
congestion.
Extreme Networks uses Remote Authentication Dial-in User Service
(RADIUS) synchronization capabilities between the core and the
access layer. If the central authentication mechanism is not
available, users can authenticate with the controller local RADIUS
resources and continue network support with secure access.Wireless
Mobility 5.4 Controller System Reference Guide
14
-
3
Wireless Mobility 5.4 Controlle
C H A P T E RWeb UI OverviewExtreme Networks software contains a
Web User Interface (UI) that allows network administrators to
manage and view Extreme Networks wireless controller configuration,
settings, and status. The Graphical User Interface (GUI) allows
full control of all managed features.
Wireless controllers also include a Command Line Interface (CLI)
for managing and viewing settings, configuration and status. For
more information on the command line interface and a full list of
available commands, see the Controller CLI Reference Guide
available at
www.extremenetworks.com/go/documentation
For information on how to access and use the controller Web UI,
see:
Accessing the Web UI
Glossary of Icons Used
Accessing the Web UIExtreme Networks wireless controllers use a
Web UI that can be accessed using any supported web browser on a
client connected to the subnet where the Web UI is configured.
Browser and System RequirementsTo access the Web UI, a browser
supporting Flash Player 10 is recommended. The system accessing the
UI should have a minimum of 512Mb or RAM for the UI to display and
function properly. The UI is based on Flex and does not use Java as
its underlying framework.
The following browsers have been validated with the Web UI:
Firefox 3.6
Internet Explorer 7.x
Internet Explorer 8.xr System Reference Guide
15
-
Web UI OverviewNOTE
Throughout the Web UI leading and trailing spaces are not
allowed in any text fields. In addition, the ? character is not
supported in text fields.
Connecting to the Web UI1 Connect one end of an Ethernet cable
to any of the five LAN ports on the front of a WM3400 or
WM3411 controller, or to the management port on the front of a
WM3600 or WM3700 controller, and connect the other end to a
computer with a working Web browser.
2 Set the computer to use an IP address from 192.168.0.10 and
192.168.0.250 on the connected port. Set a subnet / network mask of
255.255.255.0.
3 Once the computer has an IP address, point the Web browser to:
https://192.168.0.1/ and the following login screen will
display.
4 Enter the default username admin in the Username field.
5 Enter the default password admin123 in the Password field.
6 Click the Login button to load the management interface.
If this is the first time the UI has been accessed, a dialogue
displays to begin an initial setup wizard. For more information on
using the initial setup wizard see Using the Initial Setup Wizard
on page 25.Wireless Mobility 5.4 Controller System Reference
Guide
16
-
Glossary of Icons UsedThe UI uses a number of icons used to
interact with the system, gather information, and obtain status for
the entities managed by the system. This chapter is a compendium of
the icons used. This chapter is organized as follows:
Global Icons
Dialog Box Icons
Table Icons
Status Icons
Configurable Objects
Configuration Objects
Configuration Operation Icons
Access Type Icons
Administrative Role Icons
Device Icons
Global IconsGlossary of Icons Used
This section lists global icons available throughout the
controller interface.
Logoff Select this icon to log out of the managed system. This
icon is always available and is located at the top right corner of
the UI.
Add Select this icon to add a row in a table. When selected, a
new row is created in the table or a dialog box displays where you
can enter values for a particular list.
Delete Select this icon to remove a row from a table. When
selected, the selected row is deleted.
More Information Select this icon to display a pop up with
supplementary information that may be available for an item.
Trash Select this icon to remove a row from a table. When
selected, the row is immediately deleted.Wireless Mobility 5.4
Controller System Reference Guide
17
-
Web UI OverviewDialog Box IconsGlossary of Icons Used
These icons indicate the current state of various controls in a
dialog. These icons enable you to gather, at a glance, the status
of all the controls in a dialog. The absence of any of these icons
next to a control indicates the value in that control has not been
modified from its last saved configuration.
Table IconsGlossary of Icons Used
The following override icons are status indicators for
transactions.
Create new policy Select this icon to create a new policy.
Policies define different configuration parameters that can be
applied to individual device configurations, device profiles and RF
Domains.
Edit policy Select this icon to edit an existing policy. To edit
a policy, select a policy and then this icon.
Entry Updated Indicates a value has been modified from its last
saved configuration.
Entry Update Indicates that an override has been applied to a
devices profile configuration.
Mandatory Field Indicates this control value is a mandatory
configuration item. You will not be allowed to proceed further
without providing all mandatory values in this dialog.
Error in Entry Indicates there is an error in a value entered in
this control. A small red popup provides a likely cause of the
error.
Table Row Overridden Indicates a change (profile configuration
override) has been made to a table row and the change will not be
implemented until saved. This icon represents a change from this
devices profile assigned configuration.
Table Row Added Indicates a new row has been added to a table
and the change is not implemented until saved. This icon represents
a change from this devices profile assigned configuration.Wireless
Mobility 5.4 Controller System Reference Guide
18
-
Status IconsGlossary of Icons Used
These icons indicate device status, operations on the wireless
controller or any other action that requires a status returned to
the user.
Configurable ObjectsGlossary of Icons Used
These icons represent configurable items within the controllers
UI.
Fatal Error States there is an error causing a managed device to
stop functioning.
Error Indicates an error exits requiring intervention. A managed
action has failed, but the error is not system wide.
Warning States a particular action has completed but errors were
detected that did not prevent the process from completing.
Intervention might still be required to resolve subsequent
warnings.
Success Indicates everything is well within the managed network
or a process has completed successfully without error.
Information This icon always precedes information displayed to
the user. This may be a progress marker for a particular process or
just a message from the system.
Device Configuration Represents a configuration file supporting
a device category (AP, wireless controller, etc.).
Provisioning Policy Represents a provisioning policy. Adoption
policies are a set of configuration parameters that define how APs
and wireless clients are adopted by a controller.
Critical Resource Policy States a critical resource policy has
been applied. Critical resources are those whose availability is
essential to the managed network. If any of these resources is
unavailable, an administrator is notified.
Wireless LANs States an action impacting a managed WLAN has
occurred.Wireless Mobility 5.4 Controller System Reference
Guide
19
-
Web UI OverviewWLAN QoS Policy States a Quality of Service
policy (QoS) configuration has been impacted.
Radio QoS Policy Indicates a radios QoS configuration has been
impacted.
AAA Policy Indicates an Authentication, Authorization and
Accounting (AAA) policy has been impacted. AAA policies define
RADIUS authentication and accounting parameters.
Association ACL Indicates an Access Control List (ACL)
configuration has been impacted. An ACL is a set of configuration
parameters either allowing or denying access to managed
resources.
Smart RF Policy States a Smart RF policy has been impacted.
Smart RF enables neighboring Access Point radios to take over for
an access point radio if it becomes unavailable. This is
accomplished by increasing the power of radios on nearby access
points to compensate for the coverage hole created by the
non-functioning access point.
Profile States a device profile configuration has been impacted.
A profile is a collection of configuration parameters used to
configure a device or a feature.
Bridging Policy Indicates a bridging policy configuration has
been impacted. A Bridging Policy defines which VLANs are bridged,
and how local VLANs are bridged between the wired and wireless
sides of the managed network.