How it Works
Brocade
Loading...
Mobility RFS Controller System
Reference Guide
1017 pgs14.4 Mb0
Table of contents
Loading...

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01 20 January 2014
Brocade Mobility RFS Controller
®
System Reference Guide
Supporting software release 5.5.0.0 and later
Copyright © 2014 Brocade Communications Systems, Inc. All Rights Reserved.
Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government.
The authors and Brocade Communications Systems, Inc. shall have no liability or responsibility to any person or entity with respect to any loss, cost, liability, or damages arising from the information contained in this book or the computer programs that accompany it.
The product described by this document may contain “open source” software covered by the GNU General Public License or other open source license agreements. To find out which open source software is included in Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of the programming source code, please visit http://www.brocade.com/support/oscd.
Brocade Communications Systems, Incorporated
Corporate and Latin American Headquarters Brocade Communications Systems, Inc. 130 Holger Way San Jose, CA 95134 Tel: 1-408-333-8000 Fax: 1-408-333-8101 E-mail: info@brocade.com
European Headquarters Brocade Communications Switzerland Sàrl Centre Swissair Tour B - 4ème étage 29, Route de l'Aéroport Case Postale 105 CH-1215 Genève 15 Switzerland Tel: +41 22 799 5640 Fax: +41 22 799 5641 E-mail: emea-info@brocade.com
Asia-Pacific Headquarters Brocade Communications Systems China HK, Ltd. No. 1 Guanghua Road Chao Yang District Units 2718 and 2818 Beijing 100020, China Tel: +8610 6588 8888 Fax: +8610 6588 9999 E-mail: china-info@brocade.com
Asia-Pacific Headquarters Brocade Communications Systems Co., Ltd. (Shenzhen WFOE) Citic Plaza No. 233 Tian He Road North Unit 1308 – 13th Floor Guangzhou, China Tel: +8620 3891 2000 Fax: +8620 3891 2111 E-mail: china-info@brocade.com
Document History
Title Publication number Summary of changes Date
Brocade Mobility RFS Controller System Reference Guide
53-1003099-01 New Additions for software
version 5.5.0.0
January 2014
Contents
About This Document
Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . . xiii
Document conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii
Text formatting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii
Notes, cautions, and warnings . . . . . . . . . . . . . . . . . . . . . . . . . . xiv
Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv
Getting technical help. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv
Chapter 1 Overview
Chapter 2 Web Features
Accessing the Web UI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Browser and System Requirements . . . . . . . . . . . . . . . . . . . . . . . 3
Connecting to the Web UI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Glossary of Icons Used . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Global Icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Dialog Box Icons. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Table Icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Status Icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Configurable Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Configuration Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Configuration Operation Icons . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Access Type Icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10
Administrative Role Icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
Device Icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12
Chapter 3 Quick Start
Using the Initial Setup Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
Chapter 4 Dashboard
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
Device Listing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
System Screen. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
Inventory. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27
RF Domain Screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
RF Domain Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
RF Domain Inventory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Brocade Mobility RFS Controller System Reference Guide v 53-1003099-01
Controller . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
Controller Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
Controller Inventory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35
Access Point Screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37
Access Point Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Access Point Inventory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Network View. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
Chapter 5 Device Configuration
Basic Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Basic Device Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45
License Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Assigning Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Certificate Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
RSA Key Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Certificate Creation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .66
Generating a Certificate Signing Request . . . . . . . . . . . . . . . . .67
Port Mirroring (NX4524 and NX6524 Service Platforms only). . . . .69
RF Domain Overrides . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Wired 802.1x Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77
Profile Overrides . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78
Cluster Configuration Overrides (Controllers and Service Platforms
Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80
Access Point Radio Power Overrides (Access Points Only) . . . .82
Access Point Adoption Overrides (Access Points Only) . . . . . . . 85
Adoption Overrides (Controllers Only). . . . . . . . . . . . . . . . . . . . .87
Profile Interface Override Configuration. . . . . . . . . . . . . . . . . . .90
Overriding a Profile’s Network Configuration . . . . . . . . . . . . . .130
Overriding a Profile’s Security Configuration . . . . . . . . . . . . . .183
Overriding a Profile’s VRRP Configuration . . . . . . . . . . . . . . . .208
Overriding a Profile’s Critical Resource Configuration. . . . . . .212
Overriding a Profile’s Services Configuration. . . . . . . . . . . . . .215
Overriding a Profile’s Management Configuration. . . . . . . . . . 217
Overriding a Profile’s Mesh Point Configuration . . . . . . . . . . .224
Overriding a Profile’s Environmental Sensor Configuration (BR1240
Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .232
Overriding a Profile’s Advanced Configuration. . . . . . . . . . . . .233
Auto Provisioning Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .242
Configuring an Auto Provisioning Policy . . . . . . . . . . . . . . . . . .244
Managing an Event Policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .248
Managing MINT Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .248
Chapter 6 Wireless Configuration
vi Brocade Mobility RFS Controller System Reference Guide
53-1003099-01
Wireless LAN Policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252
Basic WLAN Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . .254
Configuring WLAN Security . . . . . . . . . . . . . . . . . . . . . . . . . . . .256
Configuring WLAN Firewall Support . . . . . . . . . . . . . . . . . . . . .275
Configuring Client Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . .281
Configuring WLAN Accounting Settings . . . . . . . . . . . . . . . . . .284
Configuring WLAN Service Monitoring Settings. . . . . . . . . . . .285
Configuring Client Load Balancing Settings . . . . . . . . . . . . . . .287
Configuring Advanced WLAN Settings . . . . . . . . . . . . . . . . . . .288
Configuring Auto Shutdown Settings . . . . . . . . . . . . . . . . . . . .292
Configuring WLAN QoS Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . .293
Configuring a WLAN’s QoS WMM Settings. . . . . . . . . . . . . . . .296
Configuring Rate Limit Settings . . . . . . . . . . . . . . . . . . . . . . . .300
Configuring Multimedia Optimizations . . . . . . . . . . . . . . . . . . .305
Radio QoS Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .307
Configuring Radio QoS Policies. . . . . . . . . . . . . . . . . . . . . . . . .309
Radio QoS Configuration and Deployment Considerations . .316
Association ACL. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .316
Association ACL Deployment Considerations . . . . . . . . . . . . .318
Smart RF Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318
Smart RF Configuration and Deployment Considerations . . .329
MeshConnex Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .330
Mesh QoS Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .335
Passpoint Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .342
Chapter 7 Network Configuration
L2TP V3 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .345
AAA Policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .348
AAA TACACS Policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .357
Network Alias. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .367
Network Basic Alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .368
Network Group Alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371
Network Service Alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .373
Network Deployment Considerations . . . . . . . . . . . . . . . . . . . . . . . 376
Chapter 8 Profile Configuration
General Profile Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .380
General Profile Configuration and Deployment Considerations382
Profile Cluster Configuration (Controllers and Service Platforms Only)383
Cluster Profile Configuration and Deployment Considerations384
Profile Adoption Configuration (APs Only) . . . . . . . . . . . . . . . . . . . .385
Profile Adoption Configuration (Controllers Only) . . . . . . . . . . . . . .387
Profile 80.21x Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .390
Brocade Mobility RFS Controller System Reference Guide vii 53-1003099-01
Profile Interface Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . .391
Ethernet Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . .391
Virtual Interface Configuration . . . . . . . . . . . . . . . . . . . . . . . . .399
Port Channel Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . .403
VM Interface Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
Access Point Radio Configuration. . . . . . . . . . . . . . . . . . . . . . .415
WAN Backhaul Configuration . . . . . . . . . . . . . . . . . . . . . . . . . .424
PPPoE Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .426
Profile Interface Deployment Considerations . . . . . . . . . . . . .428
Profile Network Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . .429
Setting a Profile’s DNS Configuration. . . . . . . . . . . . . . . . . . . .429
ARP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .431
L2TPV3 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .432
GRE Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .440
IGMP Snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .442
Quality of Service (QoS) Configuration . . . . . . . . . . . . . . . . . . .444
Spanning Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .445
Routing Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .448
Dynamic Routing (OSPF) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .449
Forwarding Database. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .458
Bridge VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .459
Cisco Discovery Protocol Configuration . . . . . . . . . . . . . . . . . .464
Link Layer Discovery Protocol Configuration . . . . . . . . . . . . . .465
Miscellaneous Network Configuration . . . . . . . . . . . . . . . . . . .466
Profile Alias Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . .467
Profile Network Configuration and Deployment Considerations475
Profile Security Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476
Defining Security Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476
Setting the Certificate Revocation List (CRL) Configuration . .478
Setting the Profile’s VPN Configuration . . . . . . . . . . . . . . . . . .479
Setting the Profile’s Auto IPSec Tunnel Configuration. . . . . . .493
Setting the Profile’s NAT Configuration . . . . . . . . . . . . . . . . . .494
Bridge NAT Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . .502
Profile Security Configuration and Deployment Considerations505
VRRP Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .506
Critical Resources Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 510
Profile Services Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 513
Profile Services Configuration and Deployment Considerations515
Profile Management Configuration . . . . . . . . . . . . . . . . . . . . . . . . .515
Profile Management Configuration and Deployment Considerations 521
Mesh Point Profile Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . .521
Vehicle Mounted Modem (VMM) Deployment Considerations529
Setting a Profile’s Environmental Sensor Configuration (BR1240 Only) 530
viii Brocade Mobility RFS Controller System Reference Guide
53-1003099-01
Advanced Profile Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . .531
Client Load Balance Configuration . . . . . . . . . . . . . . . . . . . . . .532
Configuring MINT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .535
Advanced Profile Miscellaneous Configuration . . . . . . . . . . . .540
Chapter 9 Rf Domain Configuration
Managing RF Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .544
RF Domain Basic Configuration . . . . . . . . . . . . . . . . . . . . . . . .546
RF Domain Sensor Configuration . . . . . . . . . . . . . . . . . . . . . . .549
RF Client Name Configuration. . . . . . . . . . . . . . . . . . . . . . . . . .550
RF Domain Overrides. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .551
RF Domain Network Alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . .554
RF Domain Deployment Considerations . . . . . . . . . . . . . . . . .562
Chapter 10 Security Configuration
Wireless Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .565
Configuring a Firewall Policy . . . . . . . . . . . . . . . . . . . . . . . . . . .566
Configuring MAC Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . .575
Firewall Deployment Considerations . . . . . . . . . . . . . . . . . . . .578
Configuring IP Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .578
Setting an IP Firewall Policy. . . . . . . . . . . . . . . . . . . . . . . . . . . .579
Wireless Client Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .582
Configuring a Client’s Role Policy . . . . . . . . . . . . . . . . . . . . . . .582
Device Fingerprinting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .592
Intrusion Prevention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .597
Configuring a WIPS Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . .597
Configuring an Advanced WIPS Policy . . . . . . . . . . . . . . . . . . .606
Configuring a WIPS Device Categorization Policy . . . . . . . . . .610
Intrusion Detection Deployment Considerations. . . . . . . . . . .612
Chapter 11 Services Configuration
Configuring Captive Portal Policies . . . . . . . . . . . . . . . . . . . . . . . . .613
Configuring a Captive Portal Policy. . . . . . . . . . . . . . . . . . . . . .613
Creating DNS Whitelists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .622
Captive Portal Deployment Considerations . . . . . . . . . . . . . . .624
Setting the DHCP Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . .625
Defining DHCP Pools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .626
Defining DHCP Server Global Settings . . . . . . . . . . . . . . . . . . .633
DHCP Class Policy Configuration . . . . . . . . . . . . . . . . . . . . . . .635
DHCP Deployment Considerations . . . . . . . . . . . . . . . . . . . . . .636
Setting the RADIUS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . .637
Creating RADIUS Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .637
Defining User Pools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .640
Configuring RADIUS Server Policies . . . . . . . . . . . . . . . . . . . . .643
RADIUS Deployment Considerations . . . . . . . . . . . . . . . . . . . .653
Brocade Mobility RFS Controller System Reference Guide ix 53-1003099-01
Smart Caching. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .653
Basic Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .655
HTTP Access Rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .658
Cache Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .661
Aging Rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .663
URL Lists. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .666
Chapter 12 Management Access
Viewing Management Access Policies . . . . . . . . . . . . . . . . . . . . . . .669
Adding or Editing a Management Access Policy . . . . . . . . . . . 671
Hierarchal Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .683
Management Access Deployment Considerations . . . . . . . . . . . . .687
Chapter 13 Diagnostics
Fault Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .689
Crash Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .693
Advanced Diagnostics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .694
UI Debugging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .694
Chapter 14 Operations
Device Operations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .697
Operations Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .698
Device Upgrades . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .700
Using the File Management Browser . . . . . . . . . . . . . . . . . . . .705
Restarting Adopted APs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .708
Captive Portal Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 710
RAID Operations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .713
Re-elect Controller . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 715
Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 716
Certificate Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 716
RSA Key Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .724
Certificate Creation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .729
Generating a Certificate Signing Request . . . . . . . . . . . . . . . .730
Smart RF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .732
Managing Smart RF for an RF Domain. . . . . . . . . . . . . . . . . . .733
Chapter 15 Statistics
System Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .737
Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .738
Inventory. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .739
Adopted Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 741
Pending Adoptions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 742
Offline Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .743
Device Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .745
Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .746
x Brocade Mobility RFS Controller System Reference Guide
53-1003099-01
RF Domain Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .748
Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 749
Inventory. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .752
Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .754
AP Detection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .755
Wireless Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .756
Device Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .758
Wireless LANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .759
Radios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .760
Mesh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 764
Mesh Point . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 765
SMART RF. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .784
WIPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .789
Captive Portal. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .791
Controller Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .792
Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .794
Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .796
Cluster Peers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .799
Device Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .800
Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .801
Adoption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .802
AP Detection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .805
Wireless Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .806
Wireless LANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .808
Policy Based Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .809
Radios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .810
Mesh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .813
Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .814
RAID Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .819
Power Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .821
PPPoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .823
OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .825
L2TPv3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .836
VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .837
Critical Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .839
LDAP Agent Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .840
GRE Tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .841
Dot1x. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .842
Network. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .844
DHCP Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .852
Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .855
VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .863
Viewing Certificate Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . .866
WIPS Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .869
Advanced WIPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .871
Sensor Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .875
Captive Portal Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .876
Network Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .877
Smart Caching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .880
Brocade Mobility RFS Controller System Reference Guide xi 53-1003099-01
Access Point Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .885
Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .886
Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .888
Device Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .891
Adoption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .892
AP Detection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .896
Wireless Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .897
Wireless LANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .899
Policy Based Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .900
Radios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .902
Mesh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .906
Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .907
RTLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 911
PPPoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .913
OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .914
L2TPv3 Tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .924
VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .926
Critical Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .928
LDAP Agent Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .929
GRE Tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .930
Dot1x. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .931
Network. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .933
DHCP Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .941
Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .945
VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .953
Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .955
WIPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .958
Sensor Servers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .960
Captive Portal. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .961
Network Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .962
Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .965
Environmental Sensors (BR1240 Models Only) . . . . . . . . . . .966
Wireless Client Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 971
Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 971
Details. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 974
Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .977
WMM TSPEC. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .979
Association History. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .980
Graph . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .981
Analytics Developer Interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .982
Download REST API Toolkit . . . . . . . . . . . . . . . . . . . . . . . . . . . .983
API Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .985
Chapter 16 Analytics
System Analytics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .991
RF Domain Analytics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .997
Wireless Controller Analytics . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1001
Access Point Analytics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1002
Analytic Event Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1004
xii Brocade Mobility RFS Controller System Reference Guide
53-1003099-01

About This Document

Supported hardware and software

This manual supports the following Access Point, controller and service platform models:
Wireless Controllers – Brocade Mobility RFS4000, Brocade Mobility RFS6000, Brocade
Mobility RFS7000
Service Platforms - Brocade Mobility RFS9510
Access Points – Brocade Mobility 650 Access Point, Brocade Mobility 6511 Access Point,
Brocade Mobility 1220 Access Point, Brocade Mobility 7131 Access Point, Brocade Mobility 1240 Access Point

Document conventions

This section describes text formatting conventions and important notice formats used in this document.

Text formatting

The narrative-text formatting conventions that are used are as follows:
bold text Identifies command names
Identifies the names of user-manipulated GUI elements
Identifies keywords
Identifies text to enter at the GUI or CLI
italic text Provides emphasis
Identifies variables
Identifies document titles
code text Identifies CLI output
For readability, command names in the narrative portions of this guide are presented in mixed lettercase: for example, controllerShow. In actual examples, command lettercase is often all lowercase. Otherwise, this manual specifically notes those cases in which a command is case sensitive.
Brocade Mobility RFS Controller System Reference Guide xiii 53-1003099-01

Notes, cautions, and warnings

NOTE
CAUTION
DANGER
The following notices and statements are used in this manual. They are listed below in order of increasing severity of potential hazards.
A note provides a tip, guidance or advice, emphasizes important information, or provides a reference to related information.
A Caution statement alerts you to situations that can be potentially hazardous to you or cause damage to hardware, firmware, software, or data.
A Danger statement indicates conditions or situations that can be potentially lethal or extremely hazardous to you. Safety labels are also attached directly to products to warn of these conditions or situations.

Related publications

The following Brocade Communications Systems, Inc. documents supplement the information in this guide and can be located at http://www.brocade.com/ethernetproducts.
Brocade Mobility RFS Controller System Reference Guide
(this document) - Describes configuration of the Brocade wireless controllers using the Web UI.
Brocade Mobility RFS Controller CLI Reference Guide - Describes the Command Line Interface
(CLI) and Management Information Base (MIB) commands used to configure the Brocade controllers.
If you find errors in the guide, send an e-mail to documentation@brocade.com.

Getting technical help

To contact Technical Support, go to http://www.brocade.com/services-support/index.page for the latest e-mail and telephone contact information.
xiv Brocade Mobility RFS Controller System Reference Guide
53-1003099-01
Chapter

Overview

1
Brocade’ family of Access Points, RFS series controllers and service platforms provide a centralized distribution of high performance, secure and resilient wireless voice and data services to remote locations with the scalability required to meet the needs of large distributed enterprises.
Brocade controllers and service platforms provide a single platform capable of delivering wireless voice and data inside and outside the enterprise for small, medium and large enterprise deployments. Improve operational efficiency and reduce the cost of mobility with a powerful comprehensive feature set including adaptive AP, which delivers unmatched performance, security, reliability and scalability to enable networks for business mobility at a low cost of ownership.
Controllers and service platforms provide local centralized management and control of 802.11n Access Points. The Access Points themselves provide the necessary core switching and routing needed to eliminate additional routing and switching infrastructure.
802.11n is the next generation WLAN standard that provides improved performance and coverage compared with previous 802.11 specifications. 802.11n provides enhancements to support throughput up to 450 Mbps. With these enhancements Brocade' next generation 802.11n Access Points offer client data-rates of up to 300Mbps.
The network uses 802.11n Access Points and peer controllers and service platforms to adapt to the dynamic circumstances of their deployment environment. The architecture provides a customized site-specific deployment, supporting the best path and routes based on the user, location, the application and the best route available (both wireless and wired). Brocade Mobility managed network assures end-to-end quality, reliability and security without latency and performance degradation. The network supports rapid application delivery, mixed-media application optimization and quality assurance.
Deploying a new Brocade Mobility managed network does not require the replacement of an existing Brocade wireless infrastructure. Mobility enables the simultaneous use of existing architectures from Brocade and other vendors, even if those other architectures are centralized models. A wireless network administrator can retain and optimize legacy infrastructure while evolving to Mobility as required. Adaptive Access Points can operate in a dependent environment and are field-upgradable.
The Brocade Mobility architecture is designed for 802.11n networking. It leverages the best aspects of independent and dependent architectures to create a smart network that meets the connectivity, quality and security needs of each user deployment and their application requirements, based on the availability of network resources, including wired networks.
By distributing intelligence and control between the wireless controllers and Access Points, a Mobility managed network can route data directly using the best path, as determined by factors including the user, the location, the application and available wireless and wired resources. As a result, the additional load placed on the wired network from 802.11n is significantly reduced, as traffic does not require an unnecessary backhaul to a central controller.
Brocade Mobility RFS Controller System Reference Guide 1 53-1003099-01
1
Within a Mobility managed network, up to 80% of the network traffic can remain on the wireless mesh, and never touch the wired network, so the 802.11n load impact on the wired network is negligible. In addition, latency and associated costs are reduced while reliability and scalability are increased. A Mobility managed network enables the creation of dynamic wireless traffic flows, so any bottleneck is avoided, and the destination is reached without latency or performance degradation. This behavior delivers a significantly better quality of experience for the end user.
The same distributed intelligence enables more resilience and survivability, since the Access Points keep users connected and traffic flowing with full QoS, security and mobility even if the connection is interrupted due to a wired network or backhaul problem.
Even when the network is fully operational, outside RF interference sources or unbalanced wireless network loading can be automatically corrected by Smart RF. Smart RF senses interference or potential client connectivity problems and makes the required changes to the operating channel and Access Point radio power while minimizing the impact to latency sensitive applications like VoIP. Using Smart RF, the network can continuously adjust Access Point power and channel assignments for self-recovery if a radio fails or a coverage hole is detected.
Additionally, integrated Access Point sensors, in conjunction with AirDefense Network Assurance, alert administrators of interference and network coverage problems, which shortens response times and boosts overall reliability and availability of the network.
Network traffic optimization protects networks from broadcast storms and minimizes congestion on the wired side of the network. Mobility networks provide VLAN load balancing, WAN traffic shaping and optimizations in dynamic host configuration protocol (DHCP) responses and Internet group management protocol (IGMP) snooping for multicast traffic flows in wired and wireless networks. Thus, administrators and users both benefit from an extremely reliable network that adapts to meet their needs while delivering mixed-media applications.
Firmware and configuration updates are supported from one Access Point to another, over the air or wire, and can be centrally managed. Controllers no longer need to push firmware and configurations to each individual Access Point, reducing unnecessary network congestion.
Mobility uses Remote Authentication Dial-in User Service (RADIUS) synchronization capabilities between the core and the access layer. If the central authentication mechanism is not available, users can authenticate using local RADIUS resources, and continue network support with secure access.
2 Brocade Mobility RFS Controller System Reference Guide
53-1003099-01
Chapter
NOTE

Web Features

The Brocade Mobility software contains a Web UI allowing network administrators to manage and view Access Point, controller and service platform settings, configuration data and status. This Graphical User Interface (GUI) allows full control of all administration features.
Access Points, controllers and service platforms also share a Command Line Interface (CLI) for managing and viewing settings, configuration and status. For more information on the command line interface and a full list of available commands, see the Brocade Wireless Services CLI Reference Guide available at
http://supportcentral.motorolasolutions.com/support/product/manuals.do
For information on how to access and use the Web UI, see:
Accessing the Web UI
Glossary of Icons Used

Accessing the Web UI

2
Brocade Access Points, controllers and service platforms use a UI accessed using any supported Web browser on a client connected to the subnet the Web UI is configured on.

Browser and System Requirements

To access the UI, a browser supporting Flash Player 11 is required. The system accessing the GUI should have a minimum of 512Mb or RAM for the UI to display and function properly. The Mobility UI is based on Flex, and does not use Java as its underlying framework.
The following browsers are required to access the Mobility Web UI:
Firefox 3.5 or higher
Internet Explorer 7 or higher
Google Chrome
Throughout the Web UI leading and trailing spaces are not allowed in any text fields. In addition, the “?” character is also not supported in text fields.

Connecting to the Web UI

Connect one end of an Ethernet cable to a LAN port on the front of the controller or service platform and connect the other end to a computer with a working Web browser.
Set the computer to use an IP address between 192.168.0.10 and 192.168.0.250 on the connected port. Set a subnet/network mask of 255.255.255.0.
Brocade Mobility RFS Controller System Reference Guide 3 53-1003099-01
2
Once the computer has an IP address, point the Web browser to: https://192.168.0.1/ and the following login screen will display.
FIGURE 1 Web UI Login Screen
Enter the default username admin in the Username field.
Enter the default password admin123 in the Password field.
Click the Login button to load the management interface.
If this is the first time the UI has been accessed, a dialogue displays to begin an initial setup wizard. For more information on using the initial setup wizard see Using the Initial
Setup Wizard.

Glossary of Icons Used

The UI uses a number of icons used to interact with the system, gather information, and obtain status for the entities managed by the system. This chapter is a compendium of the icons used. This chapter is organized as follows:
Global Icons
Dialog Box Icons
Table I c o n s
Status Icons
Configurable Objects
Configuration Objects
Configuration Operation Icons
Access Type Icons
Administrative Role Icons
Device Icons
4 Brocade Mobility RFS Controller System Reference Guide
53-1003099-01

Global Icons

Glossary of Icons Used
This section lists global icons available throughout the interface.
Logout– Select this icon to log out of the system. This icon is always available and is located at the top right corner of the UI.
Add – Select this icon to add a row in a table. When selected, a new row is created in the table or a dialog box displays where you can enter values for a particular list.
Delete – Select this icon to remove a row from a table. When selected, the selected row is deleted.
More Information – Select this icon to display a pop up with supplementary information that may be available for an item.
2

Dialog Box Icons

Glossary of Icons Used
Tra sh – Select this icon to remove a row from a table. When selected, the row is immediately
deleted.
Create new policy – Select this icon to create a new policy. Policies define different configuration parameters that can be applied to individual device configurations, profiles and RF Domains.
Edit policy – Select this icon to edit an existing configuration item or policy. To edit a policy, select a policy and this icon.
Brocade Mobility RFS Controller System Reference Guide 5 53-1003099-01
2
These icons indicate the current state of various controls in a dialog. These icons enables you to gather the status of all the controls in a dialog. The absence of any of these icons next to a control indicates the value in that control has not been modified from its last saved configuration.
Entry Updated – Indicates a value has been modified from its last saved configuration.
Entry Update – States that an override has been applied to a device profile
configuration.
Mandatory Field – Indicates this control value is a mandatory configuration item. You are not allowed to proceed further without providing all mandatory values in this dialog.
Error in Entry – Indicates there is an error in a supplied value. A small red popup provides a likely cause of the error.

Table Icons

Glossary of Icons Used
The following two override icons are status indicators for transactions:
Table Row Overridden – Indicates a change (profile configuration override) has been made to a table row and the change will not be implemented until saved. This icon represents a change from this device’s profile assigned configuration.
Table Row Added – Indicates a new row has been added to a table and the change is not implemented until saved. This icon represents a change from this device’s profile assigned configuration.

Status Icons

Glossary of Icons Used
6 Brocade Mobility RFS Controller System Reference Guide
53-1003099-01
2
These icons indicate device status, operations, or any other action that requires a status returned to the user.
Fatal Error – States there is an error causing a managed device to stop functioning.
Error – Indicates an error exits requiring intervention. An action has failed, but the error
is not system wide.
Warning – States a particular action has completed, but errors were detected that did not prevent the process from completing. Intervention might still be required to resolve subsequent warnings.
Success – Indicates everything is well within the network or a process has completed successfully without error.
Information – This icon always precedes information displayed to the user. This may either be a message displaying progress for a particular process, or just be a message from the system.

Configurable Objects

Glossary of Icons Used
These icons represent configurable items within the UI.
Device Configuration – Represents a configuration file supporting a device category (Access Point, wireless controller etc.).
Auto Provisioning Policy – Represents a provisioning policy. Provisioning policies are a set of configuration parameters that define how Access Points and wireless clients are adopted and their management configuration supplied.
Critical Resource Policy – States a critical resource policy has been applied. Critical resources are resources whose availability is essential to the network. If any of these resources is unavailable, an administrator is notified.
Wireless LANs – States an action impacting a managed WLAN has occurred.
WLAN QoS Policy – States a quality of service policy (QoS) configuration has been
impacted.
Brocade Mobility RFS Controller System Reference Guide 7 53-1003099-01
2
Radio QoS Policy – Indicates a radio’s QoS configuration has been impacted.
AAA Policy – Indicates an Authentication, Authorization and Accounting (AAA) policy
has been impacted. AAA policies define RADIUS authentication and accounting parameters.
Association ACL – Indicates an Access Control List (ACL) configuration has been impacted. An ACL is a set of configuration parameters either allowing or denying access to network resources.
Smart RF Policy – States a Smart RF policy has been impacted. Smart RF enables neighboring Access Point radios to take over for an Access Point radio if it becomes unavailable. This is accomplished by increasing the power of radios on nearby Access Points to compensate for the coverage hole created by the non-functioning Access Point.
Profile – States a device profile configuration has been impacted. A profile is a collection of configuration parameters used to configure a device or a feature.
Bridging Policy – Indicates a bridging policy configuration has been impacted. A bridging policy defines which VLANs are bridged, and how local VLANs are bridged between the wired and wireless sides of the network.
RF Domain – States an RF Domain configuration has been impacted.
Firewall Policy – Indicates a firewall policy has been impacted. Firewalls provide a
barrier that prevents unauthorized access to resources while allowing authorized access to external and internal resources.
IP Firewall Rules – Indicates an IP firewall rule has been applied. An IP based firewall rule implements restrictions based on the IP address in a received packet.
MAC Firewall Rules – States a MAC based firewall rule has been applied. A MAC based firewall rule implements network allowance restrictions based on the MAC address in a received data packet.
Wireless Client Role – Indicates a wireless client role has been applied to a managed client. The role could be either sensor or client.
WIPS Policy – States the conditions of a WIPS policy have been invoked. WIPS prevents unauthorized access to the network by checking for (and removing) rogue Access Points and wireless clients.
8 Brocade Mobility RFS Controller System Reference Guide
53-1003099-01
Advanced WIPS Policy – States the conditions of an advanced WIPS policy have been invoked.
Device Categorization – Indicates a device categorization policy has been applied. This is used by the intrusion prevention system to categorize Access Points or wireless clients as either sanctioned or unsanctioned devices. This enables devices to bypass the intrusion prevention system.
Captive Portals – States a captive portal is being applied. Captive portal is used to provide temporary controller, service platform or Access Point access to requesting wireless clients.
DNS Whitelist – A DNS whitelist is used in conjunction with captive portal to provide access to requesting wireless clients.
DHCP Server Policy – Indicates a DHCP ser ver policy is being applied. DHCP provides IP addresses to wireless clients. A DHCP server policy configures how DHCP provides IP addresses.
2
RADIUS Group – Indicates the configuration of RADIUS group has been defined and applied. A RADIUS group is a collection of RADIUS users with the same set of permissions.
RADIUS User Pools – States a RADIUS user pool has been applied. RADIUS user pools are a set of IP addresses that can be assigned to an authenticated RADIUS user.
RADIUS Server Policy – Indicates a RADIUS server policy has been applied. A RADIUS server policy is a set of configuration attributes used when a RADIUS server is configured for AAA.
Smart Caching Policy – Smart Caching enables NX4500 and NX6500 series service platforms to temporarily store frequently accessed Web content on network infrastructure devices.
Management Policy – Indicates a management policy has been applied. Management policies configure access control, authentication, traps and administrator permissions.

Configuration Objects

Glossary of Icons Used
Brocade Mobility RFS Controller System Reference Guide 9 53-1003099-01
2
These configuration icons are used to define the following:
Configuration – Indicates an item capable of being configured by an interface.
View Events / Event History – Defines a list of events. Click this icon to view events or
view the event history.
Core Snapshots – Indicates a core snapshot has been generated. A core snapshot is a file that records status events when a process fails on a wireless controller or Access Point.
Panic Snapshots – Indicates a panic snapshot has been generated. A panic snapshot is a file that records status when a wireless controller or Access Point fails without recovery.
UI Debugging – Select this icon/link to view current NETCONF messages.
View UI Logs – Select this icon/link to view the different logs generated by the UI, FLEX
and the error logs.

Configuration Operation Icons

Glossary of Icons Used
The following operations icons are used to define configuration operations:
Revert – When selected, any unsaved changes are reverted to their last saved configuration settings.
Commit – When selected, all changes made to the configuration are written to the system. Once committed, changes cannot be reverted.
Commit and Save – When selected, changes are saved to the configuration.

Access Type Icons

Glossary of Icons Used
10 Brocade Mobility RFS Controller System Reference Guide
53-1003099-01
The following icons display a user access type:
Web UI – Defines a Web UI access permission. A user with this permission is permitted to access an associated device’s Web UI.
Tel net – Defines a TELNET access permission. A user with this permission is permitted to access an associated device using TELNET.
SSH – Indicates a SSH access permission. A user with this permission is permitted to access an associated device using SSH.
Console – Indicates a console access permission. A user with this permission is permitted to access an associated device using the device’s serial console.

Administrative Role Icons

2
Glossary of Icons Used
The following icons identify the different administrative roles allowed on the system:
Superuser – Indicates superuser privileges. A superuser has complete access to all configuration aspects of the connected device.
System – States system user privileges. A system user is allowed to configure general settings, such as boot parameters, licenses, auto install, image upgrades etc.
Network – Indicates network user privileges. A network user is allowed to configure wired and wireless parameters, such as IP configuration, VLANs, L2/L3 security, WLANs and radios.
Security – Indicates security user privileges. A security level user is allowed to configure all security related parameters.
Brocade Mobility RFS Controller System Reference Guide 11 53-1003099-01
2
Monitor – Defines a monitor role. This role provides no configuration privileges. A user with this role can view the system configuration but cannot modify it.
Help Desk – Indicates help desk privileges. A help desk user is allowed to use troubleshooting tools like sniffers, execute service commands, view or retrieve logs and reboot the controller or service platform.
Web User – Indicates a web user privilege. A Web user is allowed accessing the device’s Web UI.

Device Icons

Glossary of Icons Used
The following icons represent the different device types managed by the system:
System – This icon represents the entire Mobility supported system, and all of its member controller, service platform or Access Points that may be interacting at any one time.
Cluster – This icon represents a cluster. A cluster is a set of wireless controllers or service platforms working collectively to provide redundancy and load sharing amongst its members.
Service Platform – This icon indicates an NX45xx, NX65xx or NX9000 series service platform that’s part of the managed network
Wireless Controller – This icon indicates a RFS6000 or a RFS7000 wireless controller that’s part of the managed network.
Wireless Controller – This icon indicates a RFS4000 wireless controller that’s part of the managed network.
Access Point – This icon lists any Access Point that’s part of the managed network.
Wireless Client – This icon defines any wireless client connection within the network.
12 Brocade Mobility RFS Controller System Reference Guide
53-1003099-01
Chapter

Quick Start

RFS4011 model controllers utilize an initial setup wizard to streamline getting on the network for the first time. This wizard configures location, network and WLAN settings and assists in the discovery of Access Points and their connected clients. For instructions on how to use the initial setup wizard, see Using the Initial Setup Wizard on page 3-13.

Using the Initial Setup Wizard

Once deployed and powered on, complete the following to get the controller or service platform up and running and access more advanced user interface functions:
1. Connect one end of an Ethernet cable to a port on the front of the controller or service platform, and connect the other end to a computer with a working Web browser.
2. Set the computer to use an IP address between 192.168.0.10 and 192.168.0.250 on the connected port. Set a subnet/network mask of 255.255.255.0.
3. Once the computer has an IP address, point the Web browser to: https://192.168.0.1/. The following login screen displays.
3
FIGURE 1 Web UI Login Screen
Enter the default username admin in the Username field.
4. Enter the default password admin123 in the Password field.
Select the preferred language to display for the graphical user interface (GUI).
Brocade Mobility RFS Controller System Reference Guide 13 53-1003099-01
3
NOTE
NOTE
5. Select the Login button to load the management interface.
When logging in for the first time, you are prompted to change the password to enhance device security in subsequent logins.
If you get disconnected when running the wizard, you can connect again and resume the wizard setup.\
FIGURE 2 Initial Setup Wizard - Introduction
The Introduction screen displays first (on the right-hand side of the screen), and lists the various actions that can be performed using the setup wizard.
The wizard displays a Navigation Panel on the left-hand side of each screen to assist the administrator in assessing which tasks still require completion before the RFS4011, NX4500 or NX6500 can be deployed.
14 Brocade Mobility RFS Controller System Reference Guide
53-1003099-01
FIGURE 3 Initial Setup Wizard - Navigation Panel
NOTE
A green checkmark to the left of an item in the Navigation Panel defines the task as having its minimum required configuration set correctly. A red X defines a task as still requiring at least one parameter be defined correctly.
Select Save/Commit within each page to save the updates made to that page's configuration. Select Next to proceed to the next page listed in the Navigation Panel. Select Back to revert to the previous screen in the Navigation Panel without saving your updates. Selecting Cancel closes the wizard without committing any updates.
3
While you can scroll to any page in the Navigation Panel at any time, you cannot complete the wizard until each task in the Navigation Panel has a green checkmark displayed to the left of the task.
6. Select Next. The wizard displays the Networking Mode screen to define routing or bridging functionality
.
Brocade Mobility RFS Controller System Reference Guide 15 53-1003099-01
3
FIGURE 4 Initial Setup Wizard - Networking Mode
7. Select one of the following network mode options:
Router Mode - In Router Mode, connected Access Points route traffic between the local
network (LAN) and the Internet or external network (WAN). Router mode is recommended in a deployment supported by just a single Access Point. When Router Mode is selected, an additional WAN screen is available in wizard screen flow to configure interface settings for an Access Point’s WAN port.
Bridge Mode - In Bridge Mode, connected Access Points depend on an external router for
routing LAN and WAN traffic. Routing is generally used on one device, whereas bridging is typically used in a larger network. Thus, select Bridge Mode when deploying numerous peer Access Points supporting clients on both the 2.4 and 5GHz radio bands.
Select Next. The wizard displays the LAN Configuration screen to set the LAN interface configuration.
16 Brocade Mobility RFS Controller System Reference Guide
53-1003099-01
3
FIGURE 5 Initial Setup Wizard - LAN Configuration
Set the following DHCP, Static IP Address/Subnet and VLAN information for the LAN interface:
Use DHCP - Select Use DHCP to enable an automatic network address configuration using
local DHCP server resources.
Static IP Address/Subnet - Enter an IP Address and a subnet for the LAN interface. If Use
DHCP is selected, this field is not available. When selecting this option, define the following DHCP Server and Domain Name Server (DNS) resources, as those fields are enabled on the bottom portion of the screen.
Use on-board DHCP server to assign IP addresses to wireless clients -Select this
option to enable the DHCP server to provide IP and DNS support to requesting clients on the LAN interface.
Range - Enter a starting and ending IP Address range for client assignments on the
LAN interface. Avoid assigning IP addresses from x.x.x.1 - x.x.x.10 and x.x.x.255, as they are often reserved for standard network services. This is a required parameter.
Default Gateway - Define a default an address for use with the default gateway. This is
a required parameter.
DNS Forwarding - Select this option to allow a DNS server to translate domain names into
IP addresses. If this option is not selected, a primary and secondary DNS resource must be specified. DNS forwarding is useful when a request for a domain name is made but the DNS server, responsible for converting the name into its corresponding IP address, cannot locate the matching IP address.
Brocade Mobility RFS Controller System Reference Guide 17 53-1003099-01
3
Primary DNS - Enter an IP Address for the main Domain Name Server providing DNS
services for the LAN interface.
Secondary DNS - Enter an IP Address for the backup Domain Name Server providing
DNS services for the LAN interface.
Use the spinner control to select a VLAN ID for the LAN Interface. Optionally select Advanced VLAN Configuration to populate the screen with additional VLAN parameters for the LAN interface.
Select Next. If Router was selected as the Access Point mode the wizard displays the WAN Configuration screen. If Bridge was selected, the wizard proceeds to the Wireless LAN Setting screen.
FIGURE 6 Initial Setup Wizard - WAN Configuration
Set the following DHCP and Static IP Address/Subnet information to define how traffic is routed between the local network (LAN) and the Internet or external network (WAN).
Use DHCP - Select Use DHCP to enable an automatic network address configuration using
local DHCP server resources.
Static IP Address/Subnet - Enter an IP Address/Subnet and gateway for the WAN interface.
These are required fields
Default Gateway -Enter an IP Address for the default gateway on the WAN interface. If
Use DHCP is enabled, this field is not configurable.
18 Brocade Mobility RFS Controller System Reference Guide
53-1003099-01
Loading...
+ 987 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use