Dell PowerConnect W-Airwave, AirWave Wireless Management Suite Configuration Manual
AirWave Wireless
Management Suite
Configuration Guide
Copyright
© 2010 Aruba Networks, Inc. AirWave®, Aruba Networks®, Aruba Mobility Management System®, Bluescanner, For Wireless That
Works®, Mobile Edge Architecture®, People Move. Networks Must Follow®, RFProtect®, The All Wireless Workplace Is Now Open For
Business, Green Island, and The Mobile Edge Company® are trademarks of Aruba Networks, Inc. All rights reserved. All other
trademarks are the property of their respective owners.
While every effort has been made to ensure technical accuracy, information in this document is subject to change without notice and
does not represent a commitment on the part of AirWave Wireless.
AirWave Wireless is not connected, affiliated or related to Airwave O2 Limited in any manner.
Open Source Code
Certain Aruba products include Open Source software code developed by third parties, including software code subject to the GNU
General Public License (GPL), GNU Lesser General Public License (LGPL), or other Open Source Licenses. The Open Source code
used can be found at this site:
http://www.arubanetworks.com/open_source
Legal Notice
The use of Aruba Networks, Inc. switching platforms and software, by all individuals or corporations, to terminate other vendors' VPN
client devices constitutes complete acceptance of liability by that individual or corporation for this action and indemnifies, in full, Aruba
Networks, Inc. from any and all legal actions that might be taken against it with respect to infringement of copyright on behalf of those
vendors.
Warranty
This hardware product is protected by the standard Aruba warranty of one year parts/labor. For more information, refer to the
ARUBACARE SERVICE AND SUPPORT TERMS AND CONDITIONS. Altering this device (such as painting it) voids the warranty.
www.arubanetworks.com
1344 Crossman Avenue
Sunnyvale, California 94089
Phone: 408.227.4500
Fax 408.227.4550
AirWave Wireless Management Suite | Configuration Guide 0510802-01 | September 2010
Contents
Preface.........................................................................................................................................7
Document Audience and Organization ........................................................................7
Related Documents ..................................................................................................... 7
Text Conventions .........................................................................................................8
Contacting AirWave Wireless and Aruba Networks.....................................................9
Chapter 1 Aruba Configuration in AWMS ...................................................................11
Introduction................................................................................................................11
Requirements, Restrictions, and AOS Support in AWMS .........................................12
Requirements.....................................................................................................................12
Restrictions........................................................................................................................12
AOS Support in AWMS......................................................................................................12
Overview of Aruba Configuration in AWMS...............................................................12
The Primary Pages of Aruba Configuration .......................................................................13
Device Setup > Aruba Configuration Page........................................................................13
Aruba AP Groups Section ..........................................................................................14
AP Overrides Section .................................................................................................15
WLANs Section...........................................................................................................16
Profiles Section...........................................................................................................16
Security Section..........................................................................................................17
Advanced Services Section........................................................................................ 18
Groups > Aruba Config Page.............................................................................................19
APs/Devices > List Page....................................................................................................19
APs/Devices > Manage Page ............................................................................................20
APs/Devices > Monitor Page.............................................................................................20
Groups > Basic Page.........................................................................................................21
Additional Concepts and Components of Aruba Configuration ................................21
Global Configuration and Scope .......................................................................................21
Embedded Profile Setup in Aruba Configuration...............................................................21
Controller Overrides...........................................................................................................22
Save, Save and Apply, and Revert Buttons.......................................................................23
Folders, Users, and Visibility..............................................................................................23
Additional Concepts and Benefits .....................................................................................23
Scheduling Configuration Changes............................................................................23
Auditing and Reviewing Configurations .....................................................................23
Licensing and Dependencies in Aruba Configuration ................................................24
Setting Up Initial Aruba Configuration .......................................................................24
Prerequisites...............................................................................................................24
Procedure ...................................................................................................................24
What Next? ........................................................................................................................30
Additional Capabilities of Aruba Configuration..................................................................31
Chapter 2 Using Aruba Configuration in Daily Operations........................................ 33
Introduction................................................................................................................33
General Aruba AP Groups Procedures and Guidelines .............................................34
General WLAN Procedures and Guidelines...............................................................37
AirWave Wireless Management Suite | Configuration Guide Contents | 3
Guidelines and Pages for Aruba AP Groups in Aruba Configuration ................................34
Selecting Aruba Controller Groups....................................................................................34
Configuring Aruba AP Groups ...........................................................................................34
What Next?.................................................................................................................36
Guidelines and Pages for WLANs in Aruba Configuration.................................................37
Configuring or Editing WLANs with Basic View.................................................................37
Configuring or Editing WLANs with Advanced View .........................................................38
General Profiles Guidelines........................................................................................ 39
General Controller Procedures and Guidelines ......................................................... 40
Using Master, Standby Master, and Local Controllers in Aruba Configuration ................ 40
Pushing Device Configurations to Controllers................................................................... 40
Supporting APs with Aruba Configuration................................................................. 41
AP Overrides Guidelines.................................................................................................... 41
Configuring or Editing AP Overrides.................................................................................. 41
Changing Adaptive Radio Management (ARM) Settings................................................... 42
Changing SSID and Encryption Settings........................................................................... 43
Changing the Aruba AP Group for an AP Device.............................................................. 43
Using AWMS to Deploy Aruba APs for the First Time....................................................... 43
Using General AWMS Device Groups and Folders........................................................... 45
Visibility in Aruba Configuration................................................................................. 45
Visibility Overview.............................................................................................................. 45
Defining Visibility for Aruba Configuration ......................................................................... 46
Appendix A Aruba Configuration Reference ................................................................. 49
Introduction................................................................................................................ 49
Aruba AP Groups Pages and Field Descriptions ....................................................... 53
Aruba AP Groups............................................................................................................... 53
AP Overrides Pages and Field Descriptions.............................................................. 57
AP Overrides...................................................................................................................... 57
WLAN Pages and Field Descriptions......................................................................... 62
Overview of WLANs in Aruba Configuration...................................................................... 62
WLANs...............................................................................................................................62
WLANs > Basic..................................................................................................................63
WLANs > Advanced .......................................................................................................... 64
Profiles Pages and Field Descriptions ....................................................................... 68
Understanding Aruba Configuration Profiles..................................................................... 68
Profiles > AAA.................................................................................................................... 69
Profiles > AAA.................................................................................................................... 70
Profiles > AAA > Captive Portal Auth ................................................................................ 71
Modifying the Initial User Role.................................................................................... 73
Profiles > AAA > Mac Auth ................................................................................................ 73
Profiles > AAA > Stateful 802.1X Auth............................................................................... 75
Profiles > AAA > Wired Auth.............................................................................................. 76
Profiles > AAA > VPN Auth................................................................................................ 76
Profiles > AAA > Management Auth.................................................................................. 77
Profiles > AAA > 802.1x Auth ............................................................................................ 78
Profiles > AAA > Stateful NTLM Auth................................................................................ 83
Profiles > AAA > WISPr Auth............................................................................................. 84
Profiles > AP...................................................................................................................... 86
Profiles > AP > System...................................................................................................... 86
Profiles > AP > Regulatory Domain................................................................................... 91
Profiles > AP > AP Wired................................................................................................... 92
Profiles > AP > AP Ethernet Link ....................................................................................... 94
Profiles > AP > SNMP ....................................................................................................... 94
Profiles > AP > SNMP > SNMP User ................................................................................ 95
Aruba Controller Traps ......................................................................................................96
Access Point/Air Monitor Traps.................................................................................. 97
Profiles > IDS..................................................................................................................... 98
Profiles > IDS > General ..................................................................................................101
Profiles > IDS > Signature Matching ............................................................................... 102
Profiles > IDS > Signature Matching > Signatures..........................................................103
Profiles > IDS > Denial of Service.................................................................................... 103
Profiles > IDS > Denial of Service > Rate Threshold ....................................................... 106
Profiles > IDS > Impersonation........................................................................................ 108
Profiles > IDS > Unauthorized Device .............................................................................109
Profiles > Mesh................................................................................................................ 112
Profiles > Mesh > Radio .................................................................................................. 112
Profiles > Mesh > Radio > Mesh HT SSID ...................................................................... 114
4 |Contents AirWave Wireless Management Suite | Configuration Guide
Profiles > Mesh > Cluster ................................................................................................116
Profiles > QoS..................................................................................................................117
Profiles > QoS > Traffic Management .............................................................................117
Profiles > QoS > VoIP Call Admission Control ................................................................118
Profiles > QoS > WMM Traffic Management...................................................................121
Profiles > RF ....................................................................................................................122
Profiles > RF > 802.11a/g Radio......................................................................................122
Profiles > RF > 802.11a/g Radio > ARM..........................................................................124
Profiles > RF > 802.11a/g Radio > High-Throughput (HT) Radio....................................128
Profiles > RF > Event Thresholds ....................................................................................129
Profiles > RF > Optimization............................................................................................130
Profiles > SSID.................................................................................................................132
Profiles > SSID > EDCA AP .............................................................................................134
Profiles > SSID > EDCA AP .............................................................................................138
Profiles > SSID > EDCA Station.......................................................................................140
Profiles > SSID > HT SSID...............................................................................................144
Profiles > SSID > 802.11K ...............................................................................................145
Security Pages and Field Descriptions ....................................................................147
Security > User Roles ......................................................................................................148
Security > User Roles > BW Contracts ...........................................................................150
Security > User Roles > VPN Dialers...............................................................................151
Security > Policies ...........................................................................................................153
Security > Policies > Destinations ...................................................................................154
Security > Policies > Services .........................................................................................155
Security > Server Groups ................................................................................................156
Server Groups Page Overview ................................................................................. 156
Supported Servers....................................................................................................156
Adding a New Server Group.....................................................................................157
Security > Server Groups > LDAP...................................................................................158
Security > Server Groups > RADIUS...............................................................................160
Security > Server Groups > TACACS..............................................................................160
Security > Server Groups > Internal ................................................................................161
Security > Server Groups > XML API ..............................................................................162
Security > Server Groups > RFC 3576............................................................................164
Security > Server Groups > Windows .............................................................................164
Security > TACACS Accounting ......................................................................................166
Security > Time Ranges...................................................................................................166
Security > User Rules ......................................................................................................167
Advanced Services Pages and Field Descriptions ..................................................168
Overview of IP Mobility Domains.....................................................................................168
Advanced Services > IP Mobility.....................................................................................170
Advanced Services > IP Mobility > Mobility Domain.......................................................173
Advanced Services > VPN Services................................................................................174
Advanced Services > VPN Services > IKE ......................................................................175
Advanced Services > VPN Services > L2TP....................................................................176
Advanced Services > VPN Services > PPTP...................................................................178
Advanced Services > VPN Services > IPSEC..................................................................179
Advanced Services > VPN Services > IPSEC > Dynamic Map.......................................180
Advanced Services > VPN Services > IPSEC > Dynamic Map > Transform Set ............ 181
Groups > Aruba Config Page and Section Information ...........................................182
Index...................................................................................................................................185
AirWave Wireless Management Suite | Configuration Guide Contents | 5
6 |Contents AirWave Wireless Management Suite | Configuration Guide
Preface
Document Audience and Organization
This configuration guide is intended for wireless network administrators and helpdesk personnel who
deploy ArubaOS (AOS) on the network and wish to manage it with the AirWave Wireless Management Suite
(AWMS). AWMS Versions 6.3 and later support Aruba Configuration. This document provides instructions
for using Aruba Configuration and contains the following chapters:
Table 1 Document Organization and Purposes
Chapter Description
Chapter 1, “Aruba Configuration in AWMS” Introduces the concepts, components, navigation, and initial
setup of Aruba Configuration.
Chapter 2, “Using Aruba Configuration in Daily
Operations”
Appendix A, “Aruba Configuration Reference” Provides an encyclopedic reference to the fields, settings, and
Provides a series of procedures for configuring, modifying, and
using Aruba Configuration once initial setup is complete. This
chapter is oriented around the most common tasks in Aruba
Configuration.
default values of all Aruba Configuration components, to include a
few additional procedures supporting more advanced
configurations.
Related Documents
The following documentation supports the AirWave Wireless Management Suite:
ArubaOS Documentation
z AOS User Guide
AirWave Wireless Management Suite / AirWave Management Platform
z Release Notes for the AirWave Wireless Management Suite
z AirWave Wireless Management Suite Knowledge Base
z AWMS Quick Start Guide
z AWMS User Guide
z Aruba Configuration Guide (this document)
z Supported APs/Devices
z Supported Firmware Versions
VisualRF
z Release Notes for the AirWave Wireless VisualRF Module
z Overview Page
z User Guide
AirWave Wireless Management Suite | Configuration Guide Preface | 7
RAPIDS
z Overview Page
z AirWave Management Client User Guide
z Download AirWave Management Client
Best Practice Guides
z Aruba and AirWave Best Practices Guide
z Choosing the Right Server Hardware
z Helpdesk Guide: Troubleshooting WLAN Issues
z Converting Cisco IOS APs to LWAPP
Interfacing With AWMS
z AWMS Integration Matrix
z State and Statistical XML API Documentation
z Location XML API Documentation
NMS Integration
z See AMP Setup NMS
z Download AWMS Trap MIB
z AWMS/NMS Integration Guide
AMPWatch Widget
z AMPWatch is a widget for the Yahoo! Widget Engine
z Download AMPWatch
Text Conventions
The following conventions are used throughout this manual to emphasize important concepts:
Table 2 Text Conventions
Type Style Description
Italics This style is used to emphasize important terms and to mark the titles of books.
GUI components Bold, sans-serif font indicates that the AWMS GUI displays this item exactly as cited in
body text.
System items This fixed-width font depicts the following:
z Sample screen output
z System prompts
z Filenames, software devices, and specific commands when mentioned in the text
Commands In the command examples, this bold font depicts text that you must type exactly as
This document uses the following notice icons to emphasize advisories for certain actions, configurations,
or concepts:
8 | Preface AirWave Wireless Management Suite | AWMS Version 7.1
shown.
NOTE
Indicates helpful suggestions, pertinent information, and important things to remember.
!
CAUTION
Indicates a risk of damage to your hardware or loss of data.
Contacting AirWave Wireless and Aruba Networks
Online Contact and Support
Main Website http://www.airwave.com
Email Contact
z AirWave Wireless Sales sales@airwave.com
z AirWave Wireless Technical Support support@airwave.com
z Aruba Networks general information info@arubanetworks.com
z Aruba Networks Sales sales@arubanetworks.com
z Aruba Networks Technical Support in the Americas
support@arubanetworks.com
and APAC
z Aruba Networks Technical Support in the EMEA emea_support@arubanetworks.com
z WSIRT Email—Please email details of any security
wsirt@arubanetworks.com
problem found in an AirWave or Aruba product.
Telephone Contact and Support
AirWave Wireless Corporate Headquarters +1 (408) 227-4500
FAX +1 (408) 227-4550
Support
z United States 800-WI-FI-LAN (800-943-4526)
z Universal Free Phone Service Number (UIFN):
Australia, Canada, China, France, Germany, Hong
Kong, Ireland, Israel, Japan, Korea, Singapore, South
Africa, Taiwan, and the UK.
z All Other Countries +1 (408) 754-1200
+800-4WIFI-LAN (+800-49434-526)
AirWave Wireless Management Suite |AWMS Version 7.1 Preface | 9
10 | Preface AirWave Wireless Management Suite | AWMS Version 7.1
Chapter 1
NOTE
Aruba Configuration in AWMS
Introduction
ArubaOS (AOS) is the operating system, software suite, and application engine that operates Aruba mobility
controllers and centralizes control over the entire mobile environment. The AOS Wizards, the AOS
command-line interface (CLI), and the AOS WebUI are the primary means by which to configure and deploy
AOS. For a complete description of AOS, refer to the ArubaOS User Guide for your release.
The Aruba Configuration feature in the AirWave Wireless Management Suite consolidates AOS
configuration and pushes global Aruba configurations from one utility. This chapter introduces the
components and initial setup of Aruba Configuration with the following topics:
Requirements, Restrictions, and AOS Support in AWMS
z Requirements
z Restrictions
z AOS Support in AWMS
Overview of Aruba Configuration in AWMS
z The Primary Pages of Aruba Configuration
z Device Setup > Aruba Configuration Page
Aruba AP Groups Section
AP Overrides Section
WLANs Section
Profiles Section
Security Section
Advanced Services Section
z Groups > Aruba Config Page
z APs/Devices > List Page
z APs/Devices > Manage Page
z APs/Devices > Monitor Page
z Groups > Basic Page
Additional Concepts and Components of Aruba Configuration
z Global Configuration and Scope
z Embedded Profile Setup in Aruba Configuration
z Controller Overrides
z Save, Save and Apply, and Revert Buttons
z Folders, Users, and Visibility
z Additional Concepts and Benefits
Setting Up Initial Aruba Configuration
AWMS supports Aruba AP Groups, and these are distinct and must not be confused with standard AWMS Device
Groups. This document provides information about the configuration and use of Aruba AP Groups, and describes
how Aruba AP Groups interoperate with standard AWMS Device Groups.
AirWave Wireless Management Suite | Configuration Guide Aruba Configuration in AWMS | 11
Requirements, Restrictions, and AOS Support in AWMS
NOTE
Requirements
Aruba Configuration has the following requirements in AWMS:
z AWMS 6.3 or a later AWMS version must be installed and operational on the network.
z Aruba Controllers on the network must have AOS installed and operational.
z Ensure you have Telnet/SSH credentials (configuration only) and the “enable” password (configuration
only). Without proper Telnet/SSH credentials a user is not able to fetch the running configuration, nor
acquire license and serial information from controllers.
Restrictions
Aruba Configuration has the following restrictions in AWMS:
z At the present time, Aruba Configuration in AWMS does not support every AOS Network component.
AWMS supports only
z Future versions of AWMS will support additional AOS features, to include Aruba AP Group and Profile
distribution from the Master Console.
AOS Support in AWMS
IP Mobility and VLANs in the Advanced Services section, for example.
Refer also to “Using AWMS to Deploy Aruba APs for the First Time” on page39.
AWMS users can choose between the existing template-based configuration and new GUI-based configuration
for Aruba devices on firmware 3.3.2.10 and greater. Upon upgrading to AWMS, groups with all devices in
monitor-only mode will automatically use the GUI-based configuration.
z Only global configuration is supported; AWMS can work in a master-local or an all-master configuration.
z Configuration changes are pushed to the controller via SSH with no reboot required.
z All settings for Profiles, Aruba AP Groups, Servers and Roles are supported, as is the AOS WLAN Wizard
(basic view). Controller IP addresses, VLANs and interfaces are not supported, nor are Advanced
Services with the exception of VPN and IP Mobility.
z AWMS now understands AOS license dependencies.
z You can provision thin APs from the AP/Devices > Manage page. You can move APs into Aruba AP
Groups
z You can configure AP names as AP Overrides on the Device Setup > Aruba Configuration page.
z Support for AOS GUI configuration via global groups and the AWMS Master Console will be added in a
from the Modify These Devices option on the APs/Devices > List page.
future release.
Changes to dependency between the AMP group and folders help customers who want to use the folder
structure to manage configuration; however, users are now be able to see (but not access) group and folder
paths for which they do not have permissions.
For more detailed information about this feature, as well as steps for transition from template-based
configuration to web-based configuration, refer to additional chapters in this user guide. For known issues
and details on the AOS version supported by each release, refer to the AWMS Release Notes.
Overview of Aruba Configuration in AWMS
This section describes the Device Setup > Aruba Configuration page and all additional pages in AWMS that
support Aruba Configuration.
12 | Aruba Configuration in AWMS AirWave Wireless Management Suite | Configuration Guide
The Primary Pages of Aruba Configuration
AWMS supports Aruba Configuration with the following pages:
z Device Setup > Aruba Configuration Page—deploys and maintains Aruba Configuration in AWMS. This
page supports several sections, as follows:
Aruba AP Groups Section
AP Overrides Section
WLANs Section
Profiles Section
Security Section
Advanced Services Section
z Groups > Aruba Config Page—manages Aruba AP group and other controller-wide settings defined on
the
Device Setup > Aruba Configuration page.
z APs/Devices > List Page—modifies or reboots all devices, including Aruba devices deployed with Aruba
Configuration.
z APs/Devices > Manage Page—supports device-level settings and changes in AWMS as a whole.
z APs/Devices > Monitor Page—supports device-level monitoring in AWMS as a whole.
z Groups > Basic Page—enables Aruba Configuration in the AWMS GUI and displays preferences for
Aruba and other devices.
Device Setup > Aruba Configuration Page
This page, shown in Figure 1, uses an expandable navigation pane to support Aruba AP Groups, AP
Overrides, WLANs, Profiles, Security, and Advanced Services.
AirWave Wireless Management Suite | Configuration Guide Aruba Configuration in AWMS | 13
Figure 1 Device Setup > Aruba Configuration Navigation Pane (Contracted and Expanded)
NOTE
Only Aruba AP Groups, AP Overrides, and WLANs contain custom-created items in the navigation pane.
The navigation pane can be used as follows:
z Any portion with a plus sign (+) expands with a click to display additional contents.
z Any portion of the navigation tree can be contracted by clicking the contract sign (-).
z You can display the Edit or Details page for any component with a single click.
Aruba AP Groups Section
An Aruba AP Group is a collection of configuration profiles that define specific settings on Aruba
controllers and the devices that they govern. An Aruba AP Group references multiple configuration profiles,
and in turn links to multiple WLANs.
Navigate to the
of this page.
14 | Aruba Configuration in AWMS AirWave Wireless Management Suite | Configuration Guide
Device Setup > Aruba Configuration > Aruba AP Groups page. Figure 2 illustrates one example
Figure 2 Device Setup > Aruba Configuration > Aruba AP Groups Navigation
Aruba AP Groups are not to be confused with conventional AWMS device groups. AWMS supports both
group types and both are viewable on the
Groups > List page when so configured.
Aruba AP Groups have the following characteristics:
z Aruba AP Groups are global, and any Aruba controller can support multiple Aruba AP Groups.
z Aruba AP Groups are assigned to folders, and folders define visibility. Using conventional AWMS folders
to define visibility, Aruba AP Groups can provide visibility to some or many components while blocking
visibility to other users for more sensitive components, such as SSIDs. Navigate to the
Users pages to
define folder visibility, and refer to “Visibility in Aruba Configuration” on page41.
z You can import a controller configuration file from ArubaOS for Aruba AP Group deployment in AWMS.
For additional information, refer to the following sections in this document:
z “Setting Up Initial Aruba Configuration” on page24
z “General Aruba AP Groups Procedures and Guidelines” on page30
AP Overrides Section
The second major component of Aruba Configuration is the AP Overrides page, appearing immediately
below
Aruba AP Groups in the Navigation Pane. Figure 3 illustrates this location and access:
Figure 3 Device Setup > Aruba Configuration > AP Overrides Navigation
AP Overrides operate as follows in Aruba Configuration:
z Custom-created AP Overrides appear in the Aruba Configuration navigation pane, as illustrated in Figure 3.
AirWave Wireless Management Suite | Configuration Guide Aruba Configuration in AWMS | 15
z Aruba controllers and AP devices operate in Aruba AP Groups that define shared parameters for all
devices in those groups. The
Device Setup > Aruba Configuration > Aruba AP Groups page displays all
current Aruba AP groups.
z AP Override allows you to change some parameters for any specific device without having to create an
Aruba AP group per AP.
z The name of any AP Override should be the same as the name of the device to which it applies.
This establishes the basis of all linking to that device.
z Once you have created an AP Override for a device in a group, you specify the WLANs to be included and
excluded.
z For additional information about how to configure and use AP Overrides, refer to these topics:
“AP Overrides Guidelines” on page37
“Configuring or Editing AP Overrides” on page37
“AP Overrides Pages and Field Descriptions” on page52
WLANs Section
Access WLANs with Device Setup > Aruba Configuration > WLANs, illustrated in Figure 4.
Figure 4 Device Setup > Aruba Configuration > WLANs Navigation
The following concepts govern the use of WLANs in Aruba Configuration:
z WLANs are the same as virtual AP configuration profiles.
z WLAN profiles contain several diverse settings to include SSIDs, referenced Aruba AP Groups, Traffic
Management
profiles, and device Folders.
This document describes WLAN configuration in the following section and chapter:
z “Setting Up Initial Aruba Configuration” on page24
z “General WLAN Procedures and Guidelines” on page33
z “WLAN Pages and Field Descriptions” on page56
Profiles Section
Profiles provide a way to organize and deploy groups of configurations for Aruba AP Groups, WLANs, and
other profiles. Profiles are assigned to folders; this establishes visibility to Aruba AP Groups and WLAN
settings. Access
16 | Aruba Configuration in AWMS AirWave Wireless Management Suite | Configuration Guide
Profiles with Device Setup > Aruba Configuration > Profiles, illustrated in Figure 5.
Figure 5 Device Setup > Aruba Configuration > Profiles Navigation
Profiles are organized by type in Aruba Configuration. Custom-named profiles do not appear in the
navigation pane as do custom-named Aruba AP Groups, WLANs, and AP Overrides.
For additional information about profile procedures and guidelines, refer to the following sections in this
document:
z “Setting Up Initial Aruba Configuration” on page24
z “General Profiles Guidelines” on page35
z “Profiles Pages and Field Descriptions” on page62
Security Section
The Security section displays, adds, edits, or deletes security profiles in multiple categories, to include user
roles, policies, rules, and servers such as RADIUS, TACACS+, and LDAP servers. Navigate to Security with
the
Device Setup > Aruba Configuration > Security path, illustrated in Figure 6.
AirWave Wireless Management Suite | Configuration Guide Aruba Configuration in AWMS | 17
Figure 6 Device Setup > Aruba Configuration > Security Navigation
The following general guidelines apply to
z Roles can have multiple policies; each policy can have numerous roles.
z Server groups are comprised of servers and rules. Security rules apply in Aruba
Security profiles in Aruba configuration:
Configuration in the same way as deployed in AOS.
For additional information about Security, refer to “Security Pages and Field
Descriptions” on page138.
Advanced Services Section
Navigate to Advanced Services with the Device Setup > Aruba Configuration > Advanced Services path. The
Advanced Services section includes IP Mobility and VPN Services. Figure 7 illustrates this navigation and
the components.
Figure 7 Device Setup > Aruba Configuration > Advanced Services Navigation
For additional information about IP Mobility and VPN Services, refer to “Advanced Services Pages and Field
Descriptions” on page157.
18 | Aruba Configuration in AWMS AirWave Wireless Management Suite | Configuration Guide
Groups > Aruba Config Page
This focused submenu page displays and edits all configured Aruba AP groups, with the following factors:
z Aruba AP Groups must be defined from the Device Setup > Aruba Configuration page before they are
visible on the
z Use this page to select the Aruba AP Groups that you push to controllers.
z Use this page to associate a standard device group to one or more Aruba AP Groups.
z From this page, you can select other profiles that are defined on the controller, like an internal server.
Figure 8 Groups > Aruba Config Page Illustration
Groups > Aruba Config page.
APs/Devices > List Page
This page supports devices in all of AWMS. This page supports controller reboot, controller re-provisioning,
and changing Aruba AP groups. Select
AirWave Wireless Management Suite | Configuration Guide Aruba Configuration in AWMS | 19
Modify Devices to configure thin AP settings.
Figure 9 APs/Devices List Page Illustration (Partial Display)
APs/Devices > Manage Page
This page configures device-level settings, including Manage mode that enables pushing configurations to
controllers. For additional information, refer to “Pushing Device Configurations to Controllers” on page36.
Figure 10 APs/Devices > Manage Page Illustration (Partial Display)
APs/Devices > Monitor Page
Used in conjunction with the Manage page, the Monitor page enables review of device-level settings. This
page is large and often contains a great amount of information, to include the following sections:
z Status information
z User and Bandwidth flash graphs
z CPU Utilization and Memory Utilization flash graphs
z APs Managed by this Controller (when viewing a controller)
20 | Aruba Configuration in AWMS AirWave Wireless Management Suite | Configuration Guide
z Alert Summary
z Recent Events
z Audit Log
For additional information, refer to “Pushing Device Configurations to Controllers” on page36.
Groups > Basic Page
The Groups > Basic page deploys the following aspects of Aruba Configuration:
z This page contains a new Aruba GUI Config field. Use this page and field to make the Device Setup >
Aruba Config
z Use this page to control which device settings appear on the Groups pages.
z If you are using Aruba firmware prior to version 3.0, you should disable Aruba GUI configuration from
the
Groups > Basic page and use template-based configuration.
page visible. This page is enabled by default in AWMS.
Refer to Figure 14 for an illustration of this page.
Additional Concepts and Components of Aruba Configuration
Aruba Configuration emphasizes the following components and network management concepts:
z Global Configuration and Scope
z Embedded Profile Setup in Aruba Configuration
z Controller Overrides
z Save, Save and Apply, and Revert Buttons
z Folders, Users, and Visibility
z Additional Concepts and Benefits
Global Configuration and Scope
Aruba Configuration supports AOS as follows:
z AWMS supports global configuration from both a master-local controller deployment and an all-master
controller deployment:
In a master-local controller deployment, AOS is the agent that pushes global configurations from
master controllers to local controllers. AWMS supports this AOS functionality.
In an all-master-controller scenario, every master controller operates independent of other master
controllers. AWMS provides the ability to push configuration to all master controllers in this
scenario.
z AWMS Aruba Configuration supports AOS profiles, Aruba AP Profiles, Servers, and User Roles.
For additional information about these and additional functions, refer to “General Controller Procedures
and Guidelines” on page36.
Embedded Profile Setup in Aruba Configuration
AWMS allows you to add or reconfigure many configuration profiles while guiding you through a larger
configuration sequence for an Aruba AP Group or WLAN. Consider the following example:
z When you create a new Aruba AP Group from the Device Setup > Aruba Configuration page, the
Referenced Profile section appears as shown in Figure 11:
AirWave Wireless Management Suite | Configuration Guide Aruba Configuration in AWMS | 21
Figure 11 Embedded Profile Configuration for an Aruba AP Group
z Click the Add icon (the plus symbol) at right to add a referenced profile. Once you Save or Save and
Apply that profile, AWMS automatically returns you to the original Aruba AP Group configuration page.
z This embedded configuration is also supported on the Additional Aruba Profiles section of the
Groups > Aruba Config page.
Controller Overrides
You can create controller overrides for entire profiles or a specific profile setting per profile. This allows
you to avoid creating new profiles or Aruba AP Groups that differ by one more settings. Controller
overrides can be added from the controller's Manage page.
22 | Aruba Configuration in AWMS AirWave Wireless Management Suite | Configuration Guide
Figure 12 Overriding a Controller Profile
Save, Save and Apply, and Revert Buttons
Several Add or Detail pages in Aruba Configuration include the Save, Save and Apply, and Revert buttons.
These buttons function as follows:
z Save—This button saves a configuration but does not apply it, allowing you to return to complete or apply
the configuration at a later time. If you use this button, you may see the following alert on other Aruba
Configuration pages. You can apply the configuration when all changes are complete at a later time.
Figure 13 Unapplied Aruba Configuration Changes Message
z Save and Apply —This button saves and applies the configuration with reference to Manage and Monitor
modes. For example, you must click
devices immediately if the controller is in
Save and Apply for a configuration profile to propagate to all
Manage mode. If you have devices in Monitor mode, AWMS
compares the current device configuration with the new desired configuration. For additional
information and instructions about using
Manage and Monitor modes, refer to “Pushing Device
Configurations to Controllers” on page36.
z Revert—This button cancels out of a new configuration or reverts back to the last saved configuration.
Folders, Users, and Visibility
Access and edit folders and visibility using the Folder column on the Groups > Aruba Config page. Profiles
and Aruba AP Groups are assigned to folders. Folders allow you to set the visibility for controller
information, and to set read/write privileges as required.
z As one example, it may be necessary to provide AWMS users with RF radio parameters while restricting
access to SSID profiles.
Additional Concepts and Benefits
Scheduling Configuration Changes
You can schedule deployment of Aruba Configuration to minimize impact on network performance. For
example, configuration changes can be accumulated over time by using
Monitor mode, then pushing all configuration changes at one time by putting devices in Manage mode. Refer
to “Pushing Device Configurations to Controllers” on page36.
Save and Apply for devices in
AWMS pushes configuration settings that are defined in the GUI to the Aruba Controllers as a set of CLI
commands using Secure Shell (SSH). No controller reboot is required.
Auditing and Reviewing Configurations
AWMS supports auditing or reviewing in these ways.
AirWave Wireless Management Suite | Configuration Guide Aruba Configuration in AWMS | 23
1. You can review the AOS running configuration file. This is configuration information that AWMS reads
from the device. In template-based configuration, you can review the running configuration file when
working on a related template.
2. You can use the
3. Once you audit your controller, you can click
APs/Devices > Audit page for device-specific auditing.
Import from the APs/Devices > Audit page to reverse all of
the profiles on the controller.
Licensing and Dependencies in Aruba Configuration
You can review your current licensing status with the Licensing link on the APs/Devices > Monitor page.
AWMS requires that you have a policy enforcement firewall license always installed on all Aruba
controllers. If you push a policy to a controller without this license, a
and the controller will show as
Mismatched on AWMS pages that reflect device configuration status.
Good configuration will not result,
Aruba Configuration includes several settings or functions that are dependent on special licenses. The user
interface conveys that a special license is required for any such setting, function, or profile. AWMS does not
push such configurations when a license related to those configurations is unavailable. For details on the
licenses required by a specific version of ArubaOS, refer to the ArubaOS User Guide for that release.
Setting Up Initial Aruba Configuration
This section describes how to deploy an initial setup of Aruba Configuration in AWMS 6.4 or later versions.
Prerequisites
z Complete the AWMS upgrade to AWMS 6.4 or later. Refer to “Related Documents” on page7 for
installation or upgrade documents. Upon upgrade to AWMS Version 6.4 or later, Aruba Configuration is
enabled by default in groups with devices in monitor-only mode and AOS firmware of 3.3.2.10 or greater.
z Back up your ArubaOS controller configuration file. Information about backing AWMS is available in the
AWMS User Guide in the “Performing Daily Operations in AWMS” chapter.
Procedure
Perform the following steps to deploy Aruba Configuration when at least one Aruba AP Group currently
exists on at least one Aruba controller on the network:
1. On the
This configuration defines optional group display options. This step is not critical to setup, and default
settings will support groups appropriate for Aruba Configuration. One important setting on this page is
the
Groups > Basic page, enable device preferences for Aruba devices. Figure 14 illustrates this page.
Aruba GUI Config option. Ensure that setting is Yes, which is the default setting.
24 | Aruba Configuration in AWMS AirWave Wireless Management Suite | Configuration Guide
Figure 14 Groups > Basic Page Illustration (Partial Display)
!
CAUTION
NOTE
2. Authorize Aruba controllers into the AMP Group.
When authorizing the first controller onto a group, you must add the device in monitor-only mode. Otherwise,
AWMS removes the configuration of the controller before you have a chance to import the configuration, and this
would remove critical network configuration and status.
Aruba Configuration is enabled by default in AWMS.
3. Navigate to the
AP/s/Devices > Audit page for the first controller to prepare for importing an existing
Aruba controller configuration file. Figure 15 illustrates the information available on this page if the
device is mismatched.
Figure 15 APs/Devices > Audit Page Illustration
AirWave Wireless Management Suite | Configuration Guide Aruba Configuration in AWMS | 25
If the page reports a device mismatch, the page will display an Import button that allows you to import
the Aruba controller settings from an Aruba Controller that has already been configured. To import the
complete configuration from the controller (including any unreferenced profiles) select the Include
unreferenced profiles checkbox. If you unselect the checkbox, AMP will delete the unreferenced
profiles/AP Groups on the controller when it imports that configuration.
Importing this configuration creates all the Profiles and Aruba AP Groups on the
Configuration
Aruba Config
page. This action also adds and selects the Aruba AP Groups that appear on the Groups >
page.
Device Setup > Aruba
The folder for all the Profiles and Aruba AP Groups is set to the top folder of the AWMS user who
imports the configuration. This folder is
Top in the case of managing administrators with read/write
privileges.
4. After configuration file import is complete, navigate to the
This page displays a list of APs authorized on the AMP that are using the Aruba AP Group.
The User Role is the Aruba User Role used in firewall settings. For additional information, refer to
Device Setup > Aruba Configuration page.
“Security > User Roles” on page139.
The Folder column cites the visibility level to devices in each Aruba AP Group. For additional
information, refer to “Visibility in Aruba Configuration” on page41.
5. Add or modify
a. Navigate to the
Aruba AP Groups as required.
Device Setup > Aruba Configuration > Aruba AP Groups page, illustrated in Figure 16.
Figure 16 Device Setup > Aruba Configuration > Aruba AP Groups Page
a. Click
Add from the Aruba AP Groups page to create a new Aruba AP Group. To edit an Aruba AP
Group, click the pencil icon next to the group. The
appears. This page allows you to select the profiles to apply to the Aruba AP Group, and to select one
or more WLANs that support that Aruba AP Group. Figure 17 illustrates this page.
26 | Aruba Configuration in AWMS AirWave Wireless Management Suite | Configuration Guide
Details page for the Aruba AP Group group
Figure 17 Device Setup > Aruba Configuration > Aruba AP Groups > Add/Edit Details Page
The following section of this configuration guide provide additional information about configuring
Aruba AP Groups:
“General Aruba AP Groups Procedures and Guidelines” on page30
6. Add or edit WLANs in Aruba Configuration as required.
a. Navigate to
Device Setup > Aruba Configuration > WLANs page. This page can display all WLANs
currently configured, or can display only selected WLANs.
b. Click
Add to create a new WLAN, or click the pencil icon to edit an existing WLAN.
You can add or edit WLANs in one of two ways, as follows:
Basic—This display is essentially the same as the AOS Wizard View on the Aruba controller. This
page does not require in-depth knowledge of the profiles that define the Aruba AP Group.
Advanced—This display allows you to select individual profiles that define the WLAN and
associated Aruba AP Group. This page requires in-depth knowledge of all profiles and their
respective settings.
The following sections of this configuration guide provide additional information and illustrations for
configuring WLANs:
“General WLAN Procedures and Guidelines” on page33
“WLAN Pages and Field Descriptions” on page56
AirWave Wireless Management Suite | Configuration Guide Aruba Configuration in AWMS | 27
7. Add or edit Aruba Configuration Profiles as required.
a. Navigate to
Device Setup > Aruba Configuration > Profiles section of the navigation pane.
b. You must select the type of profile to configure:
c. Click
Add from any of these specific profile pages to create a new profile, or click the pencil icon to
AAA, AP, Controller, IDS, Mesh, QoS, RF, or SSID.
edit an existing profile.
Most profiles in AWMS are similar to the
primary difference in AWMS is that
All Profiles display in the Aruba Controller WebUI. The
AAA and SSID profiles are not listed under the Wireless LAN
column as the controller.
d. Save changes to each element as you proceed through profile and WLAN configuration.
All other settings supported on Aruba controllers can be defined on the
Configuration
page. The following section in this document provides additional information about
Device Setup > Aruba
configuring profiles:
“General Profiles Guidelines” on page35
8. Provision multiple Aruba AP Groups on one or more controllers by putting the controllers into an AMP
group and configuring that group to use the selected Aruba AP Groups. Configure such Aruba AP
Groups settings on the
Group > Aruba Config page. The following section of this document provides
additional information:
“General Aruba AP Groups Procedures and Guidelines” on page30
9. As required, add or edit AP devices. The following section of this document has additional information:
“Supporting APs with Aruba Configuration” on page37
10. Each AP can be assigned to a single Aruba AP Group. Make sure to choose an AP Group that has been
configured on that controller using that controller's AMP Group. Use the
Devices
syslocation, and syscontact on the
field and the APs/Devices > Manage page. You can create or edit settings such as the AP name,
APs/Devices > Manage page. For additional information, refer to
APs/Devices > List, Modify
“Supporting APs with Aruba Configuration” on page37.
28 | Aruba Configuration in AWMS AirWave Wireless Management Suite | Configuration Guide
Figure 18 APs/Devices > Manage Page Illustration (Partial Display)
11. Navigate to the
APs/Devices > Audit page for the controller to view mismatched settings. This page
provides links to display additional and current configurations. You can display all mismatched devices
by navigating to the
APs/Devices > Mismatched page.
AirWave Wireless Management Suite | Configuration Guide Aruba Configuration in AWMS | 29
Figure 19 APs/Devices > Audit Page Illustration (Partial Display)
Figure 20 APs/Devices > Mismatched Page Illustration
What Next?
After initial AOS deployment with the Aruba Configuration feature, you can make many additional
configurations or continue with maintenance tasks, such as with the following examples:
30 | Aruba Configuration in AWMS AirWave Wireless Management Suite | Configuration Guide
Loading...