Dell W-3200 User Manual

Dell PowerConnect

W-Series ArubaOS 6.1

User Guide

. Dell™, the DELL™ logo, and PowerConnect™ are

, Aruba Wireless Networks®, the

trademarks of Dell Inc.

Originated in the USA. All other trademarks are the property of their respective owners.

Open Source Code

Certain Aruba products include Open Source software code developed by third parties, including software code subject to the GNU General Public License (GPL), GNU Lesser General Public License (LGPL), or other Open Source Licenses. The Open Source code used can be found at this site:

http://www.arubanetworks.com/open_source

Legal Notice

The use of Aruba Networks, Inc. switching platforms and software, by all individuals or corporations, to terminate other vendors’ VPN client devices constitutes complete acceptance of liability by that individual or corporation for this action and indemnifies, in full, Aruba Networks, Inc. from any and all legal actions that might be taken against it with respect to infringement of copyright on behalf of those vendors.

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide 0510845-01 | June 2011

About this Guide ..................................................................................................................................................... 45

Audience............................................................................................................................................45

Fundamentals....................................................................................................................................45

WebUI.........................................................................................................................................45

CLI ............................................................................................................................................... 45

Related Documents..........................................................................................................................46

Conventions.......................................................................................................................................46

Contacting Support .......................................................................................................................... 47

Chapter 1 The Basic User-Centric Networks.................................................................................. 49

Configuring the User-Centric Network .........................................................................................49

Deployment and Configuration Tasks ...........................................................................................49

Deployment Scenario #1 ......................................................................................................... 50

Deployment Scenario #2 ......................................................................................................... 50

Deployment Scenario #3 ......................................................................................................... 51

Configuring the Controller...............................................................................................................52

Running the Initial Setup.........................................................................................................52

Connecting to the Controller after Initial Setup...................................................................53

Configuring a VLAN for Network Connection..............................................................................53

Creating and Updating a VLAN ..............................................................................................54

Viewing Existing VLAN IDs .............................................................................................54

Creating, Updating, and Deleting VLAN Pools.....................................................................54

Adding existing VLAN IDs to a VLAN Pool in the CLI .................................................54

Assigning and Configuring the Trunk Port ...........................................................................55

In the WebUI .....................................................................................................................55

In the CLI............................................................................................................................ 55

Configuring the Default Gateway...........................................................................................55

In the WebUI .....................................................................................................................55

In the CLI............................................................................................................................ 56

Configuring the Loopback for the Controller........................................................................56

In the WebUI ....................................................................................................................56

In the CLI............................................................................................................................ 56

Configuring the System Clock ................................................................................................57

Installing Licenses....................................................................................................................57

Connecting the Controller to the Network ...........................................................................57

Additional Configuration.................................................................................................................. 57

Chapter 2 Network Parameters......................................................................................................... 59

Configuring VLANs ...........................................................................................................................59

Creating and Updating VLANs................................................................................................59

Using the WebUI .............................................................................................................. 59

Using CLI............................................................................................................................ 60

Create a Bulk VLANs Using the WebUI........................................................................60

Using CLI............................................................................................................................ 60

Creating, Updating and Deleting VLAN Pools......................................................................60

Creating a VLAN pool Using the WebUI.......................................................................60

Updating a VLAN Pool .....................................................................................................61

Deleting a VLAN Pool ...................................................................................................... 61

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide | 3

Create a VLAN Pool Using CLI ....................................................................................... 61

Viewing Existing VLAN IDs Using CLI ...........................................................................61

Adding Existing VLAN IDs Using CLI............................................................................. 61

Add a Bandwidth Contract to the VLAN............................................................................... 62

Optimize VLAN Broadcast and Multicast Traffic................................................................ 62

In the CLI............................................................................................................................ 62

In the WebUI .....................................................................................................................63

Configuring Ports..............................................................................................................................63

Classifying Traffic as Trusted or Untrusted .........................................................................63

About Trusted and Untrusted Physical Ports ..............................................................63

About Trusted and Untrusted VLANs............................................................................ 63

Configuring Trusted/Untrusted Ports and VLANs............................................................... 64

Using WebUI .....................................................................................................................64

Using CLI............................................................................................................................ 64

Configure Trusted/Untrusted Ports and VLANs in Trunk Mode .......................................65

Using the WebUI .............................................................................................................. 65

Using CLI............................................................................................................................ 65

About VLAN Assignments...............................................................................................................65

How a VLAN Obtains its IP Address......................................................................................66

Assigning a Static Address to a VLAN..................................................................................66

Using the WebUI .............................................................................................................. 66

Using CLI .................................................................................................................................... 66

Configuring a VLAN to Receive a Dynamic Address.......................................................... 66

Configuring Multiple Wired Uplink Interfaces (Active-Standby) ............................. 67

Enabling the DHCP Client........................................................................................................ 67

Using the WebUI .............................................................................................................. 67

Using the CLI .....................................................................................................................67

Enabling the PPPoE Client.......................................................................................................68

Using the WebUI .............................................................................................................. 68

Using CLI............................................................................................................................ 68

Default Gateway from DHCP/PPPoE..................................................................................... 68

Using the WebUI .............................................................................................................. 68

Using CLI............................................................................................................................ 68

Configuring DNS/WINS Server from DHPC/PPPoE............................................................ 68

Using the WebUI.......................................................................................................................69

Using CLI............................................................................................................................ 69

Configuring Source NAT to Dynamic VLAN Address......................................................... 69

Using the WebUI .............................................................................................................. 69

Using CLI............................................................................................................................ 70

Configuring Source NAT for VLAN Interfaces.....................................................................70

Example Configuration .................................................................................................... 70

Using the WebUI .............................................................................................................. 70

Using CLI............................................................................................................................ 71

Inter-VLAN Routing.................................................................................................................. 71

Using the WebUI to restrict VLAN routing...................................................................71

Using CLI............................................................................................................................ 72

Configuring Static Routes ............................................................................................................... 72

Using the WebUI.......................................................................................................................72

Using CLI .................................................................................................................................... 72

Configuring the Loopback IP Address .......................................................................................... 72

Using the WebUI.......................................................................................................................72

Using CLI .................................................................................................................................... 73

Using the CLI to reboot the controller................................................................................... 73

Configuring the Controller IP Address ..........................................................................................73

Using CLI .................................................................................................................................... 74

Configuring GRE Tunnels................................................................................................................. 74

Creating a Tunnel Interface.................................................................................................... 74

4 | Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

Using the WebUI .............................................................................................................. 74

Using CLI............................................................................................................................ 75

Directing Traffic into the Tunnel............................................................................................ 75

Static Routes..................................................................................................................... 75

Firewall Policy................................................................................................................... 75

Tunnel Keepalives............................................................................................................ 75

Chapter 3 RF Plan................................................................................................................................. 77

Supported Planning.......................................................................................................................... 77

Before You Begin.............................................................................................................................. 78

Task Overview...........................................................................................................................78

Planning Requirements ........................................................................................................... 78

Launching the RF Plan .....................................................................................................................79

Campus List Page..................................................................................................................... 80

Building List Pane.....................................................................................................................81

Building Specifications Overview..........................................................................................82

Building Dimension Page........................................................................................................ 82

AP Modeling Parameters Page..............................................................................................83

Radio Type......................................................................................................................... 85

Design Model.................................................................................................................... 85

Overlap Factor .................................................................................................................. 85

Users/AP............................................................................................................................ 86

Radio Properties (Desired Rates and HT Support Options) ...................................... 86

AM Modeling Page ..................................................................................................................87

Design Models.................................................................................................................. 88

Monitor Rates ................................................................................................................... 88

Planning Floors Page............................................................................................................... 88

Zoom................................................................................................................................... 89

Approximate Coverage Map .......................................................................................... 90

Floor Editor Dialog Box.................................................................................................... 90

Area Editor Dialog Box ....................................................................................................91

Access Point Editor Dialog Box .....................................................................................92

AP Plan Page.............................................................................................................................95

Initialize.............................................................................................................................. 95

Optimize ............................................................................................................................. 95

Fix All Suggested AP/AMs.............................................................................................. 96

AM Plan Page ........................................................................................................................... 96

Initialize.............................................................................................................................. 96

Optimize ............................................................................................................................. 96

Fix All Suggested AP/AMs.............................................................................................. 96

Exporting and Importing Files.................................................................................................97

Export Campus.................................................................................................................. 97

Import Campus.................................................................................................................. 97

Export Buildings Page ..................................................................................................... 97

Import Buildings Page .....................................................................................................98

Locate.........................................................................................................................................98

FQLN Mapper ............................................................................................................................ 98

Using the FQLN Mapper in the AP Provision Page...................................................................100

Using the WebUI.....................................................................................................................100

Using CLI .................................................................................................................................. 100

RF Plan Example ............................................................................................................................. 101

Sample Building......................................................................................................................101

Create a Building ...................................................................................................................102

Model the Access Points .....................................................................................................103

Model the Air Monitors ........................................................................................................103

Add and Edit a Floor............................................................................................................... 103

Adding the background image and naming the first floor............................................... 103

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide | 5

Adding the background image and naming the second floor......................................... 104

Defining Areas ........................................................................................................................ 104

Creating a Don’t Care Area ..................................................................................................104

Creating a Don’t Deploy Area ............................................................................................... 105

Running the AP Plan .............................................................................................................105

Running the AM Plan ............................................................................................................ 106

Chapter 4 Access Points .................................................................................................................. 107

Basic Functions and Features......................................................................................................107

AP Names and Groups .................................................................................................................. 108

Creating an AP group.............................................................................................................109

in the WebUI ................................................................................................................... 109

Creating an AP group in the CLI................................................................................... 109

Assigning APs to an AP group ............................................................................................. 109

In the CLI.......................................................................................................................... 110

AP Configuration Profiles..............................................................................................................110

Wireless LAN Profiles............................................................................................................110

AP Profiles ............................................................................................................................... 112

QoS Profiles.............................................................................................................................113

RF Management Profiles.......................................................................................................113

Mesh Profiles .......................................................................................................................... 114

Other Profiles .......................................................................................................................... 114

Viewing Profile Errors............................................................................................................114

Profile Hierarchy............................................................................................................................. 114

Deploying APs................................................................................................................................. 116

Running the RF Plan............................................................................................................... 117

Ensure APs Can Connect to the Controller ........................................................................117

Configure Firewall Settings .......................................................................................... 117

Enable Controller Discovery......................................................................................... 117

From a DNS Server ........................................................................................................ 118

From a DHCP Server ......................................................................................................118

Using the Aruba Discovery Protocol (ADP) ...............................................................118

Ensure APs Can Obtain IP Addresses.................................................................................119

Enabling the DHCP server on the controller in the WebUI ..................................... 119

Enable the DHCP server on the controller in the CLI ............................................... 119

Provisioning APs for Mesh ................................................................................................... 120

Installing APs on the Network..............................................................................................120

Updating the RF Plan..............................................................................................................120

Provisioning Installed APs ............................................................................................................120

Remote AP (RAP) vs Campus AP (CAP).............................................................................. 121

AP Provisioning Wizard.........................................................................................................121

Provisioning an Individual AP...............................................................................................121

Provisioning Multiple APs using a Provisioning Profile........................................... 124

Assigning Provisioning Profiles ...................................................................................124

Troubleshooting.............................................................................................................. 125

Configuring a Provisioned AP....................................................................................................... 125

AP Installation Modes ........................................................................................................... 125

In the WebUI ...................................................................................................................125

In the CLI.......................................................................................................................... 126

Renaming an AP ..................................................................................................................... 126

Renaming in the WebUI ................................................................................................ 126

Renaming in the CLI .......................................................................................................126

Optimize APs Over Low-Speed Links.................................................................................. 127

Configuring the Bootstrap Threshold.......................................................................... 127

Prioritizing AP heartbeats............................................................................................. 130

AP Redundancy ...................................................................................................................... 130

6 | Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

In the WebUI ...................................................................................................................130

In the CLI.......................................................................................................................... 130

AP Maintenance Mode ......................................................................................................... 131

In the WebUI ...................................................................................................................131

In the CLI.......................................................................................................................... 131

Managing AP LEDs.................................................................................................................131

Disabling LEDs in the WebUI........................................................................................ 132

Enable or Disable LEDs in the CLI................................................................................ 132

Configuring Blinking LEDs in the CLI........................................................................... 132

Managing RF Interference............................................................................................................132

RF Optimization ....................................................................................................................... 132

In the WebUI ...................................................................................................................132

In the CLI.......................................................................................................................... 133

RF Event Configuration .......................................................................................................... 133

In the WebUI ...................................................................................................................134

In the CLI.......................................................................................................................... 135

AP Channel Assignments..............................................................................................................135

20 MHz and 40 MHz Static Channel Assignments ............................................................135

In the WebUI ...................................................................................................................136

In the CLI.......................................................................................................................... 137

Channel Switch Announcement (CSA)............................................................................... 137

In the WebUI ...................................................................................................................137

In the CLI.......................................................................................................................... 137

Automatic Channel and Transmit Power Selection..........................................................137

AP Console Settings....................................................................................................................... 137

Chapter 5 Virtual APs........................................................................................................................ 139

Virtual AP Profiles .......................................................................................................................... 139

Excluding a virtual AP profile from an AP in the WebUI.......................................... 140

Excluding a virtual AP profile from an AP in the CLI ................................................ 140

Configuring a Virtual AP ................................................................................................................140

Configuring the WLAN...........................................................................................................141

Configuring the User Role..................................................................................................... 142

In the WebUI ...................................................................................................................142

In the CLI.......................................................................................................................... 142

Configuring Authentication Servers.................................................................................... 142

In the WebUI ...................................................................................................................142

In the CLI.......................................................................................................................... 142

Configuring Authentication................................................................................................... 143

In the WebUI ...................................................................................................................143

In the CLI.......................................................................................................................... 144

Applying the Virtual AP..........................................................................................................144

In the WebUI ...................................................................................................................144

In the CLI.......................................................................................................................... 148

Creating a new SSID Profile................................................................................................. 148

In the WebUI ...................................................................................................................148

In the CLI.......................................................................................................................... 152

Configuring an SSID for Suite-B cryptography .........................................................152

Guest WLAN............................................................................................................................152

Configuring the VLAN ............................................................................................................ 153

In the WebUI ...................................................................................................................153

In the CLI.......................................................................................................................... 153

Configuring the Guest Role................................................................................................... 153

In the WebUI ...................................................................................................................153

In the CLI.......................................................................................................................... 153

Configuring the Guest Virtual AP......................................................................................... 154

In the WebUI ...................................................................................................................154

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide | 7

In the CLI.......................................................................................................................... 154

Enable 802.11k Support..........................................................................................................155

In the WebUI ...................................................................................................................155

In the CLI.......................................................................................................................... 156

Example Configuration...........................................................................................................156

Configuring a High-Throughput Virtual AP................................................................................. 157

In the WebUI ........................................................................................................................... 157

In the CLI .................................................................................................................................. 160

Managing High-throughput Profiles....................................................................................161

Chapter 6 Adaptive Radio Management (ARM) ........................................................................... 163

ARM Overview ................................................................................................................................163

ARM Support for 802.11n.......................................................................................................163

Monitoring Your Network with ARM................................................................................... 164

Noise and Error Monitoring.......................................................................................... 164

Application Awareness................................................................................................. 164

ARM Profiles ................................................................................................................................... 164

Creating a New ARM Profile ................................................................................................165

Copying an Existing Profile ................................................................................................... 165

Deleting a Profile.................................................................................................................... 166

Configuring ARM Settings.....................................................................................................166

In the WebUI ...................................................................................................................166

In the CLI.......................................................................................................................... 169

Assigning an ARM Profile to an AP Group.................................................................................170

In the WebUI ........................................................................................................................... 170

In the CLI .................................................................................................................................. 170

Multi-Band ARM and 802.11a/802.11g Traffic............................................................................ 171

Band Steering ................................................................................................................................. 171

Steering Modes ...................................................................................................................... 171

Enabling Band Steering.........................................................................................................172

In the WebUI ...................................................................................................................172

In the CLI.......................................................................................................................... 172

Traffic Shaping................................................................................................................................ 173

Enabling Traffic Shaping....................................................................................................... 173

In the WebUI ...................................................................................................................173

In the CLI.......................................................................................................................... 173

Spectrum Load Balancing............................................................................................................. 174

RX Sensitivity Tuning Based Channel Reuse.............................................................................174

Non-802.11 Noise Interference Immunity................................................................................... 175

ARM Metrics ...................................................................................................................................175

ARM Troubleshooting....................................................................................................................176

Too many APs on the Same Channel.................................................................................. 176

Wireless Clients Report a Low Signal Level ......................................................................176

Transmission Power Levels Change Too Often.................................................................177

APs Detect Errors but Do Not Change Channels.............................................................. 177

APs Don’t Change Channels Due to Channel Noise......................................................... 177

Chapter 7 Remote Access Points.................................................................................................... 179

Overview ..........................................................................................................................................179

Configuring the Secure Remote Access Point Service ........................................................... 180

Configure a Public IP Address for the Controller.............................................................. 181

Using the WebUI to Create a DMZ Address..............................................................181

Using CLI.......................................................................................................................... 181

Configure the VPN Server..................................................................................................... 181

8 | Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

Using the WebUI ............................................................................................................ 181

Using CLI.......................................................................................................................... 182

CHAP Authentication Support over PPPoE........................................................................ 182

Configure the Remote AP User Role ...................................................................................183

Using the WebUI ............................................................................................................ 183

Using CLI.......................................................................................................................... 184

Configure VPN Authentication............................................................................................. 184

Using the WebUI ............................................................................................................ 184

Using CLI.......................................................................................................................... 185

Configuring Internal Database for Authentication............................................................185

Using the WebUI ............................................................................................................ 185

Configure VPN authentication using the internal database ................................... 187

Add the user to the internal database ........................................................................187

Using CLI to configure the internal DB for a RAP user ............................................187

Provision the AP ..................................................................................................................... 187

Creating a Remote AP Whitelist...........................................................................................188

Revoking an AP............................................................................................................... 189

Deploying a Branch Office/Home Office Solution..................................................................... 189

Configuring the branch office AP ........................................................................................189

Troubleshooting Remote AP................................................................................................. 190

Local Debugging............................................................................................................. 190

Remote AP Summary..................................................................................................... 190

Multihoming on remote AP (RAP)................................................................................ 192

Seamless failover from backup link to primary link on RAP ................................... 192

Remote AP Connectivity................................................................................................ 192

Remote AP Diagnostics................................................................................................. 193

Enabling Double Encryption.......................................................................................................... 194

Using the WebUI ............................................................................................................ 194

Using CLI.......................................................................................................................... 194

Advanced Configuration Options.................................................................................................194

Understanding Remote AP Modes of Operation............................................................... 194

Fallback Mode.........................................................................................................................196

Backup Configuration Behavior for Wired Ports ......................................................196

Configuring the fallback mode .............................................................................................197

Using WebUI to configure the AAA profile................................................................197

Using CLI.......................................................................................................................... 197

Using the WebUI to configure virtual AP profile....................................................... 198

Using CLI.......................................................................................................................... 198

Configuring the DHCP Server on the Remote AP.............................................................. 199

Using the WebUI ............................................................................................................ 199

Using CLI.......................................................................................................................... 200

Advanced Backup Configuration Options.......................................................................... 200

Using the WebUI to configure the session ACL........................................................201

Using the WebUI to configure the AAA profile .........................................................202

Using the WebUI to define the backup configuration.............................................. 202

Using the CLI to configure the session ACL............................................................... 203

Using the CLI to configure the AAA profile................................................................203

Using the CLI to define the backup configuration .................................................... 203

DNS Controller Setting .......................................................................................................... 204

Specify the DNS name using the WebUI ................................................................... 204

Backup Controller List ........................................................................................................... 205

Configuring the LMS and backup LMS IP addresses using WebUI ......................205

Configuring the LMS and Backup LMS IP Addresses Using CLI ........................... 205

Remote AP Failback............................................................................................................... 206

Using the WebUI ............................................................................................................ 206

Using the CLI ...................................................................................................................206

RAP Local Network Access..................................................................................................206

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide | 9

Using the WebUI ............................................................................................................ 206

Using CLI.......................................................................................................................... 207

Remote AP Authorization Profiles .......................................................................................207

Add or Edit a Remote AP Authorization Profile .........................................................207

Access Control Lists and Firewall Policies........................................................................ 208

Split Tunneling ........................................................................................................................ 208

Configuring Split Tunneling .......................................................................................... 208

Configuring the Session ACL................................................................................................ 209

Using the WebUI ............................................................................................................ 209

Using the CLI ...................................................................................................................210

Configuring ACL for restricted LD homepage access...................................................... 211

Using CLI.......................................................................................................................... 211

Configuring the AAA Profile and the Virtual AP Profile ...................................................212

Using the WebUI ............................................................................................................ 212

Using CLI.......................................................................................................................... 212

Configuring split tunneling in the virtual AP profile..................................................212

Using the CLI to configure split tunneling in the virtual AP profile ........................213

Using the WebUI to list the corporate DNS servers ................................................ 213

Using the CLI to list the corporate DNS servers .......................................................213

Wi-Fi Multimedia ............................................................................................................................ 214

Uplink Bandwidth Reservation.....................................................................................................214

Bandwidth Reservation for Uplink Voice Traffic....................................................... 214

Configuring Bandwidth Reservation ...................................................................................214

Using the WebUI ............................................................................................................ 214

Using CLI.......................................................................................................................... 215

Chapter 8 Secure Enterprise Mesh ................................................................................................ 217

Mesh Access Points ......................................................................................................................217

Mesh Portals ........................................................................................................................... 218

Mesh Points.............................................................................................................................218

Mesh Clusters ......................................................................................................................... 219

Mesh Links....................................................................................................................................... 219

Link Metrics.............................................................................................................................220

Optimizing Links ...................................................................................................................... 220

Mesh Profiles ..................................................................................................................................221

Mesh Cluster Profile .............................................................................................................. 221

Mesh Radio Profile.................................................................................................................221

RF Management (802.11a and 802.11g) Profiles................................................................ 221

Adaptive Radio Management Profiles........................................................................222

High-Throughput Profiles.............................................................................................. 222

Mesh High-Throughput SSID Profile...................................................................................222

Wired AP Profile..................................................................................................................... 223

Mesh Recovery Profile.......................................................................................................... 223

Mesh Solutions ...............................................................................................................................223

Thin AP Services with Wireless Backhaul Deployment.................................................. 224

Point-to-Point Deployment....................................................................................................224

Point-to-Multipoint Deployment...........................................................................................224

High-Availability Deployment............................................................................................... 225

Before You Begin............................................................................................................................ 226

Pre-Deployment Considerations.......................................................................................... 226

Outdoor-Specific Deployment Considerations.................................................................. 226

Configuration Considerations............................................................................................... 226

Post-Deployment Considerations........................................................................................ 226

Dual-Port AP Considerations................................................................................................227

Mesh Radio Profiles.......................................................................................................................227

Managing Mesh Profiles In the WebUI.............................................................................. 227

10 | Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

Creating a New Profile ..................................................................................................227

Assigning a Profile to a Mesh AP or AP Group.........................................................230

Editing a Profile............................................................................................................... 230

Deleting a Profile............................................................................................................ 231

Managing Mesh Profiles In the CLI..................................................................................... 231

Creating or Modifying a Profile.................................................................................... 231

Viewing Profile Settings................................................................................................ 231

Assigning a Profile to an AP Group............................................................................. 231

Deleting a Mesh Radio Profile ..................................................................................... 232

RF Management (802.11a and 802.11g) Profiles ........................................................................232

Managing 802.11a/802.11g Profiles In the WebUI.............................................................232

Creating a Profile............................................................................................................ 232

Assigning an 802.11a/802.11g Profile ..........................................................................236

Assigning a High-throughput Profile........................................................................... 237

Assigning an ARM Profile............................................................................................. 237

Editing an 802.11a/802.11g Profile................................................................................ 238

Deleting a Profile............................................................................................................ 238

Managing 802.11a/802.11g Profiles In the CLI ...................................................................239

Creating or Modifying a Profile.................................................................................... 239

Viewing RF Management Settings ..............................................................................240

Assigning a 802.11a/802.11g Profile ............................................................................ 240

Deleting a Profile............................................................................................................ 240

Mesh High-Throughput SSID Profiles......................................................................................... 240

Managing Profiles In the WebUI .........................................................................................240

Creating a Profile............................................................................................................ 240

Assigning a Profile to an AP Group............................................................................. 242

Editing a Profile............................................................................................................... 242

Deleting a Profile............................................................................................................ 243

Managing Profiles In the CLI................................................................................................ 243

Creating or Modifying a Profile.................................................................................... 243

Assigning a Profile to an AP Group............................................................................. 243

Viewing High-throughput SSID Settings ....................................................................243

Deleting a Profile............................................................................................................ 244

Mesh Cluster Profiles .................................................................................................................... 244

Deployments with Multiple Mesh Cluster Profiles ...........................................................244

Managing Mesh Cluster Profiles In the WebUI ................................................................245

Creating a Profile............................................................................................................ 245

Associating a Profile to Mesh APs.............................................................................. 246

Editing a Profile............................................................................................................... 247

Deleting a Mesh Cluster Profile................................................................................... 247

Managing Mesh Cluster Profiles In the CLI....................................................................... 247

Viewing Mesh Cluster Profile Settings.......................................................................248

Associating Mesh Cluster Profiles.............................................................................. 248

Excluding a Mesh Cluster Profile from a Mesh Node..............................................248

Deleting a Mesh Cluster Profile................................................................................... 249

Ethernet Ports for Mesh ................................................................................................................249

Configure bridging on the Ethernet port............................................................................. 249

Configuring Ethernet Ports for Secure Jack Operation................................................... 250

In the WebUI ...................................................................................................................250

In the CLI.......................................................................................................................... 250

Extending the Life of a Mesh Network................................................................................251

In the WebUI ...................................................................................................................251

In the CLI.......................................................................................................................... 251

Provisioning Mesh Nodes.............................................................................................................251

Outdoor AP Parameters ........................................................................................................ 252

Provisioning Caveats ............................................................................................................. 252

Provisioning Mesh Nodes.....................................................................................................253

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide | 11

In the WebUI ...................................................................................................................253

In the CLI.......................................................................................................................... 253

AP Boot Sequence .........................................................................................................................254

Mesh Portal ............................................................................................................................. 254

Mesh Point...............................................................................................................................254

Air Monitoring and Mesh...................................................................................................... 254

Verifying the Network....................................................................................................................255

Verification Checklist..................................................................................................... 255

CLI Examples................................................................................................................... 255

Remote Mesh Portals .................................................................................................................... 256

How RMP Works .................................................................................................................... 257

Creating a Remote Mesh Portal In the WebUI.................................................................. 257

Provisioning the AP........................................................................................................ 257

Defining the Mesh Private VLAN................................................................................. 258

Selecting a Mesh Radio Profile ................................................................................... 259

Selecting an RF Management Profile .........................................................................259

Adding a Mesh Cluster Profile .....................................................................................259

Configuring a DHCP Pool .............................................................................................. 260

Configuring the VLAN ID of the Virtual AP Profile ....................................................260

Provisioning a Remote Mesh Portal In the CLI.................................................................. 261

Additional Information........................................................................................................... 261

Chapter 9 Authentication Servers................................................................................................... 263

Important Points to Remember .................................................................................................... 263

Servers and Server Groups .......................................................................................................... 263

Configuring Servers ....................................................................................................................... 264

Configuring a RADIUS Server...............................................................................................264

In the WebUI ...................................................................................................................265

In the CLI.......................................................................................................................... 265

RADIUS Server Authentication Codes........................................................................ 265

RADIUS Server Fully Qualified Domain Names................................................................. 266

Set a DNS Query Interval...................................................................................................... 266

In the WebUI ...................................................................................................................266

In the CLI.......................................................................................................................... 266

Configuring an LDAP Server ................................................................................................. 266

In the WebUI ...................................................................................................................267

In the CLI.......................................................................................................................... 267

Configuring a TACACS+ Server............................................................................................268

In the WebUI ...................................................................................................................268

In the CLI.......................................................................................................................... 268

Configuring a Windows Server............................................................................................ 269

In the WebUI ...................................................................................................................269

In the CLI.......................................................................................................................... 269

Internal Database...........................................................................................................................269

Configuring the Internal Database ......................................................................................269

In the WebUI ...................................................................................................................270

In the CLI.......................................................................................................................... 270

RAP Static Inner IP Address.................................................................................................270

In the WebUI ...................................................................................................................270

In the CLI.......................................................................................................................... 271

Managing Internal Database Files ......................................................................................271

Exporting files in the WebUI......................................................................................... 272

Importing files in the WebUI......................................................................................... 272

In the CLI.......................................................................................................................... 272

Internal Database Utilities .................................................................................................... 272

Deleting All User............................................................................................................. 272

12 | Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

Repairing the Internal Database.................................................................................. 272

Server Groups .................................................................................................................................273

Configuring Server Groups ................................................................................................... 273

In the WebUI ...................................................................................................................273

In the CLI.......................................................................................................................... 273

Configuring Server List Order and Fail-Through ...............................................................273

In the WebUI ...................................................................................................................274

In the CLI.......................................................................................................................... 274

Configuring Dynamic Server Selection...............................................................................274

In the WebUI ...................................................................................................................275

In the CLI.......................................................................................................................... 276

Configuring Match FQDN Option .........................................................................................276

In the WebUI ...................................................................................................................276

In the CLI.......................................................................................................................... 276

Trimming Domain Information from Requests................................................................... 276

In the WebUI ...................................................................................................................277

In the CLI.......................................................................................................................... 277

Configuring Server-Derivation Rules ..................................................................................277

In the WebUI ...................................................................................................................278

In the CLI.......................................................................................................................... 278

Configuring a Role Derivation Rule for the Internal Database .......................................279

In the WebUI ...................................................................................................................279

In the CLI.......................................................................................................................... 279

Assigning Server Groups .............................................................................................................. 279

User Authentication............................................................................................................... 279

Management Authentication................................................................................................280

In the WebUI ...................................................................................................................280

In the CLI.......................................................................................................................... 280

Accounting .............................................................................................................................. 280

RADIUS Accounting....................................................................................................... 280

In the WebUI ...................................................................................................................282

In the CLI.......................................................................................................................... 282

TACACS+ Accounting ............................................................................................................ 282

Configuring Authentication Timers.............................................................................................. 282

Setting an Authentication Timer.......................................................................................... 283

In the WebUI ...................................................................................................................283

In the CLI.......................................................................................................................... 283

Chapter 10 802.1x Authentication...................................................................................................... 285

Overview of 802.1x Authentication ..............................................................................................285

Supported EAP Types............................................................................................................ 286

Authentication with a RADIUS Server................................................................................ 286

Authentication Terminated on Controller........................................................................... 287

Configuring 802.1x Authentication...............................................................................................288

Using the WebUI ............................................................................................................ 289

Using the CLI ...................................................................................................................293

Configuring and Using Certificates with AAA FastConnect............................................ 294

Using the WebUI ............................................................................................................ 294

Using the CLI ...................................................................................................................294

Configuring User and Machine Authentication.................................................................295

Role Assignment with Machine Authentication Enabled................................................ 295

Example Configurations................................................................................................................. 296

Authentication with an 802.1x RADIUS Server.................................................................. 297

Configuring Roles and Policies ............................................................................................297

Creating the Student Role and Policy .........................................................................297

Creating the Faculty Role and Policy ..........................................................................298

Creating the Guest Role and Policy............................................................................. 299

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide | 13

Creating Roles and Policies for Sysadmin and Computer.......................................300

Creating an Alias for the Internal Network Using CLI..............................................301

Configuring the RADIUS Authentication Server................................................................301

Using the WebUI ............................................................................................................ 301

Using the CLI ...................................................................................................................302

Configure 802.1x Authentication.......................................................................................... 302

Using the WebUI ............................................................................................................ 302

Using the CLI ...................................................................................................................303

Configure VLANs .................................................................................................................... 303

Using the WebUI ............................................................................................................ 303

Using the CLI ...................................................................................................................304

Configuring the WLANs.........................................................................................................304

Configuring the Guest WLAN ...............................................................................................304

Using the WebUI ............................................................................................................ 304

Using the CLI ...................................................................................................................305

Configuring the Non-Guest WLANs ....................................................................................305

Using the WebUI ............................................................................................................ 305

Using the CLI ...................................................................................................................306

Authentication with the Controller’s Internal Database.................................................. 306

Configuring the Internal Database ......................................................................................306

Using the WebUI ............................................................................................................ 307

Using the CLI ...................................................................................................................307

Configuring a server rule using the WebUI ............................................................... 307

Configuring a server rule using the CLI ......................................................................307

Configure 802.1x Authentication.......................................................................................... 307

Using the WebUI ............................................................................................................ 307

Using the CLI ...................................................................................................................308

Configure VLANs .................................................................................................................... 308

Using the WebUI ............................................................................................................ 308

Using the CLI ...................................................................................................................309

Configuring the WLANs.........................................................................................................309

Configuring the Guest WLAN ...............................................................................................309

Using the WebUI ............................................................................................................ 309

Using the CLI ...................................................................................................................310

Configuring the Non-Guest WLANs ....................................................................................310

Using the WebUI ............................................................................................................ 310

Using the CLI ...................................................................................................................311

Mixed Authentication Modes ............................................................................................... 312

Using the CLI ...................................................................................................................312

Advanced Configuration Options for 802.1x...............................................................................312

Configuring reauthentication with Unicast Key Rotation ................................................312

Using the WebUI ............................................................................................................ 313

Using the CLI ...................................................................................................................313

Chapter 11 Certificate Revocation.................................................................................................... 315

About OCSP and CRL ..................................................................................................................... 315

Controller as OCSP and CRL Clients.................................................................................... 315

Configuring the Controller as an OCSP Client............................................................................ 316

In the WebUI ........................................................................................................................... 316

In the CLI .................................................................................................................................. 317

Configuring the Controller as a CRL Client .................................................................................318

In the WebUI ........................................................................................................................... 318

In the CLI .................................................................................................................................. 318

Configuring the Controller as a OCSP Responder..................................................................... 318

In the WebUI ........................................................................................................................... 318

In the CLI .................................................................................................................................. 319

14 | Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

Chapter 12 Roles and Policies........................................................................................................... 321

Policies............................................................................................................................................. 321

Access Control Lists (ACLs)..................................................................................................322

Creating a Firewall Policy ..................................................................................................... 322

In the WebUI ...................................................................................................................324

In the CLI.......................................................................................................................... 324

Creating a Network Service Alias .......................................................................................324

In the WebUI ...................................................................................................................324

In the CLI.......................................................................................................................... 325

Creating an ACL White List................................................................................................... 325

Configuring a White List Bandwidth Contract in the WebUI .................................. 325

Configuring the ACL White List in the WebUI............................................................ 325

Configuring the White List Bandwidth Contract in the CLI...................................... 326

Configuring the ACL White List in the CLI .................................................................. 326

User Roles........................................................................................................................................ 326

Creating a User Role.............................................................................................................. 327

In the WebUI ...................................................................................................................327

In the CLI.......................................................................................................................... 327

Bandwidth Contracts............................................................................................................. 328

Configuring a Bandwidth Contract in the WebUI ..................................................... 328

Assigning a Bandwidth Contract to a User Role in the WebUI ..............................328

Configuring and Assigning Bandwidth Contracts in the CLI...................................329

Bandwidth Contract Exceptions ..........................................................................................329

Viewing the Current Exceptions List ...........................................................................329

Configuring Bandwidth Contract Exceptions ............................................................ 329

User Role Assignments ................................................................................................................. 329

User Role in AAA Profile ....................................................................................................... 330

In the WebUI ...................................................................................................................330

In the CLI.......................................................................................................................... 330

User-Derived Roles or VLANs.............................................................................................. 330

Device Identification...................................................................................................... 331

Configuring a User-derived Role or VLAN in the WebUI.........................................332

Configure a User-derived Role or VLAN in the CLI...................................................332

User-Derived Role Example.......................................................................................... 333

Default Role for Authentication Method.............................................................................333

In the WebUI ...................................................................................................................334

In the CLI.......................................................................................................................... 334

Server-Derived Role...............................................................................................................334

VSA-Derived Role...................................................................................................................334

Global Firewall Parameters .......................................................................................................... 335

Chapter 13 Dashboard Monitoring.................................................................................................... 339

Performance.................................................................................................................................... 339

Clients.......................................................................................................................................339

APs............................................................................................................................................339

Using Dashboard Histograms...............................................................................................340

Usage................................................................................................................................................ 340

Clients.......................................................................................................................................340

APs............................................................................................................................................340

Security ............................................................................................................................................341

Potential Issues ..............................................................................................................................341

WLANs .............................................................................................................................................341

Access Points .................................................................................................................................342

Clients............................................................................................................................................... 342

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide | 15

Chapter 14 Stateful and WISPr Authentication.............................................................................. 345

Stateful Authentication Overview................................................................................................ 345

WISPr Authentication Overview..................................................................................................345

Important Points to Remember .................................................................................................... 346

Configuring Stateful 802.1x Authentication................................................................................346

In the WebUI ........................................................................................................................... 346

In the CLI .................................................................................................................................. 347

Configuring Stateful NTLM Authentication................................................................................347

In the WebUI ........................................................................................................................... 347

In the CLI .................................................................................................................................. 348

Configuring WISPr Authentication ..............................................................................................348

In the WebUI ........................................................................................................................... 348

In the CLI .................................................................................................................................. 349

Chapter 15 Captive Portal................................................................................................................... 351

Captive Portal Overview................................................................................................................351

Policy Enforcement Firewall Next Generation (PEFNG) License ...................................351

Controller Server Certificate.................................................................................................352

Captive Portal in the Base ArubaOS ........................................................................................... 352

Configuring Captive Portal via the WebUI..........................................................................353

Configuring Captive Portal via the CLI ................................................................................354

Captive Portal with the PEFNG License......................................................................................354

Configuring Captive Portal via the WebUI..........................................................................355

Configuring Captive Portal via the CLI ................................................................................356

Example Authentication with Captive Portal ............................................................................. 357

Creating a Guest-logon User Role....................................................................................... 357

Creating an Auth-guest User Role....................................................................................... 358

Configuring Policies and Roles in the WebUI.................................................................... 358

Time Range...................................................................................................................... 358

Aliases.............................................................................................................................. 359

Auth-Guest-Access Policy ........................................................................................... 359

Block-Internal-Access Policy ......................................................................................360

Drop-and-Log Policy...................................................................................................... 361

Guest-logon Role............................................................................................................ 361

Guest-Logon Role........................................................................................................... 362

Configuring Policies and Roles in the CLI...........................................................................362

Time Range...................................................................................................................... 362

Aliases.............................................................................................................................. 362

Guest-Logon-Access Policy......................................................................................... 362

Auth-Guest-Access Policy ........................................................................................... 363

Block-Internal-Access Policy ......................................................................................363

Drop-and-Log Policy...................................................................................................... 363

Guest-Logon Role........................................................................................................... 363

Auth-Guest Role ............................................................................................................. 363

Configuring Guest VLANs.............................................................................................................. 363

In the WebUI ........................................................................................................................... 363

In the CLI .................................................................................................................................. 364

Captive Portal Authentication ...................................................................................................... 364

Modifying the Initial User Role ............................................................................................. 365

Configuring the AAA Profile..................................................................................................365

Configuring the WLAN...........................................................................................................365

User Account Administration............................................................................................... 366

Captive Portal Configuration Parameters...........................................................................366

Optional Captive Portal Configurations....................................................................................... 368

Per-SSID Captive Portal Page.............................................................................................. 368

16 | Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

Changing the Protocol to HTTP............................................................................................ 369

Proxy Server Redirect............................................................................................................370

Redirecting Clients on Different VLANs..............................................................................371

Web Client Configuration with Proxy Script ......................................................................371

Personalizing the Captive Portal Page........................................................................................ 372

Creating Walled Garden Access ................................................................................................. 374

Creating Walled Garden Access .........................................................................................374

Using the WebUI to create Walled Garden access .................................................374

Using the CLI to create walled garden access .........................................................375

Chapter 16 Advanced Security.......................................................................................................... 377

Securing Client Traffic...................................................................................................................378

Securing Wireless Clients.....................................................................................................378

In the WebUI ...................................................................................................................379

In the CLI.......................................................................................................................... 379

Securing Wired Clients..........................................................................................................379

In the WebUI ...................................................................................................................380

In the CLI.......................................................................................................................... 381

Securing Wireless Clients Through Non-Dell APs ...........................................................381

In the WebUI ...................................................................................................................381

In the CLI.......................................................................................................................... 382

Securing Clients on an AP Wired Port................................................................................ 382

In the WebUI ...................................................................................................................382

In the CLI.......................................................................................................................... 383

Securing Controller-to-Controller Communication...................................................................384

Configuring Controllers for xSec..........................................................................................384

In the WebUI ...................................................................................................................384

In the CLI.......................................................................................................................... 385

Configuring the Odyssey Client on Client Machines ................................................................ 385

Installing the Odyssey Client ................................................................................................ 385

Chapter 17 Virtual Private Networks................................................................................................ 389

Planning a VPN Configuration......................................................................................................389

Selecting an IKE protocol......................................................................................................390

Suite-B Encryption Licensing............................................................................................... 390

IKEv2 Clients............................................................................................................................391

Supported VPN AAA Deployments......................................................................................391

Certificate Groups .................................................................................................................. 391

VPN Authentication Profiles.........................................................................................................392

Configuring a Basic VPN for L2TP/IPsec.................................................................................... 393

In the WebUI ........................................................................................................................... 393

Define Authentication Method and Server Addresses............................................ 393

Define Address Pools ....................................................................................................393

Enable Source NAT........................................................................................................ 394

Select Certificates.......................................................................................................... 394

Define IKEv1 Shared Keys ............................................................................................ 394

Configure IKE Policies ...................................................................................................395

Set the IPsec Dynamic Map......................................................................................... 396

Finalize your WebUI changes ...................................................................................... 396

Configuring a VPN for L2TP/IPsec with IKEv2 ...........................................................................397

In the WebUI ........................................................................................................................... 397

Define Authentication Method and Server Addresses............................................ 397

Define Address Pools ....................................................................................................397

Enable Source NAT........................................................................................................ 398

Select Certificates.......................................................................................................... 398

Configure IKE Policies ...................................................................................................398

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide | 17

Set the IPsec Dynamic Map......................................................................................... 399

Finalize your WebUI changes ...................................................................................... 400

Configuring a VPN for Smart Card Clients.................................................................................. 401

Smart Card clients using IKEv2............................................................................................ 401

Smart Card Clients using IKEv1............................................................................................ 401

Configuring a VPN for Clients with User Passwords................................................................ 402

In the WebUI ........................................................................................................................... 402

In the CLI .................................................................................................................................. 403

Configuring Remote Access VPNs for XAuth ............................................................................403

Configuring VPNs for XAuth Clients using Smart Cards.................................................. 403

Configuring a VPN for XAuth Clients Using a Username/Password .............................404

Remote Access VPNs for PPTP ...................................................................................................405

In the WebUI ........................................................................................................................... 405

In the CLI .................................................................................................................................. 406

Site-to-Site VPNs............................................................................................................................ 406

Third-Party Devices ............................................................................................................... 406

Site-to-Site VPNs with Dynamic IP Addresses................................................................. 406

VPN Topologies ...................................................................................................................... 407

Configuring Site-to-Site VPNs.............................................................................................. 407

In the WebUI ...................................................................................................................407

In the CLI.......................................................................................................................... 409

Dead Peer Detection..............................................................................................................410

Default IKE policies................................................................................................................ 411

VPN Dialer ....................................................................................................................................... 411

Configuring the VPN Dialer................................................................................................... 411

In the WebUI ...................................................................................................................411

In the CLI.......................................................................................................................... 412

Assigning a Dialer to a User Role........................................................................................ 412

In the WebUI ...................................................................................................................412

In the CLI.......................................................................................................................... 412

Chapter 18 Virtual Intranet Access................................................................................................... 415

VIA Connection Manager.............................................................................................................. 415

How it Works...........................................................................................................................415

Installing the VIA Connection Manager .............................................................................416

On Microsoft Windows Computers............................................................................. 416

On Apple MacBooks...................................................................................................... 416

Upgrade Workflow................................................................................................................. 417

Minimal Upgrade............................................................................................................ 417

Complete Upgrade ......................................................................................................... 417

VIA Compatibility .................................................................................................................... 417

Configuring the VIA Controller ..................................................................................................... 417

Before you Begin....................................................................................................................417

Supported Authentication Mechanisms.............................................................................417

Authentication mechanisms supported in VIA 1.x.................................................... 418

Suite B Cryptography Support..............................................................................................418

Configuring VIA Settings....................................................................................................... 418

Using WebUI to Configure VIA............................................................................................. 419

Enable VPN Server Module.......................................................................................... 419

Create VIA User Roles................................................................................................... 419

Create VIA Authentication Profile ...............................................................................420

Create VIA Connection Profile .....................................................................................421

Configure VIA Web Authentication.............................................................................423

Associate VIA Connection Profile to User Role ........................................................424

Configure VIA Client WLAN Profiles ...........................................................................424

Re-branding VIA and Downloading the Installer ......................................................426

18 | Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

Using CLI to Configure VIA....................................................................................................428

Create VIA Roles ............................................................................................................ 428

Create VIA Authentication Profiles .............................................................................428

Create VIA Connection Profiles ...................................................................................428

Configure VIA web authentication ..............................................................................428

Associate VIA connection profile to user role ..........................................................428

Configure VIA client WLAN profiles............................................................................ 428

Customize VIA logo, landing page and downloading installer ............................... 429

Configuring MAC-Based Authentication....................................................................................431

Configuring the MAC Authentication Profile .....................................................................431

Chapter 19 MAC-based Authentication........................................................................................... 431

Using the WebUI to configure a MAC authentication profile.................................432

Using the CLI to configure a MAC authentication profile........................................ 432

Configuring Clients .........................................................................................................................432

Using the WebUI to configure clients in the internal database .....................................432

Using the CLI to configure clients in the internal database............................................ 432

Chapter 20 Control Plane Security.................................................................................................... 433

Control Plane Security Overview.................................................................................................433

Configuring Control Plane Security .............................................................................................434

In the WebUI ...................................................................................................................434

In the CLI.......................................................................................................................... 435

Managing the Campus AP Whitelist ...................................................................................435

Viewing Entries in the Campus AP Whitelist .............................................................436

Modifying an AP in the Campus AP Whitelist ........................................................... 437

Revoking an AP via the Campus AP Whitelist...........................................................438

Deleting an AP Entry from the Campus AP Whitelist ...............................................439

Purging the Campus AP Whitelist ............................................................................... 439

Whitelists on Master and Local Controllers .............................................................................. 439

Campus AP Whitelist Synchronization ...............................................................................440

Viewing and Managing the Master or Local Switch Whitelists..................................... 441

Viewing the Master or Local Switch Whitelist.......................................................... 441

Deleting an Entry from the Master or Local Switch Whitelist ................................441

Purging the Master or Local Switch Whitelist ..........................................................442

Environments with Multiple Master Controllers ....................................................................... 442

Configuring Networks with a Backup Master Controller ................................................442

Configuring Networks with Clusters of Master Controllers............................................ 443

Creating a Cluster Root ................................................................................................. 443

Creating a Cluster Member .......................................................................................... 444

Viewing Controller Cluster Settings ............................................................................445

Replacing a Controller on a Multi-Controller Network ............................................................ 445

Replacing Controllers in a Single Master Network.......................................................... 445

Replacing a Local Controller ........................................................................................445

Replacing a Master Controller (With No Backup)....................................................446

Replacing a Redundant Master Controller ................................................................ 447

Replacing Controllers in a Multi-Master Network............................................................447

Replacing a Local Controller in a Multi-Master Network ....................................... 447

Replacing a Cluster Member Controller (With no Backup)..................................... 447

Replacing a Redundant Cluster Member Controller ................................................ 448

Replacing a Cluster Root Controller with no Backup Controller ............................448

Replacing a Redundant Cluster Root Controller ....................................................... 449

Configuring Control Plane Security after Upgrading................................................................449

Troubleshooting Control Plane Security..................................................................................... 450

Certificate Problems .............................................................................................................. 450

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide | 19

Verifying Certificates ............................................................................................................. 450

Disabling Control Plane Security......................................................................................... 451

Verify Whitelist Synchronization..........................................................................................451

Supported APs........................................................................................................................ 452

Rogue APs ............................................................................................................................... 452

Chapter 21 Adding Local Controllers................................................................................................ 453

Moving to a Multi-Controller Environment.................................................................................453

Configuring a Preshared Key................................................................................................454

Using the WebUI to configure a Local Controller PSK ............................................ 454

Using the WebUI to configure a Master Controller PSK .........................................454

Using the CLI to configure a PSK................................................................................. 455

Configuring a Controller Certificate.....................................................................................455

Using the CLI to configure a Local Controller Certificate........................................455

Using the CLI to configure the Master Controller Certificate .................................455

Configuring Local Controllers.......................................................................................................455

Configuring the Local Controller.......................................................................................... 456

Using the Initial Setup ................................................................................................... 456

Using the Web UI ........................................................................................................... 456

Using the CLI ...................................................................................................................456

Configuring Layer-2/Layer-3 Settings .................................................................................456

Configuring Trusted Ports..................................................................................................... 457

Configuring Local Controller Settings................................................................................. 457

Configuring APs...................................................................................................................... 457

Using the WebUI to configure the LMS IP.................................................................457

Using the CLI to configure the LMS IP........................................................................ 458

Chapter 22 Remote Nodes.................................................................................................................. 459

Creating Remote Node Profiles.................................................................................................... 459

Adding a New Remote Node Profile ...................................................................................460

Defining Remote Node Address Pools................................................................................461

OSPF and Static Routes.........................................................................................................462

Configuration Examples.........................................................................................................462

Create a remote node profile ....................................................................................... 463

Define VLANs for a remote node profile and assign a wired aaa profile to each

VLAN................................................................................................................................. 463

Identify the RN interfaces to be used as access ports for each VLAN ................ 463

Configure each VLAN interface with an internal IP address.................................. 463

Manage and configure the uplink network connection .......................................... 464

Configure the uplink network connection and define a static IPsec route map . 464

Configure user roles and passwords for administrative users .............................. 464

Define the server used for name and address resolution.......................................464

Define the OSPF settings for the upstream router.................................................... 464

(Optional) Define SNMP settings................................................................................. 464

Specify that the RN use its internal database to authenticate clients.................. 464

Define NAT settings and identify the interface for outgoing RADIUS packets ... 464

Define DHCP pools for a RN tunnel.............................................................................464

Define RN DHCP pools for each VLAN .......................................................................465

Configuring the Remote Node Whitelist .....................................................................................466

Adding an RN to the whitelist............................................................................................... 467

Viewing Remote Node Whitelist Settings ..........................................................................467

Installing the Remote Node at the Remote Site ........................................................................ 467

Monitoring and Managing Remote Nodes.................................................................................468

Editing a Remote Node Configuration................................................................................. 468

Monitoring a Remote Node...................................................................................................469

20 | Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

In the WebUI ...................................................................................................................469

In the CLI.......................................................................................................................... 469

RN Troubleshooting ............................................................................................................... 470

Chapter 23 IP Mobility......................................................................................................................... 471

Dell Mobility Architecture.............................................................................................................471

Configuring Mobility Domains ......................................................................................................472

Configuring a Mobility Domain ............................................................................................. 473

Using the WebUI ............................................................................................................ 473

Using the CLI ...................................................................................................................473

Joining a Mobility Domain .................................................................................................... 474

In the WebUI ...................................................................................................................474

In the CLI.......................................................................................................................... 474

Example Configuration...........................................................................................................474

Configuring Mobility using the WebUI........................................................................ 475

Configuring Mobility using the CLI.......................................................................................476

Tracking Mobile Users .................................................................................................................. 476

Mobile Client Roaming Status.............................................................................................. 476

Viewing mobile client status using the WebUI ......................................................... 476

Viewing mobile client status using the CLI ................................................................476

Viewing user roaming status using the CLI ............................................................... 477

Viewing specific client information using the CLI .................................................... 478

Mobile Client Roaming Locations........................................................................................ 478

In the WebUI ...................................................................................................................478

In the CLI.......................................................................................................................... 478

HA Discovery on Association...............................................................................................478

Setting up Mobility Association Using CLI.................................................................478

Advanced Mobility Functions.......................................................................................................478

Configuring Advanced Mobility Functions Using the WebUI ................................. 478

Configuring Mobility Functions Using CLI ..................................................................480

Proxy Mobile IP.......................................................................................................................481

Proxy DHCP ............................................................................................................................. 481

Revocations.............................................................................................................................481

Bridge Mode Mobility ....................................................................................................................481

Mobility Multicast........................................................................................................................... 483

Proxy IGMP and Proxy Remote Subscription.................................................................... 483

Inter-controller Mobility........................................................................................................ 483

Configuring Mobility Multicast Using the WebUI .....................................................484

Configuring Mobility Multicast Using the CLI............................................................485

Example............................................................................................................................ 485

Chapter 24 VRRP.................................................................................................................................. 487

Redundancy Parameters............................................................................................................... 487

Configuring the Local Controller for Redundancy.............................................................488

In the WebUI ...................................................................................................................489

In the CLI.......................................................................................................................... 489

Configuring the LMS IP..........................................................................................................489

In the WebUI ...................................................................................................................489

In the CLI.......................................................................................................................... 489

Configuring the Master Controller for Redundancy .........................................................489

Configuring Database Synchronization.............................................................................. 491

In the WebUI ...................................................................................................................491

In the CLI.......................................................................................................................... 491

Incremental Configuration Synchronization...................................................................... 492

In the CLI.......................................................................................................................... 492

Configuring Master-Local Controller Redundancy........................................................... 492

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide | 21

Chapter 25 RSTP .................................................................................................................................. 495

Migration and Interoperability ..................................................................................................... 495

Rapid Convergence........................................................................................................................495

Edge Port and Point-to-Point................................................................................................ 496

Configuring RSTP............................................................................................................................ 496

In the WebUI ........................................................................................................................... 496

In the CLI .................................................................................................................................. 497

Monitoring RSTP.....................................................................................................................498

Troubleshooting..............................................................................................................................498

Chapter 26 PVST+................................................................................................................................ 501

Interoperability and Best Practices ............................................................................................ 501

Configure using the CLI ................................................................................................................. 501

Configure using the WebUI........................................................................................................... 502

Chapter 27 W-600 Series Controller ................................................................................................. 503

Important Points to Remember .................................................................................................... 503

Internal Access Point (AP)............................................................................................................ 504

USB Cellular Modems.................................................................................................................... 504

Functional Description...........................................................................................................504

Mode-Switching..................................................................................................................... 504

USB Modems Commands ..................................................................................................... 504

Uplink Manager ..................................................................................................................... 505

Cellular Profile.........................................................................................................................506

Dialer Group ............................................................................................................................ 507

Configuring a Supported USB Modem........................................................................................ 508

Configuring a New USB Modem..................................................................................................509

Configuring the Profile and Modem Driver ........................................................................509

Configuring the TTY Port ....................................................................................................... 511

Testing the TTY Port...............................................................................................................512

Selecting the Dialer Profile ................................................................................................... 512

Linux Support .......................................................................................................................... 513

NAS (Network-Attached Storage)............................................................................................... 513

NAS Device Setup..................................................................................................................513

Configuring in the CLI.............................................................................................................514

Managing NAS Devices........................................................................................................ 515

Mounting and Unmounting Devices ................................................................................... 515

Print Server...................................................................................................................................... 516

Printer Setup Using the CLI...................................................................................................516

Additional Commands for Managing Printers ...................................................................517

Sample Topology and Configuration ...........................................................................................518

Remote Branch 2—W-650 Controller .................................................................................519

W-3200 Central Office Controller—Active......................................................................... 520

W-3200 Central Office Controller—Backup....................................................................... 522

Upgrading and Migrating ..............................................................................................................523

Chapter 28 OSPFv2 .............................................................................................................................. 525

Important Points to Remember .................................................................................................... 525

WLAN Scenario ..............................................................................................................................525

WLAN Topology......................................................................................................................526

WLAN Routing Table..............................................................................................................526

Branch Office Scenario.................................................................................................................526

Branch Office Topology.........................................................................................................527

22 | Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

Branch Office Routing Table ................................................................................................527

Configuring OSPF............................................................................................................................ 528

Deployment Best Practices ..........................................................................................................530

Sample Topology and Configuration ...........................................................................................531

Remote Branch 1.................................................................................................................... 531

Remote Branch 2.................................................................................................................... 532

W-3200 Central Office Controller—Active......................................................................... 533

W-3200 Central Office Controller—Backup....................................................................... 535

Chapter 29 Wireless Intrusion Prevention....................................................................................... 537

Reusable Wizard............................................................................................................................. 537

Wizard Intrusion Detection ................................................................................................... 538

Wizard Intrusion Protection..................................................................................................539

Protection for Infrastructure ........................................................................................539

Protection for Clients..................................................................................................... 539

Monitoring Dashboard................................................................................................................... 540

Rogue AP Detection.......................................................................................................................541

Classification Terminology....................................................................................................541

Classification Methodology.................................................................................................. 542

Match Methods ..............................................................................................................542

Match Types ................................................................................................................... 542

Suspected Rogue Confidence Level ...........................................................................543

AP Classification Rules..........................................................................................................543

SSID specification.......................................................................................................... 543

SNR specification........................................................................................................... 543

Discovered-AP-Count specification ........................................................................... 543

Example Rules................................................................................................................. 544

Rule Matching.........................................................................................................................544

Intrusion Detection......................................................................................................................... 544

Infrastructure Intrusion Detection.......................................................................................544

Detect 802.11n 40MHz Intolerance Setting................................................................547

Detect Active 802.11n Greenfield Mode..................................................................... 547

Detect Ad hoc Networks............................................................................................... 547

Detect Ad hoc Network Using Valid SSID ................................................................. 547

Detect AP Flood Attack .................................................................................................547

Detect AP Impersonation.............................................................................................. 548

Detect AP Spoofing........................................................................................................ 548

Detect Bad WEP............................................................................................................. 548

Detect Beacon Wrong Channel................................................................................... 548

Detect Client Flood Attack ............................................................................................548

Detect CTS Rate Anomaly............................................................................................. 548

Detect RTS Rate Anomaly............................................................................................. 548

Detect Devices with an Invalid MAC OUI .................................................................. 548

Detect Invalid Address Combination .......................................................................... 548

Detect Overflow EAPOL Key......................................................................................... 549

Detect Overflow IE .........................................................................................................549

Detect Malformed Frame-Assoc Request ................................................................. 549

Detect Malformed Frame-Auth.................................................................................... 549

Detect Malformed Frame-HT IE................................................................................... 549

Detect Malformed Frame-Large Duration.................................................................. 549

Detect Misconfigured AP ............................................................................................. 549

Detect Windows Bridge................................................................................................ 549

Detect Wireless Bridge................................................................................................. 549

Detect Broadcast Deauthentication ...........................................................................549

Detect Broadcast Disassociation................................................................................ 550

Detect Netstumbler........................................................................................................ 550

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide | 23

Detect Valid SSID Misuse............................................................................................. 550

Detect Wellenreiter ....................................................................................................... 550

Client Intrusion Detection ..................................................................................................... 550

Detect Block ACK DoS .................................................................................................. 552

Detect ChopChop Attack............................................................................................... 552

Detect Disconnect Station Attack...............................................................................552

Detect EAP Rate Anomaly ............................................................................................ 552

Detect FATA-Jack Attack Structure ...........................................................................553

Detect Hotspotter Attack ..............................................................................................553

Detect Meiners Power Save DoS Attack...................................................................553

Detect Omerta Attack.................................................................................................... 553

Detect Rate Anomalies.................................................................................................. 553

Detect TKIP Replay Attack ........................................................................................... 553

Detect Unencrypted Valid Clients ............................................................................... 553

Detect Valid Client Misassociation .............................................................................553

Detect AirJack................................................................................................................ 554

Detect ASLEAP ...............................................................................................................554

Detect Null Probe Response ........................................................................................554

Intrusion Protection ....................................................................................................................... 554

Infrastructure Intrusion Protection .....................................................................................554

Protect 40MHz 802.11 High Throughput Devices......................................................555

Protect 802.11n High Throughput Devices................................................................. 555

Protect from Adhoc Networks .....................................................................................555

Protect From AP Impersonation .................................................................................. 555

Protect Misconfigured AP ............................................................................................555

Protect SSID.................................................................................................................... 555

Rogue Containment........................................................................................................ 555

Suspected Rogue Containment ................................................................................... 555

Client Intrusion Protection.................................................................................................... 556

Protect Valid Stations.................................................................................................... 556

Protect Windows Bridge............................................................................................... 556

WLAN Management System ........................................................................................................556

Configuring WMS via the WebUI.........................................................................................556

Configuring WMS via the CLI ...............................................................................................557

Configuring Local WMS Settings ................................................................................ 557

Managing the WMS Database .................................................................................... 557

Client Blacklisting...........................................................................................................................558

Methods of Blacklisting.........................................................................................................558

Manual Blacklisting ............................................................................................................... 558

Authentication Failure Blacklisting .....................................................................................559

Attack Blacklisting ................................................................................................................. 559

Blacklist Duration ................................................................................................................... 560

Removing a Client from Blacklisting....................................................................................560

Chapter 30 WIP Advanced Features ................................................................................................ 561

TotalWatch ......................................................................................................................................561

Channel Types and Qualifiers...............................................................................................561

Monitoring ............................................................................................................................... 562

Scanning Spectrum................................................................................................................562

Channel Dwell Time ............................................................................................................... 562

Channel Visiting...................................................................................................................... 563

Age out of Devices................................................................................................................. 563

TotalWatch Administration...........................................................................................................563

Configuring Per Radio Settings............................................................................................ 563

Configuring Per AP Setting................................................................................................... 564

Licensing..................................................................................................................................565

Tarpit Shielding...............................................................................................................................565

24 | Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

Tarpit Shielding Administration.................................................................................................... 565

Configuring Tarpit Shielding................................................................................................. 566

Licensing..................................................................................................................................566

Chapter 31 Link Aggregation Control Protocol ............................................................................... 567

Important Points to Remember .................................................................................................... 567

Configuring LACP............................................................................................................................ 567

In the CLI .................................................................................................................................. 567

In the WebUI ........................................................................................................................... 569

Best Practices................................................................................................................................. 569

Sample Configuration .................................................................................................................... 570

Chapter 32 Management Access...................................................................................................... 571

Certificate Authentication for WebUI Access...........................................................................571

Configuring Certificate Authentication for WebUI Access............................................. 571

In the WebUI ...................................................................................................................571

In the CLI.......................................................................................................................... 572

Public Key Authentication for SSH Access ............................................................................... 572

In the WebUI ...................................................................................................................572

In the CLI.......................................................................................................................... 573

Radius Server Authentication ...................................................................................................... 573

Radius Server Username/Password Authentication........................................................573

In the WebUI ...................................................................................................................573

In the CLI.......................................................................................................................... 573

RADIUS Server Authentication with VSA...........................................................................574

RADIUS Server Authentication with Server-Derivation Rule .........................................574

Configuring a Value-of Server-derivation Rule in the WebUI................................. 574

In the CLI.......................................................................................................................... 575

Configuring a set-value server-derivation rule in the WebUI................................. 575

In the CLI.......................................................................................................................... 576

Disabling Authentication of Local Management User Accounts................................... 576

In the WebUI ...................................................................................................................576

In the CLI.......................................................................................................................... 576

Verifying the configuration ................................................................................................... 576

Resetting the Admin or Enable Password.......................................................................... 576

Bypassing the Enable Password Prompt ...........................................................................577

Setting an Administrator Session Timeout.........................................................................577

Setting a CLI Session Timeout ..................................................................................... 577

Setting a WebUI Session Timeout............................................................................... 578

Management Password Policy ....................................................................................................578

Defining a Management Password Policy......................................................................... 578

In the WebUI ...................................................................................................................578

Management Authentication Profile Parameters............................................................. 580

Managing Certificates ...................................................................................................................580

About Digital Certificates...................................................................................................... 581

Obtaining a Server Certificate.............................................................................................. 581

In the WebUI ...................................................................................................................582

In the CLI.......................................................................................................................... 582

Obtaining a Client Certificate................................................................................................582

Importing Certificates............................................................................................................ 583

In the WebUI ...................................................................................................................583

In the CLI.......................................................................................................................... 583

Viewing Certificate Information........................................................................................... 583

Imported Certificate Locations.............................................................................................584

Checking CRLs ........................................................................................................................ 584

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide | 25

Configuring SNMP.......................................................................................................................... 585

SNMP Parameters for the Controller.................................................................................. 585

In the WebUI ...................................................................................................................586

In the CLI.......................................................................................................................... 586

Configuring Logging .......................................................................................................................586

In the WebUI ...................................................................................................................588

In the CLI.......................................................................................................................... 588

Guest Provisioning ......................................................................................................................... 588

Configuring the Guest Provisioning Page...........................................................................588

In the WebUI ...................................................................................................................588

Configuring the SMTP Server and Port in the WebUI.............................................. 591

Configuring an SMTP server and port in the CLI ...................................................... 592

Creating Email Messages in the WebUI..................................................................... 592

Configuring a Guest Provisioning User............................................................................... 593

In the WebUI ...................................................................................................................593

In the CLI.......................................................................................................................... 594

Customizing the Guest Access Pass........................................................................... 595

Creating Guest Accounts...................................................................................................... 595

Guest Provisioning User Tasks ....................................................................................596

Importing Multiple Guest Entries................................................................................. 597

Optional Configurations.........................................................................................................600

Restricting one Captive Portal Session for each Guest........................................... 601

Setting the Maximum Time for Guest Accounts .......................................................601

Managing Files on the Controller................................................................................................. 601

Transferring ArubaOS Image Files...................................................................................... 602

In the WebUI ...................................................................................................................602

In the CLI.......................................................................................................................... 603

Backing Up and Restoring the Flash File System..............................................................603

Backup the Flash File System in the WebUI..............................................................603

Backup the Flash File Systemin the CLI...................................................................... 603

Restore the Flash File System in the WebUI.............................................................. 603

Restore the Flash File System Using CLI ....................................................................603

Copying Log Files....................................................................................................................603

In the WebUI ...................................................................................................................603

In the CLI.......................................................................................................................... 603

Copying Other Files ................................................................................................................ 604

In the WebUI ...................................................................................................................604

In the CLI.......................................................................................................................... 604

Setting the System Clock .............................................................................................................. 604

Manually Setting the Clock ................................................................................................... 604

In the WebUI ...................................................................................................................604

In the CLI.......................................................................................................................... 604

Clock Synchronization........................................................................................................... 605

In the WebUI ...................................................................................................................605

In the CLI.......................................................................................................................... 605

Configuring NTP Authentication.......................................................................................... 605

In the WebUI ...................................................................................................................605

In the CLI.......................................................................................................................... 606

Chapter 33 Spectrum Analysis .......................................................................................................... 607

Overview ..........................................................................................................................................607

Spectrum Analysis Clients.................................................................................................... 609

Hybrid AP Channel Changes.................................................................................................610

Hybrid APs Using Mode-Aware ARM................................................................................. 610

Creating Spectrum Monitors and Hybrid APs ........................................................................... 611

Converting APs to Hybrid APs .............................................................................................. 611

In the WebUI ...................................................................................................................611

26 | Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

In the CLI.......................................................................................................................... 612

Converting an Individual AP to a Spectrum Monitor........................................................ 612

In the WebUI ...................................................................................................................612

In the CLI.......................................................................................................................... 612

Converting a Group of APs to Spectrum Monitors ...........................................................613

In the WebUI ...................................................................................................................613

In the CLI.......................................................................................................................... 613

Configuring the Spectrum Profile ........................................................................................613

In the WebUI ...................................................................................................................614

In the CLI.......................................................................................................................... 615

Connecting Spectrum Devices to the Spectrum Analysis Client ........................................... 615

View Connected Spectrum Analysis Devices ...................................................................616

Disconnecting a Spectrum Device...................................................................................... 617

Configuring the Spectrum Analysis Dashboards ......................................................................618

Selecting a Spectrum Monitor............................................................................................. 618

Changing Graphs within a Spectrum View ........................................................................619

Renaming a Spectrum Analysis Dashboard View ............................................................619

Saving a Dashboard View.....................................................................................................620

Resizing an Individual Graph................................................................................................ 620

Customizing Spectrum Analysis Graphs..................................................................................... 621

Spectrum Analysis Graph Configuration Options .............................................................621

Active Devices................................................................................................................ 622

Active Devices Table..................................................................................................... 623

Active Devices Trend .................................................................................................... 625

Channel Metrics .............................................................................................................627

Channel Metrics Trend.................................................................................................. 628

Channel Summary Table ...............................................................................................630

Device Duty Cycle ..........................................................................................................631

Channel Utilization Trend.............................................................................................. 633

Devices vs Channel........................................................................................................ 634

FFT Duty Cycle ................................................................................................................ 635

Interference Power........................................................................................................ 637

Quality Spectrogram...................................................................................................... 638

Real-Time FFT ................................................................................................................. 639

Swept Spectrogram....................................................................................................... 641

Recording Spectrum Analysis Data ............................................................................................ 644

Creating a Spectrum Analysis Record................................................................................ 644

Saving the Recording.............................................................................................................645

Playing a Spectrum Analysis Recording ............................................................................645

Non-Wi-Fi Interferers .................................................................................................................... 646

Spectrum Analysis Session Log................................................................................................... 647

Viewing Spectrum Analysis Data via the CLI............................................................................. 648

Spectrum Analysis Troubleshooting Tips................................................................................... 649

Spectrum Monitors support One Client per Radio............................................................ 649

Converting a Spectrum Monitor back to an AP or Air Monitor ......................................649

Browser Issues.......................................................................................................................649

Loading a Spectrum View..................................................................................................... 649

Issues with Adobe Flash Player 10.1...................................................................................649

Spectrum Analysis Syslog Messages.................................................................................649

Chapter 34 Software Licenses........................................................................................................... 651

Terminology..................................................................................................................................... 651

Licenses ...........................................................................................................................................652

License Types ......................................................................................................................... 652

Multi-Controller Network ..............................................................................................................653

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide | 27

License Usage................................................................................................................................. 653

Interaction ....................................................................................................................................... 654

Best Practices................................................................................................................................. 655

Installing a License ........................................................................................................................ 655

Enabling a new license on your controller.........................................................................655

Software License Email.........................................................................................................656

Locating the System Serial Number....................................................................................656

Obtaining a Software License Key ......................................................................................656

Creating a software license key ..................................................................................657

Applying the Software License Key in the WebUI............................................................ 657

Applying the Software License Key in the License Wizard.............................................657

Deleting a License..........................................................................................................................657

Moving Licenses............................................................................................................................. 657

Resetting the Controller................................................................................................................. 658

Chapter 35 IPv6 Support..................................................................................................................... 659

About IPv6........................................................................................................................................ 659

IPv6 Topology.................................................................................................................................. 659

IPv6 Support for Controller and AP ............................................................................................. 660

Configure IPv6 Interface Address .......................................................................................662

Using WebUI ...................................................................................................................662

Using CLI.......................................................................................................................... 663

Configure IPv6 Static Neighbor............................................................................................663

Using WebUI ...................................................................................................................663

Using CLI.......................................................................................................................... 663

Configure IPv6 Default Gateway and Static IPv6 Routes ................................................663

Using WebUI ...................................................................................................................663

Using CLI.......................................................................................................................... 664

Manage Controller IP Address.............................................................................................664

Using WebUI ...................................................................................................................664

Using CLI.......................................................................................................................... 664

Configure Multicast Listener Discovery (MLD)................................................................. 664

Using WebUI ...................................................................................................................664

Using CLI.......................................................................................................................... 665

Debug IPv6 Controller............................................................................................................665

Using WebUI ...................................................................................................................665

Using CLI.......................................................................................................................... 665

Provision IPv6 AP ................................................................................................................... 666

Using WebUI ...................................................................................................................666

Using CLI.......................................................................................................................... 666

IPv6 Extension Header (EH) Filtering........................................................................................... 666

Using CLI .................................................................................................................................. 666

Captive Portal over IPv6 ................................................................................................................667

Configuring Captive Portal over IPv6 ..................................................................................667

ArubaOS Support for IPv6 Clients................................................................................................ 667

Enabling IPv6...........................................................................................................................667

Supported Network Configuration.......................................................................................667

Network Connection for Windows IPv6 Clients................................................................ 668

ArubaOS Features that Support IPv6 ..........................................................................................669

Authentication.........................................................................................................................669

Firewall Functions .................................................................................................................. 669

Firewall Policies......................................................................................................................671

Creating an IPv6 firewall policy ...................................................................................672

Assigning an IPv6 Policy to a User Role..................................................................... 673

DHCPv6 Passthrough/Relay..................................................................................................673

28 | Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

IPv6 User Addresses...................................................................................................................... 673

Viewing or Deleting User Entries ......................................................................................... 673

User Roles................................................................................................................................673

Viewing Datapath Statistics for IPv6 Sessions .................................................................674

Important Points to Remember .................................................................................................... 674

Chapter 36 Voice and Video............................................................................................................... 675

Voice and Video License Requirements.....................................................................................675

Configuring Voice and Video ........................................................................................................675

Setting up Net Services.........................................................................................................675

Using Default Net Services .......................................................................................... 676

Creating Custom Net Services..................................................................................... 676

Configuring User Roles..........................................................................................................676

Using the Default User Role ......................................................................................... 677

Creating or Modifying Voice User Roles ....................................................................677

Using the User-Derivation Roles ................................................................................. 679

Configuring Firewall Settings for Voice and Video ALGs.................................................680

Using WebUI ...................................................................................................................680

Using CLI.......................................................................................................................... 680

Additional Video Configurations ..........................................................................................680

Configuring Video over WLAN enhancements ......................................................... 680

Pre-requisites ................................................................................................................. 681

Using CLI.......................................................................................................................... 681

Using the WebUI ............................................................................................................ 684

QoS for Voice and Video ............................................................................................................... 688

VoIP Call Admission Control Profile ....................................................................................688

Using the WebUI ............................................................................................................ 688

Using CLI.......................................................................................................................... 689

Wi-Fi Multimedia .................................................................................................................... 689

Enabling WMM............................................................................................................... 690

Configurable WMM AC Mapping ................................................................................690

Dynamic WMM Queue Management......................................................................... 692

WMM Queue Content Enforcement.................................................................................... 694

Using the WebUI ............................................................................................................ 695

Using CLI.......................................................................................................................... 695

Extended Voice and Video Functionalities.................................................................................695

QoS for Microsoft Office OCS and Apple Facetime.......................................................... 695

Microsoft OCS................................................................................................................. 695

Apple Facetime............................................................................................................... 695

WPA Fast Handover...............................................................................................................696

Using the WebUI to enable WPA fast handover....................................................... 696

Using the CLI to enable WPA fast handover ............................................................. 696

Mobile IP Home Agent Assignment ....................................................................................696

VoIP-Aware ARM Scanning................................................................................................. 696

Using the WebUI ............................................................................................................ 697

Using CLI.......................................................................................................................... 697

Voice-Aware 802.1x ............................................................................................................... 697

Using the WebUI to disable voice awareness for 802.1x ........................................697

Using the CLI to disable voice awareness for 802.1x...............................................697

SIP Authentication Tracking.................................................................................................697

Using the WebUI to configure the SIP client user role............................................ 698

Using the CLI to configure the SIP client user role .................................................. 698

Real Time Call Quality Analysis............................................................................................698

Using the Web UI ........................................................................................................... 698

Using CLI.......................................................................................................................... 699

SIP Session Timer .................................................................................................................. 700

Using the WebUI ............................................................................................................ 700

Dell PowerConnect W-Series ArubaOS 6.1 | User Guide | 29

Using CLI.......................................................................................................................... 701

Voice and Video Traffic Awareness for Encrypted Signaling Protocols ......................701

Using the WebUI ............................................................................................................ 702

Using the CLI ...................................................................................................................702

Wi-Fi Edge Detection and Handover for Voice Clients ....................................................702

Using the WebUI ............................................................................................................ 703

Using CLI.......................................................................................................................... 703

Dial Plan for SIP Calls............................................................................................................ 704

Dial Plan Format ............................................................................................................. 704

Configuring Dial Plans ...................................................................................................704

Enhanced 911 Support...........................................................................................................707

Voice over Remote Access Point ........................................................................................708

Battery Boost .......................................................................................................................... 708

Using the WebUI ............................................................................................................ 708

Using the CLI ...................................................................................................................709

Advanced Voice Troubleshooting ............................................................................................... 709

Viewing Troubleshooting Details on Voice Client Status ................................................709

Using the WebUI ............................................................................................................ 709

Using CLI.......................................................................................................................... 710

Viewing Troubleshooting Details on Voice Call CDRs......................................................711

Using the WebUI ............................................................................................................ 711

Using CLI.......................................................................................................................... 712

Enabling Voice Logs...............................................................................................................712

Using the WebUI ............................................................................................................ 712

Using CLI.......................................................................................................................... 713

Viewing Voice Traces............................................................................................................713

Using the WebUI ............................................................................................................ 713

Using CLI.......................................................................................................................... 714

Viewing Voice Configurations.............................................................................................. 714

Using CLI.......................................................................................................................... 714

Chapter 37 External Services Interface........................................................................................... 717

Understanding ESI.......................................................................................................................... 717

Understanding the ESI Syslog Parser.........................................................................................719

ESI Parser Domains ............................................................................................................... 719

Peer Controllers......................................................................................................................720

Syslog Parser Rules............................................................................................................... 721

Condition Pattern Matching ......................................................................................... 721

User Pattern Matching.................................................................................................. 722

ESI Configuration Overview..........................................................................................................722

Configuring Health-Check Method, Groups, and Servers............................................... 722

In the WebUI ...................................................................................................................723

In the CLI.......................................................................................................................... 723

Defining the ESI Server ......................................................................................................... 723

In the WebUI ...................................................................................................................723

In the CLI.......................................................................................................................... 724

Defining the ESI Server Group .............................................................................................724

In the WebUI ...................................................................................................................724

In the CLI.......................................................................................................................... 724

Redirection Policies and User Role..................................................................................... 724

In the WebUI ...................................................................................................................725

In the CLI.......................................................................................................................... 725

ESI Syslog Parser Domains and Rules................................................................................726

Managing Syslog Parser Domains in the WebUI..............................................................726

Adding a new syslog parser domain........................................................................... 726

Deleting an existing syslog parser domain................................................................ 726

Editing an existing syslog parser domain................................................................... 726

30 | Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

+ 812 hidden pages

Dell W-3200 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents