How it Works
D-link
Loading...
DWS-3000
User Manual
174 pgs8.33 Mb0
BROCHURE
57 pgs4.77 Mb0
User Manual
266 pgs8.88 Mb0
User Manual
262 pgs4.22 Mb0
User Manual
6 pgs783.65 Kb0
BROCHURE
338 pgs5.95 Mb0
BROCHURE
270 pgs11.88 Mb0

D-link DWS-3000, DWL-3500AP, DWL-8500AP BROCHURE

Unified Wired & Wireless Access System
Configuration Guide
Product Model: DWS-3000 Series,
DWL-3500AP/8500AP
Version 2.2
Table of Contents
1. Scenario 1 - Basic L2 Edge Setup: 1 Unifie d Switch + 2 APs.............................. .... 4
1.1. Configure the DHCP Server...............................................................................6
1.1.1. Global DHCP Configuration. ................................ ................................ ...... 6
1.1.2. Pool Configuration...................................................................................... 6
1.2. ACL Configuration.............................................................................................7
1.3. Wireless Configuration.......................................................................................9
1.4. Device Connections..........................................................................................10
1.5. Save Configuration ........................................................................................... 11
1.6. Verify the Configuration................................................................................... 12
1.7. Feature Tests.....................................................................................................12
1.7.1. L2 Start Roaming Test.................................... ... ....................................... 12
1.7.2. Auto channel adjustment after associating with AP2............................... 12
1.7.3. Rogue AP Detection .................................................................................14
1.7.4. Power Adjustment.....................................................................................15
1.7.5. Load Balancing.........................................................................................16
1.8. Switch and AP Cleanup............................................. ....................................... 16
2. Scenario 2 – L2/L3 Edge: 1 Unified Switch + 2 AP .............................. ... ..... ...... .. ..18
2.1 Configuring LAN Settings................................................................................ 19
1.1.1. Create VLANs ..........................................................................................19
1.1.2. Configure VLAN Routing ........................................................................ 22
1.1.3. Enable Global Routing..............................................................................24
1.1.4. Configure Static Routing .......................................................................... 24
1.1.5. Configure the Loopback Interface ............................................................ 24
1.1.6. DHCP Server ............................................................................................25
1.1.7. ACL Configuration...................................................................................26
1.2. Configuring WLAN Settings............................................................................29
1.3. Save Configuration ........................................................................................... 31
1.4. Device Connections..........................................................................................31
1.5. Verifying the Configuration.............................................................................. 31
3. Scenario 3 – L3 Overlay: 1 Unified Switch + 1 AP + 1 Remote AP........................33
3.1. Configuring LAN Settings................................................................................ 34
3.1.1. Configure the VLANs...............................................................................34
3.1.2. Configure VLAN Routing ........................................................................ 35
3.1.3. Configure Routing ....................................................................................36
3.1.4. DHCP Server ............................................................................................38
3.1.5. Setting the MTU Size...................... ... ................................... ....................38
3.2. Configuring WLAN Settings............................................................................39
3.2.1. Configure the Basic Settings......................... ............................................ 39
3.2.2. Apply the AP Profile.................................................................................40
3.3. Save Configuration ........................................................................................... 41
3.4. Device Connections..........................................................................................41
3.5. Verifying the Configuration.............................................................................. 41
3.6. Testing the L3 Roaming Feature................................ ... ....................................41
3.6.1. Simulated Roam via Power Down of AP ....................... ..........................41
3.6.2. Simulated Roam via Disabling Radios........................... ... .......................42
3.6.3. Real Roam.................................................................................................42
3.7. Logs & Traps .................................................................................................... 42
3.8. Syslog Configuration........................................................................................44
3.9. Debug................................................................................................................ 44
4. Scenario 4 – L3 Edge: 2 Switches + 2 APs .......................................................... .. ..46
4.1. Overview...........................................................................................................47
4.2. Switch1 & Switch2 LAN Configuration...........................................................48
4.2.1. DHCP........................................................................................................ 48
4.2.2. Configure routes on Switch1, Switch2, and L3 device.............................48
4.2.3. Set the MTU Size............................................... ................................ ... .... 49
4.3. Configure WLAN Settings ..................................... ... ....................................... 49
4.3.1. WPA2 Configuration................................................................................ 49
4.3.2. Configure Discovery................................................................................. 49
4.3.3. Connections...............................................................................................49
4.4. Configure the RADIUS Server......................................................................... 49
4.5. Verifying the Configuration.............................................................................. 50
4.6. Testing the L3 Authenticated Roaming Feature...............................................50
4.6.1. Simulated Roam via Power Down of AP ....................... ..........................50
4.6.2. Simulated Roam via Disabling Radios........................... ... .......................51
4.6.3. Real Roam.................................................................................................51
4.7. WLAN Visualization........................................................................................ 51
Appendix...........................................................................................................................55
Troubleshooting................................................................................................................ 56
1. Scenario 1 - Basic L2 Edge Setup: 1 Unified Switch + 2 APs
The diagram in this scenario shows a very basic L2 edge network configuration with one Unified Switch and two access points. All devices are in the same L2 domain.
The objectives in this setup are as follows:
Set up the minimum configuration for multiple APs
Configure an AP with a static IP
Configure an ACL to prevent wireless clients from accessing the Unified Switch1
management inte rface.
Configure DHCP on the Unified Switch for wireless client address assignment.
Understand some of the D-LINK Wireless Access Point features.
Unified Switch1
10.90.90.90/8
SSID: Guest Network
SSID:
AP1
10.90.90.91/8
Guest Network
AP2
10.90.90.92/8
Seamless Roaming
CL1
An overview of the configuration steps needed for Unified Switch and APs are as follows:
1. Disable DHCP on the APs and assign a static IP address to AP2.
2. Configure the Unified Switch1 DHCP server & address pool for Guest Network clients.
3. Configure an ACL to restrict acce ss from clients on the Guest Network.
4. Attach the APs to Uni f ied Switch1.
5. Validate the APs by adding them to the Valid AP database.
6. Save the configuration.
7. Perform tests.
The table below gives the IP addresses used in this scenario. The following steps will guide yo u through the configuration of the Unified Switch and the Access Point.
Device Subnet
Unified Switch 10.90.90.90/8 (default) AP1 10.90.90.91/8 (default) AP2 10.90.90.92/8 Client Address Pool 10.90.91.1 – 10.90.91.254
To begin the Unified Switch configuration, connect to port 12 (or any other unused port) from a PC that is on the same subnet (10.0.0.0/8) and launch the web browser using this IP address,
10.90.90.90. The Unified Switches and the APs will be connected after completing the entire configuration.
NOTE: Do not power down the switch before saving configuration. NOTE: The default username is “admin” and there is no password.
1.1 Configure AP Network Settings
DHCP client is enabled by default on the APs. However, for this scenario the APs use static IP addresses. For AP1, you can use the default static IP address of 10.90.90.91, but you must access the AP CLI to disable DHCP (otherwise, the AP would receive an address from the switch DHCP server, which you configure in section 1.1. For AP2, you must access the CLI to disable DHCP and to set a new static IP address so that it does not use the same IP address as AP1.
To access and configure AP1 and AP2 by using the access point CLI, use the following steps (Note: you will only have CLI access to the APs prior to them becoming managed by the Unified Switch. Once they reach managed state, the switch will disable CLI access to the APs such that a user cannot modify the configuration of the AP while in managed mode since in this mode the switch provides configuration information to the AP. It is possible to place a managed AP in “debug” mode in order to temporarily allow CLI access to the AP for configuration changes.)
1. Physically connect a PC in the 10.0.0.0 subnet to AP1.
2. Telnet to the AP by using the default IP address of 10.90.90.91. Use the default
username/pass w ord of admin/admin.
3. Enter the following command to disable DHCP:
set management dhcp-status down
4. Enter the command “save-running” to save the current AP configuration.
5. Physically connect a PC in the 10.0.0.0 subnet to AP2.
6. Telnet to the AP by using the default IP address of 10.90.90.91.
7. Enter the following command to change the IP address:
set management static-ip 10.90.90.92
8. Telnet to the AP again by using the IP address of 10.90.90.92 since your initial session will
be dropped upon changing the address.
9. Enter the following command to disable DHCP:
set management dhcp-status down
10. Enter the command “save-running” to save the current AP configuration.
11. Enter the command “Exit” to logout the AP.
1.1. Configure the DHCP Server
The Unified Switch can function as a DHCP server to assign addresses to wireless (or wired) clients that connect to each AP. To configure the DHCP Server, you must configure global settings and the address pool for the clients.
For this scenario, wireless clients will be assigned addresses in the range of 10.90.91.1/8 –
10.90.91.254/8. By limiting the range of addresses, you can then configure an ACL to limit the network access of all clients that have addresses within this range and still maintain additional addresses in this space for static configuration for clients or servers.
Since these addresses are on the 10.0.0.0 network as well as the AP and switch management addresses, you must exclude all addresses that are not in the desired client range.
GuestPool Excluded Addresses Subnet Mask
10.90.91.1 – 10.90.91.254 10.0.0.1 - 10.90.91.0
10.90.92.0 – 10.255.255.255
255.0.0.0
1.1.1. Global DHCP Configuration
Use the following procedures to configure the global DHCP settings.
1. Select the LAN tab from the navigation panel and access Administration Æ DHCP Server
Æ Global Configuration.
2. Enable the Admin Mode
3. Add the excluded addresses as following:
a. 10.0.0.0 through 10.90.91.0 b. 10.90.92.0 throug h 10.255.255.255
1.1.2. Pool Configuration
This section describes how to configure the address pool for the wireless clients.
1. Select Pool Configuration in the Navigation tree.
2. Select create and specify the following settings: a. Pool Name – GuestPool b. Type of Binding - Dynamic c. Network Number – 10.0.0.0 d. Network Mask - 255.0.0.0 e. Days - 1 day f. Hours - 0 g. Minutes - 0 h. Default Router Addresses 10.90.90.90
1.2. ACL Configuration
The ACL in this scenario prevents wireless clients from accessing the web management interface of the switch. All other types of traffic is allowed.
1. From the LAN menu, navigate to the Access Control Lists > IP ACL > Access Profile
Settings page.
2. From the IP ACL field, select Create New Extended ACL from the drop-down menu.
3. Enter 100 in the ACL ID field, then click Submit.
4. From the Rule Configuration page, enter 1 as the Rule ID, Deny as the Action, and False for
Match Every, then click Submit.
5. The screen refreshes with additional fields. Click the Configure button associated with the
appropriate fields and enter the following criteria to deny HTTP traffic from clients on the Guest Network to the Switch and APs:
Protocol Keyword: IP
Source IP Address: 10.90.91.1
Source IP Mask: 0.0.0.255 (This is a wildcard mask)
Destination IP Address: 10.90.90.1
Destination IP Mask: 0.0.0.255
Destination L4 Port: http
6. Create a new rule, enter 2 as the Rule ID, Permit as the Action, and True for Match Every,
then click Submit. The reason for this second rule is that an ACL has an implicit “deny all” rule at the end. ACL rules are checked in order and the action of the first to match the flow is taken. If no match occurs, the packet will be dropped.
Rule 1
Next, you must attach the ACL to port 0/1 and port 0/13 (the physical ports to w hich the APs will be connected) so that the rules are applied to the appropriate wireless client traffic that goes through the APs connected to the switch.
1. From the ACL Æ Interface Configuration page,
2. Select port 0/1 from the Slot/Port drop-down menu.
3. Select IP ACL as the ACL Type.
4. Enter 1 as the sequence number, and click Submit.
5. Repeat the steps to associate ACL 100 with port 0/13.
1.3. Wireless Configuration
You configure and monitor all wireless settings from the WLAN tab on the navigation panel. Since the deployment is an L2 Edge and there are no subnet boundaries to cross, the switch can use the network management IP address for the wireless functions (Note: the Unified Switch component uses an IP address to manage the APs and peer-switches. In a L2 environment like this scenario no inter-subnet routing is required. If however the scenario involves a L3 environment where wireless components including APs and peer-switches cross subnet boundaries, a routing interface must be used, such as a loopback interface to allow routing of control traffic between the Unified Switch and APs and peer switches.)
It is important to set the correct country code on the switch so that the APs operate in the correct regulatory domain.
1. To configure wireless features, select the WLAN tab from the left pane and traverse
down the navigation tree to Administration Æ Basic Setup.
2. Select the Global tab in the right pane and make sure WLAN Switch Mode is enabled
3. Select the appropriate country code then click the Submit to submit the request.
Note: This scenario uses the default AP profile config uration, so you do not need to configure any AAA/RADIUS, Radio, or SSID settings.
Note: The IP address on the Wireless Global Configuration page is the default management IP address of the switch (10.90.90.90). This address is “chosen” by the system for use by the Wireless component for communications with the APs and Peer Switches. If a loopback interface is available, this will be selected first.
1.4. Device Connections
At this point, all the devices are ready to be connected. After the switch discovers the APs, they will appear on the Failed list because the MAC addresses of the APs are not configured in the Valid AP database (i.e. the switch has not been configured to accept any valid APs).
1. Connect AP1 to port 1 of the switch
2. Connect AP2 to port 13 of the switch
3. Wait about 60 seconds and click Monitoring Æ Access Points Æ Authentication Failed Access Points.
4. Select the APs to be managed and click Manage to add them to the valid AP database.
5. To verify the status of APs, click Monitoring Æ Access Point Æ Managed Access Points.
6. To view the local Valid AP database, click Administration Æ Basic Setup, then click the Valid AP tab.
Note: The APs get into Failed Access Point list in about 60 seconds. After you select APs to be managed, the APs enter to fully managed state in about 60 seconds.
1.5. Save Configuration
To save the switch configuration, select Save Changes from the tool bar.
1.6. Verify the Configuration
1. From a wireless client, verify that you can see the “Guest Network” SSID.
2. Using a wireless client, connect to the “Guest Network”.
3. Check the IP address that the switch DHCP server assigned.
4. Try pinging from a client on the Guest Network to the switch or AP IP address. The ping
should pass. Try web browsing to the switch IP address. The browse should fail because of the ACL.
1.7. Feature Tests
This section has some recommend tests you can perform to demonstrate some of the Unified Access System features. Note that the images in this section show IP address and other configuration information that is different than the configuration used in Scenario 1. These images are provide for reference and are not intended to be an exact match of what you see on your switch.
1.7.1. L2 Start Roaming Test
Try roaming between the two APs (you can simulate this by disconnecting an AP from the switch port that you are currently associated with assuming you are utilizing PoE to power the AP). Check the associated client statistics to see which AP the client associates with and to observe that the client has roamed to be associated with the other AP. If you start a Ping between the client and the Unified Switch, you will also observe min i mal packet loss during a roam.
1.7.2. Auto channel adjustment after associating with AP2
To check the current operating channel and to see if any channel adjustment is required, select the WLAN tab from the navigation panel and traverse down to Monitoring Æ Access Points Æ Managed Acces s Points.
When an AP is powered up, the Initial Channel Selection (ICS) algorithm is used to select the best operating channel. The algorithm scans all the available channels (ba sed on the country code) by counting the number of packets received on each channel and selects the channel with the lowest packet count.
A second algorithm, Auto Channel Adjustment (ACA) is used to periodically evaluate the operating channel. The radio must be configured for Auto Channel Adjustment. This can be done by selecting the Automatic Channel check box in the Radio tab of the Basic Setup page. By default this parameter is enabled.
Note: Any changes made to the profile configuration must be explicitly applied to the AP. To apply the profile, navigate to Administration Æ Advanced Configuration Æ AP Profiles, select the profile to apply, and click Apply. This will temporarily disable the radios as the new configuration is applied to the access points that use the profile. In other words, you can make and submit one or many changes to an AP profile however these configuration modifications will not be applied to the AP until you manually apply the profile or an AP comes online into managed state after the profile changes are submitted.
The Channel adjustment algorithm may be triggered periodically or manually. To manually adjust the channel plan, use the following steps:
1. Select the WLAN tab from the navigation panel and navigate to Administration Æ AP Management Æ RF Management.
2. Choose the 802.11 b/g and select the Manual Channel Plan tab and then the Start button to start the process. Use th e Refresh button to check the results of the channel plan.
3. Apply the suggested channel plan by clicking on “Apply” button.
Note: Before manually triggering the adjustment, the Channel Plan History Depth must be set to 0 or 1. This can be done by changing the Channel Plan History Depth in the Configuration tab of the RF Management. By default this parameter is set to 5.
You may also manually change the operational channel from the Administration Æ AP Management Æ Advanced page. Select the appropriate channel of the AP radio and change it to the desired channel on the next screen.
1.7.3. Rogue AP Detection
To check the rogue AP list, select the WLAN tab from the navigation panel and navigate to Monitoring Æ Access Points Æ Rogue/RF Scan Access Points.
1.7.4. Power Adjustment
To check power level, select the WLAN tab from the navigation panel and click Monitoring Æ Access Points Æ Managed Access Points. Select Radio Details tab to check the power level.
The Automatic Power Adjustment algorithm works by setting the initial power of the AP to the value specified in the AP profile. The power is then periodically adjusted to a level based on presence or absence of packet transmission errors. The power is changed in increments of 10%. Automatic adjustment can be done by selecting the Automatic Power in the Radio tab of the Basic Setup. By default this parameter is enabled. The algorithm may be triggered by a periodic timer or manually.
Note: The algorithm never reduces the AP power below the initial power setting as specified in the profile and since the default power level in the default profile is 100 percent, the power would never be reduced unless this value is first changed.
The power adjustment may be manually triggered by selecting the WLAN tab from the navigation panel and traversing down to Administration Æ AP Management Æ RF Management. Select the Manual Power Adjustments tab and then the Start button to start the process (click the Apply button to apply new power adjustment)
You may change the power of the AP radio by selecting the Radio tab of the Basic Setup and changing the Initial Power to the desired setting and click on submit.
Note: Any changes to the radio setting must be applied to the AP. To do this, click Administration Æ Advanced Configuration Æ AP Profiles. Select the profile to apply, then click Apply to update all APs that use the selected profile.
1.7.4.1. Self Healing Cell Recovery
When a Managed AP is powered down, the power of its neighboring AP(s) managed by the same switch is immediately increased by 20%. Power Adjustment Mode should be Interval to see an increase in power of neighboring AP. By default, Initial Power is 100%, so decrease power of APs below 80% or less to see 20% increase before powering down one AP. The power level can be verified in the Radio detail on the Monitoring ÆAccess Points Æ Managed Access Points page.
Note: A maximum of 3 neighboring APs are adjusted.
1.7.5. Load Balancing
The Unified Switch performs load balancing on a per radio basis by tracking the wireless bandwidth utilization. The maximum bandwidth utilization is configured in the Radio tab of the Basic Setup. If the utilization reaches the configured threshold then new client associations are rejected. The default bandwidth utilization threshold is 60%. The WLAN Utilization may be monitore d in the Radio Details tab of Monitoring Æ Access Points Æ Managed Access Points.
1.8. Switch and AP Cleanup
You will not need any of the settings you configured in this scenario for the other three scenarios, so it is a good idea to reset the switch and the APs to the factory defaults.
To reset the switch configuration, click the Tools menu and select Reset Configuration.
To reset the AP configuration, you will need to telnet into the AP CLI and use the “factory-reset” command. As mentioned earlier, you can place the AP into “debug” mode from the switch if the AP is currently managed to gain access to the UI.
2. Scenario 2 – L2/L3 Edge: 1 Unified Switch + 2 AP
The diagram in this section shows a L2/L3 edge/overlay setup. In this scenario, a Unified Switch acts as an L3 device. Although the two APs are directl y connected to the switch, they are in different subnets. Both the APs are managed by the D-LINK Unified Switch. Since the Unified Switch supports VLAN routing, L2 paths can be established between the AP switch ports although they are on different IP subnets such that L3 Tunneling is not required.
This scenario has the following objectives:
Understand how to implement a real plug & play deployment.
Configure VLAN routing interfaces to simulate a L3 network with multiple subnets.
Create an ACL to block IP traffic between clients on different SSIDs.
Assign IP addresses of APs & wireless clients through the Unified Switch DHCP server.
Configure multiple SSIDs with different VLANs.
Enable wireless encryption.
Unified Switch1
Network: 10.90.90.90/8 Loopback: 192.168.10.254
SSID: D-LINK-NET1: VLAN 100 D-LINK-NET2: VLAN 200 Guest Network
AP1
192.168.20.x
Port 0/1 VLAN 20
Port 0/13 VLAN 30
SSID: D-LINK-NET1: VLAN 100 D-LINK-NET2: VLAN 200 Guest Network
AP2
192.168.30.x
Seamless Roaming
CL1
An overview of the configuration steps needed to complete this scenario is as follows:
1. Configure VLANs
2. Configure VLAN routing interfaces
3. Enable routing
4. Create loopback interface for WLAN functions
5. Set up DHCP server and address pools for VLANs
6. Configure ACL
7. Configure the AP profile, including new SSIDs and security
8. Add VLANs to L2 discovery list
9. Attach, discover, and validate APs
10. Save configuration
Loading...
+ 39 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use