Edgecore CAPWAP Technical Guide

Edgecore Networks Corporation

© Copyright 2020 Edgecore Networks Corporation. The information contained herein is subject to change without notice. This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered by Edgecore Networks Corporation. Edgecore Networks Corporation

shall not be liable for technical or editorial errors or omissions contained herein.

How to setup 802.1x Transparent Login with a

CAPWAP-tunneled AP

Released: 2020-05-27

Technical Guide

Table of Contents

1. Introduction ............................................................................................. 3

2. Configuring CAPWAP and WAPM ............................................................. 4

3. Pre-deployment or On-site Configuration ................................................. 6

4. Configuring the desired Service Zone and RADIUS 802.1x authentication .. 8

5. Apply Template to the complete-tunneled AP with 802.1x SSID .............. 10

6. Client Side Verification ........................................................................... 12

7. Conclusion ............................................................................................. 14

8. Remarks ................................................................................................ 14

Pre-requisite

Refer to the technical guide “CAPWAP Tunnel Configuration.” Complete Tunnel uses the CAPWAP protocol to communicate with an Access Point so that all management traffic, authentication traffic, and data traffic from the service area Access Point provided area transmitted back to the Controller before forwarding data traffic to the internet.

1. Introduction

This technical guide provides the administrator with instructions on how to set up the scenarios above. The Controller can implement role-based policies over Layer 3 networks, with user access control available in the remote sites. This feature allows the Controller to support centralized

Access Point management and user management, including authenticated with a RADIUS server in 802.1x Authentication (transparent login). User can deploy this scenario if there RADIUS server is in a intranet, but they could have a Controller deployed with a public IP, so that their network could extend across the Internet, penetrating NATs, and deploy the local network to a remote site, such as penetrating the Great Fire Wall.

2. Configuring CAPWAP and WAPM

2.1. Configure CAPWAP Settings on the Controller with complete-tunnel

Step 1. Enable CAPWAP Status under CAPWAP Tab in WAPM

Main › Device Management › Wide Area AP Management › CAPWAP

Note: Certificate field can be modified with an uploaded certificate if required. Note: Not recommended to modify IP Address and Netmask for Control Channel.

2.2. Configure Template for Remote AP Configuration

Step 1. Confirm the specifications of the AP before configuring the Template. Step 2. Configure Template. Step 3. Configure General Settings. Step 4. Confirm RF Card A & B support selected Bands. Step 5. Step 5. Click Apply and return to the Template page.

Step 6. Configure VAP Configuration. Step 7. Enable VAP. Step 8. Fill in a Profile Name and ESSID. Step 9. Configure VAPs with Complete Tunnel.

Select Complete Tunnel under CAPWAP Tunnel Interface. Select Service Zone for AP to be managed and Apply.

+ 9 hidden pages

Edgecore CAPWAP Technical Guide

Specifications and Main Features

Frequently Asked Questions

User Manual