Extreme Networks Altitude 4511 Evaluation Manual
Extreme Networks Evaluation Guide
© 2011 Extreme Networks, Inc. All rights reserved. Do not reproduce.
This document will describe the industrial design and
modularity, and provide step-by-step configurations for
typical use cases in multi-tenant markets such as hotels.
The glossary of features lists the webUI screens, along
with a short description of the functionality. The highpowered radio will need to be tested by comparing the
Altitude™ 4511 with other, “known” access points. When the
comparison is made, the value of the Altitude 4511 will
become more apparent.
Altitude 4511
Access Point
Evaluation Guide
2
Extreme Networks Evaluation Guide: Altitude 4511 Access Point
© 2011 Extreme Networks, Inc. All rights reserved.
The Extreme Networks Altitude 4511 Access Point can
change the way wireless networks are installed, while
lowering the deployment and operations expense
associated with a wireless network.
When evaluating the Altitude 4511, take note of these
three key features and their cost saving advantages:
Advanced Industrial Design –
“Hide-in-Plain-Sight”
The Altitude 4511 access point installs in minutes
anywhere a CAT 5/6 cable is located. Due to its tiny size,
the Altitude 4511 will hide in plain sight; ceiling mount,
tabletop, or wall surface. A patent-pending mechanical
design is optimized for installation over any structured
wiring CAT 5/6 wall jack. The wallplate form factor is
25mm (1 inch) thick, and flush mounted to the wall
surface. The AP does not protrude into the wall cavity.
This design allows for ecient heat transfer and a
universal installation over any structured wiring plate.
The modular design allows the end-user to add switched
Ethernet ports as needed, and snap in any keystone or
Leviton QuickPort® style connector to the wallplate.
High-Powered 802.11a/b/g/n Radio
Under the sleek exterior, the Altitude 4511 packs a 26dBm
transmitter along with dual omni-directional 3dBi peak
gain antennas. The AP supports either 2.4Ghz or 5.2Ghz
operating bands. 2x2 multiple-input and multiple-output
(MIMO) technology and support for legacy 802.11a/b/g is
ideal for supporting a wide range of laptops, portable
media players, tablets, mobile computers, Wi-Fi phones
and wireless enabled smartphones.
Controller AP
The Altitude 4511 can be managed via CLI or webUI as a
standalone access point. When more than one AP is
installed, any single Altitude 4511 can operate as a
Controller AP for a network of up to 25 Altitude 4511s. By
using the hardware of an access point to run controller
features, the Altitude 4511 dramatically lowers the cost of
a managed, RF controller-based network for small
hotels. All the features you want from an RF controller
are here; firmware management, central configuration,
status and statistics. Also advanced features such as fast
roaming, Smart RF, and Rogue AP detection are all
included in the Controller AP function.
Scope of this Document
This document will describe the industrial design and
modularity, and provide step by step configurations for
typical use cases in multi-tenant markets such as hotels.
The glossary of features lists the webUI screens, along
with a short description of the functionality. The high
powered radio will need to be tested by comparing the
Altitude 4511 with other, “known” access points. When
the comparison is made, the value of the Altitude 4511
will become more apparent.
Use Case 1: Configure a single AP as a standalone AP
using the configuration overrides.
Use Case 2: Use the Initial Setup Wizard to configure a
Controller AP and dependent APs with one WLAN.
Use Case 3: Use the configuration screens to configure a
Controller AP with two WLANs; one open and one
secure. VLANs will be added to WLANs and switched
Ethernet ports.
3
Extreme Networks Evaluation Guide: Altitude 4511 Access Point
© 2011 Extreme Networks, Inc. All rights reserved.
Advanced Industrial Design
Key Features
• Keystone or Leviton QuickPort® connector
• One port RJ-45 Ethernet Module, Three port RJ-45
Ethernet Module
• Snap-on installation in any location where an
Ethernet cable is located
Keystone Connector
The snap-in port is designed to accept any keystonestyle or Leviton QuickPort® connector. These connectors
are a popular mechanical form factor for RJ-11, RJ-45,
F-connector and many more network and communications connectors.
Snap out the blanking plug on the wallplate and snap in
the connector of your choice. The latch on the keystone
connector should always face toward the top of the AP.
One-Port RJ-45 Ethernet Module
The keystone port also accepts a one-port RJ-45 Ethernet
Module. This module is supplied in the shipping box with a
pigtail connector terminating in a 9-pin header. Snap in
the RJ-45 connector and connect the header pin to the
matching header on the back of the unit, labeled “FE1”
RJ-45 Connector for Ethernet
or Digital Phone
RJ-11 Analog
POTs Connector
Three-Port RJ-45 Ethernet Module
The front of the Altitude 4511 has an access cover that
can be removed to expose a hidden connector. A
three-port RJ-45 Ethernet Module connects to the
hidden header and snaps onto the Altitude 4511 in place
of the access cover.
Remove the access cover by using a sharp tool to
depress the latch on the bottom of the Altitude 4511.
Pull the access cover up and away from the Altitude 4511.
Reverse the procedure to install the three-port
Ethernet Module.
The Ethernet Module has three ports labeled “FE2”,
“FE3”, and “FE4”.
RJ-45 Ethernet Module – Supplied
Three Port RJ-45 Ethernet Module – Optional
4
Extreme Networks Evaluation Guide: Altitude 4511 Access Point
© 2011 Extreme Networks, Inc. All rights reserved.
Vital Information Before
We Begin
Power
The Altitude 4511 requires Power over Ethernet. Connect
an 802.3af PoE switch or PoE midspan injector to the
port labeled UP1/PoE on the back of the unit. The AP
will draw between 6.5W and 9W of power depending on
the number of Ethernet ports connected and the transmission speed.
The AP takes three minutes to completely boot up. At two
minutes, the Web server is active and will respond to a
Web browser. However, the backend database will not
authenticate user login for another minute.
Login
The Altitude 4511 can be accessed from a webUI or CLI.
This guide will use the webUI login.
The webUI requires the Adobe Systems flash plugin. If it is
not installed, the webUI will prompt the administrator to
install flash.
For instructions on upgrading the system firmware, see
the Appendix.
Default user name: admin
Default password: admin123
Default IP address: IP address assigned by DHCP client, or
zero-config IP address where the last two octets in the IP
address are the decimal equivalent of the last two bytes in
the MAC address.
Example: MAC address 00:C0:23:00:F0:0A
Zero-config IP address: 169.254.240.10
To use the zero-config IP address, manually set your PC to
same IP subnet. See the Appendix for further assistance
converting the MAC bytes in hex to its decimal equivalent.
After the first login following a factory default configuration, the administrator will be prompted to change the
password.
5
Extreme Networks Evaluation Guide: Altitude 4511 Access Point
© 2011 Extreme Networks, Inc. All rights reserved.
Reset Default Configuration, View Running Config
Use the Operations menu to reload firmware, restart, or view the running configuration. Navigate to Operations ->
Devices. Select the action from the list at the bottom of the page.
Controller AP
A Controller AP is any single Altitude 4511 that is configured to operate as an RF controller. The Controller AP
provides a necessary set of management features
required for a small facility. Key features of the Controller
AP include:
• Automatic adoption of dependent APs
• Central configuration for all APs
• Firmware upgrade on all APs
• One IP address for the network management. The
dependent APs are managed via a secure Layer 2
protocol. IP addresses can be assigned to dependent APs if desired
• Central status and statistics for APs and connected
wireless clients
• IPS/IDS for rogue AP detection
• SmartRF for ecient spectrum management
and redundancy
– Automatic channel selection
– Automatic transmit power adjustment
– Neighbor AP recovery
• Fast roaming for mobile devices
• Role-based client access
• Layer 2 and Layer 3 access control
By default, an AP will be dependent if a Controller exists
in the network. Adoption is automatic.
A dependent AP obtains its configuration from a profile
stored on the Controller AP. Any manual configuration
changes on a dependent AP will be overwritten by the
Controller upon reboot. Up to 24 dependent APs can be
connected to a Controller AP.
6
Extreme Networks Evaluation Guide: Altitude 4511 Access Point
© 2011 Extreme Networks, Inc. All rights reserved.
Initial Setup Wizard
The Wizard will run automatically after a factory reset. It
will walk the administrator through a set of minimum
required configurations. Once complete, profiles will be
created and assigned to the device. To restart the
Wizard, you must reset the unit to factory defaults. See
the Appendix for instructions on resetting the factory
default configuration.
The configuration screens in the Setup Wizard include:
Operating Mode: Standalone AP; Controller AP;
Dependent AP
Basic System Info: Password, Timezone, Country,
Network Access
VLAN and IP Address: Set the native VLAN and member
VLANs for all interfaces. Set whether the interface is an
access or trunk port. Assign the IP address to the uplink
LAN port.
WLAN Configuration: Set up multiple WLANs and set
the minimum required information such as SSID,
Authentication, and VLAN. If needed, set up a RADIUS
server to authenticate a WLAN.
Policies, Profiles and Adoptions
Policies
Most (but not all) configuration elements such as
Firewall and WLAN are configured as a policy. Multiple
policies can be created and edited. Once a policy is
created, it must be mapped onto a device profile. If a
policy is edited, those edited changes are automatically
applied to any device mapped to that policy.
Note that there are policies inside of policies. For
example, Wireless Clients can be allowed or denied
access to the network based on an IP or MAC firewall
policy. Thus, the Wireless Client Roles policy requires a
Firewall policy.
Policies can be created at any time. When the administrator is presented with a drop down box to select a
policy, there will always be a “create” and “edit” button
to allow the additional policy to be created at that time.
To keep the configuration steps clear, we recommend
creating a core set of policies at the beginning. Thus,
these policies will be ready for selection when the device
profiles are created.
Device Profiles
Device Profiles are a container for policies and other
configurations, and are assigned to devices either
manually or by an adoption policy. Device profiles should
be created for major groups of devices. For example, a
typical network would have at least two profiles; one
profile for the Controller AP, and one profile for all
dependent APs. If APs will service distinct areas of a
hotel; such as guest rooms and meeting rooms, then a
unique dependent AP profile may be created for each of
these unique applications.
Device Overrides
Note that any profile configuration can be overridden by
specifically configuring the device. It is recommended
that device overrides be used at a minimum. Commonly,
a device override is used to assign the management IP
address and default gateway to a Controller AP. Another
use for device overrides is to quickly configure a
standalone AP. If a device configuration is overridden, be
certain to document the configuration to prevent
confusion later.
7
Extreme Networks Evaluation Guide: Altitude 4511 Access Point
© 2011 Extreme Networks, Inc. All rights reserved.
Adoption
Dependent APs are adopted by a Controller AP. By default, each AP is standalone or dependent. When a new AP is
installed in the network, it will begin the network discovery process to find a Controller AP. On the Controller AP, an
adoption policy can be created to control which APs are adopted. The policy rules can include MAC address, serial
number, DHCP option, and other parameters.
Policies Available for Configuration
Refer to the Appendix for a description of each of these policies. The core policies that will always be configured are
shown in green. Note that there are policies inside of policies. Also, some policies, notably firewall policies, can be
selected in multiple screens.
TIP
Configure Policies first then map policies to Device Profiles.
In a simple network, edit the “default” policy to match your requirements rather than create new policies.
Policies WebUI Navigation
Devices Menu
Adoption Policy Profile -> <profile name>
RF Domain Menu
RF Domain RF Domain
Wireless Menu
WLANs Profile -> <profile name> -> Radio -> WLAN Mapping
WLAN QoS <link to other policy> Wireless -> Wireless LAN -> Basic Configuration
Radio QoS Profile -> <profile name> -> Radio -> Radio Settings
Remote AAA Server <link to other policy> Wireless -> Wireless LAN -> Security
Services -> Captive Portal
MAC Association ACL Profile -> <profile name> -> Radio -> Radio Settings
<link to other policy> wireless -> wireless lan -> firewall
SmartRF <link to other policy> RF domains -> Basic Configuration
Bridging Profile -> <profile name> -> General
Security Menu
Wireless Firewall Profile -> <profile name> -> Security -> Settings
IP Firewall Profile -> <profile name> -> Interface -> Ethernet ports
Profile -> <profile name> -> Interface -> Virtual Interface
<link to other policy> Wireless, Wireless LAN, Firewall
MAC Firewall Profile -> <profile name> -> Interface -> Ethernet ports
Profile -> <profile name> -> Interface -> Virtual Interface
<link to other policy> Wireless, Wireless LAN, Firewall
Wireless IPS <link to other policy> RF Domains -> Basic Configuration
Wireless Client Roles Profile -> <profile name> -> Security -> Services
Services Menu
Hotspot <link to other policy> Wireless -> Wireless LAN -> Security
DNS Whitelist Services -> Captive Portal
Management Menu
Management Policy Profile -> <profile name> -> Management -> Settings
8
Extreme Networks Evaluation Guide: Altitude 4511 Access Point
© 2011 Extreme Networks, Inc. All rights reserved.
Use Case One
This case will show the configuration required for a
Standalone AP using the device Overrides configuration.
This is the most direct method to configure a standalone
AP and is ideal for conducting a site survey.
Extreme Networks equipment required:
One (1) Altitude 4511
Third-party equipment required:
Two PCs; one upstream and one downstream. Set the
PCs with a static IP address to be on the same subnet.
Alternatively, connect the Altitude 4511 to a subscriber
gateway and test using an Internet connection.
Test Setup
Configure the network and test PCs as shown in
the diagram.
Diagnostics
• Verify the test PCs have the correct IP addresses
• Verify the AP actually has a WLAN associated. Use
the information in the Diagnostics section to view
the WLANs and wireless clients on each AP
5644-01
Downstream Test PC
192.168.100.3/24
Layer 2 Network Switch
Gateway and Router DHCP Server
192.168.100.254/24
Controller Configuration
Password: helpme
Access Method: Telnet, SSH, HTTP
192.168.100.1/24
Upstream Test PC
192.168.100.2/24
Altitude 4511
Standalone Access Point
9
Extreme Networks Evaluation Guide: Altitude 4511 Access Point
© 2011 Extreme Networks, Inc. All rights reserved.
Configuration
Use the device Overrides configuration to configure a standalone AP. Profiles can be used, but the easier path is to
directly configure the device.
RF Domain Overrides
webUI navigation: Configuration -> Devices -> Device Configuration ->
RF Domain Overrides
Select Time Zone and Country
Click OK
Profile Overrides
webUI navigation: Configuration -> Devices -> Device Configuration ->
Profile Overrides
Virtual Interface with IP
Click Interfaces -> Virtual Interfaces
Click Add, leave the VLAN 1 name
Uncheck “Use DHCP to Obtain IP”
Assign an IP address, 192.168.100.1/24
Click OK, then Exit
Radio and WLAN
Click Interfaces -> Radios
Select Radio1, click Edit
Under Radio Settings
Select an operating Channel. Do not select “Smart”
Enter a Transmit power e.g. “24”. Do not select “Smart”
Click OK
Select the WLAN Mapping screen
Click Create a New WLAN
Enter a friendly name in the top box, Enter an SSID
Click create next to the WLANQoS box. Enter a friendly name
Click OK, then Exit
Click OK, then Exit
Select your WLAN from the right side pane, click the << arrow
Click OK, then Exit
Default Gateway
Click Network -> Static Routes
Click Add Row
Enter 0.0.0.0/0 as the network address
Enter 192.168.100.254 as the gateway
Click OK
Commit and Save
Click the Commit button, then Save in the upper right corner
Loading...