How it Works
HP
Loading...
MSM323
Deployment Manual
78 pgs1.96 Mb0

HP MSM313, MSM323 Deployment Manual

ProCurve 5400zl Switches
Installation and Getting Started Guide
HP MSM313 / MSM323 Integrated Services Access Points Deployment Guide
HP MSM313/MSM323 Integrated Services Access Points
Deployment Guide
Services Access Points
Deployment Guide
© Copyright 2010 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
This document contains proprietary information, which is protected by copyright. No part of this document may be photocopied, reproduced, or translated into another language without the prior written consent of Hewlett-Packard.
Publication Number
5998-0453 July 2010
Trademark Credits
Windows NT®, Windows®, and MS Windows® are US registered trademarks of Microsoft Corporation.
Disclaimer
HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.
The only warranties for Hewlett-Packard products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett-Packard shall not be liable for technical or editorial errors or omissions contained herein.
Hewlett-Packard assumes no responsibility for the use or reliability of its software on equipment that is not furnished by Hewlett-Packard.
Warranty
See the Customer Support/Warranty booklet included with the product. A copy of the specific warranty terms applicable to your Hewlett-Packard products and replacement parts can be obtained from your Hewlett-Packard Sales and Service Office or authorized dealer.
Open Source Software Acknowledgement Statement
This software incorporates open source components that are governed by the GNU General Public License (GPL), version 2. In accordance with this license, Hewlett-Packard will make available a complete, machine-readable copy of the source code components covered by the GNU GPL upon receipt of a written request. Send a request to:
Hewlett-Packard Company, L.P. GNU GPL Source Code Attn: HP Support Roseville, CA 95747 USA
www.hp.com
HP MSM313/MSM323 Deployment Guide 3 Contents
Contents
Chapter 1 Introduction 7
About this guide................................................................................8
Products covered........................................................................8
Important terms..........................................................................8
Conventions ................................................................................8
Contacting support .....................................................................9
Online documentation .................................................................9
Chapter 2 Public/guest networks 11
Introduction ....................................................................................12
Scenario 1a: Hotspot in a box .........................................................13
How it works.............................................................................13
Configuration road map ............................................................13
A. Install the service controller............................................13
B. Configure the wireless network ......................................14
C. Configure the Internet connection ..................................14
D. Define the list of users....................................................14
E. Test the public access interface ......................................14
Scenario 1b: Hotspot with custom interface ...................................16
How it works.............................................................................16
Configuration road map ............................................................16
A. Configure the Internet port .............................................16
Examples ..................................................................................17
A. Customize the login page and logo.................................17
B. Test the public access interface ......................................18
Scenario 1c: Hotspot with satellites and roaming ...........................19
How it works.............................................................................19
Configuration road map ............................................................19
A. Install the APs.................................................................19
B. Switch the APs to autonomous mode .............................20
C. Configure the wireless network ......................................20
D. Set the shared secret on the service controller...............20
E. Configure the connection to the service controller on the
APs .....................................................................................20
Scenario 1d: Hotspot with layer 2 encryption .................................21
How it works.............................................................................21
Configuration road map ............................................................21
A. Create VSCs on the APs..................................................21
B. Create VSCs on the service controller.............................22
Scenario 2a: Hotspot with RADIUS authentication..........................24
How it works.............................................................................24
Configuration road map ............................................................24
A. On the RADIUS server ....................................................24
B. Install the service controller............................................24
C. Configure the wireless network ......................................25
D. Configure the Internet port .............................................25
E. Create a RADIUS profile ..................................................25
F. Enable RADIUS authentication of users ...........................25
G. Test the public access interface......................................25
Scenario 2b: Hotspot with custom interface (via RADIUS server) ..27
How it works.............................................................................27
Configuration road map ............................................................27
A. Customize the login page and logo.................................27
B. Define attributes on the RADIUS server..........................28
C. Configure the service controller to retrieve attributes from
the RADIUS server ..............................................................28
D. Test the public access interface......................................29
Scenario 2c: Hotspot with satellites and roaming (via RADIUS server) 30
How it works.............................................................................30
Configuration road map ............................................................30
A. Install the APs.................................................................30
B. Switch the APs to autonomous mode.............................30
C. Configure the wireless network ......................................31
D. Set the shared secret on the service controller...............31
E. Configure the connection to the service controller on the
APs .....................................................................................31
Scenario 2d: Hotspot with layer 2 security (AAA server) ................32
How it works.............................................................................32
Configuration road map ............................................................32
A. Create VSCs on the APs..................................................32
B. Create VSCs on the service controller.............................33
Scenario 2e: Using two radios to support A+B+G traffic .................35
How it works.............................................................................35
Network topology................................................................35
Configuration road map ............................................................35
A. Configure radio 2 ............................................................35
B. Configure VSC profiles ...................................................35
Scenario 3: Shared hotspot for public and private traffic ................36
How it works.............................................................................36
Configuration road map ............................................................37
A. Define settings on the RADIUS servers ..........................37
B. Install the service controller and AP ...............................37
C. Switch the AP to autonomous mode ..............................37
Configure the service controller..........................................37
A. Configure the Internet port .............................................37
B. Create two RADIUS profiles............................................37
C. Create VLANs..................................................................38
D. Create VSCs....................................................................38
E. Set the shared secret ......................................................39
Configure the AP.................................................................39
A. Create VSCs....................................................................39
B. Configure the connection to the service controller .........40
Scenario 4: Delivering custom HTML pages using VLANs..............41
How it works............................................................................41
Configuration road map ............................................................42
A. On the RADIUS server ....................................................42
B. Install the service controller and the APs........................42
C. Switch the APs to autonomous mode.............................42
D. Configure the wireless network ......................................42
Configure the service controller..........................................42
A. Configure the Internet port .............................................42
B. Create a RADIUS profile..................................................43
C. Configure the service controller to retrieve attributes from
the RADIUS server ..............................................................43
D. Create VLANs .................................................................43
E. Create VSCs ....................................................................44
F. Set the shared secret .......................................................45
Configure the APs ...............................................................45
A. Set static addressing and management VLAN ................45
B. Configure management VLAN.........................................45
C. Configure a VSC .............................................................46
D. Configure the connection to the service controller .........46
Scenario 5: Custom HTML pages on each AP .................................47
How it works.............................................................................47
Configuration road map ............................................................48
A. Install the service controller and the APs........................48
B. Switch the APs to autonomous mode.............................48
C. Create the custom web pages on the web server............48
Configure the APs ...............................................................49
HP MSM313/MSM323 Deployment Guide 4 Contents
A. Configure the wireless network ......................................49
B. Configure the location-aware group name ......................49
C. Configure the connection to the service controller on the
APs .....................................................................................49
Configure the service controller ..........................................50
A. Configure the Internet port .............................................50
B. Configure attributes to activate the customized pages....50
C. Define the list of condo tenants ......................................50
D. Set the shared secret on the service controller...............50
E. Setup location aware.......................................................51
F. Using the public access interface ....................................51
Scenario 6: Multi-site installation (distributed architecture)............52
How it works.............................................................................52
Configuration road map ............................................................53
A. On the RADIUS server ....................................................53
B. Install the service controllers..........................................53
C. Configure the Internet port .............................................53
D. Configure the wireless network ......................................53
E. Create a RADIUS profile ..................................................53
F. Configure the VSC ...........................................................53
G. Customize the login page and logo.................................54
H. Define attributes on the RADIUS server..........................54
I. Configure the service controller to retrieve attributes from
the RADIUS server ..............................................................55
J. Using the public access interface ....................................55
Scenario 7: Multi-site installation (centralized architecture)............56
How it works.............................................................................56
Configuration road map ............................................................56
A. Install the service controllers..........................................56
B. Configure the Internet port .............................................57
C. Configure the wireless network ......................................57
D. Configure the GRE tunnels .............................................57
E. Configure the VSC...........................................................57
A. Configure addressing......................................................70
B. Configure the radios .......................................................71
C. Configure the local mesh links........................................71
D. Configure the connection to the service controller on the
APs .....................................................................................71
E. Create VSCs on the APs..................................................72
Service controller configuration ..........................................73
A. Configure the Internet port .............................................73
B. Set the shared secret on the service controller...............73
C. Create a RADIUS profile..................................................73
D. Create VSCs on the service controller ............................73
E. Configure the radios .......................................................75
F. Configure the local mesh link ..........................................75
Chapter 3 Local mesh deployment 59
Scenario 1a: Dynamic local mesh ...................................................60
How it works.............................................................................60
Configuration road map ............................................................61
A. Install the APs and the service controller........................61
B. Switch the APs to autonomous mode .............................61
AP configuration .................................................................61
A. Configure addressing......................................................61
B. Configure the radios .......................................................62
C. Configure the local mesh links ........................................62
D. Configure the connection to the service controller on the
APs .....................................................................................63
E. Create VSCs on the APs ..................................................63
Service controller configuration..........................................64
A. Configure the Internet port .............................................64
B. Set the shared secret on the service controller ...............64
C. Create a RADIUS profile..................................................64
D. Create VSCs on the service controller ............................64
E. Configure the radios .......................................................66
F. Configure the local mesh link ..........................................66
Scenario 1b: Dynamic local mesh with load balancing....................67
How it works.............................................................................67
Configuration road map ............................................................68
A. Install and configure the AP D and AP E .........................68
B. Install and configure service controller 2........................68
Scenario 2: Creating a self-healing network....................................69
How it works.............................................................................69
Configuration road map ............................................................70
A. Install the APs.................................................................70
B. Switch the APs to autonomous mode .............................70
AP configuration .................................................................70
Chapter 1: Introduction
Contents
About this guide - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 6
Contacting support - - - - - - - - - - - - - - - - - - - - - - - - - - - - 7
1
Introduction
Online documentation - - - - - - - - - - - - - - - - - - - - - - - - - - 7
HP MSM313/MSM323 Deployment Guide 6 1 Introduction
About this guide
This guide contains detailed scenarios for using HP MSM313/MSM323 Integrated Services Access Points and HP MSM Access Points in a wide range of applications.
Although detailed configuration steps are provided for each scenario, this guide does not cover the basic procedures for operating and configuring HP ProCurve mobility devices. This information can be found in the Management and Configuration Guides for each product. You should be familiar with this information before you attempt to use the scenarios in this guide.
Products covered
This guide covers the following products:
MSM313, MSM313-R, MSM323, MSM323-R
MSM335, MSM310, MSM310-R, MSM320, MSM320-R
Important terms
The following terms are used in this guide.
Term Description
AP Refers only to HP MSM Access Points: MSM335, MSM310,
service controller Refers to the HP MSM Integrated Services Access Points,
local mesh In previous versions of the management tool and all former
Conventions
Management tool
This guide uses specific syntax when directing you to interact with the management tool user interface. Refer to this image for identification of key user-interface elements and then the table below showing example instructions:
MSM310-R, MSM320, and MSM320-R.
comprised of the MSM313, MSM313-R, MSM323, and MSM323-R.
documentation, “local mesh” was known as “DWDS” (dynamic wireless distribution system).
HP MSM313/MSM323 Deployment Guide 71 Introduction
Main menu
Sub-menu
Example directions in this guide What to do in the user interface
Select Security > RADIUS profiles. On the main menu select Security and then
select RADIUS profiles on the sub-menu.
For Password specify secret22. In the field Password enter the text
secret22 exactly as shown.
Commands and program listings
Monospaced text identifies commands, and program listings as follows:
Example Description
use-access-list
ip_address
ssl-certificate=URL [%s]
[ONE | TWO]
Contacting support
The HP Web site, www.hp.com/networking/support provides up-to-date support information.
Additionally, your HP-authorized network reseller can provide you with assistance, both with services that they offer and with services offered by HP.
Online documentation
The latest documentation is available on the HP Support Web page at:
www.hp.com/networking/support.
Command name. Specify it as shown.
Items in italics are parameters for which you must supply a value.
Items enclosed in square brackets are optional. You can either include them or not. Do not include the brackets. In this example you can either include the “%s” or omit it.
Items separated by a vertical line indicate a choice. Specify only one of the items. Do not include the vertical line.
HP MSM313/MSM323 Deployment Guide 8 1 Introduction
Chapter 2: Public/guest networks
Public/guest networks
Contents
Introduction - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 10
Scenario 1a: Hotspot in a box- - - - - - - - - - - - - - - - - - - - - - - 11
2
Scenario 1b: Hotspot with custom interface - - - - - - - - - - - - - - - - 14
Scenario 1c: Hotspot with satellites and roaming - - - - - - - - - - - - - 17
Scenario 1d: Hotspot with layer 2 encryption - - - - - - - - - - - - - - - 19
Scenario 2a: Hotspot with RADIUS authentication - - - - - - - - - - - - - 22
Scenario 2b: Hotspot with custom interface (via RADIUS server) - - - - - 25
Scenario 2c: Hotspot with satellites and roaming (via RADIUS server) - - - 28
Scenario 2d: Hotspot with layer 2 security (AAA server) - - - - - - - - - - 30
Scenario 2e: Using two radios to support A+B+G traffic - - - - - - - - - - 33
Scenario 3: Shared hotspot for public and private traffic - - - - - - - - - - 34
Scenario 4: Delivering custom HTML pages using VLANs - - - - - - - - - 39
Scenario 5: Custom HTML pages on each AP- - - - - - - - - - - - - - - 45
Scenario 6: Multi-site installation (distributed architecture) - - - - - - - - - 50
Scenario 7: Multi-site installation (centralized architecture)- - - - - - - - - 54
HP MSM313/MSM323 Deployment Guide 10 2 Public/guest networks
Introduction
This chapter presents a variety of scenarios for public/guest network access deployments using MSM313/MSM323 Integrated Services Access Points operating alone or with one or more MSM Access Points.
Note: In this chapter, the MSM313 and MSM323 Integrated Services Access Points are
often referred to as "service controller" and MSM Access Points are often referred to as "AP."
HP MSM313/MSM323 Deployment Guide 11 2 Public/guest networks
P
U
B
L
I
C
W
L
A
N
1.4
1.5
1.6
1.7
Service controller
LAN
LAN port
Internet port
192.168.1.0
1.2 1.3
Management
station
Modem
Scenario 1a: Hotspot in a box
This scenario shows you how to quickly deploy and test the service controller without installing a RADIUS server. Instead, user authentication is handled locally.
How it works
In this scenario, a single service controller is installed to provide a wireless network and access to the Internet. The service controller is connected to the Internet by way of a broadband modem, and the Internet connection is protected by the service controller’s firewall and NAT features (which are enabled by default).
service controller acts as the DHCP server on both the wireless and wired networks which are bridged together on subnet 192.168.1.0.
User authentication is handled locally by the service controller and accounts are created on the
A local area network is connected to the service controller’s LAN port to support wired users. The
service controller for each user. There is no support for accounting.
The default public access interface resident on the service controller is used to control user logins and manage their sessions.
The default VSC is used on the service controller, which means that users connect with the SSID “HP ProCurve”.
Configuration road map
A. Install the service controller
1. Install the service controller as described in its Quickstart guide.
2. Connect the Internet port to a broadband modem and then restart the modem.
HP MSM313/MSM323 Deployment Guide 12 2 Public/guest networks
3. Connect the LAN port to the local area network.
4. Start the management tool.
B. Configure the wireless network
By default the service controller is configured to:
automatically choose the best operating channel (frequency)
support 802.11b/g clients
create a wireless network named HP ProCurve
There is no need to change these settings for this scenario.
C. Configure the Internet connection
1. Select Network > Ports > Internet port.
2. Select the addressing option supported by your ISP and click Configure.
3. Define all settings as required by your ISP.
D. Define the list of users
1. Select Users > Users.
2. Add usernames and passwords for all users.
E. Test the public access interface
To test your installation, use a wireless client station to log onto the public access interface. The wireless client should be configured as a DHCP client.
1. Start the client station’s web browser and try to connect to a web site on the Internet.
2. The service controller will intercept the URL and display the Login page. (Depending on the
type of certificate that is installed on the service controller, you may see a security warning first. Accept the certificate to continue.)
HP MSM313/MSM323 Deployment Guide 13 2 Public/guest networks
3. Specify a valid user name and password and click Go.
4. The Session page should open and you are automatically redirected to the web site you
originally requested.
Note: The session page may not appear if your web browser has a popup blocker.
HP MSM313/MSM323 Deployment Guide 14 2 Public/guest networks
P
U
B
L
I
C
W
L
A
N
1.4
1.5
1.6
1.7
Service controller
LAN port
Internet port
192.168.1.0
1.2 1.3
Router
Firewall
Web server
LAN B
192.168.5.0
5.1
5.21.1
LAN A
Management
station
Scenario 1b: Hotspot with custom interface
This scenario adds custom settings to the default public access interface used in Scenario 1a.
This scenario illustrates how to customize the operation of the public access interface by defining custom web pages on a third-party web server and loading them onto the service controller.
How it works
In this scenario, a web server is used to store custom pages for the public access interface. The service controller loads these pages instead of using the default pages.
In this version, the web server is located on local LAN B, however it could also be located on the Internet.
The router is also the DHCP server for LAN B, operating on subnet 192.168.5.0. The service controller’s Internet port is set to operate as a DHCP client.
Configuration road map
Note: Start with the configuration defined in Scenario 1a.
A. Configure the Internet port
1. Select Network > Ports > Internet port.
2. Select DHCP Client and click Save.
HP MSM313/MSM323 Deployment Guide 15 2 Public/guest networks
Examples
Sample public access files are referenced in this document. To get these files, go to the HP support Website at: www.hp.com/networking/support and select the option needed to get to the MSM product documentation page (ProCurve).
Select the documentation page for MSM313 and MSM323 Integrated Services Access Points. You will find the Public Access Examples zip near the other MSM313/MSM323 documentation. Download the zip file and extract its content to a folder on your computer.
A. Customize the login page and logo
To create the pages:
1. Create a folder called newpages on the web server.
2. Create a file called logo.gif that contains your logo and place it in the newpages folder
(recommended size less than 20K). This same image file is shared by all pages.
3. Copy the following files from the MSM Public Access Examples zip file to the newpages
folder on the web server.
login.html
transport.html
session.html
fail.html
4. Edit login.html to meet the requirements of your site, keeping the following restrictions in
mind:
Do not alter the ID tags “<!-- Colubris -->” & “<!-- Custom -->” located at the top of the page.
Do not alter any existing JavaScript code.
5. On the service controller, select Public access > Attributes
6. Assuming that the web server is at the address 192.168.5.1, Add the following attributes to the Configured attributes table:
login-page=192.168.5.1/newpages/login.html
transport-page=192.168.5.1/newpages/transport.html
session-page=192.168.5.1/newpages/session.html
fail-page=192.168.5.1/newpages/fail.html
logo=192.168.5.1/newpages/logo.gif
Note: The pages must be changed as a group. So even if you did not change all the
pages, you must still supply new files for all the pages and define all attributes as shown.
HP MSM313/MSM323 Deployment Guide 16 2 Public/guest networks
7. Determine if the pages were successfully loaded by selecting: Tools > System log.
If the pages were loaded successfully, the log will contain the message:
LOGINFO("%d update(s) to internal HTML pages/logo.\n", updates);
If the pages could not be loaded, the log will contain the message:
LOGWARNING( gettext ("At least one required internal page was not retrieved - Keeping previous set of internal pages.") );
B. Test the public access interface
To test your installation, use a wireless client station to log onto the public access interface. The wireless client should be configured as a DHCP client.)
1. Start the client station’s web browser and try to connect to a web site on the Internet.
2. The service controller will intercept the URL and display the Login page. (Depending on the
type of certificate that is installed on the service controller, you may see a security warning first. Accept the certificate to continue.)
3. To login, specify a valid user name and password. The Session page should open and you automatically redirected to the web site you originally requested.
Note: The session page may not appear if your web browser has a popup blocker.
HP MSM313/MSM323 Deployment Guide 17 2 Public/guest networks
P
U
B
L
I
C
W
L
A
N
P
U
B
L
I
C
W
L
A
N
AP AP
192.168.1.0
LAN port
Internet port
1.2 1.3
P
U
B
L
I
C
W
L
A
N
1.4
1.5
1.6
1.7
Router
Firewall
Web server
LAN B
192.168.5.0
5.1
5.21.1
LAN A
1.81.9
Service controller
Management
station
1.10
1.11
1.12
1.13
1.14
1.15 1.16
1.17
Scenario 1c: Hotspot with satellites and roaming
This scenario adds two APs to extend the wireless network in Scenario 1b.
This scenario adds two autonomous APs to extend the reach of the public access network created by a service controller.
How it works
In this scenario, two autonomous APs are connected to a service controller to provide multiple wireless cells for a large physical location.
Users can log into the public access network at any location and can roam between APs without losing their connection.
By default, each AP is configured as a DHCP client and obtains its address from the service controller, which by default is configured as the DHCP server.
User authentication is handled locally by the service controller, using accounts created on the service controller for each user. There is no support for accounting.
The following diagram illustrates how the topology described in Scenario 1b can be modified to support additional APs and roaming.
Configuration road map
Note: Start with the configuration defined in Scenario 1b.
A. Install the APs
Install the APs as described in the appropriate Quickstart guide.
HP MSM313/MSM323 Deployment Guide 18 2 Public/guest networks
B. Switch the APs to autonomous mode
By default the APs are configured to operate in controlled mode. Switch them to autonomous mode as follows:
1. Start the AP management tool and login.
2. On the home page click Switch to Autonomous Mode. The AP will restart.
3. Before you connect each AP to the LAN, start the management tool and configure each AP as
described in the sections that follow.
C. Configure the wireless network
By default the APs are configured to:
support 802.11b/g clients
automatically choose the best operating channel (frequency)
create a wireless network named HP ProCurve
There is no need to change these settings for this scenario.
D. Set the shared secret on the service controller
1. Select Public access > Access control.
2. In the Access controller shared secret box, set Shared secret and Confirm shared secret
to a unique string. For example: xr2t56. This password will be used by the APs to connect to the service controller when they send authentication requests.
3. Click Save.
E. Configure the connection to the service controller on the APs
Each AP will use the service controller to authenticate user logins. Do the following on each AP.
1. Select VSC > Profiles.
2. Click the HP ProCurve profile to edit it.
3. In the General box, select the Use HP ProCurve MSM controller check box.
4. Click Save.
5. Select Security > Access controller
6. Set the Access controller shared secret to match the secret set on the service controller.
7. Click Save.
Note: By default the AP is set up to use the default gateway assigned by DHCP as the
service controller. Do not change this setting.
HP MSM313/MSM323 Deployment Guide 19 2 Public/guest networks
192.168.1.0
LAN port
Internet port
1.2 1.3
Router
Firewall
Web server
LAN B
192.168.5.0
5.1
5.21.1
LAN A
1.41.41.5
AP
SSID WPA
SSID WEP
Service controller
SSID WPA
SSID WEP
AP
SSID WPA
SSID WEP
Management
tool
Scenario 1d: Hotspot with layer 2 encryption
This scenario adds support for wireless encryption to scenario 1c.
This scenario shows how to enable wireless protection to safeguard transmissions against eavesdropping.
How it works
This scenario creates two virtual service communities (VSCs) on each device. One VSC provides support for WPA (with preshared key) and the other provides support for WEP.
To connect with the wireless network, users must select the SSID of the VSC that matches the option that they want to use. Roaming is supported, since the same VSCs are defined on all APs.
Configuration road map
Note: Start with the configuration defined in Scenario 1c.
A. Create VSCs on the APs
Follow this procedure to create three virtual service communities on all APs.
1. Select VSC > Profiles.
2. On the Virtual Service Communities page, click the HP ProCurve profile to edit it.
3. On the Add/Edit Virtual Service Community page:
Under General, set Name to None.
Under General, select the Use HP ProCurve MSM controller check box.
Under Virtual AP, set WLAN name (SSID) to None.
Click Save.
HP MSM313/MSM323 Deployment Guide 20 2 Public/guest networks
4. On the Virtual Service Communities page, click Add New Profile.
5. On the Add/Edit Virtual Service Community page:
Under General, set Name to WEP.
Under General, select the Use HP ProCurve MSM controller check box.
Under Virtual AP, set WLAN name (SSID) to WEP.
Under Wireless protection:
Select the checkbox and choose WEP.
For Key, specify 13 ASCII characters as the key.
Click Save.
6. On the Virtual Service Communities page, click Add New Profile.
7. On the Add/Edit Virtual Service Community page:
Under General, set Name to WPA.
Under General, select the Use HP ProCurve MSM controller check box.
Under Virtual AP, set WLAN name (SSID) to WPA.
Under Wireless protection:
Select the checkbox and leave the default setting of WPA.
For Mode, select WPA (TKIP) or WPA2 (AES/CCMP).
For Key source, select Preshared key.
For Key and Confirm key, set a unique key value.
Click Save.
B. Create VSCs on the service controller
Follow this procedure to create virtual service communities on the service controller that match each VSC you configured on the APs:
1. Select VSC > Profiles.
2. On the Virtual Service Communities page, click the HP ProCurve profile to edit it.
3. On the Add/Edit Virtual Service Community page:
Under General, set Name to None.
Under Virtual AP, set WLAN name (SSID) to None.
Click Save.
4. On the Virtual Service Communities page, click Add New Profile.
HP MSM313/MSM323 Deployment Guide 21 2 Public/guest networks
5. On the Add/Edit Virtual Service Community page:
Under General, set Name to WEP.
Under Virtual AP, set WLAN name (SSID) to WEP.
Under Wireless protection:
Select the checkbox and choose WEP.
For Key, specify the same 13 ASCII characters you defined on the APs.
Click Save.
6. On the Virtual Service Communities page, click Add New Profile.
7. On the Add/Edit Virtual Service Community page:
Under General, set Name to WPA.
Under Virtual AP, set WLAN name (SSID) to WPA.
Under Wireless protection:
Select the checkbox and leave the default setting of WPA.
For Mode, select WPA (TKIP) or WPA2 (AES/CCMP).
For Key source, select Preshared key.
For Key and Confirm key, set the same unique key value you defined on the APs.
Click Save.
HP MSM313/MSM323 Deployment Guide 22 2 Public/guest networks
P
U
B
L
I
C
W
L
A
N
1.4
1.5
1.6
1.7
Service controller
LAN port
Internet port
192.168.1.0
1.2 1.3
Router
Firewall
RADIUS server
LAN B
192.168.5.0
5.1
5.21.1
LAN A
Management
station
Scenario 2a: Hotspot with RADIUS authentication
This installation shows you how to create a public access network using an AAA (authentication, administration, accounting) RADIUS server to handle user authentication.
How it works
In this scenario a single service controller is installed to provide a wireless network and access to the Internet.
A local area network is connected to the service controller’s LAN port to support wired users. The service controller acts as the DHCP server on both the wireless and wired networks which are bridged together on subnet 192.168.1.0.
A RADIUS server provides services for user authentication and accounting. The RADIUS server is located on local LAN B along with a router/firewall which handles the connection to the Internet and acts as a DHCP server on LAN B.
Configuration road map
A. On the RADIUS server
Define RADIUS accounts for all users that will use the public access network.
B. Install the service controller
1. Install the service controller as described in its Quickstart guide.
2. Connect the Internet port to LAN B.
3. Connect the LAN port to the LAN A.
4. Start the management tool.
Loading...
+ 54 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use