wireless mobility 5.4 controller system reference guide

Wireless Mobility 5.4 Controller System Reference GuideSoftware Version 5.4Extreme Networks, Inc.3585 Monroe StreetSanta Clara, California 95051(888) 257-3000(408) 579-2800

http://www.extremenetworks.comPublished: January 2013Part number: 120810-00 Rev 01

http://www.extremenetworks.com

AccessAdapt, Alpine, Altitude, BlackDiamond, Direct Attach, EPICenter, ExtremeWorks Essentials, Ethernet Everywhere, Extreme Enabled, Extreme Ethernet Everywhere, Extreme Networks, Extreme Standby Router Protocol, Extreme Turbodrive, Extreme Velocity, ExtremeWare, ExtremeWorks, ExtremeXOS, Go Purple Extreme Solution, ExtremeXOS ScreenPlay, ReachNXT, Ridgeline, Sentriant, ServiceWatch, Summit, SummitStack, Triumph, Unified Access Architecture, Unified Access RF Manager, UniStack, XNV, the Extreme Networks logo, the Alpine logo, the BlackDiamond logo, the Extreme Turbodrive logo, the Summit logos, and the Powered by ExtremeXOS logo are trademarks or registered trademarks of Extreme Networks, Inc. or its subsidiaries in the United States and/or other countries.

sFlow is the property of InMon Corporation.

Specifications are subject to change without notice.

All other registered trademarks, trademarks, and service marks are property of their respective owners.

2012 Extreme Networks, Inc. All Rights Reserved.Wireless Mobility 5.4 Controller System Reference Guide

2

Table of ContentsChapter 1: About this Guide....................................................................................................................11

Documentation Set .................................................................................................................................................11Document Conventions ..........................................................................................................................................12Notational Conventions ..........................................................................................................................................12

Chapter 2: Overview.................................................................................................................................13

About the Extreme Networks Software...................................................................................................................13

Chapter 3: Web UI Overview....................................................................................................................15

Accessing the Web UI ............................................................................................................................................15Browser and System Requirements................................................................................................................15Connecting to the Web UI ...............................................................................................................................16

Glossary of Icons Used ..........................................................................................................................................17Global Icons ....................................................................................................................................................17Dialog Box Icons .............................................................................................................................................18Table Icons......................................................................................................................................................18Status Icons ....................................................................................................................................................19Configurable Objects.......................................................................................................................................19Configuration Objects......................................................................................................................................22Configuration Operation Icons ........................................................................................................................22Access Type Icons ..........................................................................................................................................23Administrative Role Icons................................................................................................................................23Device Icons....................................................................................................................................................24

Chapter 4: Quick Start..............................................................................................................................25

Using the Initial Setup Wizard ................................................................................................................................25Creating a managed WLAN ...................................................................................................................................34

Assumptions....................................................................................................................................................34Design .............................................................................................................................................................34Using the Controller GUI to Configure the WLAN ...........................................................................................35

Configuring Access to the GUI Using the GE1 Port.................................................................................36Logging into the Controller for the First Time...........................................................................................37Creating a RF Domain .............................................................................................................................38Creating a Wireless Controller Profile ......................................................................................................44Creating a WLAN Configuration...............................................................................................................53Creating an AP Profile .............................................................................................................................56Creating an AP4511 Profile .....................................................................................................................56Creating an AP4700 Profile .....................................................................................................................68Creating a DHCP Server Policy ...............................................................................................................81Completing and testing the configurations...............................................................................................89

Chapter 5: Dashboard ..............................................................................................................................91

Summary ................................................................................................................................................................91Device Listing..................................................................................................................................................92System Screen................................................................................................................................................93

Health.......................................................................................................................................................93Inventory ..................................................................................................................................................98

Network View .......................................................................................................................................................100Wireless Mobility 5.4 Controller System Reference Guide

1

Chapter 6: Device Configuration...........................................................................................................103

Basic Configuration ..............................................................................................................................................105Basic Device Configuration ..................................................................................................................................106License Configuration...........................................................................................................................................109Assigning Certificates...........................................................................................................................................112

Certificate Management ................................................................................................................................114RSA Key Management..................................................................................................................................121Certificate Creation .......................................................................................................................................124Generating a Certificate Signing Request .....................................................................................................127

RF Domain Overrides...........................................................................................................................................129Wired 802.1x Configuration..................................................................................................................................135Profile Overrides...................................................................................................................................................136

Controller Cluster Configuration Overrides (Controllers Only) ......................................................................137Access Point Adoption Overrides (Access Points Only) ...............................................................................139Access Point Radio Power Overrides (Access Points Only) .........................................................................141Profile Interface Override Configuration........................................................................................................143

Ethernet Port Override Configuration.....................................................................................................143Virtual Interface Override Configuration.................................................................................................151Port Channel Override Configuration.....................................................................................................156Radio Override Configuration ................................................................................................................161WAN Backhaul Override Configuration..................................................................................................170

Overriding a Profiles Network Configuration ................................................................................................175Overriding a Profiles DNS Configuration...............................................................................................176Overriding a Profiles ARP Configuration...............................................................................................177Overriding a Profiles L2TPV3 Configuration .........................................................................................179Overriding a Profiles IGMP Snooping Configuration.............................................................................186Select the OK button to save the changes and overrides to the IGMP Snooping tab. Select Reset to revert to the last saved configuration. ..............................................................................................................188Overriding a Profiles Quality of Service (QoS) Configuration................................................................188Overriding a Profile Spanning Tree Configuration.................................................................................190Overriding a Profiles Routing Configuration..........................................................................................193Dynamic Routing (OSPF) ......................................................................................................................194Overriding a Profiles Forwarding Database Configuration....................................................................202Overriding a Profiles Bridge VLAN Configuration..................................................................................204Select the OK button to save the changes and overrides to the General tab. Select Reset to revert to the last saved configuration. ........................................................................................................................207Overriding a Profiles Cisco Discovery Protocol Configuration ..............................................................207Overriding a Profiles Link Layer Discovery Protocol Configuration.......................................................209Overriding a Profiles Miscellaneous Network Configuration .................................................................210

Overriding a Profiles Security Configuration.................................................................................................211Overriding a Profiles General Security Settings....................................................................................212Overriding a Profiles Certificate Revocation List (CRL) Configuration ..................................................214Overriding a Profiles VPN Configuration...............................................................................................215Overriding a Profiles NAT Configuration ...............................................................................................228Overriding a Profiles Bridge NAT Configuration....................................................................................234

Overriding a Profiles VRRP Configuration....................................................................................................236Overriding a Profiles Critical Resources Configuration .........................................................................240Overriding a Profiles Services Configuration.........................................................................................242Overriding a Profiles Management Configuration .................................................................................244Overriding a Profiles Advanced Configuration ......................................................................................249Advanced Profile Miscellaneous Configuration......................................................................................253Overriding a Profiles Mesh Point Configuration ....................................................................................255

Auto Provisioning Policies ....................................................................................................................................257Configuring an Auto Provisioning Policy ................................................................................................259

Critical Resource Policy........................................................................................................................................262Managing Critical Resource Policies.............................................................................................................263Managing Event Policies...............................................................................................................................264Wireless Mobility 5.4 Controller System Reference Guide

2

Managing MINT Policies ...............................................................................................................................265

Chapter 7: Wireless Configuration .......................................................................................................267

Wireless LAN Policy .............................................................................................................................................268Basic WLAN Configuration............................................................................................................................270

WLAN Basic Configuration Deployment Considerations .......................................................................272Configuring WLAN Security ..........................................................................................................................272

802.1x EAP, EAP PSK and EAP MAC ..................................................................................................273MAC Authentication ...............................................................................................................................275Kerberos ................................................................................................................................................277PSK / None ............................................................................................................................................279Captive Portal ........................................................................................................................................279MAC Registration...................................................................................................................................280External Controller .................................................................................................................................281WPA/WPA2-TKIP ..................................................................................................................................282

WPA-TKIP Deployment Considerations...............................................................................................................285WPA2-CCMP .........................................................................................................................................285WEP 64..................................................................................................................................................289WEP 128................................................................................................................................................290KeyGuard...............................................................................................................................................292

Configuring WLAN Firewall Support..............................................................................................................294Configuring Client Settings............................................................................................................................299

WLAN Client Setting Deployment Considerations .................................................................................300Configuring WLAN Accounting Settings........................................................................................................301

Accounting Deployment Considerations ................................................................................................302Configuring Client Load Balancing Settings..................................................................................................302Configuring Advanced WLAN Settings .........................................................................................................303Configuring Auto Shutdown Settings ............................................................................................................305

Configuring WLAN QoS Policies ..........................................................................................................................307Configuring a WLANs QoS WMM Settings ..................................................................................................309Configuring Rate Limit Settings.....................................................................................................................313

WLAN QoS Deployment Considerations ...............................................................................................317Configuring Multimedia Optimizations...........................................................................................................318

WLAN QoS Deployment Considerations ...............................................................................................319Radio QoS Policy .................................................................................................................................................321

Configuring Radio QoS Policies....................................................................................................................322Radio QoS Configuration and Deployment Considerations ..........................................................................329

AAA Policy............................................................................................................................................................331Association ACL ...................................................................................................................................................340

Association ACL Deployment Considerations...............................................................................................341Smart RF Policy ...................................................................................................................................................342

Smart RF Configuration and Deployment Considerations ............................................................................352MeshConnex Policy..............................................................................................................................................353Mesh Qos Policy ..................................................................................................................................................358

Chapter 8: Profile Configuration ...........................................................................................................365

General Profile Configuration ...............................................................................................................................368General Profile Configuration and Deployment Considerations....................................................................369

Profile Cluster Configuration (Controllers Only) ...................................................................................................370Controller Cluster Profile Configuration and Deployment Considerations............................................................372Profile Adoption Configuration (APs Only) ...........................................................................................................373

Profile 802.1x Configuration..........................................................................................................................373Profile Interface Configuration..............................................................................................................................374

Ethernet Port Configuration...........................................................................................................................375Virtual Interface Configuration.......................................................................................................................382Port Channel Configuration...........................................................................................................................385Wireless Mobility 5.4 Controller System Reference Guide

3

Access Point Radio Configuration.................................................................................................................391WAN Backhaul Override Configuration.........................................................................................................398PPPoE Configuration ....................................................................................................................................400Profile Interface Deployment Considerations................................................................................................402

Profile Network Configuration...............................................................................................................................404Setting a Profiles DNS Configuration ...........................................................................................................404ARP...............................................................................................................................................................406L2TPV3 Configuration...................................................................................................................................407Quality of Service (QoS) Configuration .........................................................................................................415Routing Configuration ...................................................................................................................................416Dynamic Routing (OSPF)..............................................................................................................................418Forwarding Database....................................................................................................................................425Bridge VLAN .................................................................................................................................................426 Cisco Discovery Protocol Configuration .......................................................................................................431Link Layer Discovery Protocol Configuration ................................................................................................432Miscellaneous Network Configuration...........................................................................................................434Profile Network Configuration and Deployment Considerations ...................................................................435

Profile Security Configuration...............................................................................................................................436Defining Security Settings .............................................................................................................................436Setting the Certificate Revocation List (CRL) Configuration .........................................................................437Setting the Profiles VPN Configuration ........................................................................................................438Setting the Profiles NAT Configuration.........................................................................................................451Bridge NAT Configuration .............................................................................................................................457Profile Security Configuration and Deployment Considerations....................................................................460

VRRP Configuration .............................................................................................................................................461Critical Resources Configuration..........................................................................................................................466Profile Services Configuration ..............................................................................................................................469

Profile Services Configuration and Deployment Considerations...................................................................470Profile Management Configuration.......................................................................................................................471

Profile Management Configuration and Deployment Considerations............................................................475Advanced Profile Configuration............................................................................................................................476

Configuring MINT ..........................................................................................................................................476Advanced Profile Miscellaneous Configuration.............................................................................................480Overriding a Profiles Mesh Point Configuration............................................................................................481

Chapter 9: Network.................................................................................................................................483

Policy Based Routing (PBR).................................................................................................................................483L2TPV3 Configuration ..........................................................................................................................................488

Network Deployment Considerations............................................................................................................491

Chapter 10: RF Domain Configuration .................................................................................................493

About RF Domains ...............................................................................................................................................493Default RF Domains......................................................................................................................................493User Defined RF Domains ............................................................................................................................494

Managing RF Domains.........................................................................................................................................494RF Domain Basic Configuration....................................................................................................................496RF Domain Sensor Configuration .................................................................................................................499RF Domain Overrides ...................................................................................................................................500RF Domain Deployment Considerations.......................................................................................................503

Chapter 11: Security Configuration ......................................................................................................505

Wireless Firewall ..................................................................................................................................................505Configuring a Firewall Policy .........................................................................................................................506

Adding and Editing Wireless Firewall Policies .......................................................................................507Configuring IP Firewall Rules........................................................................................................................516Configuring MAC Firewall Rules ...................................................................................................................518Wireless Mobility 5.4 Controller System Reference Guide

4

Firewall Deployment Considerations.............................................................................................................521Wireless Client Roles ...........................................................................................................................................521

Configuring a Clients Role Policy .................................................................................................................522Intrusion Prevention .............................................................................................................................................529

Configuring a WIPS Policy ............................................................................................................................530Configuring an Advanced WIPS Policy .........................................................................................................538Configuring a WIPS Device Categorization Policy ........................................................................................542Intrusion Detection Deployment Considerations ...........................................................................................544

Chapter 12: Services Configuration .....................................................................................................545

Configuring Captive Portal Policies ......................................................................................................................545Configuring a Captive Portal Policy...............................................................................................................546Creating DNS Whitelists................................................................................................................................553Captive Portal Deployment Considerations...................................................................................................554

Setting the Controllers DHCP Configuration........................................................................................................555Defining DHCP Pools....................................................................................................................................556Defining DHCP Server Global Settings.........................................................................................................563DHCP Class Policy Configuration .................................................................................................................565DHCP Deployment Considerations...............................................................................................................566

Setting the RADIUS Configuration .......................................................................................................................567Creating RADIUS Groups .............................................................................................................................567

Creating RADIUS Groups ......................................................................................................................569Defining User Pools ......................................................................................................................................570Configuring RADIUS Server Policies ............................................................................................................573

Configuring RADIUS Clients ..................................................................................................................577Configuring a RADIUS Proxy.................................................................................................................579Configuring an LDAP Server Configuration ...........................................................................................580

RADIUS Deployment Considerations............................................................................................................583

Chapter 13: Management Access Policy Configuration .....................................................................585

Viewing Management Access Policies .................................................................................................................585Adding or Editing a Management Access Policy...........................................................................................587

Creating an Administrator Configuration................................................................................................588Setting the Access Control Configuration ..............................................................................................590Setting the Authentication Configuration................................................................................................592Setting the SNMP Configuration ............................................................................................................593SNMP Trap Configuration......................................................................................................................595

Management Access Deployment Considerations...............................................................................................596

Chapter 14: Diagnostics ........................................................................................................................597

Fault Management ...............................................................................................................................................597Crash Files ...........................................................................................................................................................601Advanced Diagnostics..........................................................................................................................................602

UI Debugging ................................................................................................................................................602

Chapter 15: Operations..........................................................................................................................607

Device Operations................................................................................................................................................607Operations Summary ....................................................................................................................................608

Upgrading Device Firmware ..................................................................................................................609Using the AP Upgrade Browser ....................................................................................................................610Using the File Management Browser ............................................................................................................611Managing File Transfers ...............................................................................................................................613Restarting Adopted APs................................................................................................................................615

Certificates ...........................................................................................................................................................615Certificate Management ................................................................................................................................616RSA Key Management..................................................................................................................................622Wireless Mobility 5.4 Controller System Reference Guide

5

Certificate Creation .......................................................................................................................................626Generating a Certificate Signing Request .....................................................................................................627

Smart RF ..............................................................................................................................................................629Managing Smart RF for an RF Domain.........................................................................................................630

Chapter 16: Statistics.............................................................................................................................633

System Statistics .................................................................................................................................................633Health ............................................................................................................................................................634Inventory .......................................................................................................................................................636Adopted Devices ...........................................................................................................................................637Pending Adoptions ........................................................................................................................................638Offline Devices ..............................................................................................................................................640Licenses ........................................................................................................................................................640

RF Domain Statistics ............................................................................................................................................641Health ............................................................................................................................................................642 Inventory ......................................................................................................................................................645 Access Points...............................................................................................................................................647AP Detection .................................................................................................................................................648Wireless Clients ............................................................................................................................................649Wireless LANs...............................................................................................................................................651Radios ...........................................................................................................................................................652

Status.....................................................................................................................................................652RF Statistics...........................................................................................................................................654Traffic Statistics......................................................................................................................................655

Mesh .............................................................................................................................................................656Mesh Point ....................................................................................................................................................657SMART RF....................................................................................................................................................668WIPS .............................................................................................................................................................671

WIPS Client Blacklist .............................................................................................................................671WIPS Events..........................................................................................................................................672

Captive Portal................................................................................................................................................674Historical Data...............................................................................................................................................675

Viewing Smart RF History......................................................................................................................675Access Point Statistics .........................................................................................................................................677

Health ............................................................................................................................................................678Device ...........................................................................................................................................................679AP Upgrade...................................................................................................................................................682Adoption ........................................................................................................................................................683

Adoption.................................................................................................................................................683AP Adoption History...............................................................................................................................685AP Self Adoption History........................................................................................................................686Pending Adoptions.................................................................................................................................687

AP Detection .................................................................................................................................................688Wireless Clients ............................................................................................................................................689Wireless LANs...............................................................................................................................................690Policy Based Routing ....................................................................................................................................692Radios ...........................................................................................................................................................693

Status.....................................................................................................................................................694RF Statistics...........................................................................................................................................695Traffic Statistics......................................................................................................................................696

Mesh .............................................................................................................................................................697Mesh Point ....................................................................................................................................................699Interfaces ......................................................................................................................................................705

General Statistics...................................................................................................................................705Viewing Interface Statistics Graph .........................................................................................................708

RTLS .............................................................................................................................................................709PPPoE...........................................................................................................................................................710OSPF ............................................................................................................................................................712Wireless Mobility 5.4 Controller System Reference Guide

6

OSPF Summary.....................................................................................................................................712OSPF Neighbors....................................................................................................................................714OSPF Area Details.................................................................................................................................715OSPF Route Statistics ...........................................................................................................................717OSPF Interface ......................................................................................................................................720OSPF State............................................................................................................................................722

L2TP V3 ........................................................................................................................................................723VRRP ............................................................................................................................................................724Critical Resources .........................................................................................................................................726Network .........................................................................................................................................................727

ARP Entries ...........................................................................................................................................727Route Entries .........................................................................................................................................728Bridge.....................................................................................................................................................729IGMP......................................................................................................................................................731DHCP Options .......................................................................................................................................732Cisco Discovery Protocol .......................................................................................................................733Link Layer Discovery Protocol ...............................................................................................................734

DHCP Server ................................................................................................................................................736DHCP Bindings ......................................................................................................................................737DHCP Networks.....................................................................................................................................738

Firewall ..........................................................................................................................................................739Packet Flows..........................................................................................................................................739Denial of Service....................................................................................................................................740IP Firewall Rules ....................................................................................................................................741MAC Firewall Rules ...............................................................................................................................742NAT Translations ...................................................................................................................................743DHCP Snooping.....................................................................................................................................744

VPN...............................................................................................................................................................746IKESA ....................................................................................................................................................746IPSec .....................................................................................................................................................747

Certificates ....................................................................................................................................................749Trustpoints .............................................................................................................................................749RSA Keys...............................................................................................................................................750

WIPS .............................................................................................................................................................751Client Blacklist........................................................................................................................................752WIPS Events..........................................................................................................................................753

Sensor Servers .............................................................................................................................................754Captive Portal................................................................................................................................................755Network Time ................................................................................................................................................756

NTP Status.............................................................................................................................................756NTP Associations...................................................................................................................................758

Load Balancing .............................................................................................................................................759Wireless Controller Statistics................................................................................................................................761

Health ............................................................................................................................................................762Device ...........................................................................................................................................................764Cluster Peers ................................................................................................................................................766AP Upgrade...................................................................................................................................................768Adoption ........................................................................................................................................................768

AP Adoption History...............................................................................................................................769Pending Adoptions.................................................................................................................................770

AP Detection .................................................................................................................................................772Wireless Clients ............................................................................................................................................773Wireless LANs...............................................................................................................................................774Policy Based Routing ....................................................................................................................................775Radios ...........................................................................................................................................................777Mesh .............................................................................................................................................................780The RF Domain Mesh screen provides the following information:Mesh Point ..............................................781Interfaces ......................................................................................................................................................791Wireless Mobility 5.4 Controller System Reference Guide

7

General Interface Details .......................................................................................................................792Network Graph.......................................................................................................................................795

Power Status.................................................................................................................................................796PPPoE...........................................................................................................................................................798OSPF ............................................................................................................................................................799

OSPF Summary.....................................................................................................................................800OSPF Neighbors....................................................................................................................................801OSPF Area Details.................................................................................................................................803OSPF Route Statistics ...........................................................................................................................804OSPF Interface ......................................................................................................................................807OSPF State............................................................................................................................................808

L2TPv3..........................................................................................................................................................809VRRP ............................................................................................................................................................811Critical Resource...........................................................................................................................................812Network .........................................................................................................................................................813

ARP Entries ...........................................................................................................................................814Route Entries .........................................................................................................................................814Bridge.....................................................................................................................................................815IGMP......................................................................................................................................................816DHCP Options .......................................................................................................................................818Cisco Discovery Protocol .......................................................................................................................819Link Layer Discovery Protocol ...............................................................................................................820

DHCP Server ................................................................................................................................................821Viewing General DHCP Information ......................................................................................................821Viewing DHCP Binding Information .......................................................................................................822Viewing DHCP Server Networks Information.........................................................................................823

Firewall ..........................................................................................................................................................824Viewing Packet Flow Statistics ..............................................................................................................825Viewing Denial of Service Statistics .......................................................................................................825IP Firewall Rules ....................................................................................................................................826MAC Firewall Rules ...............................................................................................................................828NAT Translations ...................................................................................................................................829Viewing DHCP Snooping Statistics........................................................................................................830

VPN...............................................................................................................................................................831IKESA ....................................................................................................................................................831IPSEC ....................................................................................................................................................833

Viewing Certificate Statistics .........................................................................................................................834Viewing Trustpoints Statistics ................................................................................................................834Viewing the RSA Key Details .................................................................................................................836

WIPS Statistics..............................................................................................................................................837Viewing Client Blacklist ..........................................................................................................................837Viewing WIPS Event Statistics...............................................................................................................838

Advanced WIPS ............................................................................................................................................839Viewing General WIPS Statistics ...........................................................................................................839Viewing Detected AP Statistics..............................................................................................................840Viewing Detected Clients .......................................................................................................................841Viewing Event History ............................................................................................................................842

Sensor Server ...............................................................................................................................................843Captive Portal Statistics ................................................................................................................................844Network Time ................................................................................................................................................845

Viewing NTP Status ...............................................................................................................................846Viewing NTP Associations .....................................................................................................................847

Wireless Client Statistics ......................................................................................................................................849Health ............................................................................................................................................................849Details ...........................................................................................................................................................852Traffic ............................................................................................................................................................854WMM TSPEC................................................................................................................................................856Association History........................................................................................................................................857Wireless Mobility 5.4 Controller System Reference Guide

8

Graph ............................................................................................................................................................858

Appendix A: Customer Support............................................................................................................861Registration ..........................................................................................................................................................861Documentation .....................................................................................................................................................861

Appendix B: General Information .........................................................................................................863Open Source Software Used................................................................................................................................863

Wireless Controller ........................................................................................................................................864AP4600, ........................................................................................................................................................866AP4600, ........................................................................................................................................................867

OSS Licenses......................................................................................................................................................868GNU General Public License 2.0 ..................................................................................................................868

Preamble................................................................................................................................................868GNU Lesser General Public License 2.1.......................................................................................................874BSD Style Licenses.......................................................................................................................................880MIT License...................................................................................................................................................881WU-FTPD License ........................................................................................................................................881Open SSL License ........................................................................................................................................882ZLIB License .................................................................................................................................................884Open LDAP Public License...........................................................................................................................884Apache License 2.0.......................................................................................................................................885Drop Bear License ........................................................................................................................................888Sun Community Source License...................................................................................................................889Wireless Mobility 5.4 Controller System Reference Guide

9

Wireless Mobility 5.4 Controller System Reference Guide

10

1

Wireless Mobility 5.4 Controlle

C H A P T E RAbout this GuideThis guide provides information on using the Extreme Networks access point software to manage supported Extreme Networks access points (Altitude 4700 Series and Altitude 4500 series) in either Standalone AP or Virtual Controller AP mode.

NOTE

Screens and windows pictured in this guide are samples and can differ from actual screens.

Documentation SetThe documentation set for the Extreme Networks Wireless Controllers is partitioned into the following guides to provide information for specific user needs.

Altitude Access Point Installation Guide Describes the basic hardware and configuration setup required to transition to a more advanced configuration of the access point. The installation guide is unique to the particular access point model purchased

Wireless Mobility 5.4 Access Point System Reference Guide Describes the configuration of either a Standalone AP or Virtual Controller AP using the access points initial setup wizard and resident access point specific software.

Wireless Mobility 5.4 Controller System Reference Guide (this guide) Describes the configuration of a Dependent mode AP using the controller software.

Wireless Mobility 5.4 CLI Reference guide Describes the commands supported by the Summit WM3000 Series Controllers and Altitude Access Points that support a command line interface.

For information on managing a dependent mode AP in a controller managed network, go to http://www.extremenetworks.com/go/documentation.r System Reference Guide

11

Chapter 1: About this GuideDocument ConventionsThe following conventions are used in this document to draw your attention to important information:

NOTE

Indicates tips or special requirements.

CAUTION

Indicates conditions that can cause equipment damage or data loss.

WARNING!

Indicates a condition or procedure that could result in personal injury or equipment damage.

Notational ConventionsThe following additional notational conventions are used in this document:

Italic text is used to highlight the following:

- Screen names

- Menu items

- Button names on a screen.

Bullets () indicate:

- Action items

- Lists of alternatives

- Lists of required steps that are not necessarily sequential

Sequential lists (e.g., those that describe step-by-step procedures) appear as numbered lists. Wireless Mobility 5.4 Controller System Reference Guide

12

2


C H A P T E ROverviewThe Extreme Networks family of wireless controllers with the 802.11n access points enable the centralized distribution of high performance, secure, and resilient wireless voice and data services to remote locations with the scalability required to meet the needs of large distributed enterprises.

An Extreme Networks Summit controller provides a single platform capable of delivering wireless voice and data inside and outside the enterprise for small, medium, and large enterprise deployments. Improve operational efficiency and reduce the cost of mobility with a powerful comprehensive feature set including adaptive AP, which delivers unmatched performance, security, reliability and scalability to enable networks for business mobility at a low TCO.

Summit wireless controllers provide local centralized management and control of 802.11n access points and provide the necessary core switching and routing to eliminate additional routing and switching infrastructure.

802.11n is the next generation WLAN standard that provides improved performance and coverage compared with previous 802.11 specifications. 802.11n provides enhancements to support throughput up to 450 Mbps. With these enhancements, Extreme Networks' next generation 802.11n access points offer client data-rates of up to 300Mbps.

About the Extreme Networks SoftwareAn Extreme Networks managed network uses 802.11n access points and peer controllers to adapt to the dynamic circumstances of their deployment environment. This architecture provides a customized site-specific deployment, supporting the best path and routes based on the user, location, the application, and the best route available (both wireless and wired). A managed network assures end-to-end quality, reliability, and security without latency and performance degradation. A managed network supports rapid application delivery, mixed-media application optimization, and quality assurance.

Deploying a new Extreme Networks Wireless Mobility v5 network does not require the replacement of an existing Extreme Networks wireless infrastructure. This enables the simultaneous use of existing architectures from Extreme Networks and other vendors, even if those other architectures are centralized models. A wireless network administrator can retain and optimize legacy infrastructure while evolving to software version 5 as required. Adaptive access points can operate in a dependent environment and are field-upgradable. Controllers can be upgraded to the version 5 operating system with ease.r System Reference Guide

13

OverviewThe Extreme Networks architecture is designed for 802.11n networking. It leverages the best aspects of independent and dependent architectures to create a smart network that meets the connectivity, quality, and security needs of each user deployment and their application requirements, based on the availability of network resources, including wired networks.

By distributing intelligence and control between the wireless controllers and access points, a managed network can route data directly using the best path, as determined by factors including the user, the location, the application, and available wireless and wired resources. As a result, the additional load placed on the wired network from 802.11n is significantly reduced, as traffic does not require an unnecessary backhaul to a central controller.

Within a managed network, up to 80% of the network traffic can remain on the wireless mesh and never touch the wired network, so the 802.11n load impact on the wired network is negligible. In addition, latency and associated costs are reduced while reliability and scalability are increased. A managed network enables the creation of dynamic wireless traffic flows, so any bottleneck is avoided and the destination is reached without latency or performance degradation. This behavior delivers a significantly better quality of experience for the end user.

The same distributed intelligence enables more resilience and survivability because the access points keep users connected and traffic flowing with full QoS, security, and mobility, even if the connection to the wireless controller is interrupted due to a wired network or backhaul problem.

Even when the network is fully operational, outside RF interference sources or unbalanced wireless network loading can be automatically corrected by the Smart RF system. Smart RF senses interference or potential client connectivity problems and makes the required changes to channel and access point radio power while minimizing the impact to latency-sensitive applications like VoIP. Using Smart RF, the managed network can continuously adjust access point power and channel assignments for self-recovery if an AP fails or a coverage hole is detected.

Additionally, integrated access point sensors in conjunction with AirDefense Network Assurance alerts administrators of interference and network coverage problems; this shortens response times and boosts overall reliability and availability of the managed network.

Network traffic optimization protects managed networks from broadcast storms and minimizes congestion on the wired network. These networks provide VLAN load balancing, WAN traffic shaping and optimizations in dynamic host configuration protocol (DHCP) responses and Internet group management protocol (IGMP) snooping for multicast traffic flows in wired and wireless networks. Thus, users benefit from an extremely reliable network that adapts to meet their needs and delivers mixed-media applications.

Firmware and configuration updates are supported within the managed network, from one access point to another, over the air or wire, and can be centrally managed by the controller. Controllers no longer need to push firmware and configurations to each individual access point, thus reducing unnecessary network congestion.

Extreme Networks uses Remote Authentication Dial-in User Service (RADIUS) synchronization capabilities between the core and the access layer. If the central authentication mechanism is not available, users can authenticate with the controller local RADIUS resources and continue network support with secure access.Wireless Mobility 5.4 Controller System Reference Guide

14

3


C H A P T E RWeb UI OverviewExtreme Networks software contains a Web User Interface (UI) that allows network administrators to manage and view Extreme Networks wireless controller configuration, settings, and status. The Graphical User Interface (GUI) allows full control of all managed features.

Wireless controllers also include a Command Line Interface (CLI) for managing and viewing settings, configuration and status. For more information on the command line interface and a full list of available commands, see the Controller CLI Reference Guide available at

www.extremenetworks.com/go/documentation

For information on how to access and use the controller Web UI, see:

Accessing the Web UI

Glossary of Icons Used

Accessing the Web UIExtreme Networks wireless controllers use a Web UI that can be accessed using any supported web browser on a client connected to the subnet where the Web UI is configured.

Browser and System RequirementsTo access the Web UI, a browser supporting Flash Player 10 is recommended. The system accessing the UI should have a minimum of 512Mb or RAM for the UI to display and function properly. The UI is based on Flex and does not use Java as its underlying framework.

The following browsers have been validated with the Web UI:

Firefox 3.6

Internet Explorer 7.x

Internet Explorer 8.xr System Reference Guide

15

Web UI OverviewNOTE

Throughout the Web UI leading and trailing spaces are not allowed in any text fields. In addition, the ? character is not supported in text fields.

Connecting to the Web UI1 Connect one end of an Ethernet cable to any of the five LAN ports on the front of a WM3400 or

WM3411 controller, or to the management port on the front of a WM3600 or WM3700 controller, and connect the other end to a computer with a working Web browser.

2 Set the computer to use an IP address from 192.168.0.10 and 192.168.0.250 on the connected port. Set a subnet / network mask of 255.255.255.0.

3 Once the computer has an IP address, point the Web browser to: https://192.168.0.1/ and the following login screen will display.

4 Enter the default username admin in the Username field.

5 Enter the default password admin123 in the Password field.

6 Click the Login button to load the management interface.

If this is the first time the UI has been accessed, a dialogue displays to begin an initial setup wizard. For more information on using the initial setup wizard see Using the Initial Setup Wizard on page 25.Wireless Mobility 5.4 Controller System Reference Guide

16

Glossary of Icons UsedThe UI uses a number of icons used to interact with the system, gather information, and obtain status for the entities managed by the system. This chapter is a compendium of the icons used. This chapter is organized as follows:

Global Icons

Dialog Box Icons

Table Icons

Status Icons

Configurable Objects

Configuration Objects

Configuration Operation Icons

Access Type Icons

Administrative Role Icons

Device Icons

Global IconsGlossary of Icons Used

This section lists global icons available throughout the controller interface.

Logoff Select this icon to log out of the managed system. This icon is always available and is located at the top right corner of the UI.

Add Select this icon to add a row in a table. When selected, a new row is created in the table or a dialog box displays where you can enter values for a particular list.

Delete Select this icon to remove a row from a table. When selected, the selected row is deleted.

More Information Select this icon to display a pop up with supplementary information that may be available for an item.

Trash Select this icon to remove a row from a table. When selected, the row is immediately deleted.Wireless Mobility 5.4 Controller System Reference Guide

17

Web UI OverviewDialog Box IconsGlossary of Icons Used

These icons indicate the current state of various controls in a dialog. These icons enable you to gather, at a glance, the status of all the controls in a dialog. The absence of any of these icons next to a control indicates the value in that control has not been modified from its last saved configuration.

Table IconsGlossary of Icons Used

The following override icons are status indicators for transactions.

Create new policy Select this icon to create a new policy. Policies define different configuration parameters that can be applied to individual device configurations, device profiles and RF Domains.

Edit policy Select this icon to edit an existing policy. To edit a policy, select a policy and then this icon.

Entry Updated Indicates a value has been modified from its last saved configuration.

Entry Update Indicates that an override has been applied to a devices profile configuration.

Mandatory Field Indicates this control value is a mandatory configuration item. You will not be allowed to proceed further without providing all mandatory values in this dialog.

Error in Entry Indicates there is an error in a value entered in this control. A small red popup provides a likely cause of the error.

Table Row Overridden Indicates a change (profile configuration override) has been made to a table row and the change will not be implemented until saved. This icon represents a change from this devices profile assigned configuration.

Table Row Added Indicates a new row has been added to a table and the change is not implemented until saved. This icon represents a change from this devices profile assigned configuration.Wireless Mobility 5.4 Controller System Reference Guide

18

Status IconsGlossary of Icons Used

These icons indicate device status, operations on the wireless controller or any other action that requires a status returned to the user.

Configurable ObjectsGlossary of Icons Used

These icons represent configurable items within the controllers UI.

Fatal Error States there is an error causing a managed device to stop functioning.

Error Indicates an error exits requiring intervention. A managed action has failed, but the error is not system wide.

Warning States a particular action has completed but errors were detected that did not prevent the process from completing. Intervention might still be required to resolve subsequent warnings.

Success Indicates everything is well within the managed network or a process has completed successfully without error.

Information This icon always precedes information displayed to the user. This may be a progress marker for a particular process or just a message from the system.

Device Configuration Represents a configuration file supporting a device category (AP, wireless controller, etc.).

Provisioning Policy Represents a provisioning policy. Adoption policies are a set of configuration parameters that define how APs and wireless clients are adopted by a controller.

Critical Resource Policy States a critical resource policy has been applied. Critical resources are those whose availability is essential to the managed network. If any of these resources is unavailable, an administrator is notified.

Wireless LANs States an action impacting a managed WLAN has occurred.Wireless Mobility 5.4 Controller System Reference Guide

19

Web UI OverviewWLAN QoS Policy States a Quality of Service policy (QoS) configuration has been impacted.

Radio QoS Policy Indicates a radios QoS configuration has been impacted.

AAA Policy Indicates an Authentication, Authorization and Accounting (AAA) policy has been impacted. AAA policies define RADIUS authentication and accounting parameters.

Association ACL Indicates an Access Control List (ACL) configuration has been impacted. An ACL is a set of configuration parameters either allowing or denying access to managed resources.

Smart RF Policy States a Smart RF policy has been impacted. Smart RF enables neighboring Access Point radios to take over for an access point radio if it becomes unavailable. This is accomplished by increasing the power of radios on nearby access points to compensate for the coverage hole created by the non-functioning access point.

Profile States a device profile configuration has been impacted. A profile is a collection of configuration parameters used to configure a device or a feature.

Bridging Policy Indicates a bridging policy configuration has been impacted. A Bridging Policy defines which VLANs are bridged, and how local VLANs are bridged between the wired and wireless sides of the managed network.

wireless mobility 5.4 controller system reference guide

Documents