Your SlideShare is downloading. ×
Tb2387 groenveld expert_one wlan_final
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Tb2387 groenveld expert_one wlan_final

1,158
views

Published on

Published in: Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,158
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
99
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 2. ExpertOne: Introduction to HPNetworking Wireless SolutionsPraveen BahethiJune, 2012© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 3. Initial Setup and Configuration© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 4. ObjectivesPlan how to connect an MSM Controller’s ports based on a company’s requirementsDeploy an MSM Controller and complete the initial configurationDeploy MSM APs and enable them to become controlled4 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 5. MSM Controller Ports and Networks© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 6. MSM710, MSM760, and MSM765 zl Ports Two ports Internet LAN Routed Different subnets One default network profile per port • Associated with untagged traffic • Associated with an IP interface6 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 7. MSM765 zl Internal Ports7 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 8. MSM Controller Schematic8 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 9. Exploring How the Controller Handles Incoming Traffic Traffic destined to the controller Controller management (Web, SOAP, SNMP, and so forth) AP management Traffic associated with access-controlled clients (default: untagged LAN port traffic) DHCP discovery broadcasts Traffic directed to the controller for routing9 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 10. Web Browser Interface Traffic10 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 11. Other Management Traffic11 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 12. Traffic From Access-controlled Clients (Default) Default VSC has access control enabled Untagged LAN port interface devices are treated as access-controlled clients If enabled, the DHCP server responds to requests Other traffic is captured12 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 13. Adding VLANs to MSM710, MSM760, or MSM765zlController Ports13 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 14. MSM720 PortsMSM720 ports act like switch portsYou canAggregate ports (static trunk and active LACP)Assign network profiles as untagged and tagged to multiple ports or trunksDo not create loops14 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 15. MSM720 Networks – You can associate a mapped profile with an IP interface: • Access network interface = (untagged) LAN port interface • Internet network interface = (untagged) Internet port interface • Non-default profile interfaces = Non-default profile interfaces – Any profile can be tagged or untagged15 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 16. Activity: Exploring How the Controller HandlesIncoming Wired Traffic (Untunneled) How does the controller handle the packet? MSM760 MSM760 MSM720 MSM720 DHCP requests HTTP requests DHCP requests HTTP requests 1 3 7 9 Responds ________ ________ Ignores ________ Ignores ________ Sends to Access Con 2 4 8 10 ________ Ignores ________ Sends to Access ________ Responds ________ Responds 5 ________ Ignores 6 ________ Responds16 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 17. Initial Setup© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 18. Initial Setup Process1. Obtain initial access2. Configure IP settings3. Connect the controller to the network4. Restrict management to the correct interface5. Temporarily disable the default VSC (optional)18 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 19. Planning the Controller’s ConnectionSelect an IP interface (and port) on which to manage the controller Another option: LAN port + tagged Typical: Internet management19 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 20. Obtaining Initial Access Indirect Ethernet connection & A Direct Ethernet connection C Indirect Ethernet connection B D Console connection or zl switch CLI no DHCP Fastest way to get the controller A way to reach the controller remotely at Easiest way to obtain initial access connected when: Another way to assign thebe careful toits its default IP address—but controller when you have physical access to • You manage the controller on the IPleave the controller’s DHCP services the settings before connecting it to the controller untagged Internet port network network—required for MSM765 zls disabled or to isolate the LAN port • The controller can use DHCP to receive its management address20 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 21. Configuring IP and Other Initial SettingsSpecify IP settings for the controller management interfaceCreate a default routeFor a non-default IP interface, create a route rather than specify the interface gatewaySet a DNS server and time server21 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 22. Temporarily Disabling the Default VSC (optional) Prevent the controller and APs from supporting the default VSC until you are ready Disable access control Disable virtual AP22 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 23. Connecting the Controller in Its Final Location • Configure the VLAN assignment on • MSM720 the switch port • IP address: 10.1.1.2/24 on the Internet network • Connect the management interface • Isolate the untagged LAN port (or • MSM765 zl Access network) interface • IP address: 10.1.1.2/24 on Management • Connect the controller port (11) mapped to the LAN port • Verify connectivity • MSM760 • IP address: 10.1.1.2/24 on the (untagged) Internet port23 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 24. Restricting Management to the Correct InterfaceAccess the controller on the IP address configured to manage itDisable management on other interfaces24 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 25. Lab Activity 2.1Deploy the MSM controller and complete initial configuration25 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 26. Lab Activity 2.1 DebriefWhat advantages and disadvantages did you discover for the deploymentmethods that you explored?What other challenges did you face, and how did you meet the challenges?What other discoveries did you make?26 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 27. AP Deployment© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 28. Planning the AP DeploymentTo which VLANs and subnets will APs connect?How will you assign IP addresses to the MSM APs?Can you configure the APs’ VLANs on the controller, or do you need to set up Layer 3discovery?Should the controller accept all MSM APs that discover it, or do you want to enforceauthentication?28 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 29. AP Deployment Solutions Solution 1—Dedicated AP VLAN (Layer 2 discovery) Solution 2—All APs and controller managed on the same VLAN Solution 3—Dedicated AP VLANs (Layer 3 discovery)29 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 30. Solution 1—Deploying APs in a Dedicated VLAN 1 Dedicated AP VLAN Recommend to separate controlled AP communications from network traffic30 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 31. Using DHCP to Assign IP Addresses to APs Typically, use a network DHCP server A routing switch or router is the APs’ default gateway and DHCP relay The controller can support the AP VLAN on any IP interface31 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 32. Solution 2—Deploying APs in an existing VLAN 2 Existing VLAN Less recommended but allows quick AP deployment when a DHCP scope already exists for the VLAN32 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 33. Layer 2 AP DiscoveryMake sure step 2 succeeds by enabling discovery on the correct interface33 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 34. AP ManagementThe controller stores a configuration for each APThe configuration includes group and AP-level settingsSynchronize the AP to apply configuration changes34 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 35. Lab Activity 2.2Deploy, discover, and begin to manage the MSM APs35 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 36. Lab Activity 2.2 DebriefWhat messages did you observe during the discovery process?What status indications did you observe during the discovery process?36 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 37. Solution 3—Deploying APs Across Layer 3 Boundaries 3 APs across Layer 3 boundaries • Allows you to deploy APs across routed segments but requires Layer 3 discovery • Can use Layer 3 for all APs or for some37 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 38. Assigning IP Addresses to MSM APs in Multiple Subnets 3A Recommended: Network DHCP server 3B Static assignments Most flexible and efficient option but Gives you complete control over AP’s IP setup required on the DHCP server addresses but requires pre-provisioning and introduces room for error38 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 39. Layer 3 AP DiscoverySolution 3 requires Layer 3 discoveryDelivers the controller’s IP address to the APChoose an IP address that the AP can reachMake sure discovery is enabled on the interfaceRequires initial setup on APs, network services, or bothRequires you to double-check routesThree methodsDHCPDNSStatic pre-provisioning39 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 40. Layer 3 AP DiscoveryDHCP Option 43 on the DCHP server – Vendor class = Colubris-AP (ASCII) – Class option • Name = Name • Type = IP address (array) • Code = 1 – Option in pool = Controller addresses40 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 41. Layer 3 AP DiscoveryDNSThe DNS server requires an entry that resolves the controller hostname41 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 42. Layer 3 AP DiscoveryStaticNo changes to network services required, but you must pre-provision APs42 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 43. Provisioning APsController-based provisioning (typically preferred) 1. Discover the APs at Layer 2 2. Configure the provisioning settings: • Discovery • Connectivity 3. Enable controlled AP provisioning 4. Resynchronize the APs 5. Install the APs in their final locationsIndividual AP, or non-staged provisioning, is possible before AP is managed43 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 44. Provisioning APs with other Settings Acting as an 802.1X supplicant – Helps to protect the network against rogue endpoints or APs Connecting with a tagged VLAN – Prevents issues if the AP fails to receive an IP address44 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 45. Lab Activity 2.3Enable MSM APs to discover the controller at Layer 345 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 46. Lab Activity 2.3 DebriefWhat discoveries did you make?What challenges did you face and how did you resolve them?46 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 47. Review: Planning an MSM Controller and AP Deployment47 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 48. SummaryMSM Controller ports and networksBest practices for controller deploymentBest practices for AP deployment48 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 49. Thank you© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.