Home » Netgear Manuals » Wireless » Netgear WC7520 » Manual Viewer

Netgear WC7520 WC7520 Reference Manual - Page 84

Small-Scale WLAN Networks, Larger Deployments, Managing

UPC - 606449072969

Add to My Manuals
Save this manual to your list of manuals

Page 84 highlights

ProSafe 20-AP Wireless Controller WC7520 Reference Manual points. When the access points connect to the controller, the profile configurations are pushed onto the access points. When developing profiles, take the following into consideration: • Configuration templates for authentication server settings in case of LDAP/RADIUS and MAC ACL lists need to be done separately in their respective screens. (See Managing Authentication Servers and Authentication Server Groups on page 95 and Managing MAC Authentication and MAC Authentication Groups on page 92). Then you can assign one of the created security profiles to a particular profile. • For faster set up you can clone a profile and rename it. Cloning copies all settings except the name and SSID. • When the profiles have been created, you can use the WLAN Network screen to assign profile groups to the access points. See Managing Access Point Groups in the WLAN on page 66. • Note that if an access point is removed from its building (someone takes it home or it is stolen) the access point does not retain the configuration that it received from the wireless controller. The configuration is not stored in memory on the access point. Depending on your network needs, you can either use basic profile configuration, or advanced profile groups. Basic configuration works well for small-scale WLAN networks. Profile groups are useful for larger deployments. Small-Scale WLAN Networks For small scale WLAN networks, you can use the basic configuration without profile groups. All access points belong to the same group and have the same configuration. For instance, an enterprise network comprising of a single floor building and having only a corporate and guest network would fit into this category. Each radio can have multiple SSIDs. Each SSID can have one VLAN. This separates tunnels for each SSID. You would assign guests to a separate VLAN because guests typically access only the Internet, not the business network, and do not have peer-to-peer access. Larger Deployments For larger deployments, comprising of different set of WLAN networks, consider using the advanced profile option to create profile groups. The wireless controller supports up to 8 profile groups. Each profile group can contain up to 16 profiles for a dual-band access point, or 8 profiles for a single band access point. Each radio can have multiple SSIDs. You can use naming conventions based on users such as Marketing, or use other conventions such as CompanyName15. One VLAN can be set up for each SSID. This separates tunnels for each SSID, though different profiles can share a VLAN. You would assign guests to a separate VLAN because guests typically access only the Internet, not the business network, and do not have peer-to-peer access. Chapter 8: Configuring Security and Wireless Security Profiles | 84

Section	Page
ProSafe 20-AP Wireless Controller WC7520	1
Table of Contents	3
1. Introduction and Overview	7
Key Features and Capabilities	7
Package Contents	9
Hardware Features	10
Front Panel Ports and LEDs	10
Rear Panel Features	11
Bottom Panel With Product Label	12
WC7520 Wireless Controller System Components	12
NETGEAR ProSafe Access Points: WNAP210 and WNDAP350	13
What Can You Do With the WC7520 Wireless Controller?	13
Licenses	15
Maintenance and Support	16
Understanding the Web Management Interface Menu Layout	16
Initial Connection and Configuration	17
Understanding Basic and Advanced Settings	19
Choosing a Location for the Wireless Controller	21
Deploying the Wireless Controller	21
2. System Planning and Deployment Scenarios	22
System Planning	22
Pre-Installation Planning	22
Before You Configure a Wireless Controller	23
Single Controller Configuration with Basic Profile Group	25
Single Controller Configuration with Access Point Groups	26
Stacked Controller Configuration	27
Management VLAN and Data VLAN Strategies	27
Deployment Scenarios	29
Scenario Example 1: Basic Network with Single VLAN	29
Scenario Example 2: Advanced Network with VLANs and SSIDs	31
Scenario Example 3: Advanced Network With Redundancy	33
3. RF Planning	36
RF Planning Overview	36
Planning Requirements	37
Defining and Editing Buildings and Floors	38
Specifying Access Point Requirements	40
Viewing and Managing Heat Maps for Deployed Plans	42
4. Access Point Discovery and Management	46
Access Point Discovery	46
Requirements for Auto Discovery	46
Using the Discovery Wizard	47
Understanding the Discovery Results	49
Managing the Access Point List	50
Adding Access Points to the Managed List After Discovery	50
Editing Access Point Information	51
5. Configuring Network Settings	54
Configuring General Settings	54
Time Management	56
Configuring IP and VLAN Settings	57
Management VLANs	58
Untagged VLANs	58
Managing the DHCP Server	59
Managing Certificates	60
Configuring Syslog and Alarm Notification Settings	61
Configuring Syslog Settings	61
Configuring Alarm Notification Settings	62
Configuring the Email Notification Server	63
6. Managing Access Point Groups	65
Configuring Access Point Groups	65
Managing Access Point Groups in the WLAN	66
7. Configuring Wireless Settings	68
Configuring the Radio	69
Basic Radio Configuration	69
Advanced Radio Configuration for Access Point Groups	69
Configuring Wireless Settings	70
Basic Wireless Configuration	71
Advanced Wireless Configuration for Access Point Groups	72
Configuring Channels	73
Specifying RF Management	75
Basic RF Management	76
Advanced RF Management for Access Point Groups	77
Configuring QoS for Access Point Groups	78
Configuring Load Balancing	79
Configuring Rate Limiting	81
Basic Rate Limiting	81
Advanced Rate Limiting for Access Point Groups	82
8. Configuring Security and Wireless Security Profiles	83
Managing Wireless Security Profiles	83
Small-Scale WLAN Networks	84
Larger Deployments	84
Configuring Basic Security Profiles	85
Configuring Advanced Security Profiles for Access Point Groups	87
Managing Rogue Access Points	89
Configuring Basic Rogue Detection Settings	89
Configuring Advanced Rogue Detection Settings	90
Managing MAC Authentication and MAC Authentication Groups	92
Configuring Basic MAC Authentication Settings	93
Configuring MAC Authentication Settings for Groups	94
Managing Authentication Servers and Authentication Server Groups	95
Configuring Basic Authentication Server Settings	96
Configuring Advanced Authentication Server Settings for Groups	97
Managing Guest Network Access	98
Configuring Captive Portal Settings	98
Managing Users and Passwords	100
9. Maintaining the Controller	101
Managing the Configuration File	101
Backing Up and Restoring the Configuration File	102
Upgrading the Configuration File	103
Rebooting or Resetting the Wireless Controller	105
Rebooting Access Points	107
Managing External Storage	107
Managing Remote Access	108
Specifying Session Timeouts	110
Viewing Alerts and Events and Saving Logs	110
Saving Logs	111
Viewing Alerts and Events	111
Managing Licenses	115
Viewing Your Licenses	116
Configuring the License Server Settings	117
Registering Your Licenses	118
10. Managing Stacking and Redundancy	119
Managing Stacking	119
Configuring Stacking	120
Controller Selection Menu	121
Managing Redundancy	121
Configuring Redundancy	122
11. Monitoring the Wireless Network and Components	124
Monitoring the Network	124
Viewing the Network Summary Screen	125
Viewing Network Usage	126
Viewing Wireless Controllers in the Network	127
Viewing Managed Access Points in the Network	127
Viewing Clients in the Network	131
Viewing Security Profiles in the Network	133
Monitoring the Wireless Controller	134
Viewing the Wireless Controller Summary Screens	135
Viewing Wireless Controller Usage	136
Viewing Access Points Managed by the Wireless Controller	137
Viewing Clients Managed by the Wireless Controller	137
Viewing Rogue Access Points Managed by the Wireless Controller	138
Viewing Security Profiles Managed by the Wireless Controller	139
Viewing DHCP Leases Provided by the Wireless Controller	140
Viewing Captive Portal Users Managed by the Wireless Controller	141
Monitoring the SSIDs	141
Monitoring the Clients	142
Viewing Local Clients	142
Viewing Blacklisted Clients	143
12. Troubleshooting	144
Troubleshooting Basic Functioning	144
Power LED Not On	144
Test LED Never Turns Off	145
LAN Port LEDs Not On	145
Troubleshooting the Web Management Interface	145
Ethernet Cabling	145
IP Address Configuration	145
Internet Browser	146
When You Enter a URL or IP Address a Time-out Error Occurs	147
Troubleshooting a TCP/IP Network Using the Ping Utility	147
Testing the LAN Path to Your Wireless Controller	147
Using the Reset Button to Restore Factory Default Settings	148
Problems with Date and Time	148
Problems With Access Points	149
Using the Diagnostic Tools on the Wireless Controller	149
A. Factory Default Settings and Technical Specifications	152
B. Notification of Compliance	154

Match case Limit results 1 per page

Chapter 8:

Configuring Security and Wireless Security Profiles

ProSafe 20-AP Wireless Controller WC7520 Reference Manual

points. When the access points connect to the controller, the profile configurations are

pushed onto the access points.

When developing profiles, take the following into consideration:

•

Configuration templates for authentication server settings in case of LDAP/RADIUS and

MAC ACL lists need to be done separately in their respective screens. (See

Managing

Authentication Servers and Authentication Server Groups

on page 95 and

Managing

MAC Authentication and MAC Authentication Groups

on page 92). Then you can assign

one of the created security profiles to a particular profile.

•

For faster set up you can clone a profile and rename it. Cloning copies all settings except

the name and SSID.

•

When the profiles have been created, you can use the WLAN Network screen to assign

profile groups to the access points. See

Managing Access Point Groups in the WLAN

page 66.

•

Note that if an access point is removed from its building (someone takes it home or it is

stolen) the access point does not retain the configuration that it received from the

wireless controller. The configuration is not stored in memory on the access point.

Depending on your network needs, you can either use basic profile configuration, or

advanced profile groups. Basic configuration works well for small-scale WLAN networks.

Profile groups are useful for larger deployments.

Small-Scale WLAN Networks

For small scale WLAN networks, you can use the basic configuration without profile groups.

All access points belong to the same group and have the same configuration. For instance,

an enterprise network comprising of a single floor building and having only a corporate and

guest network would fit into this category.

Each radio can have multiple SSIDs. Each SSID can have one VLAN. This separates tunnels

for each SSID. You would assign guests to a separate VLAN because guests typically access

only the Internet, not the business network, and do not have peer-to-peer access.

Larger Deployments

For larger deployments, comprising of different set of WLAN networks, consider using the

advanced profile option to create profile groups. The wireless controller supports up to 8

profile groups. Each profile group can contain up to 16 profiles for a dual-band access point,

or 8 profiles for a single band access point.

Each radio can have multiple SSIDs. You can use naming conventions based on users such

as Marketing, or use other conventions such as CompanyName15. One VLAN can be set up

for each SSID. This separates tunnels for each SSID, though different profiles can share a

VLAN. You would assign guests to a separate VLAN because guests typically access only

the Internet, not the business network, and do not have peer-to-peer access.