Home » Netgear Manuals » Hubs & Switches » Netgear WC7600 » Manual Viewer

Netgear WC7600 Reference Manual - Page 84

Large WLAN Networks, Profile Naming Conventions, Considerations Before You Con Profiles

Add to My Manuals
Save this manual to your list of manuals

Page 84 highlights

ProSAFE Wireless Controller WC7600 Large WLAN Networks For large network deployments that consist of different sets of WLAN networks, consider using the advanced configuration to create multiple profile groups. The access points that belong to the same profile group use the same wireless, security, and QoS configurations. The wireless controller supports up to eight profile groups. Each profile group can have its own wireless, security, and QoS configurations. Each profile group can contain up to 16 profiles for a dual-band access point, or eight profiles for a single-band access point. Using dual-band access points, the wireless controller could support a total of 128 profiles. Each profile has its own SSID and can have its own VLAN to allow the profile to establish its own tunnel. Profiles can also share the same VLAN. In larger network deployments also, you would assign guests to a separate VLAN because guests typically access only the Internet, not the business network, and do not have peer-to-peer access. Profile Naming Conventions You can use profile naming conventions that are based on user groups such as Marketing, or based on VLANs such as VLAN40, or you can use other naming conventions such as CompanyName15. Note: In the advanced configuration, you cannot change the names of profile groups. However, you can change the group names of MAC ACLs and external RADIUS servers. Considerations Before You Configure Profiles Before you create and configure profiles for the basic profile group or an advanced profile group, consider the following: • Authentication servers. If you want to use external LDAP or RADIUS authentication, or both, first configure the authentication server settings: - Configure basic server settings on the basic Authentication Server screen (see Configure Basic Authentication Server Settings on page 105). - For more complex networks, configure additional RADIUS servers on the advanced Authentication Server screen (see Configure a RADIUS Authentication Server Group on page 107). After you have configured authentication server settings, you can then assign any authentication server to a security profile in a basic profile group or advanced profile group. Manage Security Profiles and Profile Groups 84

Section	Page
ProSAFE Wireless Controller WC7600	1
1. Introduction	9
Key Features and Capabilities	10
Package Contents	12
Hardware Features	12
Front Panel Ports, Slots, and LEDs	12
Back Panel Features	14
Bottom Panel with Product Label	15
WC7600 Wireless Controller System Components	15
NETGEAR ProSAFE Access Points	16
What Can You Do with the WC7600 Wireless Controller?	18
Licenses	20
Maintenance and Support	20
2. System Planning and Deployment Scenarios	21
Basic and Advanced Setting Concepts	22
Profile Group Concepts	23
Basic Profile	23
Advanced Profile	23
System Planning Concepts	25
Preinstallation Planning	25
Before You Configure a Wireless Controller	25
High-Level Configuration Examples	28
Single Controller Configuration with Basic Profile Group	28
Single Controller Configuration with Advanced Profile Groups	29
Stacked Controller Configuration	30
Management VLAN and Data VLAN Strategies	31
High-Level Deployment Scenarios	33
Scenario Example 1: Network with Single VLAN	33
Scenario Example 2: Advanced Network with VLANs and SSIDs	35
Scenario Example 3: Advanced Network	37
3. RF Planning	41
RF Planning Overview	41
Planning Requirements	41
Define and Edit Buildings and Floors	42
Specify Access Point Requirements	45
View and Manage Heat Maps for Deployed Plans	48
4. Installation and Configuration Overview	51
Connect Your Computer to the Wireless Controller	52
Log In to the Wireless Controller	52
Roadmap for Initial Configuration	54
Roadmap for Configuring Management of Your Wireless Network	55
Choose a Location for the Wireless Controller	57
Deploy the Wireless Controller	58
5. Configure the System and Network Settings and Register the Licenses	59
Configure the General Settings	60
Manage the Time Settings	61
Manage the IP, VLAN, and Link Aggregation Settings	62
Management VLAN Concepts	62
Untagged VLAN Concepts	63
Link Aggregation Concepts	63
Configure the IP, VLAN, and Link Aggregation Settings	63
Manage the DHCP Server	65
Add a DHCP Server	65
Change the Settings for a DHCP Server	68
Remove a DHCP Server	69
Register Your Licenses	70
Configure the License Server Settings	70
Register Your Licenses with the License Server	72
Manage Certificates	74
Configure Log, Syslog, Alarm Notification, and Email Settings	75
Configure Log Settings	75
Configure Syslog Settings	77
Configure Alarm Notification Settings	79
Configure the Email Notification Server	80
6. Manage Security Profiles and Profile Groups	82
Wireless Security Profile Concepts	83
Small WLAN Networks	83
Large WLAN Networks	84
Profile Naming Conventions	84
Considerations Before You Configure Profiles	84
Basic and Advanced Security Configuration Concepts	85
Manage Security Profiles for the Basic Profile Group	86
Configure a Profile in the Basic Profile Group	86
Change the Settings for a Profile in the Basic Profile Group	90
Remove a Profile From the Basic Profile Group	91
Manage Security Profiles for Advanced Profile Groups	91
Add an Advanced Profile Group	91
Remove an Advanced Profile Group	93
Configure a Profile in an Advanced Profile Group	93
Change the Settings for a Profile in an Advanced Profile Group	98
Remove a Profile From an Advanced Profile Group	99
Network Authentication and Data Encryption Options	99
Manage Authentication Servers and Authentication Server Groups	104
Authentication Server Concepts	104
Configure Basic Authentication Server Settings	105
Configure a RADIUS Authentication Server Group	107
Remove a RADIUS Authentication Server Group	109
Manage MAC Authentication and MAC Authentication Groups	109
Guidelines for External MAC Authentication	110
Configure Basic Local MAC Authentication Settings	110
Remove a MAC Address from a Wireless Client List	112
Import a MAC List from a File	112
Configure a Local MAC Authentication Group	113
Remove a Local MAC Authentication Group	115
Select an ACL for a Profile in the Basic Profile Group	115
Select an ACL for a Profile in an Advanced Profile Group	117
7. Discover and Manage Access Points	119
Access Point Discovery Guidelines	120
General Discovery Guidelines	120
Layer 3 Discovery Guidelines	120
Remote Access Point Discovery Guidelines	121
Discover Access Points with the Discovery Wizard	123
Discover Access Points in Factory Default State and Access Points in a Layer 2 Subnet	123
Discover Access Points Installed and Working in Standalone Mode in Different Layer 3 Networks	127
Manage the Managed AP List	131
View the Managed AP List	131
Change Access Point Information on the Managed AP List	133
Remove Access Points from the Managed AP List	136
Assign Access Points to Advanced Profile Groups	137
8. Manage Rogue Access Points, Guest Network Access, and Users	140
Manage Rogue Access Points	141
Rogue Access Point Concepts	141
Configure Basic Rogue Detection Settings	141
Classify Rogue Access Points	142
Import a List of Known Access Points from a File	144
Manage Guest Network Access	145
Portal Concepts	145
Configure a Portal	146
Manage Users, Accounts, and Passwords	150
User and Account Concepts	150
Add a Management User	151
Add a WiFi User	152
Add a Captive Portal Account	154
Add a Captive Portal User	156
Change the Settings for a User or Account	158
Remove a User or Account	159
Export a List of Users or Accounts	160
9. Configure Wireless and QoS Settings	161
Basic and Advanced Wireless and QoS Configuration Concepts	162
Configure the Radio	162
Configure the Radio for the Basic Profile Group	162
Configure the Radio for an Advanced Profile Group	164
Configure Wireless Settings	165
Configure Wireless Settings for the Basic Profile Group	165
Override Channel and Transmission Power in the Basic Profile Group	169
Configure Wireless Settings for an Advanced Profile Group	171
Override Channel and Transmission Power in an Advanced Profile Group	175
Configure Channels	177
Specify Radio Frequency Management	180
Radio Frequency Concepts	180
WLAN Healing Concepts	181
Configure Radio Frequency Management for the Basic Profile Group	181
Configure Radio Frequency Management for an Advanced Profile Group	183
Manage the Preferred Bands	186
Configure the Preferred Band for WNDAP620 Access Points in the Basic Profile Group	186
Configure the Preferred Band for WNDAP620 Access Points in an Advanced Profile Group	187
Manage Quality of Service for an Advanced Profile Group	188
Quality of Service Concepts	188
Configure Quality of Service for a Profile Group	189
Manage Load Balancing	192
Load Balancing Concepts	192
Configure Load Balancing	193
Manage Rate Limiting	194
Rate Limiting Concepts	194
Configure Rate Limiting for the Basic Profile Group	195
Configure Rate Limiting for an Advanced Profile Group	196
10. Maintain the Wireless Controller and Access Points	198
Manage the Configuration File	199
Back Up the Configuration File	199
Restore the Configuration File	200
Upgrade the Firmware	201
Reboot the Wireless Controller	204
Reset the Wireless Controller	205
Manage External Storage	206
Manage Remote Access	207
Specify Session Time-Outs	209
Manage the System Logs	209
Query the System Logs	210
Save the System Logs	212
Clear the System Logs	212
View Alerts and Events	213
View System Alerts	213
View Radio Frequency Events	214
View Load-Balancing Events	215
View Rate-Limit Events	217
View Redundancy Events	218
View Stacking Events	218
Manage Licenses	219
View Your Licenses	220
Retrieve Your Licenses	222
Reboot Access Points	223
Configure Multicast Firmware Upgrade for Access Points	224
Change the Multicast Firmware Upgrade Settings	225
Disable Multicast Firmware Upgrade	226
11. Manage Stacking and Redundancy	227
Stacking Concepts	228
Configure a Stack	230
Remove a Wireless Controller from a Stack	232
Select Which Wireless Controller in a Stack to Configure	233
Manage Redundancy for a Single Controller	237
VRRP Redundancy Concepts	237
Configure a Single Controller with Redundancy	239
Manage a Redundancy Group with N:1 Redundancy	241
VRRP N:1 Redundancy Concepts	241
Configure a Redundancy Group with N:1 Redundancy	244
Change a Redundant Controller	246
Remove a Redundancy Group	247
12. Monitor the Wireless Network and Its Components	248
Monitor the Network	249
View the Network Summary Screen	249
View the Wireless Controllers in the Network	251
View the Access Points in the Network	253
View the Clients in the Network	258
View the Profiles in the Network	262
Monitor the Wireless Controller	264
View the Wireless Controller Summary Screen	264
View Wireless Controller Usage	266
View Access Points that the Wireless Controller Manages	268
View Clients on Access Points that the Wireless Controller Manages	273
View Neighboring Clients that the Wireless Controller Detects	277
View Neighboring Access Points that the Wireless Controller Does Not Manage	279
View Security Profiles That the Wireless Controller Manages	280
View DHCP Leases That Are Provided by the Wireless Controller	282
View Captive Portal Users on Access Points That the Wireless Controller Manages	283
Monitor the SSIDs on the Wireless Controller	285
Monitor Local Clients in the Network	290
13. Troubleshooting	295
Troubleshoot Basic Functioning	296
Power LED Is Not Lit	296
Status LED Never Turns Off	296
Ethernet Port LEDs Are Not Lit	297
Troubleshoot the Web Management Interface	297
Check the Ethernet Cabling	297
Check the IP Address Configuration	297
Check the Internet Browser	298
Troubleshoot a TCP/IP Network Using the Ping Utility	298
Use the Reset Button to Restore Default Settings	299
Resolve Problems with Date and Time	299
Resolve Problems with Access Points	300
Resolve Discovery Problems	300
Resolve Connection Problems	300
Network Performance and Rogue Access Point Detection	301
Use the Diagnostic Tools on the Wireless Controller	301
Ping an Access Point	301
Trace a Route to an Access Point	302
A. Factory Default Settings, Technical Specifications, and Passwords Requirements	304
Factory Default Settings	305
Technical Specifications	305

Match case Limit results 1 per page

Manage Security Profiles and Profile Groups

ProSAFE Wireless Controller WC7600

Large WLAN Networks

For large network deployments that consist of different sets of WLAN networks, consider

using the advanced configuration to create multiple profile groups. The access points that

belong to the same profile group use the same wireless, security, and QoS configurations.

The wireless controller supports up to eight profile groups. Each profile group can have its

own wireless, security, and QoS configurations. Each profile group can contain up to

profiles for a dual-band access point, or eight profiles for a single-band access point.

Using dual-band access points, the wireless controller could support a total of 128 profiles.

Each profile has its own SSID and can have its own VLAN to allow the profile to establish its

own tunnel. Profiles can also share the same VLAN.

In larger network deployments also, you would assign guests to a separate VLAN because

guests typically access only the Internet, not the business network, and do not have

peer-to-peer access.

Profile Naming Conventions

You can use profile naming conventions that are based on user groups such as Marketing, or

based on VLANs such as VLAN40, or you can use other naming conventions such as

CompanyName15.

Note:

In the advanced configuration, you cannot change the names of

profile groups. However, you can change the group names of MAC

ACLs and external RADIUS servers.

Considerations Before You Configure Profiles

Before you create and configure profiles for the basic profile group or an advanced profile

group, consider the following:

•

Authentication servers

. If you want to use external LDAP or RADIUS authentication, or

both, first configure the authentication server settings:

Configure basic server settings on the basic Authentication Server screen (see

Configure Basic Authentication Server Settings

on page

105).

For more complex networks, configure additional RADIUS servers on the advanced

Authentication Server screen (see

Configure a RADIUS Authentication Server Group

on page

107).

After you have configured authentication server settings, you can then assign any

authentication server to a security profile in a basic profile group or advanced profile

group.