Dell PowerConnect W-IAP92 Dell Instant 6.2.0.0-3.2.0.0 User Guide - Page 286
VPN Configuration, Creating a W-IAP Whitelist, Controller Whitelist DB, External Whitelist DB
View all Dell PowerConnect W-IAP92 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 286 highlights
VPN Configuration The following VPN configuration steps on the controller, enable W-IAPs to terminate their VPN connection on the controller: Creating a W-IAP Whitelist Controller Whitelist DB W-IAP whitelist is the list of approved AP's that can be provisioned on your controller. To create a W-IAP whitelist: 1. Navigate to Configuration > AP Installation (under Wireless) and then click the RAP Whitelist tab on the right side. 2. Click the New button and provide the following details: a. AP MAC Address - Mandatory parameter. Enter the MAC address of the AP. b. Username - Enter a username that will be used when the AP is provisioned. c. AP Group - Select a group to add the AP. d. AP Name - Enter a name for the AP. If an AP name is not entered, the MAC address will be used instead. e. Description - Enter a text description for the AP. f. IP-Address - Enter an IP address for the AP. 3. Click the Add button to add the instant AP to the whitelist. The ap-group parameter is not used for any configuration, but needs to be configured. The parameter can be any valid string. If an external whitelist is being used, the MAC address of the AP needs to be saved in the Radius server as a lower case entry without any delimiter. External Whitelist DB The external whitelist functionality enables you to configure the RADIUS server to use an external whitelist for authentication of MAC addresses of RAPs. If you are using Windows 2003 server, perform the following steps to configure external whitelist on it. There are equivalent steps available for Windows Server 2008 and other RADIUS servers. 1. Add the MAC addresses for all the RAPs in the Active Directory of the Radius server: a. Open the Active Directory and Computers window, add a new user and specify the MAC address (without the colon delimiter) of the RAP for the user name and password. b. Right-click the user that you have just created and click Properties. c. In the Dial-in tab, select Allow access in the Remote Access Permission section and click OK. d. Repeat Step a through Step b for all RAPs. 2. Define the remote access policy in the Internet Authentication Service: a. In the Internet Authentication Service window, select Remote Access Policies. b. Launch the wizard to configure a new remote access policy. c. Define filters and select grant remote access permission in the Permissions window. d. Right-click the policy that you have just created and select Properties. e. In the Settings tab, select the policy condition, and Edit Profile.... f. In the Advanced tab, select Vendor Specific, and click Add to add new vendor specific attributes. 286 | IAP-VPN Dell PowerConnect W-Series Instant Access Point 6.2.0.0-3.2.0.0 | User Guide