Dell W-Series 207 Instant 6.4.3.1-4.2 User Guide - Page 382
Configuration Steps, CLI Commands, UI Procedure, Table 75
View all Dell W-Series 207 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 382 highlights
Table 75: W-IAP Configuration for Scenario 1-IPSec: Single Datacenter Deployment with No Redundancy Configuration Steps CLI Commands UI Procedure 1. Configure the primary host for VPN with the Public VRRP IP address of the controller. (ap)(config)# vpn primary See Configuring an IPSec Tunnel 2. Configure a routing profile to tunnel all 10.0.0.0/8 subnet traffic to controller. (ap)(config)# routing-profile (ap)(routing-profile)# route 10.0.0.0 255.0.0.0 See Configuring Routing Profiles 3. Configure Enterprise DNS for split DNS. The example in the next column uses a specific enterprise domain to only tunnel all DNS queries matching that domain to corporate. (ap)(config)# internal-domains (ap)(domains)# domain-name corpdomain.com See Configuring Enterprise Domains 4. Configure centralized L2 and distributed L3 with VLAN 20 and 30 respectively. Centralized L2 profile (ap)(config)# ip dhcp l2-dhcp (ap)(DHCP Profile "l2-dhcp")# server-type Centralized,L2 (ap)(DHCP Profile "l2-dhcp")# server-vlan 20 Distributed L3 profile (ap)(config)# ip dhcp l3-dhcp (ap)(DHCP Profile "l3-dhcp")# server-type Distributed,L3 (ap)(DHCP Profile "l3-dhcp")# server-vlan 30 (ap)(DHCP Profile "l3-dhcp")# ip-range 10.30.0.0 10.30.255.255 (ap)(DHCP Profile "l3-dhcp")# dns-server 10.1.1.50,10.1.1.30 (ap)(DHCP Profile "l3-dhcp")# domain-name corpdomain.com (ap)(DHCP Profile "l3-dhcp")# client-count 200 See Configuring Centralized DHCP Scopes and Configuring Distributed DHCP Scopes NOTE: The IP range configuration on each branch will be the same. Each W-IAP will derive a smaller subnet based on the client count scope using the Branch ID (BID) allocated by controller. 5. Create authentication servers for user authentication. The example in the next column assumes 802.1X SSID. (ap)(config)# wlan auth-server server1 (ap)(Auth Server "server1")# ip 10.2.2.1 (ap)(Auth Server "server1")# port 1812 (ap)(Auth Server "server1")# acctport 1813 (ap)(Auth Server "server1")# key "presharedkey" (ap)(Auth Server "server1")# exit (ap)(config)# wlan auth-server server2 (ap)(Auth Server "server2")# ip 10.2.2.2 (ap)(Auth Server "server2")# port 1812 (ap)(Auth Server "server2")# acctport 1813 (ap)(Auth Server "server2")# key "presharedkey" See Configuring an External Server for Authentication 6. Configure wired and wireless SSIDs using the Configure wired ports to operate in L2 mode and associate centralized L2 mode VLAN 20 to the wired port profile. See Configuring a Dell Networking W-Series Instant 6.4.3.1-4.2.0.0 | User Guide IAP-VPN Deployment Scenarios | 382