Dell W-Series 324 Instant 6.4.3.1-4.2 User Guide - Page 387
W-IAP Configuration for Scenario 2-IPSec: Single Datacenter with Multiple controllers for Redundancy
View all Dell W-Series 324 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 387 highlights
Table 76: W-IAP Configuration for Scenario 2-IPSec: Single Datacenter with Multiple controllers for Redundancy Configuration Steps CLI Commands UI Procedure NOTE: The IP range configuration on each branch will be the same. Each W-IAP will derive a smaller subnet based on the client count scope using the Branch ID (BID) allocated by controller. 6. Create authentication servers for user authentication. The example in the next column assumes 802.1X SSID. (ap)(config)# wlan auth-server server1 (ap)(Auth Server "server1")# ip 10.2.2.1 (ap)(Auth Server "server1")# port 1812 (ap)(Auth Server "server1")# acctport 1813 (ap)(Auth Server "server1")# key "presharedkey" (ap)(Auth Server "server1")# exit See Configuring an External Server for Authentication (ap)(config)# wlan auth-server server2 (ap)(Auth Server "server2")# ip 10.2.2.2 (ap)(Auth Server "server2")# port 1812 (ap)(Auth Server "server2")# acctport 1813 (ap)(Auth Server "server2")# key "presharedkey" 7. Configure wired and wireless SSIDs using the authentication servers and access rules created above and enable authentication survivability. Configure wired ports to operate in L3 mode and associate distributed L3 mode VLAN 30 to the wired port profile. (ap)(config) # wired-port-profile wired-port (ap)(wired-port-profile "wired-port")# switchportmode access (ap)(wired-port-profile "wired-port")# allowed-vlan all (ap)(wired-port-profile "wired-port")# native-vlan 30 (ap)(wired-port-profile "wired-port")# no shutdown (ap)(wired-port-profile "wired-port")# access-rulename wired-port (ap)(wired-port-profile "wired-port")# type employee (ap)(wired-port-profile "wired-port")# auth-server server1 (ap)(wired-port-profile "wired-port")# auth-server server2 (ap)(wired-port-profile "wired-port")# dot1x (ap)(wired-port-profile "wired-port")# exit (ap)(config)# enet1-port-profile wired-port See Configuring a Wired Profile and Wireless Network Profiles Configure a wireless SSID to operate in L2 mode and associate Centralized L2 mode VLAN 20 to the WLAN SSID profile. (ap)(config) # wlan ssid-profile guest (ap)(SSID Profile "guest")# enable (ap)(SSID Profile "guest")# type guest (ap)(SSID Profile "guest")# essid guest (ap)(SSID Profile "guest")# opmode opensystem (ap)(SSID Profile "guest")# vlan 20 (ap)(SSID Profile "guest")# auth-server server1 (ap)(SSID Profile "guest")# auth-server server2 (ap)(SSID Profile "guest")# captive-portal internal NOTE: This example uses internal captive portal use case using external authentication server. You can also use an external 387 | IAP-VPN Deployment Scenarios Dell Networking W-Series Instant 6.4.3.1-4.2.0.0 | User Guide