DELL PowerConnect W-IAP93
Contents
1. OK Cancel 4 Click OK Migrating from a Virtual Controller Managed Network to Mobility Controller Managed Network An W IAP can be converted to an ArubaOS Campus AP You have to configure the IP address of the controller in the Instant UI Before converting the W IAP ensure that both the W IAP and controller are configured to operate in the same regulatory domain After conversion the W IAP acts as an ArubaOS Campus AP K NOTE Migrating from a virtual controller managed network to mobility controller managed network is a one way transition An Dell OS Campus AP cannot be converted to an W IAP l At the top right corner of Instant UI click the Maintenance link The Maintenance box appears Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Managing IAPs 59 Figure 50 Maintenance Box Maintenance About Configuration Certificates Firmware Reboot Convert Current Configuration version 5 0 3 0 1 1 0 virtual controller country IN i virtual controller key 98e5e95501fchcSt d280b82ceb01leba0bs67eas7dd97658a name Instant Controller m led display Clear Configuration Close 2 Click the Convert tab Figure 51 Maintenance Convert Tab Maintenance Help About Configuration Certificates Firmware Reboot Convert Use this page to convert the access points to management by a Mobility Controller IP Address of Mobility Controller Convet Now Close2. Enter the authentication password in the Password tex box and retype the password in the Retype tex box Select the type of privacy protocol from the Privacy protocol drop down list Enter the privacy protocol password in the Password text box and retype the password in the Retype text box Click OK To edit the details for a particular user select the user and click the Edit button ee Se ee oe oe PY 10 To delete a particular user select the user and click the Delete button 110 SNMP Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 88 Creating Users for SNMPV3 Basie Admin RTLS Community Strings for SNMPV1 and SNMPV2 New SNMPYS User Auth protocol Privacy protocol Password Password evee evee OK Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide SNMP 111 112 SNMP Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 18 Airwave Integration and Management AirWave 1s a solution for managing rapidly changing wireless networks The easy to use interface and user centric approach lets you to easily solve any connectivity issues It allows you to efficiently and remotely manage and monitor enterprise wireless LAN It allows you to monitor and change wireless LAN settings generate compliance reports locate users and W IAPs and diagnose problems from any Internet connection Dell PowerConnect W IAPs communicate wit
3. 3 Enter the IP address of mobility controller in the IP Address of Mobility Controller text box 4 Click Convert Now Confirm the conversion in the Confirm Access Point Conversion box Figure 52 Confirm Access Point Conversion Box Confirm Access Point Conversion Service Will be interrupted until the access A points are configured by the Mobility Controller at 10 17 78 2 Do you want to continue Convert How Cancel 5 Click Close 60 Managing IAPs Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide K NOTE An W IAP can be converted to an ArubaOS Campus AP only if the controller is running ArubaOS 6 1 or later Rebooting the W IAP If you encounter any problem with the W IAPs you can reboot all W IAPs or selected W IAPs in a network using the Instant UI To reboot an W IAP l Click the Maintenance link The Maintenance box appears 2 Click the Reboot tab Figure 53 Rebooting the W IAP Maintenance Help About Configuration Certificates Firmware Reboot Convert Select the access point you wish to reboot Instar Access Poin Reboot selected Access Paint Reboot All Close 3 Inthe W IAP list select the W IAP that you want to reboot and click Reboot selected Access Point To reboot all the W IAPs in the network click Reboot All 4 Click Close Firmware Image Server in Cloud Network The image check feature allows the W IAP to discover new firmware image version
4. bssid d8 c c8 c4 29 80 ssid qa_kg1 ap_bssid_str 00 1la le 5ce d9 e0 match_mac 00 00 00 00 00 00 match_ip 0 0 0 0 Jun 2 06 01 33 sapd 633 lt 106003 gt AP OAW IAP 10 13 32 60 sapd ssid aruba ap bssid 00 24 6c 80 96 b1 Jun 2 06 01 40 sapd 633 lt 106003 gt AP OAW IAP 10 13 32 60 sapd ssid qa_kg1 bssid 00 1a 1le 5c d9 e0 Jun 2 06 01 41 sapd 633 lt 106003 gt AP OAW IAP 10 13 32 60 sapd ssid studentA bssid 00 24 6c 80 96 b0 Jun 2 06 01 42 sapd 633 lt 106001 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c c8 c4 29 80 bssid_str 00 1a 1e6 59 75 80 ssid aruba ap Jun 2 06 01 42 sapd 633 lt 106007 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c c8 c4 29 80 ssid aruba ap ap_bssid_str 00 1a 1e 59 75 80 match_mac 00 00 00 00 00 00 match_ip 0 0 0 0 Jun 2 06 01 53 sapd 633 lt 106001 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c7 c8 c4 29 80 bssid_str 00 1a le de a8 00 ssid Vineet_test Jun 2 06 01 53 sapd 633 lt 106007 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c 7 c8 c4 29 80 ssid Vineet_test ap_bssid_str 00 1la le dc a8 00 match_mac 00 00 00 00 00 00 match_ip 0 0 0 0 Jun 2 06 02 14 sapd 633 lt 106001 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c c8 c4 29 80 bssid_str 00 1a 1e 81 3a e0 ssid aruba ap Jun 2 06 02 14 sapd 633 lt 106007 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c c8 c4 29 80 ssid aruba ap ap_bssid_str 00 1la 1le 81 3a e0 match_mac 00 00
5. 2 Administrator assigned Channel 1 Transmit power 5 GHz band l Adaptive radio management assigned Administrator assigned Channel 36 Transmit power OK Cancel 4 Select the Access Mode from the drop down list K NOTE Select the Monitor Mode to configure the specific IAP in the Instant network in Monitor Mode and click OK 5 Select the Administrator assigned radio button in 2 4 GHz and 5 GHz band sections 6 Select appropriate channel number from the Channel drop down list for both 2 4 GHz and 5 GHz band sections 7 Enter appropriate transmit power value in the Transmit power text box in 2 4 GHz and 5 GHz band sections 8 Click OK Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Adaptive Radio Management 105 106 Adaptive Radio Management Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 16 Intrusion Detection System Intrusion Detection System IDS is a feature that monitors the network for the presence of unauthorized IAPs and clients It also logs information about the unauthorized IAPs and clients and generates reports based on the logged information Rogue AP Detection and Classification The most important IDS functionality offered in the Dell Instant network is the ability to detect rogue APs interfering APs and other devices that can potentially disrupt network operations An AP is considered to be a rogue AP if
6. Default W Percentage of Airtime Yo VLAN ID iW Each user kbps ch radio p Virtual Controller assigned SEU EES kbps Next Cancel In the Basic Info tab perform the following steps Type a name for the network in the Name SSID text box b Select the Voice radio button from the Primary usage options This selection determines the primary usage of the network being added c Select the required Client IP assignment option Available options for a Voice network are Network assigned Default Network assigned VLAN ID and Virtual Controller assigned Table 7 Conditions for Adding a Voice Network Basic Info Tab If then You select the Network assigned Default option The client gets the IP address in the same subnet at the IAPs You select the Network assigned VLAN ID option The client gets the IP address from the specified VLAN Enter the ID of the VLAN in the VLAN ID text box You select Virtual Controller assigned option The client gets the IP address from the virtual controller The virtual controller creates a private subnet and VLAN for the IAPs and the wireless clients The virtual controller NATs all traffic that passes out of this interface This setup eliminates the need for complex VLAN and IP address management for a multi site wireless network 2 Click the More link and perform the following steps These steps are optional a Band Set the band at which the wireless network will transmit rad
7. Interfering 6 B 15 48 12 d ethersnh Tnterferinn 48 AN 4NM7 15 47 57 f s 27 1h Ae Af 94 TAM Interferinn 1 G 15 48 17 P a Rogue Containment Enable or disable rogue containment on the Instant network By default this is disabled NOTE The rouge containment is supported only when the IAPs are in the monitor mode Figure 85 Rogue Containment Basic Admin Classification Rogue containment Valid Rogue sal Disabled aan Enabled Containment method Containment Methods You can enable wired and wireless containments to prevent unauthorized stations from connecting to your Instant network Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Intrusion Detection System 107 Instant supports the following types of containment mechanisms e Wired amp Wireless An IAP or client is contained by disrupting its connection on the wired and wireless interfaces e Wired An IAP or client is contained by disrupting its connection on the wired interface e Wireless An IAP or client is contained by disrupting its association on the wireless interface e None Disables all the containment mechanisms Figure 86 Containment Methods Basic Admin RTLS SNMP IDS ARM Advanced Classification Valid Rogue Rogue containment Disabled Containment method Wired amp Wireless Wired amp Wireless NOTE Wireless containment is the re
8. match_ip 0 0 0 0 Jun 2 06 00 16 sapd 633 lt 106001 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c c8 c4 29 80 bssid_str d8 c c8 80 18 40 ssid aruba ap Jun 2 06 00 16 sapd 633 lt 106007 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c 7 c8 c4 29 80 ssid aruba ap ap_bssid_str d8 c7 c8 80 18 40 match_mac 00 00 00 00 00 00 match_ip 0 0 0 0 Jun 2 06 00 17 sapd 633 lt 106001 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c 7 c8 c4 29 80 bssid_str 00 1a 1le 5c d9 e0 ssid gqa_kgl Jun 2 06 00 17 sapd 633 lt 106007 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c 7 c8 c4 29 80 ssid qa_kg1 ap_bssid_str 00 1a 1le 5c d9 e0 match_mac 00 00 00 00 00 00 match_ip 0 0 0 0 Jun 2 06 00 34 sapd 633 lt 106001 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c7 c8 c4 29 80 bssid_str 00 1la 1le 40 d1 b1 ssid Jun 2 06 00 34 sapd 633 lt 106007 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c7 c8 c4 29 80 ssid ap_bssid_str 00 1a le 40 d1 b1 match_mac 00 00 00 00 00 00 match_ip 0 0 0 0 Jun 2 06 00 45 sapd 633 lt 106003 gt AP OAW IAP 10 13 32 60 sapd ssid qa_kg1 bssid 00 1la le 5c d9 e0 Jun 2 06 00 46 sapd 633 lt 106003 gt AP OAW IAP 10 13 32 60 sapd ssid bssid 00 1la le 40 d1 b1 Jun 2 06 01 21 sapd 633 lt 106001 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c c8 c4 29 80 bssid_str 00 1la 1le 5c d9 e0 ssid ga_kgl Jun 2 06 01 21 sapd 633 lt 106007 gt AP OAW IAP 10 13 32 60 sapd
9. 80 95 c9 ethersph Interfering 161 AN 40MZ 15 47 57 f 00 19 7e 4ciea icc ethersph Interfering 149 15 48 12 P 24 6c Portal Interfering 44 15 47 57 00 27 10 5c ae 24 ethersph Interfering 161 AN 40M2 15 46 12 6c a vlan 3 3 Interfering 36 AN 40MZ 15 47 57 bd 00 26 c7 47 e3 ba ethersph Interfering 6 GN 20MZ 15 48 12 bd 6G 8 ethersph Interfering 149 AN 40MZ 15 47 57 bd 00 17 ca 80 51 4c ethersph Interfering 6 G 15 48 12 f 4 6c 80 95 ca Aruba In Interfering 161 AN40MZ 15 47 57 00 26 c7 40 04 5a ethersph Interfering 6 GN 20MZ 15 48 12 4 6c 88 ethersph Interfering 157 AN 40MZ 15 47 57 d 00 26 c7 44 06 e8 ethersph Interfering 1 GN 20MZ 15 48 12 d le 112 vj voice Interfering 60 A Bat ERTA P 00 26 c6 b7 7a 76 ethersph Interfering 161 AN 40MZ 15 48 12 f 00 1a 1e 17 dc 60 ipy6 alpha Interfering 1 GN 20M2 15 47 57 f 00 19 7 d0 IBM Interfering 6 B 15 48 12 00 24 6c 80 fd 78 ipv6 alpha Interfering 44 AN 40MZ 15 47 57 f 00 26 c6 3 08 ethersph Interfering 161 AN 40MZ2 15 48 12 bg 00 24 6c 84 21 08 raji split Interfering 44 AN 40MZ 15 47 57 f0 7b 8c ethersph Interfering 6 GN 20M2Z2 15 48 12 60 79 50 qa st pra Interfering 11 GN 20M2 15 47 57 00 22 fa bc 20 8a ethersph Interfering 161 AN40MZ 15 48 12 9 ethersph Interfering 149 AN 40MZ 15 47 57 P 00 24 d6 9d cd b4 ethersph Interfering 161 AN 40MZ 15 48 12 fP ethersph Interfering 157 AN 40MZ 15 47 57 00 26 c7 43 ff 8e ethersph
10. A 00 27 10 8d 94 28 IBM Interfering 1 B 15 48 12 f A 00 24 6c 80 9 c8 ethersph Interfering 161 AN 40MZ 15 47 57 f F 00 18 de 74 45 17 IBM Interfering 6 G 15 48 12 E 00 24 6c 0 Ba tw cert Interfering 44 A 15 47 57 00 22 fa 7a 56 ae IBM Interfering 1 G 15 48 12 2 10 j wpa2p Interfering 60 A 15 47 57 00 26 c6 4c 1c id4 IBM Interfering 1 G 15 48 12 47 48 c portal apInterfering 64 4 15 47 57 00 27 10 8e 41 d4 IBM Interfering 1 B 15 48 12 20 nh rap w Interfering 1 GN 20M2 15 47 57 00 19 7e 25 78 fd IBM Interfering 1 G 15 48 12 IBM Interfering 6 G 15 47 57 00 1f 3c 1b 80 64 IBM Interfering 1 G 15 48 12 ethersph Interfering 161 AN40MZ 15 47 57 00 19 7e 4ciea icc ethersph Interfering 149 A amp A 15 48 12 Portal Interfering 44 15 47 57 00 27 10 5c ae 24 ethersph Interfering 161 AN40M2Z2 15 48 12 P a vlan 3 3 Interfering 36 AN 40MZ 15 47 57 00 26 c7 47 e3 ba ethersph Interfering 6 GN 20M2 15 48 12 5f 28 ethersph Interfering 149 AN40MZ 15 47 57 00 17 ca 60 51 4c ethersph Interfering 6 G 15 48 12 P 95 ca Aruba In Interfering 161 AN40M2 15 47 57 00 26 c7 40 04 5a ethersph Interfering 6 GN 20M2 15 48 12 88 ethersph Interfering 157 AN40MZ 15 47 57 00 26 c7 44 06 e8 ethersph Interfering 1 GN 20MZ 15 48 12 2 vj voice Interfering 60 A 15 47 57 P 00 26 c6 b7 7a 76 ethersph Interfering 161 AN 40MZ 15 46 12 60 ipv6 alpha Interfering 1 GN 20M2 15 47 57 4 00 19 7e
11. At the top right corner of the Instant UI click the Settings link In the Settings box click the Basic tab Enter the domain name of the client in the Domain name text box Enter the IP addresses of the DNS servers seperated by comma in the DNS server text box Enter the duration of the DHCP lease in the Lease time text box S Se ee Select Minutes Hours or Days for the lease time from the drop down list next to Lease time Figure 59 Configuring the DHCP Server Name IP address Content filtering Disabled Date amp Time NTP Server Timezone International Date Line West UTC 12 DHCP Server Domain name Test DNS Server s 10 100 11 153 Lease time 5 Minutes OK Cancel 7 Click OK 68 Virtual Controller Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 9 Authentication Authentication Methods in Dell Instant Authentication is a process of identifying a user by having them to provide a valid username and password Clients can also be authenticated based on their MAC addresses The following authentication methods are supported in Dell Instant 802 1X Authentication Captive Portal MAC Authentication 802 1X Authentication 802 1X is a method for authenticating the identity of a user before providing network access to the user Remote Authentication Dial In User Service RADIUS is a protocol that provides centralized aut
12. Tunnel Preference Tunnel Private Group Id Tunnel Server Auth Id Tunnel Server E ndpoint Tunnel Type User Category User Name User VLAN Vendor Specitic Management Authentication Settings To authenticate the Virtual Controller Management UI perform the following steps l Ze 3 Click the Settings link Select the Admin tab In the Authentication drop down list select any one of the following Internal Select the Username and Password specified in the respective text boxes to access the Virtual Controller Management UI RADIUS Server Specify one or two radius servers to authenticate UI If two servers are configured users can use them in primary backup mode or load balancing mode this is identical to the radius server configuration for SSIDs For information on configuring external RADIUS server see External RADIUS Server on page 70 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide RADIUS server w fallback to internal Specify the radius servers as well as a Username and Password Figure 62 Management Authentication Settings Settings Help Basic Admin RTLS SNMP IDS ARM Advanced Local Authentication Internal S ie Username ladmin sis Password essee ts Retype eses sis AirWave Organization DOOS O OE AirWave IP oT Shared key fo Retype S OK Cancel 4 Click OK Captive Portal Dell Instant network supports captive portal authentication method for a
13. Windows Server Windows XP Windows ME OS X iPhone iPAD Android Blackberry Linux In the following image the OS of the client is Windows XP Figure 81 OS Fingerprinting Info Name IF Address 10 13 32 59 MAC Address 58 94 6b 79 73 58 os Win 7 Network Emp Networki Access Point Instant Access Point Channel 157 Type AN Role Emp_Network1 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide OS Fingerprinting 101 102 OS Fingerprinting Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 15 Adaptive Radio Management Adaptive Radio Management ARM is a radio frequency management technology that optimizes WLAN performance even in the networks with highest traffic by dynamically and intelligently choosing the best 802 11 channel and transmitting power for each IAP in its current RF environment ARM works with all standard clients across all operating systems while remaining in compliance with the IEEE 802 11 standards It does not require any proprietary client software to achieve its performance goals ARM ensures low latency roaming consistently high performance and maximum client compatibility in a multi channel environment By ensuring the fair distribution of available Wi Fi bandwidth to mobile devices ARM ensures that data voice and video applications have sufficient network resources at all times ARM allows mixed 802 1 1a b g and n client types
14. a Internal Authenticated Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Authentication 75 b Internal Acknowledged Figure 63 Configuring Captive Portal when Adding A Guest Network New Network B 2 ES Security Level Splash page Splash Page Preview Welcome to the Guest Network Type of splash page Internal Authenticated s Internal Acknowledged gt External Authentication server 1 InternalServer Ly v For internal server Uses Certificates E Encryption Back Next Cancel The appearance of a splash page can be customized as required For information on customizing a splash page see Customizing a Splash Page on page 78 4 Click Next and click Finish Configuring Internal Captive Portal Authentication when Editing a Guest Network To configure internal captive portal authentication when editing a guest network perform the following steps 76 Authentication In the Network tab click the network for which you want to configure internal captive portal authentication The edit link for the network appears Click the edit link The Edit box for the network appears Click Next and select one of the following options for the splash page type in the Security tab a Internal Authenticated a Internal Acknowledged Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 64 Configuring Captive Porta
15. the Virtual Controller and allow you to monitor the network Info Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Monitoring 117 RF Dashboard Usage Trends Info The Info section displays the following information about the Virtual Controller Name Virtual Controller name Country Code Country in which the Virtual Controller is operating IP address IP address of the Virtual Controller Content filtering Status of the Content Filtering feature Enabled or Disabled Organization Name of the organization AirWave IP IP address of the AirWave server Band Band in which the virtual controller is operating 2 4 GHz band 5 4 GHz band or both NTP server IP address of the NTP server RF Dashboard The RF Dashboard section displays the following information IP address Signal and Speed information about the clients in the Dell Instant network If the speed or signal strength of a client is low IP address of the client appears as a link Click the link to monitor the client For more information see Client View on page 125 Instant Access Points Utilization Noise and Errors information about the IAPs in the Dell Instant network If utilization noise or errors of an AP are not within the specified threshold the IAP name appears as a link Click the link to monitor the IAP For more information see Instant Access Point View on page 122 Usage Trends The Usage Trends sec
16. utilization for the 2 4 GHz band at 22 28 hours NOTE You can also click the rectangle icon under the Utilization column in the RF Dashboard pane to see the Utilization graph for the selected IAP To monitor the In and Out frame rate per second for the radio in 2 4 GHz band for the last 15 minutes 1 Log into the WebUI The Virtual Controller view appears This is the default view 2 Inthe Access Points tab click the name link of the IAP for which you want to monitor the frame rate The IAP view appears Study the 2 4 GHz Frames graph in the RF Trends pane For example the graph on the left shows 1537 0 incoming frames at 22 31 hours To monitor the noise floor for the IAP for the last 15 minutes 1 Log in to the WebUI The Virtual Controller view appears This is the default view 2 Inthe Access Points tab click the name link of the IAP for which you want to monitor the noise floor The IAP view appears Study the Noise Floor graph in the RF Trends pane For example the graph on the left shows that the noise floor for the IAP at 22 38 hours is 82 0 dBm NOTE You can also click the rectangle icon under the Noise column in the RF Dashboard pane to see the Noise graph for the selected IAP To monitor the errors for the IAP for the last 15 minutes 1 Log in to the WebUI The Virtual Controller view appears This is the default view 2 Inthe Access Points tab click the name link of the IAP for which you want
17. 1 0 0 User Guide Authentication 77 Figure 65 Configuring Internal Captive Portal with External Radius Server Authentication New Network Help Security Level W Splash page External splash page Type of splash page IP or hostname 10 65 18 222 J Internal Authenticated URL login gw_address 3 Internal Acknowledged Port so 3 aan Authentication text Auth 1 a Encryption Back Next Cancel Customizing a Splash Page A splash page is a web page that is displayed to a guest user when they are trying to access the internet The appearance of a splash page can be customized as required To customize a splash page perform the following steps 1 In the Network tab click the network for which you want to customize the splash page The edit link for the network appears 2 Click the edit link The Edit box for the network appears 3 Click Next and perform the following steps in the Security tab 1 To change the color of the splash page click the Splash page rectangle and select the required color from the Background Color palette 2 To change the welcome text click the first square in the splash page type the required text in the Welcome text box and click OK The welcome text should not exceed 127 characters 3 To change the policy text click the second square in the splash page type the required text in the Policy text box and click OK The policy text should not exceed 255
18. 128 Monitoring Figure 103 Throughput Graph Errors fps Errors 9314 0 22 48 52 Last 2851 Min 1182 Max 12842 Avg 7012 For more information about RF trends graphs in the client view and for monitoring procedures see Table 17 Table 17 Client View RF Trends Graphs and Monitoring Procedures Graph Name Signal Frames Description The Signal graph shows the signal strength of the client for the last 15 minutes It is measured in decibels To see an enlarged view click the graph The enlarged view provides Last Minimum Maximum and Average signal statistics for the client fr the last 15 minutes To see the exact signal strength at a particular time hover the cursor over the graph line The Frames Graph shows the In and Out frame rate per second for the client for the last 15 minutes It also shows data for the Retry In and Retry Out frames Outgoing frames Outgoing frame traffic is displayed in green It is shown above the median line Incoming frames Incoming frame traffic is displayed in blue It is shown below the median line Retry Out Retries for the outgoing frames is displayed in black and is show above the median line Retry In Retries for the incoming frames Is displayed in red and is shown below the median line To see an enlarged view click the graph The enlarged view provides Last Minimum Maximum and Average statistics for the In Out Retries In and Re
19. 17459 10 Avg 0 9407 100 LK LOK 100K m pm m pe De I oye De op De 4 Pa og 4 aa s ee i e la s t e i i Noise Floor Errors To see the graphs for the 5 GHz band click the 5 GHz link Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Monitoring 123 124 Monitoring For more information about the graphs in the instant access point view and for monitoring procedures see lable 1 Table 15 nstant Access Point View RF Trends Graphs and Monitoring Procedures Graph Name Utilization 2 4 GHz Frames Noise Floor Errors Description The Utilization graph shows the radio utilization percentage of the access point for the last 15 minutes To see an enlarged view click the graph The enlarged view provides Last Minimum Maximum and Average radio utilization statistics for the IAP for the last 15 minutes To see the exact utilization percent at a particular time hover the cursor over the graph line The 2 4 GHz Frames graph shows the In and Out frame rate per second for the radio in 2 4 GHz band for the last 15 minutes Outgoing frames Outgoing frame traffic is displayed in green It is shown above the median line Incoming frames Incoming frame traffic is displayed in blue It is shown below the median line To see an enlarged view click the graph The enlarged view provides Last Minimum Maximum and Average statistics fo
20. 65 78 d0 IBM Interfering 6 B 15 48 12 P fd 78 ipv6 alpha Interfering 44 4N40M2 15 47 57 f 00 26 c6 bb d8 08 ethersph Interfering 161 AN 40M2 15 48 12 P 08 raji split Interfering 44 AN 40MZ 15 47 57 f0 7b cb a3 92 8c ethersph Interfering 6 GN 20MZ 15 48 12 d 79 50 qa st pra Interfering 11 GN 20M2 15 47 57 f 00 22 fa bc 20 8a ethersph Interfering 161 AN40M2Z2 15 48 12 f 29 ethersph Interfering 149 AN4OM2Z2 15 47 57 00 24 d6 9d cd b4 ethersph Interfering 161 AN40M2 15 48 12 P 89 ethersph Interfering 157 AN 40MZ 15 47 57 O0 26 c7 43 ff 8e ethersph Interfering 6 B 15 48 12 A ethersnh Tnterferinn 4A AN 40M7 15 47 57 a NN PFN Aef g4 TAM Interferinn 1 G 15 48 12 P 32 Instant User Interface Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Language The language links are provided in the login screen to allow users to select the preferred language before logging in to the Instant UI These links are located at the bottom left corner of the Instant UI A default language is selected based on the language preferences in the client desktop operating system or browser If Dell Instant cannot detect the language then English En is used as the default language AirWave Setup AirWave is a solution for managing rapidly changing wireless networks When enabled AirWave allows you to manage the Instant network For more information on AirWave see Chapter 18 Airwave Integration an
21. AP will be connected to Typically if a switch is in place and does not support PoE midspan power injectors are used NOTE A DNS server functions as a phonebook for the Internet and Internet users It converts human readable computer K hostnames into IP addresses and vice versa A DNS server stores several records for a domain name such as address A record name server NS and mail exchanger MX records Address A record is the most important record that is stored in a DNS server because it provides the required IP address for a network peripheral or element NOTE The Dynamic Host Configuration Protocol DHCP is an auto configuration protocol used on IP networks Computers or any network peripherals that are connected to IP networks must be configured before they can communicate with other computers on K the network DHCP allows a computer to be configured automatically thereby eliminating the need for a network administrator DHCP also provides a central database to keep a track of computers connected to the network This database helps in preventing any two computers from being configured with the same IP address To complete the initial setup perform the following tasks in the given order l Connecting the W IAP to a Power Source on page 18 2 Assigning an IP Address to the W IAP on page 18 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Initial Configuration 17 3 Connecting to the Pro
22. Access Point 5 0 3 0 1 1 0 0 User Guide Monitoring 119 Network View All Wi Fi networks in the Dell Instant network are listed in the Networks tab Click the network that you want to monitor Network View for the selected network appears Similar to the Virtual Controller view the Network view also has three tabs Networks Access Points and Clients The following sections in the Instant UI provide information about the selected network Info Usage Trends Figure 94 Network View Users Settings Servers Roles Maintenance Support Help Logout D LL VIRTUALCONTROLLER PowerConnect W Series Arua nettorks Instant Controller amp 2 Networks 6 1 Access Point Fl 1 Client on Emp_Network1 Name Clients Name Clients Name IP Address Network O 9g Emp_Networki i Instant Access Point 1 169 254 70 134 Emp_Network1 Instant Acce Guest_Network 0 New Xy Emp_Network1 Info RF Dashboard Usage Trends Name Emp_Network1 Signal Speed Utilization Noise Errors Clients Key management wpa2 psk aes 10 Band all All Clients i Ey Eoy All Access Points z pa ps Type employee IP assignment Default VLAN Access rules Allow any to all destinations Throughput bps EN v Status Not Set Up Set Up Now Pause The Info section displays the following information about the selected network Name Name of the network Key Management Authentication key type Band Band in which the network is broadcast 2 4 GHz b
23. Airwave Discovery through DHCP Option ceeseseescsesssseeseceeseseessseseesesesatsesesseseees 115 KONONO aisctsnrs cateamctaies steer veseecs atean en aniraste nnn achsateuia eananeaasastenamaee ute anedes ue paacasonncgeaeinal 117 virtual Controler VN cesan 117 Monitoriag LIK casisszcaseaseiacicunsietarasanecssvandebindeediestestacndvasawedss cxodcanednnlusidaraiemieaseiaavetssnabirdaedarecues 117 RO a san sesavae eee oaceaveteeseenisGoneaisaiecste suesnseeaneeesuenuneaees 118 BYE ISN Oeil cira A peusnethecetuanatemenedas 118 USE TENU omens ee EPS DR S 118 Chent Alerts LINK essien aa EA 119 D L e uceuvesee acstexieiortavecseyeamneaoseencserecrnto reeset cunecnvinents 119 NE OT VMN oes eve ack eave ra cae gute 120 WV geass E EE EA AE EAA ssut cuss on AE E E OE E EE EE 120 USOC ATEN r EE E E E S 120 Instant Access Point VieW snsesenenensnsesrsnsnsnnrnrnrerererursrnrnrnrnrnrnnnururararnnnnnnnnnnsnnnnnsannnnnnnnrnnnrnnnna 122 PUI ANEO OEE A P E EE PE E A E E E E 123 RE GIS FINO dI e E E E AEAN 123 BV BG E E E EEEE E OE E E AE 123 Werer 2 o e eR E E E E E E E EE E EE E ENEE E EE 125 CITE WU A EEE E E E N E 125 LMT PENS E A E E E E ANE E E E EE E E EE E E 126 PF ASO I O oe A erases 126 AE ENOS a E A E ede ratcesietes 126 Mobility Trall aumisasisnss anaE aE E ESSEE ENAA 129 Alert Types and Manageme nt ccccccscsscsssscsscsssscsecessesessesseseseesecsesaueseesateesesanees 131 USED le SO aseeceietinestartcanssnsnasceaeiueesete
24. COME CUS senescere ea n a o 48 BU ESI IN WOT eeaeee EA 49 Mesh Instant Access POINTS cccccssssessssessesssscsessesesseseesesecsesaesesaeseeaeseesesaesesauseeauseesesaesesaeseses 49 IVES 1 RONS E sa caeaneacaeeeaseceaa aera eesersee as oteeres 49 Mesh POIS gee Steet naa re crescendo ded ed ee cnet acca ote eta cat ade ancemetre cna 49 metant MESS e U eae A A dabusasusestoaah toveatneanscneeaiest 50 Manading LAP Soraineni aE E A Ea 53 Auto dom MONG esiinsaaminen NaO OEN EE 53 Disabling Auto Join MOde cc cccesesscssssesssscssssesecseseesesecsesaesecseseeseseesesaesesauseeseseesesanseeanses 53 LED DISDE eE N eee 54 MS INANE OCC SS erap O N 54 SATE E LE AEE E E tte E EE E A A E ET E A S E A nates 55 Adding an W IAP to the Network cccscccssscesssccssssesscsessesessesessesecseseeseseesesaesesauseeseseeseeaneeeasaes 55 Removing an W IAP from the Network ccccescesssscssscssesecssssececseesessessssessessecsesensecseesesansasesees 56 Editing W IAP Settings ctricos 56 Changing W IAP Name ccccsssesessescscssssessseceeseseesesesecsesecaesesessesesassesesaesesassesesaasesasenereass 56 Changing IP Address of the W IAP ou ccc ececessssesssscscssssesseecesseseeassesessesesassesessesesateneeeans 57 Configuring Adaptive Radio Management cccscesccssssesssssscssssessesessesessseesessesesaseneeees 58 Configuring an External Antenna ccccssssssssccssssesseesscsessessseceesesesaesesesseseeassesesaesesase
25. Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 26 Security Tab Enterprise New Network Help Basic Info 3 Security Level More WPA 2 Enterprise ee Key management FS Authentication server 1 InternalServer Ea Authentication Enterprise Personal For internal server Users Certificates Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Wireless Network 39 Figure 27 Security Tab Personal New Network Help eran Saami Security Level a Key management WPA 2 Personal Za Secure 8 63 alphanumeric chars ba Passphrase format Enterprise Passphrase f f payee Loo Personal l MAC authentication Disabled FA Open Secure Figure 28 Security Tab Open New Network Help Basic Info Security Security Level More Encryption None Secure MAC authentication Enabled EA Authentication server 1 InternalServer Enterprise Authentication server 2 ery Personal T For internal server Users Certificates j Open Less Secure Back Next Cancel 40 Wireless Network Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide 5 Click Next The Access tab appears The Allow any to all destinations access rule is enabled by default This rule allows traffic to all destinations Instant Firewall treats packets based on the first rul
26. Figure 69 Figure 70 Figure 71 Figure 72 Figure 73 Figure 74 Figure 75 Figure 76 Figure 77 Figure 78 Figure 79 Figure 80 Figure 81 Figure 82 Figure 83 Figure 84 Figure 85 Figure 86 Figure 87 Figure 88 Figure 89 Figure 90 Figure 91 Figure 92 Figure 93 Figure 94 Changing W IAP Name ccccsesesessssssessssesssesecseseesesesecsesesaesesesaesesassesecassusesensesetsusesassesessesesanseeass 57 Configuring W IAP Settings Connectivity Tab e ssenesensesenenennensnsnnnnensrnnnnersnnnrsnurnnnnnnrersnnnnen 57 Configuring W IAP Connectivity Settings Specifying Static SettingS essen 58 Configuring W IAP Radio Settings Mode ACCESS cccccsesesssssessssesesecsssesessseesesseseeaseneeeen 58 Configuring W IAP External Antenna SettingS ccssssssssesssssssssssesseesssseseesseesesseseeaseneeeass 59 Maimtenante BOK earren ene ee ee er ee ee 60 Maintenance Convert Tab ccessssssesssscscsssssssesscscsessesesecessesecsesescessesecssseseesusesasseseeaeeesaneeass 60 Confirm Access Point Conversion BOX ccccsssessssescssssesseesecsesesseseeececseseeseseceesusecaesesessuseeasensess 60 Rebooting the W IAP scisssvsnsanescuiavnetatbshesibanccvncunsdusaiensaeveudasawncssroekunivesuaneasiat emnpesdeseatutnacsenaaseenaalbaies 61 Automatic Image Check New Version Available Link ccecessescessssesseecscssssesssesesseseeaseees 62 New Version Available BOX cccssscssssssscssssessssessssesecsss
27. Max Tx EIRP setting it cannot support this value will be reduced to the highest supported power setting 104 Adaptive Radio Management Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Default 127 dBm Monitoring the Network with ARM When ARM is enabled an IAP dynamically scans all 802 11 channels within its 802 11 regulatory domain at regular intervals and provides reports for network WLAN coverage interference and intrusion detection toa virtual controller ARM Metrics ARM computes coverage and interference metrics for each valid channel and chooses the best performing channel and transmit power settings for each IAP RF environment Each IAP gathers other metrics on their ARM assigned channel to provide a snapshot of the current RF health state Configuring Administrator Assigned Radio Settings for IAP ARM is enabled on Dell Instant by default It automatically assigns appropriate channel and power for the IAPs To manually configure radio settings using the Instant UI perform the following steps 1 Inthe Access Points tab click the AP for which you want to enable ARM The edit link appears 2 Click the edit link The Edit AP box appears 3 Click the Radio tab Figure 83 Configuring Administrator Assigned Radio Settings for IAP Edit Access Point Instant Access Point Name Connectivity Radio External Antenna Mode Access 2 4 GHz band Adaptive radio management assigned
28. Mode eesesssssscssssesssecscssssesesececsesecsesesecseecaesesecsusesarsesessusecassesesaasesasenss 103 Air Time Faire SS riiin ara 104 Air Time Fairness Modes cccccseccssesssscsessescescsessesesseseesesecsesassesaeseesesessesaseesauseseneess 104 Customize valid CHANNEIS cceescescesssseesececseseesesesecsesecaesesecseseeassesesaesesatsesesaesesaseneeeass 104 Min transmit POWED ccccscecssesesessssseesecsessesesseseesesecsesaeseseesessesecsesaesesauseseusessesaesesaeseeanseeees 104 Max transmit VV Ossie ces costa sss coonsserandeao r aai 104 Monitoring the Network with ARM c cc ccsseessesseseeecssseesessesesseeesseseeseseeseseeeessuseseneess 105 ARM VE UNG 3s sess sciracuneao tac tnnceciasaceanereeameescantessonesenes cbuntaseirieeecyanansnaurainacseenecvarnatenssenvente 105 Configuring Administrator Assigned Radio Settings for IAP cccccseesesseseseseeeeeees 105 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide 5 6 Chapter 16 Chapter 17 Chapter 18 Chapter 19 Chapter 20 Chapter 21 Chapter 22 Appendix A intrusion Detection Syster siirsin aiaei Naaa ONAN 107 Rogue AP Detection and ClassifiCation cccccssssssssscssssssssssssscssssesesececsesecsesecessusesassesesanseees 107 Rogue CONTAINMENL cccccccssesesesecscsessesesecscseseeassesecsesesaesesesacsesecsesescacseseacsusesausecassesesansesases 107 OMIM MIE MethoU S ssis a EEN 107 SNN a A E E
29. Network Network that the client is connected to Access Point AP to which the client is connected Channel Channel that the client is currently broadcasting on Type Wi Fi type of the client A G AN or GN Role Role assigned to the client Signal Signal strength Speed mbps Data transfer speed Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Instant User Interface 23 Figure 10 Client Tab Compressed View and Expanded View El 1 Client Associated with Instant Access Point Name IP Address Network Access Point 10 13 32 59 Emp_Network1 Instant Access Point E 1 Client Name IP Address MAC Address Os Network Access Point Channel Type Role Signal Speed mbps 10 13 32 59 58 94 6b 79 73 58 Emp_Network1 Instant Access Point Emp_Network1 Links The following links allow you to configure the features and settings for the Instant network Each of these links is explained in the subsequent sections New version available Users Settings Servers Roles Servers Support Help Logout Monitoring Client Alerts IDS Language AirWave Setup Pause Resume New version available This link appears in the Instant UI only if a new image version is available on the image server and AirWave is not configured For more information about the New version available link and its functions see Firmware Image Server in Cloud Network on page 61 Users This link displays the Users box Thi
30. Tab Instant User Role Settings New Network Help BY Basicinfo ey Security Access Access Rules More Control Roles Guest_Network l Emp_Networki 3 Role based Emp_Network 2 Network based _ Role Assignment Rules Default role Emp_Network 2 New 4 Unrestricted ly Less Control E Assign pre authentication role E Enforce Machine Authentication Back Finish Cancel Creating a New User Role To create a new user role perform the following steps 1 Click the New link in the Networks tab To define the access rule to an existing network click the network The edit link appears Click the edit link and navigate to the Access tab In the Basic Info tab enter the appropriate information Click Next and set appropriate values in the Security tab Click Next The Access tab appears Select Role based from the scroll bar in the left ee os Click the New button The New Rule box appears Enter the name of the new user role in this box Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Role Derivation 85 86 Role Derivation Figure 73 Creating a New User Role New Network Help Access Rules More Control Roles Guest_Network Emp_Networki Emp_Network 2 L Role based Network based NewRole OK Cancel Unrestricted j Default role Emp_Network 2 t Less Control Assign pre authentication role Enfor
31. dist erntvoe rtavesvtanevaieed dhaedursitedtnnnd uaveevennidneniided eteecmantenieeniemnentes 31 R S E E espe pen esa mvs ae E acerca E E acc oceteh ce E E 32 BFC 13 1e PAA T A E EA A N AA A T E EE 33 AINN A SCUD screener ebesi ri aE EEEa E Aaa E Eae 33 BUNS Oy FCS INN rhaecti Seaneatiseatsceidrvaiversndestaces teats ineens iasanen ain raa Eee E NEEE ENE EEN Eara ae EERS 33 VINS a A A A E 33 Chapter 4 Wireless NetWorK eseseneseneenenensnnrsnnnnunursrsnserurersrsrnrnnnurnnnrununnnrurnrersrnrnnnnnnrnrernrsnnnnnrnrerennne 35 NEO E S eE A E 35 ETL E NO WOL eae eiaveceactavtearetest unsecure ote eeiaareamans 35 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide 3 Chapter 5 Chapter 6 Chapter 7 Chapter 8 Chapter 9 Adding an Employee Network cccccsecssssessscsssssssecssseesesecesseeecseseeseseesesaseessnsassnsess 35 VOICE NEUVOT K rst cbse anasir EE EE ES N 41 Adding a Voice Network u ccccsssessecsssssescesseseeeesessesecseseeseseesesaesessusesauseesesateesansasensess 41 Guest NetWork sieve savestesazuesbiccusnsensniieartatanesandetermnicntesRenohianiistecnsmeielanenatiediestionncaratensstanieedies 44 Adding a Guest Network cccsssescssssssesssscscsessesesececsesecsesesessusesaesesecassesassesesanseeatenes 44 Earn a NENO eee E ensttotenseree 47 Deleting a Network uu cecscsecscssesscssssssesseesecseseeseeseeseseusensesseeseseusasseseesousausatseseeseusansaseeseeeonss 47 Bandwidth
32. handful of devices because it is difficult to maintain the list of MAC addresses Additionally it is easy to change the MAC address of a station to match one on the accepted list This spoofing is trivial to perform with built in driver tools and it should not be relied upon to provide security MAC authentication can be used alone but typically it is combined with other forms of authentication such as WEP authentication Because MAC addresses are easily observed during transmission and easily changed on the client this form of authentication should be considered nothing more than a minor hurdle that will not deter the determined intruder Dell recommends against the use of MAC based authentication Configuring MAC Authentication To enable MAC Authentication for a wireless network perform the following steps l In the Network tab click the network for which you want to enable MAC authentication The edit link for the network appears 2 Click the edit link The Edit box for the network appears 3 Click Next and perform the following tasks in the Security tab l Fora network with Personal or Open security level select External Radius Server from the MAC Authentication drop down list Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Authentication 81 2 Click the Primary link and perform the following steps Enter the IP address of the external RADIUS server in the IP address text box 4 Enter the au
33. it is both unauthorized and plugged into the wired side of the network An AP is considered to be an interfering AP if it is seen in the RF environment but is not connected to the wired network While the interfering AP can potentially cause RF interference it is not considered a direct security threat since it is not connected to the wired network However an interfering AP may be reclassified as a rogue AP Figure 84 ntrusion Detection lt instant controller Monitoring IDS v Foreign ccess Points Detected Foreign Clients Detected MAC Address Network Classification Chan Type Last Seen _Where MAC Address Network Classification Chan Type Last Seen Where 00 1a 1e 17 da c0 dgaurh t Interfering 11 GN 20MZ 15 47 57 A 00 27 10 8d 94 28 IBM Interfering 1 B 15 48 12 P A 00 24 6c 80 95 c8 ethersph Interfering 161 AN 40MZ 15 47 57 O0 18 de 74 45 17 IBM Interfering 6 G 15 48 12 d E 00 24 6c 06 89 8a tw cert Interfering 44 4 15 47 57 E OO0 22 fa 7a S ae IBM Interfering 1 G 15 46 12 d 00 1a 1e 82 b2 10 vj wpa2p Interfering 60 4 15 47 57 bd 00 26 c6 4c 1c id4 IBM Interfering 1 G 5 48 12 00 06 86 50 47 48 c portal ap Interfering 64 15 47 57 00 27 10 8e 41 d4 IBM Interfering 1 B 15 46 12 00 1a 1e 40 bb 20 nh rap w Interfering 1 GN 20M2Z 15 47 57 00 19 7e 25 78 fd IBM Interfering 1 G 15 48 12 P 00 1c b0 eb da d0 IBM Interfering 6 G 15 47 57 00 1f 3c 1b 80 64 IBM Interfering 1 G 15 48 12 d z 00 24 6
34. the last 15 minutes 1 Log in to the Instant UI The Virtual Controller view appears This is the default view In the Clients tab click the IP address of the client for which you want to monitor the speed The client view appears Study the Speed graph in the RF Trends pane For example the graph on the left shows that the data transfer speed at 12 26 hours is 240 mbps Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Table 17 Client View RF Trends Graphs and Monitoring Procedures Continued Graph Name Description Monitoring Procedure Throughput The Throughput Graph shows the throughput for To monitor the errors for the client for the last 15 minutes the selected client for the last 15 minutes 1 Log into the Instant UI The Virtual Controller view Outgoing traffic Throughput for outgoing appears This is the default view traffic is displayed in green Outgoing traffic 2 In the Clients tab click the IP address of the client for is shown above the median line which you want to monitor the throughput The client Incoming traffic Throughput for incoming view appears traffic is displayed in blue Incoming traffic 3 Study the Throughput graph in the RF Trends pane is shown below the median line For example the graph on the left shows 1 0 kbps To see an enlarged view click the graph outgoing traffic throughput for the client at 12 30 The enlarged view shows Last Minimum hours Maximum
35. to monitor the errors The IAP view appears Study the Errors graph in the RF Trends pane For example the graph on the left shows that the errors for the IAP at 22 48 hours is 9514 0 frames per second NOTE You can also click the rectangle icon under the Errors column in the RF Dashboard pane to see the Errors graph for the selected IAP Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Usage Trends The Usage Trends section displays the following graphs for the selected network Clients Graph Throughput Graph For more information about the usage trends graphs in the instant access point view and or monitoring procedures see Table 16 Table 16 nstant Access Point View Usage Trends and Monitoring Procedures Graph Name Description Monitoring Procedure Clients The Clients graph shows the number of clients To check the number of clients associated with the IAP for associated with the selected IAP for the last15 the last 15 minutes minutes 1 Log in to the Instant UI The Virtual Controller view To see an enlarged view click the graph appears This is the default view The enlarged view provides Last Minimum 2 Inthe Access Points tab click the IAP for which you Maximum and Average statistics for the want to monitor the client association The IAP view number of clients associated with the IAP appears for the last 15 minutes Study the Clients graph in the Usage Trends pane Fo
36. 0 Content filtering Enabled y Date amp Time NTP Server Timezone International Date Line West UTC 12 ly DHCP Server Domain name DNS Server s Lease time Minutes iy OK Cancel The content filtering configuration applies to all the APs in the Dell Instant network and the service is enabled or disabled globally across all the wireless networks that are configured in the Dell Instant Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Content Filtering 99 100 Content Filtering Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 14 OS Fingerprinting The OS Fingerprinting feature gathers information about the client that is connected to the Dell Instant network to find the operating system that the client is running on The following is a list of advantages of this feature Identifying rogue clients Helps to identify clients that are running on forbidden operating systems Identifying outdated operating systems Helps to locate outdated and unexpected OS in the company network Locating and patching vulnerable operating systems Assists in locating and patching specific operating system versions on the network that have known vulnerabilities thereby securing the company network OS Fingerprinting is enabled in the Dell Instant network by default The following operating systems are identified by Dell Instant Windows 7 Windows Vista
37. 00 00 00 00 match_ip 0 0 0 0 Jun 2 06 02 16 sapd 633 lt 106001 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c c8 c4 29 80 bssid_str 00 24 6c 80 96 b1 ssid aruba ap ii 4 u b Help The Help link at the top nght corner of the Instant UI allows you to view a short description or definition of selected terms and fields in the Instant UI To activate the context sensitive help perform the following steps l At the top right corner of Instant UI click the Help link The following box appears below the Help link Figure 15 Help Link For Help click any text in green italics Done 2 Click any text or term displayed in green italic to view its description or definition 3 To disable the help mode click the Done button Logout Use this link to logout of the Instant UL Monitoring This link displays the Monitoring pane This pane can be used to monitor the Dell Instant network Use the down arrow located to the right side of these links to compress or expand the monitoring pane The monitoring pane consists of the following sections Info 28 Instant User Interface Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide RF Dashboard Usage Trends Figure 16 Monitoring on Instant UI Instant Controller Monitoring 1 Client Alet IDS Info RF Dashboard Usage Trends Name Instant Controller Signal Speed Utilization Noise Errors Clients Country code IN IP Aires 0 0 0 0 All Clients Ii A
38. 02 11 management frames of the selected IAP AP Authentication Frames Displays the authentication trace buffer information of the selected IAP AP System Status Displays detailed system status information for the selected IAP AP Crash Info Displays crash log information if it exists for the selected IAP The stored information is cleared from the flash after the AP reboots AP 802 1X Statistics Displays the 802 1X statistics of the selected IAP AP RADIUS Statistics Displays the RADIUS statistics of the selected IAP AP System Status Displays the system status of the selected IAP AP Client Table Displays information of the client connected to the selected IAP AP Association Table Displays information of the selected IAP association AP Allowed Channels Displays information of the allowed channels for the selected IAP AP Radio 0 Stats Displays aggregate debug statistics of the selected IAP Radio 0 AP Radio Stats Displays aggregate debug statistics of the selected IAP Radio 1 Bridge Table Displays bridge table entry statistics including MAC address VLAN assigned VLAN Destination and flag information for the selected IAP User Table Displays datapath user statistics such as current entries pending deletes high water mark maximum entries total entries allocation failures invalid users and maximum link length for the selected IAP Session Table Displays the datapath session table statistics for t
39. 5 dBi m 5 150 GHz to 5 875 GHz 4 0 dBi Figure 2 shows antenna patterns of W IAP105 for 2 45 GHz and 5 5 GHz Figure 2 W IAP105 Antenna Pattern i w E i i NNN adn ig ce AOE Qa i ill lt EN h TT S S ATTN RTT Ne Cop IR aaan STS 16 W IAP Internal Antenna Patterns Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 2 Initial Configuration This chapter provides information that is required to setup Instant and access the Instant User Interface Initial Setup This section provides a pre installation checklist and describes the initial procedures required to set up Dell Instant Pre Installation Checklist Before installing the Instant Access Point IAP make sure that you have the following e Ethernet cable of required length to connect the IAP to the home router e One of the following power sources e IEEE 802 3af compliant Power over Ethernet PoE source The PoE source can be any power source equipment PSE switch or a midspan PSE device Dell power adapter kit this kit is sold separately NOTE PoE is a method of delivering power on the same physical Ethernet wire that is used for data communication Power for devices is provided in one of two ways 2 Endspan The switch that the AP is connected to can provide power Midspan A device can sit between the switch and the AP The choice of endspan or midspan depends on the capabilities of the switch that the
40. 8 c4 29 80 bssid_str 00 24 6c 80 99 a0 ssid Jun 2 05 59 04 sapd 633 lt 106007 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c7 c8 c4 29 80 ssid ap_bssid_str 00 24 6c 80 99 a0 match_mac 00 00 00 00 00 00 match_ip 0 0 0 0 Jun 2 05 59 16 sapd 633 lt 106003 gt AP OAW IAP 10 13 32 60 sapd ssid aruba ap bssid 00 24 6c bd 68 20 Jun 2 05 59 27 sapd 633 lt 106003 gt AP OAW IAP 10 13 32 60 sapd ssid employee4 bssid 00 1a 1e 15 18 00 Jun 2 05 59 27 sapd 633 lt 106003 gt AP OAW IAP 10 13 32 60 sapd ssid guest4 bssid 00 1a 1e 15 18 01 Jun 2 05 59 28 sapd 633 lt 106003 gt AP OAW IAP 10 13 32 60 sapd ssid aruba ap bssid d8 c7 c8 80 18 40 Jun 2 05 59 42 sapd 633 lt 106003 gt AP OAW IAP 10 13 32 60 sapd ssid bssid 00 1a 1e 40 d1 b1 Jun 2 05 59 59 sapd 633 lt 106001 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c7 c8 c4 29 80 bssid_str 00 24 6c 80 96 b1 ssid aruba ap Jun 2 05 59 59 sapd 633 lt 106007 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c7 c8 c4 29 80 ssid aruba ap ap_bssid_str 00 24 6c 80 96 b1 match_mac 00 00 00 00 00 00 match_ip 0 0 0 0 Jun 2 06 00 03 sapd 633 lt 106001 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c7 c8 c4 29 80 bssid_str 00 24 6c 80 96 b0 ssid studentA Jun 2 06 00 03 sapd 633 lt 106007 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c c8 c4 29 80 ssid studentA ap_bssid_str 00 24 6c 80 96 b0 match_mac 00 00 00 00 00 00
41. Access 0 W 4P105 Point aT 20 96 78 161 24 J2 91 00 24 6c cb 30 60 Access 0 W AP105 Portal 5 20 7a 86 161 24 11 91 yangbing8 Access 0 W 4P105 Portal S 20 76 80 153 4 12 91 Instant 8 75 56 Monitoring IDS Info RF Dashboard Usage Trends Name Instant C8i 75 56 Signal Speed Access Points Utilization Noise Errors Clients Country code CN z 7 30 IP Address 10 65 18 233 All Clients atl a yanabinaaz Content filtering disable 00 24 6c c8 ec 7f z Organization 00 24 6c cb 30 60 i Airwave IP 0 0 0 0 Band all 17 25 Throughput bps 100k 10k 100 id u 10 100 ik 10k 100k 17 25 m e a En Ej Status Not Connected Pause 2 NOTE The IAPs in US JP or IL regulatory domain which are in factory default state will scan for several minutes after booting These IAPs will automatically join the mesh if only a single provisioned Instant mesh network is available Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Mesh Network 51 52 Mesh Network Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 6 Managing IAPs The Dell Instant network supports upto 16 W IAPs This chapter describes the auto join mode Terminal Access LED display and Syslog server features in Dell Instant In addition the chapter provides procedures for adding and removing W IAPs editing the W IAP settings and upgrading the firmware on the W IAP using the Instant UL Auto Join Mode Th
42. As and other computer peripherals are connected to each other without any network cables These network elements or clients use radio signals to communicate with each other Wireless networks are set up based on the IEEE 802 11 standards The IEEE 802 11 is a set of standards that are categorized based on the radio wave frequency and the data transfer rate For more information about the IEEE 802 11 standards see Table 4 Table 4 EEE 802 11 Standards Maximum Data Transfer Rate in Mbps IEEE Network Standard Frequency Used in GHz During start up a wireless client searches for radio signals or beacon frames that originate from the nearest AP After locating the IAP the following transactions take place between the client and the IAP l Authentication The IAP communicates with a RADIUS server to validate or authenticate the client 2 Connection After successful authentication the client establishes a connection with the IAP Network Types Dell Instant wireless networks are categorized as Employee Network Voice Network Guest Network Employee Network An Employee network is a classic Wi Fi network This network type is supported with full customization on Dell Instant It will be used by the employees in the organization Passphrase based or 802 1X based authentication methods are supported on this network type Employees can access the protected data of an enterprise through the employee network after successful au
43. Connect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 7 NTP Server For successful and proper communication between various elements in a network time synchronization between the elements and across the network is critical Following are the uses of time synchronization Trace and track security gaps network usage and troubleshoot network issues Map event on one network element to a corresponding event on another Maintain accurate time for billing services and similar Network Time Protocol NTP is required to obtain the precise time from a server and to regulate the local time in each network element If NTP server is not configured in the Dell Instant network an IAP reboot may lead to variation in time and data Configuring an NTP Server The NTP server is set to pool ntp org by default To configure the NTP server on Dell Instant perform the following steps l At the top right corner of the Instant UI click the Settings link 2 In the Settings box click the Basic tab 3 Enter the IP address or the URL domain name of the NTP server in the NTP Server text box and click OK Figure 57 Configuring NTP Server Settings Help Basic Admin RTLS SNMP IDS ARM Advanced Name I nstant Controller IP address 0 0 0 0 Content filtering f Disabled Date amp Time NTP Server pool ntp org o Timezone International Date Line West UTC 12 D
44. Dell PowerConnect W Series Instant Access Point User Guide Copyright 2011 Aruba Networks Inc Aruba Networks trademarks include 4 Al PWavVe Aruba Networks Aruba Wireless Networks the registered Aruba the Mobile Edge Company logo and Aruba Mobility Management System Dell the DELL logo and PowerConnect are trademarks of Dell Inc All rights reserved Specifications in this manual are subject to change without notice Originated in the USA All other trademarks are the property of their respective owners Open Source Code Certain Aruba products include Open Source software code developed by third parties including software code subject to the GNU General Public License GPL GNU Lesser General Public License LGPL or other Open Source Licenses The Open Source code used can be found at this site http www arubanetworks com open_source Legal Notice The use of Aruba Networks Inc switching platforms and software by all individuals or corporations to terminate other vendors VPN client devices constitutes complete acceptance of liability by that individual or corporation for this action and indemnifies in full Aruba Networks Inc from any and all legal actions that might be taken against it with respect to infringement of copyright on behalf of those vendors Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide 0510992 01 July 2011 Contents ADOUCHIS GUAE sates ca eet cnet ecehe ena
45. E A gaeeeasacesemegeeeteoeaces 109 SNMP Parameters Tor JAP cssuanatansestcaaaiacntasgsqaneastiesnanesasuveannad as saaa NEA E ENa EEES a a Ea 109 Airwave Integration and Management cccscsssssssesseseesessrssrsseseesansansesseeseeenses 113 AirWave F atures ccccsccsscssssssscssssessssessssesecseseeseseesessesecsssavsesaeseseeseseesaesesaesesausessesansesaesessesatees 113 Image Viale OC TOI scsies seninnstneesesssenstnanntncestcssnivateatiacetuaubiasaneitnactepnateiaiedieasdeanaeeeriteessecatnnes 113 W IAP and Client Monitoring ccecssesscsssscsssscscsessssesesecessesecseseseesesecassesessusesarsesesanseses 113 Template Based Contiguration cccscesscssssssssssscscssssesssscscsesecsesecessesecassesessesesassesesanseeas 113 Trending Reports ccccsseseescssssessssesessesecseseesesecsesaesecsusecsusecsesaesesausessesessesaesesausesseseeseeaseess 114 Intrusion Detection System essssnsersnsnsensnsrrnnunsrsnnarurnrnarurensnnnranurnnunurursnnnnnrunnnrnnnrnnnnnnnnno 114 Gonnguring AINN aV eect carsonsiapanasseacatennctiglvassienaiaantencstegeveae ceca E EEEN 114 Creating your Organization String c ccessssescscssssescsecscsessesssececsesecsesesessesesassesesseeeatenes 114 Th Shared ROY csssenevacucnscyidinestsiasicscnsasvnnsiannieiunisedvestisetevseinrseaidueauapindeneateieeesuvbieneprtesesshineinaeatnnrah 115 Entering the Organization String and AMP Information into the IAP 115
46. Ea Eri EAEE a AAE EPE AA E E 13 Blo OCI e e EE EEE E E A E E E 13 Intended AUdI NCE ccccssssssssssssssesessssseseeseesessuseuseeseeseseuseuseeseeseseuseuseaseesusenseuseeseesesenseusenseesesens 13 OTA NS cate oes eau E sue teen ivan E E 13 Contacting SUP OLE socsssiecsiisonscaustcesiioustitriesesswesneviasivsbirtseesousidderaaisawesatnnstgisanadaeiieantlinievhivenstetuestheniiontns 14 Chapter 1 W IAP Internal Antenna Patterns ou cc ceesssscssessssesecsessesssseseesessessesesseseesesseeaesess 15 W IAP92 and W IAP93 Antenna Patterns cccccsecssssessescsseseeecseseeseseesesaesessuseeseseeseeanesanees 15 W IAF105 Antenna Ir A GLE Meissneri insi aE E E ER EEEE Eiai 16 Chapter 2 Initial Configuration cecsessescsesessescsesecseseseeesesseseeecsnsesarsesesesasseseseesesesansusetansesesatsnsesass 17 a e D iea aa e E A A E 17 Pre Installation CHeCKIISt cc cescssssessescscsssscsssesscsesesseseseseeseseesesesassesecansesessusecatsesesansesates 17 Connecting the W IAP to a Power Source cecssescssssssestssescsesessesesececsesesaesesecsuseeassusesanseeatenss 18 Assigning an IP Address to the W IAP ccccccsssssscsessesssscsssseeecseseeseseesesaesessuseesuseesesanesanees 18 Connecting to the Provisioning Wi Fi NETWOFK c ccsssessesessscsseseeeececseseessesesseseesesesetanseeasenss 18 Login into Instant User Interface ccccscscsessescssssssecseseesesecsesaeseseeseesesecsesaesesauseseeseesesa
47. Guest network type In this method a web page is displayed to a guest user who tries to access the internet The user has to authenticate or accept company s network usage policy in the web page Two types of captive portal authentication are supported on Dell Instant Internal Captive Portal External Captive Portal Internal Captive Portal In the Internal Captive Portal type an internal server is used to host the captive portal service Internal captive portal authentication is classified as follows Internal Authenticated T o gain access to the wireless network a user must authenticate in the captive portal page If this option is selected then users who are required to authenticate have to be added to the user database Click the Users link to add the users For information about adding users see Adding a User on page 133 Internal Acknowledged To gain access to the wireless network a user must accept the terms and conditions Configuring Internal Captive Portal Authentication when Adding a Guest Network To configure internal captive portal authentication when adding a guest network perform the following steps 1 In the Network tab click the New link The New Network box opens 2 In the Basic Info tab perform the following l Enter a name for the network in the Name SSID text box 2 Click the Guest radio button and click Next 3 In the Security tab select one of the following options for the splash page type
48. HCP Server Domain name DNS Server s Lease time Minutes OK Cancel Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide NTP Server 65 66 NTP Server Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 8 Virtual Controller Dell Instant does not require an external controller to regulate and manage the Wi Fi network Any IAP in the Dell Instant network dynamically takes up the role of a Virtual Controller VC without impacting the network It coordinates stores and distributes all the settings required to provide a centralized functionality to regulate and manage the Wi Fi network The virtual controller also functions like any other AP with full RF scalability It also acts as a node coordinating DHCP address allocation for network address translated clients ensuring mobility of the clients when they roam between different IAPs Master Election Protocol The Dell Instant network supports 16 IAPs without any external controller However there is a need to manage the network The Master Election Protocol enables the Dell Instant network to dynamically elect an IAP to take on a VC role allow graceful failover to a new virtual controller when the existing VC is down and avoid race conditions This protocol ensures stability of the network during initial startup or when the VC goes down by allowing only one IAP to self elect as a VC Virtual C
49. K Cancel Enter the username in the Username text box Enter the password in the Password text box and reconfirm Select appropriate network type from the Type drop down list Click Add and click OK The users are listed in the Users list J A A ON N Editing User Settings To edit user settings perform the following steps l At the top right corner of the Instant UI click the Users link The Users box appears 2 In the Users section select the username for which you want to edit the settings and click Edit The user s details appear on the right side 3 Edit as required and click OK Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide User Database 133 Deleting a User To delete a user perform the following steps l At the top right corner of the Instant UI click the Users link The Users box appears 2 Inthe Users section select the username that you want to delete and click Delete To delete all users or multiple users at a time select the usernames that you want to delete and click Delete All K NOTE Deleting a user only removes the user record from the user database and won t disconnect the online user under this username 134 User Database Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 22 Regulatory Domain The IEEE 802 11 b g n Wi Fi networks operate in 2 4 GHz and IEEE 802 1 1a n operate in 5 0 GHz spectrum These spectrums are divided into channels
50. Perform the following steps 1 Select the required key options from the Key management drop down list Available options are WPA 2 Personal WPA Personal Both WPA 2 amp WPA Static WEP If you selected Static WEP then do the following Select appropriate WEP key size from the WEP key size drop down list Available options are 64 bit and 128 bit Select appropriate Tx key from the Tx Key drop down list Available options are 1 2 3 and 4 Enter an appropriate WEP key in the WEP Key text box and reconfirm Enter a passphrase in the Passphrase text box and reconfirm Select the required option from the MAC authentication drop down list Available options are None This option provides open authentication Any client that requests association is allowed to connect to the network Open authentication is not recommended unless you want users to gain quick access to the network External RADIUS Server For information on configuring an external RADIUS server see Configuring an External RADIUS Server on page 70 You select the Open security level Select the required MAC authentication from the MAC authentication drop down list Available options are None This option provides open authentication Any client that requests association is allowed to connect to the network Open authentication is not recommended unless you want users to gain quick access to the network External RADIUS Server For information on conf
51. Preferred Access Allocates Airtime to all the clients but preference is for higher performing clients Figure 82 Air Time Fairness Mode Settings Basic Admin RTLS SNMP IDS ARM Advanced Client Control Band steering mode Prefer 5Ghz Airtime fairness mode Access Point Control Customize valid channels Valid SGHz channels Fil 364 Fj 44 El 52 El 60 Wliao is7 Valid 2 4GHz channels W 4 El 2 El 3 E 4 Els Me Elz Ale E s El 10 1i El a2 Flas Min transmit power is Max transmit power masdi OK Cancel Customize valid channels You can customize the valid 5GHz channels and the valid 2 4 GHz channels for the IAP Min transmit power Minimum effective isotropic radiated power EIRP from 3 to 33 dBm in 3 dBm increments You may also specify a special value of 127 dBm for regulatory maximum to disable power adjustments for environments such as outdoor mesh links Higher power level settings may be constrained by local regulatory requirements and AP capabilities In the event that an AP is configured for a Min Tx EIRP setting it cannot support this value will be reduced to the highest supported power setting Default 18 dBm Max transmit power Maximum effective isotropic radiated power EIRP from 3 to 33 dBm in 3 dBm increments Higher power level settings may be constrained by local regulatory requirements and AP capabilities In the event that an AP is configured for a
52. Security tab Click Next The Access tab appears The Allow any to all destinations access rule is enabled by default This rule allows traffic to all destinations T o define deny bootp service access rule except to a network perform the following steps Click the New button The New Rule box appears 2 Select Deny from the Action drop down list 3 Select bootp from the Service drop down list 4 Select except to a network from the Destination drop down list Enter appropriate IP address in the IP text box Enter appropriate netmask in the Netmask text box 5 Click OK Click Finish Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 79 Defining Rule Deny bootp Service Except to a Particular Network New Network Basic Info Access Rules More Control Role based Network based Unrestricted Less Control Access Rules 1 Allow any to all destinations New Rule Action Service except to a network 7 IP Netmask Back Finish Cancel Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Instant Firewall 97 98 Instant Firewall Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 13 Content Filtering Dell Instant uses OpenDNS to implement the Content Filtering feature OpenDNS is a Domain Name System DNS resolution service provider It offers features such as misspelling correction phishing prot
53. The 2 4 GHz spectrum is divided into 14 overlapping staggered 20 MHz wireless carrier channels These channels are spaced 5 MHz apart The 5 GHz spectrum is divided into more channels The channels that can be used in a particular country differ based on the regulations of that country The initial Wi Fi setup requires you to specify the country code for the country in which the Dell Instant will operate This configuration sets the regulatory domain for the radio frequencies that the IAPs use Within the regulated transmission spectrum a high throughput 802 1 1a 802 11b g or 802 1 1n radio setting can be configured The available 20 MHz and 40 MHz channels are dependent on the specified country code You cannot change the country code for the IAPs designated for US Japan and Israel Improper country code assignment can disrupt wireless transmissions Most countries impose penalties and sanctions on operators of wireless networks with devices set to improper country codes Table 19 shows the list of country codes Figure 105 Specifying a Country Code Welcome to Instant Please specify the Country Code Select a country code Country Codes List Table 19 Country Codes List Code Country Name a Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Regulatory Domain 135 Table 19 Country Codes List Continued Code Country Name C C C C C 2 136 Regulatory Domain Dell PowerConnect W I
54. a aA All Access Points E Content filtering disable Organization N AirWave IP 0 0 0 0 Band all N amm mmmn mmm mn m Throughput bps Displays the configuration information of the virtual controller by default In a Network View this section displays configuration information of the selected network Similarly in an Instant Access Point View or Client View this section displays the configuration information of the selected IAP or the client Figure 17 nfo Section in the Monitoring Pane Instant Controller Info Name Instant Controller Country code IN IP Address 0 0 0 0 Content filtering disable Organization AirWave IP 0 0 0 0 Band all RF Dashboard Allows you to view trouble spots in the network It displays the following information Figure 18 RF Dashboard in the Monitoring Pane RF Dashboard Utilization Note Errors All Clients All Access Points The following table lists the icons in the RF Dashboard Table 3 RF Dashboard Icons Icon AVETE Signal bar Noise icon Errors icon Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Instant User Interface 29 Clients Lists the clients with low speed or signal strength in the network Signal Displays the signal strength of the client Depending on the signal strength of the client the color of the lines on the Signal bar changes from Green gt Orange gt Red Green Signal strength is more than 20 decibe
55. and 5 4 GHz band or both Type Network type Employee Guest or Voice IP Assignment Source of IP address for the client Authentication Server System s internal server or External RADIUS server MAC Authentication Settings for MAC authentication Enabled or Disabled Captive Portal Status of Captive portal Enabled or Disabled HIDE SSID Settings for hiding the network Enabled or Disabled Access Rules Access rules settings Usage Trends The Usage Trends section displays the following graphs for the selected network Clients 120 Monitoring Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 95 Clients Graph Clients 1U ii Throughput Figure 96 Throughput Graph Throughput kbps 100 1U TUL Last 1 Min 1 Max 1 Avg 1 Out In Last 0 0 Min 0 0 Max 26 24 Ava 13 12 For more information about the graphs in the network view and for monitoring procedures see Table 14 Table 14 Network View Graphs and Monitoring Procedures Graph Name Description Clients The Clients graph shows the number of clients associated with the network for the last 15 minutes To see an enlarged view click the graph The enlarged view provides Last Minimum Maximum and Average statistics for the number of clients associated with the Virtual Controller for the last 15 minutes To see the exact number of clients in the Dell Instant network at a particular ti
56. and Average statistics for the incoming and outgoing traffic throughput of the client for the last 15 minutes To see the exact throughput at a particular time hover the cursor over the graph line Mobility Trail The Mobility Trail section displays the following mobility trail information for the selected client Association Time The time at which the selected client was associated with a particular IAP It shows the client IAP association for the last 15 minutes Access Point IAP name with which the client was associated K NOTE Mobility information about the client is reset each time it roams from one IAP to another Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Monitoring 129 130 Monitoring Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 20 Alert Types and Management Alerts are generated when a user encounters problems while accessing or connecting to the Wi Fi network These alerts enable you to troubleshoot the problems The alerts that are generated on Dell Instant can be categorized as follows 02 11 related association and authentication failure alerts 802 1X related mode and key mismatch server and client time out failure alerts IP address related failure Static IP address or DHCP related alerts Table 18 displays a list of alerts that are generated on the Dell Instant network Table 18 Alerts List Type Code Descripti
57. and drop down list Provides various options for which you can generate support logs Target drop down list Provides a list of IAPs in the network 26 Instant User Interface Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Run button Click this button to generate the support log for the selected option and IAP Access point tabs Displays support log for the selected IAPs To view the logs and information perform the following steps l L At the top right corner of Instant UI click the Support link The Support box appears Select the required option from the Command drop down list For example Active Configuration 3 Select all IAPs or required IAP from the Target drop down list for which you want to view the Active configuration 4 Click Run K NOTE For more information use the support commands under the supervision of Dell technical support You can view the following information for each access point in the Dell Instant network using the support box AP Summary Displays the IAP configuration Debug Logs Displays debug logs of the selected IAP Driver Logs Displays the driver logs of the selected IAP Tech Support Dump Displays the technical support dump logs of the selected IAP Active Configuration Displays the active configuration of virtual controller Saved Configuration Displays the saved configuration of virtual controller AP Management Frames Displays the traced 8
58. apter 3 Instant User Interface The Instant User Interface UI provides a standard web based interface that allows you to configure and monitor a Wi Fi network It is accessible through a standard web browser from a remote management console or workstation JavaScript must be enabled on the web browser to view the Instant UI Supported browsers are Internet Explorer 7 or higher Safari Chrome Mozilla Firefox K NOTE The Instant UI logs out automatically if the window is unattended for about fifteen minutes Understanding the Instant Ul Layout The Instant UI consists of the following elements Banner Search Tabs Links Views These elements are explained in the following sections Figure 7 Basic Sections in the Instant UI VIRTUAL CONTROLLER PowerConnect W Series Emp_Network1 Instant Access Point 1 192 168 11 199 New MONITORING LINKS Instant C4 42 98 Monitoring IDS Info RF Dashboard Name Instant C4 42 98 Country code IN PAR 0 0 0 0 All Clients aafll za az All Access Points E E 5 Content filtering disable Organization AirWave IP 0 0 0 0 Band all Usage Trends Signal Speed Utilization Noise Errors Clients of VIRTUAL CONTROLLER ee ee INFORMATION AIRWAVE SETUP LINK mw O74 07 20 07 25 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Instant User Interface 21 Banner The banner 1s a horizontal grey rectangle that appears at the top left corner of the Instan
59. association and Quality of Service QoS for LAN to mesh communication to clients and performs mesh backhaul network connectivity A mesh radio can be configured to carry mesh backhaul traffic only Mesh points use one of their wireless interfaces to carry traffic and reach the controller NOTE Any provisioned IAP that has an ethernet link is a mesh portal and the IAP without an ethernet link is a mesh point Instant Mesh Setup This section provides instructions on how to create a simple mesh network on Instant To setup a mesh network perform the following steps 1 Wire all IAPs to a DHCP server so the IAPs get their IP addresses in the same subnet 2 An open SSID instant will be listed Connect a laptop to the default open instant SSID Figure 34 Open Instant SSID Cumenthy connected to Seay instant amp F Intemet access fk eerie m PEE l La invtant Connected 4 employee _35 ehenspherse pal ehhersphare aig best nde ftunmel eeno best wall an antl ethersphere wocers wit al anl antl corp laptop Open Meteork and Sharing Center Type http instant dell pcew com in the browser 4 Click I understand the risks and Add exception to ignore the certificate warnings that the client does not recognize the certificate authority Figure 35 Untrusted Connection Window This Connection is Untrusted Tow Furor miri Fingies be donee spargi te JO ob bed an Larit g orar Peet y
60. ation name text box 3 Enter the IP address of the AirWave server in the Airwave IP text box 4 Enter the shared key in the Shared key text box and reconfirm This shared key is used for configuring the first AP in the Dell Instant network 5 Click OK Airwave Discovery through DHCP Option The AirWave configuration can also be performed on the DHCP option that is configured on the DHCP server You can configure this only if the Airwave is not configured earlier or have deleted the precedent configuration On the DHCP server the format for option 60 is ArubaInstantaP and the format for option 43 is ams ip ams key Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Airwave Integration and Management 115 116 Airwave Integration and Management Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 19 Monitoring Monitor the Dell Instant network IAPs Wi Fi networks and clients in the network for various parameters using one or all of the following views Virtual Controller View Network View Instant Access Point View Client View This chapter provides information about the parameters that can be monitored using these views It also provides procedures to monitor these parameters Virtual Controller View The Virtual Controller view is the default view This view allows you to monitor the Dell Instant network The following Instant UI elements are available in thi
61. atus Not Set Up Set Up Now Pause Info The Info section provides the following information about the selected IAP Name Name of the selected client IP Address IP address of the client MAC Address MAC Address of the client OS Operating System that is running on the client Network Network to which the client is connected to Access Point IAP to which the client is connected to Channel Channel that the client is using Type Channel type that the client is broadcasting on RF Dashboard In the Client view the RF Dashboard section is moved below the Info section The RF Dashboard section in the client view shows the speed and the signal information for the client and the RF information for the IAP to which the client is connected to RF Trends The RF Trends section displays the following graphs for the selected client Signal 126 Monitoring Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 100 Signal Graph Signal dB 60 Last 55 40 Min 50 Max TA vg 54 20 0 12 20 1 pede 12 30 e Frames Figure 101 Frames Graph Frames fps 10 In Out Retries In Retries Out Last 0 1 0 0 Min 0 1 0 0 0 Max 0 0 0 Avg 0 3 0 0 10 12 20 1 ep 12 30 e Speed Figure 102 Speed Graph Speed mbps 300 Last 216 200 Min 6 Max 270 vg 138 100 12 25 12 30 TZ e Throughput Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Monitoring 127
62. b l In the Networks tab click the network which you want to delete An x appears against the network to be deleted 2 Click x A delete confirmation box appears 3 Click Delete Now Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Wireless Network 47 Bandwidth Contracts The IAP supports three types of bandwidth limits Percentage of Airtime Air Time allocated to SSID Fach user Per User per SSID contract specified in kbps Fach radio Per radio per SSID contract specified in kbps 48 Wireless Network Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 5 Mesh Network The Dell Instant secure enterprise mesh solution is an effective way to expand network coverage for outdoor and indoor enterprise environments without any wires Using mesh you can bridge multiple Ethernet LANs or you can extend your wireless coverage As traffic traverses across mesh IAPs the mesh network automatically reconfigures around broken or blocked paths This self healing feature provides increased reliability and redundancy the network continues to operate if an IAP stops functioning or a connection fails K NOTE A mesh network can be configured only on IAP 105 By default the 5Ghz radio is always enabled on the mesh This chapter describes the Dell Instant secure enterprise mesh architecture in the following topics Mesh Instant Access Points Mesh IAPs learn abou
63. ce Machine Authentication Finish Cance Click OK The Allow any to all destinations access rule is enabled by default This rule allows traffic to all destinations To create new access rules see Example Access Rules on page 93 To delete a user role select the user role and click the Delete button Creating Role Assignment Rules To create role assignment rules for the user role perform the following steps l A Click New button in the Role Assignment Rules table The default user role is the newly created user role Select the attribute from the Attribute drop down list To view the list of supported attributes see List of supported VSA s on page 72 Select the operator from the Operator drop down list The following types of operators are supported e contains To check if the attribute contains the operand value e Is the role To check if the role is same as the operand value e equals To check if the attribute is equal to the operand value e not equals To check if the attribute is not equal to the operand value e starts with To check if the attribute the starts with the operand value e ends with To check if the attribute ends with the operand value Enter the string to match the String text box Select the appropriate role from the Role drop down list Click OK Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 74 Creating Role Assignment Rules New Ne
64. ch the foreign AP is operating Type Displays the Wi Fi type of the foreign AP Last seen Displays the time when the foreign AP was last detected in the network Where Provides information about the IAP that detected the foreign AP Click the pushpin icon to view the information Foreign Clients Detected Lists the clients that are not controlled by the virtual controller The following information is displayed for each foreign client MAC address Displays the MAC address of the foreign client Network Displays the name of the network to which the foreign client 1s connected Classification Displays the classification of the foreign client Interfering client Channel Displays the channel in which the foreign client is operating Type Displays the Wi Fi type of the foreign client Last seen Displays the time when the foreign client was last detected in the network Where Provides information about the IAP that detected the foreign client Click the pushpin icon to view the information For more information on the intrusion detection feature see Chapter 16 Intrusion Detection System Figure 22 ntrusion Detection on Instant UI instant controller Monitoring IDS v Foreign Access Points Detected Foreign Clients Detected MAC Address Network Classification Chan Type Last Seen wWhere MAC Address Network Classification Chan Type Last Seen Where OO 1a le 17 da cO dgaurh t Interfering 11 GN 20MZ 15 47 57
65. characters 78 Authentication Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 66 Customizing a Splash Page Edit Guest_Network Help Security Level ciel emer Splash Page Preview Type of splash page Internal Authenticated C Internal Acknowledged narnia C External This network is not secure and use is at your own risk Authenticatioi For internal s E Encryption 4 Click Next and then click Finish Disabling Captive Portal authentication To disable captive portal authentication perform the following steps 1 In the Network tab click the network for which you want to disable captive portal authentication The edit link for the network appears 2 Click the edit link The Edit box for the network appears 3 Click Next and clear the Splash page check box in the Security tab Figure 67 Disabling Captive Portal Authentication Edit Guest_Network1 E 2 Ee Security Level E Splash page E Encryption Back Next Cancel a a es 4 Click Next and click Finish Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Authentication 79 External Captive Portal Dell Instant supports external captive portal authentication The external portal can be in a cloud or on a server outside the enterprise network Configuring External Captive Portal Authentication when Adding a Guest Network To configure exter
66. commended containment method 108 Intrusion Detection System Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 17 SNMP Dell Instant supports versions 1 2c and 3 of Simple Network Management Protocol SNMP for reporting purposes only In other words SNMP cannot be used for setting values in an Dell system in the current IAP SNMP Parameters for IAP You can configure the following parameters for IAP Table 12 SNMP Parameters for IAP Description Community Strings for SNMPV1 and SNMPV2 Community strings used to authenticate requests for SNMP versions before version 3 NOTE This is needed only if using SNMP v2c and is not needed if using version 3 If you are using SNMPvs3 to obtain values from the Dell controller you can configure the following parameters Authentication Protocol An indication of whether messages sent on behalf of this user can be authenticated and if so the type of authentication protocol used This can take one of the two values MD5 HMAC MD5 96 Digest Authentication Protocol SHA HMAC SHA 96 Digest Authentication Protocol Authentication protocol password If messages sent on behalf of this user can be authenticated the private authentication key for use with the authentication protocol This is a string password for MD5 or SHA depending on the choice above Privacy protocol An indication of whether messages sent on behalf of this user can be protected from discl
67. csat ivasievoedetesadupuatsbraaseeseeniacsemdeycagteomar 121 Figure 96 Throughput Grap i veresre ne oss anarsoucs ea eae coer tas aaa aa E aa 121 Figure 97 Instant Access Point VICW ccccecseescssssesssscsessesecseseesesecsesaesecausecsuseesesassesausessusessesassesausecseeatees 122 Figure 98 P 2D AN SHI PD AE A E A E A A E EA A A 123 Figure 99 EMT VE a A E E 126 Figure 100 nal Gr e E A E E ee 127 Figure 101 FUN SOI GI less aeshiecesn en eeseuesdesty anansecasmetionsvassuestaavotant jensaesaaan TE raa EEan UTA EAA D 127 Figure 102 Speca G QIN eee E E E E dswesets een eaneuedneets 127 Figure 103 Throughput Graph sarisi aa 128 Figure 104 Adding A USET osrresrminn s a Aa 133 Figure 105 Specifying a Lountry GOS misessa eiea Ea aE NANNE AENEA 135 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide 9 10 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Table 1 Table 2 Table 3 Table 4 Table 5 Table 6 Table 7 Table 8 Table 9 Table 10 Table 11 Table 12 Table 13 Table 14 Table 15 Table 16 Table 17 Table 18 Table 19 Table 20 Tables CONERO aa 13 Gonta cing UNIO OU eacee aE E EEEE EEEE 14 RAF Dasnpoard ICONS sisiane isinan save as aires cai dStautdesateaantverdace nates Aaaa aaeaeeaaddetiy nants 29 IEEE 802 11 QUANG ANO Sec ieuctiscisvarssicceapssnnssiiantocsestrasiebsoinnesdtesnsi dankateushteissinenwasseisesislaesnsesmnundtentatedvas 35 Conditions for Adding an Employee Network Bas
68. d admin Figure 5 nstant User Interface Login Screen Welcome to Instant P L VIRTUAL DOL CONTROLLER Username Password ess Log In Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Initial Configuration 19 When you use the provisioning Wi Fi network to connect to the internet all browser requests are directed to the Instant user interface For example if you enter www example com in the address field you will be directed to the Instant user interface You can change the default login credentials after your first login Specifying the Country Code K NOTE Skip this section if you are installing the IAP in United States Japan or Israel Dell Instant Access Points are shipped in four variants W IAP US United States W IAP JP Japan W IAP IL Israel W IAP ROW Rest of World After you successfully login to the Instant user interface a Country Code box appears if W IAP ROW APs are installed Select the right country code for the installed W IAP ROW APs For the complete list of the countries that are supported in the W IAP ROW variant type see Regulatory Domain on page 135 Figure 6 Specifying the Country Code Welcome to Instant Please specify the Country Code j Select a country code bd 20 Initial Configuration Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Ch
69. d Management The AirWave status is displayed on the right side of the language links in the Instant UL If the AirWave status 1s Not Set Up click the Set Up Now link to set up the AirWave The Settings box appears with Admin tab selected For information to configure AirWave see Configuring AirWave on page 114 Figure 23 AirWave Setup Link AirWave Configuration settings Help Basic Admin RTLS SNMP IDS ARM Advanced Local Authentication Internal o Cdw Username ladmin o Password lesse i tts Retype lessee i tts AirWave Organization AirWave IP 192 1 0 0 Shared key leesceee Retype lessees OOO O Ly OK Cancel Pause Resume The Pause Resume link is located at the bottom right corner of the Instant UI The Instant UI is automatically refreshed after every 15 seconds by default Click the Pause link to pause the automatic refreshing of the Instant UI When the automatic Instant UI refreshing is paused the Pause link changes to Resume Click the Resume link to resume automatic refreshing The Pause link is useful when you want to analyze or monitor the network or a network element and therefore do not want the user interface to refresh Automatic refreshing allows you to get the latest information about the network and network elements Views Depending on the link or tab that is clicked the Instant UI displays information about the virtual controller Wi Fi networks IAPs or the c
70. d IP address and then reboots Connecting to the Provisioning Wi Fi network Connect a wireless enabled client to the provisioning Wi Fi network The provisioning network name is instant In the Microsoft Windows operating system click the wireless network connection icon in the system tray The Wireless Network Connection box appears Click on the instant network and click Connect In the MAC operating system click the AirPort icon A list of available Wi Fi networks is displayed Click on the instant network K NOTE While connecting to the provisioning Wi Fi network ensure that the client is not connected to any wired network 18 Initial Configuration Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 3 Connecting to Provisioning Wi Fi network Microsoft Windows Currently connected to office Internet access Wireless Network Connection off Open Network and Sharing Center 6 59 PM SS po Cy Po ee DETI Click here to see the list of wireless networks Select instant from the list Figure 4 Connecting to Provisioning Wi Fi network MAC OS Click here to see the list of wireless networks Select instant from the list 4 Airport On Turn Airport Off Login into Instant User Interface Open a web browser and enter http nstant dell pew com in the address field In the login screen enter the 12 06 PM 27DecQ following credentials Username admin Passwor
71. ddress Available Variables sendifs name Shostnames 320V ap_include_8 E esr pa ap_include_1 ap_include_9 organization KMart eis Ri ae ate HE aie ap_include_10 syslog server 10 15 76 239 ap_include_2 terminai access ap_include_3 ap_include_4 ap_include_5 rf band all ap_include_6 ap_include_7 jams ip manager ip address ams key password allow new aps allowed aps momt user admin 39icS5 60bf4b498d5096f79576cd29d2 wlan ssid profile instant v Save Cance Trending Reports AirWave saves up to two years of actionable information including network performance data and user roaming patterns so you can analyze how network usage and performance trends have changed over time It also provides the detailed capacity reports with which you can plan the capacity and plan right strategies for your organization Intrusion Detection System AirWave provides advanced rules based rogue classification It automatically detects rogue W IAPs irrespective of their location in the network It prevents authorized W IAPs from being detected as rogue W IAPs It tracks and correlates the IDS events to provide a complete picture of network security Configuring AirWave This section describes how to configure AirWave Before configuring the AirWave you need the following IP address of the AirWave server Shared key for service authorization This is assigned by the AirWave administrator Creating your Organization String The Organ
72. dure To check the throughput of the selected network for the last 15 minutes 1 Log in to the Instant UI The Virtual Controller view appears This is the default view In the Networks tab click the network for which you want to check the client association The Network view appears Study the Throughput graph in the Usage Trends pane For example the graph on the left shows 22 0 kbps incoming traffic throughput for the selected network at 12 03 hours All IAPs in the Dell Instant network are listed in the Access Points tab Click the IAP that you want to monitor Access Point view for that AP appears Similar to the Virtual Controller view the Access Point view also has three tabs Networks Access Points and Clients The following sections in the Instant UI provide information about the selected IAP Info RF Dashboard RF Trends Usage Trends Figure 97 Instant Access Point View Powered by VIRTUAL CONTROLLER PowerConnect W Series Aruba Networks DOLL Instant Controller Users Settings Servers Roles Maintenance Support Help Logout Ry 2 Networks 6 1 Access Point Name Clients Instant Access Point 1 edit a 1C Emp_Network1 Guest_Network New E Instant Access Point Info Overview Instant Access Point 169 254 239 202 Name Neighboring APs IP Address CPU Utilization 150 Se ee 100 Mode Access Clients 1 Type W AP105 CPU Utilization 11 Be coe me aco Me
73. e Auto Join Mode feature allows the W IAPs to automatically 1 Discover the virtual controller 2 Join the network 3 Begin functioning The Auto Join Mode feature is enabled by default When the Auto Join Mode feature is disabled a New link appears in the Access Points tab Click this link to add W IAPs to the network For more information see Adding an W IAP to the Network on page 55 Also when this feature is disabled W IAPs that are configured but not active appear in red Disabling Auto Join Mode To disable Auto Join Mode perform the following steps At the top right corner of Instant UI click the Settings link The Settings box appears l In the Settings box click the Advanced tab 2 Select Disabled from the Auto join mode drop down list Figure 38 Disabling Auto Join Mode Settings Basic Admin RTLS SNMP IDS ARM Advanced Preferred band All Dynamic RADIUS proxy Disabled e Auto join mode Enabled Terminal access Disabled e LED display Enabled Syslog server 0 0 0 0 Syslog level Notice 7 OK Cancel 3 Click OK Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Managing IAPs 53 LED Display Administrators have the ability to turn off LED for all IAPs in an Instant network Go to Settings gt Advanced gt LED Display to enable or disable the LEDs When enabled all LEDs are turned off Use this option in environ
74. e Clear Configuration button allows you to delete or clear the current configuration of the network and reset to provisioning configuration Certificates Displays information about current certificate installed in the network Provides interface to upload new certificates and to set passphrase for the certificates For more information see Certificates on page 82 Firmware Displays the current firmware version and provides options to upgrade to a new firmware version For more information see Manual Firmware Image Check and Upgrade on page 63 Reboot Displays the IAPs in the network and provides an option to reboot the required access point or all access points For more information see Rebooting the W IAP on page 61 Convert Provides an option to change the virtual controller managed network to an Dell Mobility Controller managed network For more information see Migrating from a Virtual Controller Managed Network to Mobility Controller Managed Network on page 59 Figure 13 Maintenance Link Default View Maintenance Help About Configuration Certificates Firmware Reboot Convert Name Dell PowerConnect W ArubaOS Controller Software Type W APLOS Build Time 2011 06 27 18 38 54 PDT Version 5 0 3 0 1 1 0 0_28954 Website http www dell com Legal Copyright c 2002 2011 Aruba Networks Inc Close Support This link displays the Support box The Support box consists of following Comm
75. e RADIUS server operating locally When you enable the Internal RADIUS server option for the network the authenticator on the IAP sends a RADIUS packet to the local IP address The Internal RADIUS server listens and replies to the RADIUS packet The following authentication methods are supported in Dell Instant network EAP TLS The Extensible Authentication Protocol Transport Layer Security method supports the termination of EAP TLS security using the internal RADIUS server The EAP T LS requires both server and certification authority CA certificates installed onto the IAP The client certificate is verified on the Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Authentication 69 controller the client certificate must be signed by a known CA before the user name is checked on the authentication server EAP TTLS MSCHAPv2 The Extensible Authentication Protocol Tunneled Transport Layer Security EAP T TLS method uses server side certificates to set up authentication between clients and servers However the actual authentication is performed using passwords EAP PEAP MSCHAPv2 Protected Extensible Authentication Protocol PEAP is an 802 1X authentication method that uses server side public key certificates to authenticate clients with server The PEAP authentication creates an encrypted SSL TLS tunnel between the client and the authentication server Exchange of information is encrypted and stored in the t
76. e matched For more information see Chapter 12 Instant Firewall To edit the default rule perform the following steps a Select the rule and click the Edit button b Select appropriate options in the Edit Rule box and click OK To define an access rule perform the following steps a Click the New button b Select appropriate options in the New Rule box c Click OK Figure 29 Adding an Employee Network Access Rules Tab Network New Network EEE Access Rules More Control Access Rules 1 Allow any to all destinations Role based New 4 Network based Unrestricted Back Finish Cancel 6 Click Finish The network is added and listed in the Networks tab Voice Network Use the Voice network type when you want devices that provide only voice services like handsets or only applications that require voice like prioritization need connectivity Adding a Voice Network This section provides the procedure to add a voice network 1 In the Networks tab click the New link The New Network box appears Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Wireless Network 41 Figure 30 Adding a Voice Network Basic Info Tab New Network Help Basic Information Name SSID Voice_Network1 Less Primary Employee Band All usage Voice Hide SSID Guest Client IP Network assigned Bandwidth Limits 7 g assignment pace
77. eceive a response to Check the status of the DHCP server in the out its DHCP request in time network 132 Alert Types and Management Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 21 User Database In Dell Instant the user database consists of a list of guest and employee users Addition of a user involves specifying a username and password for the user The login credentials for these users are provided outside the Dell Instant system A guest user can be a visitor who will be temporarily using the enterprise network to access the internet However you would not want to share the internal network and the intranet with them To segregate the guest traffic from the enterprise traffic you can create a Guest WLAN specify the required authentication encryption and access rules and allow the guest user to use the enterprise network An employee user is the employee who will be using the enterprise network for various official tasks You can create Employee WLANs specify the required authentication encryption and access rules and allow the employees to use the enterprise network Adding a User To add a user perform the following steps l At the top right corner of the Instant UI click the Users link The Users box appears Figure 104 Adding a User Users 0 Type Add new user Username JohnDoe Password eeeeseese Retype ETTE Type Guest Add O
78. ection and integrated web content filtering For more information on OpenDNS refer http www opendns com The Content Filtering feature allows you to create internet access policies that allow or deny user access to websites based on the website categories and security ratings This feature is useful to Prevent known malware hosts from accessing your wireless network Improve employee productivity by limiting access to certain websites Reduce bandwidth consumption significantly When this feature is enabled on Dell Instant all external DNS requests are forwarded to OpenDNS servers A user 1s allowed or denied access to a website depending on the blacklist and whitelist entries in these servers Internal DNS requests are forwarded to the internal DNS server This feature also enables the IAP to store or cache the responses from the OpenDNS servers When the IAP receives an access request it searches the cache memory If a suitable record is found the IAP responds accordingly instead of contacting the DNS server again Enabling Content Filtering To enable content filtering using the Instant UI perform the following steps l At the top right corner of the Instant UI click the Settings link 2 Select Enabled from the Content Filtering drop down list and Click OK Figure 80 Enabling Content Filtering Settings Help Basic Admin RTLS SNMP IDS ARM Advanced Name Instant Controller IP address 0 0 0
79. eeseseesssaesecseseeseseesesaesesauseeaeseesesausesenseses 62 Manual image GNEC Kessen esros T EAE 63 Configuring NTP S rvel ccccccsssesssssscsssscsssesecseseesssesecsesesassesesaesesassesesesseseseesesassusecassesatsesesaaseeass 65 Specifying Virtual Controller Name and IP Address ou ceesessescessesesseecssseseeseeesesseseeaseeeeeans 67 Configuring the DHOP Server cescssssesssssscssssesssecscsessesesesecsesesaesesecaeseseeeesesessusecatsesesausessesesass 68 Configuring External RADIUS Server cccsssessssescsssscsesessssesessesesecesseseeseeseeseseeaesesessnsesaeensass 71 Enabling Instant RADIUS sce sees saz ense cosas edesesessaaeeestanesaacsavaine araara EEEa AAAA AEEA 71 Management Authentication Settings cccssssssescscssssessesssessssesseecesseseesseesesseseeassesessesesatensass 75 Configuring Captive Portal when Adding A Guest Network cceeeeeesseseseeessseseeseeeereen 76 Configuring Captive Portal when Editing a Guest N tWOFK cceeeeseesssseeseeeseseeseeeerees 77 Configuring Internal Captive Portal with External Radius Server Authentication 78 CUSTOMIZING a Splash PaQe ccsescscssssesssesscssseesesesecsesecsssesessesesassesececseseceesesessesecaesesetaesesaeseeass 79 Disabling Captive Portal AUTHENTIC ATION cc cecescscssesesseessesessesesececsesecseseseesesecassesetseseeatensass 79 Configuring External Captive Portal when Adding a Guest Network cccecsseeess
80. el Packets Lost Add Port To IP Address Aruba AP Group Aruba Admin Role Aruba Essid Name Aruba Location Id Aruba Named User VLAN Aruba Port Id Aruba Priv Admin User Aruba Template User Aruba User Role Aruba User VLAN CHAP Challenge Callback Id Callback Number Class Connect Info Connect Rate Crypt Password Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide DB Entry State Digest Response Domain Name EAP Message Error Cause Event imestamp Exec Program Exec Program Wait Expiration Fall Through Filter Id Framed AppleTalk Link Framed AppleTalk Network Framed AppleTalk Zone Framed Compression Framed IP Address Framed IP Netmask Framed IPX Network Framed MTU Framed Protocol Framed Route Framed Routing Full Name Group Group Name Hint Huntgroup Name Idle Timeout Login IP Host Login LAT Node Login LAT Port Login LAT Service Login Service Login T CP Port Menu Message Auth NAS Port Type Password Password Retry Port Limit Prefix Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Authentication 73 74 Authentication Prompt Rad Authenticator Rad Code Rad Id Rad Length Reply Message Revoke Text Server Group Server Name Service lype Session l imeout Simultaneous Use State Strip User Name Suffix Termination Action Termination Menu T unnel Assignment Id Tunnel Client Auth Id Tunnel Client Endpoint Tunnel Connection Id Tunnel Medium Type
81. el Perform the following steps 1 Select the required key options from the Key management drop down list Available options are WPA 2 Enterprise WPA Enterprise Both WPA 2 amp WPA Dynamic WEP with 802 1x Select the required Authentication server option from the Authentication server 1drop down list Available options are External If you select this option then an external radius server has to be configured to authenticate the users For information on configuring an external RADIUS server see Chapter 9 Authentication Internal Server If you select this option then users who are required to authenticate with the internal RADIUS server must be added Click the Users link to add the users For information on adding a user see Adding a User on page 133 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Wireless Network 37 Table 6 Conditions for Adding an Employee Network Security Tab Continued You want to use the default security level Personal Perform the following steps 1 Select the required key options from the Key management drop down list Available options are WPA 2 Personal WPA Personal Both WPA 2 amp WPA Static WEP If you have selected Static WEP then do the following Select appropriate WEP key size from the WEP key size drop down list Available options are 64 bit and 128 bit Select appropriate Tx key from the Tx Key dropdown list Available optio
82. er Specify statically OK Cancel 4 Select the Get IP address from DHCP server or Specify statically option If you selected the Specify statically option perform the following steps a Enter the new IP address for the W IAP in the IP address text box b Enter the netmask of the network in the Netmask text box c Enter the IP address of the default gateway in the Default gateway text box Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Managing IAPs 57 d Enter the IP address of the DNS server in the DNS server text box e Enter the domain name in the Domain name text box Figure 47 Configuring W IAP Connectivity Settings Specifying Static Settings Edit Access Point Instant Access Point Name Connectivity Radio External Antenna IP address for Access Point Get IP address from DHCP server Specify statically IP address aani Netmask 255 255 255 255 Default gateway 1 1 1 1 DNS server 1 1 1 1 Domain name www example com OK Cancel 5 Click OK and reboot the W IAP Configuring Adaptive Radio Management Adaptive Radio Management ARM is enabled in Dell Instant by default However if ARM is disabled perform the following steps to enable it For more information about ARM see Adaptive Radio Management on page 103 1 Inthe Access Points tab click the W IAP for which you want to configure ARM The edit link appear
83. esecsesesecseseeassesesansesasenes 77 CUSTOMIZING a Splash Page cccsssesesesecesssseseseceesesecseeesecseseeassecessesesassesesaeseeatneeeass 78 Disabling Captive Portal authentication cccccscssssesessescsssessessececseseesseesesseseeaseees 79 External Captive Portal cccccccscssesssssscscssssesesecsesessessseceesssecsesesessusecassesessusesatsesessuseeaseesess 80 Configuring External Captive Portal Authentication when Adding a Guest Network 80 Configuring External Captive Portal Authentication when editing a Guest Network 80 MAC Authentic CLO OI Misereor oea ccs ci E Ea neuenirerieoe 81 Configuring MAC Authentication cceessescessssesssecscsessesssecessesesassesesseseeassesessesesaseneeeens 81 CFU UG i E o OEE pues E E anes eset E tes E E E oncechauvonenseenn 82 Loading Certificates lt cicascasescucsaccitavsariasessduviosuiieetanssenaidesiaai asusnatsiveiisavsaavsiecssbeansvansoosdednessanointu 82 Chapter 10 ROE DEVAN ON ra es vectiegonissanceerentvacesarsaetn ane iieiaeeaee 85 UGS gl a6 ci oaa A R AAA E ee E E 85 Gr eatmg a New User ROl races cesasnncegezenasexunseces arava carednazdouesansiasdtntenissomeitecuigriaeenayensiuees 85 Creating Role Assignment RUIGS cccesssssccssssesssesecesecssseseeseseesseesessesesaseesessesesasneeeass 86 Chapter 11 Oue 0 2a ac ee aero nr ee eee ee 89 Chapter 12 Morant TUG VIN a esaa E E 91 BS EOS ODIO ena N 91 Destination Options ccessssescsssssses
84. eseeeees 80 Configuring External Captive Portal Authentication when editing a Guest Network 81 Configuring MAC Authentication cccccscssssssssscscsssscsssecscsesessssesecessesessesesessusesassesessesesaeeeass 82 Loading Certificates ssistsecsdixvsascnaspoesvacwondesesesswrctavbiucicgatine vsdasauderanisanenassGedcantiaesitanausntnrdnsebnediasDiie ian 83 Access Tab Instant User Role SettingS cccssssssssssssesssecscsessesseececsesecseseseeseecassesesaeseeaseess 85 Creating a New SON ONG sanasasdnscnncscvstiiadesssonnpinesecdonaesinoohacntanedencenviasnsaniteansinspestvaaaneesecnuensenontatts 86 Creating Role Assignment RUI S cccscscscssssesssscscssssesssesscsesesessesecessesecsesesessusesassesessusessesesass 87 Access Tab Instant Firewall Settings cccccssssssssscssssesssscsssesssseseeesessesecsesesecsesecassesessusesaees 91 Defining Rule Allow TCP Service to a Particular Network ccccceesessesssessseesseeeesseseeaeeees 94 Defining Rule Allow POPS Service to a Particular Server ccscsssssesssssscssssesssesesseseeseeess 95 Defining Rule Deny FTP Service Except to a Particular Server sssssssscccsncrcrs 96 Defining Rule Deny bootp Service Except to a Particular Network ssssssssccccnsrss 97 Enabling Content Filtering saseesrazhsnecasnctgestazassaeceseacvastaqessdneugscctuats scoxnsunabeatannociastouisatiatsaeteieandneeniiens 99 OS Fingerprinting ou cceessescscssssesesececseseesese
85. et up the Dell Instant wireless network infrastructure Conventions The following conventions are used throughout this manual to emphasize important concepts Table 1 Conventions Type Style Description Italics This style is used to emphasize important terms and provide cross references to other books Screen input and output This style is used to illustrate Screen output On screen system prompt Filenames software devices and specific commands Bold This style is used to emphasize Instant Ul elements For example name of a text box or the name of a drop down list Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide About this Guide 13 The following informational icons are used throughout this guide K NOTE Indicates helpful suggestions pertinent information and important things to remember A N WARNING Indicates a risk of personal injury or death CAUTION Indicates a risk of damage to your hardware or loss of data Contacting Support Table 2 Contacting Support Support Site support dell com Documentation Website support dell com manuals 14 About this Guide Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 1 W IAP Internal Antenna Patterns This chapter provides information about the internal antenna patterns in W IAP92 W IAP93 and W IAP105 W IAP92 and W IAP93 Antenna Patterns The antenna specifications of W IAP92 and W IAP93 a
86. ew IAP to the network Also if an IAP is configured and not active its MAC Address is displayed in red The expanded view displays the following information about each IAP Name Name of the access point IP Address IP address of the IAP Mode Mode of the IAP Clients Number of clients that are connected to the IAP Type Model number of the IAP Mesh Role Role of the mesh IAP Channel Channel the IAP is currently broadcasting on Power dB Maximum transmit EIRP of the radio Utilization Utilization percentage of the IAP radios Noise dBM Noise floor of IAP An edit link appears on clicking the IAP name For details about editing IAP settings see Editing W IAP Settings on page 56 Figure 9 Access Points Tab Compressed View and Expanded View W 1 Access Point Name Clients Instant Access Point 1 Access Point Name IP Address Mode Clients Type Mesh Role Channe Power dB Utilization Noise dBm Channe Power dB Utilization Noise dBm Instant Access Point 10 13 32 60 Access 0 105 Portal 11 23 48 93 157 20 3 87 Clients Tab This tab displays a list of clients that are connected to the Dell Instant network The client names appear as links The expanded view displays the following information about each client Name Name of the client IP Address IP address of the client MAC Address MAC address of the client OS Operating system that the client is running on
87. figure the external RADIUS Server The edit link for the network appears Click the edit link The Edit box for the network appears Click Next and perform the following tasks in the Security tab l For a network with Personal or Open security level select External Radius Server from the MAC Authentication drop down list 2 Click the Primary link and perform the following steps a Enter the IP address of the external RADIUS server in the IP address text box b Enter the authorization port number of the external RADIUS server in the Auth Port text box The port number is set to 1812 by default c Enter a shared key for communicating with the external RADIUS server in the Shared key text box d Enter the virtual controller IP address in the NAS IP address text box The NAS IP address is the virtual controller IP address that is sent in the data packets 3 Click the Backup link and set appropriate values for the backup RADIUS server Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 60 Configuring External RADIUS Server Edit Emp_Network1 Help Security Level ual WPA 2 Enterprise Secure Key management Authentication server 1 New Enterprise Authentication s New Server Name Personal IP address E Auth port 1812 Open a Shared key Retype key a NAS IP address Secure NAS identifier N OK Cancel 4 Click Next and click Finish Enabl
88. h AirWave using the HTTPS protocol This allows an AirWave server to be deployed in the cloud across a NAT device such as a router AirWave Features This section describes the AirWave features that are available in the Dell Instant network Image Management AirWave allows updating the firmware on WLAN devices by defining a minimum acceptable firmware version for each make and model of a device It remotely distributes the firmware image to the WLAN devices that require updates and also schedules the firmware updates such that updating is completed without the necessity to manually monitor the devices The following models can be used to upgrade the firmware Directed In this model the user initiates a new image upgrade by giving a command to the virtual controller with a URL that provides the new image location Automatic In this model the virtual controller periodically checks for newer updates from a configured URL and automatically initiates upgrade of the network W IAP and Client Monitoring AirWave allows you to find any W IAP or client on the wireless network and to see real time monitoring views These monitoring views can be used to aggregate critical information and high end monitoring information Template Based Configuration AirWave automatically creates a configuration template based on any of the existing W IAPs and it applies that template across the network as shown in Figure 89 It audits every device on an ongoi
89. he following W IAP settings Name IP Address Adaptive Radio Management ARM Configuration External Antenna Configuration Migrating from a Virtual Controller Managed Network to Mobility Controller Managed Network Changing W IAP Name To change the W IAP name perform the following steps 1 Inthe Access Points tab click the AP of the W IAP that you want to rename The edit link appears Figure 44 Editing W IAP Settings 6 1 Access Point Name Clients Instant Access Point 2 Click the edit link 56 Managing IAPs Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 45 Changing W IAP Name Edit Access Point Instant Access Point Name Connectivity Radio External Antenna Name Instant Access Point OK Cancel 3 Edit the W IAP name in the Name text box 4 Click OK Changing IP Address of the W IAP The Instant UI allows you to change the IP address of the W IAP connected to the network To change the IP address of the W IAP perform the following steps 1 Inthe Access Points tab click the W IAP for which you want to change the IP address The edit link appears 2 Click the edit link The Edit AP box appears 3 Click the Connectivity tab Figure 46 Configuring W IAP Settings Connectivity Tab Edit Access Point Instant Access Point Name Connectivity Radio External Antenna i IP address for Access Point 9 Get IP address from DHCP serv
90. he selected IAP Route Table Displays datapath route table statistics for the selected IAP Datapath Statistics Displays the hardware packet statistics for the selected IAP VLAN Table Displays the VLAN table information such as VLAN memberships inside the datapath including L2 tunnels for the selected IAP BSSID Table Displays the Basic Service Set BSS table of the selected IAP Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Instant User Interface 27 IDS Status Displays WLAN Interface Data Structures WLAN Interface Switch Status and RTLS Configuration tables for the selected IAP IDS AP Table Displays the Monitored IAP Table which lists all the APs monitored by the selected IAP ARM Bandwidth Management Displays bandwidth management information for the selected IAP ARM History Displays the history of channel and power changes due to Adaptive Radio Management ARM for the selected IAP ARM Neighbors Displays the ARM settings for the selected AP s neighbors ARM RF Summary Displays the state and statistics for all channels being monitored by the selected IAP ARM Scan Times Displays AM channel scan times for the selected IAP Use this command under the supervision of Dell technical support to help debug process errors Figure 14 Support Box Support O Command Debug Logs Target Instant Access Point VC E2 Run Instant Access Point Jun 2 05 57 37 sapd 633
91. hentication authorization and accounting management For authentication purpose the wireless client can associate to a network access server NAS or RADIUS client such as a wireless IAP The wireless client can pass data traffic only after successful 802 1X authentication The steps involved in 802 1 X authentication are The NAS requests authentication credentials from the wireless client The wireless client sends the authentication credentials to the NAS The NAS sends these credentials to a RADIUS server The RADIUS server checks the user identity and begins authentication with the client if the user identity is present in its database The RADIUS server sends an Access Accept message to the NAS Bh WYN NO If the RADIUS server cannot identify the user it stops the authentication process and sends an Access Reject message to the NAS The NAS forwards this message to the client and the client must re authenticate with correct credentials 5 After the client is authenticated the RADIUS server forwards the encryption key to the NAS The encryption key 1s used to encrypt or decrypt traffic sent to and from the client NOTE A NAS acts as a gateway to guard access to a protected resource A client connecting to the wireless network first connects to the NAS The Dell Instant network supports internal RADIUS server and external RADIUS server for 802 1x authentication Internal RADIUS Server Each IAP has an instance of Fre
92. hentication or encryption settings and try to associate again Check the configuration on the IAP to see if the desired rate can be supported if not consider replacing the IAP with another model that can support the rate Consider expanding capacity by installing additional IAPs or balance load by relocating IAPs This condition may be indicative of a misbehaving client Try to locate the client device and check its hardware and software Identify the client and check its 802 1X credentials If the IAP is using the internal RADIUS server recommend checking the related configuration as well as the installed certificate and passphrase If the IAP is using an external RADIUS server check if there are any issues with the RADIUS server and try connecting again Alert Types and Management 131 Table 18 Alerts List Continued Type Code Description 100309 RADIUS server authentication failure 100410 Integrity check failure in encrypted message Details Corrective Action The IAP cannot authenticate this client Ascertain the correct authentication using 802 1X because the RADIUS server credentials and log in again rejected the authentication credentials password etc provided by the client The IAP cannot receive data from this Check the encryption setting on the client client because the integrity check of the and on the IAP received message MIC has failed DHCP request timed This client did not r
93. ic Info Tab uu eeseessseeecsseeseeseeeeeeees 36 Conditions for Adding an Employee Network Security Tabu cecessessssseecsseesseseeseeeees 37 Conditions for Adding a Voice Network Basic Info Tab esssssseessrriirrnn 42 Conditions for Adding a Voice Network Security Tab uuu escsseseseeeessssssesssesesseseesseeeeees 43 Conditions for Adding a Guest Network Basic Info Tabu ccc csccssseesscssssssesssseeeseeeesanes 45 Network Service Options uuu cceesssscscssssssesssscsesesseseeecscsesessesececsuseceesesesessecaesesessusesassesesoesesanseeass 91 Des naton WOON Ss esesres ces cree sarees chae ace ra AN 93 SNMP Parameters for IAP sinecsisasutciesaeesiaieeionve vwisiesitaastadanoncateatasiastpiancsiidduenatsciqiauisieuveiieaenvensdtards 109 Virtual Controller View Graphs and Monitoring Procedures ccccsessssesscsssseeeeeeeseseees 119 Network View Graphs and Monitoring ProC dures csesssesccssssesssessssssseaseesssseseeasenss 121 Instant Access Point View RF Trends Graphs and Monitoring Procedures 000 124 Instant Access Point View Usage Trends and Monitoring Procedures cceceee 125 Client View RF Trends Graphs and Monitoring Procedures ccessssesscssesesseeesesseeeseeees 128 PVM Scere nae steer tcp sanc ae A A E E T EE E E EA 131 County Codes LIS teurie a E a 135 ADDICION e E A 139 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide 11 12 Dell PowerCon
94. ick Next The Security tab appears This tab allows you to configure the captive portal page for the Guest network Select one of the following splash page type Table 9 Conditions for Adding a Guest Network Basic Info Tab Splash Page Type Description and steps to set up Internal Authenticated A user has to accept the terms and conditions and enter a username and password on the captive portal page If this option is selected then add the users who are required to use the captive portal authentication to the user database Click the Users link to add the users For information about adding a user see Adding a User on page 133 For information on customizing the splash page see Customizing a Splash Page on page 78 Internal Acknowledged A user has to accept the terms and conditions for this splash page type For information on customizing the splash page see Customizing a Splash Page on page 78 External An external server will be used to display the splash page to the user If this option is selected then do the following Enter the IP or hostname of the external server in the IP or hostname text box Enter the URL of the captive portal page in the URL text box Enter the number of the port to be used for communicating with the external server in the Port text box In the Authentication text box enter the unique signature that the external server will return in the response after a successful user authenticatio
95. icon changes from Green gt Orange gt Red Green Utilization is less than 50 percent Orange Utilization is between 50 75 percent Red Utilization is more than 75 percent To view the utilization graph of an IAP click on the Utilization icon against the IAP in the Utilization column Noise Displays the noise floor of the IAPs Noise is measured in decibels meter Depending on the noise floor the color of the lines on the Noise icon changes from Green gt Orange gt Red Green Noise floor is more than 87dBm Orange Noise floor is between 80 dBm 87 dBm Red Noise floor is less than 80 dBm To view the noise floor graph of an IAP click on the noise icon against the IAP in the Noise column Errors Displays the errors for the IAPs Depending on the errors color of the lines on the Errors icon changes from Green gt Yellow gt Red Green Errors are less than 5000 frames per second Orange Errors are between 5000 10000 frames per second Red Errors are more than 10000 frames per second To view the errors graph of an IAP click on the Errors icon against the IAP in the Errors column Usage Trends Displays the following graphs Clients In the default Virtual Controller view the Clients graph displays the number of clients that were associated with the virtual controller for the last 15 minutes In Network or IAP view this graph displays the number of clients that were associated with the selected
96. iguring an external RADIUS server see Configuring an External RADIUS Server on page 70 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Wireless Network 43 4 Click Next The Access tab appears The Allow any to all destinations access rule is enabled by default This rule allows traffic to all destinations Instant Firewall treats packets based on the first rule matched For more information see_Chapter 12 Instant Firewall To edit the default rule perform the following steps a Select the rule and click the Edit button b Select appropriate options in the Edit Rule box and click OK To define an access rule perform the following steps a Click the New button b Select appropriate options in the New Rule box c Click OK 5 Click Finish The network is added and listed in the Networks tab Guest Network The Guest wireless network is created for guests visitors contractors and any non employee users who will use the enterprise Wi Fi network The virtual controller assigns the IP address for the guest clients Captive portal or passphrase based authentication methods can be set for this wireless network Typically a guest network is an un encrypted network However you can specify encryption settings in the Security tab step 5 of the following procedure Adding a Guest Network This section provides the procedure to add a guest network 1 In the Networks tab click the New
97. ing Instant RADIUS To enable Instant RADIUS perform the following steps l At the upper right corner of the Instant UI click the Settings link 2 In the Settings box click the Advanced tab 3 Select Enabled from the Dynamic RADIUS Proxy drop down list Figure 61 Enabling Instant RADIUS settings Basic Admin RTLS snmp 105 ARM Advanced O Preferred band All a Dynamic RADIUS proxy Enabled Auto join mode Enabled Terminal access Disabled LED display Enabled w Syslog server Syslog level 4 Click OK RADIUS Server Authentication with VSA An external RADIUS server authenticates network users and returns to the IAP the vendor specific attribute VSA that contains the name of the network role for the user The authenticated user is placed into the management role specified by the VSA Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Authentication 71 72 Authentication List of supported VSA s Instant supports the following types of VSA s AP Group AP Name ARAP Features ARAP Security ARAP Security Data ARAP Zone Access Acct Authentic Acct Delay Time Acct Input Gigawords Acct Input Octets Acct Input Packets Acct Link Count Acct Multi Session Id Acct Output Gigawords Acct Output Octets Acct Output Packets Acct Session Id Acct Session lime Acct Status Type Acct Terminate Cause Acct Tunn
98. io Management e Advanced View or edit the preferred band for the network dynamic RADIUS Proxy and Auto join mode settings For information about dynamic RADIUS Proxy and Auto join mode see External RADIUS Server on page 70 and Auto Join Mode on page 53 Figure 12 Settings Link Default View Settings Help Basic Admin RTLS SNMP IDS ARM Advanced Name Instant Controller IP address 0 0 0 0 Content filtering Disabled gt Date amp Time NTP Server Timezone International Date Line West UTC 12 r DHCP Server Domain name DNS Server s Lease time Minutes c Ly OK Cancel Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Instant User Interface 25 Servers This link displays the RADIUS Server box This box allows you to add new server To add a new radius server see Configuring an External RADIUS Server on page 70 Roles This link displays the Roles box You can create new user roles and new rules for the user roles For more information see User Roles on page 85 Maintenance This link displays the Maintenance box The Maintenance box allows you to maintain the Wi Fi network It consists of the following tabs About Displays the Build Time IAP model name Dell OS version Dell website homepage and Copyright information Configuration Displays the current configuration of the network Th
99. io signals Available options are All 2 4 GHz and 5 GHz The All option is selected by default It is also the recommended option b Hide SSID Select this check box if you want to hide the SSID network name from the users 42 Wireless Network Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide 3 Click Next and set appropriate security levels using the slider button in the Security tab Default selection is Personal Available options are Enterprise Personal and Open Table 8 Conditions for Adding a Voice Network Security Tab If then You select the Enterprise security level Perform the following steps 1 Select the required key options from the Key management drop down list Available options are WPA 2 Enterprise WPA Enterprise Both WPA 2 amp WPA Dynamic WEP with 802 1x Select the required RADIUS server option from the RADIUS Server drop down list Available options are External If you select this option then an external radius server has to be configured to authenticate the users For information on configuring an external RADIUS server see Configuring an External RADIUS Server on page 70 Internal If you select this option then users who are required to authenticate with the internal RADIUS server must be added Click the Users link to add the users For information about adding a user see Adding a User on page 133 You want to use the default security level Personal
100. ization String is a set of colon separated strings created by the AirWave administrator to accurately represent the deployment of each Dell Instant system This string is entered into the Dell Instant UI by the on site installer AMP Role Org Admin initially disabled 114 Airwave Integration and Management Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide AMP User Org Admin assigned to the role Org Admin Folder Org under the Top folder in AMP Configuration Group Org Additional strings in the Organization String are used to create a hierarchy of subfolders under the folder named Org subfolder would be a folder under the Org folder subfolder2 would be a folder under subfolder The Shared Key The Shared Secret key is used by the administrator to manually authorize the first Virtual Controller for an organization Any string 1s acceptable Entering the Organization String and AMP Information into the IAP l Click the AirWave Set Up Now link in the bottom middle region of the Instant UI The Settings box with the AirWave tab selected appears Figure 90 Configuring AirWave Settings Help Basic Admin RTLS SNMP IDS ARM Advanced Local Authentication Internal Username admin Password TEIT Retype essre AirWave Organization Dell AirWave IP 192 1 0 0 Shared key esses Retype essere OK Cancel 2 Enter the name of your organization in the Organiz
101. l when Editing a Guest Network Edit Guest_Network1i Help Security Level E splash page Splash Page Preview Welcome to the Guest Network Type of splash page s Internal Authenticated Internal Acknowledged _ External Encryption Back Next Cancel The appearance of a splash page can be customized as required For information on customizing a splash page see Customizing a Splash Page on page 78 4 Click Next and click Finish Configuring Internal Captive Portal with External Radius Server Authentication when Adding a Guest Network To configure internal captive portal with external radius server authentication perform the following steps 1 In the Network tab click the New link The New Network box opens 2 In the Basic Info tab perform the following l Enter a name for the network in the Name SSID text box 2 Click the Guest radio button and click Next In the Security tab select External for the splash page type 4 Enter the following details for the External Splash Page a IP or hostname P address of the external splash page server b URL URL of the external splash page server c Port Port used for communicating with the external splash page server d Authentication text Text string returned by the external server after successfull authentication 5 Click Next Associate to the new SSID and access any URL Dell PowerConnect W Instant Access Point 5 0 3 0 1
102. lients in the Info section The views on the Instant UI are classified as follows Virtual Controller view The Virtual Controller view is the default view This view allows you to monitor the Dell Instant network Network view The Network view provides information that is necessary to monitor a selected wireless network All Wi Fi networks in the Dell Instant network are listed in the Networks tab Click the name of the network that you want to monitor Network view for the selected network appears Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Instant User Interface 33 Instant Access Point view The Instant Access Point view provides information that is necessary to monitor a selected IAP All IAPs in the Dell Instant network are listed in the Access Points tab Click the name of the IAP that you want to monitor Access Point view for that IAP appears Client view The Client view provides information that is necessary to monitor a selected client In the Virtual Controller view all clients in the Dell Instant network are listed in the Clients tab Click the IP address of the client that you want to monitor Client view for that client appears For more information on the graphs and the views see Chapter 19 Monitoring 34 Instant User Interface Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 4 Wireless Network In a Wireless LAN WLAN laptops desktops PD
103. link The New Network box appears Figure 31 Adding a Guest Network Basic Info Tab New Network Basic Information Name SSID Guest_Network1 lt Less Primary E Employee Band All usage E T Voice Hide SSID E Guest Client IP Network assigned Bandwidth Limits assignment E E E M Percentage of Airtime Each user kbps 0 Virtual Controller assigned v Each Fick hi Next Cancel 2 In the Basic Info tab perform the following steps a Type a name for the network in the Name SSID text box 44 Wireless Network Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide b Select the Guest radio button from the Primary usage options This selection determines the primary usage of the network being added The Client IP assignment selection automatically changes to Virtual Controller assigned The virtual controller creates a private subnet and VLAN for the IAPs and the wireless clients The virtual controller NAT s all traffic out of this interface For more information see Chapter 11 Guest DMZ 3 Click the More link and perform the following steps These steps are optional a Band Set the band at which the network will transmit radio signals Available options are All 2 4 GHz and 5 GHz The All option is selected by default It is also the recommended option b Hide SSID Select this check box if you want to hide the SSID network name from the users 4 Cl
104. ls Orange Signal strength is between 15 20 decibels Red Signal strength is less than 15 decibels To view the signal graph for a client click on the signal bar against the client in the Signal column Speed Displays the data transfer speed of the client Depending on the data transfer speed of the client the color of the Signal bar changes from Green gt Orange gt Red Green Data transfer speed is more than 50 percent of the maximum speed supported by the client Orange Data transfer speed is between 25 50 percent of the maximum speed supported by the client Red Data transfer speed is less than 25 percent of the maximum speed supported by the client To view the data transfer speed graph of a client click on the speed icon against the client in the Speed column Access Points Lists the IAPs whose utilization noise or errors are not within the specified threshold The IAP names appear as links When the IAP is clicked the IAP configuration information is displayed in the Info section The RF Dashboard section is pushed to the bottom left corner of the Instant UI The RF Trends section appears in its place This section consists of the Utilization Band frames Noise Floor and Errors graphs For more information on the graphs see Chapter 19 Monitoring Utilization Displays the radio utilization rate of the IAPs Depending on the percentage of utilization the color of the lines on the Utilization
105. lt 106003 gt AP OAW IAP 10 13 32 60 sapd ssid qa_kg1 bssid 00 1a 1e 5c d9 e0 Jun 2 05 57 45 sapd 633 lt 106008 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c7 c8 c4 29 80 mac_addr f0 7b cb a3 92 8c ssid ethersphere voip ap_bssid_str 00 24 6c 80 3 90 Jun 2 05 57 57 sapd 633 lt 106001 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c7 c8 c4 29 80 bssid_str 00 1a 1e 5c d9 e0 ssid qa_kg1 Jun 2 05 57 57 sapd 633 lt 106007 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c c8 c4 29 80 ssid qa_kg1 ap_bssid_str 00 1a le 5c d9 e0 match_mac 00 00 00 00 00 00 match_ip 0 0 0 0 S Jun 2 05 58 02 sapd 633 lt 106001 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c7 c8 c4 29 80 bssid_str 00 1a 1e 40 d1 b1 ssid E Jun 2 05 58 02 sapd 633 lt 106007 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c c8 c4 29 80 ssid ap_bssid_str 00 1a 1e 40 d1 b1 match_mac 00 00 00 00 00 00 match_ip 0 0 0 0 Jun 2 05 58 39 sapd 633 lt 106003 gt AP OAW IAP 10 13 32 60 sapd ssid qa_kg1 bssid 00 1a 1e 5c d9 e0 Jun 2 05 59 03 sapd 633 lt 106001 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c c8 c4 29 80 bssid_str 00 24 6c cb e2 e0 ssid ipv6 alpha Jun 2 05 59 03 sapd 633 lt 106007 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c c8 c4 29 80 ssid ipv6 alpha ap_bssid_str 00 24 6c cb e2 e0 match_mac 00 00 00 00 00 00 match_ip 0 0 0 0 Jun 2 05 59 04 sapd 633 lt 106001 gt AP OAW IAP 10 13 32 60 sapd bssid d8 c c
106. lticast applications are not supported in the Guest DMZ virtual controller assigned networks In Dell Instant Guest DMZ performs the following functions Automatically segregates guest network users and employee or voice network users Stops guest users from accessing internal network Auto NATs guest traffic as it passes from the enterprise network to the Internet Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Guest DMZ 89 90 Guest DMZ Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 12 Instant Firewall A firewall is a system designed to prevent unauthorized Internet users from accessing the private network connected to the Internet It defines access rules and monitors all data entering or leaving the network and blocks the data that does not satisfy the specified security policies Dell Instant implements the Instant Firewall feature that uses a simplified firewall policy language An administrator can define the firewall policies on an SSID or wireless network such as the Guest network or an Employee network At the end of authentication these policies are uniformly applied to users connected to that network The Instant Firewall gives the flexibility to limit packets or bandwidth available to particular class of users Instant Firewall treats packets based on the first rule matched Figure 75 Access Tab Instant Firewall Settings New Network Hel
107. mation 3 Click Next and set appropriate security levels using the slider button in the Security tab 4 Click Next The Access tab appears The Allow any to all destinations access rule is enabled by default This rule allows traffic to all destinations To define allow POP3 service access rule to a particular server perform the following steps 1 Click the New button The New Rule box appears 94 Instant Firewall Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide 2 Select Allow from the Action drop down list Select pop3 from the Service drop down list 4 Select to a particular server from the Destination drop down list and enter appropriate IP address in the IP text box 5 Click OK 5 Click Finish Figure 77 Defining Rule Allow POP3 Service to a Particular Server New Network Basic Info Security Access Rules More Control Access Rules 1 Allow any to all destinations Role based Network based Unrestricted Cancel Less Control Back Finish Cancel Deny FTP service except to a particular server 1 Click the New link in the Networks tab To define the access rule to an existing network click the network The edit link appears Click the edit link and navigate to the Access tab 2 In the Basic Info tab enter the appropriate information 3 Click Next and set appropriate security levels using the slider button in the Securit
108. me hover the cursor over the graph line Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Monitoring Procedure To check the number of clients associated with the network for the last 15 minutes 1 Log in to the Instant UI The Virtual Controller view appears This is the default view In the Networks tab click the network for which you want to check the client association The Network view appears Study the Clients graph in the Usage Trends pane For example the graph on the left shows that one client is associated with the selected network at 12 00 hours 2 Monitoring 121 122 Monitoring Table 14 Network View Graphs and Monitoring Procedures Continued Graph Name Description The Throughput graph shows the throughput of the selected network for the last 15 minutes Outgoing traffic Throughput for outgoing traffic is displayed in green Outgoing traffic is shown above the median line Incoming traffic Throughput for incoming traffic is displayed in blue Incoming traffic is shown below the median line To see an enlarged view click the graph The enlarged view provides Last Minimum Maximum and Average statistics for the incoming and outgoing traffic throughput of the network for the last 15 minutes To see the exact throughput of the selected network at a particular time hover the cursor over the graph line Throughput Instant Access Point View Monitoring Proce
109. ments where LEDs can be a distraction Figure 39 LED Display Settings ee Admin RTLS SNMP IDS ARM Menez Preferred band All Dynamic RADIUS proxy Disabled Auto join mode Disabled ie Terminal access Disabled ie LED display Disabled Enabled Syslog server Syslog level Notice K NOTE The LED display will be always in Enabled mode while rebooting the IAP Terminal Access To enable or disable the telnet access to the W IAP s CLI go to Settings gt Advanced gt Terminal access Figure 40 Terminal Access Basic Admin RTLS SNMP IDS ARM Advanced Preferred band All Dynamic RADIUS proxy Disabled Auto join mode Terminal access LED display Syslog server Syslog level Notice 54 Managing IAPs Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Syslog Server Go to Settings gt Advanced gt Syslog Server to specify a Syslog Server for sending all syslog messages to the external servers Figure 41 Syslog Server Settings Basic Admin RTLS SNMP IDS ARM Advanced Preferred band All Dynamic RADIUS proxy Disabled x Auto join mode Disabled Terminal access Enabled x LED display Enabled Syslog server Syslog level Critical Error Warning Notice Information Debug OK Cancel Addi
110. mory Free 73 MB Valid Interfering Rogue Wie arg iui RF Dashboard 3 3 Neighboring Clients Memory Free MB Signal Speed z e p nes eee een emnen A All Clients I a aA En ex Name 1 Client Associated with Instant Access Point Network Emp_Networkl Instant Acce 4 1 134 294 U 154 Overview Radio 1 2 4 GHz Chan 11 Radio 2 5 GHz Chan 149 Clients ek A A A A E Throughput bps kaen Status Not Set Up Set Up Now Pause Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Info The Info section provides the following information about the selected IAP Name Name of the selected IAP IP Address P address of the IAP Clients Number of clients associated with the IAP Type Model number of the IAP CPU Utilization CPU utilization in percentage Memory Free Memory availability of the IAP in Mega Bytes RF Dashboard In the Instant Access Point view the RF Dashboard section is moved below the Info section It lists the IP address of the clients that are associated with the selected IAP if the signal strength or the data transfer speed of the client is low RF Trends The RF Trends section has two links 2 4 GHz and 5 GHz The 2 4 GHz link is clicked by default and the following graphs are displayed for that band Utilization 2 4 GHz Frames Figure 98 2 4 GHz Frames Graph 2 4 GHz Frames fps P Out In 1K Last 0 1651 10 D Min 0 1354 pE i Max O
111. n If you do not want to set the captive portal authentication clear the Splash page check box Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Wireless Network 45 Figure 32 Adding a Guest Network Splash Page Settings New Network Help Security Level Splash page Splash Page Preview Welcome to the Guest Network Type of splash page 9 Internal Authenticated F Internal Acknowledged Te iL External Authentication serwer 1 InternalServer or internal server Users Certificates E Encryption Back Next Cancel 5 Select the Encryption check box and perform the following steps These steps are optional a Select the required key management option from the Key management drop down list Available options are e WPA 2 Personal e WPA Personal e Both WPA 2 amp WPA e Static WEP If you selected Static WEP then do the following 1 Select the appropriate WEP key size from the WEP key size drop down list Available options are 64 bit and 128 bit 2 Select the appropriate Tx key from the Tx Key drop down list Available options are 1 2 3 and 4 3 Enter an appropriate WEP key in the WEP Key text box and reconfirm 4 Enter a passphrase in the Passphrase text box and reconfirm 46 Wireless Network Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 33 Configuring a Splash Page Encryption Settings New Network Basic Info Securi
112. nal captive portal authentication when adding a guest network perform the following steps 1 In the Network tab click the New link The New Network box appears 2 In the Basic Info tab perform the following l Enter a name for the network in the Name SSID text box 2 Select the Guest radio button and click Next 3 In the Security tab click the External button and perform the following steps Enter the IP address or the hostname in the IP or hostname text box 2 Enter the URL for the splash page in the URL text box 3 Enter the number of the port to be used for communicating with the external server in the Port text box 4 In the Authentication text box enter the unique signature that the external server will return in the response after a successful authentication Figure 68 Configuring External Captive Portal when Adding a Guest Network New Network Help Basic Info Security Security Level Splash page External splash page Type of splash page IF or hostname localhost J Internal Authenticated URL z J Internal Acknowledged Port s0 Authentication text Authenticated W External E Encryption Back Next Cancel 4 Click Next and click Finish Configuring External Captive Portal Authentication when editing a Guest Network To configure external captive portal authentication when editing a guest network perform the following steps l In the Network tab click the network for which you want to c
113. nect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide About this Guide Dell PowerConnect W Series Instant Access Point is a simple easy to deploy turn key WLAN solution consisting of one or more access points An Ethernet port with routable connectivity to the Internet or a self enclosed network as long as there is an Ethernet port with link are the network infrastructures required to deploy the Dell PowerConnect W Series Instant wireless network Dell PowerConnect W Series Instant is specifically designed for easy deployment and proactive management of networks for small customers or remote locations without an on site T administrator Dell PowerConnect W Series Instant consists of at least one Instant Access Point IAP and a Virtual Controller VC The virtual controller resides within one of the access points In Dell PowerConnect W Series Instant deployment only the first IAP needs to be configured After the first AP is deployed the subsequent IAPs will inherit all required information from the virtual controller Dell PowerConnect W Series Instant network can support upto 16 IAPs and 256 users Objective This user guide describes the various features supported by Dell PowerConnect W Series Instant and provides detailed instructions for setting up and configuring a Dell Instant network Intended Audience This guide is intended for Dell PowerConnect W Series Instant customers who will be configuring and using Dell Instant to s
114. neeeess 59 Migrating from a Virtual Controller Managed Network to Mobility Controller Managed NE ONOR cerre een r EE N EE 59 FUE EO OMT ME AAP ebesncca ativan eauiseaiScieac re ia N Ee aa SNT Eria 61 Firmware Image Server in Cloud N twork cccsescscssssesessescssssssesseecesseseesseecessusesassesesaeseeaseees 61 Automatic Firmware Image Check and Upgrade ccesssssesesssscsssssseseeecesseseeseesessesnees 62 Upgrading to the new OS VEPSION cccccssesessescsessssesssesecsesessesecessesecaesesesaeseeaseesesaesesasenereass 62 Manual Firmware Image Check and Upgrade csecscssesesssscscsssseseeecesseseeseeseeseseeasenes 63 NI SUMO aeaa A ae nave hence ulin E 65 conngurng an NTP SETVE sera career oncuciva cece a aE nena nen 65 NTRP LU SOME ONE E E E E A E OEE EE T 67 Master Election Protocol e e enenenenennnnnnenenenensnsnsnnnnnnnnnnnnannnunnnnrnnnnninanararnrannnnnnnnnnrsnsnnnsnnnnnnnenrnrnnnna 67 Virtual Controller IP Address cscs scssssscsssssensssessssssssssssessesessesseseuseseusesecesaeseuesseusesessesausenans 67 Specifying Name and IP Address for the Virtual Controller ccccsessseeeseeeeeeeeeen 67 Configuring the DHCP Server e e esssessnsensrsnnensnsrnnnensrsnnnnenunirarursnsnnerunurvannrernnnnennnnnnnnnrnnnnnnnnns 68 A a O ea acbecabenescetcagensuccia daasadinacataneasa meaniae duane sienansasaanaies 69 Authentication Methods in Dell Instant cccsecsessssesssscssesesecseseesesecsesaeeessuseesesee
115. network or IAP for the last 15 minutes 30 Instant User Interface Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Throughput In the default Virtual Controller view the Throughput graph displays the incoming and outgoing throughput traffic for the virtual controller for the last 15 minutes In Network or IAP view this graph displays the incoming and outgoing throughput traffic for the selected network or IAP for the last 15 minutes Figure 19 Usage Trends Section in the Monitoring Pane Usage Trends Clients 10 11 55 12 00 12 05 Throughput bps 1M a LOK p 100 Of 100 10K M iM 11 55 12 00 12 05 Out In For more information about the graphs and monitoring procedures see Chapter 19 Monitoring Client Alerts Alerts are generated when a user faces problems while accessing or connecting to the Wi Fi network The Client Alerts link appears in red only if there are any client alerts Click this link to see the related alert An alert consists of the following fields Timestamp Displays the time at which the client alert was recorded MAC address Displays the MAC address of the client Description Provides a short description of the error or alert Details Provides a detailed description of the error or alert K NOTE New alerts will be generated for an incomplete DHCP transaction of a client Figure 20 Clien
116. ng an W IAP to the Network To add an W IAP to the Dell Instant network assign an IP address For more information see Assigning an IP Address to the W IAP on page 18 After an W IAP is connected to the network if the Auto Join Mode feature is enabled it is listed in the Access Points tab in the Instant UI The W IAP inherits the configuration and image from the virtual controller If the Auto Join Mode is not enabled then perform the following steps to add an W IAP to the network l In the Access Points tab click the New link Figure 42 Adding an W IAP to the Instant Network 1 Access Point Name Clients Instant Access Point 0 New 2 In the New Access Point box enter the MAC address for the new W IAP Figure 43 Entering the MAC Address for the New W IAP New Access Point MAC address for new Access Point OK Cancel Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Managing IAPs 55 3 Click OK Removing an W IAP from the Network An W IAP can be manually removed from the network only if the Auto Join Mode feature is disabled To manually remove an W IAP from the network perform the following steps l In the Access Points tab click the W IAP which you want to delete An x appears against the W IAP 2 Click x to confirm the deletion K NOTE The deleted W IAP s cannot join the Instant network anymore Editing W IAP Settings This section explains the steps required to edit t
117. ng basis to ensure that configurations never vary from the enterprise policies It alerts you whenever a violation is detected and automatically repairs the misconfigured device Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Airwave Integration and Management 113 Figure 89 Template Based Configuration ARRUZA 3 New Devices 23 Up 77 4 Wired 10 Down 44 Mismatched 71 Rogue 3183 L Users 7 M Alert Home Helpdesk WALT APs Devices Users Reports System Device Setup AMP Setup RAPIDS VisualRf Templates Group KMart E ON CRA CER LEL A Name Aruba Instant Virtual Controller Device Type Aruba Instant Virtual Controller iv Restrict to this version O Yes No Template firmware wersion 5 0 4 0_28158 Template Sele Fetch template from device Select Device v Template 4 Tom pare eS rom Tnetant Ca 7 EF 59 4 0 28158 at 6 8 2011 5 13 h A a 7 ira ae atan ked roe tase Bears NE k ee eerae AE GABTEOII DIIS PM The following variables may be used in the template The based on config fetched at 6 8 2011 5 06 PM value of each variable is configured on the APs Devices version 5 0 4 Manage page for each device in the group Each variable virtual controller country IN must be surrounded by percent signs hosiname virtual controller key quid The 267 6 statements must be terminated by 3 a a endif and cannot be nested if ip address virtual controller ip ip_a
118. ns are 1 2 3 and 4 Enter an appropriate WEP key and reconfirm Select a passphrase format from the Passphrase format drop down list Available options are 8 63 alphanumeric chars 64 hexadecimal chars Enter a passphrase in the Passphrase text box and reconfirm Select the required option from the MAC authentication drop down list Available options are None This option provides open authentication Any client that requests association is allowed to connect to the network Open authentication is not recommended unless you want users to gain quick access to the network External RADIUS Server If you select this option then an external radius server has to be configured to authenticate the users For information on configuring external RADIUS server see Configuring an External RADIUS Server on page 70 You select the Open security level Select the required MAC authentication from the MAC authentication drop down list Available options are None This option provides open authentication Any client that requests association is allowed to connect to the network Open authentication is not recommended unless you want users to gain quick access to the network External RADIUS Server If you select this option then an external radius server has to be configured to authenticate the users For information on configuring an external RADIUS server see Configuring an External RADIUS Server on page 0 38 Wireless Network
119. ns depending on your requirements Table 11 Destination Options Service Description To all destinations all destinations Access is allowed or denied to all destinations Access is allowed or denied to all destinations allowed or denied to all destinations Toa server Access is allowed or denied to a particular server You have to specify the IP address of the server Except to a particular server Access is allowed or denied to servers other than the specified server You have to specify the IP address of the server To a network Access Is allowed or denied to a network You have to specify the IP address and netmask for the network Except to a network Access is allowed or denied to networks other than the specified network You have to specify the IP address and netmask for the network Example Access Rules This section provides procedures to create the following access rules Allow TCP service to a particular network Allow PoP3 service to a particular server Deny FIP service except to a particular server Deny bootp service except to a particular network Allow TCP service to a particular network l Click the New link in the Networks tab To define the access rule to an existing network click the network The edit link appears Click the edit link and navigate to the Access tab 2 Inthe Basic Info tab enter the appropriate information 3 Click Next and set appropriate values in the Security tab Dell P
120. nstant Access Point 5 0 3 0 1 1 0 0 User Guide Table 19 Country Codes List Continued Code Country Name C C C C Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Regulatory Domain 137 Table 19 Country Codes List Continued Code Country Name CC o oo pomene 138 Regulatory Domain Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Appendix A Abbreviations The following table lists the abbreviations used in this user guide Table 20 Abbreviations Abbreviation Expansion EAP TTLS Extensible Authentication Protocol Tunneled Transport Layer Security Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide 139 Table 20 Abbreviations Continued Abbreviation Expansion 140 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide
121. on Details Corrective Action Internal error The IAP has encountered an internal Contact the Dell customer support team error for this client 100102 Unknown SSID in association request 100103 Mismatched authentication encryption setting 100104 Unsupported 802 11 rate Maximum capacity reached on IAP 100206 Invalid MAC Address 100307 Client blocked due to repeated authentication failures 100308 RADIUS server connection failure The IAP cannot allow this client to associate because the association request received contains an unknown SSID The IAP cannot allow this client to associate because its authentication or encryption settings do not match IAP s configuration The IAP cannot allow this client to associate because it does not support the 802 11 rate requested by this client The IAP has reached maximum capacity and cannot accommodate any more clients The IAP cannot authenticate this client because the client s MAC address is not valid The IAP is temporarily blocking the 802 1X authentication request from this client because the credentials provided have been rejected by the RADIUS server too many times The IAP cannot authenticate this client using 802 1X because the RADIUS server did not respond to the authentication request Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Identify the client and check its Wi Fi driver and manager software Ascertain the correct aut
122. onfigure the external captive portal authentication The edit link for the network appears 2 Click the edit link The Edit box for the network appears 3 Click Next and click the External button and perform the following steps in the Security tab 1 Enter the IP address or the hostname in the IP or hostname text box 80 Authentication Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide 2 Enter the URL for the splash page in the URL text box Enter the number of the port to be used for communicating with the external server in the Port text box 4 In the Authentication text box enter the unique signature that the external server will return in the response after a successful authentication Figure 69 Configuring External Captive Portal Authentication when editing a Guest Network Edit Guest_Network1 Security Level K Splash page External splash page Type of splash page IF or hostname localhost J Internal Authenticated URL E Internal Acknowledged Port so z Authentication text Authenticated External E Encryption Back Next Cancel 4 Click Next and click Finish MAC Authentication Media Access Control MAC authentication is used to authenticate devices based on their physical MAC addresses It is an early form of filtering MAC authentication requires that the MAC address of a machine must match a manually defined list of addresses This form of authentication does not scale past a
123. ontroller IP Address You can specify a single static IP address that can be used to manage a multi AP Dell Instant network This IP address is automatically provisioned on a shadow interface on the IAP that takes the role of a virtual controller When an IAP becomes a virtual controller it sends three Address Resolution Protocol ARP messages with the static IP address and its own MAC address to update the network ARP cache Specifying Name and IP Address for the Virtual Controller To specify name and IP address for the virtual controller perform the following steps l At the top right corner of WebUL click the Settings link The Settings box appears Figure 58 Specifying Virtual Controller Name and IP Address Settings Help Basic Admin RTLS SNMP IDS ARM Advanced Name Instant Controller IP address 0 0 0 0 Enabled Content filtering Date amp Time NTP Server pool ntp org Timezone International Date Line West UTC 12 x DHCP Server Domain name DNS Server s Lease time Minutes w OK Cancel 2 Enter a name for virtual controller in the Name text box Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Virtual Controller 67 3 Enter the appropriate IP address in the IP address text box 4 Click OK Configuring the DHCP Server To configure the domain name DNS server and lease time for the DHCP server perform the following steps
124. ork Type Network type Employee Guest or Voice Band Band in which the network is broadcast 2 4 GHz band 5 4 GHz band or both Authentication Method Authentication method required to connect to the network Key Management Authentication key type IP Assignment Source of IP address for the client To add a Wi Fi network click the New link in the Networks tab For more information about a wireless network and the procedure to add a wireless network see Chapter 4 Wireless Network on page 35 An edit link appears on clicking the network name in the Networks tab For information about editing a wireless network see Editing a Network on page 47 To delete a network click x on the right side of the edit link Figure 8 Networks Tab Compressed View and Expanded View gt 2 Networks Mame Clients Emp_Metwork1 0 Guest Network1 amp 2 Networks Name Clients Type Band Authentication Method Key Management IP Assignment Emp_Networki 0 Employee All None WPA2 AES Default VLAN Guest_Network1 0 Guest All None None NAT Mode New 22 Instant User Interface Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Access Points Tab If the Auto Join Mode feature is enabled a list of enabled and active IAPs in the Dell Instant network is displayed in the Access Points tab The IAP names are displayed as links If the Auto Join Mode feature 1s disabled then a New link appears Click this link to add a n
125. osure and if so the type of privacy protocol which is used This takes the value DES CBC DES Symmetric Encryption Privacy protocol password If messages sent on behalf of this user can be encrypted decrypted with DES the private privacy key for use with the privacy protocol Community Strings for SNMPV1 and SNMPV2 Community strings used to authenticate requests for SNMP versions before version 3 NOTE This is needed only if using SNMP v2c and is not needed if using version 3 Follow the steps below to create community strings for SNMPV1 and SNMPV2 In the Settings tab click the SNMP tab Click the New button in the Community Strings for SNMPV1 and SNMPV2 box Enter the string in the New Community String text box Click OK Bh WwW N To delete a community string select the string and click the Delete button Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide SNMP 109 Figure 87 Creating Community Strings for SNMPV1 and SNMPV2 settings Help Basic Admin RTLS SNMP IDS ARM Advanced Community Strings for SNMPV1 and SNMPV2 New Community String OK Cancel pcol Privacy Protocol Follow the steps below to create edit and delete users for SNMPV3 In the Settings tab click the SNMP tab Click the New button in the Users for SNMPV3 box Enter the name of the user in the Name text box Select the type of authentication protocol from the Auth protocol drop down list
126. owerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Instant Firewall 93 4 Click Next The Access tab appears The Allow any to all destinations access rule is enabled by default This rule allows traffic to all destinations To define allow TCP service access rule to a particular network perform the following steps a Click the New button The New Rule box appears b Select Allow from the Action drop down list c Select custom from the Service drop down list Select TCP from the Protocol drop down list Enter appropriate port number in the Port s text box d Select to a network from the Destination drop down list Enter appropriate IP address in the IP text box Enter appropriate netmask in the Netmask text box Figure 76 Defining Rule Allow TCP Service to a Particular Network New Network Security Access Rules More Control Access Rules 1 Allow any to all destinations Role based New Rule Action Service eicbare based Allow CUSTOM Ra to all destinations Protocol Unrestricted TCP i Port s Less Control Back Finish Cancel e Click OK 5 Click Finish Allow PoP3 service to a particular server 1 Click the New link in the Networks tab To define the access rule to an existing network click the network The edit link appears Click the edit link and navigate to the Access tab 2 In the Basic Info tab enter the appropriate infor
127. p Basic Info security Access Access Rules More Control Access Rules 1 Allow any to all destinations Role based New Rule Action Service Destination D Network based Allow X any M to all destinations Unrestricted OK Cancel Less Control Service Options Table 10 lists a sample set of service options available in the Instant UI You can allow or deny access to any or all of these services depending on your requirements Table 10 Network Service Options Service Description any Access is allowed or denied to all services custom Available options are TCP UDP and Other If you select the TCP or UDP options enter appropriate port numbers If you select the other option enter the appropriate ID Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Instant Firewall 91 Table 10 Network Service Options Continued Service Description eooo pemes Sea ie re mi item En i emee Se OO emoe OO 92 Instant Firewall Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Table 10 Network Service Options Continued Service Description Server Message Block Transmission Control Protocol Server Message Block User Datagram Protocol Simple network management protocol trap tftp Trivial file transfer protocol Destination Options Table 11 lists the destination options available in the Instant UI You can allow or deny access to any or all of these destinatio
128. p right corner of the Instant UI click the Maintenance link 2 In the Maintenance box click the Firmware tab 3 In the Firmware tab click the Check for New Version button Figure 56 Manual Image Check Maintenance Help About Configuration Certificates Firmware Reboot Convert Current Version 5 0 3 0 1 1 0 0_ 28954 Manual Image file for new version Browse Automatic Check for New Version The button is replaced with the Image Check in Progress message After the image check is completed one of the following messages will appear No new version available If there is no new version available Image server timed out Connection or session between the image server and the W IAP is timed out Image server failure If the image server does not respond A new image version found If a new image version is found 4 If anew version is found the Upgrade Now button appears and the New version available message and the version number are displayed 5 Click the Upgrade Now button The W IAP downloads the image from the server saves it to flash and reboots Depending on the progress and success of the upgrade one of the following messages will be displayed Upgrading While image upgrading is in progress Upgrade successful When the upgrading is successful Upgrade fail When the upgrading fails Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Managing IAPs 63 64 Managing IAPs Dell Power
129. portal MPP is the gateway between the wireless mesh network and the enterprise wired LAN You configure an IAP to perform the mesh portal role which uses its wired interface to establish a link to the wired LAN You can deploy multiple mesh portals to support redundant mesh paths mesh links between neighboring mesh points that establish the best path to the mesh portal from the wireless mesh network to the wired LAN The mesh portal broadcasts the configured mesh service set identifier MSSID mesh cluster name and advertises the mesh network service to available mesh points Neighboring mesh points that have been provisioned with the same MSSID authenticate to the portal and establish a secure mesh link over which traffic 1s forwarded The authentication process requires secure key negotiation common to all IAPs and the mesh link is established and secured using Advanced Encryption Standard AES encryption Mesh portals also propagate channel information including CSAs Mesh Points The mesh point MP is an IAP configured for mesh and assigned the mesh point role Depending on the IAP model configuration parameters and how it was provisioned the mesh point can perform multiple tasks The Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Mesh Network 49 50 Mesh Network mesh point provides traditional WLAN services such as client connectivity intrusion detection system IDS capabilities user role
130. r To see the exact number of clients associated example the graph on the left shows that one client is with the selected IAP at a particular time hover associated with the IAP at 12 12 hours the cursor over the graph line Throughput The Throughput graph shows the throughput for To check the throughput of the selected IAP for the last 15 the selected IAP for the last 15 minutes minutes Outgoing traffic Throughput for outgoing 1 Log in to the Instant UI The Virtual Controller view traffic is displayed in green Outgoing traffic appears This is the default view is shown about the median line 2 Inthe Access Points tab click the IAP for which you Incoming traffic Throughput for incoming want to monitor the throughput The IAP view traffic is displayed in blue Incoming traffic appears is shown below the median line Study the Throughput graph in the Usage Trends To see an enlarged view click the graph pane For example the graph on the left shows 4 0 The enlarged view provides Last Minimum kbps incoming traffic throughput at 12 08 hours Maximum and Average statistics for the incoming and outgoing traffic throughput of the IAP for the last 15 minutes To see the exact throughput of the selected IAP at a particular time hover the cursor over the graph line Client View In the Virtual Controller view all clients in the Dell Instant network are listed in the Clients tab Click the IP address of the client that you wan
131. r the incoming and outgoing frames To see the exact utilization percent at a particular time hover the cursor over the graph line The Noise Floor graph shows the signals created by all the noise sources and unwanted signals in the network Noise floor is measured in decibels metre Too many unwanted signals hamper the performance of the IAP Monitor the noise floor regularly for optimal performance of the IAP To see an enlarged view click the graph The enlarged view provides Last Minimum Maximum and Average statistics for the In and Out frames To see the exact utilization percent at a particular time hover the cursor over the graph line The Errors graph shows the errors that occurred while receiving the frames for the last 15 minutes The errors are measured in frames per second To see an enlarged view click the graph The enlarged view provides Last Minimum Maximum and Average statistics for the In and Out frames To see the exact utilization percent at a particular time hover the cursor over the graph line Monitoring Procedure To monitor the utilization of the selected IAP for the last 15 minutes Log in to the Instant UI The Virtual Controller view appears This is the default view In the Access Points tab click the IAP for which you want to monitor the utilization The IAP view appears Study the Utilization graph in the RF Trends pane For example the graph on the left shows 62 IAP radio
132. r the graph line 11 43 hours Throughput The Throughput graph shows the throughput of To check the throughput of the networks all networks and IAPs associated with the and IAPs associated with the virtual virtual controller for the last 15 minutes controller for the last 15 minutes Outgoing traffic Throughput for outgoing 1 Log in to the Instant Ul The Virtual traffic is displayed in green Outgoing traffic Controller view appears This is the is shown above the median line default view Incoming traffic Throughput for incoming Study the Throughput graph in the traffic is displayed in blue Incoming traffic Usage Trends pane For example the is shown below the median line graph on the left shows 2 0 kbps To see an enlarged view click the graph outgoing traffic throughput at 12 00 The enlarged view provides Last Minimum hours It also shows some ome Maximum and Average statistics for the traffic throughput at the same time incoming and outgoing traffic throughput of the virtual controller for the last 15 minutes To see the exact throughput of the Dell Instant network at a particular time hover the cursor over the graph line Client Alerts Link For information about the Client Alerts link see Chapter 3 Instant User Interface and Chapter 20 Alert Types and Management chapters IDS Link For information about the IDS link see Chapter 3 Instant User Interface Dell PowerConnect W Instant
133. raa CoO A and Hemmi eae yess rp bo orewencd harei een all epee trumbed edad shore dg perya that yeas Bi iara ee et ee nd bi What Should Do Biri uituablhy eer Oo Red bite ithaca probe hed meer cial ered Ta Goebel a Crag IE ri ath arger r Por aie aed prag phos perro Di pea cai od haag Technical Detalls Umdentand the Aiiki 5 In the login screen as shown in Figure 36 enter the following credentials Username admin Password admin Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 36 Login Window Welcome to Instant DOL L VIRTUAL CONTROLLER Username ladmin Password essee Log In 6 Create anew SSID and wpa 2 personal keys with unrestricted or network based access rules Select any permit for basic connectivity 7 Connect a client to the new SSID and disconnect from the instant SSID 8 All the IAPs will show up on the Virtual Controller as shown in Disconnect the IAPs that you want to deploy as Mesh Points from the switch and place the IAPs at the desired location The wired IAPs are Mesh Portals Figure 37 Mesh Portal Users Settings Servers Roles Maintenance Support Help Logout DOLL os VIRTUALCONTROLLER PowerConnect W Series rubs Networks earch w 3 Access Points 2 4 GHz 5 0 GHz Name Mode Clients Type Mesh Role Channel Power dB Utilization Noise dBm Channel Power dB Utilization Noise dBm 00 24 6c c8 ec 7f
134. re as follows e W IAP92 Dual RP SMA interfaces for external antenna support supporting up to 2x2 MIMO with spatial diversity For information to configure an external antenna see Configuring an External Antenna on page 63 e W IAP93 Integrated omnidirectional antenna elements supporting up to 2x2 MIMO with spatial diversity e Maximum antenna gain for W IAP92 and W IAP93 a 2 4 GHz2 2 5 dBi a 5 GHz 5 8 dBi Figure shows antenna patterns of W IAP93 for 2 45 GHz and 5 5 GHz Figure 1 W AP93 Antenna Pattern wT TT i WV anery AHH a Hy leg ae ibe diy fi A SZ i Terre TTT fey eaut 2s My i rs ral uf ii i H ii Gey i IHE cS PALIT Mos SKY IMISS z ELALI eres SST Tes Ea 7 F i iy i fi 5 GEN pT ace STN SZ Se sis a tn ey TTE m A a ta N ae te Wes ba EF ee hs T 3 A i ie ae Sail tity T a a WW aN aiL ie el e mei pitit yt ans i 5 a x ics a ace a j es af la E a ANN SE PITRE SS i alitna DS ie SS hy Ay an E Piane Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide W IAP Internal Antenna Patterns 15 W IAP105 Antenna Pattern The antenna specifications of W IAP105 are as follows e 4x integrated omnidirectional antenna elements supporting up to 2x2 MIMO with spatial diversity e Maximum antenna gain m 2 4 GHz 2
135. rsion available link appears at the top right corner of the Instant Ul Figure 54 Automatic Image Check New Version Available Link New version available Users Settings Servers Roles Maintenance Support Help Logout DOLL oe WIRTUALCONTROLLER PowerConnect W Series Aruba Networks m Upgrading to the new OS version After the Automatic Image Check feature identifies a new OS version perform the following steps to upgrade to the new version 1 Click the New version available link The Maintenance window appears 2 Click Upgrade Now to upgrade the W IAP to the newer version Figure 55 New Version Available Box Maintenance Help About Configuration Certificates Firmware Reboot Convert Current Version 5 0 3 0 1 1 0 0_28910 Manual Image file for new version Browse Automatic New Version available 5 0 3 0 1 1 0 0_29082 Upgrade Now Close After you confirm the AP downloads the new firmware image from the server saves it to flash and reboots Depending on the progress and success of the upgrade one of the following messages will be displayed Upgrading While image upgrading is in progress 62 Managing IAPs Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Upgrade successful When the upgrading is successful Upgrade fail When the upgrading fails Manual Firmware Image Check and Upgrade To manually check for a new firmware image version perform the following steps l At the to
136. s 2 Click the edit link An Edit AP box appears 3 In the Edit AP box click the Radio tab 4 Select the Adaptive radio management assigned radio button Figure 48 Configuring W IAP Radio Settings Mode Access Edit Access Point Instant Access Point Help Name Connectivity Radio External Antenna Mode Access 2 4 GHz band 9 Adaptive radio management assigned Administrator assigned 5 GHz band a Adaptive radio management assigned Administrator assigned OK Cancel 58 Managing IAPs Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide 5 Click OK Configuring an External Antenna To configure an external antenna for each W IAP perform the following steps K NOTE Only the Dell PowerConnect W IAP92 supports external antenna configuration Skip this section if you are using W IAP93 or W IAP105 For appropriate configuration values see the relevant W IAP documentation 1 Inthe Access Points tab click the W IAP for which you want to configure an external antenna The edit link appears 2 Click the edit link The Edit AP box appears 3 In the Edit AP box click the External Antenna tab and specify appropriate values Figure 49 Configuring W IAP External Antenna Settings Edit Access Point Instant Access Point Name Connectivity Radio External Antenna 2 4 GHz antenna gain lo dBm 5 GHz antenna gain lo dBm
137. s box contains fields that are required to add edit or delete a user or users You can also specify the user type Two types of users employee and guest will be using the Dell Instant network For more information about users see Chapter 21 User Database 24 Instant User Interface Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 11 Users Box Users 0 T 0 Add new user Username JohnDoe Password lesecesss lt Retype jesecesss Type Guest r Add OK Cancel Settings This link displays the Settings box The Settings box consists of the following tabs e Basic View or edit the virtual controller s name IP address and Content filtering setting For information about virtual controller settings and content filtering see Chapter 8 Virtual Controller and Chapter 13 Content Filtering e Admin View or edit the admin credentials RTLS View or edit the RTLS server settings e SNMP View or specify SNMP agent settings For information see Chapter 17 SNMP e IDS View or select the Rogue AP classification and Containment methods to monitor the network for the presence of unauthorized IAPs and clients For more information see Chapter 16 Intrusion Detection System e ARM View or assign channel and power settings for all the IAPs in the network For information about ARM see Chapter 15 Adaptive Rad
138. s on a cloud based image server hosted by Dell The location of the image server is fixed and cannot be changed by the user Dell takes care of managing the image server and ensures that the image server is loaded with latest versions of Dell Instant firmware image for its products The Virtual Controller VC in Instant AP communicates with the Image server via an Aruba Networks proprietary protocol The Image server queries the VC The VC returns the following information Current firmware version Type Code Globally Unique ID GUID OEM Tag Organization if available Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Managing IAPs 61 Access Point Information for each AP attached to the VC AP type AP serial number The VC expects the available upgrade VC software version and the URL in return This query normally happens once in a week Automatic Firmware Image Check and Upgrade Automatic image check is enabled by default If AirWave is configured then the automatic image check is automatically disabled You have to use the manual image check option For more information see Manual Firmware Image Check and Upgrade on page 63 If Automatic image check is enabled then the following actions take place Once after every time the AP boots up and Once every week thereafter If the image check locates a new version of the Dell Instant firmware image on the image server then a New ve
139. s view Tabs Contains three tabs Networks Access Points and Clients For detailed information about the tabs see Chapter 3 Instant User Interface Links Contains three links Monitoring Client Alerts and IDS These links allow you to monitor the Dell Instant network For detailed information about the sections in these links and how they can be used to monitor the network see Monitoring Link IDS Link Client Alerts Link sections Figure 91 Virtual Controller View DOLL VIRTUAL CONTROLLER PowerConnect W Series Powered by Aruba Networks Users Settings Servers Roles Maintenance Support Help Logout amp 2 Networks Name Clients Emp_Network1 Guest_Network New Instant Controller Info Name Instant Controller Country code IN IP Address 0 0 0 0 Content filtering disable Organization AirWave IP 0 0 0 0 Band all EN v Monitoring Link C 1 Access Point 1 Client Name Clients Name Instant Access Point 1 RF Dashboard Signal Speed All Clients I Ey All Access Points Utilization Status Not Set Up Set Up Now IP Address Network Access Point 169 254 70 134 Emp_Network1 Instant Acce Monitoring p Ww Usage Trends Noise Errors Clients Throughput bps 10k E nee 10 10 100 10k papag 100k 04 05 04 10 Qut I Pause This link is clicked by default and the following sections are displayed These sections provide information about
140. secacsesecsesececsesevsesecessusesassesessesesaesesessuseeausesassesesansesass 101 Air Time Fairness MoE sossarnas NA iN 104 Configuring Administrator Assigned Radio Settings for IAP uu eesessessessssesseesseseseeaeeees 105 MOU ORADE EEO ai seteniecex enicinuteraccessseerusiseaavactueranmrastennecmienesuts 107 Rogue COREA esana sadidanenenyrisateueassaceauncensevenannetapsasaanieanasebvesanenaeeiaenacan eamevaiaten 107 CONTAINMENT VICTI OOS sccoscsssciscssascsaveatnentarscspanusiananatensmnaenataneioniarnaemenmantartayemaumaieean 108 Creating Community Strings for SNMPV1 and SNMPV2 c cc ccsesssseseeecsessseeseseeesseseeaseees 110 Creating Users for SNMPVS uu eccscssessssescssssssesesesseseseesesecessesecsesesecsusesaesesessusecassesesseseeansesass 111 Template Based Configuration cccsssesssssscssssssesssscsesssseseseceesesecsesecessesecaesesessesecasseseeaeeeeanes 114 Configuring AirWave cccccssssssssssssessscesessseeseseeseseceeseseeseseseeseseeenseseeeeseeanseseeaeseeanaesansnseeansnsans 115 Virtual Gontroler VIEW sisenes aa EE sateen evi EiS 117 cene Gran io E EEA 118 Throughput Graph s e sssessnssensessnensnrersrnnrenunnrrnrnnsrnnnnrnnunnnnunersnnananununnunnrunnunanurnnnnnnnrunnnnunnrsnnnnnrennenne 119 IOV VICU inara EEE a peaaartueatenane 120 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 95 Clients Graph sonra creoactcinanpsoesbccean aur aes snagieosseupeate uracanen inemenieverscia
141. seeaesesanees 69 8021A Ue TANG dO sssri asea E o EEE AE E EE E 69 internal RADIUS S0rVor ansaan a Eana TET A 69 External RADIUS S Gl VOM sais csssssnecasecisnressconenntotanncstensiiteutaettaconntnnstintoasnenendiedtaaeienonntemsaines 70 Configuring an External RADIUS Server ou ce cceeseessescscssssesssecessesessssesesseseeateeeeeass 70 Enabling Instant RADIUS aa ccsasaseaosanccstenentstavsuttenniavedacaaysaaaasbtasnasanionnnetiasbagestinsniainasteaendess 71 RADIUS Server Authentication with VSA ccc cccsssssescsssssssssscsseseessesesseseesssesesseeeasenss 71 List of supported VSA S csscatesuaidenossnnnasancnenicnssansscdecsneadsessnagoendund ntoamyebaistaaessesnnciacsmnuanaee 72 Management Authentication SettingS ccssssescssssesssssscssssssesssecessesessseesesseseeaseees 74 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Capuve OUR ica crsasteeio odndtonnatasesabatsastnan i beututrdo eda austuad seraneoeniesecanesidiieansdibendiveastnesdtuianeuieateren de 75 internal Captive OM ell Sect azecnec tes vapeavecaayatel ecauianuccatts stesscesanraunectiaausecnseussieiiosnssampeneshisenrepiae 75 Configuring Internal Captive Portal Authentication when Adding a Guest Network 75 Configuring Internal Captive Portal Authentication when Editing a Guest Network 76 Configuring Internal Captive Portal with External Radius Server Authentication when Adding a Guest N twork ccesssssscssssssesssssscseseesesesess
142. sesessesecassesessnseeaees 19 Specifying the Country GOCE sas ssscacesteussarsnevsensuzeissetaiehcoiaiiessharsacasuanyuciceasbtennesauseenbonatantessaveusensarene 20 Basic Sections in the Instant Ul ceesssscssssssesssecscsecseseeeseeseseesesesecseseestsesessesesatsesessusesaeseeass 21 Networks Tab Compressed View and Expanded VieW ccsscsescscssssesesssssssseesssesesseseeasenes 22 Access Points Tab Compressed View and Expanded VieW c cccssscssessessssessessseseseeaseees 23 Client Tab Compressed View and Expanded Vi W cc ccsesssssscssssssesesssseseesseesesseseeaseneeeas 24 ST sal 10 Canter ne ee ene eee eee nee 25 Settings Link Default VIC W scccsencecascocceisiernuedesnscuscasasvnavessoncusasaucdedsoniventevenvoaisoincdivouneddesanntoadsiaeete 25 Maintenance Link Default View uu cc ccssesssscssesesscssssesessesessesecseseeseseesesaesessuseeseseesesansesaeseses 26 CUPID ONE DOK aa E E 28 aLe PD LMR REENE AE A EAE EA E A EEA E EE E AE EE 28 Monitoring on Instant Ul sated caress cane tanass ceneeceaaaecdciaiipatenecataeeiccesetannsuytelvgspersesaitentsaniecesieinoueestesenos 29 Info Section in the Monitoring Pane cesessssesssssscseseesesecessesesseseecseseseceesesetsesecatsesessnseeaees 29 RF Dashboard in the Monitoring Pane ccccsesessescssssesscscsseseescseseesecseseesesessesassesausessnsesseeateees 29 Usage Trends Section in the Monitoring Pane ccsescsssssesssscscsessesseesessesees
143. sesssecsssesessseesesseseeasneeeens 41 Open Instant SSID oo cssssssesssecsesessesesesesseseesesesessesesasseseseesesaeesesecsuseeeseseseusesausesatsesesenseeass 50 Untrusted Connection Window ccccssssssesssssssscscessesssecessesesassesececsssecsesesassuseeatsesessnsesaneeeass 50 EGG VN WIG ON a isd wea saaas enna E A 51 PY VES TR ON eccrgcc cies tctecternecestrcveneceeuavucauewasieoresuasacst sare senspeciaus ts cast veqlsecvscunvecos eiuesecrisasepsvearevaenceassaeneaee 51 Disabling Auto Join WCC yg cvire czesasiara cen edatuasnpneres waainzsoaesins a aE AEEA EEE EPEE EEREN E ENEE ESENE 53 CED U Da e E E A E 54 EE EEE E E e E EN S EE E E A EAE E S E A TT 54 Syslog SETVE sariaren eia e E a ENEE a EER NESTEA E NE SN Pa A EERE ar E 55 Adding an W IAP to the Instant N tWOFrk cceesseessesesssscsseseeecsessesesseseeseeesseseeseseesesaneesanees 55 Entering the MAC Address for the New W IAP sensssnnenenenenonernnnensnsnnenunurnnnnnensnnnnsnunnnnnnnrensnnenens 55 Editing W IAP Settings a sssirsisisstisdasinirek iaessannseatitsicdsciveadaubpsdaailas unesisduptivessdaituadeaSvniadaiSetatasuhsstac baci 56 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide 7 8 Figure 45 Figure 46 Figure 47 Figure 48 Figure 49 Figure 50 Figure 51 Figure 52 Figure 53 Figure 54 Figure 55 Figure 56 Figure 57 Figure 58 Figure 59 Figure 60 Figure 61 Figure 62 Figure 63 Figure 64 Figure 65 Figure 66 Figure 67 Figure 68
144. ssesesseseeasnseeess 31 Client Alerts link on Instant UL csciccssteuiassncntscscusnst visas sniesnsteanvavespueinatves tavuanasiscatvasnsiaenintauenanitiatnes 31 EME TAG Alere EMT srvada teas E E E E E 32 Intrusion Detection on Instant Ul nennnenenensnsnnnsnnnnnnnenenunnnnrnnnrnnvinararurnnnrnnnrnnersnsnnnsnnnnnnnrnrnrnrnns 32 AirWave Setup Link AirWave Configuration cceesesssscessssesssececsesseseeecsssesesassesesseeeasenss 33 Adding an Employee Network Basic Info Tab e enonononononnnnnnnenonnnnnnnnnnnnennnnnnnnnnnnnenersnsesnsnnnns 36 Band and Hide SSID Settings arreire 37 Securty TaD 11219 0 ls ee EEEE ee ee 39 Secun Tab Wr Cl ON ear iag sess tbs tasayacs Saahenransnsscestvsaciteaesadyetin saan aseatamnena iestbedeate oe anes decae aes 40 Security Tab Open cas enerasscesoesat axscqatesns bspiaassnavvanysaaniatenaitsnssulssannenoinavetet vatuinssansiventdbeneesnanmatestetasis 40 Adding an Employee Network Access Rules Tab N tWork cccceesesessessesseeeesseeseeeeees 41 Adding a Voice Network Basic Info Tab enenenensnsnsnnnnnnnnnenenenennnnnnrnrnininnnnrnnnnnnnnensrsrsesnsnnnns 42 Adding a Guest Network Basic Info Tab sesessnensnnensnennenenurnnnersnsnnnrururnnnnnsrsnnnrernrnnnnrnrsnsnnnnnns 44 Adding a Guest Network Splash Page Settings ccssescssssesssscscsssseseeeseeseseeassesesseseeasenss 46 Configuring a Splash Page Encryption Settings ccccssesesssscscsss
145. ssessessssesssececsesecsesesessesesassesesaeseassesecaesuseceesesessusecassesatensesanes 93 EX LUMO ACC OSS UNG Scares acueessuhiconccnssasei EA E E uevaenoannrassoneanr note 93 Allow TCP service to a particular network ccceesessescscssssesseesecseseesesesesseesassecesseseeatenss 93 Allow PoP service to a particular SEIrVEl cccccccesescescssssssecseseesseessesessesseseeseeesaesaseneess 94 Deny FTP service except to a particular SEIrVEl cccccsseseescssssesessesesseeecseseeseseeseeasereanees 95 Deny bootp service except to a particular NETWOFK ccccceeescsssseseesseeeceseeseeseeensanseteess 96 Chapter 13 Content FHC TING lt carstsecavacaaaspsazaaienatacgeassmnocteaucesionetaconacesrentdediataaaeeseoetaasuaanadesanaieuaetecioeen 99 Enabling Content Filtering sesionin siaran iaaa r AAE a iN aaki 99 Chapter 14 0S Fingerprint esiis a ea aeaa aiT 101 Chapter 15 Adaptive Radio Manageme Diiss na SE 103 ARM Features sscdsersinesiscnsxerniceerstiecpinnagransaneatuisbidiaenanngeeagaiueacacontiindeiatadsetnendiscadisendheassinetepstbiecsoreveeiins 103 Channel or Power ASSIQNMENL scccccssssssessescscssssesesececsesesseseseesesecatsesessusecassesesansesateess 103 Voice Aware SCANNING cccssesesssscsessssesesesseseseesesesecassesacsesecacsuseassesecsusecassesecausesassusesansesas 103 Load Aware Scanning ccscsssssessssesesrssesrsseseseseeseseesnseseeseseeanseseeasseeanseseeatsesansestsanstsatonss 103 Band Steering
146. t Loading Certificates To load a certificate perform the following steps l At the top right corner of Instant UI click the Maintenance link The Maintenance box appears 2 Click the Certificates tab 82 Authentication Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 71 Loading Certificates Maintenance About Configuration Certificates Firmware Reboot Convert No certificate uploaded Upload New Certificate Certificates affect which authentification protocols are used No cert LEAP Server cert PEAP TTLS Server and CA certs TLS Close 3 Click the Browse button Browse and select the appropriate certificate file and click the Upload Certificate button 4 Enter passphrase in the Passphrase text box and reconfirm Click Close Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Authentication 83 84 Authentication Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 10 Role Derivation ee ee i a Se Every client in an Dell Instant network is associated with a user role which determines the client s network privileges how often it must re authenticate and which bandwidth contracts are applicable This chapter describes creating and assigning roles using the Instant UL User Roles This section describes how to create a new user role Figure 72 Access
147. t Alerts link on Instant UI m Instant Controller Info RF Dashboard Name Instant Controller Signal Speed Utilization Noise Enos Country code IN 7 aeria 0 0 0 0 All Clients atl D Ey All Access Points 4 Content filtering disable Organization gt AirWave IP 0 0 0 0 Band all Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Monitoring 1 Client Alert IDS Usage Trends Clients 10 o 02 15 Throughput bps 1M 10 100 0 100 10 a 02 20 02 25 1M 02 15 t In Instant User Interface 31 Figure 21 Client Alerts Link Instant Controller 1 Client Alet IDS Monitoring Access Point Details MAC Address 58 94 6b 7a e8 50 Timestamp 09 30 52 Description Integrity check failure in encrypted rInstant Access Point more For more information about alerts see Chapter 20 Alert Types and Management IDS This link displays a list of foreign APs and foreign clients that are detected in the network It consists of the following sections Foreign Access Points Detected Lists the APs that are not controlled by the virtual controller The following information is displayed for each foreign AP MAC address Displays the MAC address of the foreign AP Network Displays the name of the network to which the foreign AP is connected Classification Displays the classification of the foreign AP Interfering IAP or Rogue IAP Channel Displays the channel in whi
148. t UI It displays the company name logo and virtual controller s name Search Administrators can search an IAP Client or a Network using a simple Search dialog box in the UI This Search option helps fill in the blank when you type in a word and suggested matches will be automatically displayed in a dynamic list The list will become more relevant and detailed when more number of keywords are typed in This is similar to the auto complete feature of Google Search Tabs The Instant UI consists of the following tabs Networks Provides information about the Wi Fi networks in the Dell Instant network Access Points Provides information about the IAPs in the Instant network Clients Provides information about the clients in the Instant network Each tab appears in a compressed view by default A number specifying the number of networks IAPs or clients in the network precedes the tab names Click on the tabs to see the expanded view and click to compress the expanded view Items in each tab are associated with a triangle icon Click to sort the data in increasing or decreasing order Each tab is explained in the following sections Networks Tab This tab displays a list of Wi Fi networks that are configured in the Dell Instant network The network names appear as links The expanded view displays the following information about each Wi Fi network Name Name of the network Clients Number of clients that are connected to the netw
149. t their environment when they boot up Mesh IAPs are either configured as a mesh portal MPP an IAP that uses its wired interface to reach the controller or a mesh point MP an IAP that establishes an all wireless path to the mesh portal Mesh IAPs locate and associate with their nearest neighbor which provides the best path to the mesh portal Mesh portals and mesh points are also known as mesh nodes a generic term used to describe IAPs configured for mesh A mesh radio s bandwidth can be shared between mesh backhaul traffic and client traffic You can however configure a radio for mesh services only If you have a dual radio IAP a mesh node can be configured to deliver client services on one radio and both mesh and WLAN services to clients on the other If you configure a single radio IAP to deliver mesh services only by disabling the mesh radio in its 802 1 la or 802 1 lg radio profile that mesh node will not deliver WLAN services to its clients By default IAPs operate as thin IAPs which means their primary function is to receive and transmit electromagnetic signals other WLAN processing is left to the controller When planning a mesh network you manually configure IAPs to operate in mesh portal or mesh point roles Unlike a traditional WLAN environment local mesh nodes provide encryption and traffic forwarding for mesh links in a mesh environment Virtual IAPs are still applied to non mesh radios Mesh Portals The mesh
150. t to monitor Client view for that client appears The Client view has three tabs Networks Access Points and Clients The following sections in the Instant UI provide information about the selected client Info RF Dashboard RF Trends Usage Trends Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Monitoring 125 Figure 99 Client View Users Settings Servers Roles Maintenance Support Help Logout DOLL os VIRTUALCONTROLLER PowerConnect W Series Aruba networks Instant Controller amp 2 Networks 6 1 Access Point E 1 Client Associated with Instant Access Point Name Clients Name IP Address Network Name Clients int Emp_Network1 1 Instant Access Point 1 169 254 70 134 Emp_Network1 Instant Acce x Guest_Network 0 New amp Instant Controller Info RF Trends Name Association Time Access Point IP Address 169 254 70 134 io nas 04 44 57 Instant Access Point MAC Address 58 94 6b 79 73 58 ee as a a ae ee weer 10 Os oA Network Emp Networki a Access Point Instant Access Point 10 Channel 149 0 100 Tr AN 04 50 04 55 05 00 04 50 04 n Out _ R ae In R ani O ut Role Emp_Network1 Speed mbps Throughput bps RF Dashboard 300 1004 10 Client Signal Speed z 0 2 150 0 169 254 70 134 atl Aa 10 100 Access Point Utilization Noise Errors i Si 0 100 05 00 04 50 5 5 00 Instant Access Point Mobility Trail Signal dB Frames fps 04 50 04 55 En EJ St
151. the virtual controller The virtual controller creates a private subnet and VLAN on the IAP s for the wireless clients The virtual controller NATs all traffic that passes out of this interface This setup eliminates the need for complex VLAN and IP address management for a multi site wireless network 3 Click the More link and perform the following steps These steps are optional a Band Set the band at which the wireless network will transmit radio signals Available options are All 2 4 GHz and 5 GHz The All option is selected by default It is also the recommended option b Hide SSID Select this check box if you want to hide the SSID network name from the users 36 Wireless Network Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 25 Band and Hide SSID Settings New Network Basic Info Basic Information Name SSID Em p_Network1 Primary Employee usage _ Voice Guest Client IP Network assigned assignment Default VLAN ID Virtual Controller assigned Less Band All Hide SSID Bandwidth Limits Percentage of Airtime Each user Each radio Next Cancel 4 Click Next and set appropriate security levels using the slider button in the Security tab Default selection is Personal Available options are Enterprise Personal and Open Table 6 Conditions for Adding an Employee Network Security Tab You select the Enterprise security lev
152. thentication Adding an Employee Network This section provides the procedure to add an employee network 1 In the Networks tab click the New link The New Network box appears Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Wireless Network 35 Figure 24 Adding an Employee Network Basic Info Tab New Network Help Basic Information Name SSID gt More Primary Employee usage Voice Guest Client IP Network assigned assignment Default VLAN ID Virtual Controller assigned Next Cancel 2 In the Basic Info tab perform the following steps Type a name for the network in the Name SSID text box b Select the Employee radio button this is selected by default from the Primary usage options This selection determines the primary usage of the network being added c Select the required Client IP assignment option Available options for an Employee network are Network assigned Default Network assigned VLAN ID and Virtual Controller assigned Table 5 Conditions for Adding an Employee Network Basic Info Tab then You select the Network assigned Default option The client gets the IP address in the same subnet at the IAPs You select the Network assigned VLAN ID option The client gets the IP address from the specified VLAN Enter the ID of the VLAN in the VLAN ID text box You select Virtual Controller assigned option The client gets the IP address from
153. thorization port number of the external RADIUS server in the Auth Port text box The port number is set to 1812 by default 5 Enter a shared key for communicating with the external RADIUS server in the Shared key text box 6 Enter the virtual controller IP address in the NAS IP address text box The NAS IP is the virtual controller IP address that is sent in the data packets 4 Click the Backup link and set appropriate values for the backup RADIUS server Figure 70 Configuring MAC Authentication Edit Emp_Network1 Help Basic Info Security Level More E AR WPA 2 Fersonal M rane Key management 8 63 alphanumeric chars Passphrase format Enterprise Passphrase jevececese Retype jevccecese 3 Personal MAC authentication Enabled Ba Open Authentication server 1 InternalServer Y oe For internal server jee Se eE ure JASE eao oein Back Next Cancel L 5 Click Next and click Finish Certificates A certificate is a digital file that certifies the identity of the organization or products of the organization It is also used to establish your credentials for any web transactions It contains the organization name a serial number expiration date a copy of the certificate holder s public key and the digital signature of the certificate issuing authority so that a recipient can ensure that the certificate is real Dell Instant supports certificate files in Privacy Enhanced Mail pem forma
154. tion displays the following graphs for the virtual controller Clients Graph Figure 92 Clients Graph Clients 10 5 Last 1 Min 1 6 Max 1 Avg 1 11 40 11 49 11 530 Throughput Graph 118 Monitoring Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 93 Throughput Graph Throughput kbps 40 nn Out In gt hian 0 0 SW villa 0 T lt i Ra 2 Zi T g 1 1 10 11 50 i n on i k a e For more information about the graphs in the virtual controller view and for monitoring procedures see Table 13 Table 13 Virtual Controller View Graphs and Monitoring Procedures Graph Name Description Monitoring Procedure Clients The Clients graph shows the number of clients To check the number of clients associated associated with the virtual controller for the last with the virtual controller for the last 15 15 minutes minutes To see an enlarged view click the graph 1 Log in to the Instant Ul The Virtual The enlarged view provides Last Minimum Controller view appears This is the Maximum and Average statistics for the default view number of clients associated with the Virtual 2 Study the Clients graph in the Usage Controller for the last 15 minutes Trends pane For example the graph on To see the exact number of clients in the the left shows that one client is Dell Instant network at a particular time associated with the virtual controller at hover the cursor ove
155. to inter operate at the highest performance levels ARM Features This section describes ARM features that are available in Dell Instant Channel or Power Assignment This feature automatically assigns channel and power settings for all the IAPs in the network according to changes in the RF environment This feature automates many setup tasks during network installation and during ongoing operations when RF conditions change Voice Aware Scanning This feature stops the IAP that is supporting an active voice call from scanning for other channels in the RF spectrum The IAP resumes scanning when no more active voice calls are present on that IAP This significantly improves the voice quality when a call is in progress while simultaneously delivering automated RF management functions Load Aware Scanning This feature dynamically adjusts scanning behavior to maintain uninterrupted data transfer on resource intensive systems when the network traffic exceeds a predefined threshold The IAPs resume complete monitoring scans when the traffic drops to the normal levels Band Steering Mode This feature moves dual band capable clients to stay on the 5 GHz band on dual band IAPs This feature reduces co channel interference and increases available bandwidth for dual band clients because there are more channels on the 5 GHz band than on the 2 4 GHz band Band steering supports the following three different band steering modes Prefer 5Gh
156. tries Out frames To see the exact frames at a particular time hover the cursor over the graph line The Speed graph shows the data transfer speed for the client Data transfer is measured in Mega bits per second mbps To see an enlarged view click the graph The enlarged view shows Last Minimum Maximum and Average statistics for the client for the last 15 minutes To see the exact speed at a particular time hover the cursor over the graph line Monitoring Procedure To monitor the signal strength of the selected client for the last 15 minutes 1 Log in to the Instant UI The Virtual Controller view appears This is the default view In the Clients tab click the IP address of the client for which you want to monitor the signal strength The client view appears Study the Signal graph in the RF Trends pane For example the graph on the left shows that signal strength for the client is 54 0 dB at 12 23 hours To monitor the In and Out frame rate per second and retry frames for the In and Out traffic for the last 15 minutes 1 Log in to the Instant UI The Virtual Controller view appears This is the default view 2 Inthe Clients tab click the IP address of the client for which you want to monitor the frames The client view appears Study the Frames graph in the RF Trends pane For example the graph on the left shows 4 0 frames per second for the client at 12 27 hours To monitor the speed for the client for
157. tsesanseees 19 Specifying the Country GOS aac casccuauis Seams vckchivelvtevapensusnuseavys caesantuainnietacansexeandepaivesbnseageiantoatecntenet 20 Chapter 3 Instant User Inte rface cccccssssssssesssssssesssscsecsesecsesseseesessesaesessusaesesaesesseseeseeseseesaseess 21 Understanding the Instant UI Layout ee eeessssesssseescssseesesecsessssecseseeseseesesaesesausessuseesesaees 21 Bane cist voscc hes cnccance ctu ede ven poeinas tu etosanban a ssnccussmvaiiaautencsdsvesbeint oc uneteatesetay ansssssdteassvanyeamoncosceeenaaee 22 LO T AAE E EE S A E EE A EAA A E sine 22 EE E E TA N E EN T E E E S E neruneee 22 NEIWOFKS T d Docsinranssno inn ar E i Er aS EE 22 PROCESS Fomts TaD ecseoniinann aaan EN a a a SEa SANE 23 TREES TaD sete sinercentceienratnmecicichosas voudad ade casoeainstcenesan a EO EER 23 ETT Sess assesses eae easrncte sees eats ceten cnersvanau A E 24 New version AVA ADIE uu ccc ccecssssssssssesecseesesseseesecsesoeseaseeseseesenseusecsesensenseasessesensaneesees 24 RY SUG casos ae occ aceasta cineca veh chev aeceau envaiesavencetenesbeint ancscuasnevhonteroausissae esis eenocasensenvasuaaiys 24 SUN nr E E EEE 25 ETE E A ENAN E E A T AT 26 FON E E E E TEENE F PET E E AT A E E T ET 26 Mame WANG E essiri iis iair Eea ac EEEa E OANE 26 SAP O ea E EE E S 26 LEL o SA asset sac OE EE E AEE A E E E O E E 28 LOOO eeen paca rues ons ci N E E EE ee 28 MOTO lice ar E A anaes 28 Client Alerts cette iran tans
158. tsttantnsardcsatutnone coexe cosas teen E ENAA 133 Poan AS E naen dante a EEE E eanndtesvanenenine tae aeenenetes 133 Editing User Setting S ss acszzascetuotanbearsesnise cuss ouenesueeuvonioes asa ocean dunes taxvesuuanercbantesbenvnueenacsinconeseivents 133 Deleting a USET aces stesoscstone nue enesiepase noms nanos a O ON EENE NEEE NETRE E OE 134 REJULO DOMEI ersan E 135 County Codes LIST eesin EEA EREE EE A Aaa RE 135 PDO Ned 1S acses E N EE 139 Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Figure 1 Figure 2 Figure 3 Figure 4 Figure 5 Figure 6 Figure 7 Figure 8 Figure 9 Figure 10 Figure 11 Figure 12 Figure 13 Figure 14 Figure 15 Figure 16 Figure 17 Figure 18 Figure 19 Figure 20 Figure 21 Figure 22 Figure 23 Figure 24 Figure 25 Figure 26 Figure 27 Figure 28 Figure 29 Figure 30 Figure 31 Figure 32 Figure 33 Figure 34 Figure 35 Figure 36 Figure 37 Figure 38 Figure 39 Figure 40 Figure 41 Figure 42 Figure 43 Figure 44 Figures W IAFIS Antenna Fatet ics 15 W IAP 105 LIV IM cal ARIE II ct sein guestaniedettscazevish evvayransemeed pavsiaaeioeesaainnsomnaeuanpuce aniiaysegseieniseanmnentinanaids 16 Connecting to Provisioning Wi Fi network Microsoft WINdOWS ccccesseeessteeeeereen 19 Connecting to Provisioning Wi Fi network MAC OS eceseeeeseeecesseseeseeeeesseseessenerees 19 Instant User Interface Login Screen uu esssesscssssesssscscsessesssecessesssessesecacseseese
159. twork Access Rules More Control Role based Network based Unrestricted Less Control Roles Guest_Network Emp_Network1 Emp_Network 2 New Role Assignment Rules Default role Emp_Network 2 New Role Attribute Operator String Role AP Group v contains v Emp_Network v OK Cancel Enforce Machine Authentication ly Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Role Derivation 87 88 Role Derivation Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Chapter 11 Guest DMZ A De Militarized Zone DMZ is a sub network created between an internal network and an external network for example the Internet The DMZ adds an extra layer of security to the network of an enterprise or organization You can specify or select whether you want to segregate the guests from accessing your internal network or the external network that is the Internet To apply the Guest DMZ feature for the networks that you create select the Virtual Controller assigned option in the Client IP Assignment section while creating a network When this option is selected the virtual controller creates a private subnet and VLAN for the IAPs and wireless clients The virtual controller NAT s all traffic that passes out of this interface This eliminates the need for complex VLAN and IP address management for a multi site wireless network Layer 2 mu
160. ty Security Level Splash page Splash Page Preview Welcome to the Guest Network Type of splash page 2 Internal Authenticated Internal Acknowledged a i External Authentication server 1 InternalServer _ For internal server Users Certificates Encryption Key management WPA 2 Personal Y Passphrase format 4 63 alphanumeric chars Passphra O OE Retype 6 Click Next The Access tab appears The Allow any to all destinations access rule is enabled by default This rule allows traffic to all destinations Instant Firewall treats packets based on the first rule matched For more information see Chapter 12 Instant Firewall To edit the default rule perform the following steps a Select the rule and click the Edit button b Select appropriate options in the Edit Rule box and click OK To define an access rule perform the following steps a Click the New button b Select appropriate options in the New Rule box c Click OK 7 Click Finish Editing a Network To edit a network perform the following steps Click the edit link The Edit network box appears Bh WYN NO Click Finish Deleting a Network To delete a network perform the following steps In the Networks tab click the network of the network which you want to edit The edit link appears Make the required changes in any of the tabs Click Next or the tab name to move to the next ta
161. unnel ensuring the user credentials are kept secure LEAP Lightweight Extensible Authentication Protocol LEAP uses dynamic WEP keys for authentication between the client and authentication server NOTE Dell Instant does not ship with any 802 1x server certificate EAP TTLS and EAP PEAP support is not available until the administrator uploads a valid 802 1x server certificate to the Dell Instant network By default the 802 1x authentication Is limited to LEAP only NOTE Dell does not recommend the use of LEAP authentication method because it does not provide any resistance to network attacks 70 Authentication External RADIUS Server In the external RADIUS server IP address of the virtual controller is configured as the NAS IP address Instant RADIUS is implemented on the virtual controller This feature eliminates the need to configure multiple NAS clients for every AP on the RADIUS server for client authentication Instant RADIUS dynamically forwards authentication requests from a NAS to a remote RADIUS server The RADIUS server responds to the authentication request with an Access Accept or Access Reject message Users are allowed or denied access to the network depending on the response from the RADIUS server Configuring an External RADIUS Server To configure the external RADIUS server for the wireless network perform the following steps l In the Network tab click the network for which you want to con
162. visioning Wi Fi network on page 18 4 Login into Instant User Interface on page 19 5 Specifying the Country Code on page 20 Skip this step if you are installing the W IAP in United States Japan or Israel Connecting the W IAP to a Power Source Based on the type of the power source that is used perform one of the following steps to connect the W IAP to the power source PoE switch Connect the ENET port of the W IAP to the appropriate port on the PoE switch PoE midspan Connect the ENET port of W IAP to the appropriate port on the PoE midspan AC to DC power adapter Connect the 12V DC power jack socket to the AC to DC power adapter Assigning an IP Address to the W IAP The W IAP needs an IP address for network connectivity When you connect the W IAP to a network the W IAP receives an IP address from a DHCP server To get an IP address for an W IAP perform the following steps 1 Connect the ENET port of W IAP to a switch or router using an Ethernet cable Ensure that the DHCP service is enabled on the network 2 Connect the W IAP to a power source The W IAP will receive an IP address provided by the switch or router NOTE After the IAP starts up it will try to do DHCP if static IP configuration is not available If DHCP times out a default IP within K 169 254 x y 16 subnet will be configured on the IAP The DHCP client will be still running so that when the DHCP service recovers the IAP will get a vali
163. y tab 4 Click Next The Access tab appears The Allow any to all destinations access rule is enabled by default This rule allows traffic to all destinations To define deny FTP service access rule except to a particular server perform the following steps 1 Click the New button The New Rule box appears NO Select Deny from the Action drop down list WN Select ftp from the Service drop down list aa Select except to a particular server from the Destination drop down list and enter appropriate IP address in the IP text box 5 Click OK 5 Click Finish Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Instant Firewall 95 Figure 78 Defining Rule Deny FTP Service Except to a Particular Server New Network Help Basic Info Access Rules More Control Access Rules 1 Allow any to all destinations pease New Rule Action Service Network based ftp L except to a particular server IP Unrestricted Less Control Back Finish Cancel Deny bootp service except to a particular network l 96 Instant Firewall Click the New link in the Networks tab To define the access rule to an existing network click the network The edit link appears Click the edit link and navigate to the Access tab In the Basic Info tab enter the appropriate information Click Next and set appropriate security levels using the slider button in the
164. z If you configure the IAP to use prefer 5GHz band steering mode the IAP will try to steer the client to 5G band if the client is 5G capable but will let the client connect on the 2 4G band if the client persists in 2 4G association attempts Force 5Ghz When the IAP is configured in force 5GHz band steering mode the IAP will try to force 5Ghz capable IAPs to use that radio band Balance Bands In this band steering mode the IAP tries to balance the clients across the two radios in order to best utilize the available 2 4G bandwidth This feature takes into account the fact that the 5Ghz band has Dell PowerConnect W Instant Access Point 5 0 3 0 1 1 0 0 User Guide Adaptive Radio Management 103 more channels than the 2 4 GHz band and that the 5Ghz channels operate in 40MHz while the 2 5Ghz band operates in 20MHz Air Time Fairness This feature provides equal access to all clients on the wireless medium regardless of client type capability or operating system thus delivering uniform performance to all clients This feature prevents some clients from monopolizing resources at the expense of other clients Air Time Fairness Modes The Air Time Fairness consists of the following modes Default Access Provides access based on the client request When Air Time Fairness is set to default access per user and per SSID bandwidth contracts are not enforced Fair Access Allocates Airtime evenly across all the clients
Download Pdf Manuals
Related Search