English dropdown-ico

Aruba Networks Version 3.3 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

Go to page of

Similar user manuals

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Aruba Networks Version 3.3, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Aruba Networks Version 3.3 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Aruba Networks Version 3.3. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Aruba Networks Version 3.3 should contain:
- informations concerning technical data of Aruba Networks Version 3.3
- name of the manufacturer and a year of construction of the Aruba Networks Version 3.3 item
- rules of operation, control and maintenance of the Aruba Networks Version 3.3 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Aruba Networks Version 3.3 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Aruba Networks Version 3.3, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Aruba Networks service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Aruba Networks Version 3.3.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Aruba Networks Version 3.3 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    Campus Wireless Networks Validated Reference Design Version 3.3 Design Guide[...]

  • Page 2

    www.arubanetworks.com 1322 Crossman Avenue Sunnyvale, California 94089 Phone: 408.227.4500 Fax 408.227.4550 Campus Wireless Networks Va lidated Reference De sign Version 3.3 | De sign Guide March 2008 Copyright © 2008 Aruba Networks, Inc. All rights reserved. Trademarks AirWave ® , Aruba Networks ® , Bluescanner ® , For Wireless That Works ® ,[...]

  • Page 3

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Contents | 3 Contents Chapter 1 Introduction 5 Aruba Refere nce Architect ures 5 Reference Documen ts 5 Contacting Arub a Networks 5 Chapter 2 Aruba’s User-Centric Network Architecture 7 Understanding Centralized Wireless LAN Networks 7 Introducing Aruba’s User-Ce[...]

  • Page 4

    4 |C o n t e n t s Campus Wireless Network s Validated Refer ence Design Versio n 3.3 | Design Guide AP Location and Density Conside rations 35 Office Deployment 35 Voice Deployment 36 Active RFID Tag Deployment 36 Chapter 6 Mobility Controller Configuration 37 Required Licens es 37 Configuration Profile s and AP Groups 37 Configuration Profiles 37[...]

  • Page 5

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Introduction | 5 Chapter 1 Introduction This design guide is one of a seri es of books that describes Aruba’s User-Centric Network Architecture and provides network admi nistrators wi th guideli nes to design and depl oy a centralized enterprise-wi de wireless LAN ([...]

  • Page 6

    6 |I n t r o d u c t i o n Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide T elephone Sup port Aruba Corporate +1 (408) 227-4500 F AX +1 (408) 227-4550 Support United States France United Kingdom Germany All Other Countries 800-WI-FI-LAN (800-943 -4526) +33 (0) 1 70 72 55 59 +44 (0) 20 7127 5 989 +49 (0) 69 38 09 77 [...]

  • Page 7

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Aruba’s User-Centric Network Architecture | 7 Chapter 2 Aruba’s User-Centric Network Architecture This chapter provides a n overview of a centralized wi reless LAN archit ecture, followed by a hig h level technical overview of the Ar uba User-Centric Ne twork comp[...]

  • Page 8

    8 | Aruba’s User-C entric Network Architecture Campus Wireless Networks Validated Reference Design Version 3.3 | Design Guide Introducing Aruba’s User-Centric Network In recent years, controller -based wi reless switch architectures h ave been widely ad op ted to overcome the limitations of the au tonomous AP. The Aruba centralized WL AN model [...]

  • Page 9

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Aruba’s User-Centric Network Architecture | 9 ArubaOS and Mobility Controller This section describes Arub a’s operating system features, optional add-on mod ules and the Mobility Controller that comprise Aruba’s User-Centric N etwork Architectu re. ArubaOS The A[...]

  • Page 10

    10 | Aruba’s User-Centr ic Network Architecture Campus Wireless Netwo rks Validated Reference Design Versi on 3.3 | Design Guide Mobility Controller The Aruba Mobility Controller i s the center of the U s er-Centric Network. The Mo b ility Controller is a part of a purpose built, scalable ap pliance family that runs the Arub aOS operating syst em[...]

  • Page 11

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Aruba’s User-Cen tric Network Architecture | 11 Multi-function Thin Access Points Aruba’s access points serve multiple functions depend ing on their role in the network. APs are either indoor or outd oor deployable; and are available with various o ptions, such as[...]

  • Page 12

    12 | Aruba’s User-Centr ic Network Architecture Campus Wireless Netwo rks Validated Reference Design Versi on 3.3 | Design Guide Aruba recommends using dedicated Air Monitors fo r deployments of latency sensiti ve applications such as voice an d video. Typically, one Air Monitor can provide security to the area served by up to four Access Points.[...]

  • Page 13

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Aruba’s User-Cen tric Network Architecture | 13 Remote AP Using the Remote AP license, the AP can be used as a remote access device across a WAN. Plugging in to any Internet capable Ethe rnet port, the AP will create a secur e tunnel using IPSec (AES) to a designate[...]

  • Page 14

    14 | Aruba’s User-Centr ic Network Architecture Campus Wireless Netwo rks Validated Reference Design Versi on 3.3 | Design Guide the network grows to multiple clusters, a single centra lized view across multip le Master/Local controllers of the following key operat ional data becomes highly desirable. z Users on wireless netw ork z APs that us er[...]

  • Page 15

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide A Proof-of-Concept Network | 15 Chapter 3 A Proof-of-Concept Network To help set the stage for the co mplex campus network presented in Chapter 4 on page 19 , it is useful to begin with a very s mall network. In this chapter, w e consider a network that is typi cally [...]

  • Page 16

    16 | A Proof-of-C oncept Network Campus Wir eless Networks Valida ted Reference Design Version 3.3 | Design Guide In this netwo rk, the AP has been deployed into a conference room, and is con nected to the existing VLAN provided for wi red users. In keeping with the concept of a network over lay, no reconfiguration or special VLANs need to be creat[...]

  • Page 17

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide A Proof-of-Concept Network | 17 Users will associate to the Access Point and authenticate with the RADIUS server that already exists in the network. Employee users will use the Employee SSID, while guests will use the Guest SSID. Voice and data devices will associate [...]

  • Page 18

    18 | A Proof-of-C oncept Network Campus Wir eless Networks Valida ted Reference Design Version 3.3 | Design Guide[...]

  • Page 19

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Campus WLAN Va lidated Reference Design | 19 Chapter 4 Campus WLAN Validated Reference Design This chapter presents a more complex network m odel representing a common Arub a deployment in a large campus WLAN en vironment. Enterprise networks support thou sands of emp[...]

  • Page 20

    20 | Campus WLAN Valida ted Reference Design Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide z Air Monitors – AM s are deployed at a rati o of one AM for ever y four APs deplo y ed. These handle many of the IDS related d uties for the net work, and will assist in draw ing accurate hea t maps displaying graphical RF[...]

  • Page 21

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Campus WLAN Va lidated Reference Design | 21 Aggregation Layer Mobility Co n trollers allo w user traffi c to stay close to associ ated servers; there is no need to tunnel user traffic all the way to the Management layer. z Wireless Access The Wireless Access layer is[...]

  • Page 22

    22 | Campus WLAN Valida ted Reference Design Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide[...]

  • Page 23

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller and Access Point Deployment | 23 Chapter 5 Mobility Controller and Access Point Deployment Deployment of the Mobi lity Controller m ust be considered b ased on a number of facto rs; the most important of wh ich is identifying where user traffi c i[...]

  • Page 24

    24 | Mobility Contro ller and Access Poi nt Deployment Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide The Master is responsible for pr oc essing wi reless intrusion detectio n system e vents, presenting the event and the corresponding wirele ss vulnerability and exploit (WVE) identifier. The Master is also responsib[...]

  • Page 25

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller and Access Point Deployment | 25 Master Controller Redundancy To achieve high availability of the Master Contro ller, use the Master Redundancy method. In this scenario, t wo controllers ar e used at the Managem e nt laye r with one cont roller co[...]

  • Page 26

    26 | Mobility Contro ller and Access Poi nt Deployment Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide Configure Local Controllers to use the VIP addres s as their Master Controller address as follows. Local Controller Redundancy Local Controllers at the Aggregation layer also use VRRP instances for redundancy, but i[...]

  • Page 27

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller and Access Point Deployment | 27 When one active Local Controller becomes unreac hable, APs connected to the unreachable controller fail over to the standb y Local Controller load ing that controller to 100% capacity. Therefore each controller mus[...]

  • Page 28

    28 | Mobility Contro ller and Access Poi nt Deployment Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide production AP load. By contrast Arub a supports up to 2,048 campus-connected APs and 8,192 Remote APs per controller which makes a 1:1 redundancy m odel feasible for th e largest campus deploy ments. With a proper l[...]

  • Page 29

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller and Access Point Deployment | 29 In the second diagram the client devi ce is placed into VLAN 20 0 by th e control ler following completion of the role deriv ation process. The user VLAN de sign will have im plications fo r us er connec tivity and[...]

  • Page 30

    30 | Mobility Contro ller and Access Poi nt Deployment Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide VLAN Pools Network administrat o rs prefer t o ke ep subnet sizes down to what is commonly referred to as class C network. This is a network with a subnet mask of /24 (255.255 .255.0), yielding 253 user devices per [...]

  • Page 31

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller and Access Point Deployment | 31 Aruba’s VLAN Pooling feature a llows a set of VLANs to be assigned to a designate d group of users. These VLANs can be confi gured as a non-contiguo us set, a contiguous range, or a combination of the two. As an [...]

  • Page 32

    32 | Mobility Contro ller and Access Poi nt Deployment Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide With Mobile IP, the ArubaOS will automatical ly tu nnel traffic between a roam in g client’s original controller (the ‘Home Agen t’) and the controller where the user currently te rminates (‘Foreign Agent’[...]

  • Page 33

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller and Access Point Deployment | 33 When the client ro ams off of its ‘hom e’ network to another network, the network is said to b e attached to a ‘foreign’ ne twork. The foreign network is d e fined as a network controlled by a different Mob[...]

  • Page 34

    34 | Mobility Contro ller and Access Poi nt Deployment Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide least two conne ctions settin g up redundant link s to two data center dist ribution switch es. With the Active-Standby configuration recomme nded in this VRD, this yie lds a full mesh between the two controllers an[...]

  • Page 35

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller and Access Point Deployment | 35 VLAN at the Local Controller where a VLAN trun k al ready exists. This also allows for mobile IP functionality without client software as the inte rvening VLAN between the AP and the controller is never seen by the[...]

  • Page 36

    36 | Mobility Contro ller and Access Poi nt Deployment Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide Be sure to remember that RF travel s in three dimensions. In a multi-fl oor building, the strongest signal may be above or below rathe r than side-to-side. In all 802.11 networks the client, rather than the AP, make[...]

  • Page 37

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 37 Chapter 6 Mobility Controller Configuration Once the ha rdware has been deplo yed there are se veral design decisions re quired to build out a working producti on network. This includes VLAN an d IP network design, as well as t[...]

  • Page 38

    38 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide names. This all ows the administrat or to define a pa rticular profile once and reuse it as needed which reduces errors and data entry. The ArubaOS Profile system is set up so that the co nfiguration flow go es from high level t[...]

  • Page 39

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 39 AP Groups An AP Group is a unique combination of Conf igurati on Profiles. In general, all profiles are available to be assigned to an AP Group to cr eate a complete co nfiguration. This flexi bility in configura tion allows yo[...]

  • Page 40

    40 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide SSIDs SSIDs appear as the name o f the network displaye d in the ‘Available Wireless Networks’ screen on a wireless client. W hile many APs in t he same network w ill share the same SSID, each will h ave a unique BSSID. This[...]

  • Page 41

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 41 Role Derivation Aruba uses the term ‘Role Deriva ti on’ to describe the process of determi ning which role is to be assigned to a user. The system can take into account the use r’s credentials, lo cation, time of day, and[...]

  • Page 42

    42 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide Authenticatin g with 802.1X 802.1X was dev eloped to secure wired p orts by placing the port in a ‘blocking’ state until au thenti cation completed using Extensi ble Authentica tion Proto col (EAP). EAP is a framework and al[...]

  • Page 43

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 43 Using RADIUS and a WPA2 protected connection as an example, authenticat ion occurs using 802.1X. The Mobility Co ntroller forwards the request to the RADIUS server who performs the actual authenticatio n and sends a response to[...]

  • Page 44

    44 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide Authenticatin g with Captive Port al For clients that do not support WPA, VPN, or other securit y software, Arub a supports a Web-based captive portal that provides secu re brow ser-based auth entication. Ca ptive portal authent[...]

  • Page 45

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 45 Configuring Roles for Employee , Guest and Application Users The Aruba system is un ique; it comb ines user- based security as a part of the WLAN model. When a user is authenticated, u sing one of the methods discussed in the p[...]

  • Page 46

    46 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide Guest Role Guest usage warrants special consideration for enterpri se wireless netwo rks. It is not enough for guest users to be separated from employee users through VL A Ns in the network. Guests must be limited not only in wh[...]

  • Page 47

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 47 Good guest policy as impl emented by the stateful firewall shou ld only allow the guest to access the local resources that are required for IP connec tivity. These include DHCP and possibly DNS if an outside DNS server is not a[...]

  • Page 48

    48 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide Create aliases: Create the guest-logon-access policy: Create the auth-gue st-access policy: Create the block-internal-access policy: Create the drop-and-log policy: Create the gues t-logon role: netdestination “Internal-Networ[...]

  • Page 49

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 49 Create the auth-guest role: Configure the guest VLAN: Configure captive port al authentication: Modify the guest-logon role: Configure the AAA profile: Configure the guest WLAN: user-role auth-guest session-acl cplogout positio[...]

  • Page 50

    50 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide With the appropriate levels of encryption and auth enti cation used, for differ ent users associated and authenticated to the same AP at the same time , the system is completely sec ured. The unique combination of these security[...]

  • Page 51

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 51 Role Variation by Authentication Method Role assignment has man y options under the u m brella of ro le derivation. While the system can simply use the role returned from the auth entication server, it can also a ssign a role b[...]

  • Page 52

    52 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide Advanced Denial of Service (DoS) pr otection keeps enterprise s safe against a variety of other wire less attacks, incl uding associatio n and de-authenticati on floods, ‘honeypo ts’ and AP or station impersonations. Based o[...]

  • Page 53

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 53 ‘Rogue Classificati on’ means the process of dete cting the presence of a Rogue AP and determining which type it represents. The ro gue AP classification algorithms allow the system to a ccurately differentiate between thr [...]

  • Page 54

    54 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide[...]

  • Page 55

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide RF Planning and Operation | 55 Chapter 7 RF Planning and Operation Wireless networks break many of the old rules when it comes to designing a network; as a result, new tools are needed to help admi nistrators quickly and effectively de ploy and main tain a wireless ne[...]

  • Page 56

    56 | RF Planning and Oper ation Campus Wireless Netwo rks Validated Ref erence Design Versio n 3.3 | Design Guide The RF Plan tool is availabl e on the Mobility Co ntroller, Mobil ity Management Sy stem™, and in a standalone version. Al l of these versions use th e same file format, allowing an RF plan to be developed prior to deploying a control[...]

  • Page 57

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide RF Planning and Operation | 57 The ARM system handles setting all power and chan nel sett ing, including mov ing the APs to new channel and power sett ings automatically when ap propriate. The network administrator spends n o time managing the RF environment even in t[...]

  • Page 58

    58 | RF Planning and Oper ation Campus Wireless Netwo rks Validated Ref erence Design Versio n 3.3 | Design Guide Aruba recommends that the above settings should be run f o r a minimum o f one hour, and if possible overnight. Onc e the network has settled, t he following configuration should be u sed for normal ARM operation . These are th e defaul[...]

  • Page 59

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Voice over Wi-Fi | 59 Chapter 8 Voice over Wi-Fi As more enterprises move from pu rely data-driven app l ications and incorporate Voice over IP (VoI P) and streaming video delivery, the de mands for quality of service and assured application delivery rise commensurate[...]

  • Page 60

    60 | Voice ove r Wi-Fi Campus Wireles s Networks Validated Reference Design Version 3.3 | Design Guide call quality. Jitter buffers are used in VoIP network s to smooth out t his effect, but they add delay and must be as small as po ssible. Aruba Mobility Controll ers adjust network settings to mini mize jitter and maximize voice quality. Traffic P[...]

  • Page 61

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Voice over Wi-Fi | 61 simultaneous vo ice calls handled by a single AP must be lim ited. This limit vari es based on network conditions and handset manufacturer, and is typically p rovided in a manu factur er’s design guidelines. Call admission control (CAC) is in c[...]

  • Page 62

    62 | Voice ove r Wi-Fi Campus Wireles s Networks Validated Reference Design Version 3.3 | Design Guide[...]

  • Page 63

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Multiple Ma ster/Local Cl usters | 63 Chapter 9 Controller Clusters and the Mobility Management System™ The Aruba Mobility Mana gement System™ (MMS) is de signed to give network administrators the ability to manage the syst em state and rapidly scope problems for [...]

  • Page 64

    64 | Multiple Master/Loca l Clusters Campus Wireless Networ ks Validated Refer e nce Design Versi on 3.3 | Design Guide Configuration is han dled by the same Profile system discussed n Chapter 6 on page 37 . Wit h Mobil ity Controller cluste rs grouped on the MMS console, di fferent Master/Local clusters can share the same configuration or have dif[...]

  • Page 65

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Multiple Ma ster/Local Cl usters | 65 The MMS soluti on will produce a number of stan dard reports to help with trending and capacity planning, and ca n be easily configured t o do custom reporting. With the built-in hard drive, reports are available for as long as tw[...]

  • Page 66

    66 | Multiple Master/Loca l Clusters Campus Wireless Networ ks Validated Refer e nce Design Versi on 3.3 | Design Guide The same heat maps and location tools available on the controller are also available on the MMS. The location API furthe r extends this capa bility by allowi ng 3 rd party applicat ions to directly access the system to provide add[...]

  • Page 67

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Licenses | 67 Appendix A Licenses To extend the b ase capabilitie s of ArubaOS, a num ber of licensed software module s provide additio nal functionality, including: Voice Services Module Delivers standards-based voice over Wi-Fi plus vo ic e control and management i [...]

  • Page 68

    68 | Licenses Campus Wir e less Networks Va lidated Referenc e Design Version 3.3 | Design Guide[...]

  • Page 69

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide WLAN Extens ion with Remote AP | 69 Appendix B WLAN Extension with Remote AP Remote Access Point (RAP) solutions involve configuring a standard thin access point to provide a customer-defined level of service to the user by tu nneling securely back to the corporate ne[...]

  • Page 70

    70 | WLAN Extension with Remote AP Campus Wireless Network s Validated Refer ence Design Version 3.3 | Design Guide The AP itself should be config ured to perform split tunnel ing. In this configurat ion the AP will perform decryption of wireless traffic and bridge traffic locally wh en it is bound for a non-corporate address, and re-encry pt the s[...]

  • Page 71

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Alternative De ployment Architec tures | 71 Appendix C Alternative Deployment Architectures This Ca mpus Wire less LAN R eferenc e Architec ture re presents a large scale, hig hly available WLAN deployme nt model in a single large campus e nviro nment. While this is t[...]

  • Page 72

    72 | Alternative De ployment Architectur es Campus Wireles s Networks Validated Reference Design Version 3.3 | Design Guide Figure 1 Mobility Controller located in the network data center Figure 2 Mobility Controller located in the common wiring closet (IDF) The controller s of choice in th is deployment are dependent on AP count and PoE requiremen[...]

  • Page 73

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Alternative De ployment Architec tures | 73 Redundancy in this mod e l is handled vi a Master redun dancy, with both controllers acting as a Master Mobility Cont roller. One controller will be in stand by, and should be deployed such that it is not serviced by the sam[...]

  • Page 74

    74 | Alternative De ployment Architectur es Campus Wireles s Networks Validated Reference Design Version 3.3 | Design Guide Figure 4 A single Master Mobility Co ntroller pair backs up a ll Local Mobility Controllers In this scenario the Local Contro ller a customer would select will typically be a MMC-3000 series controller. The Master Controllers [...]

  • Page 75

    Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Alternative De ployment Architec tures | 75 Pure Remote Access Deployment In some instances, the scale of the Remote AP solutio n or security requiremen ts dictate that the internal Mobility Contro llers serving campus users shou ld not be used for termination o f wid[...]