Wireless/Redundant Edge Services xl Module Management and Configuration Guide WS.02.xx and greater
Table Of Contents
- ProCurve Wireless Edge Services xl Module and ProCurve Redundant Wireless Services xl Module
- Title Page
- Copyright and Disclaimer Notices
- Table of Contents
- 1. Introduction
- Contents
- ProCurve Wireless Edge Services xl Module
- Wireless Networks and WLANs
- The Interface Between the Wireless and Wired Networks
- Layer 2 and Layer 3 Operation
- Determining the Layer 3 Services Your Wireless Edge Services xl Module Should Provide
- IP Routing
- DHCP Services
- Security Features
- Traffic Management and QoS
- Management Capabilities and sFlow
- RP Licensing
- Radio Ports
- Redundancy Groups
- Layer 2 and Layer 3 Roaming Between RPs and Modules
- 2. Configuring the ProCurve Wireless Edge Services xl Module
- Contents
- Management Interfaces
- Radio Port Adoption
- System Maintenance
- Software Images
- Configuration Files
- Viewing Configuration Files
- Transferring, or Copying, Files
- Transferring Configuration Files from an FTP or TFTP Server to the Wireless Edge Services xl Module
- Transferring Configuration Files from the Wireless Edge Services xl Module to Another Destination
- Managing the Directory Structure and Browsing for Files
- Deleting a Configuration File
- Returning the Startup-Config File to Factory Default Settings
- Update Server
- Password Encryption
- SNMP Traps and Error Reporting
- Radio Port Licenses
- Setting System Information-Name, Time, and Country Code
- Enabling Secure Network Time Protocol (NTP)
- Digital Certificates
- 3. Radio Port Configuration
- 4. Wireless Local Area Networks (WLANs)
- Contents
- Overview
- Configuration Options: Normal Versus Advanced Mode
- Configuring a WLAN
- VLAN Assignment
- Traffic Management (QoS)
- 5. Web Authentication for Mobile Users
- 6. IP Services-IP Settings, DHCP, and DNS
- 7. Access Control Lists (ACLs)
- 8. Configuring Network Address Translation (NAT)
- 9. Fast Layer 2 Roaming and Layer 3 Mobility
- 10. Redundancy Groups
- Contents
- High Availability for Wireless Services
- Configuring a Redundancy Group
- Configuring Redundancy Group Settings
- Adding Members to the Redundancy Group
- Enabling Redundancy
- Viewing Information about the Redundancy Group
- Viewing Information about the Other Members of the Redundancy Group
- Setting up Adoption Preference IDs to Control RP Adoption
- Reverting RPs Adopted by a Standby Member to the Active Member
- 11. RADIUS Server
- Contents
- Overview
- RADIUS Authentication
- Configuring the Internal RADIUS Server
- Choosing the Authentication Type for 802.1X/EAP
- Specifying the RADIUS Server’s Digital Certificate
- Choosing the Source for User Credentials
- Configuring the Local RADIUS Database
- Using LDAP for the Data Source
- Specifying a Domain Proxy RADIUS Server
- Specifying Global RADIUS Settings
- Adding RADIUS Clients
- Starting and Stopping the RADIUS Server
- Enabling Authentication to the Internal Server on a WLAN
- Configuring the Internal RADIUS Server
- RADIUS Accounting
- 12. Configuring Tunnels with Generic Routing Encapsulation
- 13. Wireless Network Management
- Contents
- Overview
- Monitoring the Wireless Network
- AP Detection
- Configuring Station Intrusion Detection
- Logging and Alarms
- MAC Filters (Local MAC Authentication)
- Network Self Healing
- 14. sFlow Agent
- Appendix A - ProCurve Wireless Services xl Module Command Line Reference
- Contents
- Overview
- Manager Commands
- Global Commands
- Interface Commands
- Wireless Commands
- Show Commands
- Show Commands (All Contexts)
- show alarm-log
- show commands
- show crypto
- show debug
- show file
- show flash
- show history
- show hostname
- show interfaces
- show ip
- show licenses
- show logging
- show management
- show password-encryption
- show redundancy-group
- show redundancy-history
- show redundancy-member
- show running-config
- show snmp
- show sntp
- show startup-config
- show terminal
- show time
- show timezone
- show upd-server
- show upgrade-status
- show version
- show vlans
- Show Commands (Wireless)
- show wireless ap-detection-config
- show wireless approved-aps
- show wireless channel-power
- show wireless config
- show wireless ids
- show wireless mac-auth-local entries
- show wireless phrase-to-key
- show wireless radio-config
- show wireless radio-statistics
- show wireless radio-status
- show wireless regulatory
- show wireless rp-images
- show wireless rp-status
- show wireless rp-unadopted
- show wireless self-heal-config
- show wireless station
- show wireless station-statistics
- show wireless unapproved-aps
- show wireless web-auth-config
- show wireless wireless-module-statistics
- show wireless wlan-config
- show wireless wlan-statistics
- Support Commands
- Support Commands (All Contexts)
- Support Commands (Wireless)
- Index
- Back Cover
9-10
Fast Layer 2 Roaming and Layer 3 Mobility
Overview
In summary, follow these guidelines:
■ The Wireless Edge Services xl Module automatically enables fast Layer 2
roaming between RPs on the same module. (Layer 3 roaming is not a
concern for roaming on a single module.)
■ Except when using Web-Auth, modules automatically handle seamless
(but not necessarily fast) Layer 2 roaming between RPs on different
modules.
■ Fast roaming between modules at Layer 2 requires extra configuration
and is possible in a WLAN that requires WPA/WPA2 with 802.1X. See
“Configuring Fast Layer 2 Roaming for WPA/WPA2 with 802.1X” on
page 9-11.
■ When a WLAN enforces Web-Auth, attempt whenever possible to have all
RPs adopted by the same Wireless Edge Services xl Module. (See “Layer
2 Roaming on a Web-Auth WLAN Between Different Wireless Edge Ser-
vices xl Modules” on page 9-4 for more information on your options.)
■ You must configure a Layer 3 mobility domain for Layer 3 roaming.
Layer 3 roaming is seamless, but not fast. See “Configuring Layer 3 Mobil-
ity” on page 9-14.
In some networks, you must enable Layer 2 roaming between some Wireless
Edge Services xl Modules and Layer 3 roaming between others. Keep these
rules in mind as you plan relationships between Layer 3 mobility domains and
redundancy groups:
■ A Layer 3 mobility domain can include multiple redundancy groups or no
redundancy groups at all.
You can divide a Layer 3 mobility domain into multiple redundancy
groups, or you can place all modules in the domain in the same group.
Although modules in the same redundancy group often map a WLAN to
the same static VLAN, as long as you place the modules in the same Layer 3
mobility domain, this is not a requirement. Roaming behavior is not
typically affected by how you group modules into redundancy groups.
■ Best practices dictate that two Wireless Edge Services xl Modules in the
same redundancy group either be in the same Layer 3 mobility domain or
in no mobility domain at all (for a network that does not require Layer 3
roaming).
WPA/WPA2 with
802.1X
seamless fast • PMK caching
•pre-
authentication
not seamless seamless modules in the
same Layer 3
mobility domain
WLAN Security
Option
Layer 2 Roam
Without Special
Configuration
Best
Layer 2
Roam
Requirements for
Best Layer 2
Roam
Layer 3 Roam
Without Special
Configuration
Best
Layer 3
Roam
Requirements for
Best Layer 3
Roam