User's Manual

ManualsBrandsDell ManualsComputer equipmentPowerConnect W-6000

651

652

653

654

655

656

657

658

659

660

Whenever you create a new virtual AP profile in the WebUI, the profile automatically contains the “default” SSID

profile with the default ESSID. You must configure a new ESSID and SSID profile for the virtual AP profile before you

apply the profile.

a. In the Profile Details entry for the new virtual AP profile, go to the AAA Profile drop-down list and

select the previously configured AAA profile. The AAA Profile pop-up window appears.

b. To set the AAA profile and close the pop-up window, Click Apply.

c. In the Profile Details entry for the new virtual AP profile, select NEW from the SSID Profile drop-down

menu. The SSID Profile pop-up window displays to allow you to configure the SSID profile.

d. Enter the name for the SSID profile.

e. Under Network, enter a name in the Network Name (SSID) field.

f. Under Security, select the network authentication and encryption methods.

g. To set the SSID profile and close the pop-up window, click Apply.

4. At the bottom of the Profile Details window, Click Apply.

5. Click the new virtual AP name in the Profiles list or the Profile Details to display configuration parameters.

6. Under Profile Details, do the following:

a. Make sure Virtual AP enable is selected.

b. From the VLAN drop-down menu, select the VLAN ID to use for the Virtual AP profile.

c. From the Forward mode drop-down menu, select bridge.

d. From the Remote-AP Operation drop-down menu, select always or backup.

e. Click Apply.

7. Under Profiles, select AP, then AP system profile.

8. Under Profile Details, do the following:

a. Select the AP system profile to edit.

b. At the LMS IP field, enter the LMS IP address.

c. At the Master controller IP address field, enter the master controller IP address.

d. Configure the Remote-AP DHCP Server fields.

e. Click Apply.

Configuring the Session ACLin the CLI

Use the following commands:

ip access-list session <policy>

any any svc-dhcp permit

any any any route src-nat

If you use a local DHCP server to obtain IP addresses, you must define one additional ACL to permit traffic

between clients without source NATing the traffic. Add user alias internal-network any permit before any

any any route src-nat:

user-role <role>

session-acl <policy>

Using the CLI to configure the AAA profile

Use the following commands:

aaa profile <name>

initial-role <role>

You can define other parameters as needed.

Dell Networking W-Series ArubaOS 6.4.x | User Guide Remote Access Points | 651