Manualshelf

Concept Guide

ManualsBrandsDell ManualsAccess PlatformsW-Series 304/305 Access Points
381382383384385386387388389390
383 | IAP-VPN Deployment Scenarios Dell Networking W-Series Instant 6.4.3.1-4.2.0.0 | User Guide
Configuration Steps CLI Commands UI Procedure
authentication servers
and access rules created
above and enable
authentication
survivability.
(ap)(config) # wired-port-profile wired-port
(ap)(wired-port-profile "wired-port")# switchport-
mode access
(ap)(wired-port-profile "wired-port")# allowed-vlan
all
(ap)(wired-port-profile "wired-port")# native-vlan
20
(ap)(wired-port-profile "wired-port")# no shutdown
(ap)(wired-port-profile "wired-port")# access-rule-
name wired-port
(ap)(wired-port-profile "wired-port")# type employee
(ap)(wired-port-profile "wired-port")# auth-server
server1
(ap)(wired-port-profile "wired-port")# auth-server
server2
(ap)(wired-port-profile "wired-port")# dot1x
(ap)(wired-port-profile "wired-port")# exit
(ap)(config)# enet1-port-profile wired-port
Configure a wireless SSID to operate in L3 mode and associate
distributed L3 mode VLAN30 to the WLAN SSID profile.
(ap)(config) # wlan ssid-profile wireless-ssid
(ap)(SSID Profile "wireless-ssidt")# enable
(ap)(SSID Profile "wireless-ssid")# type employee
(ap)(SSID Profile "wireless-ssid")# essid wireless-
ssid
(ap)(SSID Profile "wireless-ssid")# opmode wpa2-aes
(ap)(SSID Profile "wireless-ssid")# vlan 30
(ap)(SSID Profile "wireless-ssid")# auth-server
server1
(ap)(SSID Profile "wireless-ssid")# auth-server
server2
(ap)(SSID Profile "wireless-ssid")# auth-
survivability
Wired Profile
and Wireless
Network
Profiles
7. Create access rule for
wired and wireless
authentication. In this
example, the rule
permits all traffic.
For wired profile:
(ap)(config)# wlan access-rule wired-port
(ap)(Access Rule "wired-port")# rule any any match
any any any
permit
For WLAN SSID:
(ap)(config)# wlan access-rule wireless-ssid
(ap)(Access Rule "wireless-ssid")# rule any any
match any any any permit
See
Configuring
ACL Rules for
Network
Services
NOTE: Ensure that you execute the commit apply command in the Instant CLI before saving the configuration and
propagating changes across the W-IAP cluster.
Table 75: W-IAP Configuration for Scenario 1—IPSec: Single Datacenter Deployment with No Redundancy
AP Connected Switch Configuration
Client VLANs defined in this example must be opened on the upstream switches in multi AP deployments, as
client traffic from slave to master is tagged with the client VLAN.