MSM7xx Controllers Configuration Guide v6.4.0

ManualsBrandsHP ManualsNetwork HardwareHP 425 Wireless Dual Radio 802.11n (WW) Access Point

131

132

133

134

135

136

137

138

139

140

VSC on controller

Ingress

• SSID (Client data tunnel): When a client data tunnel has been created between the AP and

the controller, all user traffic comes in on it. See Client data tunnel. The tunnel is established

using same interface on which the AP was discovered. (LAN or Internet port).

• SSID: SSID is retrieved using the location-aware function.

• VLAN (LAN or Internet port): Traffic with a VLAN ID is handled by the VSC with a matching

VLAN definition. See “Using multiple VSCs” (page 138).

• Untagged (LAN port): Untagged traffic on the LAN port may originate from wired users, or

MSM APs operating in autonomous mode.

Features

• Authentication: The controller supports 802.1X, MAC, or HTML authentication. To validate

user login credentials the controller can use the local user accounts or make use of third-party

authentication servers (Active Directory and/or RADIUS). See “User authentication, accounts,

and addressing” (page 331).

• Access control features: The controller provides a number of features that can be applied to

user sessions. Features can be enabled globally or on a per-account basis. See “Account

profiles” (page 351).

Egress

The controller enables user traffic to be forwarded to different output interfaces, which include the

routing table, VLAN ID, or GRE tunnel. See “VSC egress mapping” (page 123).

Access control disabled

This diagram shows traffic flow when a non-access-controlled VSC is bound to an AP.

Access control disabled

VSC on controlled AP

Ingress

- SSID (from association)

Features

- Authentication (MAC, 802.1X)

- Wireless security filters

- Wireless MAC filter

Wireless IP filter

Wireless traffic

VSC on controller

Ingress

- SSID (from RADIUS auth request)

Features

- Authentication (MAC, 802.1X)

Authentication

traffic

Egress

- Bridged onto port 1+2

- VLAN

User traffic

VSC on controlled AP

Ingress

The AP only handles traffic from wireless users, except for the HP 517 and MSM317 which can

handle traffic from both wireless and wired users. The SSID is the name of the wireless network

with which the user associates.

VSC data flow 137