Manualshelf

WESM zl Management and Configuration Guide WT.01.28 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
371372373374375376377378379380
4-33
Wireless Local Area Networks (WLANs)
Configuring a WLAN
If the WLAN uses Web-Auth set the DHCP lease for the WLAN’s static VLAN
very low. This allows the station to request a new IP address in the dynamic
VLAN after the user authenticates.
6. Continue configuring the WLAN. See “Configuring Security Options” on
page 4-33. (Or click OK to apply the settings and close the Edit screen.)
Necessary Configurations on the Wireless Services-Enabled
Switch
The VLAN for which the Wireless Edge Services zl Module tags WLAN traffic is
called an uplink VLAN. If you decide to have your Ethernet infrastructure devices
route traffic from the wireless stations, you must tag the module’s uplink port for the
stations’ VLAN. You make this configuration from the wireless services-enabled
switch. (See the Wireless Edge Services zl Module Supplement to the 6200yl/5400zl/
3500yl Management and Configuration.)
Alternatively, you can have the Wireless Edge Services zl Module route wireless
traffic and perform other necessary services for the wireless stations’ VLAN. In this
case, no further configuration on the wireless services-enabled switch is necessary.
Configuring Security Options
From the Network Setup > WLAN Setup > Edit screen, you can also configure
authentication and encryption options.
The security provided by a WLAN is one of its most important functions. All RPs in
a WLAN must use the same security options and, for some security options, static
keys. Therefore, the Wireless Edge Services zl Module, which automatically deploys
the same WLAN configuration to all adopted RPs, simplifies establishing a WLAN
throughout a wireless network. Remember, however, that if your network includes
more than one Wireless Edge Services zl Module, you must configure exactly the
same security options for identical WLANs on different modules.
Configuring Authentication
For the best security, you should enable some form of authentication on every WLAN.
Authentication protects your network resources from unauthorized access; it can also
protect wireless stations from connecting to a rogue access point (AP).
The Wireless Edge Services zl Module supports three types of authentication:
802.1X Extensible Authentication Protocol (EAP)
Web authentication (Web-Auth)
Media Access Control (MAC) authentication