Manualshelf

WESM zl Management and Configuration Guide WT.01.28 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
41424344454647484950
1-23
Introduction
ProCurve Wireless Edge Services zl Module
DHCP Services
The Wireless Edge Services zl Module can provide one of these DHCP services on
any VLAN interface to which you have assigned a static IP address:
DHCP server—The module issues configurations (which are stored in a net-
work pool) to stations in the VLAN. You can configure up to one network pool
for each VLAN. You can also create host pools, each of which contains a fixed
address for a single device. The module supports standard DHCP options, such
as the IP addresses for a default router and Domain Name System (DNS) server.
You can also define extended options and specify them for a pool.
DHCP relay—The module forwards DHCP requests that arrive on the VLAN
to an external DHCP server on a different VLAN.
With its DHCP capabilities, the Wireless Edge Services zl Module can support VLANs
unique from those on your private, wired network. For example, your private network
might use VLANs 1 to 23. You could establish a WLAN for mobile employees,
customers, and guests; map the WLAN to VLAN 24; and terminate the VLAN on the
module. (That is, you would not tag the module’s internal uplink port for VLAN 24
nor extend the VLAN throughout the network.)
You should ensure that the module can route the wireless traffic. Typically, you should
also configure dynamic NAT in conjunction with DHCP. In the Ethernet network,
the module then appears as the source for traffic from the module’s wireless DHCP
clients. (See “NAT” on page 1-41.)
Security Features
As a network administrator, you must constantly consider how to secure your
network, particularly as you add wireless access. The Wireless Edge Services zl
Module supports a variety of security features both for wireless traffic and for the
interface between the wireless and wired network.
Authentication Options for WLANs
A key function of the Wireless Edge Services zl Module is to establish settings for
your network’s WLANs. One such setting is the method by which wireless stations
authenticate themselves before associating to a WLAN.
Forcing stations to authenticate themselves protects your network from unauthorized
users, securing both your organization’s data and that of wireless users. This security
also protects wireless users from connecting to a rogue AP.