Manualshelf

WESM zl Management and Configuration Guide WT.01.28 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
81828384858687888990
1-70
Introduction
Radio Ports
The Wireless Edge Services zl Module also collects information about the wireless
network in order to improve its functioning. For example, if you enable interference
avoidance, the module has RPs change their channel when they report excessive
congestion.
Intrusion detection is one useful self-healing feature. The Wireless Edge Services zl
Module can also implement neighbor recovery and create a highly availability, self-
healing network. That is, when one RP fails, nearby RPs automatically come to the
aid of that RP’s stations by raising their transmit power, among other actions. For
more information on network self-healing capabilities, see Chapter 12: “Wireless
Network Management.”
802.1X Client
A secure network often enforces port authentication such as 802.1X: a device must
prove that it is legitimate before it can even connect to the network. The danger posed
by a rogue RP connecting to your network is minimized by the fact that the RP must
accept the settings configured on your Wireless Edge Services zl Module. However,
it is a good idea to enforce 802.1X authentication on all physically accessible switch
ports, and if you connect your RPs to such ports, they must be able to authenticate
themselves to the network.
The RPs 210, 220, and 230 include an 802.1X client for such authentication. Using
Message Digest 5 (MD5) authentication, the client automatically sends the RP’s
credentials when the RP connects to a network device that requires port authentica-
tion. The switch to which the RP connects forwards the credentials to an authentica-
tion server and, if they are correct, allows the RP to join the network.
The authentication server may store a VLAN setting for the RP and sends this VLAN
setting to the switch after the RP authenticates. Such dynamic configuration of the
Radio Port VLAN can replace auto-provisioning on the wireless services-enabled
switch or manual configuration on an infrastructure switch. (For more information
about configuring Radio Port VLANs, see “Communicating with RPs: Radio Port
VLANs” on page 1-7.)
The default username and password on all ProCurve 200 Series RPs are admin and
procurve, respectively.
ProCurve Networking suggests that you change these settings, using a Wireless Edge
Services zl Module to load new credentials on your organization’s RPs. You can then
move these RPs to their final locations and be sure that they can authenticate and
connect to your network. (To learn how to configure RPs’ 802.1X username and
password, see Chapter 2: “Configuring the ProCurve Wireless Edge Services
zl Module.”)