Aruba learning notes 05 configuration architecture WLAN configuration architecture

Lord To learn Source of material :​ ​http://www.cnblogs.com/yaoyaojcy/ And Huawei official website ​​

 1、WLAN Configuration architecture

So I understand building a WLAN, The main configuration is Virutal AP、RF、AP、QOS

2、AP group :

Aruba Wireless controller through AP Group To build a wireless network configuration parameter template . And many more AP Join in some AP Group To synchronize configuration parameters to each AP

• AP Groups are saved with the same configuration AP All parameters of
• All being AC Discovered AP( Not configured yet ) Are assigned to one by default "default" Of AP Group
• One AP It can only belong to one AP Group , Multiple AP Can belong to the same AP Group
• You can create new AP Group , Then put the specific AP Assign to new AP Group . You can modify AP Group parameters , Make the modified parameters apply to all that belong to this AP, It can also be applied to a specific AP Make parameter changes , The modified parameters will override AP Group corresponding parameters .

3、profile

Aruba With profile Decompose the wireless configuration parameters for the unit , According to the function of wireless configuration parameters , Decompose into independent profiles, The lower Profile It can be provided to multiple upper layers profile To use , The upper profile It can also include several lower layers with different functions profile

for example SSID Profile( contain AP The name of , Encryption and so on ), contain EDCA Parameters Station Profile(Clients To AP Traffic priority parameter ),EDCA Paramters AP Profile(AP To Clients Traffic priority parameter ),High-throughput SSID  Profile(802.11n Of 40MH The use of ), These three Profile It can also be used by others SSID Profile contain

The following is a prifile Diagram for ：

• SSID profile: Configure user visible ESSID, And its encryption method , Such as open、wep、wpa-tkip、wpa2-aes, And the use of pre-share key Static key or 802.1x.
• AAA profile: Configure user authentication mode （mac、802.1x、captive-portal、VPN), Associate corresponding AAA Authentication server （Radius、TACACS+、LDAP And Internal DB）.
• Virtual-AP profile: Relate the above SSID profile and AAA profile To form a group WLAN Service template , And allocate them vlan.
• Role、Policy： I will explain it in detail later

4、Virtual AP Configuration architecture

• AP Sent Beacon,probe respones The package contains WLAN Of SSID, authentication , Supported rates and other information ,STA Related to BSSID（ Usually it is AP Of MAC Address ）
• stay Aruba In the network ,AP In a WLAN Use a unique BSSID, A physical one AP Can support multiple WLAN,WLAN Configuration applies to a AP Of BSSID be called Virtual AP
• Virtual AP It can be configured to AP Groups and specific AP

 1. AP、AP-Group and Virtual-AP The relationship between

Parse enumeration ：

• AP1、AP3, Belong to AP-Group1, Release SSID=A;
• AP2、AP5, Belong to AP-Group2, Release SSID=B、SSID=C
• AP4, Belong to AP-Group3, Release SSID=A、SSID=B、SSID=C、SSID=D

2.Virtual-AP Configuration points of

2.1 authentication ----AAA Profile

• Ensure that all users accessing the wireless network are legal users
• The authentication method can choose no authentication , perhaps MAC、PSK、captive portal、802.1X And so on
• Realize role assignment in the authentication process

2.2 Encryption method ----SSID Profile

• Ensure the privacy of data transmission over the air
• You can choose not to encrypt (open)、 Layer 2 encryption (TKIP, AES) Or three-layer encryption (VPN)

2.3 VLAN Distribute ----VLAN-Name or VLAN-ID

• Assign... To wireless users accessing the wireless network VLAN, In order to get the right IP Address