Dell PowerConnect W-IAP3WN/P User Manual Page 224
- Page / 377
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
224 | IAP-VPN Deployment Dell Networking W-Series Instant 6.4.0.2-4.1 | User Guide
l L3 mode and NAT mode users—The number of trusted users supported on the controller. There is no scale
impact on the controller. They are limited only by the number of clients supported per W-IAP.
l L2 mode users—The number of L2 mode users are limited to 128000 for W-7220/W-7240 and 64000 across all
platforms.
IAP-VPN Forwarding Modes
The following forwarding modes are supported in the IAP-VPN scenario.
l Local mode
l Centralized L2 mode
l Distributed L2 mode
l Distributed L3 mode
The forwarding modes determine whether the DHCP server and default gateway for clients reside in the branch or at
the datacenter. These modes do not determine the firewall processing or traffic forwarding behavior. The Virtual
Controller enables different DHCP pools (various assignment modes) in addition to allocating IP subnets for each
branch. The Virtual Controller allows different modes of forwarding of traffic from the clients on a VLAN with a VPN
tunnel. The forwarding modes are associated with various modes of DHCP address assignment modes.
Local or NAT Mode
In this mode, the W-IAP cluster at that branch has a local subnet and the master W-IAP of the cluster acts as the
DHCP server and gateway for clients. The local mode provides VPN capabilities using the inner IP of the IAP-VPN
IPsec tunnel. The source IP for all client traffic is translated and the traffic destined for the corporate network is
translated using the VPN tunnel IP address of the W-IAP, and is forwarded through the IPsec VPN tunnel. The traffic
destined for the non-corporate network is translated using the IP address of the IAP and is forwarded through the
uplink.
When the local mode is used for forwarding client traffic, hosts on the corporate network cannot establish
connections to the clients on the W-IAP, because the source address of the clients is translated.
L2 Switching Mode
In this mode, the traffic destined for the corporate network is bridged through the VPN tunnel to the controller. The
traffic destined for the non-corporate network is translated using the IP address of the W-IAP and is forwarded
through the uplink.
When a W-IAP registers with the controller, and is configured to use the L2 DHCP scope, the controller
automatically adds the VPN tunnel associated to this W-IAP into the VLAN multicast table. This allows the clients
connecting to the L2 mode VLAN to be part of the same L2 broadcast domain on the controller.
Distributed L2 Mode
In this mode, the W-IAP assigns an IP address from the configured subnet and forwards traffic to both corporate and
non-corporate destinations. Clients receive the corporate IP with Virtual Controller as the DHCP server. The default
gateway for the client still resides in the datacenter and hence this mode is an L2 extension of corporate VLAN to
remote site. Either the controller or an upstream router can be the gateway for the clients. Client traffic destined to
datacenter resources is forwarded by the Master AP (through the IPSec tunnel) to the client's default gateway in the
datacenter.
Centralized L2 Mode
The centralized L2 mode extends the corporate VLAN or broadcast domain to remote branches. The DHCP server
and the gateway for the clients reside in the datacenter. Either the controller or an upstream router can be the
gateway for the clients. For DHCP services in centralized L2 mode, it is recommended that you use an external
- User Guide 1
- Dell Networking W-Series 1
- Instant 6.4.0.2-4.1 1
- Contents 3
- Instant User Interface 44 4
- In the Instant UI 79 6
- In the CLI 79 6
- In the Instant UI 81 6
- In the CLI 82 6
- Customizing W-IAP Settings 84 7
- VLAN Configuration 92 8
- Wireless Network Profiles 93 8
- Wired Profiles 112 9
- In the CLI 132 10
- Example 135 10
- In the Instant UI 141 11
- In the CLI 142 11
- In the Instant UI 142 11
- In the CLI 143 11
- Roles and Policies 176 14
- DHCP Configuration 201 16
- VPN Configuration 210 17
- IAP-VPN Deployment 223 17
- Adaptive Radio Management 232 18
- Example 249 19
- Voice and Video 251 20
- Services 255 20
- In the Instant UI 272 21
- In the CLI 272 21
- In the CLI 273 21
- Uplink Configuration 285 22
- Intrusion Detection 296 23
- Mesh W-IAP Configuration 303 23
- Spectrum Monitor 309 24
- W-IAP Maintenance 317 24
- Hotspot Profiles 338 25
- ClearPass Guest Setup 352 26
- Terminology 373 27
- Intended Audience 28
- Related Documents 28
- Conventions 28
- Contacting Dell 29
- Instant Overview 30
- Instant UI 31
- Instant CLI 31
- New Features in 6.4.0.2-4.1 33
- Setting up Instant Network 35
- Assigning a Static IP 36
- W-IAP Cluster 36
- Logging in to the Instant UI 37
- Regulatory Domains 38
- Code Country Name 39
- Accessing the Instant CLI 41
- Connecting to a CLI Session 42
- Sequence-Sensitive Commands 43
- Login Screen 44
- Main Window 45
- Networks Tab 46
- Access Points Tab 46
- Clients Tab 47
- New Version Available 47
- Security 50
- Maintenance 51
- Monitoring 57
- Table 9: 58
- RF Dashboard Icons 60
- Table 11: 62
- Table 12: 63
- Table 13: 65
- Spectrum 67
- Types of Alerts 68
- Figure 23 Client Alerts 69
- Figure 24 Fault History 69
- Figure 25 Active Faults 69
- Alerts list 70
- AirGroup 72
- Configuration 72
- W-AirWave Setup 73
- Pause/Resume 73
- Basic Configuration Tasks 74
- Configuring a Preferred Band 75
- Configuring Timezone 76
- Configuring an NTP Server 76
- Enabling AppRF Visibility 77
- Changing Password 77
- Configuring Auto Join Mode 79
- Configuring Terminal Access 80
- Configuring Console Access 80
- Configuring LED Display 81
- Modifying the W-IAP Hostname 84
- Configuring External Antenna 86
- Master Election Protocol 89
- (Instant AP)# iap-master 90
- (Instant AP)# show ap-env 90
- Antenna Type:Internal 90
- Adding a W-IAP to the Network 91
- Chapter 7 92
- VLAN Configuration 92
- Chapter 8 93
- Wireless Network Profiles 93
- WLAN Configuration Parameters 95
- Figure 37 Security Tab: Open 100
- Parameter Description 101
- Security Level 101
- Table 21: 101
- In the Instant UI 105
- In the CLI 105
- Opportunistic Key Caching 106
- Extended Capabilities IE 109
- RRM enabled capabilities IE 109
- Editing a WLAN SSID Profile 110
- Deleting a WLAN SSID Profile 111
- Configuring a Wired Profile 112
- Editing a Wired Profile 117
- Deleting a Wired Profile 118
- Understanding Captive Portal 120
- Walled Garden 121
- Parameters Description 122
- Managing W-IAP Users 140
- (Instant AP)(config)# end 143
- (Instant AP)# commit apply 143
- 802.1X authentication 147
- MAC authentication 147
- Captive Portal Authentication 148
- WISPr authentication 148
- Internal RADIUS Server 150
- External RADIUS Server 150
- WPA and WPA2 154
- WPA and WPA2 Features 155
- Table 32: 158
- Table 33: 159
- Enabling Dynamic RADIUS Proxy 161
- Blacklisting Clients 171
- Uploading Certificates 173
- Firewall Policies 176
- <eport> src-nat 179
- Configuring ALG Protocols 181
- Managing Inbound Traffic 183
- Table 36: 184
- Content Filtering 186
- Enabling Content Filtering 187
- Configuring User Roles 190
- In the CLI: 191
- Configuring Derivation Rules 192
- Understanding VLAN Assignment 194
- Vendor Specific Attributes 195
- User Role 196
- VLANs Created for an SSID 196
- Creating a User VLAN Role 199
- Configuring DHCP Scopes 201
- Name Description 202
- Table 38: 202
- Understanding VPN Features 210
- Mobility Controller 210
- Configuring an L2TPv3 Tunnel 215
- To view L2TPv3 configuration: 219
- To view L2TPV3 tunnel status: 219
- To view L2TPv3 tunnel config: 220
- Configuring Routing Profiles 221
- Chapter 15 223
- IAP-VPN Deployment 223
- IAP-VPN Forwarding Modes 224
- L3 Routing Mode 225
- Configuring DHCP Profiles 226
- OSPF Configuration 227
- VPN Configuration 229
- Branch-ID Allocation 230
- Branch Status Verification 230
- Branch Details 231
- ARM Overview 232
- Band Steering 233
- Airtime Fairness Mode 233
- Client Match 234
- Access Point Control 236
- Verifying ARM Configuration 237
- Deep Packet Inspection 241
- Application Visibility 242
- Application Charts 243
- Web Categories Charts 245
- Web Reputation Charts 245
- Chapter 18 251
- Voice and Video 251
- Configuring WMM-DSCP Mapping 252
- Port Packet Type 254
- Table 52: 254
- AirGroup Configuration 255
- DLNA UPnP Support 257
- AirGroup Features 258
- AirGroup Services 259
- AirGroup Components 260
- Creating a RADIUS Server 263
- Assign a Server to AirGroup 263
- Change of Authorization (CoA) 263
- ALE with Instant 265
- Integration with Instant 267
- CALEA Server Integration 270
- Client Traffic Replication 271
- Creating a CALEA Profile 272
- Verifying the configuration 273
- To verify the configuration: 274
- Chapter 20 275
- Trending Reports 276
- Intrusion Detection System 276
- Shared Key 278
- Figure 107 W-AirWave —Monitor 284
- Uplink Interfaces 285
- Cellular Uplink 287
- Wi-Fi Uplink 291
- Enforcing Uplinks 292
- Setting an Uplink Priority 293
- Enabling Uplink Preemption 293
- (Instant AP)(uplink)# end 294
- OS Fingerprinting 296
- Table 55: 298
- Client Detection Policies 299
- Client Protection Policies 300
- Configuring IDSUsing CLI 301
- Mesh Network Overview 303
- Mesh Points 304
- Layer-3 Mobility Overview 306
- Configuring L3-Mobility 307
- Understanding Spectrum Data 309
- Non Wi-Fi Interferers 310
- Non Wi-Fi Interferer Types 311
- Channel Details 312
- Channel Metrics 313
- Spectrum Alerts 314
- Upgrading a W-IAP 317
- Upgrading an Image Using CLI 319
- Viewing Current Configuration 319
- Backing up Configuration Data 320
- Restoring Configuration 320
- Table 63: 321
- Rebooting the W-IAP 325
- Configuring SNMP 327
- Configuring a Syslog Server 330
- Logging Levels 331
- Configuring TFTP Dump Server 332
- Support Commands 333
- Chapter 28 338
- Hotspot Profiles 338
- Configuring Hotspot Profiles 339
- Venue Types 342
- Configuring a 3GPP Profile 344
- Configuring a Domain Profile 344
- Creating a Hotspot Profile 346
- Table 69: 347
- Sample Configuration 349
- ClearPass Guest Setup 352
- Troubleshooting 355
- IAP-VPN Deployment Scenarios 356
- Redundancy 357
- Table 72: 358
- Datacenter Configuration 359
- AP Configuration 361
- Table 73: 362
- Topology 364
- Table 74: 366
- Table 75: 370
- Acronyms and Abbreviations 373
- Glossary 374
- List of Terms 375
Related products and manuals for Networking Dell PowerConnect W-IAP3WN/P
Networking Dell 3-DNS Setup Guide
(16 pages)
(16 pages)
Networking Dell PowerEdge T410 User Manual
(19 pages)
(19 pages)
Networking Dell DPND-523-EN12 User Manual
(16 pages)
(16 pages)
Networking Dell PowerEdge R310 User Manual
(14 pages)
(14 pages)
Networking Dell PowerEdge R820 User Manual
(17 pages)
(17 pages)
Networking Dell MD1120 User Manual
(17 pages)
(17 pages)
Networking Dell PowerEdge M915 User Manual
(24 pages)
(24 pages)
Networking Dell M4001F User Manual
(27 pages)
(27 pages)
Networking Dell TL24iSCSIxSAS User's Guide
(66 pages)
(66 pages)
© 2020, manymanuals.com. All rights reserved. | 2.078 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals