|
Facilidade de uso
svp_server), and add the SVP servers as hosts. For more details on configuring the net-destinations, refer to the user guide. PN: 1725-36080-001_J.doc Configuration Guide Create policies for the wireless telephone user The policies shown in the above example can be configured using the Web interface as follows: PN: 1725-36080-001_J.doc Aruba Mobility Controllers: A200, A800, A2400, A6000 Assign policies to the role Create a role, for example phones, and assign the policies to this role. This is the role that would be assigned to the handsets when they are authenticated successfully. The Security Policies and QoS can also be configured through the command line interface (CLI). The CLI commands corresponding to this section are as follows: configure terminal netdestination tftp-server host 10.168.0.20 ! netdestination svp_server host 10.168.0.11 host 10.168.0.12 ! netdestination dhcp-server host 10.168.0.21 ! ip access-list session phone_acl user user any deny user alias svp_server svc-svp permit queue high PN: 1725-36080-001_J.doc Configuration Guide alias svp_server user svc-svp permit queue high user alias tftp-server svc-tftp permit user alias dhcp-server svc-dhcp permit user host 224.0.1.116 any permit ! user-role phones session-acl phone_acl ! PN: 1725-36080-001_J.doc Aruba Mobility Controllers: A200, A800, A2400, A6000 Authentication In addition to the encryption, Aruba recommends the use of MAC authentication to authenticate the Spectralink handsets. On the Aruba System, the roles for SpectraLink Wireless Telephones are derived using MAC-authentication. The wireless telephones can be authenticated individually using MAC-authentication or as a group using the vendor OUI and derivation rules. For instruction on enabling MAC-authentication refer to Aruba’s user guide. For the OUI based derivation rule, configure the following from the CLI: aaa derivation rules user set role condition macaddr starts-with "00:90:7a" set- value phone PN: 1725-36080-001_J.doc Configuration Guide Quality of Service (QoS) Quality of service is achieved by prioritizing the SpectraLink voice traffic over data traffic. To prioritize the voice traffic over data traffic in the AP traffic queues, the “queue high” tag is used at the end of each ACL to prioritize the traffic matching the ACL over all other traffic. In the example shown above: user alias svp_server svc-svp permit queue high alias svp_server user svc-svp permit queue high The traffic that matches the above two rules is prioritized over all other traffic. In addition, a DiffServ tag or a Dot1p tag can be configured at the end of each ACL to indicate the relative priority of the traffic to the traffic to the network. Example : user alias svp_server svc-svp permit dot1p 4 queue high dot1p-priority 4 tos 4 queue high alias svp_server user svc-svp permit queue high dot1ppriority 4 tos 4 queue high By default, the packets are not tagged. In addition multicast/bradcast traffic in the air can be limited by turning on the firewall voip-prox-arp. This command is available on the CLI alone. (Aruba)# configuration terminal (Aruba) (config)# firewall voip-proxy-arp PN: 1725-36080-001_J.doc Aruba Mobility Controllers: A200, A800, A2400, A6000 Subnet Roaming The Aruba system can be set up to support inter-switch inter-subnet roaming. The topology is as shown in the figure on page 2. When two or more switches are used in the Aruba WLAN system, one switch has to be identified as the master and the others as the local switch. During VIEW Certification testing, the Aruba 800 was configured as the master switch and the Aruba 6000 was configured as a local switch; therefore, this configuration is used in the following examples. For instructions on setting up a switch as a local switch refer to Aruba’s user guides. Ensure that both switches have IP connectivity. A simple ping from each of the switches to the other switch can be used to verify connectivity. In a master local setup all AP, authentication, and firewall configurations will be made on the master and pushed down to the local switch. In the configuration tested, all APs with location code 1.1.0 were configured to boot off of the master switch and all APs with location code 1.2.0 were configured to boot off of the local switch. To use the Web interface to configure this, do the following: 1. From the master switch, navigate to the Configuration > WLAN > Advanced tab. 2. Add a new location 1.1.0 and click the Apply button. 3. In the next page click the General tab and set the LMSIP to the “switch IP” address of the master. 4. Apply the configurations. 5. Configure location 1.2.0 in a similar manner and set the LMSIP address to the “switch IP” address of the local switch. 6. Create a default route for multicast traffic re-direction on the switch that acts as the Mobility Home Agent for the Voice group (this was done on the master switch in the test example). PN: 1725-36080-001_J.doc Configuration Guide CLI Commands to Set Up Subnet Ro...
Este manual também é adequado para os modelos :Equipamento de rede - A200 (571.46 kb)
Equipamento de rede - A2400 (571.46 kb)
Equipamento de rede - A6000 (571.46 kb)