Académique Documents
Professionnel Documents
Culture Documents
Basic Information
• Hostname
• Country code
• Passwords
• Time/date
• Licenses
• VLANs and VLAN Interfaces
• Ports
2
Initializing default the controller
3
Initializing default the controller
4
Initial Controller Parameters
1. Connect to your controller, via the WebUI, using your browser at 172.16.0.254.
2. Log on with the credentials you.
3. Navigate to the Configuration tab then click on Controller wizard.
4. Complete the Basic Information for this controller as follows:
a. Name: Controller
b. Country Code: ID
c. Password for user “Admin”: admin123 (for example)
d. Password for Enable Mode Access: admin123 (for example)
e. Date and time: current date and time
f. Timezone: current time zone
5
Configure Control Plane
For Next step AP provision you must disable Control Plane Security
1. Open a browser page to your controller.
2. To configure the employee WLAN, navigate to Configuration -> Control Plane
Security
3. Choose disabled, then apply
6
Initial Controller Parameters
7
Controller Licenses
5. Click Next to get to the license wizard.
6. Enter license then click “add”.
7. Click NEXT to get to the VLAN and IP configuration wizard.
8
Connectivity: VLAN, IP interfaces
This information would be coordinated with your clients network.
8. Click the New button to add a new named VLAN and add "name" and click OK.
9. Click the Add button to add a new VLAN.
a. From the drop down list select NEW and click OK. Add a new VLAN then click
on each field to add in the following:
• VLAN ID: X1
• IP Address: 10.X0.X1.1 Subnet Mask: 255.255.255.0
• Enable NAT: yes
• Port Members: no ports DHCP settings: none
b. Click on OK to add this new VLAN
9
Initial Controller Parameters
10
Initial Controller Parameters
b. Click on the DHCP settings and from the drop down menu select
DHCP settings: Act as server
Configure the DHCP pool as follows:
Network: 10.X0.X2.0
NetMask: 255.255.255.0
Domain Name: (Leave blank)
Default router: 10.X0.X2.1
DNS server: 8.8.8.8
8. Click OK. Click OK to add this new VLAN.
10.Click Next to continue to the next page.
11
Initial Controller Parameters
12
Initial Controller Parameters
b. Click on the DHCP settings and from the drop down menu select
DHCP settings: Act as server
Configure the DHCP pool as follows:
Network: 10.X0.X3.0
NetMask: 255.255.255.0
Domain Name: (Leave blank)
Default router: 10.X0.X3.1
DNS server: 8.8.8.8
8. Click OK. Click OK to add this new VLAN.
10.Click Next to continue to the next page.
13
Connectivity controller and uplink
10. The Controller IP address, should be set the management VLAN interface VLAN
X1: 10.X0.X1.1)
11. Add the Default gateway as Static and enter 10.X0.X1.251
12. Click Next
14
Ports
15
Ports
16
Initialization Results
17
License Management
18
Monitoring dashboard
19
Monitoring Client Performance
20
Usage Page
21
Potential client and radio issues
22
WLANs page
23
Access point summary
24
Clients page
25
Configure WLAN
26
Configure WLAN
27
Configure WLAN
8. Click Next.
9. Select Tunnel mode as the forward mode and click Next.
10. For the Radio settings select the following:
a. Radio type all.
b. Broadcast SSID yes.
c. Select VLAN from the drop down field.
d. Then click Next.
11. Select Internal for intended use of the WLAN.
12. Click Next.
13. On the Authentication and Encryption page select the following:
a. Strong encryption with 802.1X authentication.
b. Select WPA-2 Enterprise.
c. Select AES,TKIP from the encryption dropdown menu.
d. Click Next.
28
Configure WLAN
14. Click Add on Authentication Server.
15. Select “Internal” from known servers
16. Choose Radius then enter the following:
a. Server Radius Name.
b. IP Address.
c. Shared key and Retype key.
d. click OK then click Next.
29
Configure WLAN
17. No Captive Portal. Click Next.
18. Select the role authenticated then click Next.
19. Click FINISH at the bottom of the screen.
20. Confirm that the configuration has been pushed successfully then click Close
at the bottom of the screen
For Next step AP provision you must disable Control Plane Security
21. Open a browser page to your controller.
22. To configure the employee WLAN, navigate to Configuration -> Control Plane
Security
23. Choose disabled, then apply
30
Convert IAP to Mobility Controller
1. Connect a console cable to the Aruba IAP’s console port.
2. Power up your AP
3. The AP will start booting
a. Press enter key to stop the autoboot process.
b. Type factory reset
c. Type setenv ipaddr X.X.X.X
d. Type setenv netmask X.X.X.X
e. Type setenv gatewayip X.X.X.X
f. Type saveenv
g. Type reset or boot to reboot the AP
4. After booting complited, enter the following:
• Username: admin
• Password: admin
5. type convert cap “ip address controller”
31
Convert IAP to Mobility Controller
3.On “Welcome to Instant” window, Enter “admin” both Username and Password.
32
Convert IAP to Mobility Controller
1.On the “Access Point” window, click on the “MAC Address number” and then click “edit”
on the right side.
33
Convert IAP to Mobility Controller
5.Apply
34
AP Provisioning
Check the GUI to see if the AP is detected. Click on Monitoring then look in the
WLAN Network Status table.
35
AP Provisioning
8. From your controller GUI interface navigate to Configuration -> WIRELESS ->
AP Installation.
9. Select your AP and click Provision.
36
AP Provisioning
37
AP Provisioning
38
RADIUS Server Setup
1. Log into the WebUI of your controller.
2. Navigate to Configuration -> SECURITY -> Authentication -> Servers
3. Click Server Group from the Servers tab on the left side of the screen.
4. In the server group name: “WLAN”-server-group.
5. Check Servers (There is server that you input on configure WLAN)
39
RADIUS Server Setup
If There isn’t add the RADIUS server or if you want add new RADIUS server
• Click the New button under Servers to add RADIUS Server name to the server
group.
If you want add another RADIUS Server
1. Navigate to Configuration -> SECURITY -> Authentication -> Servers ->
RADIUS Server.
2. In the blank field, enter the name of RADIUS Server.
3. Click the Add button.
4. Click on the new RADIUS server you just created to begin its configuration
and enter the following:
• Host:
• Key:
5. the Apply button at the bottom of the screen.
40
Add User
41
Building The common-policy
1. Navigate to Configuration -> Security -> Access Control -> Policies tab
2. Click on the Add button to begin editing a new policy.
42
Building a Network Destination Alias
43
Building no Ping Blacklist Policy
44
Modifying Authenticated User Role
1. Navigate to Configuration -> SECURITY -> Access control -> User roles.
2. Click Edit next to the authenticated user role.
3. Under firewall policies click Add.
45
Modifying Authenticated User Role
46
Dashboard AppRF
47
Configure WLAN Captive Portal
48
Configure WLAN Captive Portal
7. Click Next.
8. Select Tunnel mode as the forward mode and click Next.
9. For the Radio settings select the following:
a. Radio type all.
b. Broadcast SSID yes.
c. Select VLAN from the drop down field.
d. Then click Next.
10. Select Guest for intended use of the WLAN.
11. Click Next.
12. On the Authentication and Encryption page select the following:
a. Captive Portal with email registration. User's email is required but not
verified
b. Click Next.
49
Configure WLAN
50
Configure Captive Portal
51
Configure Captive Portal
5. Under the Additional options Choose File, You could choose a JPEG file but
we will keep the Aruba logon screen at this time.
6. In the policy text section write the following “Legal”
7. At the bottom of the screen click on Submit.
8. To the right of Submit and Reset buttons click on View Captive Portal. This
will open up a new browser page.
9. Verify the logo and your page text.
10. In the registration window click on Acceptable Use Policy.
11. Now close the browser page.
12. Save Configuration at the top of your screen.
52
Adaptive Radio Management
Configuration
1. Login to the WebUI of your controller.
2. Navigate to Configuration -> Wireless -> AP Configuration
3. Click on your masterControllerX AP group
4. Expand RF Management
5. Expand 802.11a radio
6. Click on Adaptive Radio Management (ARM) profile
7. Answer these questions:
a. What is the MAX TX EIRP set for : __________
b. What is the Min TX EIRPset for: _____________
c. Is Client Match enabled: _________
53
54