VLANs. Application Note
|
|
- Kathlyn Rose
- 8 years ago
- Views:
Transcription
1 VLANs Application Note
2 Table of Contents Background... 3 Benefits... 3 Theory of Operation... 4 IEEE 802.1Q Packet... 4 Frame Size... 5 Supported VLAN Modes... 5 Bridged Mode... 5 Static SSID to Static VLAN Mode... 6 Static SSID to Dynamic VLAN Mode... 7 User Groups to VLAN Mode... 8 Management VLANs... 8 Configuration WMI (Web Management Interface) Method Bridged Mode Static SSID to Static VLAN Mode Static SSID to Dynamic VLAN Mode Management VLANs CLI Method Bridged Mode Static SSID to VLAN Mode Static SSID to Dynamic VLAN Mode Management VLAN Rev
3 Background The purpose of this application note is to develop an understanding of the implementation and configuration options for virtual LANs (VLANs) available on the Xirrus Wi-Fi Array. VLAN s are utilized in networks today to control traffic according to the specific requirements of an organization. These requirements may include broadcast domain containment, collision domain containment, end user isolation, segmentation, security and more. In wireless networking, VLAN s are generally implemented to isolate and secure the injection of wireless users onto networks. Network designs may vary widely some users may wish to inject wireless traffic directly into the network onto a specific network address or VLAN, while others might place WLAN users behind a firewall, ACL or limited access network with direct connection to the Internet and no access to the corporate network. Xirrus supports multiple VLAN options to allow users to meet their custom requirements. The Xirrus Wi-Fi Array supports the IEEE standard for 802.1Q tagged VLANs. The Array supports all three modes of operation per the 802.1Q standard: (1) all Tagged, (2) all Untagged and (3) Hybrid links. Hybrid links contain a mixture of tagged and untagged frames running on the same interface. Legacy switches may not have full support for the Hybrid link type. In these situations, management frames will be forced onto a VLAN and the management option will need to be enabled on the VLAN. The Array supports both static and dynamic VLAN assignments. In the dynamic case, the VLAN ID is obtained via RADIUS-based authentication criteria. Dynamic VLANs may be utilized as in Network Access Control (NAC) or Network Access Protection (NAP) implementations. Benefits The Xirrus Wi-Fi Array supports many different types of network designs, with or without the use of VLANs. The Array supports solutions for Layer 2 (L2) and Layer 3 (L3) tunneling mechanisms to get traffic to a targeted destination network. These L2 and L3 tunnels allow the Array to interoperate with other Wi-Fi infrastructure vendors while offering wire rate encryption/decryption at the edge of the network. The Array also support wireless and wired QoS (Quality of Service) mechanisms to ensure sensitive traffic is carried matching network policies. VLANs in general can be used to isolate SSID/VLAN pairs as in separating traffic between a guest access SSID and a corporate SSID. VLANs can easily handle such traffic isolation by assigning unique VLANs to each SSID. Once the VLAN to SSID mappings are complete, the L3 network policy can enforce security policies through ACLs (Access Control Lists). The Array supports 802.1Q VLAN tags together with 802.1p settings, which notify the network port of the QoS setting. This Layer 2 QoS is sometimes called CoS (Class of Service). Rev
4 Theory of Operation IEEE 802.1Q Packet When VLANs are created on the Array, an 802.1Q tag is added to data packets upon egress from the Array. VLAN tags are removed on the ingress when packets reach the Array s Gig1/2 interface. Tags consist of 4 bytes added to the packet header that include several defined fields as described below. Tags are not sent through the network end-to-end but are inserted and stripped on each Layer 2 link in the network path. Figure Q Tag TPID The Tag Protocol Identifier is a 16-bit field generally set to 8100 to indicate 802.1Q-tagged frames. Double tagging is used in some applications to tunnel traffic over L2 networks, in which case the TPID may have other values including 9100, 9200, 9300, or 88a8 (802.3ad). Priority Packet priority is defined by IEEE 802.1p and is a 3-bit field in the 802.1Q header. The field indicates 1 of 8 user priority levels. A value of 0 is the default and 7 is the highest priority. The following chart shows the mapping between 802.1p priority and a Xirrus Array. Figure 2 Array 802.1P Mapping Rev
5 End user stations can set the VLAN equal to zero or Null to enable 802.1P priority packets into the network. These are covered below in the reserved VID values chart. CFI Canonical Format Indicator is a 1-bit field. CFI=1 means that the MAC address will be in noncanonical format and CFI=0 means that the MAC address is canonical format. VID VLAN Identifier is a 12-bit field. The VLAN field allows the network device to determine which VLAN to send the destination frames. Supported VLAN values would fall between 0 and 4095 for a total of 4096 values supported. Note that not all bridges support the entire range to be enabled at a single point in the network. Frame Size Figure 3 VID Field Options 802.1Q packets change the minimum and maximum values for Ethernet frame sizes. Normally frame sizes are between 64 and 1518 bytes. Tagging increases these values by 4 bytes, to increase the range from 68 to 1522 bytes. Supported VLAN Modes The Xirrus Wi-Fi Array supports the following VLAN modes. The first four represent the options available for joining end user traffic coming off the wireless side ingress to the wired side of the Array egress. The modes are described in the subsequent sections. Bridged Mode Static SSID to Static VLAN Mode Static SSID to Dynamic VLAN Mode User Groups to VLAN Mode Management VLANs Bridged Mode Simply creating an SSID without a VLAN sets up bridged Mode on the Array. Traffic will flow natively as shown in the diagram below from the ingress SSID to the egress Gig1/2 interface untagged. When creating multiple SSIDs, it is generally not recommended to use Bridged Mode, as there will be no isolation on the wired network. Utilizing VLANs provides isolation security on the wire. In Bridged Rev
6 Mode, the SSID can be of any security type (Open, WPA-PSK, WPA x, etc.) to ensure security on the wireless connection. An additional issue with simple Bridged Mode is that end user traffic is on the same network as management traffic, thus creating another potential security issue. Figure 4 SSID Bridged Mode Diagram Static SSID to Static VLAN Mode In this mode, the Array has from 1 up to 16 SSID/VLAN pairs configured with a direct one-to-one mapping between each pair. For example SSID Guest configured to egress Array on VLAN 100, SSID Students configured to egress Array on VLAN 200, etc. The Array dynamically inserts tags for the appropriate VLAN onto each packet upon egress from the Gig1/2 port, but it is a static mapping of SSID to VLAN. In the reverse direction, the Array removes the tagged information coming from the switched network then passes the untagged packets onto the appropriate SSID to go out on the wireless network. The traffic between Guest and Students in our example is isolated from each other on the Gig1/2 interface via the VLAN tags. To communicate between VLAN 100 and 200 on the wired network, the traffic would need to pass through a router. The router is where the filters, ACL and policies can be applied to prevent users or types of traffic from passing from one VLAN to another. Rev
7 Figure 5 Static VLAN to SSID assignments Static SSID to Dynamic VLAN Mode This mode enables single SSIDs to be mapped to multiple VLANs dynamically allocated via Radius based on user credentials. As an example, an office with Guest, Secure, and Voice user types could be supported on a single SSID but with isolated and unique policies on the wired network per VLAN to protect certain network resources from Guest users. In the example below, there are 4 VLANs on the trunk port that the Array is directly connected. The Array has 4 VLANs configured, but only has a single SSID. Since each SSID is advertised over the air via wireless management traffic, multiple SSIDs will increase the management traffic overhead, potentially impacting the overall bandwidth available for client traffic. Therefore it is always desirable to keep the number of active SSIDs in a wireless to a minimum. With Dynamic VLANs, the Radius server assigns the egress VLAN ID for traffic based on client authentication. Clients will be mapped dynamically to the appropriate VLAN based on their profile as configured on the Radius server. The destination VLAN is assigned via the Radius server to the Array using RADIUS attributes 64, 65 and 81. The Array supports a mixture of VLAN modes with both Static and Dynamic assignments configured at the same time with the requirement that all traffic is tagged. Rev
8 Figure 6 Dynamic VLAN to SSID assignments User Groups to VLAN Mode The Array supports a User Group mode to ease configuration when multiple user classification types are required. User Groups can be utilized for assigning a number of different profile parameters to each user, including Radius Filter-ID, VLANs, QoS levels, Fast Roaming Type, DHCP Pools, Filter Lists, Station Limit, Traffic Limit, Traffic/Station Limit, Time on, Time Off, Days On, and Web Page Redirect settings. The Radius settings are specific per SSID or globally set. Please refer to the User Group Application Note at for more details on User Groups. Management VLANs The Array supports management traffic (to control and configure the Array) via the Eth0 (out-of-band), Gig1/2 (in-band), and wireless interfaces. Each of these options has specific requirements and some have limitations. The Array is a bridging device and therefore supports a single default gateway for all interfaces. Utilizing the Eth0 interface for management requires overriding the Array s default gateway, which by default is the Gig1/2 interface. If Radius authentication packets are not desired on the management network, it is recommended to use Gig1/2 interface with a management VLAN. The IP address assigned to the Gig1/2 port to use for management is by default untagged. To make it VLAN tagged, a VLAN must first be created, the Gig1/2 IP Address configured to be on the VLAN, and then management enabled for the VLAN. Management over a Gig1/2 VLAN also supports an untagged mode called Native. When this option is enabled, the 4-byte tag is removed and packets are bridged directly to the wire. This is the same way the Array operates on the Gig1/2 interface by default. If the configuration warrants a Native type design, simply assign an IP address to the Gig1/2 interface. Generally the Array would only be configured for management over a VLAN if the tagged option were required to communicate with bridges that do not support Hybrid Links. Rev
9 The Xirrus Array has an optional setting for Default Route. The Default Route option sets the Array to utilize the selected output VLAN as the Default Route for all management traffic (SNMP, Web, Radius, etc.) coming from the Array. The diagrams below demonstrate the concepts discussed. Figure 7 Management-VLAN Native Figure 8 Management-VLAN tagged Rev
10 Figure 9 VLAN Management enabled untagged Configuration WMI (Web Management Interface) Method Bridged Mode 1. Create the SSID using the WMI. Type Guest in the field next to Create and then click the Create button. 2. Once this is done the browser will notify that the SSID was created but that it is still disabled. Acknowledge this message to view the SSID Management area of the WMI. 3. Now enable the Guest by clicking on the check box under the Enabled area of the WMI. Then finally click on the Apply and Save buttons to accept and keep the changes made. You may delete/disable the xirrus SSID. Rev
11 4. Once this is done remember to enable the IAP s. This is done via Configuration path IAPs/Global Settings/IAP Status Enable all IAPs. 5. Clients should now be able to see the Guest being broadcast into the air. Clients should also be obtaining and IP Address on the /24 network similar to that of the Array. 6. Array Ethernet information as seen via the WMI. Rev
12 7. Client information can be viewed within the WMI as well via the path Stations. Static SSID to Static VLAN Mode 1. Create VLANs and then assign to SSIDs. Go to VLAN VLAN Management on the WMI. To do this simply type the VLAN Name and VLAN Identifier then click the Create button. These are done one at a time so repeat this step until complete. 2. Now create the SSIDs and bind the VLANs to the unique SSIDs. This is a two step process in the WMI as the SSID needs to be created first then edited to bind the VLANs. Step 1 Step 2 3. In this example, VLANs are defined as shown below. SSID VLAN Network Mask Gateway Guest / Student / Staff / A client machine should now be able to see all 3 SSIDs being broadcast. Rev
13 5. Client machine_1 associated to Guest should obtain IP Address of /24 on VLAN 100. Client machine_2 associated to Student should obtain IP Address of /24 on VLAN 101. Client machine_3 associated to Staff should obtain IP Address of /24 on VLAN 102. Static SSID to Dynamic VLAN Mode Note: This mode requires use of a Radius Server. Microsoft IAS is used in this example. 1. Configure VLANs 100, 101, 102 and 999 under VLAN section but do not assign these statically to any SSID (except for VLAN 999). The Array will get the VLAN assignments directly from the Radius server to assign the VLAN to the end user specific criteria. Rev
14 2. Configure a new SSID called xirrus from the WMI. Now tie VLAN 999 to the new SSID and click Apply + Save. 3. Configure the Array for External-Radius support. This can be configured on a per-ssid or under Global setting. In the example below, uncheck Global and enter the Radius Server parameters as shown. Rev
15 4. For additional information on installing Active Directory (AD), Internet Authentication Service (IAS) and Certificate Authority (CA) services on Windows 200x Server, refer to the appropriate configuration guide at support.xirrus.com. 5. On the IAS server, configure the Array as a Radius Client. Be sure to note the password as this is case sensitive within Radius-Standard. 6. Create 3 user accounts and configure the following attributes to enable the array to move the user station dynamically from VLAN 999 over to VLAN 100/VLAN 101/VLAN 102. The example shown is only for user account student01. Rev
16 7. Create 3 Groups (Guest, Student, Staff) and configure the following attribute. The example shows creation of Student Group. 8. Right-click on the new Group created and select Properties. Go to Members tab and add members in this Group. 9. On IAS, create access policies for the Groups. Rev
17 10. Click on Edit Profile and add RADIUS attribute 64 (Tunnel-Type), 65 (Tunnel-Medium-Type) and 81 (Tunnel-Pvt-Group-ID). For each Remote Access Policies, ensure that the VLAN-ID is configured to the respective VLAN. Guest Remote Access Policy Student Remote Access Policy Staff Remote Access Policy Rev
18 11. In this example, the VLANs are defined as shown below. Depending on which user is authenticating to the RADIUS server, the VID will be returned via RADIUS attribute 81. SSID User VLAN(VID) Network Mask Gateway xirrus guest / xirrus student / xirrus staff / Management VLANs 1. To change the management interface from Gig1/2 to VLAN 999, follow the steps below. The assumption is that VLAN 999 is already created from previous steps. Once complete, set the Default Route for the Array to exit via VLAN 999 interface. 2. Select Apply + Save when finished. CLI Method Bridged Mode 1. Create an SSID on the Array. 2. Disable the default SSID called xirrus. 3. Enable radios on the Array and the SSID called Guest should now be visible. Client side should now show the Guest beacons being received. Rev
19 4. Once the Array to client association has occurred the client should pickup DHCP on the same network as the Gig1/2 interface which in this case is the /24 network. Remember that this is what was configured earlier. The requirement was to have the client side wireless traffic egress the Array on the same network as the Gig1/2 interfaces. 5. Array address and client address. 6. The client should now show up in the associated-stations table as shown below. Static SSID to VLAN Mode 1. Create several VLANs on the Array and then bind them to unique SSIDs. In the example below there are three VLANs: 100, 101, 102 and they are bound to Guest, Student and Staff. Rev
20 2. The Xirrus SSID has already been disabled from previous steps but if not then please disable/delete it. 3. Now to check for connectivity on each vlan by associating client machines to each SSID/VLAN to ensure proper connectivity. In this example, the VLANs are defined as shown below. SSID VLAN Network Mask Gateway Guest / Student / Staff / Static SSID to Dynamic VLAN Mode 1. Create new VLANs 100,101,102 and 999 but do not assign these statically to any SSID except for VLAN 999. Rev
21 2. Configure SSID called xirrus using WPA2 with unique security settings specific to this SSID. Then assign the SSID or bind it to VLAN 999 as shown below. 3. Please refer to the IAS configuration in the WMI section. End users will be assigned to their respective VLANs upon authentication to the IAS server. Management VLAN Configure VLAN 999 as the management interface. To enable management on a particular VLAN instead of using the Gig1/2 interface, simply set the Management option and then assign either native (untagged) or default (tagged). This will allow all management traffic to now traverse VLAN 999 instead of what was previously configured. Currently the Array is configured to receive management traffic on the Gig1/2 interface as shown below. The original interface for this Array was on /24 network and was untagged. If tagging is required on the management interface, then follow the steps below to enable tagging on management interface. Rev
22 1. To move the management interface, configure VLAN 999 and enable Management. This change will result in all management traffic from the Array going out on VLAN 999 (tagged). Once the Management option has been enabled, assign an IP address to the VLAN 999 to make it an IP reachable interface. This example utilizes /24 with gateway Rev
23 2. Once the IP interface is complete configure the VLAN 999 interface to be the default-route for the Array through VLAN 999 interface. Rev
Application Note User Groups
Application Note User Groups Application Note User Groups Table of Contents Background... 3 Description... 3 Benefits... 4 Theory of Operation... 4 Interaction with Other Features... 6 Configuration...
More informationEnabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches
print email Article ID: 4941 Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches Objective In an ever-changing business environment, your
More informationManagement Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version 1.0.0. 613-001339 Rev.
Management Software AT-S106 Web Browser User s Guide For the AT-GS950/48 Gigabit Ethernet Smart Switch Version 1.0.0 613-001339 Rev. A Copyright 2010 Allied Telesis, Inc. All rights reserved. No part of
More informationHow To Configure Voice Vlan On An Ip Phone
1 VLAN (Virtual Local Area Network) is used to logically divide a physical network into several broadcast domains. VLAN membership can be configured through software instead of physically relocating devices
More informationWireless Edge Services xl Module 2.0 Update NPI Technical Training June 2007
ProCurve Wireless Edge Services xl Module v.2 Software NPI Technical Training NPI Technical Training Version: 1.5 12 June 2007 2007 Hewlett-Packard Development Company, L.P. The information contained herein
More informationWhat is VLAN Routing?
Application Note #38 February 2004 What is VLAN Routing? This Application Notes relates to the following Dell product(s): 6024 and 6024F 33xx Abstract Virtual LANs (VLANs) offer a method of dividing one
More informationConfiguring Network Address Translation (NAT)
8 Configuring Network Address Translation (NAT) Contents Overview...................................................... 8-3 Translating Between an Inside and an Outside Network........... 8-3 Local and
More informationApplication Note Gigabit Ethernet Port Modes
Application Note Gigabit Ethernet Port Modes Application Note Gigabit Ethernet Port Modes Table of Contents Description... 3 Benefits... 4 Theory of Operation... 4 Interaction with Other Features... 7
More informationVLAN and QinQ Technology White Paper
VLAN and QinQ Technology White Paper Issue 1.01 Date 2012-10-30 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationFSM73xx GSM73xx GMS72xxR Shared access to the Internet across Multiple routing VLANs using a Prosafe Firewall
FSM73xx GSM73xx GMS72xxR Shared access to the Internet across Multiple routing VLANs using a Prosafe Firewall This document describes how to: - Create multiple routing VLANs - Obtain Internet access on
More informationVLAN for DekTec Network Adapters
Application Note DT-AN-IP-2 VLAN for DekTec Network Adapters 1. Introduction VLAN (Virtual LAN) is a technology to segment a single physical network into multiple independent virtual networks. The VLANs
More informationWireless Local Area Networks (WLANs)
4 Wireless Local Area Networks (WLANs) Contents Overview...................................................... 4-3 Configuration Options: Normal Versus Advanced Mode.............. 4-4 Normal Mode Configuration..................................
More informationOptimum Business SIP Trunk Set-up Guide
Optimum Business SIP Trunk Set-up Guide For use with IP PBX only. SIPSetup 07.13 FOR USE WITH IP PBX ONLY Important: If your PBX is configured to use a PRI connection, do not use this guide. If you need
More informationAbstract. MEP; Reviewed: GAK 10/17/2005. Solution & Interoperability Test Lab Application Notes 2005 Avaya Inc. All Rights Reserved.
Configuring Single Instance Rapid Spanning Tree Protocol (RSTP) between an Avaya C360 Converged Switch and HP ProCurve Networking Switches to support Avaya IP Telephony Issue 1.0 Abstract These Application
More informationConfiguring QoS in a Wireless Environment
Configuring QoS in a Wireless Environment This chapter describes how to configure quality of service (QoS) on your Cisco wireless interface. With this feature, you can provide preferential treatment to
More informationVLAN 802.1Q. 1. VLAN Overview. 1. VLAN Overview. 2. VLAN Trunk. 3. Why use VLANs? 4. LAN to LAN communication. 5. Management port
1. VLAN Overview 2. VLAN Trunk 3. Why use VLANs? 4. LAN to LAN communication 5. Management port 6. Applications 6.1. Application 1 6.2. Application 2 6.3. Application 3 6.4. Application 4 6.5. Application
More informationDesign and Implementation Guide. Apple iphone Compatibility
Design and Implementation Guide Apple iphone Compatibility Introduction Security in wireless LANs has long been a concern for network administrators. While securing laptop devices is well understood, new
More informationPenn State Wireless 2.0 and Related Services for Network Administrators
The following document provides details about the operation and configuration parameters for Penn State Wireless 2.0 and Visitor Wireless. It is intended for Penn State network administrators who are considering
More informationLANs and VLANs A Simplified Tutorial
Application Note LANs and VLANs A Simplified Tutorial Version 3.0 May 2002 COMPAS ID 90947 Avaya Labs 1 Companion document IP Addressing: A Simplified Tutorial COMPAS ID 92962 2 Introduction As the name
More informationChapter 3 Management. Remote Management
Chapter 3 Management This chapter describes how to use the management features of your ProSafe 802.11a/g Dual Band Wireless Access Point WAG102. To access these features, connect to the WAG102 as described
More informationConfiguring QoS. Understanding QoS CHAPTER
24 CHAPTER This chapter describes how to configure quality of service (QoS) by using standard QoS commands. With QoS, you can give preferential treatment to certain types of traffic at the expense of others.
More informationController Management
Controller Management - Setup & Provisioning - 1 PRONTO SERVICE CONTROLLER (PN-CPP-A-1422) 2 PSC Key Features Fully interoperable with IEEE802.11b/g compliant products External AP support and management
More informationWiNG5 CAPTIVE PORTAL DESIGN GUIDE
WiNG5 DESIGN GUIDE By Sriram Venkiteswaran WiNG5 CAPTIVE PORTAL DESIGN GUIDE June, 2011 TABLE OF CONTENTS HEADING STYLE Introduction To Captive Portal... 1 Overview... 1 Common Applications... 1 Authenticated
More informationHow to configure your Thomson SpeedTouch 780WL for ADSL2+
How to configure your Thomson SpeedTouch 780WL for ADSL2+ Connecting up your router This guide assumes that you have successfully: unpacked your router connected it up to your phone socket using the DSL
More informationHow To Understand and Configure Your Network for IntraVUE
How To Understand and Configure Your Network for IntraVUE Summary This document attempts to standardize the methods used to configure Intrauve in situations where there is little or no understanding of
More informationTotalCloud Phone System
TotalCloud Phone System Cisco SF 302-08P PoE VLAN Configuration Guide Note: The below information and configuration is for deployment of the Cbeyond managed switch solution using the Cisco 302 8 port Power
More informationUnified Access Point Administrator's Guide
Unified Access Point Administrator's Guide Product Model: DWL-3600AP DWL-6600AP DWL-8600AP Unified Wired & Wireless Access System Release 2.0 November 2011 Copyright 2011. All rights reserved. November
More informationEVOLVING ENTERPRISE NETWORKS WITH SPB-M APPLICATION NOTE
EVOLVING ENTERPRISE NETWORKS WITH SPB-M APPLICATION NOTE EXECUTIVE SUMMARY Enterprise network managers are being forced to do more with less. Their networks are growing in size and complexity. They need
More informationIP Addressing and Subnetting. 2002, Cisco Systems, Inc. All rights reserved.
IP Addressing and Subnetting 2002, Cisco Systems, Inc. All rights reserved. 1 Objectives Upon completion, you will be able to: Discuss the Types of Network Addressing Explain the Form of an IP Address
More informationNetwork Security Solutions Implementing Network Access Control (NAC)
Network Security Solutions Implementing Network Access Control (NAC) Tested Solution: Protecting a network with Sophos NAC Advanced and Switches Sophos NAC Advanced is a sophisticated Network Access Control
More informationExhibit n.2: The layers of a hierarchical network
3. Advanced Secure Network Design 3.1 Introduction You already know that routers are probably the most critical equipment piece in today s networking. Without routers, internetwork communication would
More informationWireless Network Configuration Guide
CIT Table of Contents Introduction... 1 General Wireless Settings... 1 1. Windows XP Wireless Configuration... 2 2. Windows XP Intel Pro Wireless Tool... 7 3. Windows Vista Using the Windows Wireless Tools...
More informationMN-700 Base Station Configuration Guide
MN-700 Base Station Configuration Guide Contents pen the Base Station Management Tool...3 Log ff the Base Station Management Tool...3 Navigate the Base Station Management Tool...4 Current Base Station
More informationSSVP SIP School VoIP Professional Certification
SSVP SIP School VoIP Professional Certification Exam Objectives The SSVP exam is designed to test your skills and knowledge on the basics of Networking and Voice over IP. Everything that you need to cover
More informationHow To Switch In Sonicos Enhanced 5.7.7 (Sonicwall) On A 2400Mmi 2400Mm2 (Solarwall Nametra) (Soulwall 2400Mm1) (Network) (
You can read the recommendations in the user, the technical or the installation for SONICWALL SWITCHING NSA 2400MX IN SONICOS ENHANCED 5.7. You'll find the answers to all your questions on the SONICWALL
More informationChapter 4 Management. Viewing the Activity Log
Chapter 4 Management This chapter describes how to use the management features of your NETGEAR WG102 ProSafe 802.11g Wireless Access Point. To get to these features, connect to the WG102 as described in
More informationRAP Installation - Updated
RAP Installation - Updated August 01, 2012 Aruba Controller Release 6.1.3.2 The Controller has several wizards that can guide you through a variety of configuration processes. On the Configuration tab
More informationDEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Edge Gateway for Layered Security and Acceleration Services
DEPLOYMENT GUIDE Version 1.0 Deploying the BIG-IP Edge Gateway for Layered Security and Acceleration Services Table of Contents Table of Contents Using the BIG-IP Edge Gateway for layered security and
More informationForeScout CounterACT. Device Host and Detection Methods. Technology Brief
ForeScout CounterACT Device Host and Detection Methods Technology Brief Contents Introduction... 3 The ForeScout Approach... 3 Discovery Methodologies... 4 Passive Monitoring... 4 Passive Authentication...
More informationCCT vs. CCENT Skill Set Comparison
Operation of IP Data Networks Recognize the purpose and functions of various network devices such as Routers, Switches, Bridges and Hubs Select the components required to meet a given network specification
More informationManagement Software. User s Guide AT-S88. For the AT-FS750/24POE Fast Ethernet Smart Switch. Version 1.0. 613-000555 Rev. B
Management Software AT-S88 User s Guide For the AT-FS750/24POE Fast Ethernet Smart Switch Version 1.0 613-000555 Rev. B Copyright 2007 Allied Telesis, Inc. All rights reserved. No part of this publication
More informationWeb Page Redirect. Application Note
Web Page Redirect Application Note Table of Contents Background... 3 Description... 3 Benefits... 3 Theory of Operation... 4 Internal Login/Splash... 4 External... 5 Configuration... 5 Web Page Redirect
More informationSession Title: Exploring Packet Tracer v5.3 IP Telephony & CME. Scenario
Session Title: Exploring Packet Tracer v5.3 IP Telephony & CME Scenario With the scheduled release of Packet Tracer v5.3 in the near future, this case study is designed to provide you with an insight into
More informationQuick Installation Guide
0, Total 18 Quick Installation Guide Sep, 2013 1, Total 18 Thank you for purchasing Enterprise High Gain Outdoor CPE. This manual will instruct you how to configure and manage this CPE, enable you to use
More informationFonality. Optimum Business Trunking and the Fonality Trixbox Pro IP PBX Standard Edition V4.1.2- p13 Configuration Guide
Fonality Optimum Business Trunking and the Fonality Trixbox Pro IP PBX Standard Edition V4.1.2- p13 Configuration Guide Fonality Table of Contents 1. Overview 2. SIP Trunk Adaptor Set-up Instructions 3.
More informationApple Airport Extreme Base Station V4.0.8 Firmware: Version 5.4
1. APPLE AIRPORT EXTREME 1.1 Product Description The following are device specific configuration settings for the Apple Airport Extreme. Navigation through the management screens will be similar but may
More informationOverview of Routing between Virtual LANs
Overview of Routing between Virtual LANs This chapter provides an overview of virtual LANs (VLANs). It describes the encapsulation protocols used for routing between VLANs and provides some basic information
More informationAPPLICATION NOTE. Copyright 2011, Juniper Networks, Inc. 1
APPLICATION NOTE Configuring and Deploying the AX411 Wireless Access Point Copyright 2011, Juniper Networks, Inc. 1 Table of Contents Introduction......................................................................................................3
More informationConfiguring QoS in a Wireless Environment
12 CHAPTER This chapter describes how to configure quality of service (QoS) on your Cisco wireless mobile interface card (WMIC). With this feature, you can provide preferential treatment to certain traffic
More informationProSafe Plus Switch Utility
ProSafe Plus Switch Utility User Guide 350 East Plumeria Drive San Jose, CA 95134 USA September 2010 202-10524-03 v1.0 ProSafe Plus Switch Utility User Guide 2010 NETGEAR, Inc. All rights reserved. No
More informationHow to configure MAC authentication on a ProCurve switch
An HP ProCurve Networking Application Note How to configure MAC authentication on a ProCurve switch Contents 1. Introduction... 3 2. Prerequisites... 3 3. Network diagram... 3 4. Configuring the ProCurve
More informationLab 9.1.1 Organizing CCENT Objectives by OSI Layer
Lab 9.1.1 Organizing CCENT Objectives by OSI Layer Objectives Organize the CCENT objectives by which layer or layers they address. Background / Preparation In this lab, you associate the objectives of
More informationNetwork Detector Setup and Configuration
339 N. Bernardo Avenue, Suite 200 Mountain View, CA 94043 www.airtightnetworks.net MODE SYST RPS MASTR STAT SPEDUPLX STACK 1 2 3 4 5 6 7 8 91 0 11 12 1X 2X 11X 12X 13 14 15 16 1718 19 20 2122 23 24 13X
More informationOSBRiDGE 5XLi. Configuration Manual. Firmware 3.10R
OSBRiDGE 5XLi Configuration Manual Firmware 3.10R 1. Initial setup and configuration. OSBRiDGE 5XLi devices are configurable via WWW interface. Each device uses following default settings: IP Address:
More informationVOICE VLAN SUPPORT IN THE DELL POWERCONNECT 6200
VOICE VLAN SUPPORT IN THE DELL POWERCONNECT 6200 CONTENTS INTRODUCTION 3 REQUIREMENTS 3 USING VOICE VLAN 3 INTERACTION WITH LLDP-MED 4 VOICE VLAN CONFIGURATION 4 CLI CONFIGURATION 4 WEB CONFIGURATION 8
More informationLayer 2 / Layer 3 switches and multi-ssid multi-vlan network with traffic separation
Layer 2 / Layer 3 switches and multi-ssid multi-vlan network with traffic separation This document describes the steps to undertake in configuring a Layer 2/Layer 3 switch (in this document a FMS7382S
More informationTo configure firewall policies, you must install the Policy Enforcement Firewall license.
2. Select either the AP Group or AP Specific tab. Click Edit for the AP group or AP name. 3. Under Profiles, select AP to display the AP profiles. 4. Select the AP system profile you want to modify. 5.
More informationConfiguring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance
CHAPTER 4 Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance This chapter describes how to configure the switch ports and VLAN interfaces of the ASA 5505 adaptive
More informationLayer 3 Network + Dedicated Internet Connectivity
Layer 3 Network + Dedicated Internet Connectivity Client: One of the IT Departments in a Northern State Customer's requirement: The customer wanted to establish CAN connectivity (Campus Area Network) for
More informationCom.X Router/Firewall Module. Use Cases. White Paper. Version 1.0, 21 May 2014. 2014 Far South Networks
Com.X Router/Firewall Module Use Cases White Paper Version 1.0, 21 May 2014 2014 Far South Networks Document History Version Date Description of Changes 1.0 2014/05/21 Preliminary 2014 Far South Networks
More informationConfiguring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance
CHAPTER 5 Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance This chapter describes how to configure the switch ports and VLAN interfaces of the ASA 5505 adaptive
More informationLegacy 802.11 Security
Legacy 802.11 Security Contents Authentication Open System Authentication Shared Key Authentication Wired Equivalent Privacy (WEP) Encryption Virtual Private Networks (VPNs) Point-to-Point Tunneling Protocol
More informationInstallation of the On Site Server (OSS)
Installation of the On Site Server (OSS) rev 1.1 Step #1 - Initial Connection to the OSS Having plugged in power and an ethernet cable in the eth0 interface (see diagram below) you can connect to the unit
More informationDeployment Guide: Cisco Guest Access Using the Cisco Wireless LAN Controller
Deployment Guide: Cisco Guest Access Using the Cisco Wireless LAN Controller August 2006 Contents Overview section on page 1 Configuring Guest Access on the Cisco Wireless LAN Controller section on page
More informationSonicOS Enhanced 5.7.0.2 Release Notes
SonicOS Contents Platform Compatibility... 1 Key Features... 2 Known Issues... 3 Resolved Issues... 4 Upgrading SonicOS Enhanced Image Procedures... 6 Related Technical Documentation... 11 Platform Compatibility
More informationBYOD: BRING YOUR OWN DEVICE.
white paper BYOD: BRING YOUR OWN DEVICE. On-boarding and Securing Devices in Your Corporate Network Preparing Your Network to Meet Device Demand The proliferation of smartphones and tablets brings increased
More information9 Simple steps to secure your Wi-Fi Network.
9 Simple steps to secure your Wi-Fi Network. Step 1: Change the Default Password of Modem / Router After opening modem page click on management - access control password. Select username, confirm old password
More informationMonitoring and Analyzing Switch Operation
B Monitoring and Analyzing Switch Operation Contents Overview..................................................... B-3....................................... B-4 Menu Access To Status and Counters.........................
More informationvsphere Networking ESXi 5.0 vcenter Server 5.0 EN-000599-01
ESXi 5.0 vcenter Server 5.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions
More informationCLOUD NETWORKING FOR ENTERPRISE CAMPUS APPLICATION NOTE
CLOUD NETWORKING FOR ENTERPRISE CAMPUS APPLICATION NOTE EXECUTIVE SUMMARY This application note proposes Virtual Extensible LAN (VXLAN) as a solution technology to deliver departmental segmentation, business
More informationManagement Software. User s Guide AT-S84. For the AT-9000/24 Layer 2 Gigabit Ethernet Switch. Version 1.1. 613-000368 Rev. B
Management Software AT-S84 User s Guide For the AT-9000/24 Layer 2 Gigabit Ethernet Switch Version 1.1 613-000368 Rev. B Copyright 2006 Allied Telesyn, Inc. All rights reserved. No part of this publication
More informationConfiguring Wired 802.1x Authentication on Windows Server 2012
Configuring Wired 802.1x Authentication on Windows Server 2012 Johan Loos johan@accessdenied.be Version 1.0 Why 802.1x Authentication? The purpose of this document is to guide you through the procedure
More informationCisco - Catalyst 2950 Series Switches Quality of Service (QoS) FAQ
Page 1 of 8 Catalyst 2950 Series Switches Quality of Service (QoS) FAQ Document ID: 46523 TAC Notice: What's C han g i n g o n T A C We b H el p u s h el p y ou. Questions Introduction What is the software
More informationVocia MS-1 Network Considerations for VoIP. Vocia MS-1 and Network Port Configuration. VoIP Network Switch. Control Network Switch
Vocia MS-1 Network Considerations for VoIP Vocia software rev. 1.4 or higher required Vocia MS-1 and Network Port Configuration The Vocia Message Server 1 (MS-1) has a number of roles in a Vocia Paging
More informationSecuring end devices
Securing end devices Securing the network edge is already covered. Infrastructure devices in the LAN Workstations Servers IP phones Access points Storage area networking (SAN) devices. Endpoint Security
More informationUsing Templates. Information About Templates. Accessing the Controller Template Launch Pad CHAPTER
CHAPTER 11 This chapter describes how to add and apply templates. Templates allow you to set fields that you can then apply to multiple devices without having to reenter the common information. This chapter
More informationNXC5500/2500. Application Note. Captive Portal with QR Code. Version 4.20 Edition 2, 02/2015. Copyright 2015 ZyXEL Communications Corporation
NXC5500/2500 Version 4.20 Edition 2, 02/2015 Application Note Captive Portal with QR Code Copyright 2015 ZyXEL Communications Corporation Captive Portal with QR Code What is Captive Portal with QR code?
More informationBreak Internet Bandwidth Limits Higher Speed. Extreme Reliability. Reduced Cost.
Break Internet Bandwidth Limits Higher Speed. Extreme Reliability. Reduced Cost. Peplink. All Rights Reserved. Unauthorized Reproduction Prohibited Presentation Agenda Peplink Balance Pepwave MAX Features
More informationConfiguring a customer owned router to function as a switch with Ultra TV
Configuring a customer owned router to function as a switch with Ultra TV This method will turn the customer router into a wireless switch and allow the Ultra Gateway to perform routing functions and allow
More informationApache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide. Revised February 28, 2013 2:32 pm Pacific
Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide Revised February 28, 2013 2:32 pm Pacific Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide
More informationCustom Integration Solutions
Welcome to this introduction into a true business class network solution for you and your clients This solution has been designed, by integrators, for integrators. We look forward to producing an ever
More informationAbstract. Avaya Solution & Interoperability Test Lab
Avaya Solution & Interoperability Test Lab Application Notes for Configuring a Small to Medium Size Business VoIP and Data Network Solution Consisting of HP ProCurve Networking Switches and an Avaya Telephony
More informationIEEE 802.11a/ac/n/b/g Enterprise Access Points ECW5320 ECWO5320. Management Guide. www.edge-core.com. Software Release v2.0.0.1
IEEE 802.11a/ac/n/b/g Enterprise Access Points ECW5320 ECWO5320 Management Guide Software Release v2.0.0.1 www.edge-core.com Management Guide ECW5320 Indoor Enterprise Access Point IEEE 802.11a/ac/n/b/g
More informationConfiguring DHCP Snooping
CHAPTER 19 This chapter describes how to configure Dynamic Host Configuration Protocol (DHCP) snooping on Catalyst 4500 series switches. It provides guidelines, procedures, and configuration examples.
More informationChapter 4 Customizing Your Network Settings
. Chapter 4 Customizing Your Network Settings This chapter describes how to configure advanced networking features of the Wireless-G Router Model WGR614v9, including LAN, WAN, and routing settings. It
More informationNetwork Configuration Example
Network Configuration Example Configuring Multiple Port Mirroring Sessions on EX4200 Switches Published: 2014-04-09 Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 USA 408-745-2000
More informationUnified Access Point Administrator s Guide
Page 1 Table of Contents Section 1 - About This Document...9 Document Organization... 9 Additional Documentation... 9 Document Conventions... 9 Online Help, Supported Browsers, and Limitations... 10 Section
More informationChapter 2 Configuring Your Wireless Network and Security Settings
Chapter 2 Configuring Your Wireless Network and Security Settings This chapter describes how to configure the wireless features of your DG834N RangeMax TM NEXT Wireless ADSL2+ Modem Router. For a wireless
More informationNAC Guest. Lab Exercises
NAC Guest Lab Exercises November 25 th, 2008 2 Table of Contents Introduction... 3 Logical Topology... 4 Exercise 1 Verify Initial Connectivity... 6 Exercise 2 Provision Contractor VPN Access... 7 Exercise
More informationExpert Reference Series of White Papers. vcloud Director 5.1 Networking Concepts
Expert Reference Series of White Papers vcloud Director 5.1 Networking Concepts 1-800-COURSES www.globalknowledge.com vcloud Director 5.1 Networking Concepts Rebecca Fitzhugh, VMware Certified Instructor
More informationVirtual LANs. http://www.cis.ohio-state.edu/~jain/cis788-97/ or http://www.netlab.ohio-state.edu/~jain/cis788-97/ Raj Jain
Virtual LANs Professor of Computer and Information Sciences Please download and print the handouts from: http://www.cis.ohio-state.edu/~jain/cis788-97/ or http://www.netlab.ohio-state.edu/~jain/cis788-97/
More informationWiNG 5.X How-To Guide
WiNG 5.X How-To Guide Captive Portals Part No. TME-12-2012-01 Rev. A MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC
More informationDocument No. FO1004 Issue Date: Draft: Work Group: FibreOP Technical Team July 23, 2013 Final: Single Static IP Customer Owned LAN Router Support
Document No. FO1004 Issue Date: Draft: Work Group: FibreOP Technical Team July 23, 2013 Final: Title: Single Static IP Customer Owned LAN Router Support Version 1.0 Summary: Use the following method to
More informationSet Up a VM-Series Firewall on the Citrix SDX Server
Set Up a VM-Series Firewall on the Citrix SDX Server Palo Alto Networks VM-Series Deployment Guide PAN-OS 6.1 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa
More informationDSL-2600U. User Manual V 1.0
DSL-2600U User Manual V 1.0 CONTENTS 1. OVERVIEW...3 1.1 ABOUT ADSL...3 1.2 ABOUT ADSL2/2+...3 1.3 FEATURES...3 2 SPECIFICATION...4 2.1 INDICATOR AND INTERFACE...4 2.2 HARDWARE CONNECTION...4 2.3 LED STATUS
More informationGVRP Overview. Overview
3 GVRP Contents Overview...................................................... 3-2................................................... 3-3 General Operation........................................... 3-4
More informationCisco Configuring Basic MPLS Using OSPF
Table of Contents Configuring Basic MPLS Using OSPF...1 Introduction...1 Mechanism...1 Hardware and Software Versions...2 Network Diagram...2 Configurations...2 Quick Configuration Guide...2 Configuration
More informationMobility System Software Quick Start Guide
Mobility System Software Quick Start Guide Version 8.0 P/N 530-041387 Rev.05 Table of Contents About this Guide Using the Web Quick Start (WLC2, WLC8, WLC200,WLC800R, and WLC880R) Remotely Configuring
More informationcnds@napier Slide 1 Introduction cnds@napier 1 Lecture 6 (Network Layer)
Slide 1 Introduction In today s and next week s lecture we will cover two of the most important areas in networking and the Internet: IP and TCP. These cover the network and transport layer of the OSI
More informationTable of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example
Table of Contents Wi Fi Protected Access 2 (WPA 2) Configuration Example...1 Document ID: 67134...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...2 Conventions...2 Background Information...2
More information