Case Study - Configuration between NXC2500 and LDAP Server



Similar documents
Windows Vista: Connecting to the wireless network at Hood College

Lab Configuring LEAP/EAP using Local RADIUS Authentication

Wireless Network Configuration Guide

User Guide for eduroam

NXC5500/2500. Application Note. Captive Portal with QR Code. Version 4.20 Edition 2, 02/2015. Copyright 2015 ZyXEL Communications Corporation

Connecting to UNOSECURE using Windows 7

Use the below instructions to configure your wireless settings to connect to the secure wireless network using Microsoft Windows Vista/7.

How to Access Coast Wi-Fi

Connecting to the University Wireless Network

Connecting to Secure Wireless (iitk-sec) on Fedora

Installation Guides - Information required for connection to the Goldfields Institute s (GIT) Wireless Network

Automatic Setup... 1 Manual Setup... 2 Installing the Wireless Certificates... 18

Wireless LAN Client Configuration Guide for Windows Configuring 802.1X Authentication Client for Windows 7

WIRELESS SETUP FOR WINDOWS 7

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

Seamless and Secure Access (SSA) Manual Configuration Guide for Windows 7

AP6511 First Time Configuration Procedure

Interlink Networks Secure.XS and Cisco Wireless Deployment Guide

INFORMATION SYSTEMS SERVICE NETWORKS AND TELECOMMUNICATIONS SECTOR

D-Link DAP-1360 Repeater Mode Configuration

Scenario: IPsec Remote-Access VPN Configuration

How To Connect To A Wireless Network On Windows 7 (Windows 7) On A Pc Or Mac Or Ipad (Windows) On Pc Or Ipa (Windows 8) On Your Computer Or Mac (Windows). (Windows.7) On An

Creating a User Profile for Outlook 2013

CruzNet Secure Set-Up Instructions for Windows Vista

How to connect to the diamonds wireless network with Vista.

Network Services One Washington Square, San Jose, CA

Connec ng to Northwest s WIFI with Windows 7

V310 Support Note Version 1.0 November, 2011

H3C SSL VPN RADIUS Authentication Configuration Example

How to connect to NAU s WPA2 Enterprise implementation in a Residence Hall:

Create a VPN on your ipad, iphone or ipod Touch and SonicWALL NSA UTM firewall - Part 1: SonicWALL NSA Appliance

How To Set Up Isu-Oit-Wpa On Windows 7 For Wireless Access (Isu- Oit- Wpa) On A Pc Or Mac Or Ipa (Windows 7) On An Ipa Or Ipac (Windows

Connecting to the Rovernet WPA2 Secured Wireless Network with Windows 7

VPN PPTP Application. Installation Guide

UAG4100 Support Notes

ICT DEPARTMENT. Windows 7. Wireless Authentication Procedures for Windows 7 & 8 Users For Linux and windows XP users visit ICT office

Video Administration Backup and Restore Procedures

Wireless Setup for Windows 8

Note that if at any time during the setup process you are asked to login, click either Cancel or Work Offline depending upon the prompt.

Management Authentication using Windows IAS as a Radius Server

Abstract. Avaya Solution & Interoperability Test Lab

Edith Cowan University Information Technology Services Centre

For paid computer support call

Configure WorkGroup Bridge on the WAP131 Access Point

WiNG5 CAPTIVE PORTAL DESIGN GUIDE

Creating a Client-To-Site VPN. BT Cloud Compute. The power to build your own cloud solutions to serve your specific business needs.

UAG Series. Application Note. Unified Access Gateway. Version 4.00 Edition 1, 04/2014. Copyright 2014 ZyXEL Communications Corporation

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

Wi- Fi settings for Windows XP

I. What is VPN? II. Types of VPN connection. There are two types of VPN connection:

Setting up Windows XP for WPA Wireless Access (ISU-OIT-WPA)

Instructions for connecting to winthropsecure. Windows 7/8 Quick Connect Windows 7/8 Manual Wireless Set Up Apple Quick Connect Apple Settings Check

SIP Trunking using Optimum Business SIP Trunk Adaptor and the Cisco Call Manager Express Version 8.5

Product Summary RADIUS Servers

Configuring Routers and Their Settings

Connecting to eduroam using Windows 8

Windows Vista and Windows 7 Wireless Configuration For NCC Faculty and Staff Owned Laptops

Microsoft Lync Certification Configuration Guide for WiNG 5.5

Authenticating users of Cisco NCS or Cisco Prime Infrastructure against Microsoft NPS (RADIUS)

Configuration Guide for RFMS 3.0 Initial Configuration. WiNG 5 How-To Guide. Role-Based Firewall. June 2011 Revision 1.0

Instructions for accessing the new TU wireless Network

HKBN Wi-Fi Service User Guide

Enable VPN PPTP Server Function

Purple Sturgeon Standard VPN Installation Manual for Windows XP

The back story of our Wireless (reading will help you understand what is going on in the building):

OUTLOOK EXPRESS ACCOUNT SETUP FOR USE WITH ELLIPSE ADVANCED SPAM FILTER

Airnet-Student is a new and improved wireless network that is being made available to all Staffordshire University students.

MBC WiFi wireless logon: Windows 7 (laptop)

Configuration of Cisco Autonomous Access Point with 802.1x Authentication for Avaya 3631 Wireless Telephone

External Authentication with Windows 2003 Server with Routing and Remote Access service Authenticating Users Using SecurAccess Server by SecurEnvoy

Mac OS X Secure Wireless Setup Guide

Step-by-step Guide for Configuring Cisco ACS server as the Radius with an External Windows Database

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

Integrating LANGuardian with Active Directory

Connect to the Sheridan College / Gillette College - STUDENT Secure Wireless Network with the PEAP Client (Windows XP Pro)

Configuring Avaya 1120E, 1140E, 1220 and 1230 IP Deskphones with Avaya IP Office Release 6.1 Issue 1.0

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example

How to integrate RSA ACE Server SecurID Authentication with Juniper Networks Secure Access SSL VPN (SA) with Single Node or Cluster (A/A or A/P)

Massey University Wireless Network - Client

How to set up Outlook Anywhere on your home system

Lab a Configure Remote Access Using Cisco Easy VPN

Windows 8 & RT Wireless Configuration For NCC Student Owned Laptops

Configuring Outlook for IMAP. Creating a New IMAP Account. Modify an Existing Account

Cisco VPN Client Troubleshooting Error Messages

WiNG 5.X How-To Guide

Scenario: Remote-Access VPN Configuration

Training Module for Customer Portal & Customer Care. Enabling the Next Wave of Connectivity

How to set up as VPN Network

External Authentication with Windows 2008 Server with Routing and Remote Access Service Authenticating Users Using SecurAccess Server by SecurEnvoy

Step by step guide for connecting PC to wired LAN at dormitories of University of Pardubice

6. After connecting reopen the wireless connections window. Right click on RamNet and select properties. Page 2 of 7

AeroLab Wireless Network Code of Conduct. Connecting to the AeroLab Wireless Network

External Authentication with Cisco VPN 3000 Concentrator Authenticating Users Using SecurAccess Server by SecurEnvoy

VPN L2TP Application. Installation Guide

VPN Configuration Guide LANCOM

Quality Center LDAP Guide

Quick Instructions Installing on a VPS (Virtual Private Server)

How to Set Up Your. Account

Transcription:

Case Study - Configuration between NXC2500 and LDAP Server 1

1. Scenario:... 3 2. Topology:... 4 3. Step-by-step Configurations:...4 a. Configure NXC2500:...4 b. Configure LDAP setting on NXC2500:...10 c. Windows wireless connection setting:...13 4. Verification:......22 5. Reference:..23 2

1. Scenario A customer may have an NXC2500 controller to manage applications on the network and wants to use an LDAP server for wireless authentication instead of a pre-shared key. In this kind of an application, wireless clients do not need to remember pre-shared keys, which are not easy to remember because MIS needs to make the key complicated or change pre-share key every day in order to reduce the security risk. MIS could use a staff s working account as a username and password in the LDAP database so that wireless clients will not easily forget the authentication information. Otherwise, MIS does not need to require all the staff to remember new passwords, if someone does not work in the company anymore. MIS can just delete the user from the LDAP server to prevent users who are not working company from connecting to the wireless network. Customer Background Info and Requirements: 1. Customer has a NXC controller and LDAP server in the network. 2. Customer can centralize managing the wireless clients authentication information in LDAP database and APs. Proposal: 1. We will use one Wireless LAN Controller (NXC2500) to control the managed APs. 2. Customer can create a username and password for wireless authentication in LDAP database. 3

2. Topology 3. Step-by-step Configuration a. Configure NXC2500 Step 1. Go to Configuration > Interface > VLAN to remove ge1 from vlan0. 4

Step 2. Set ge1 interface type to External and get IP address automatically. 5

Step 3. Enable DHCP server in vlan 0, IP pool address starts from 192.168.1.200, pool size 20. Step 4. Configure policy route to allow the LAN to accesses the Internet. In Configuration > Network > Routing add a policy route. 6

7

Step 5. Configure AP Profile 5-1 In Configuration > Object > AP Profile > SSID 5-2 In Configuration > Object > AP Profile > SSID > Security List 8

5-3 In Configuration > Object > AP Profile > Radio > Edit to choose configured SSID Profile. 9

b. Configure LDAP setting on NXC2500 Please notice the user password in LDAP server is plain text in this example. Step 1. Configure AAA server In Configuration > Object > AAA Server > LDAP > Edit 10

Step 2. Test LDAP user 11

Step 3. Configure Auth. Method In Configuration > Object > Auth. Method > Edit to add group ldap 12

c. Windows wireless connection setting Step 1. Open Network and Sharing Center. 13

Step 2. Click on Manage wireless networks. Step 3. Click on Add to add a new wireless profile. 14

Step 4. Click on Manually create a network profile to create a new wireless manually. 15

Step 5. Key-in the SSID that you configured in NXC2500 in Network name field and select Security type and Encryption type that you configured in NXC2500 AP profile. Step 6. Click on Properties to continue to the detailed settings. Step 7. Click Security tab for more settings 16

Step 8. Uncheck the Validate server certificate and then click on Configure. 17

Step 9. Uncheck Automatically sue my Windows login name and password (and domain if any). Then, go back to Protected EAP Properties and click on the OK button. Step 10. Click on Advanced Settings. 18

Step 11. Place a check in the Specify authentication mode and select user or computer authentication. 19

Step 12. Return to the Wireless Network Connection and click on the SSID that you configured manually before. Note: if the Encryption type setting does not meet the setting in NXC2500, you will see a cross shown on the picture. 20

Step 13. Enter the username and password created in the LDAP server. The wireless authentication will be successful. 21

4. Verification from NXC2500. Go to Monitor > Log 22

5. Reference The LDAP encryption is supported on NXC2500. We provide the list of authentication methods, which can be supported. The following table shows the user authentication methods on NXC2500 to support with the password form stored in LDAP server DB. For example, if a customer wants to create a password with SHA1 encryption in the LDAP server for a user, the customer needs to choose network authentication method as EAP-TTLS and Authentication Protocol as PAP on wireless station. 23

24