IdentiFi and Eduroam Roaming Wireless Service Integration CONFIGURATION GUIDE



Similar documents
OneFabric Connect and Lightspeed Systems Rocket Web Filtering Appliance

Penn State Wireless 2.0 and Related Services for Network Administrators

Case Study - Configuration between NXC2500 and LDAP Server

OneFabric Connect and iboss Internet Filtering Appliance

Microsoft Lync Certification Configuration Guide for WiNG 5.5

Eduroam wireless network - Windows 7

Data Center Manager (DCM)

Design and Implementation Guide. Apple iphone Compatibility

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

Eduroam wireless network Windows Vista

User Guide for eduroam

Secure WiFi Access in Schools and Educational Institutions. WPA2 / 802.1X and Captive Portal based Access Security

OneFabric Connect. Overview. Extend the OneFabric architecture to 3rd party applications DATA SHEET BENEFITS BUSINESS ALIGNMENT

Eduroam wireless network Apple Mac OSX 10.4

ICT DEPARTMENT. Windows 7. Wireless Authentication Procedures for Windows 7 & 8 Users For Linux and windows XP users visit ICT office

Edith Cowan University Information Technology Services Centre

Chapters. Prerequisites: Eduroam in a Microsoft Windows 2008r2 environment.

Best Practices for Outdoor Wireless Security

Eduroam wireless network Apple Mac OSX 10.5

NXC5500/2500. Application Note. Captive Portal with QR Code. Version 4.20 Edition 2, 02/2015. Copyright 2015 ZyXEL Communications Corporation

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example

How To Use An Ipad Wireless Network (Wi Fi) With An Ipa (Wired) And An Ipat (Wired Wireless) Network (Wired Wired) At The Same Time

Wi- Fi settings for Windows XP

A practical guide to Eduroam

white paper Motorola s Wireless network Indoor/Outdoor Solution

Wireless Network Configuration Guide

WLAN Security is in the Architecture ICEFIN Workshop presentation Arch Red Oy, Karri Huhtanen, managing director

Dramatically simplifying voice and data networking HOW-TO GUIDE. Bundle Quick Start Guide

VLANs. Application Note

Palo Alto Networks User-ID Services. Unified Visitor Management

OneFabric Connect and Fiberlink MaaS360 Mobile Device Management (MDM)

Aerohive Private PSK. solution brief

Observer Analyzer Provides In-Depth Management

Lucent VPN Firewall Security in x Wireless Networks

NXC5200/ NWA5000-N Series Wireless LAN Controller/ a/b/g/n Managed Access Point

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

ExtremeWireless Getting Started Guide

The Ultimate WLAN Management and Security Solution for Large and Distributed Deployments

Windows 8 & RT Wireless Configuration For NCC Student Owned Laptops

Configure WorkGroup Bridge on the WAP131 Access Point

WIRELESS SETUP FOR WINDOWS 7

ARCHITECT S GUIDE: Mobile Security Using TNC Technology

Deploying Cisco Basic Wireless LANs WDBWL v1.1; 3 days, Instructor-led

Windows Vista and Windows 7 Wireless Configuration For NCC Faculty and Staff Owned Laptops

Massey University Wireless Network - Client

2.1.1 This policy and any future changes requires ratification by CAUDIT.

WLAN Information Security Best Practice Document

Network Services One Washington Square, San Jose, CA

NETGEAR /ValuePoint Networks Interoperability Report

Meraki Wireless Solution Comparison

ADDENDUM 12 TO APPENDIX 8 TO SCHEDULE 3.3

WiNG5 CAPTIVE PORTAL DESIGN GUIDE

Last Updated: January 23, FLCCsecure

How to: Accessing the TU/e wireless network using Windows XP

Virtuelle WLAN Controller Alcatel Lucent Wireless LAN Instant AP

Extreme Networks CoreFlow2 Technology TECHNOLOGY STRATEGY BRIEF

Canterbury College Eduroam Wi-Fi Guide

RAP Installation - Updated

Connecting to UNOSECURE using Windows 7

Tech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks

Application Note User Groups

Integrating a Hitachi IP5000 Wireless IP Phone

Configuring Windows 7 for eduroam at DkIT

WiFi troubleshooting. How s your WiFi signal? Android WiFi settings. ios WiFi settings

Belnet Networking Conference 2013

Installation Guides - Information required for connection to the Goldfields Institute s (GIT) Wireless Network

Abstract. Avaya Solution & Interoperability Test Lab

WiFi Internet Access. Windows XP Setup Instructions. Please Return After Use. Produced Oct 2010

Optimizing Microsoft Lync Deployments on Extreme Networks IdentiFi Wireless

eduroam Network guide configuration for Microsoft Windows 7

Configuration of Cisco Autonomous Access Point with 802.1x Authentication for Avaya 3631 Wireless Telephone

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

ForeScout CounterACT. Device Host and Detection Methods. Technology Brief

Extreme Networks NetSight SDN Integration with A10 Networks Load Balancer, Service Pools and Virtualization Resources

WLAN Security: Identifying Client and AP Security

Configuration Guide. How to Configure the AP Profile on the DWC Overview

MDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series

WiNG 5.X How-To Guide

Use the below instructions to configure your wireless settings to connect to the secure wireless network using Microsoft Windows Vista/7.

Aruba-Certified Design Expert (ACDX) Study Guide

BYOD: BRING YOUR OWN DEVICE.

Module 6, Assignment 5

Automatic Setup... 1 Manual Setup... 2 Installing the Wireless Certificates... 18

Configuring Security Solutions

PCI v2.0 Compliance for Wireless LAN

Break Internet Bandwidth Limits Higher Speed. Extreme Reliability. Reduced Cost.

How to Configure a BYOD Environment with the DWS-4026

Deploying iphone and ipad Virtual Private Networks

Connecting to Secure Wireless (iitk-sec) on Fedora

Key Features. Multiple Operation Modes ENH500 can operate into four different modes with Access Point, Client Bridge, Client Router and WDS Mode.

Connecting to the University Wireless Network

1 Purpose Scope Roles and Responsibilities Physical & Environmental Security Access Control to the Network...

BSc (Hons.) Computer Science with Network Security. Examinations for 2011/ Semester 2

How To Manage A Wireless Network With Avaya Wlan 9100 Series (Wlan) System (Wos)

Wireless Network Analysis. Complete Network Monitoring and Analysis for a/b/g/n

Extreme Networks Solutions for Microsoft Skype for Business Deployments SOLUTION BRIEF

eduroam wireless setup guide for Windows 7, XP and Vista

Configuring High Availability for Embedded NGX Gateways in SmartCenter

U.S. Patent Appl. No. 13/ filed September 28, 2011 NETWORK ADDRESS PRESERVATION IN MOBILE NETWORKS TECHNICAL FIELD

Transcription:

IdentiFi and Eduroam Roaming Wireless Service Integration CONFIGURATION GUIDE

TABLE OF CONTENTS Introduction... 3 Prerequisites... 3 Design and Deployment Overview... 4 Configuring the wireless SSID and IdentiFi controller... 5 Configuring IdentiFi NAC... 9 IdentiFi and Eduroam Roaming Wireless Service Integration Configuration Guide 2

BUYER S GUIDE This document details the integration of Eduroam wireless service with IdentiFi platform. Introduction Eduroam (Education Roaming) is the secure, world-wide roaming access service developed for the international research and education community. Eduroam allows students, researchers and staff from participating institutions to obtain Internet connectivity across campus and when visiting other participating institutions by simply opening their laptop. Having started in Europe, eduroam has gained momentum throughout the research and education community and is now available in 54 countries. Combining Eduroam with IdentiFi platform, it is possible to extend enterprise-level visibility and control capabilities, while keeping the open nature of the service. Prerequisites The solution requires a complete IdentiFi solution, along with Roaming Operator (RO) and Roaming Confederation (RC) compliance. Eduroam policy agreement and framework is not discussed in this document, please refer to www.eduroam.org for details. Netsight, NAC and Wireless basic infrastructure configuration are not covered in this document, please refer to NetSight and Wireless controller manuals for details. Solution Components (customer site): NetSight Management Suite 6.0 or above IdentiFi Wireless controller and AP infrastructure 9.0 or above NAC Network Access Control appliance 6.0 or above LICENSING: NMS and NAC license sizing depends on the amount of end-systems (wireless clients) managed by the infrastructure, please contact your local account manager for further details. IdentiFi and Eduroam Roaming Wireless Service Integration Configuration Guide 3

Design and Deployment Overview The solution is composed by the following modules: Eduroam RADIUS server NetSight management server Mobile IAM (NAC) appliance IdentiFi Wireless controller APs For simplification, Netsight server, NAC and Wireless controller will be referred as a single IdentiFi module in the below diagram: The solutions is leveraging NAC RADIUS proxy feature, in order to relay authentication requests generated by the wireless infrastructure, toward Eduroam RADIUS server. The advantage is for both accountability and visibility, allowing granular control over the clients accessing the network. IdentiFi and Eduroam Roaming Wireless Service Integration Configuration Guide 4

Configuring the wireless SSID and IdentiFi controller Configuring IdentiFi wireless controller for Eduroam, requires the following: 1. Add a NAC server (IdentiFi IAM) on the wireless controller: IdentiFi and Eduroam Roaming Wireless Service Integration Configuration Guide 5

2. Create a dedicated topology under Controller->Network->Topologiesf Note: topology mode depends on local network infrastructure and design, it could be either bridged at AP, bridged at controller (example) or routed at controller. It is common practice to assign a dedicated VLAN or network space, in order to segment Eduroam traffic from production network. 3. Create a network role for Eduroam service: IdentiFi and Eduroam Roaming Wireless Service Integration Configuration Guide 6

Please refer to both Eduroam and local network guidelines, in order to define a proper set of network policies for inbound and outbound traffic of Eduroam users. 4. Create a new WLAN Service, selecting all the APs and radios serving the SSID select WPA 2 (AES) for encryption IdentiFi and Eduroam Roaming Wireless Service Integration Configuration Guide 7

specify the previously created RADIUS server (Identifi IAM) for both authentication and accounting 5. Create a new VNS IdentiFi and Eduroam Roaming Wireless Service Integration Configuration Guide 8

Configuring IdentiFi NAC IdentiFi NAC allows to relay RADIUS request coming from the wireless controller, to a specific RADIUS servers, based on the domain portion of the username. As foreign users domains are unknown, it is necessary to first define an AAA policy for local domain, then a catch-all policy, where all requests * are forwarded to Eduroam RADIUS server. 1. Create a new RADIUS server (Eduroam) in advanced configuration window: 2. Create a catch-all policy for non-local domain (Eduroam) users: IdentiFi and Eduroam Roaming Wireless Service Integration Configuration Guide 9

3. Create an Eduroam NAC rule set based on a specific location (Eduroam SSID), so dynamic policies can be specified for the new wireless service, changing eduroam base network profile. IdentiFi and Eduroam Roaming Wireless Service Integration Configuration Guide 10

http://www.extremenetworks.com/contact Phone +1-408-579-2800 2014 Extreme Networks, Inc. All rights reserved. Extreme Networks and the Extreme Networks logo are trademarks or registered trademarks of Extreme Networks, Inc. in the United States and/or other countries. All other names are the property of their respective owners. For additional information on Extreme Networks Trademarks please see http://www.extremenetworks.com/company/legal/trademarks/. Specifications and product availability are subject to change without notice. 8654-0714 WWW.EXTREMENETWORKS.COM IdentiFi and Eduroam Roaming Wireless Service Integration Configuration Guide 11

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information