Overriding RF Domain SSID and other Configurations

About this task

Each WLAN provides associated wireless clients with a SSID (Service Set Identifier). This has limitations, because it requires wireless clients associate with different SSIDs to obtain QoS and security policies. However, a WiNG managed RF Domain can have WLANs assigned and advertise a single SSID, but allow users to inherit different QoS or security policies. Use the Override SSID screen to assign WLANs an override SSID as needed for the RF Domain.

Controllers and service platforms allow the mapping of a WLAN to more than one VLAN. When a wireless client associates with a WLAN, it is assigned a VLAN in such a way that users are load balanced across VLANs. The VLAN is assigned from the pool representative of the WLAN. Clients are tracked per VLAN, and assigned to the least used/loaded VLAN. Client VLAN usage is tracked on a per-WLAN basis.

To define an override SSID and override VLAN configuration used with a RF Domain:

Procedure

  1. Go to Configuration → RF Domain. The RF Domain screen displays. This screen lists the RF Domains (default and user-created) witihin the network.
  2. Double-click on the RF Domain to which SSID and VLAN overrides is to be applied.
    The selected RF Domain's configuration menu displays.
  3. Select Overrides.
    The RF Domain overrides screen, with the Override SSID screen selected by default, displays.
    Click to expand in new window
    RF Domain Override SSID Screen
    GUID-0391E9DB-449A-4EA1-94E6-B79548EA1EF5-low.png
  4. Select the + Add Row button to create a new Override SSID configuration.
    To remove an existing Sensor Server Configuration from the table, highlight it and select the Delete icon.
  5. Use the WLAN drop-down menu to select an existing WLAN to be supplied an override SSID.
    If a WLAN configuration has not been defined, select the Create button and define at least one complete WLAN configuration. For detailed information on the steps required to create a WLAN, see Wireless LAN Policies.
  6. Enter the name of the SSID to use with this WLAN.
  7. Select OK to save the override SSID configuration changes, or select Reset to revert to the last saved configuration.
  8. Select the Override WPA2 Key tab.
    The Override WPA2 Key screen enables an administrator to override a WLAN‘s existing WPA2 PSK at the RF Domain level (not the profile level). WPA2 is a newer 802.11i standard that provides even stronger wireless security than WPA and WEP.
    Click to expand in new window
    RF Domain Override WPA2 PSK Screen
    GUID-731FF93B-6EB7-47DE-BE7A-76FFBC007EED-low.png
  9. Select the + Add Row button to populate the screen with a row for selecting an existing WLAN to override with a new WPA2 key.
    WLAN Use the drop-down menu to selecting an existing WLAN whose key is to be overridden at the RF Domain level. A new WLAN configuration can be defined by selecting the Create icon, or an existing WLAN configuration can be modified by selecting the Edit icon.
    WPA2 Key Enter either an alphanumeric string of 8 to 64 ASCII characters or 64 HEX characters as the primary string both transmitting and receiving authenticators must share in this new override PSK. The alphanumeric string allows character spaces. The string is converted to a numeric value. This passphrase saves the administrator from entering the 256-bit key each time keys are generated.
  10. Select OK to save the changes to the Override WPA2 Key configuration, or select Reset to revert to the last saved configuration.
  11. Select the Override WEP128 Keys tab.

    The Override WEP128 Keys screen enables an administrator to override a WLAN‘s existing WEP 128 Keys at the RF Domain level (not the profile level). WEP 128 uses a 104 bit key which is concatenated with a 24-bit IV (initialization vector) to form the RC4 traffic key. WEP may be all a small-business user needs for the simple encryption of wireless data on the WLAN. However, networks that require more security are at risk from a WEP flaw. WEP is only recommended if there are client devices incapable of using higher forms of security. The existing 802.11 standard alone offers administrators no effective method to update keys.

    The screen displays existing WLANs whose WEP 128 key configuration can be overridden at the RF Domain level. Either select Add to create a new WEP 128 key configuration, or select an existing WEP 128 key and the Edit button to modify the selected key‘s existing key algorithm. The screen populates with the parameters required to override a WEP 128 configuration for the selected WLAN.

    Click to expand in new window
    RF Domain Override WEP128 Keys Screen
    GUID-266AC159-8F61-4EA0-87E5-57A47FABFCA2-low.png
  12. Define the following settings for the WEP 128 key override:
    Generate Keys Specify a 4- to 32-character RF Domain override Pass Key and click the Generate button. The pass key can be any alphanumeric string. Wireless devices and their connected clients use the algorithm to convert an ASCII string to the same hexadecimal number. Clients without adapters need to use WEP keys manually configured as hexadecimal numbers.
    Keys 1-4 Use the Key #1-4 areas to specify key numbers. For WEP 128 (104-bit key), the keys are 26 hexadecimal characters in length. Select one of these keys for default activation by clicking its radio button. Selecting Show displays a key in exposed plain text.
    Restore Default WEP Keys If you feel it necessary to restore the WEP algorithm back to its default settings, click the Restore Default WEP Keys button. Default WEP 128 keys are as follows:
    • Key 1 101112131415161718191A1B1C
    • Key 2 202122232425262728292A2B2C
    • Key 3 303132333435363738393A3B3C
    • Key 4 404142434445464748494A4B4C
  13. Select OK to save the override WEP 128 Key configuration changes, or select Reset to revert to the last saved configuration.
  14. Select the Override VLAN tab.
    The Override VLAN screen lists those WLANs available for override.
    Click to expand in new window
    RF Domain Override VLAN screen
    GUID-F593515D-B09C-4460-A2AA-1D7BAB6EC849-low.png
  15. Select Add to define a new VLAN override configuration, choose an existing WLAN and select Edit to change the override VLAN and limit, or select Delete to remove a WLAN‘s override VLAN configuration
    Click to expand in new window
    RF Domain Override VLAN Add screen
    GUID-13B0D65C-8925-4B1B-B30D-6F92E3660F06-low.png
  16. Use the VLAN spinner control to change the VLANs for an existing WLAN client connection, or select the + Add Row button to add additional VLANs for WLAN client connection.
  17. Use the Wireless Client Limit spinner control to set the client user limit for the VLAN.
    The maximum allowed client limit is 8192 per VLAN. VLANs can be defined from 1 - 4094. The default setting is 0.
  18. Select OK to save the override VLAN configuration changes, or select Reset to revert to the last saved configuration.
  19. Select the Override WLAN Shutdown tab.
  20. Select the + Add Row button to populate the screen with a row for selecting an existing WLAN to override the WLAN mode of operation.
    Click to expand in new window
    RF Domain Override Override WLAN Shutdown Add Screen
    GUID-55FA361A-0B74-42FC-9AA2-0B1A796D7CD0-low.png
    Configure the following parameters:
    WLAN Use the drop-down menu to select an existing WLAN whose mode of operation is to be overridden at the RF Domain level.
    Shutdown Select to shut down the WLAN operation on all mapped radios. When selected, the RF Domains access points, mapped to the selected WLAN, stop beaconing the WLAN's SSID.
  21. Select OK to save the override VLAN shutdown configuration changes, or select Reset to revert to the last saved configuration.