ExtremeWireless and Your
Network
This section is a
summary of the components of the ExtremeWireless solution on your enterprise network. The following are described
in detail in this guide, unless otherwise stated:
- ExtremeWireless Appliance — A rack-mountable network device or virtual appliance that
provides centralized control over all access points and manages the network assignment
of wireless device clients associating through access points.
- Wireless AP — A
wireless LAN fit access point that communicates with a controller.
- RADIUS Server (Remote Access Dial-In User Service) (RFC2865), or other authentication server — An authentication server that assigns and manages ID and Password protection throughout the network. Used for authentication of the wireless users in either 802.1x or Captive Portal security modes. The RADIUS Server system can be set up for certain standard attributes, such as filter ID, and for the Vendor Specific Attributes (VSAs). In addition, RADIUS Disconnect (RFC3576) which permits dynamic adjustment of user role (user disconnect) is supported.
- DHCP (Dynamic Host Configuration Protocol) Server (Dynamic Host Configuration Protocol) (RFC2131) — A server
that assigns dynamically IP addresses, gateways, and subnet masks. IP address assignment
for clients can be done by the DHCP server internal to the controller, or by existing
servers using DHCP relay. It is also used by the APs to discover the location of the
controller during the initial registration process using Options 43, 60, and Option 78.
Options 43 and 60 specify the vendor class identifier (VCI) and vendor specific
information. Option 78 specifies the location of one or more SLP Directory Agents. For
SLP, DHCP should have Option 78 enabled.
- Service Location Protocol (SLP) (SLP RFC2608) — Client applications
are User Agents and services that are advertised by a Service Agent. In larger
installations, a Directory Agent collects information from Service Agents and creates a
central repository. The Extreme Networks
solution relies on registering “Extreme Networks” as an SLP Service Agent.
- Domain Name Server
(DNS) — A server used as an alternate mechanism (if present on the enterprise network)
for the automatic discovery process. Controller, Access Points and Convergence Software
relies on the DNS for Layer 3 deployments and for static configuration of the APs. The
controller can be registered in DNS, to provide DNS assisted AP discovery. In addition,
DNS can also be used for resolving RADIUS server hostnames.
- Web Authentication
Server — A server that can be used for external Captive Portal and external
authentication. The controller has an internal Captive portal presentation page, which
allows web authentication (web redirection) to take place without the need for an
external Captive Portal server.
- RADIUS Accounting Server (Remote Access Dial-In User Service) (RFC2866) — A server that is required if RADIUS Accounting is enabled.
- SNMP (Simple Network Management Protocol) — A Manager Server that is required if forwarding SNMP messages is
enabled.
- Network Infrastructure — The Ethernet switches and routers must be configured to allow routing between the various services noted above. Routing must also be enabled between multiple controllers for the following features to operate successfully:
- Web Browser — A
browser provides access to the controller Management user interface to configure the ExtremeWireless
system.
- SSH Enabled Device — A device that supports Secure Shell (SSH) is used for remote (IP) shell access to the system.
- Zone Integrity — The Zone integrity server enhances network security by ensuring clients accessing your network are compliant with your security roles before gaining access. Zone Integrity Release 5 is supported.
- (Optional) Online Signup Server — For use with Hotspot Networks.