General
License AP's - license register ap <license key that is
obtained from the HP license center>
"remote forwarding" is the same thing as
"Distributed forwarding" in the MSM
"local forwarding" is the same as "access
controlled" in the MSM
In the WWLAN
Controller engine
port-security enable
oap management-ip
10.0.124.3 slot 0 (10.0.124.3 is
the switch's ip)
undo interface
Vlan-interface1
To See Clients
on AP's
For tunneled client , you
will have to enable arp-snooping with the command
[HP] arp-snooping enable
For locally switched
client, there are several ways but the easiest way is to use the command
[HP]wlan client learn-ipaddr enable
Remote forwarding
wlan ap a048-1234-5678 model MSM430-AM id 61
serial-id CN3ABCDEF
provision
vlan tagged 128
vlan untagged 1 124
country-code US
radio 1
service-template 1
service-template 2
radio enable
radio 2
service-template 1
service-template 2
radio enable
Switch and
Controller Engine Contexts
The appliance has 2 devices built into one: A switch and a
Controller; each with their own context (or engines as the docs refer to them
as)
When you log into to an 830/850/870, you are place at the Controller
engine context.
The controller has only virtual interfaces in BAGG1 which link
to the switch engine via the backplane.
The default ip (192.168.0.100) can be changed. Vlan tagging/untagging is applied to BAGG 1
as needed to forward traffic to the switch.
The switch has a BAGG1 by default with virtual interfaces that
link directly to the Controllers BAGG1.
All interfaces on the front panel of the wwlan controller belong
to the switch engine.
The only existent interface for the controller is BAGG1. The interfaces that are virtual for the
various platforms can be found by looking at the interfaces in BAG1 (dis
link-agg verbose bridge 1).
From the Controller context, to move to the switch context:
<HP> oap connect
slot 0
to Return to Controller Engine
cntrl-k
Flash
The switch uses flash while the controller use a compact
flash: switch=flash controller=cfa0
Switch
<HP>save
Please input the file name(*.cfg)[flash:/startup.cfg]
To move back into the
Controller engine
<HP> cntrl-k
Controller
<HP>save
Please input the file
name(*.cfg)[cfa0:/startup.cfg]
Moving from gui
to cli
When I wasn’t able to figure out how to configure something in
the gui, I'd use the cli commands from the configs and would then look at the
gui to see what changed
Auto discovery
of AP's
To discover AP's, turn auto-ap on from global context. After they are discovered, you can turn auto
discovery off and then move the AP's int a group. I moved mine into the default
group. It would be easy enough to create
other groups and move some AP's into those groups (same concept as MSM AP
groups).
Creating group with the cli:
[AC1] ap-group <group_name>
Portal
Load Authentication Web
Pages on the Unified Controller
Create a directory called
“portal” on the root directory
<AC1>mkdir portal
%Created dir
cfa0:/portal.
Verify the directory was
created by issuing the “dir” command again
<AC1>dir
Directory of cfa0:/
.
.
6 -rw- 102913024 Dec 19 2013 10:51:12 hp6000-cmw520-r2308p29.bin
7 drw- -
Feb 11 2014 09:55:36 portal
Change to the portal
directory
<AC1>cd portal
Upload the portal web pages zip file to the portal directory (via tftp,ftp,sftp,scp,usb)
This was my
portal configuration
portal server WEB ip
10.0.132.2 url http://10.0.132.2/portal/logon.htm
portal free-rule 0 source
interface Bridge-Aggregation1 destination any
portal free-rule 1 source
ip any destination ip 10.0.132.1 mask 255.255.255.255
portal wlan ssid GUEST server WEB domain wireless
portal local-server http
portal local-server bind
ssid GUEST file defaultfile.zip
NOTE: 10.0.132.2 is
the controllers ip while 10.0.132.1 was the gateway for vlan 10.0.132.0/23
domain wireless
authentication portal
local
authorization portal
local
accounting portal local
access-limit disable
state active
idle-cut enable 120
10240
self-service-url disable
Some Other Links on Portal Auth
http://abouthpnetworking.com/2014/06/02/hp-unified-wireless-free-access-option-on-guest-portal/
http://abouthpnetworking.com/2014/05/29/hp-unified-wireless-guest-central-authentication-with-data-local-breakout/
No comments:
Post a Comment
Please add comments so I may update the material to accommodate platform modification to various commands. Also if you have some real-world caveats, do please share.