Brocade Mobility Access Point System Reference Guide (Supp Bedienungsanleitung

53-1003100-0120 January 2014®Brocade Mobility Access PointSystem Reference GuideSupporting software release 5.5.0.0 and later

x Brocade Mobility Access Point System Reference Guide53-1003100-01Notes, cautions, and warningsThe following notices and statements are used in this

90 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 20 Port Channels - Basic Configuration tab7. Set the following port channe

Brocade Mobility Access Point System Reference Guide 9153-1003100-0159. Define the following Switching Mode parameters to apply to the port channel co

92 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 21 Port Channels - Security tab12. Refer to the Access Control field. As p

Brocade Mobility Access Point System Reference Guide 9353-1003100-01513. Select OK to save the changes to the security configuration. Select Reset to

94 Brocade Mobility Access Point System Reference Guide53-1003100-01516. Set the following MSTP Configuration parameters for the port channel:17. Refe

Brocade Mobility Access Point System Reference Guide 9553-1003100-015Access Point Radio ConfigurationProfile Interface ConfigurationAn access point pr

96 Brocade Mobility Access Point System Reference Guide53-1003100-0156. If required, select a radio configuration and select the Edit button to modify

Brocade Mobility Access Point System Reference Guide 9753-1003100-0158. Define the following radio configuration parameters from within the Properties

98 Brocade Mobility Access Point System Reference Guide53-1003100-015NOTEBrocade Mobility 1220 Access Point, Brocade Mobility 1220 Access Point, Broca

Brocade Mobility Access Point System Reference Guide 9953-1003100-01510. Set the following profile WLAN Properties for the selected access point radio

Brocade Mobility Access Point System Reference Guide 153-1003100-01Chapter1OverviewBrocade’ family of Mobility 5.5 supported access points enable high

100 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 25 Access Point Radio - WLAN Mapping tab12. Refer to the WLAN Mapping/Mes

Brocade Mobility Access Point System Reference Guide 10153-1003100-015FIGURE 26 Access Point Radio - Mesh Legacy tab Use the Legacy Mesh screen to def

102 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 27 Access Point Radio - Advanced Settings tab22. Refer to the Aggregate M

Brocade Mobility Access Point System Reference Guide 10353-1003100-015Set the following Ekahau Properties for the selected access point radio:Set the

104 Brocade Mobility Access Point System Reference Guide53-1003100-015802.11n MCS rates are defined as follows both with and without short guard inter

Brocade Mobility Access Point System Reference Guide 10553-1003100-015802.11ac MCS rates are defined as follows both with and without short guard inte

106 Brocade Mobility Access Point System Reference Guide53-1003100-0153. Select System Profile from the options on left-hand side of the UI.4. Expand

Brocade Mobility Access Point System Reference Guide 10753-1003100-0157. Use the NAT Direction field to specify the NAT direction used with the access

108 Brocade Mobility Access Point System Reference Guide53-1003100-015To provide this point-to-point connection, each PPPoE session learns the Etherne

Brocade Mobility Access Point System Reference Guide 10953-1003100-015FIGURE 29 Profile Interface - PPPoE screen5. Use the Basic Settings field to ena

2 Brocade Mobility Access Point System Reference Guide53-1003100-011About the Brocade Mobility SoftwareThe Mobility architecture is a solution designe

110 Brocade Mobility Access Point System Reference Guide53-1003100-0156. Define the following Authentication parameters for PPPoE client interoperatio

Brocade Mobility Access Point System Reference Guide 11153-1003100-015An access point profile network configuration process consists of the following:

112 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 30 Network - DNS screen5. Provide a default Domain Name used when resolvi

Brocade Mobility Access Point System Reference Guide 11353-1003100-015special format to all the machines on the LAN to see if one machine knows that i

114 Brocade Mobility Access Point System Reference Guide53-1003100-015L2TPv3 Profile ConfigurationProfile Network ConfigurationL2TP V3 is an IETF stan

Brocade Mobility Access Point System Reference Guide 11553-1003100-015FIGURE 32 Network - L2TPv3 screen - General tab5. Set the following General Sett

116 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 33 Network - L2TPv3 screen - T2TP tunnel tab7. Review the following L2TPv

Brocade Mobility Access Point System Reference Guide 11753-1003100-0158. Either select Add to create a new L2TPv3 tunnel configuration, Edit to modify

118 Brocade Mobility Access Point System Reference Guide53-1003100-01510. Define the following Settings required for the L2TP tunnel configuration:11.

Brocade Mobility Access Point System Reference Guide 11953-1003100-015FIGURE 35 Network - L2TPv3 screen - Add T2TP Peer Configuration12. Define the fo

Brocade Mobility Access Point System Reference Guide 353-1003100-011Network traffic optimization protects the network from broadcast storms and minimi

120 Brocade Mobility Access Point System Reference Guide53-1003100-01515. Define the following Session parameters:16. Select OK to save the changes wi

Brocade Mobility Access Point System Reference Guide 12153-1003100-01518. Refer to the following manual session configurations to determine whether a

122 Brocade Mobility Access Point System Reference Guide53-1003100-01520. Set the following session parameters:21. Select the + Add Row button to set

Brocade Mobility Access Point System Reference Guide 12353-1003100-0153. Select System Profile from the options on left-hand side of the UI.Expand the

124 Brocade Mobility Access Point System Reference Guide53-1003100-015Set the following for IGMP Querier configuration:4. Select the OK button located

Brocade Mobility Access Point System Reference Guide 12553-1003100-015FIGURE 39 Network - Quality of Service (QoS) screen5. Set the following paramete

126 Brocade Mobility Access Point System Reference Guide53-1003100-015The Multiple Spanning Tree Protocol (MSTP) provides an extension to RSTP to opti

Brocade Mobility Access Point System Reference Guide 12753-1003100-015FIGURE 40 Network - Spanning Tree screen5. Set the following MSTP Configuration

128 Brocade Mobility Access Point System Reference Guide53-1003100-0156. Define the following PortFast parameters for the profile configuration:7. Def

Brocade Mobility Access Point System Reference Guide 12953-1003100-015To create static routes:1. Select the Configuration tab from the Web UI.2. Selec

4 Brocade Mobility Access Point System Reference Guide53-1003100-011

130 Brocade Mobility Access Point System Reference Guide53-1003100-0156. Add IP addresses and network masks in the Network Address column of the Stati

Brocade Mobility Access Point System Reference Guide 13153-1003100-015• totally nssa - Totally nssa is an NSSA using 3 and 4 summary routes are not fl

132 Brocade Mobility Access Point System Reference Guide53-1003100-0155. Enable/disable OSPF and provide the following dynamic routing settings:6. Set

Brocade Mobility Access Point System Reference Guide 13353-1003100-015Select the + Add Row button to populate the table. Add the IP address and mask o

134 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 44 Network - OSPF Area Configuration screen14. Set the OSPF Area configur

Brocade Mobility Access Point System Reference Guide 13553-1003100-015FIGURE 45 Network - Interface Settings tab17. Review existing Interface Settings

136 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 46 Network - OSPF Virtual Interfaces - Basic Configuration tab19. Within

Brocade Mobility Access Point System Reference Guide 13753-1003100-01524. Select OK to save the changes to the basic configuration. Select Reset to re

138 Brocade Mobility Access Point System Reference Guide53-1003100-015To define a forwarding database configuration:1. Select the Configuration tab fr

Brocade Mobility Access Point System Reference Guide 13953-1003100-01510. Select OK to save the changes. Select Reset to revert to the last saved conf

Brocade Mobility Access Point System Reference Guide 553-1003100-01Chapter2Web User Interface FeaturesThe access point’s resident user interface conta

140 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 49 Network - Bridge VLAN screen 5. Select Add to define a new Bridge VLAN

Brocade Mobility Access Point System Reference Guide 14153-1003100-015FIGURE 50 Network - Bridge VLAN Configuration screen6. If adding a new Bridge VL

142 Brocade Mobility Access Point System Reference Guide53-1003100-0158. Define the following Extended VLAN Tunnel parameters:NOTEIf creating a mesh c

Brocade Mobility Access Point System Reference Guide 14353-1003100-015FIGURE 51 Network - Bridge VLAN - IGMP Snooping screenDefine the following IGMP

144 Brocade Mobility Access Point System Reference Guide53-1003100-015Set the following IGMP Querier parameters for the bridge VLAN configurationSelec

Brocade Mobility Access Point System Reference Guide 14553-1003100-015FIGURE 52 Network - Cisco Discovery Protocol (CDP) screen5. Enable/disable CDP a

146 Brocade Mobility Access Point System Reference Guide53-1003100-0152. Select Devices.3. Select System Profile from the options on left-hand side of

Brocade Mobility Access Point System Reference Guide 14753-1003100-0152. Select Devices.3. Select System Profile from the options on left-hand side of

148 Brocade Mobility Access Point System Reference Guide53-1003100-015• Global aliases are defined from the Configuration > Network > Alias scre

Brocade Mobility Access Point System Reference Guide 14953-1003100-015FIGURE 55 Network - Basic Alias ScreenSelect + Add Row to define VLAN Alias sett

6 Brocade Mobility Access Point System Reference Guide53-1003100-012NOTEThe access point’s IP address is optimally provided using DHCP. A zero config

150 Brocade Mobility Access Point System Reference Guide53-1003100-015• Wireless LANsSelect + Add Row to define Address Range Alias settings: Use the

Brocade Mobility Access Point System Reference Guide 15153-1003100-015• DHCPSelect + Add Row to define String Alias settings: Use the String Alias fie

152 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 56 Network - Alias - Network Group Alias screenSelect Edit to modify the

Brocade Mobility Access Point System Reference Guide 15353-1003100-015FIGURE 57 Network - Alias - Network Group Alias Add screen2. If adding a new Net

154 Brocade Mobility Access Point System Reference Guide53-1003100-015Network Service AliasAliasNetwork Service Alias is a set of configurations that

Brocade Mobility Access Point System Reference Guide 15553-1003100-015FIGURE 59 Network - Alias - Network Service Alias Add screen2. If adding a new N

156 Brocade Mobility Access Point System Reference Guide53-1003100-015• Administrators often need to route traffic to interoperate between different V

Brocade Mobility Access Point System Reference Guide 15753-1003100-015Internet Key Exchange (IKE) protocol is a key management protocol standard used

158 Brocade Mobility Access Point System Reference Guide53-1003100-0157. Se le ct Add to define a new IKE Policy configuration, Edit to modify an exi

Brocade Mobility Access Point System Reference Guide 15953-1003100-0158. Select + Add Row to define the network address of a target peer and its secur

Brocade Mobility Access Point System Reference Guide 753-1003100-012• Dialog Box Icons• Table Icons• Status Icons• Configurable Objects• Configuration

160 Brocade Mobility Access Point System Reference Guide53-1003100-01513. Select Add to define a new peer configuration, Edit to modify an existing co

Brocade Mobility Access Point System Reference Guide 16153-1003100-015FIGURE 63 Profile Security - VPN Peer Configuration create/modify screen (IKEv2

162 Brocade Mobility Access Point System Reference Guide53-1003100-01515. Select the Transform Set tab.Create or modify Transform Set configurations t

Brocade Mobility Access Point System Reference Guide 16353-1003100-015FIGURE 65 Profile Security - VPN Transform Set create/modify screen18. Define th

164 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 66 Profile Security - VPN Crypto Map tab21. Review the following Crypto M

Brocade Mobility Access Point System Reference Guide 16553-1003100-015FIGURE 67 Profile Security - VPN Crypto Map screen24. Review the following befor

166 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 68 Profile Security - VPN Crypto Map Entry screen

Brocade Mobility Access Point System Reference Guide 16753-1003100-01526. Define the following parameters to set the crypto map configuration:27. Sele

168 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 69 Profile Security - Remote VPN Server tab (IKEv2 example)29. Select eit

Brocade Mobility Access Point System Reference Guide 16953-1003100-01530. Set the following IKEv1 or IKe v2 Settings:31. Refer to the Wins Server Sett

8 Brocade Mobility Access Point System Reference Guide53-1003100-012These icons indicate the current state of various controls in a dialog. These icon

170 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 70 Profile Security - Remote VPN Client tab 36. Refer to the following fi

Brocade Mobility Access Point System Reference Guide 17153-1003100-015FIGURE 71 Profile Security - Global VPN Settings tab38. Refer to the following f

172 Brocade Mobility Access Point System Reference Guide53-1003100-015Define the following IKE Dead Peer Detection settings:Select OK to save the upda

Brocade Mobility Access Point System Reference Guide 17353-1003100-015Refer to the following table to configure the Auto IPSec Tunnel settings:Select

174 Brocade Mobility Access Point System Reference Guide53-1003100-0155. Select the WEP Shared Key Authentication radio button to require profile supp

Brocade Mobility Access Point System Reference Guide 17553-1003100-0155. Select the + Add Row button to add a column within the Certificate Revocation

176 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 75 Profile Security - NAT Pool tabThe NAT Pool tab displays by default. T

Brocade Mobility Access Point System Reference Guide 17753-1003100-015FIGURE 76 Profile Security - NAT Pool tab - NAT Pool field6. If adding a new NAT

178 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 77 Profile Security - Static NAT screen - Source tab10. To map a source I

Brocade Mobility Access Point System Reference Guide 17953-1003100-015Define the following Source NAT parameters.Select the Destination tab to view de

Brocade Mobility Access Point System Reference Guide 953-1003100-012These icons define device status, operations on the wireless controller, or any ot

180 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 79 Profile Security - Static NAT screen - Destination tab11. Select Add t

Brocade Mobility Access Point System Reference Guide 18153-1003100-015FIGURE 80 NAT Destination - Add screen12. Set the following Destination configur

182 Brocade Mobility Access Point System Reference Guide53-1003100-01513. Select OK to save the changes made to the static NAT configuration. Select R

Brocade Mobility Access Point System Reference Guide 18353-1003100-01515. Refer to the following to determine whether a new Dynamic NAT configuration

184 Brocade Mobility Access Point System Reference Guide53-1003100-01517. Set the following to define the Dynamic NAT configuration:18. Select + Add R

Brocade Mobility Access Point System Reference Guide 18553-1003100-0154. Expand the Security menu and select Bridge NAT.FIGURE 83 Profile Security - B

186 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 84 Profile Security - Dynamic NAT screen7. Se l ec t t he ACL whose IP r

Brocade Mobility Access Point System Reference Guide 18753-1003100-015FIGURE 85 Profile Security - Source Dynamic NAT screen - Add Row field10. Select

188 Brocade Mobility Access Point System Reference Guide53-1003100-015• Forwards packets with a destination link layer MAC address equal to the virtua

Brocade Mobility Access Point System Reference Guide 18953-1003100-0155. Review the following VRRP configuration data to assess if a new VRRP configur

Copyright © 2014 Brocade Communications Systems, Inc. All Rights Reserved.ADX, AnyIO, Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, I

10 Brocade Mobility Access Point System Reference Guide53-1003100-012AAA Policy – Indicates an Authentication, Authorization and Accounting (AAA) poli

190 Brocade Mobility Access Point System Reference Guide53-1003100-0157. From wi th i n t he VRRP tab, select Add to create a new VRRP configuration

Brocade Mobility Access Point System Reference Guide 19153-1003100-0159. Define the following VRRP General parameters:10. Refer to the Protocol Extens

192 Brocade Mobility Access Point System Reference Guide53-1003100-015Critical resources are device IP addresses or interface destinations on the netw

Brocade Mobility Access Point System Reference Guide 19353-1003100-015FIGURE 90 Critical Resources screen - Adding a Critical Resource6. Use the Offli

194 Brocade Mobility Access Point System Reference Guide53-1003100-0158. Select + Add Row to define the following for critical resource configurations

Brocade Mobility Access Point System Reference Guide 19553-1003100-015FIGURE 92 Profile Services - Services screen5. Refer to the Captive Portal Hosti

196 Brocade Mobility Access Point System Reference Guide53-1003100-015Profile Management ConfigurationSystem Profile ConfigurationThe access point has

Brocade Mobility Access Point System Reference Guide 19753-1003100-015FIGURE 93 Profile Management - Settings screen

198 Brocade Mobility Access Point System Reference Guide53-1003100-0155. Refer to the Message Logging field to define how the profile logs system even

Brocade Mobility Access Point System Reference Guide 19953-1003100-01510. Use the Persist Configuration Across Reloads option to define how the access

Brocade Mobility Access Point System Reference Guide 1153-1003100-012Device Categorization – Indicates a device categorization policy is being applied

200 Brocade Mobility Access Point System Reference Guide53-1003100-01513. Refer to the Auto Install via DHCP field to define the configuration used by

Brocade Mobility Access Point System Reference Guide 20153-1003100-015Profile Management Configuration and Deployment ConsiderationsProfile Management

202 Brocade Mobility Access Point System Reference Guide53-1003100-015Refer to the following for more information on the Mesh Point screen:Select the

Brocade Mobility Access Point System Reference Guide 20353-1003100-015Refer to the following for more information on the Mesh Point MeshConnex Policy

204 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 98 Mesh Point Auto Channel Selection screenBy default, the Dynamic Root S

Brocade Mobility Access Point System Reference Guide 20553-1003100-015This screen provides configuration for the 2.4 GHz and 5.0/4.9 GHz frequencies.

206 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 99 Mesh Point Auto Channel Selection Path Method SNR screen

Brocade Mobility Access Point System Reference Guide 20753-1003100-015Refer to the following for more information on the Path Method SNR screen. These

208 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 100 Mesh Point Auto Channel Selection Path Method Root Path Metric screen

Brocade Mobility Access Point System Reference Guide 20953-1003100-015Refer to the following for more information on the Path Method Root Path Metric

12 Brocade Mobility Access Point System Reference Guide53-1003100-012Configuration ObjectsIcon GlossaryConfiguration icons are used to define the foll

210 Brocade Mobility Access Point System Reference Guide53-1003100-015• Disable A-MPDU Aggregation if the intended vehicular speed is greater than 30

Brocade Mobility Access Point System Reference Guide 21153-1003100-015FIGURE 101 Advanced Profile Configuration - Client Load Balancing screen2. Use t

212 Brocade Mobility Access Point System Reference Guide53-1003100-0154. Select the Balance Band Loads by Ratio radio button to balance the radio load

Brocade Mobility Access Point System Reference Guide 21353-1003100-015Set the following Neighbor Selection values within the Advanced Parameters field

214 Brocade Mobility Access Point System Reference Guide53-1003100-015Set the following AP Load Balancing values within the Advanced Parameters field:

Brocade Mobility Access Point System Reference Guide 21553-1003100-015FIGURE 102 Advanced Profile Configuration - MINT Protocol screen - Settings tabR

216 Brocade Mobility Access Point System Reference Guide53-1003100-015Define the following MINT Link Settings in respect to devices supported by the p

Brocade Mobility Access Point System Reference Guide 21753-1003100-015FIGURE 104 Advanced Profile Configuration- MINT Protocol screen - Add IP MiNT Li

218 Brocade Mobility Access Point System Reference Guide53-1003100-015Select the VLAN tab to display the link IP VLAN information shared by the device

Brocade Mobility Access Point System Reference Guide 21953-1003100-015FIGURE 106 Advanced Profile Configuration - MINT Protocol screen - Add/edit VLAN

Brocade Mobility Access Point System Reference Guide 1353-1003100-012Access Type IconsIcon GlossaryThe following icons display a user access type: Adm

220 Brocade Mobility Access Point System Reference Guide53-1003100-015Refer to the advanced profile’s Miscellaneous menu item to set the profile’s NAS

Brocade Mobility Access Point System Reference Guide 22153-1003100-015Select the Flash Pattern radio button to enable the access point to blink in a m

222 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 108 Profile - Environmental Sensor screenSet the following Light Sensor s

Brocade Mobility Access Point System Reference Guide 22353-1003100-015Define or override the following Shared Configuration setting: Select OK to save

224 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 109 Virtual Controller AP screenThe Virtual Controller AP screen lists al

Brocade Mobility Access Point System Reference Guide 22553-1003100-015Select the Set as Virtual Controller AP radio button to change the selected acce

226 Brocade Mobility Access Point System Reference Guide53-1003100-015Select Device Overrides.Select a target device MAC address from either the devic

Brocade Mobility Access Point System Reference Guide 22753-1003100-015Refer to the Device Overrides field to assess whether overrides have been applie

228 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 112 Device Overrides - Certificates screenSet the following Management Se

Brocade Mobility Access Point System Reference Guide 22953-1003100-015• Generating a Certificate Signing RequestManage CertificatesCertificate Managem

14 Brocade Mobility Access Point System Reference Guide53-1003100-012Device IconsIcon GlossaryThe following icons indicate the different device types

230 Brocade Mobility Access Point System Reference Guide53-1003100-015Select a device from amongst those displayed to review its certificate informati

Brocade Mobility Access Point System Reference Guide 23153-1003100-015Define the following configuration parameters required for the Import of the tru

232 Brocade Mobility Access Point System Reference Guide53-1003100-015Select the Cut and Paste option to paste the trustpoint information in text. Whe

Brocade Mobility Access Point System Reference Guide 23353-1003100-015Define the following configuration parameters to export a trustpoint:Select OK t

234 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 116 Certificate Management - RSA Keys screenSelect a listed device to rev

Brocade Mobility Access Point System Reference Guide 23553-1003100-015FIGURE 117 Certificate Management - Generate RSA Key screenDefine the following

236 Brocade Mobility Access Point System Reference Guide53-1003100-015Define the following configuration parameters required to import a RSA key:Selec

Brocade Mobility Access Point System Reference Guide 23753-1003100-015FIGURE 119 Certificate Management - Export RSA Key screenDefine the following co

238 Brocade Mobility Access Point System Reference Guide53-1003100-015Select OK to export the defined RSA key. Select Cancel to revert the screen to i

Brocade Mobility Access Point System Reference Guide 23953-1003100-015FIGURE 120 Certificate Management - Create Certificate screenSet the following C

Brocade Mobility Access Point System Reference Guide 1553-1003100-01Chapter3Quick StartAccess Points can utilize an initial setup wizard to streamline

240 Brocade Mobility Access Point System Reference Guide53-1003100-015Set the following Certificate Subject Name parameters required for the creation

Brocade Mobility Access Point System Reference Guide 24153-1003100-015FIGURE 121 Certificate Management - Create CSR screenSet the following Create Ne

242 Brocade Mobility Access Point System Reference Guide53-1003100-015Select the following Additional Credentials required for the generation of the C

Brocade Mobility Access Point System Reference Guide 24353-1003100-015FIGURE 122 Device Overrides -RF Domain Overrides screenNOTEA blue override icon

244 Brocade Mobility Access Point System Reference Guide53-1003100-015Wired 802.1X OverridesOverriding a Device Configuration802.1X provides administr

Brocade Mobility Access Point System Reference Guide 24553-1003100-015A profile enables an administrator to assign a common set of configuration param

246 Brocade Mobility Access Point System Reference Guide53-1003100-015Select + Add Row below the Network Time Protocol (NTP) table to define (or overr

Brocade Mobility Access Point System Reference Guide 24753-1003100-015An access point uses a complex programmable logic device (CPLD). The CPLD determ

248 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 125 Device Overrides - Power screenUse the Power Mode drop-down menu to s

Brocade Mobility Access Point System Reference Guide 24953-1003100-015Adoption OverridesDevice OverridesUse the Adoption screen to define the configur

16 Brocade Mobility Access Point System Reference Guide53-1003100-013FIGURE 2 Initial Setup WizardNOTEThe Initial Setup Wizard displays the same pages

250 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 126 Device Overrides - Adoption screen7. Define a 64 character maximum Pr

Brocade Mobility Access Point System Reference Guide 25153-1003100-015Use the + Add Row button to populate the Controller Hostnames table with the fol

252 Brocade Mobility Access Point System Reference Guide53-1003100-015Select the Configuration tab from the Web UI.Select Devices from the Configurati

Brocade Mobility Access Point System Reference Guide 25353-1003100-015To edit (or override) the configuration of an existing port, select it from amon

254 Brocade Mobility Access Point System Reference Guide53-1003100-015Set (or override) the following Ethernet port Properties and CDP/LLDP settings:D

Brocade Mobility Access Point System Reference Guide 25553-1003100-015Set (or override) the following Switching Mode parameters to apply to the Ethern

256 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 129 Ethernet Ports - Security screenRefer to the Access Control field. As

Brocade Mobility Access Point System Reference Guide 25753-1003100-015NOTESome vendor solutions with VRRP enabled send ARP packets with Ethernet SMAC

258 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 130 Ethernet Ports – Spanning Tree ConfigurationSpanning Tree Protocol (S

Brocade Mobility Access Point System Reference Guide 25953-1003100-015A MSTP supported deployment uses multiple MST regions with multiple MST instance

Brocade Mobility Access Point System Reference Guide 1753-1003100-0137. The first page of the Initial Setup Wizard displays the Navigation Panel and F

260 Brocade Mobility Access Point System Reference Guide53-1003100-015Configure the Spanning Tree Port Cost value. Select the + Add Row button to add

Brocade Mobility Access Point System Reference Guide 26153-1003100-015FIGURE 131 Device Overrides - Virtual Interfaces screenReview the following para

262 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 132 Device Overrides - Virtual Interfaces - Basic Configuration screenThe

Brocade Mobility Access Point System Reference Guide 26353-1003100-015Set or override the following network information from within the IP Addresses f

264 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 133 Device Overrides - Virtual Interfaces Security screenUse the IP Inbou

Brocade Mobility Access Point System Reference Guide 26553-1003100-015FIGURE 134 Device Overrides – Virtual Interfaces Dynamic Routing screenRefer to

266 Brocade Mobility Access Point System Reference Guide53-1003100-015Refer the following to configure MD5 Authentication keys. Select the + Add Row b

Brocade Mobility Access Point System Reference Guide 26753-1003100-015Refer to the following to review existing port channel configurations and their

268 Brocade Mobility Access Point System Reference Guide53-1003100-0159. Set the following port channel Properties:10. Use the Port Channel Load Balan

Brocade Mobility Access Point System Reference Guide 26953-1003100-01512. Select OK to save the changes made to the port channel Basic Configuration.

18 Brocade Mobility Access Point System Reference Guide53-1003100-013NOTENote the difference in the number of steps between the Typical Setup and Adva

270 Brocade Mobility Access Point System Reference Guide53-1003100-015Refer to the Trust field to define the following:15. Select OK to save the chang

Brocade Mobility Access Point System Reference Guide 27153-1003100-01517. Define the following PortFast parameters for the port channel’s MSTP configu

272 Brocade Mobility Access Point System Reference Guide53-1003100-01520. Select + Add Row as needed to include additional indexes.21. Refer to the Sp

Brocade Mobility Access Point System Reference Guide 27353-1003100-015FIGURE 139 Device Overrides - Access Point Radios screenNOTEA blue override icon

274 Brocade Mobility Access Point System Reference Guide53-1003100-015If required, select a radio configuration and select the Edit button to modify o

Brocade Mobility Access Point System Reference Guide 27553-1003100-015Define or override the following radio configuration Properties:Set or override

276 Brocade Mobility Access Point System Reference Guide53-1003100-015NOTEBrocade Mobility 7131 Access Point, Brocade Mobility 1220 Access Point, Broc

Brocade Mobility Access Point System Reference Guide 27753-1003100-015Set or override the following profile WLAN Properties for the selected access po

278 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 141 Device Overrides - WLAN Mapping tab Refer to the WLAN/BSS Mappings fi

Brocade Mobility Access Point System Reference Guide 27953-1003100-015FIGURE 142 Device Overrides - Access Point Radio - Mesh tab Use the Mesh Legacy

Brocade Mobility Access Point System Reference Guide 1953-1003100-013FIGURE 5 Initial Setup Wizard - Access Point Settings screen for Typical Setup Wi

280 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 143 Device Overrides - Access Point Radio Advanced Settings tabRefer to t

Brocade Mobility Access Point System Reference Guide 28153-1003100-015Set or override the following profile Aeroscout Properties for the selected acce

282 Brocade Mobility Access Point System Reference Guide53-1003100-015WAN Backhaul Overrides Device OverridesA Wireless Wide Area Network (WWAN) card

Brocade Mobility Access Point System Reference Guide 28353-1003100-015NOTEA blue override icon (to the left of a parameter) defines the parameter as h

284 Brocade Mobility Access Point System Reference Guide53-1003100-015To provide this point-to-point connection, each PPPoE session learns the Etherne

Brocade Mobility Access Point System Reference Guide 28553-1003100-015FIGURE 145 Profile Interface - PPPoE screen26. Use the Basic Settings field to e

286 Brocade Mobility Access Point System Reference Guide53-1003100-01527. Define the following Authentication parameters for PPPoE client interoperati

Brocade Mobility Access Point System Reference Guide 28753-1003100-015Setting a network configuration is a large task comprised of numerous administra

288 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 146 Device Overrides - Network DNS screenNOTEA blue override icon (to the

Brocade Mobility Access Point System Reference Guide 28953-1003100-015Address Resolution Protocol (ARP) is a protocol for mapping an IP address to a h

Brocade Mobility Access Point System Reference Guide iii53-1003100-01ContentsAbout This DocumentSupported hardware and software . . . . . . . . . . .

20 Brocade Mobility Access Point System Reference Guide53-1003100-013• Adopted to Controller - Select this option when deploying the access point as a

290 Brocade Mobility Access Point System Reference Guide53-1003100-015Set or override the following parameters to define the ARP configuration:Select

Brocade Mobility Access Point System Reference Guide 29153-1003100-015Select Devices from the Configuration tab.Select Device Overrides from the Devic

292 Brocade Mobility Access Point System Reference Guide53-1003100-015Set the following General Settings for an L2TPv3 profile configuration:Select th

Brocade Mobility Access Point System Reference Guide 29353-1003100-015Either select Add to create a new L2TPv3 configuration, Edit to modify an existi

294 Brocade Mobility Access Point System Reference Guide53-1003100-015Define the following Settings required for the L2TP tunnel configuration:Refer t

Brocade Mobility Access Point System Reference Guide 29553-1003100-015FIGURE 151 Device Overrides - Network - L2TPv3 screen, Add L2TP Peer Configurati

296 Brocade Mobility Access Point System Reference Guide53-1003100-015Define the following Session parameters:Select OK to save the changes and overri

Brocade Mobility Access Point System Reference Guide 29753-1003100-015 Refer to the following manual session configurations to determine whether one s

298 Brocade Mobility Access Point System Reference Guide53-1003100-015Set the following session parameters:Select the + Add Row button to set the foll

Brocade Mobility Access Point System Reference Guide 29953-1003100-015Select Device Overrides from the Device menu to expand it into sub menu options.

Brocade Mobility Access Point System Reference Guide 2153-1003100-013Network Topology SelectionTypical Setup WizardUse the Network Topology screen to

300 Brocade Mobility Access Point System Reference Guide53-1003100-0153. Select OK to save the changes and overrides to the session configuration. Sel

Brocade Mobility Access Point System Reference Guide 30153-1003100-015FIGURE 155 Device Overrides - Network QoS screenSet or override the following pa

302 Brocade Mobility Access Point System Reference Guide53-1003100-015If there’s just one VLAN in the access point managed network, a single spanning

Brocade Mobility Access Point System Reference Guide 30353-1003100-015FIGURE 156 Device Overrides - Network - Spanning Tree screenSet the following MS

304 Brocade Mobility Access Point System Reference Guide53-1003100-015Define the following PortFast parameters for the profile configuration:Define th

Brocade Mobility Access Point System Reference Guide 30553-1003100-015FIGURE 157 Device Overrides - Network - Network Routing screenSelect the IP Rout

306 Brocade Mobility Access Point System Reference Guide53-1003100-015Select the OK button located at the bottom right of the screen to save the chang

Brocade Mobility Access Point System Reference Guide 30753-1003100-015Select a target device from the device browser in the lower, left-hand, side of

308 Brocade Mobility Access Point System Reference Guide53-1003100-015Set the following OSPF Overload Protection settings:Set the following Default In

Brocade Mobility Access Point System Reference Guide 30953-1003100-015FIGURE 159 Device Overrides - Network - OSPF Area Settings screenReview existing

22 Brocade Mobility Access Point System Reference Guide53-1003100-013NOTEWhen Bridge Mode is selected, WAN configuration cannot be performed and the I

310 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 160 Device Overrides - Network - OSPF Area Configuration screenSet the OS

Brocade Mobility Access Point System Reference Guide 31153-1003100-015FIGURE 161 Device Overrides - Network - OSPF Interface Settings screenReview exi

312 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 162 Device Overrides - Network - OSPF Virtual Interface - Basic Configura

Brocade Mobility Access Point System Reference Guide 31353-1003100-015Select Use DHCP to Obtain Gateway/DNS Servers to learn default gateway, name ser

314 Brocade Mobility Access Point System Reference Guide53-1003100-015Crypto Map entries are sets of configuration parameters for encrypting packets p

Brocade Mobility Access Point System Reference Guide 31553-1003100-015Refer to the following to configure OSPF Settings.Configure the OSPF Authenticat

316 Brocade Mobility Access Point System Reference Guide53-1003100-015NOTEA blue override icon (to the left of a parameter) defines the parameter as h

Brocade Mobility Access Point System Reference Guide 31753-1003100-015Overriding a Bridge VLAN ConfigurationOverriding the Network ConfigurationA Virt

318 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 166 Device Overrides - Network Bridge VLAN screenReview the following VLA

Brocade Mobility Access Point System Reference Guide 31953-1003100-015FIGURE 167 Device Overrides - Add Network Bridge VLAN screenIf adding a new brid

Brocade Mobility Access Point System Reference Guide 2353-1003100-013• Use DHCP - Select the option to enable an automatic network address configurati

320 Brocade Mobility Access Point System Reference Guide53-1003100-015Set or override the following Extended VLAN Tunnel parameters:NOTEIf creating a

Brocade Mobility Access Point System Reference Guide 32153-1003100-015FIGURE 168 Device Overrides - Network Bridge VLAN - IGMP Snooping screenSet the

322 Brocade Mobility Access Point System Reference Guide53-1003100-015Set the following parameters for IGMP Querier configuration:Select the OK button

Brocade Mobility Access Point System Reference Guide 32353-1003100-015FIGURE 169 Cisco Discovery Protocol (CDP) screenEnable/disable CDP and set the f

324 Brocade Mobility Access Point System Reference Guide53-1003100-015LLDP information is sent in an Ethernet frame at a fixed interval. Each frame co

Brocade Mobility Access Point System Reference Guide 32553-1003100-015Select the OK button to save the changes and overrides to the LLDP configuration

326 Brocade Mobility Access Point System Reference Guide53-1003100-015Select the DHCP Persistent Lease option to retain the last DHCP lease used acros

Brocade Mobility Access Point System Reference Guide 32753-1003100-015Network Basic AliasOverriding Alias ConfigurationA basic alias is a set of confi

328 Brocade Mobility Access Point System Reference Guide53-1003100-015Use the VLAN Alias field to create unique aliases for VLANs that can be used at

Brocade Mobility Access Point System Reference Guide 32953-1003100-015An address range alias can be used to replace an IP address range in IP firewall

24 Brocade Mobility Access Point System Reference Guide53-1003100-013FIGURE 8 Initial Setup Wizard - WAN Configuration screen of the Typical Setup Wiz

330 Brocade Mobility Access Point System Reference Guide53-1003100-0151. Select Devices from the Configuration tab.Select Device Overrides from the De

Brocade Mobility Access Point System Reference Guide 33153-1003100-015FIGURE 174 Network - Alias - Network Group Alias Add screen2. If adding a new Ne

332 Brocade Mobility Access Point System Reference Guide53-1003100-015Network Service AliasOverriding Alias ConfigurationNetwork Service Alias is a se

Brocade Mobility Access Point System Reference Guide 33353-1003100-015Select Edit to modify the attributes of an existing policy or Delete to remove o

334 Brocade Mobility Access Point System Reference Guide53-1003100-015A profile can have its own firewall policy, wireless client role policy, WEP sha

Brocade Mobility Access Point System Reference Guide 33553-1003100-015• Quick Setup Wizard – Use this wizard to setup basic VPN Tunnel on the device.

336 Brocade Mobility Access Point System Reference Guide53-1003100-015Provide the following information to configure a VPN tunnel:Click the Save butto

Brocade Mobility Access Point System Reference Guide 33753-1003100-015FIGURE 179 VPN Step-By-Step Wizard - Step 1Define the following:Click the Next b

338 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 180 VPN Step-By-Step Wizard - Step 2In Step 2 screen, configure the follo

Brocade Mobility Access Point System Reference Guide 33953-1003100-015Click the Next button to go to the next configuration screen. Use the Back butto

Brocade Mobility Access Point System Reference Guide 2553-1003100-013Wireless LAN SetupTypical Setup WizardA Wireless Local Area Network (WLAN) is a d

340 Brocade Mobility Access Point System Reference Guide53-1003100-015Click the Next button to go to the next configuration screen. Use the Back butto

Brocade Mobility Access Point System Reference Guide 34153-1003100-015Overriding Auto IPSec Tunnel SettingsOverriding a Security ConfigurationIPSec tu

342 Brocade Mobility Access Point System Reference Guide53-1003100-015Overriding General Security SettingsOverriding a Security ConfigurationA profile

Brocade Mobility Access Point System Reference Guide 34353-1003100-015Refer to the General field to assign or override the following: Select OK to sav

344 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 185 Device Overrides - Certificate Revocation screenSelect the + Add Row

Brocade Mobility Access Point System Reference Guide 34553-1003100-015NAT provides outbound Internet access to wired and wireless hosts. Many-to-one N

346 Brocade Mobility Access Point System Reference Guide53-1003100-015Select Add to create a new NAT policy that can be applied to a profile. Select E

Brocade Mobility Access Point System Reference Guide 34753-1003100-015FIGURE 188 Device Overrides - Static NAT screenTo map a source IP address from a

348 Brocade Mobility Access Point System Reference Guide53-1003100-015Device Overrides - Add NAT Source screenDefine the following Source NAT paramete

Brocade Mobility Access Point System Reference Guide 34953-1003100-015Select the Destination tab to view destination NAT configurations and define pac

26 Brocade Mobility Access Point System Reference Guide53-1003100-013• WLAN Type – Configure the encryption and authentication to use with this WLAN.•

350 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 190 Device Overrides - Add Destination NAT screenSet or override the foll

Brocade Mobility Access Point System Reference Guide 35153-1003100-015Select OK to save the changes or overrides made to the static NAT configuration.

352 Brocade Mobility Access Point System Reference Guide53-1003100-015Refer to the following to determine whether a new Dynamic NAT configuration requ

Brocade Mobility Access Point System Reference Guide 35353-1003100-015Set or override the following to define the Dynamic NAT configuration:Select OK

354 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 193 Profile Override Security - Bridge NAT screen5. Review the following

Brocade Mobility Access Point System Reference Guide 35553-1003100-015FIGURE 194 Profile Security - Dynamic NAT screen7. Select the ACL whose IP rules

356 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 195 Profile Security - Source Dynamic NAT screen - Add Row field10. Selec

Brocade Mobility Access Point System Reference Guide 35753-1003100-015NOTEVRRP support is available only on Brocade Mobility 7131 Access Point model a

358 Brocade Mobility Access Point System Reference Guide53-1003100-0154. Select the Version tab to define the VRRP version scheme used with the config

Brocade Mobility Access Point System Reference Guide 35953-1003100-015FIGURE 198 Device Overrides - VRRP screen6. If creating a new VRRP configuration

Brocade Mobility Access Point System Reference Guide 2753-1003100-013FIGURE 10 Initial Setup Wizard - RADIUS Server Configuration screen for Typical S

360 Brocade Mobility Access Point System Reference Guide53-1003100-0157. Define the following VRRP General parameters:8. Refer to the Protocol Extensi

Brocade Mobility Access Point System Reference Guide 36153-1003100-015Critical resources are device IP addresses or interface destinations on the netw

362 Brocade Mobility Access Point System Reference Guide53-1003100-0153. Select the Add button at the bottom of the screen to add a new critical resou

Brocade Mobility Access Point System Reference Guide 36353-1003100-0156. Select + Add Row to define the following for critical resource configurations

364 Brocade Mobility Access Point System Reference Guide53-1003100-015Configure the IP address for Port-Limited Monitoring in the Source IP for Port-L

Brocade Mobility Access Point System Reference Guide 36553-1003100-015FIGURE 202 Device Overrides - Services screenRefer to the Captive Portal Hosting

366 Brocade Mobility Access Point System Reference Guide53-1003100-015There are mechanisms to allow/deny management access to the network for separate

Brocade Mobility Access Point System Reference Guide 36753-1003100-015FIGURE 203 Device Overrides - Management Settings screenRefer to the Message Log

368 Brocade Mobility Access Point System Reference Guide53-1003100-015Refer to the System Event Messages field to define or override how system messag

Brocade Mobility Access Point System Reference Guide 36953-1003100-015Select OK to save the changes and overrides made to the profile’s Management Set

28 Brocade Mobility Access Point System Reference Guide53-1003100-013FIGURE 11 Initial Setup Wizard - RADIUS Server Configuration - Add User screen fo

370 Brocade Mobility Access Point System Reference Guide53-1003100-015Select Heartbeat from the Management menu.FIGURE 205 Device Overrides - Manageme

Brocade Mobility Access Point System Reference Guide 37153-1003100-015Select a target device from the device browser in the lower, left-hand, side of

372 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 207 Device Overrides - Add Mesh Point screenRefer to the following to con

Brocade Mobility Access Point System Reference Guide 37353-1003100-015Refer to the following to configure Mesh Point Root Path Preference parameters:C

374 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 208 Mesh Point Auto Channel Selection screenBy default, the Dynamic Root

Brocade Mobility Access Point System Reference Guide 37553-1003100-015This screen provides configuration for the 2.4 GHz and 5.0/4.9 GHz frequencies.

376 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 209 Mesh Point Auto Channel Selection Path Method SNR screen

Brocade Mobility Access Point System Reference Guide 37753-1003100-015Refer to the following for more information on the Path Method SNR screen. These

378 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 210 Mesh Point Auto Channel Selection Path Method Root Path Metric screen

Brocade Mobility Access Point System Reference Guide 37953-1003100-015Refer to the following for more information on the Path Method Root Path Metric

Brocade Mobility Access Point System Reference Guide 2953-1003100-013FIGURE 12 Initial Setup Wizard - Summary And Commit Screen of the Typical Setup W

380 Brocade Mobility Access Point System Reference Guide53-1003100-015• Disable Dynamic Chain Selection (radio setting). The default value is enabled.

Brocade Mobility Access Point System Reference Guide 38153-1003100-015FIGURE 211 Device Overrides - Client Load BalancingUse the drop-down to set a va

382 Brocade Mobility Access Point System Reference Guide53-1003100-015Refer to the following Channel Load Balancing fields to configure or override it

Brocade Mobility Access Point System Reference Guide 38353-1003100-015Refer to the following AP Load Balancing fields to configure or override them:Re

384 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 212 Device Overrides - Advanced Profile Overrides MINT screen - Settings

Brocade Mobility Access Point System Reference Guide 38553-1003100-015Define or override the following MINT Link Settings:Select the Tunnel Controller

386 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 214 Device Overrides - Advanced Profile MINT screen - IP (Add) Set the fo

Brocade Mobility Access Point System Reference Guide 38753-1003100-015Select the VLAN tab to display the link IP VLAN information shared by the access

388 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 216 Device Overrides - Advanced Profile MINT screen - Add VLAN screenSet

Brocade Mobility Access Point System Reference Guide 38953-1003100-015Set a NAS-Identifier Attribute up to 253 characters in length. This is the RADIU

iv Brocade Mobility Access Point System Reference Guide53-1003100-01RF Domain Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

30 Brocade Mobility Access Point System Reference Guide53-1003100-013• Radio Configuration• Wireless LAN Setup• System Information• Summary And Commit

390 Brocade Mobility Access Point System Reference Guide53-1003100-0153. Select Device Overrides from the options on left-hand side of the UI.Select E

Brocade Mobility Access Point System Reference Guide 39153-1003100-015Define or override the following Shared Configuration setting: Select OK to save

392 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 219 Event Policy screenEnsure the Activate Event Policy option is selecte

Brocade Mobility Access Point System Reference Guide 39353-1003100-01Chapter6Wireless ConfigurationA Wireless Local Area Network (WLAN) is a data-comm

394 Brocade Mobility Access Point System Reference Guide53-1003100-016Wireless LANsWireless ConfigurationTo review the attributes of existing WLANs an

Brocade Mobility Access Point System Reference Guide 39553-1003100-016Use the sequential set of WLAN screens to define a unique configuration for each

396 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 3 WLAN Basic Configuration screenRefer to the WLAN Configuration field to

Brocade Mobility Access Point System Reference Guide 39753-1003100-016Refer to the Other Settings field to define broadcast behavior within this speci

398 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 4 WLAN Security screenAuthentication ensures only known and trusted users

Brocade Mobility Access Point System Reference Guide 39953-1003100-016• PSK / NoneSecure guest access to the network is referred to as captive portal.

Brocade Mobility Access Point System Reference Guide 3153-1003100-013• Virtual Controller AP - When more than one access point is deployed, a single a

400 Brocade Mobility Access Point System Reference Guide53-1003100-016The EAP process begins when an unauthenticated supplicant (client device) tries

Brocade Mobility Access Point System Reference Guide 40153-1003100-016Before defining a 802.1x EAP, EAP-PSK or EAP MAC supported configuration on a WL

402 Brocade Mobility Access Point System Reference Guide53-1003100-016Authentication, Authorization, and Accounting (AAA) is a framework for intellige

Brocade Mobility Access Point System Reference Guide 40353-1003100-0166. Refer to the Captive Portal field within the WLAN security screen.7. Select t

404 Brocade Mobility Access Point System Reference Guide53-1003100-016The MAC Registration feature must be enabled for each captive portal WLAN.To ena

Brocade Mobility Access Point System Reference Guide 40553-1003100-016WPA/WPA2-TKIPConfiguring WLAN SecurityWi-Fi Protected Access (WPA) is an encrypt

406 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 5 WLAN Security - WPA/WPA2-TKIP screen7. De f in e th e Key Settings.8.

Brocade Mobility Access Point System Reference Guide 40753-1003100-016Brocade recommends rotating these keys so a potential hacker would not have enou

408 Brocade Mobility Access Point System Reference Guide53-1003100-0169. Select OK when completed to update the WLAN’s WPA/WPA2-TKIP encryption config

Brocade Mobility Access Point System Reference Guide 40953-1003100-016FIGURE 6 WLAN Security - WPA2-CCMP screen7. De fi ne Key Settings.8. Define Key

32 Brocade Mobility Access Point System Reference Guide53-1003100-013FIGURE 14 Initial Setup Wizard - Access Point Mode screen for Advanced Setup Wiza

410 Brocade Mobility Access Point System Reference Guide53-1003100-016Brocade recommends rotating these keys so a potential hacker would not have enou

Brocade Mobility Access Point System Reference Guide 41153-1003100-016Select OK when completed to update the WLAN’s WPA2-CCMP encryption configuration

412 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 7 WLAN Security - WEP 64 screen5. Configure the following WEP 64 settings

Brocade Mobility Access Point System Reference Guide 41353-1003100-016• Brocade recommends additional layers of security (beyond WEP 64) be enabled to

414 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 8 WLAN Security - WEP 128 screen7. Configure the following WEP 128 or Key

Brocade Mobility Access Point System Reference Guide 41553-1003100-016Before defining a WEP 128 supported configuration on a WLAN, refer to the follow

416 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 9 WLAN Security - WLAN Firewall screen6. Select an existing Inbound IP Fi

Brocade Mobility Access Point System Reference Guide 41753-1003100-016FIGURE 10 WLAN Security - IP Firewall Rules screenIP Firewall rule configuration

418 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 12 WLAN Security - IP Firewall Rules - IP Firewall Rules Add Criteria scr

Brocade Mobility Access Point System Reference Guide 41953-1003100-016The Precedence column sets the priority of a IP Firewall rule within its rule se

Brocade Mobility Access Point System Reference Guide 3353-1003100-013LAN ConfigurationAdvanced Setup WizardUse the LAN Configuration screen to configu

420 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 13 WLAN Security - MAC Firewall Rules screen12. Define the following para

Brocade Mobility Access Point System Reference Guide 42153-1003100-01613. Save the changes to the new MAC rule, or reset to the last saved configurati

422 Brocade Mobility Access Point System Reference Guide53-1003100-01619. Set a Firewall Session Hold Time in either Seconds (1 - 300) or Minutes (1 -

Brocade Mobility Access Point System Reference Guide 42353-1003100-016FIGURE 14 WLAN - Client Settings screen4. Define the following Client Settings f

424 Brocade Mobility Access Point System Reference Guide53-1003100-0165. Define the following Client Extensions for the WLAN:6. Define the following T

Brocade Mobility Access Point System Reference Guide 42553-1003100-016Select Controller Assisted Mobility to use a controller or service platform&apos

426 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 15 WLAN Accounting screen4. Set the following Syslog Accounting informati

Brocade Mobility Access Point System Reference Guide 42753-1003100-016Accounting Deployment ConsiderationsBefore defining a AAA configuration on a WLA

428 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 16 WLAN – Service Monitoring screenRefer the following for more informati

Brocade Mobility Access Point System Reference Guide 42953-1003100-016Client load balance settings can be defined generically for both the 2.4 GHz and

34 Brocade Mobility Access Point System Reference Guide53-1003100-013• Range - Enter a starting and ending IP Address range for client assignments on

430 Brocade Mobility Access Point System Reference Guide53-1003100-0165. Set the following Load Balancing Settings (2.4 GHz):6. Set the following Load

Brocade Mobility Access Point System Reference Guide 43153-1003100-016FIGURE 18 WLAN - Advanced Configuration screen4. Refer to the Advanced RADIUS Co

432 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 19 Advanced WLAN - Rate Settings 2.4 GHz-WLAN screen6. For 2.4 GHz WLAN r

Brocade Mobility Access Point System Reference Guide 43353-1003100-016FIGURE 20 Advanced WLAN - Rate Settings 5 GHz-WLAN screen7. For 5.0 GHz WLAN rad

434 Brocade Mobility Access Point System Reference Guide53-1003100-016802.11ac MCS rates are defined as follows both with and without short guard inte

Brocade Mobility Access Point System Reference Guide 43553-1003100-016Select Enable to enable HTTP analysis.Set the following HTTP Analysis Forward to

436 Brocade Mobility Access Point System Reference Guide53-1003100-016Select Wireless.Select Wireless LANs to display a high level display of existing

Brocade Mobility Access Point System Reference Guide 43753-1003100-016Refer to the following to configure Time Based Access parameters:3. Select OK wh

438 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 22 WLAN - WLAN Quality of Service (QoS) screen2. Refer to the following r

Brocade Mobility Access Point System Reference Guide 43953-1003100-016NOTEWhen using a wireless client classification other than WMM, only legacy rate

Brocade Mobility Access Point System Reference Guide 3553-1003100-013FIGURE 16 Initial Setup Wizard - WAN Configuration screen of the Advanced Setup W

440 Brocade Mobility Access Point System Reference Guide53-1003100-016The same mechanism deals with external collision, to determine which client shou

Brocade Mobility Access Point System Reference Guide 44153-1003100-016FIGURE 23 WLAN - WLAN QoS Policy screen - WMM tab

442 Brocade Mobility Access Point System Reference Guide53-1003100-0163. Configure the following Settings in respect to the WLAN’s intended WMM radio

Brocade Mobility Access Point System Reference Guide 44353-1003100-0165. Set the following Voice Access settings for the WLAN’s QoS policy:6. Set the

444 Brocade Mobility Access Point System Reference Guide53-1003100-016Configuring a WLAN’s QoS Rate Limit SettingsWLAN QoS PolicyExcessive traffic can

Brocade Mobility Access Point System Reference Guide 44553-1003100-016FIGURE 24 WLAN - WLAN QoS Policy screen - Rate Limit tab

446 Brocade Mobility Access Point System Reference Guide53-1003100-0164. Configure the following intended Upstream Rate Limit parameters for the selec

Brocade Mobility Access Point System Reference Guide 44753-1003100-0166. Configure the following parameters in respect to the WLAN’s intended Downstre

448 Brocade Mobility Access Point System Reference Guide53-1003100-0168. Configure the following intended Upstream Rate Limit parameters for wireless

Brocade Mobility Access Point System Reference Guide 44953-1003100-01610. Configure the following intended Downstream Rate Limit parameters for wirele

36 Brocade Mobility Access Point System Reference Guide53-1003100-013Radio ConfigurationAdvanced Setup WizardUse the Radio Configuration screen to def

450 Brocade Mobility Access Point System Reference Guide53-1003100-0163. Select the Multimedia Optimizations tab.FIGURE 25 WLAN - WLAN QoS Policy Scre

Brocade Mobility Access Point System Reference Guide 45153-1003100-016Set the following Accelerated Multicast settings:Select OK when completed to upd

452 Brocade Mobility Access Point System Reference Guide53-1003100-016Brocade access point radios and wireless clients support several Quality of Serv

Brocade Mobility Access Point System Reference Guide 45353-1003100-016Wireless network administrators can also assign weights to each WLAN in relation

454 Brocade Mobility Access Point System Reference Guide53-1003100-0162. Refer to the following information for a radio QoS policy:3. Either select Ad

Brocade Mobility Access Point System Reference Guide 45553-1003100-016FIGURE 27 Radio QoS Policy screen - WMM tabThe Radio QoS Policy screen displays

456 Brocade Mobility Access Point System Reference Guide53-1003100-0165. Set the following Normal (Best Effort) Access settings for the radio QoS poli

Brocade Mobility Access Point System Reference Guide 45753-1003100-016The name of the radio QoS policy, for which the admission control settings apply

458 Brocade Mobility Access Point System Reference Guide53-1003100-01613. Set the following Normal (Best Effort) Access admission control settings for

Brocade Mobility Access Point System Reference Guide 45953-1003100-01614. Set the following Video Access admission control settings for the radio QoS

Brocade Mobility Access Point System Reference Guide 3753-1003100-013• Radio Frequency Band - Select the 2.4 GHz or 5.0 GHz radio band to use with the

460 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 29 Radio QoS Policy screen - Multimedia Optimizations tab17. Set the foll

Brocade Mobility Access Point System Reference Guide 46153-1003100-016• When a preconfigured interval of time has elapsed since the first frame - of a

462 Brocade Mobility Access Point System Reference Guide53-1003100-016Association ACLWireless ConfigurationAn Association ACL is a policy-based Access

Brocade Mobility Access Point System Reference Guide 46353-1003100-016FIGURE 31 Association ACL screen3. Select the + Add Row button to add an associa

464 Brocade Mobility Access Point System Reference Guide53-1003100-016• Brocade recommends using the Association ACL screen strategically to name and

Brocade Mobility Access Point System Reference Guide 46553-1003100-016NOTERF planning must be performed to ensure overlapping coverage exists at a dep

466 Brocade Mobility Access Point System Reference Guide53-1003100-0165. Refer to the Basic Settings field to enable a Smart RF policy and define its

Brocade Mobility Access Point System Reference Guide 46753-1003100-016FIGURE 33 SMART RF - Channel and Power screen9. Refer to the Power Settings fiel

468 Brocade Mobility Access Point System Reference Guide53-1003100-01610. Set the following Channel Settings for the access point’s 5.0 GHz and 2.4 GH

Brocade Mobility Access Point System Reference Guide 46953-1003100-016FIGURE 34 SMART RF - Scanning Configuration screenNOTEThe monitoring and scannin

38 Brocade Mobility Access Point System Reference Guide53-1003100-013FIGURE 18 Initial Setup Wizard - WAN Configuration screen for Advanced Setup Wiza

470 Brocade Mobility Access Point System Reference Guide53-1003100-01614. Select an index value from 1-3 for awareness overrides. The overrides are ex

Brocade Mobility Access Point System Reference Guide 47153-1003100-016FIGURE 35 SMART RF Recovery Configuration screen - Neighbor Recovery tab18. Set

472 Brocade Mobility Access Point System Reference Guide53-1003100-01619. Set the following Dynamic Sample Recovery parameters:20. Select OK to update

Brocade Mobility Access Point System Reference Guide 47353-1003100-01622. Set the following Interference Recovery parameters:23. Select OK to update t

474 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 37 SMART RF Recovery Configuration screen - Coverage Hole Recovery tab25.

Brocade Mobility Access Point System Reference Guide 47553-1003100-016Smart RF Configuration and Deployment ConsiderationsSMART RFBefore defining a Sm

476 Brocade Mobility Access Point System Reference Guide53-1003100-016In MeshConnex systems, a Mesh Point (MP) is a virtual mesh networking instance o

Brocade Mobility Access Point System Reference Guide 47753-1003100-0165. Select Add to create a new MeshConnex policy, Edit to modify the attributes o

478 Brocade Mobility Access Point System Reference Guide53-1003100-0167. Se le ct OK to update the MeshConnex Configuration settings for this policy.

Brocade Mobility Access Point System Reference Guide 47953-1003100-01610. Set the following Key Settings for the mesh point:11. Set the following Key

Brocade Mobility Access Point System Reference Guide 3953-1003100-013• Onboard RADIUS Server – When selected, a new screen displays where further conf

480 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 41 Advanced Rate Settings 2.4 GHz screen

Brocade Mobility Access Point System Reference Guide 48153-1003100-016FIGURE 42 Advanced Rate Settings 5 GHz screenDefine both minimum Basic and optim

482 Brocade Mobility Access Point System Reference Guide53-1003100-016Mesh QoS helps ensure each mesh point on thenetwork receives a fair share of the

Brocade Mobility Access Point System Reference Guide 48353-1003100-0165. Select the Add button to define a new Mesh QoS policy, or select an existing

484 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 44 Mesh QoS Policy - Rate Limit screen

Brocade Mobility Access Point System Reference Guide 48553-1003100-0166. Configure the following parameters in respect to the intended From Air Upstre

486 Brocade Mobility Access Point System Reference Guide53-1003100-0168. Configure the following parameters in respect to the intended To Air Downstre

Brocade Mobility Access Point System Reference Guide 48753-1003100-01611. Set the following Neighbor Receive Random Early Detection Threshold settings

488 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 45 Mesh QoS Policy - Multimedia Optimizations screen16. Set the following

Brocade Mobility Access Point System Reference Guide 48953-1003100-016A Passpoint policy contains configuration that enables a client to query a netwo

Brocade Mobility Access Point System Reference Guide v53-1003100-01MeshConnex Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

40 Brocade Mobility Access Point System Reference Guide53-1003100-013FIGURE 19 Initial Setup Wizard - System Information screen for the Advanced Setup

490 Brocade Mobility Access Point System Reference Guide53-1003100-016FIGURE 47 Passpoint Policy - Add new policy5. Configure the following parameters

Brocade Mobility Access Point System Reference Guide 49153-1003100-01Chapter7Network configurationThe access point allows packet routing customization

492 Brocade Mobility Access Point System Reference Guide53-1003100-017• IP DSCP - Packet filtering can be performed by traffic class, as determined fr

Brocade Mobility Access Point System Reference Guide 49353-1003100-0171. Select Configuration tab from the web UI.2. Select Network.3. Select Policy B

494 Brocade Mobility Access Point System Reference Guide53-1003100-017FIGURE 2 Policy Based Routing screen - Route Maps tab6. Refer to the following t

Brocade Mobility Access Point System Reference Guide 49553-1003100-017FIGURE 3 Policy Based Routing screen - Add a Route Map8. Use the spinner control

496 Brocade Mobility Access Point System Reference Guide53-1003100-01710. Set the following Action Clauses to determine the routing function performed

Brocade Mobility Access Point System Reference Guide 49753-1003100-01713. Set the following General PBR configuration settings:14. Select OK to save t

498 Brocade Mobility Access Point System Reference Guide53-1003100-017NOTEIf connecting an Ethernet port to another Ethernet port, the pseudowire type

Brocade Mobility Access Point System Reference Guide 49953-1003100-0173. Select Add to create a new L2TP V3 policy, Edit to modify the attributes of a

Brocade Mobility Access Point System Reference Guide 4153-1003100-013Summary And Commit ScreenAdvanced Setup WizardThe Summary And Commit screen displ

500 Brocade Mobility Access Point System Reference Guide53-1003100-017Select OK to save the updates to the L2TP V3 Policy Details. Select Reset to rev

Brocade Mobility Access Point System Reference Guide 50153-1003100-017• Accounting — Accounting is the method for collecting and sending security serv

502 Brocade Mobility Access Point System Reference Guide53-1003100-0174. Refer to the following information listed for each existing AAA policy:5. To

Brocade Mobility Access Point System Reference Guide 50353-1003100-0176. Refer to the following configured RADIUS Authentication details:7. Select a s

504 Brocade Mobility Access Point System Reference Guide53-1003100-017FIGURE 9 AAA Policy - RADIUS Authentication tab - Authentication Server screen8.

Brocade Mobility Access Point System Reference Guide 50553-1003100-0179. Set the following Network Address Identifier (NAI) Routing settings:10. Selec

506 Brocade Mobility Access Point System Reference Guide53-1003100-01711. Refer to the following configured RADIUS Accounting profile details:12. To e

Brocade Mobility Access Point System Reference Guide 50753-1003100-017FIGURE 11 AAA Policy - RADIUS Accounting tab - Accounting Server screen13. Defin

508 Brocade Mobility Access Point System Reference Guide53-1003100-01714. Select the Settings tab.FIGURE 12 AAA-Policy - Settings screenRetry Timeout

Brocade Mobility Access Point System Reference Guide 50953-1003100-01715. Set the following RADIUS server configuration parameters:16. Select OK to sa

42 Brocade Mobility Access Point System Reference Guide53-1003100-013Adopt to a controllerAdvanced Setup WizardWhen the access point is powered on for

510 Brocade Mobility Access Point System Reference Guide53-1003100-017TACACS+ controls user access to devices and network resources while providing se

Brocade Mobility Access Point System Reference Guide 51153-1003100-0174. Refer to the following information for each existing AAA TACACS policy:5. Sel

512 Brocade Mobility Access Point System Reference Guide53-1003100-017FIGURE 15 AAA TACACS Policy - Authentication tab6. Refer to the following AAA TA

Brocade Mobility Access Point System Reference Guide 51353-1003100-017FIGURE 16 AAA TACACS Policy - New Authentication ServerNOTEOnly 2 AAA TACACS Aut

514 Brocade Mobility Access Point System Reference Guide53-1003100-017FIGURE 17 AAA TACACS Policy - Accounting tab11. Refer to the following AAA TACAC

Brocade Mobility Access Point System Reference Guide 51553-1003100-017FIGURE 18 AAA TACACS Policy - New Accounting ServerNOTEOnly 2 AAA TACACS account

516 Brocade Mobility Access Point System Reference Guide53-1003100-017FIGURE 19 AAA TACACS Policy - Authorization tab16. Refer to the following AAA TA

Brocade Mobility Access Point System Reference Guide 51753-1003100-017FIGURE 20 AAA TACACS Policy - New Authorization ServerNOTEOnly 2 AAA TACACS auth

518 Brocade Mobility Access Point System Reference Guide53-1003100-017FIGURE 21 AAA TACACS Policy - Settings tab

Brocade Mobility Access Point System Reference Guide 51953-1003100-01721. Set the following AAA TACACS Accounting server configuration parameters:22.

Brocade Mobility Access Point System Reference Guide 4353-1003100-01Chapter4DashboardThe dashboard allows network administrators to review and trouble

520 Brocade Mobility Access Point System Reference Guide53-1003100-01724. Set the following AAA TACACS Service Protocol Settings parameters:NOTE5 entr

Brocade Mobility Access Point System Reference Guide 52153-1003100-017the local requirement. For the remote deployment location, the network alias wor

522 Brocade Mobility Access Point System Reference Guide53-1003100-017FIGURE 22 Network - Basic Alias Screen4. Select + Add Row to define VLAN Alias s

Brocade Mobility Access Point System Reference Guide 52353-1003100-017• Wireless LANs5. Select + Add Row to define Address Range Alias settings: Use t

524 Brocade Mobility Access Point System Reference Guide53-1003100-017• DHCP8. Select + Add Row to define String Alias settings: Use the String Alias

Brocade Mobility Access Point System Reference Guide 52553-1003100-017FIGURE 23 Network - Alias - Network Group Alias screen5. Select Edit to modify t

526 Brocade Mobility Access Point System Reference Guide53-1003100-017FIGURE 24 Network - Alias - Network Group Alias Add screen6. If adding a new Net

Brocade Mobility Access Point System Reference Guide 52753-1003100-017Network Service AliasAliasA network service alias is a set of configurations tha

528 Brocade Mobility Access Point System Reference Guide53-1003100-017FIGURE 26 Network - Alias - Network Service Alias Add screen6. If adding a new N

Brocade Mobility Access Point System Reference Guide 52953-1003100-017• In respect to L2TP V3, data transfers on the pseudowire can start as soon as s

44 Brocade Mobility Access Point System Reference Guide53-1003100-014FIGURE 1 Dashboard - Health tabDashboard ConventionsThe Dashboard screen displays

530 Brocade Mobility Access Point System Reference Guide53-1003100-017

Brocade Mobility Access Point System Reference Guide 53153-1003100-01Chapter8Getting Started with the Mobile ComputerWhen taking precautions to secure

532 Brocade Mobility Access Point System Reference Guide53-1003100-018Rules comprise of conditions and actions. A condition describes a packet traffic

Brocade Mobility Access Point System Reference Guide 53353-1003100-018FIGURE 1 Wireless Firewall screen - Denial of Service tabA denial of service (Do

534 Brocade Mobility Access Point System Reference Guide53-1003100-018The Settings field lists all of the DoS attacks the firewall has filters for. Ea

Brocade Mobility Access Point System Reference Guide 53553-1003100-018Router AdvertisementIn this attack, the attacker uses ICMP to redirect the netwo

536 Brocade Mobility Access Point System Reference Guide53-1003100-018TCP InterceptA SYN-flooding attack occurs when a hacker floods a server with a b

Brocade Mobility Access Point System Reference Guide 53753-1003100-0184. Select OK to update the Denial of Service settings. Select Reset to revert to

538 Brocade Mobility Access Point System Reference Guide53-1003100-0186. Refer to the Storm Control Settings field to set the following:7. Se le ct +

Brocade Mobility Access Point System Reference Guide 53953-1003100-018FIGURE 3 Wireless Firewall screen - Advanced Settings tab12. Refer to the Firewa

Brocade Mobility Access Point System Reference Guide 4553-1003100-014FIGURE 2 Dashboard - Health tabFor more information see:• Device Details• Radio R

540 Brocade Mobility Access Point System Reference Guide53-1003100-01813. Select OK to continue disabling the captive portal.14. Refer to the General

Brocade Mobility Access Point System Reference Guide 54153-1003100-01816. Refer to the Firewall Enhanced Logging field to set the following parameters

542 Brocade Mobility Access Point System Reference Guide53-1003100-01820. Select OK to update the Firewall Policy Advanced Settings. Select Reset to r

Brocade Mobility Access Point System Reference Guide 54353-1003100-018FIGURE 4 IP Firewall Policy screen2. Select Add to create a new IP Firewall Rule

544 Brocade Mobility Access Point System Reference Guide53-1003100-018FIGURE 5 IP Firewall Rules screen - Adding a new rule4. If adding a new rule, en

Brocade Mobility Access Point System Reference Guide 54553-1003100-018FIGURE 6 WLAN Security - IP Firewall Rules - Edit Rule screenClick the icon with

546 Brocade Mobility Access Point System Reference Guide53-1003100-018IP Firewall Rule configurations. Select the Remove icon as required to remove se

Brocade Mobility Access Point System Reference Guide 54753-1003100-018Device FingerprintingGetting Started with the Mobile ComputerWith the increase i

548 Brocade Mobility Access Point System Reference Guide53-1003100-018Select Add to create a new client identity policy. Client identity policies conf

Brocade Mobility Access Point System Reference Guide 54953-1003100-018FIGURE 10 Security - Device Fingerprinting - New Client Identity - Pre-defined I

46 Brocade Mobility Access Point System Reference Guide53-1003100-014FIGURE 3 Dashboard - Health tab - Device Details fieldThe Device Details field di

550 Brocade Mobility Access Point System Reference Guide53-1003100-018FIGURE 11 Security - Device Fingerprinting - Client Signature screenProvide the

Brocade Mobility Access Point System Reference Guide 55153-1003100-018Click Ok to save changes. Click Reset to revert all changes made to this screen.

552 Brocade Mobility Access Point System Reference Guide53-1003100-018Device fingerprinting relies on specific information sent by a wireless client w

Brocade Mobility Access Point System Reference Guide 55353-1003100-018FIGURE 14 Security - Device Fingerprinting - Client Identity Group - New Client

554 Brocade Mobility Access Point System Reference Guide53-1003100-018NOTEOnce defined, a set of MAC firewall rules must be applied to an interface to

Brocade Mobility Access Point System Reference Guide 55553-1003100-018FIGURE 16 MAC Firewall Rules screen - Adding a new rule4. If adding a new MAC Fi

556 Brocade Mobility Access Point System Reference Guide53-1003100-0186. Select + Add Row as needed to add additional MAC Firewall Rule configurations

Brocade Mobility Access Point System Reference Guide 55753-1003100-018• Rogue Detection and Segregation - A WIPS supported network distinguishes itsel

558 Brocade Mobility Access Point System Reference Guide53-1003100-0183. Within the Wireless IPS Status field, select either Enabled or Disabled to ac

Brocade Mobility Access Point System Reference Guide 55953-1003100-018FIGURE 18 Wireless IPS screen - WIPS Events - Excessive tabThe Excessive tab lis

Brocade Mobility Access Point System Reference Guide 4753-1003100-014The access point’s RF Domain allows an administrator to assign configuration data

560 Brocade Mobility Access Point System Reference Guide53-1003100-0189. Select OK to save the updates to the to Excessive Actions configuration used

Brocade Mobility Access Point System Reference Guide 56153-1003100-01811. Set the following MU Anomaly Event configurations:12. Select OK to save the

562 Brocade Mobility Access Point System Reference Guide53-1003100-018FIGURE 20 Wireless IPS screen - WIPS Events - AP Anomaly tabAP Anomaly events ar

Brocade Mobility Access Point System Reference Guide 56353-1003100-018A WIPS signature is the set or parameters, or pattern, used by WIPS to identify

564 Brocade Mobility Access Point System Reference Guide53-1003100-018FIGURE 22 WIPS Signature Configuration screen19. If adding a new WIPS signature,

Brocade Mobility Access Point System Reference Guide 56553-1003100-01821. Refer to Thresholds field to set the thresholds used as filtering criteria.2

566 Brocade Mobility Access Point System Reference Guide53-1003100-018FIGURE 23 Device Categorization screen The Device Categorization screen lists th

Brocade Mobility Access Point System Reference Guide 56753-1003100-018FIGURE 24 Device Categorization screen - Marked Devices 3. If creating a new Dev

568 Brocade Mobility Access Point System Reference Guide53-1003100-018Security Deployment ConsiderationsGetting Started with the Mobile ComputerBefore

Brocade Mobility Access Point System Reference Guide 56953-1003100-01Chapter9Getting Started with the Mobile ComputerBrocade Mobility software support

48 Brocade Mobility Access Point System Reference Guide53-1003100-014FIGURE 6 Dashboard - Health tab - Client RF Quality Index field1. The Client RF Q

570 Brocade Mobility Access Point System Reference Guide53-1003100-0192. Select Captive Portals.The Captive Portal screen displays the configurations

Brocade Mobility Access Point System Reference Guide 57153-1003100-0194. Select Add to create a new captive portal policy, Edit to modify an existing

572 Brocade Mobility Access Point System Reference Guide53-1003100-019

Brocade Mobility Access Point System Reference Guide 57353-1003100-019

574 Brocade Mobility Access Point System Reference Guide53-1003100-019FIGURE 2 Captive Portal Policy screen - Basic Configuration tab5. Define the fol

Brocade Mobility Access Point System Reference Guide 57553-1003100-0198. Set the following Client Settings to define the duration clients are allowed

576 Brocade Mobility Access Point System Reference Guide53-1003100-019FIGURE 3 Captive Portal DNS Whitelist screen• Provide a numerical IP address or

Brocade Mobility Access Point System Reference Guide 57753-1003100-019Set the following Data Limit parameters:Set the following Logout FQDN parameters

578 Brocade Mobility Access Point System Reference Guide53-1003100-019FIGURE 4 Captive Portal Policy screen - Web Page tabThe Login screen prompts for

Brocade Mobility Access Point System Reference Guide 57953-1003100-01912. Provide the following required information when creating Login, Terms and Co

Brocade Mobility Access Point System Reference Guide 4953-1003100-014FIGURE 7 Dashboard - Inventory tabThe Inventory tab is partitioned into the follo

580 Brocade Mobility Access Point System Reference Guide53-1003100-019FIGURE 5 Captive Portal Policy screen - Web Page tab - Externally Hosted Web Pag

Brocade Mobility Access Point System Reference Guide 58153-1003100-019FIGURE 6 Captive Portal Policy screen - Web Page tab - Advanced Web Page screen1

582 Brocade Mobility Access Point System Reference Guide53-1003100-019Setting the DNS Whitelist ConfigurationGetting Started with the Mobile ComputerA

Brocade Mobility Access Point System Reference Guide 58353-1003100-019• Provide a numerical IP address or hostname within the DNS Entry parameter for

584 Brocade Mobility Access Point System Reference Guide53-1003100-019A pool (or range) of IP network addresses and DHCP options can be created for ea

Brocade Mobility Access Point System Reference Guide 58553-1003100-0193. Review the following DHCP pool configurations to determine if an existing poo

586 Brocade Mobility Access Point System Reference Guide53-1003100-0195. Set the following General parameters:6. Use the IP Address Ranges and Exclude

Brocade Mobility Access Point System Reference Guide 58753-1003100-019A binding is a collection of configuration parameters, including an IP address,

588 Brocade Mobility Access Point System Reference Guide53-1003100-019FIGURE 11 Static Bindings Add screen11. Define the following General parameters

Brocade Mobility Access Point System Reference Guide 58953-1003100-01912. Define the following NetBIOS parameters required to complete the creation of

vi Brocade Mobility Access Point System Reference Guide53-1003100-01Setting the Authentication Configuration . . . . . . . . . . . . . . . . . . . .6

50 Brocade Mobility Access Point System Reference Guide53-1003100-014FIGURE 8 Dashboard - Inventory tab - Radio Types fieldRefer to the Total Radios c

590 Brocade Mobility Access Point System Reference Guide53-1003100-019FIGURE 12 DHCP Pools screen - Advanced tab19. The addition or edit of the networ

Brocade Mobility Access Point System Reference Guide 59153-1003100-01921. Refer to the DHCP Option Values table to set global DHCP options applicable

592 Brocade Mobility Access Point System Reference Guide53-1003100-019FIGURE 13 DHCP Server Policy screen - Global Settings tab2. Set the following pa

Brocade Mobility Access Point System Reference Guide 59353-1003100-019DHCP Class Policy ConfigurationSetting the DHCP Server ConfigurationThe DHCP ser

594 Brocade Mobility Access Point System Reference Guide53-1003100-0192. Select Add to create a new DHCP class policy, Edit to update an existing poli

Brocade Mobility Access Point System Reference Guide 59553-1003100-019Remote Authentication Dial-In User Service (RADIUS) is a client/server protocol

596 Brocade Mobility Access Point System Reference Guide53-1003100-019• The creation of a start and end of time in (HH:MM) when a user is allowed to a

Brocade Mobility Access Point System Reference Guide 59753-1003100-0194. Select Add to create a new group. To modify the settings of an existing group

598 Brocade Mobility Access Point System Reference Guide53-1003100-019FIGURE 17 RADIUS Group Policy Add screen4. Define the following Settings to defi

Brocade Mobility Access Point System Reference Guide 59953-1003100-0195. Set the Schedule to configure access times and dates. Select Restrict Access

Brocade Mobility Access Point System Reference Guide 5153-1003100-014FIGURE 10 Dashboard - Inventory tab - Wireless Clients fieldInformation within th

600 Brocade Mobility Access Point System Reference Guide53-1003100-019FIGURE 18 RADIUS User Pool screen3. Select Add to create a new user pool, Edit t

Brocade Mobility Access Point System Reference Guide 60153-1003100-019FIGURE 19 RADIUS User Pool Add screen 5. Refer to the following User Pool config

602 Brocade Mobility Access Point System Reference Guide53-1003100-0196. Select the Add button to add a new RADIUS user, Edit to modify the configurat

Brocade Mobility Access Point System Reference Guide 60353-1003100-0198. Set the following Time settings for the new user:Select OK to save the user g

604 Brocade Mobility Access Point System Reference Guide53-1003100-019FIGURE 21 RADIUS Server Policy screen - Server Policy tab

Brocade Mobility Access Point System Reference Guide 60553-1003100-019The RADIUS Server Policy screen displays with the Server Policy tab displayed by

606 Brocade Mobility Access Point System Reference Guide53-1003100-019If using LDAP as the default authentication source, select + Add Row to set LDAP

Brocade Mobility Access Point System Reference Guide 60753-1003100-019Set the following Session Resumption/Fast Reauthentication settings to define ho

608 Brocade Mobility Access Point System Reference Guide53-1003100-019FIGURE 22 RADIUS Server Policy screen - Client tab8. Select the + Add Row button

Brocade Mobility Access Point System Reference Guide 60953-1003100-019When the access point’s RADIUS server receives a request for a user name contain

52 Brocade Mobility Access Point System Reference Guide53-1003100-014Network ViewDashboardThe Network View displays device topology association betwee

610 Brocade Mobility Access Point System Reference Guide53-1003100-01918. Enter the Proxy server‘s IP Address. This is the address of server checking

Brocade Mobility Access Point System Reference Guide 61153-1003100-019FIGURE 24 RADIUS Server Policy screen - LDAP tab24. Refer to the following to de

612 Brocade Mobility Access Point System Reference Guide53-1003100-019FIGURE 25 LDAP Server Add screen26. Set the following Network address informatio

Brocade Mobility Access Point System Reference Guide 61353-1003100-01928. Set the following Attributes for LDAP groups to optimally refine group queri

614 Brocade Mobility Access Point System Reference Guide53-1003100-019

Brocade Mobility Access Point System Reference Guide 61553-1003100-01Chapter10Getting Started with the Mobile ComputerThe access point uses mechanisms

616 Brocade Mobility Access Point System Reference Guide53-1003100-0110FIGURE 1 Management Policy - Administrators screen3. Refer to the following to

Brocade Mobility Access Point System Reference Guide 61753-1003100-0110FIGURE 2 Administrators screen5. If adding a new administrator, enter the name

618 Brocade Mobility Access Point System Reference Guide53-1003100-01108. Select an Administrator Role. Only one role can be assigned. 9. Select OK to

Brocade Mobility Access Point System Reference Guide 61953-1003100-0110FIGURE 3 Management Policy - Access Control screen4. Set the following paramete

Brocade Mobility Access Point System Reference Guide 5353-1003100-014Network View Display Options Network View1. Select the blue Options link right un

620 Brocade Mobility Access Point System Reference Guide53-1003100-01106. Set the following HTTP/HTTPS parameters:NOTEIf an Brocade Mobility 6511 Acce

Brocade Mobility Access Point System Reference Guide 62153-1003100-01109. Set the following Access Restrictions:10.Select OK to save the Access Contro

622 Brocade Mobility Access Point System Reference Guide53-1003100-0110FIGURE 4 Management Policy - Authentication screen4. Set the following to authe

Brocade Mobility Access Point System Reference Guide 62353-1003100-01107. Configure the AAA TACACS Policy to use with this authentication policy. Use

624 Brocade Mobility Access Point System Reference Guide53-1003100-0110FIGURE 5 Management Policy screen - SNMP tab3. Enable or disable SNMPv2 and SNM

Brocade Mobility Access Point System Reference Guide 62553-1003100-01104. Set the SNMP v1/v2 Community String configuration. Use the + Add Row functio

626 Brocade Mobility Access Point System Reference Guide53-1003100-0110FIGURE 6 Management Policy screen - SNMP Traps tab3. Select the Enable Trap Gen

Brocade Mobility Access Point System Reference Guide 62753-1003100-0110• By default, SNMPv2 community strings on most devices are set to public for th

628 Brocade Mobility Access Point System Reference Guide53-1003100-0110

Brocade Mobility Access Point System Reference Guide 62953-1003100-01Chapter11DiagnosticsAn access point’s resident diagnostic capabilities enable adm

54 Brocade Mobility Access Point System Reference Guide53-1003100-014Device Specific InformationNetwork ViewA device specific information screen is av

630 Brocade Mobility Access Point System Reference Guide53-1003100-0111FIGURE 1 Fault Management - Filter Events screenUse the Filter Events screen to

Brocade Mobility Access Point System Reference Guide 63153-1003100-0111NOTELeave the Source, Device and Mobile Unit fields at the default setting of 0

632 Brocade Mobility Access Point System Reference Guide53-1003100-01115. Refer to the following event parameters to assess nature and severity of the

Brocade Mobility Access Point System Reference Guide 63353-1003100-0111In the Controller(s) tab, select the controller from the Select a Controller fi

634 Brocade Mobility Access Point System Reference Guide53-1003100-0111FIGURE 4 Crash Files screenThe screen displays the following for each reported

Brocade Mobility Access Point System Reference Guide 63553-1003100-0111• View SessionsUI DebuggingAdvancedUse the UI Debugging screen to view debuggin

636 Brocade Mobility Access Point System Reference Guide53-1003100-0111Refer to the Request Response and Time Taken fields on the bottom of the screen

Brocade Mobility Access Point System Reference Guide 63753-1003100-0111The Scheme Browser displays the Configuration tab by default.The Schema Browser

638 Brocade Mobility Access Point System Reference Guide53-1003100-0111FIGURE 7 View UI Logs - Flex Logs tabThe Sequence (order of occurrence), Date/T

Brocade Mobility Access Point System Reference Guide 63953-1003100-0111FIGURE 8 View UI Logs - Error Logs tabThe Sequence (order of occurrence), Date/

Brocade Mobility Access Point System Reference Guide 5553-1003100-01Chapter5Device ConfigurationAccess points can either be assigned unique configurat

640 Brocade Mobility Access Point System Reference Guide53-1003100-0111FIGURE 9 Advanced - View Sessions screenRefer to the following table for more i

Brocade Mobility Access Point System Reference Guide 64153-1003100-01Chapter12Getting Started with the Mobile ComputerThe functions supported within t

642 Brocade Mobility Access Point System Reference Guide53-1003100-0112NOTEAP upgrades can only be performed by access points in Virtual Controller AP

Brocade Mobility Access Point System Reference Guide 64353-1003100-0112For information on conducting a device firmware upgrade, see Upgrading Device F

644 Brocade Mobility Access Point System Reference Guide53-1003100-0112Select Show Running Config to display the Running Configuration window.FIGURE 5

Brocade Mobility Access Point System Reference Guide 64553-1003100-0112Select Export button to export the running configuration using the settings con

646 Brocade Mobility Access Point System Reference Guide53-1003100-0112FIGURE 7 Device Browser - Options for a deviceSelect Show Startup Config to dis

Brocade Mobility Access Point System Reference Guide 64753-1003100-0112Use the Import/Export Config field to configure the parameters required to expo

648 Brocade Mobility Access Point System Reference Guide53-1003100-0112FIGURE 9 Device BrowserSelect the down arrow next to the device to view a set o

Brocade Mobility Access Point System Reference Guide 64953-1003100-0112Refer to the following for more information on the Clear Crash Info screen.Use

56 Brocade Mobility Access Point System Reference Guide53-1003100-015However, an access point’s RF Domain configuration may need periodic refinement f

650 Brocade Mobility Access Point System Reference Guide53-1003100-0112FIGURE 14 Device - Reload screenRefer the following for more information on thi

Brocade Mobility Access Point System Reference Guide 65153-1003100-01121. Select the target device from the left-hand side of the UI. FIGURE 15 Device

652 Brocade Mobility Access Point System Reference Guide53-1003100-0112Upgrading Device FirmwareDevicesTo update the firmware of an access point:1. Se

Brocade Mobility Access Point System Reference Guide 65353-1003100-01122. Provide the following information to accurately define the location of the t

654 Brocade Mobility Access Point System Reference Guide53-1003100-0112Use the Summary screen to assess whether a device’s firmware or configuration f

Brocade Mobility Access Point System Reference Guide 65553-1003100-0112Refer to the following to determine whether a firmware image needs requires an

656 Brocade Mobility Access Point System Reference Guide53-1003100-0112FIGURE 22 Device Summary screenSelect Adopted Device Upgrade tab. The following

Brocade Mobility Access Point System Reference Guide 65753-1003100-0112FIGURE 23 Devices - Adopted AP Upgrade screenNOTEIf selecting the Device Upgrad

658 Brocade Mobility Access Point System Reference Guide53-1003100-0112Refer to the All Devices table for information about all the access points adop

Brocade Mobility Access Point System Reference Guide 65953-1003100-0112FIGURE 24 AP Upgrade screen - AP Image File2. Select the Device Image File tab

Brocade Mobility Access Point System Reference Guide 5753-1003100-0154. Define the following Basic Configuration values for the access point RF Domain

660 Brocade Mobility Access Point System Reference Guide53-1003100-01123. When the AP Image Type and appropriate file location and protocol have been

Brocade Mobility Access Point System Reference Guide 66153-1003100-0112FIGURE 25 AP Upgrade screen - Upgrade Status screenRefer to the following field

662 Brocade Mobility Access Point System Reference Guide53-1003100-01124. Optionally select Cancel (from the lower, right-hand corner of the screen) t

Brocade Mobility Access Point System Reference Guide 66353-1003100-0112Select the Clear History button to clear the current update information for eac

664 Brocade Mobility Access Point System Reference Guide53-1003100-0112FIGURE 27 Device Summary screenClick File Management. The following screen disp

Brocade Mobility Access Point System Reference Guide 66553-1003100-0112FIGURE 28 Devices - File Management screenThe pane on the left of the screen di

666 Brocade Mobility Access Point System Reference Guide53-1003100-0112FIGURE 29 Devices - File Management screenRefer to the following for more infor

Brocade Mobility Access Point System Reference Guide 66753-1003100-0112FIGURE 30 Devices - File Management - Delete Confirmation screenClick Proceed t

668 Brocade Mobility Access Point System Reference Guide53-1003100-0112• From a location on the device to another location on the same device.2. Set t

Brocade Mobility Access Point System Reference Guide 66953-1003100-0112Adopted Device RestartDevicesUse the Adopted Device Restart screen to restart o

58 Brocade Mobility Access Point System Reference Guide53-1003100-015The Brocade’ Wireless Intrusion Protection System (WIPS) protects wireless client

670 Brocade Mobility Access Point System Reference Guide53-1003100-0112FIGURE 33 Devices - Adopted Device Restart screenFrom the list of adopted devic

Brocade Mobility Access Point System Reference Guide 67153-1003100-0112The Captive Portal Pages screen enables the management of the configured captiv

672 Brocade Mobility Access Point System Reference Guide53-1003100-0112FIGURE 35 Devices Captive Portal Pages - AP Upload List screenUse the Captive P

Brocade Mobility Access Point System Reference Guide 67353-1003100-0112FIGURE 36 Devices Captive Portal Pages - CP Page Image File screenUse the Capti

674 Brocade Mobility Access Point System Reference Guide53-1003100-0112Select Load Image to start loading the captive portal pages image file.Optional

Brocade Mobility Access Point System Reference Guide 67553-1003100-0112Refer to the Status tab to view the history of captive portal pages upload.Sele

676 Brocade Mobility Access Point System Reference Guide53-1003100-0112FIGURE 38 Re-elect Controller screen5. Refer to the Available APs column, and u

Brocade Mobility Access Point System Reference Guide 67753-1003100-0112Depending on the public key infrastructure, the digital certificate includes th

678 Brocade Mobility Access Point System Reference Guide53-1003100-0112FIGURE 39 Certificate Management -Trustpoints screenThe Trustpoints screen disp

Brocade Mobility Access Point System Reference Guide 67953-1003100-0112FIGURE 40 Certificate Management - Import New Trustpoint screen4. Define the fo

Brocade Mobility Access Point System Reference Guide 5953-1003100-0156. Provide the numerical (non DNS) IP Address of each server used as a WIPS senso

680 Brocade Mobility Access Point System Reference Guide53-1003100-0112A certificate authority (CA) is a network authority that issues and manages sec

Brocade Mobility Access Point System Reference Guide 68153-1003100-0112Once a certificate has been generated on the authentication server, export the

682 Brocade Mobility Access Point System Reference Guide53-1003100-01127. Se le ct OK to export the trustpoint. Select Cancel to revert the screen to

Brocade Mobility Access Point System Reference Guide 68353-1003100-0112FIGURE 42 Certificate Management - RSA Keys screenEach key can have its size an

684 Brocade Mobility Access Point System Reference Guide53-1003100-0112FIGURE 43 Certificate Management - Generate RSA Key screen3. Select OK to gener

Brocade Mobility Access Point System Reference Guide 68553-1003100-0112FIGURE 44 Certificate Management - Import New RSA Key screen5. Define the follo

686 Brocade Mobility Access Point System Reference Guide53-1003100-01126. Select OK to import the defined RSA key. Select Cancel to revert the screen

Brocade Mobility Access Point System Reference Guide 68753-1003100-011210. Select OK to export the defined RSA key. Select Cancel to revert the screen

688 Brocade Mobility Access Point System Reference Guide53-1003100-0112FIGURE 46 Certificate Management - Create Certificate screen3. Define the follo

Brocade Mobility Access Point System Reference Guide 68953-1003100-01125. Select the following Additional Credentials required for the generation of t

Brocade Mobility Access Point System Reference Guide vii53-1003100-01RF Domain Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

60 Brocade Mobility Access Point System Reference Guide53-1003100-015• Network Service AliasNetwork Basic AliasRF Domain ConfigurationA basic alias is

690 Brocade Mobility Access Point System Reference Guide53-1003100-0112FIGURE 47 Certificate Management - Create CSR screen3. Define the following con

Brocade Mobility Access Point System Reference Guide 69153-1003100-01125. Select the following Additional Credentials required for the generation of t

692 Brocade Mobility Access Point System Reference Guide53-1003100-0112To conduct Smart RF calibration:Select Operations.Select Smart RF.The Smart RF

Brocade Mobility Access Point System Reference Guide 69353-1003100-0112Select the Refresh button to (as required) to update the contents of the Smart

694 Brocade Mobility Access Point System Reference Guide53-1003100-0112• Replace - Only overwrites the current channel and power values with the new c

Brocade Mobility Access Point System Reference Guide 69553-1003100-01Chapter13StatisticsThis chapter describes statistics displayed by the graphical u

696 Brocade Mobility Access Point System Reference Guide53-1003100-0113To display the health of the network: 1. Select the Statistics menu from the We

Brocade Mobility Access Point System Reference Guide 69753-1003100-01136. The Traffic Utilization table displays the top 5 RF Domains with the most ef

698 Brocade Mobility Access Point System Reference Guide53-1003100-0113To display the inventory statistics:1. Select the Statistics menu from the Web

Brocade Mobility Access Point System Reference Guide 69953-1003100-01136. The Clients table displays the total number of wireless clients managed by t

Brocade Mobility Access Point System Reference Guide 6153-1003100-015FIGURE 3 RF Domain - Basic Alias screen5. Select + Add Row to define VLAN Alias s

700 Brocade Mobility Access Point System Reference Guide53-1003100-0113The Adopted Devices screen provides the following:Pending AdoptionsSystem Stati

Brocade Mobility Access Point System Reference Guide 70153-1003100-0113FIGURE 4 System - Pending Adoptions screenThe Pending Adoptions screen displays

702 Brocade Mobility Access Point System Reference Guide53-1003100-0113To view offline device potentially available for adoption:1. Select the Statist

Brocade Mobility Access Point System Reference Guide 70353-1003100-0113Device UpgradeSystem StatisticsThe Device Upgrade screen displays available lic

704 Brocade Mobility Access Point System Reference Guide53-1003100-01134. Select Device Upgrade from the left-hand side of the UI:LicensesSystem Stati

Brocade Mobility Access Point System Reference Guide 70553-1003100-0113FIGURE 7 System - Licenses screen4. The Local Licenses table provides the follo

706 Brocade Mobility Access Point System Reference Guide53-1003100-01135. The Global Licenses table provides the following information:6. The AP Licen

Brocade Mobility Access Point System Reference Guide 70753-1003100-0113Refer to the following license utilization data:RF Domain StatisticsStatisticsT

708 Brocade Mobility Access Point System Reference Guide53-1003100-0113• Device Upgrade• Wireless LANs• Radios• Mesh• Mesh Point• SMART RF• WIPS• Capt

Brocade Mobility Access Point System Reference Guide 70953-1003100-0113FIGURE 8 RF Domain - Health screen4. The Domain field displays the name of the

62 Brocade Mobility Access Point System Reference Guide53-1003100-015• IP Firewall Rules• L2TPv3• Switchport• Wireless LANs6. Select + Add Row to defi

710 Brocade Mobility Access Point System Reference Guide53-1003100-01137. Re fer to th e Radio Quality table for RF Domain member radios requiring a

Brocade Mobility Access Point System Reference Guide 71153-1003100-011313. The Traffic Statistics statistics table displays the following information

712 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 9 RF Domain - Inventory screen4. The Device Types table displays the tot

Brocade Mobility Access Point System Reference Guide 71353-1003100-01138. Refer to the WLANs table to review RF Domain WLAN, radio and client utilizat

714 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 10 RF Domain - Devices screenAP DetectionRF Domain StatisticsThe AP Dete

Brocade Mobility Access Point System Reference Guide 71553-1003100-0113FIGURE 11 RF Domain - AP Detection screenThe AP Detection screen displays the f

716 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 12 RF Domain - Wireless Clients screenThe Wireless Clients screen displa

Brocade Mobility Access Point System Reference Guide 71753-1003100-0113Device UpgradeRF Domain StatisticsThe Device Upgrade screen reports information

718 Brocade Mobility Access Point System Reference Guide53-1003100-0113Wireless LANsRF Domain StatisticsThe Wireless LANs screen displays the name, ne

Brocade Mobility Access Point System Reference Guide 71953-1003100-0113RadiosRF Domain StatisticsThe Radio screens displays information on RF Domain m

Brocade Mobility Access Point System Reference Guide 6353-1003100-015Use the Network Alias field to create aliases for IP networks that can be utilize

720 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 15 RF Domain - Radio Status screenThe Radio Status screen displays the f

Brocade Mobility Access Point System Reference Guide 72153-1003100-0113RF StatisticsTo view the RF Domain radio statistics:1. Select the Statistics me

722 Brocade Mobility Access Point System Reference Guide53-1003100-0113Traffic StatisticsThe Traffic Statistics screen displays transmit and receive d

Brocade Mobility Access Point System Reference Guide 72353-1003100-0113MeshRF Domain StatisticsMesh networking enables users to wirelessly access broa

724 Brocade Mobility Access Point System Reference Guide53-1003100-0113Mesh PointRF Domain StatisticsTo view Mesh Point statistics for RF Domain membe

Brocade Mobility Access Point System Reference Guide 72553-1003100-0113FIGURE 20 RF Domain - Mesh Point MCX Logical View screen The Concentric and Hie

726 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 21 RF Domain - Mesh Point Device Type screen The Root field displays the

Brocade Mobility Access Point System Reference Guide 72753-1003100-0113The Path tab displays the following:The Root tab displays the following:Is Root

728 Brocade Mobility Access Point System Reference Guide53-1003100-0113The Multicast Path tab displays the following:The Neighbors tab displays the fo

Brocade Mobility Access Point System Reference Guide 72953-1003100-0113The Security tab displays the following:Mesh Root HopsThe number of devices bet

64 Brocade Mobility Access Point System Reference Guide53-1003100-0153. Select RF Domain.4. Select the Network Group Alias tab. The following screen d

730 Brocade Mobility Access Point System Reference Guide53-1003100-0113The Proxy tab displays the following:10. Select the Device Brief Info tab from

Brocade Mobility Access Point System Reference Guide 73153-1003100-0113FIGURE 22 RF Domain - Mesh Point Device Brief Info screen The All Roots and Mes

732 Brocade Mobility Access Point System Reference Guide53-1003100-011311. The MeshPoint Details field on the bottom portion of the screen displays ta

Brocade Mobility Access Point System Reference Guide 73353-1003100-0113The Root tab displays the following:The Multicast Path tab displays the followi

734 Brocade Mobility Access Point System Reference Guide53-1003100-0113The Security tab displays the following:Neighbor MP IDThe MAC Address that the

Brocade Mobility Access Point System Reference Guide 73553-1003100-0113The Proxy tab displays the following:12. Select Device Data Transmit.Radio Inte

736 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 23 RF Domain - Mesh Point Device Data Transmit screen Review the followi

Brocade Mobility Access Point System Reference Guide 73753-1003100-0113The Root section provides the following information:The Mesh Points section pro

738 Brocade Mobility Access Point System Reference Guide53-1003100-0113The Details section is split into 7 tabsThe General tab provides the following

Brocade Mobility Access Point System Reference Guide 73953-1003100-0113The Root tab provides the following information:The Multicast Path tab provides

Brocade Mobility Access Point System Reference Guide 6553-1003100-015FIGURE 5 RF Domain - Network Group Alias Add screen6. If adding a new Network Gro

740 Brocade Mobility Access Point System Reference Guide53-1003100-0113The Security tab provides the following information:Mesh Device MobileDisplays

Brocade Mobility Access Point System Reference Guide 74153-1003100-0113The Proxy tab provides the following information:Click the Device Brief Info ta

742 Brocade Mobility Access Point System Reference Guide53-1003100-0113The summary screen enables administrators to assess the efficiency of RF Domain

Brocade Mobility Access Point System Reference Guide 74353-1003100-01137. Rev iew t he Top 5 Active Radios to assess the significance of any Smart R

744 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 25 RF Domain - Smart RF Details screenRefer to the Neighbors table to re

Brocade Mobility Access Point System Reference Guide 74553-1003100-0113FIGURE 26 RFDomain - Smart RF Energy Graph12. Select Smart RF History to review

746 Brocade Mobility Access Point System Reference Guide53-1003100-0113The SMART RF History screen displays the following RF Domain member historical

Brocade Mobility Access Point System Reference Guide 74753-1003100-0113FIGURE 28 RF Domain - WIPS Client Blacklist screenThe WIPS Client Blacklist scr

748 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 29 RF Domain - WIPS Events screenThe WIPS Events screen displays the fol

Brocade Mobility Access Point System Reference Guide 74953-1003100-01133. Select Captive Portal from the RF Domain menu.FIGURE 30 RF Domain - Captive

66 Brocade Mobility Access Point System Reference Guide53-1003100-015Network Service AliasRF Domain ConfigurationA network service alias is a set of c

750 Brocade Mobility Access Point System Reference Guide53-1003100-0113• Device• Device Upgrade• Adoption• AP Detection• Wireless Clients• Wireless LA

Brocade Mobility Access Point System Reference Guide 75153-1003100-01132. Select System from the navigation pane (on the left-hand side of the screen)

752 Brocade Mobility Access Point System Reference Guide53-1003100-0113The Radio RF Quality Index field displays the following:The Radio Utilization f

Brocade Mobility Access Point System Reference Guide 75353-1003100-0113FIGURE 32 Access Point - Device screen The System field displays the following:

754 Brocade Mobility Access Point System Reference Guide53-1003100-0113The Fan Speed field displays the following:The Temperature field displays the f

Brocade Mobility Access Point System Reference Guide 75553-1003100-0113The Upgrade Status field displays the following:The Sensor Lock field displays

756 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 33 Access Point - Device Upgrade screenThe Device Upgrade screen display

Brocade Mobility Access Point System Reference Guide 75753-1003100-0113Adopted APsAdoptionThe Adopted APs screen lists access points adopted by the se

758 Brocade Mobility Access Point System Reference Guide53-1003100-0113AP Adoption HistoryAdoptionThe AP Adoption History screen displays a list of pe

Brocade Mobility Access Point System Reference Guide 75953-1003100-01132. Select System from the navigation pane (on the left-hand side of the screen)

Brocade Mobility Access Point System Reference Guide 6753-1003100-015FIGURE 7 RF Domain - Network Service Alias Add screen6. If adding a new Network S

760 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 37 Access Point - Pending Adoptions screenThe Pending Adoptions screen p

Brocade Mobility Access Point System Reference Guide 76153-1003100-0113FIGURE 38 Access Point - AP DetectionThe AP Detection screen displays the follo

762 Brocade Mobility Access Point System Reference Guide53-1003100-0113To view wireless client statistics:1. Select the Statistics menu from the Web U

Brocade Mobility Access Point System Reference Guide 76353-1003100-0113Wireless LANsAccess Point StatisticsThe Wireless LANs screen displays an overvi

764 Brocade Mobility Access Point System Reference Guide53-1003100-0113Policy Based RoutingAccess Point StatisticsThe Policy Based Routing statistics

Brocade Mobility Access Point System Reference Guide 76553-1003100-0113FIGURE 41 Access Point - Policy Based Routing screenThe Policy Based Routing sc

766 Brocade Mobility Access Point System Reference Guide53-1003100-0113RadiosAccess Point StatisticsThe Radio statistics screens display information o

Brocade Mobility Access Point System Reference Guide 76753-1003100-0113FIGURE 42 Access Point - Radio Status screenThe radio Status screen provides th

768 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 43 Access Point - Radio RF Statistics screenThe RF Statistics screen lis

Brocade Mobility Access Point System Reference Guide 76953-1003100-01131. Select the Statistics menu from the Web UI.2. Select System from the navigat

68 Brocade Mobility Access Point System Reference Guide53-1003100-015An access point profile enables an administrator to assign a common set of config

770 Brocade Mobility Access Point System Reference Guide53-1003100-0113MeshAccess Point StatisticsThe Mesh screen provides detailed statistics on each

Brocade Mobility Access Point System Reference Guide 77153-1003100-0113InterfacesAccess Point StatisticsThe Interface screen provides detailed statist

772 Brocade Mobility Access Point System Reference Guide53-1003100-0113The General table displays the following:The Specification table displays the f

Brocade Mobility Access Point System Reference Guide 77353-1003100-0113The Errors table displays the following:The Receive Errors table displays the f

774 Brocade Mobility Access Point System Reference Guide53-1003100-0113The Transmit Errors field displays the following:Network GraphInterfacesThe Net

Brocade Mobility Access Point System Reference Guide 77553-1003100-01133. Select Interfaces.4. Select Network Graph.FIGURE 47 Access Point- Interface

776 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 48 Access Point - RTLS screenThe Access Point RTLS screen displays the f

Brocade Mobility Access Point System Reference Guide 77753-1003100-0113PPPoEAccess Point StatisticsThe PPPoE statistics screen displays stats derived

778 Brocade Mobility Access Point System Reference Guide53-1003100-01134. Refer to the Connection Status field.The Connection Status table lists the M

Brocade Mobility Access Point System Reference Guide 77953-1003100-01133. Select OSPF. The Summary tab displays by default.FIGURE 50 Access Point - OS

Brocade Mobility Access Point System Reference Guide 6953-1003100-015An access point profile requires unique clock synchronization settings as part of

780 Brocade Mobility Access Point System Reference Guide53-1003100-01134. Select the Refresh button to update the statistics counters to their latest

Brocade Mobility Access Point System Reference Guide 78153-1003100-0113The Neighbor Info tab describes the following:5. Select the Refresh button to u

782 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 52 Access Point - OSPF Area Details tabThe Area Details tab describes th

Brocade Mobility Access Point System Reference Guide 78353-1003100-01135. Select the Refresh button to update the statistics counters to their latest

784 Brocade Mobility Access Point System Reference Guide53-1003100-0113External routes are external to area, originate from other routing protocols (o

Brocade Mobility Access Point System Reference Guide 78553-1003100-0113FIGURE 55 Access Point - OSPF Router Routes tabAn internal (or router) route co

786 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 56 Access Point - OSPF Interface tabThe OSPF Interface tab describes the

Brocade Mobility Access Point System Reference Guide 78753-1003100-01132. Select System from the navigation pane (on the left-hand side of the screen)

788 Brocade Mobility Access Point System Reference Guide53-1003100-0113Access points use L2TP V3 to create tunnels for transporting layer 2 frames. L2

Brocade Mobility Access Point System Reference Guide 78953-1003100-0113VRRPAccess Point StatisticsThe VRRP statistics screen displays Virtual Router R

viii Brocade Mobility Access Point System Reference Guide53-1003100-01Wireless Client Statistics . . . . . . . . . . . . . . . . . . . . . . . . . .

70 Brocade Mobility Access Point System Reference Guide53-1003100-0154. Select + Add Row below the Network Time Protocol (NTP) table to define the con

790 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 59 Access Point - VRRP screen4. Refer to the Global Error Status field t

Brocade Mobility Access Point System Reference Guide 79153-1003100-0113Critical ResourcesAccess Point StatisticsThe Critical Resources statistics scre

792 Brocade Mobility Access Point System Reference Guide53-1003100-0113LDAP Agent StatusAccess Point StatisticsWhen LDAP has been specified as an exte

Brocade Mobility Access Point System Reference Guide 79353-1003100-0113The LDAP Agent Status screen displays the following:GRE TunnelsAccess Point Sta

794 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 62 Access Point - GRE Tunnels screenThe access point GRE Tunnels screen

Brocade Mobility Access Point System Reference Guide 79553-1003100-01132. Select System from the navigation pane (on the left-hand side of the screen)

796 Brocade Mobility Access Point System Reference Guide53-1003100-01136. Refer to the MacAuth table to assess the AAA policy applied to MAC authoriza

Brocade Mobility Access Point System Reference Guide 79753-1003100-0113To view an access point’s ARP statistics:1. Select the Statistics menu from the

798 Brocade Mobility Access Point System Reference Guide53-1003100-01134. Select Route Entries.FIGURE 65 Access Point - Network Route Entries screenTh

Brocade Mobility Access Point System Reference Guide 79953-1003100-0113• Permits access to other networks• Times out old loginsThe Bridging screen als

Brocade Mobility Access Point System Reference Guide 7153-1003100-0153. Select System Profile from the options on left-hand side of the UI.4. Select P

800 Brocade Mobility Access Point System Reference Guide53-1003100-0113Internet Group Management Protocol (IGMP) is a protocol used for managing membe

Brocade Mobility Access Point System Reference Guide 80153-1003100-0113DHCP Options NetworkSupported access points can use a DHCP server resource to p

802 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 68 Access Point - Network DHCP Options screenThe DHCP Options screen dis

Brocade Mobility Access Point System Reference Guide 80353-1003100-0113FIGURE 69 Access Point - Network CDP screenThe Cisco Discovery Protocol screen

804 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 70 Access Point - Network LLDP screenThe Link Layer Discovery Protocol s

Brocade Mobility Access Point System Reference Guide 80553-1003100-01134. Select General.FIGURE 71 Access Point - DHCP Server General screenThe Status

806 Brocade Mobility Access Point System Reference Guide53-1003100-01136. The DHCP Manual Bindings table displays the following:DHCP BindingsDHCP Serv

Brocade Mobility Access Point System Reference Guide 80753-1003100-0113The DHCP Bindings screen displays the following:DHCP NetworksDHCP ServerThe DHC

808 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 73 Access Point - DHCP Network screenFirewallAccess Point StatisticsA fi

Brocade Mobility Access Point System Reference Guide 80953-1003100-0113Packet FlowsFirewallThe Packet Flows screen displays data traffic packet flow u

72 Brocade Mobility Access Point System Reference Guide53-1003100-0158. Select Range when range is preferred over performance for broadcast/multicast

810 Brocade Mobility Access Point System Reference Guide53-1003100-0113A denial-of-service attack (DoS attack) or distributed denial-of-service attack

Brocade Mobility Access Point System Reference Guide 81153-1003100-0113IP Firewall Rules FirewallCreate firewall rules to let any computer to send tra

812 Brocade Mobility Access Point System Reference Guide53-1003100-0113MAC Firewall Rules FirewallThe ability to allow or deny access point connectivi

Brocade Mobility Access Point System Reference Guide 81353-1003100-0113NAT TranslationsFirewallNetwork Address Translation (NAT) is a technique to mod

814 Brocade Mobility Access Point System Reference Guide53-1003100-0113DHCP SnoopingFirewallWhen DHCP servers are allocating IP addresses to clients o

Brocade Mobility Access Point System Reference Guide 81553-1003100-0113VPNAccess Point StatisticsIPSec VPN provides a secure tunnel between two networ

816 Brocade Mobility Access Point System Reference Guide53-1003100-01132. Select System from the navigation pane (on the left-hand side of the screen)

Brocade Mobility Access Point System Reference Guide 81753-1003100-01132. Select System from the navigation pane (on the left-hand side of the screen)

818 Brocade Mobility Access Point System Reference Guide53-1003100-0113The Secure Socket Layer (SSL) protocol ensures secure transactions between Web

Brocade Mobility Access Point System Reference Guide 81953-1003100-0113FIGURE 82 Access Point - Certificate Trustpoint screen The Certificate Details

Brocade Mobility Access Point System Reference Guide 7353-1003100-015FIGURE 10 Profile Adoption screen5. Define the Preferred Group used as optimal gr

820 Brocade Mobility Access Point System Reference Guide53-1003100-01135. Refer to the Validity field to assess the certificate duration beginning and

Brocade Mobility Access Point System Reference Guide 82153-1003100-0113WIPSAccess Point StatisticsA Wireless Intrusion Prevention System (WIPS) monito

822 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 84 Access Point - WIPS Client Blacklist screenThe WIPS Client Blacklist

Brocade Mobility Access Point System Reference Guide 82353-1003100-0113FIGURE 85 Access Point - WIPS Events screenThe WIPS Events screen provides the

824 Brocade Mobility Access Point System Reference Guide53-1003100-0113FIGURE 86 Access Point - Sensor Servers screen The Sensor Servers screen displa

Brocade Mobility Access Point System Reference Guide 82553-1003100-0113FIGURE 87 Access Point - Captive Portal screen The Captive Portal screen displa

826 Brocade Mobility Access Point System Reference Guide53-1003100-0113NTP StatusNetwork TimeTo view the Network Time statistics of an access point:1.

Brocade Mobility Access Point System Reference Guide 82753-1003100-0113NTP AssociationNetwork TimeThe interaction between the access point and an NTP

828 Brocade Mobility Access Point System Reference Guide53-1003100-0113Load BalancingAccess Point StatisticsAn access point load can be viewed in a gr

Brocade Mobility Access Point System Reference Guide 82953-1003100-0113FIGURE 90 Access Point - Load Balancing screen The Load Balancing screen displa

74 Brocade Mobility Access Point System Reference Guide53-1003100-0157. En ter Controller Hostnames as needed to define resources for adoption. Click

830 Brocade Mobility Access Point System Reference Guide53-1003100-0113An AP8132 sensor module is a USB environmental sensor extension to an AP8132 mo

Brocade Mobility Access Point System Reference Guide 83153-1003100-0113Light intensity is measured by the sensor in lumens. The table displays the Cur

832 Brocade Mobility Access Point System Reference Guide53-1003100-0113Temperature is measured in centigrade. The table displays the Current Temperatu

Brocade Mobility Access Point System Reference Guide 83353-1003100-0113Motion is measured in intervals. The table displays the Current Motion (count p

834 Brocade Mobility Access Point System Reference Guide53-1003100-0113Humidity is measured in percentage. The table displays the Current Humidity (pe

Brocade Mobility Access Point System Reference Guide 83553-1003100-0113FIGURE 95 Wireless Client - Health screenThe Wireless Client field displays the

836 Brocade Mobility Access Point System Reference Guide53-1003100-0113The RF Quality Index field displays the following: The Association field disp

Brocade Mobility Access Point System Reference Guide 83753-1003100-0113DetailsWireless Client StatisticsThe Details screen provides granular performan

838 Brocade Mobility Access Point System Reference Guide53-1003100-0113The Wireless Client field displays the following:The User Details field display

Brocade Mobility Access Point System Reference Guide 83953-1003100-0113The Association field displays the following:The 802.11 Protocol field displays

Brocade Mobility Access Point System Reference Guide 7553-1003100-015FIGURE 11 Profile Wired 802.1X screen5. Set the following Wired 802.1x Settings:6

840 Brocade Mobility Access Point System Reference Guide53-1003100-0113TrafficWireless Client StatisticsThe traffic screen provides an overview of cli

Brocade Mobility Access Point System Reference Guide 84153-1003100-0113The RF Quality Index area displays the following information:WMM TSPECWireless

842 Brocade Mobility Access Point System Reference Guide53-1003100-0113The TSPEC screen provides information about TSPEC counts and TSPEC types utiliz

Brocade Mobility Access Point System Reference Guide 84353-1003100-0113Association HistoryWireless Client StatisticsRefer to the Association History s

844 Brocade Mobility Access Point System Reference Guide53-1003100-0113GraphWireless Client StatisticsUse the client Graph to assess a connected clien

76 Brocade Mobility Access Point System Reference Guide53-1003100-0151. Select the Configuration tab from the Web UI.2. Select Devices.3. Select Syste

Brocade Mobility Access Point System Reference Guide 7753-1003100-0156. To edit an access point profile’s port configuration, select it from amongst t

78 Brocade Mobility Access Point System Reference Guide53-1003100-0157. Set the following Ethernet port Properties:8. Define the following Cisco Disco

Brocade Mobility Access Point System Reference Guide 7953-1003100-0159. Define the following Switching Mode parameters to apply to the Ethernet port c

Brocade Mobility Access Point System Reference Guide ix53-1003100-01About This DocumentSupported hardware and softwareThis manual supports the followi

80 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 14 Ethernet Ports - Security tab13. Refer to the Access Control field. As

Brocade Mobility Access Point System Reference Guide 8153-1003100-015NOTESome vendor solutions with VRRP enabled send ARP packets with Ethernet SMAC a

82 Brocade Mobility Access Point System Reference Guide53-1003100-01517. Select the Enable option within the 802.1x supplicant (client) feature to ena

Brocade Mobility Access Point System Reference Guide 8353-1003100-015FIGURE 15 Ethernet Ports - Spanning Tree tabRefer to the PortFast field to define

84 Brocade Mobility Access Point System Reference Guide53-1003100-015Refer to the MSTP Configuration field to define the following:19. Refer to the Sp

Brocade Mobility Access Point System Reference Guide 8553-1003100-015A Virtual Interface is required for layer 3 (IP) access to provide layer 3 servic

86 Brocade Mobility Access Point System Reference Guide53-1003100-0156. Select Add to define a new Virtual Interface configuration, Edit to modify the

Brocade Mobility Access Point System Reference Guide 8753-1003100-0159. Set the following network information from within the IP Addresses field:10. D

88 Brocade Mobility Access Point System Reference Guide53-1003100-015FIGURE 18 Virtual Interfaces - Security tab14. Use the Inbound IP Firewall Rules

Brocade Mobility Access Point System Reference Guide 8953-1003100-015FIGURE 19 Profile Interfaces - Port Channels screen1. Select the Configuration ta