1. No category

HP 830 Series PoE+ Unified Wired

HP 830 Series PoE+ Unified Wired-WLAN
Switch, HP 850/870 Unified Wired-WLAN
Appliance, and HP 10500/7500 20G
Unified Wired-WLAN Module FAQ
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained
herein is subject to change without notice. The only warranties for HP products and services are
set forth in the express warranty statements accompanying such products and services.
Nothing herein should be construed as constituting an additional warranty. HP shall not be
liable for technical or editorial errors or omissions contained herein.
Part number:
5998-7023
Contents
Contents ....................................................................................................................................................... 2 Protocols and standards ................................................................................................................................ 6 Q. What is the most recent wireless networking standard? Which wireless networking
standard is most widely used? ...................................................................................................... 6 Q. Which techniques do 802.11n and 802.11ac use to increase channel bandwidth and
expand the signal coverage?........................................................................................................ 6 Q. Why do standards in the 802.11 family define multiple rates instead of only the highest rate?
................................................................................................................................................ 6 Q. Is wireless networking protocol 802.11 a Layer 2 networking protocol? .............................................. 7 Q. Which management frames are transmitted when a client accesses the wireless network? .................... 7 Q. What are the relationships among 802.11i, WPA, WPA2, PSK, 802.1X, TKIP, CCMP, and
AES? ......................................................................................................................................... 7 Devices ......................................................................................................................................................... 7 Q. At which layer can I deploy an AC in a fit AP+AC network? ............................................................ 7 Q. How are packets forwarded by default in a fit AP+AC network? ....................................................... 7 Q. What are the functions of fit APs? ................................................................................................. 7 Q. Does a fit AP support auto transmit power control (TPC)? ................................................................. 8 Q. How do I manually adjust the maximum transmit power of a fit AP? .................................................. 8 Q. Can a fit AP save configurations? ................................................................................................. 8 Q. How do I upgrade a large number of fit APs?................................................................................. 8 Q. Do fit APs need IP addresses?....................................................................................................... 8 Q. How does a fit AP select a channel when starting up? Can the fit AP change its channel
while operating? ......................................................................................................................... 8 Q. What is the maximum power supply distance if I use a PoE switch to provide power to a fit
AP? ........................................................................................................................................... 8 Q. Does a fit AP have a console port? Can I log in to configure the AP? ................................................ 8 Q. Under what circumstances can I return an AP for factory repair? ....................................................... 8 Q. Can a fit AP cooperate with a third-party AC? ................................................................................ 9 Q. What will happen if I reset a fit AP? .............................................................................................. 9 Q. Under what circumstances do I need heating films?......................................................................... 9 Q. How do LEDs on a fit AP indicate unassociated states? .................................................................... 9 Q. What are the functions of an AC? ................................................................................................. 9 Q. Which HP AC products are available? .......................................................................................... 9 Q. How is a fit AP connected to an AC physically? ............................................................................. 10 Q. How does an AC communicate with a fit AP?................................................................................ 10 Q. What is the maximum number of VLANs that an AC can support? ................................................... 10 Q. What are the functions of management Ethernet ports on an AC? .................................................... 10 Q. Can an AC provide power supply redundancy?............................................................................. 10 Q. Does an HP AC support third-party APs? ...................................................................................... 10 Q. What are the advantages of devices that contain both an access controller engine and a
switching engine? ...................................................................................................................... 10 Q. Which ports do a fit AP and an AC use for communication? ........................................................... 11 Q. Which parameters should be considered when I use an antenna? ................................................... 11 Q. What other interference might exist for an AP besides interference from other APs? ............................ 11 Q. How can I view the version of an AC? .......................................................................................... 11 Licenses ....................................................................................................................................................... 11 Q. How do I increase the number of APs that an AC can manage? ...................................................... 12 Q. How many APs can an AC manage? ........................................................................................... 12 Q. How do I display installed licenses? ............................................................................................. 12 Q. How do I display the number of supported APs of the AC? ............................................................. 12 AP association ............................................................................................................................................. 12 Q. How can I associate an AP with an AC? ....................................................................................... 12 Q. How can I upgrade the software version of an AP? ........................................................................ 13 Q. If an AP cannot successfully be associated with an AC, what are the potential causes?....................... 13 Q. Can I configure auto APs?........................................................................................................... 13 Q. Why can't I log in to an AP that has been associated with an AC? .................................................. 13 Q. How is an AP associated with an AC in different fit AP+AC networking environments? ....................... 13 Q. How can I view the version, MAC address, and IP address of an AP that is or was
associated with an AC on the AC? ............................................................................................... 14 Q. How can I view the association status of APs on an AC? ................................................................. 14 Q. How can I view MAC addresses and IP addresses of clients on an AC?............................................ 14 Authentication ............................................................................................................................................. 14 Q. Which authentication methods does an AC support?...................................................................... 14 Q. Can an AC cooperate with a third-party LDAP server for authentication? .......................................... 14 Q. In a wireless network, which device plays the role of the AAA authenticator? .................................... 14 Q. Which EAP types does an AC support? ........................................................................................ 14 Rogue APs and rogue clients ........................................................................................................................ 15 Q. How does an AC identify and locate rogue APs, rogue clients, and ad hoc networks? ....................... 15 Q. Can an AC automatically detect rogue devices? ............................................................................ 15 Q. Can an AC take countermeasures against a rogue AP that has been identified? ................................ 15 Q. Do all 802.11n APs support rogue AP detection? ............................................................................ 15 Q. Can an AP provide wireless access services and rogue AP detection at the same time? ...................... 15 WLAN roaming ........................................................................................................................................... 15 Q. What is WLAN roaming? How many types of WLAN roaming do we have? .................................... 15 Q. Does the IP address of a client remain unchanged during WLAN roaming? Does the client
need to be reauthenticated or log in again? .................................................................................. 16 Q. During WLAN roaming, will a client keep its subnet attributes such as the assigned VLAN,
ACL, and routing policies? .......................................................................................................... 16 Q. Do I need to configure the switch or the router to enable the WLAN roaming function? ...................... 16 Q. Do I need to install new client software for WLAN roaming? ........................................................... 16 Q. Is inter-AC communication required to support WLAN roaming? ...................................................... 16 Q. How can I adjust the sensitivity of a wireless network card? ............................................................ 16 AC backup .................................................................................................................................................. 16 Q. Do ACs support fast primary and backup AC switchover? ............................................................... 16 Q. Can services on the backup AC switch back to the primary AC when the primary AC goes
down and then recovers? ............................................................................................................ 16 Q. Does the AC support N+1 backup? What is the maximum number for N? ........................................ 17 Wireless-specific features ............................................................................................................................. 17 Q. What is AC uplink detection? ...................................................................................................... 17 Q. What is user isolation? ............................................................................................................... 17 Q. What are the functions of the whitelist and blacklist? ...................................................................... 17 Q. Which wireless load balancing modes are available? .................................................................... 17 Q. What is a VLAN pool? What are the functions of a VLAN pool? ..................................................... 18 Q. What is an AP group? What are the advantages of an AP group? .................................................. 18 Q. What are the functions of WIPS? ................................................................................................. 18 Q. What is spectrum analysis? ......................................................................................................... 18 Q. What is band navigation? .......................................................................................................... 18 Configurations and management.................................................................................................................. 18 Q. How can I configure Option 43 on a DHCP server and Option 52 on a DHCPv6 server? ................... 18 Q. Why must I select two channels that do not overlap when configuring two neighboring APs?
............................................................................................................................................... 19 Q. How can an AP provide different wireless services?........................................................................ 19 Q. How can I separate services of different APs with the same SSID? .................................................... 19 Q. Does the encryption method differ for multicast, broadcast, and unicast packets? How are
these packets encrypted? ........................................................................................................... 20 Q. Can a radio switch between 802.11an and 802.11gn?................................................................... 20 Q. Can a client select the access VLAN? .......................................................................................... 20 Q. Can I configure a mandatory rate for an AC to increase the wireless network performance?
.............................................................................................................................................. 20 Q. Can I log off a client?................................................................................................................ 20 Q. Can I configure the maximum idle time that is allowed for a connection between a client
and the AP? ............................................................................................................................. 20 HP 830 Series PoE+ Unified Wired-WLAN Switch,
HP 850/870 Unified Wired-WLAN Appliance, and
HP 10500/7500 20G Unified Wired-WLAN
Module FAQ
Protocols and standards
This section contains the most frequently asked questions about wireless networking standards and protocols.
Q. What is the most recent wireless networking standard? Which wireless networking standard is most widely
used?
A. The 802.11 family includes 802.11, 802.11a, 802.11b, 802.11g, 802.11n, and 802.11ac. The most
recent wireless networking standard is 802.11ac, and the one used most widely is 802.11n.
Q. Which techniques do 802.11n and 802.11ac use to increase channel bandwidth and expand the signal
coverage?
A. 802.11n uses the following techniques:
•
Uses Multiple-Input Multiple-Output (MIMO) that adopts multiple antennas to increase data rates.
•
Binds two 20 MHz channels together to form a 40 MHz channel to increase channel bandwidth.
•
Improves channel utilization by using the following functions:
{
A-MPDU—Reduces transmission overhead and the number of ACK frames.
{
A-MSDU—Reduces MAC header overhead and improves MAC layer forwarding efficiency.
{
Short GI—Shortens the GI interval, increasing the transmission rate.
802.11ac works on 5 GHz channels. It achieves speed increase by denser modulation, more channel bonding,
and more MIMO. In theory, if the bandwidth is 160 MB and there are 8 spatial streams, the data rate for
802.11ac can reach 6933.3 Mbps. If there is only one spatial stream with 20 MB bandwidth, the rate can
reach 86.7 Mbps. HP devices support a maximum of three spatial streams with 80 MB bandwidth, with which
the rate can reach 1.3 Gbps.
Q. Why do standards in the 802.11 family define multiple rates instead of only the highest rate?
A. Range and channel bandwidth are two considerations when a wireless standard is formulated. Wireless
signals will attenuate during transmission. As a result, signals that clients within the range of an AP can
receive are of different strength. With the same spatial stream, channel bandwidth, and transmit power, the
higher the rate is, the smaller the signal coverage will be.
An AP selects a transmission rate every time it sends a packet. By default, control frames and management
frames are sent at the lowest rate to make sure all clients within the signal coverage can receive them.
Q. Is wireless networking protocol 802.11 a Layer 2 networking protocol?
A. Yes. 802.11 defines only contents of the PHY layer and the MAC layer of the data link layer in the OSI model.
Other layers of a wireless network are the same as those of a wired network.
Q. Which management frames are transmitted when a client accesses the wireless network?
A. Client access includes scanning, authentication, and association. The management frame exchange process
includes the following tasks:
•
Scanning—The AP broadcasts beacon frames. After receiving a beacon frame, the client sends a probe
request to the AP.
•
Authentication—The AP and the client exchange authentication packets.
•
Association—The AP and the client exchange association packets.
Q. What are the relationships among 802.11i, WPA, WPA2, PSK, 802.1X, TKIP, CCMP, and AES?
A. The 802.11i standard specifies security mechanisms for wireless networks. WPA and WPA2 are two
standards developed by the WiFi Alliance based on the draft of 802.11i before 802.11i was released. PSK
and 802.1X are two authentication methods for wireless networks. PSK is simple and is intended for personal
use. 802.1X is complex, more secure, and is intended for company use. TKIP and CCMP are two encryption
algorithms. AES is the core algorithm of CCMP and also the securest encryption algorithm for the moment.
Devices
This section contains the most frequently asked questions about wireless devices.
Q. At which layer can I deploy an AC in a fit AP+AC network?
A. An AC can be deployed at the core layer or the aggregation layer. You can connect a fit AP to an AC directly
or through an existing wired network. User preference, AP density, and the role of the WLAN in the whole
network can affect the location of the AC in the network topology.
Q. How are packets forwarded by default in a fit AP+AC network?
A. By default, a fit AP adopts the centralized forwarding mode. The AP transfers all packets from clients to the
AC, and the AC forwards the packets. You can configure the local forwarding mode or the policy-based
forwarding mode on the AC to enable the AP to forward all packets.
Q. What are the functions of fit APs?
A. A fit AP provides the following functions:
•
Provides communications from wireless clients to radios.
•
Transfers packet formats between 802.3 and 802.11.
•
Encrypts data frames and control frames through WEP, TKIP, or CCMP.
•
Buffers data and forwards packets based on forwarding priorities.
•
Scans signal strength of different channels, locates wireless clients, identifies rogue APs, and ad hoc
clients.
•
Automatically accepts configurations sent by an AC.
Q. Does a fit AP support auto transmit power control (TPC)?
A. Yes. By default, auto TPC is disabled, and an AP starts up with its largest possible amount of transmit power.
Q. How do I manually adjust the maximum transmit power of a fit AP?
A. Execute the max-power radio-power command in radio view. The radio-power argument specifies the
maximum transmit power. Its value depends on the country/region code and the radio mode.
Q. Can a fit AP save configurations?
A. Yes. An AP typically starts up with zero configuration and is not required to save configurations. When the
network requires it, an AP saves configurations sent by the AC so that it can start up with pre-configured
configurations. The saved configurations are not visible to users.
Q. How do I upgrade a large number of fit APs?
A. Enable the version upgrade function on the AC. The AC checks the AP version after establishing a tunnel. If
their versions are different, the APs download a new version from the AC and then restart.
Q. Do fit APs need IP addresses?
A. Yes. Fit APs use IP addresses to communicate with the AC. They automatically get their IP addresses from the
DHCP server.
Q. How does a fit AP select a channel when starting up? Can the fit AP change its channel while operating?
A. By default, a fit AP adopts the auto channel selection mode when starting up. The channel selected does not
change when the AP is operating.
To enable the AP to automatically change its channel while it is operating, execute the dot11a
calibrate-channel self-decisive command or the dot11bg calibrate-channel self-decisive command on the AC.
Q. What is the maximum power supply distance if I use a PoE switch to provide power to a fit AP?
A. The maximum power supply distance is 100 m (328.08 ft). H3C recommends 90 m (295.28 ft). The PoE
cable must be Cat-5e or above.
Q. Does a fit AP have a console port? Can I log in to configure the AP?
A. Fit APs have console ports. By default, fit APs have no configuration and are not required to be configured.
For management purposes, you can log in and configure the AP before it is associated with an AC. After
being associated with an AC, the AP automatically disables the login function.
Q. Under what circumstances can I return an AP for factory repair?
A. You can return an AP for factory repair if any of the following events occur:
•
The AP cannot start up and you cannot log in from the console port.
•
An error message occurs when the AP starts up, and you cannot press Ctrl+B to enter the Boot menu to
upgrade.
•
The Ethernet port on the AP cannot communicate with the switch even if you replace the cable or connect
the AP Ethernet port to another port on the switch.
•
After the AP starts up, execute the display current-configuration command on the AC. The output shows
that the radio interface is missing.
Q. Can a fit AP cooperate with a third-party AC?
A. No.
Q. What will happen if I reset a fit AP?
A. If you reset a fit AP, the AP will restart and regain configurations from the AC. To reset an AP, execute the
reset wlan ap apname command in user view on the AC.
Q. Under what circumstances do I need heating films?
A. Some outdoor APs are equipped with heating films. You can enable the auto heating function at the CLI so
that the device can operate correctly in an extremely cold environment. See the manual for the device to
determine whether the device is equipped with a heating film.
Q. How do LEDs on a fit AP indicate unassociated states?
A. If an AP has not been associated with an AC, the LEDs on the AP show the following unassociated states:
•
Idle—The power LED flashes at a frequency of 1 Hz, and the Ethernet LED and the radio LED are off.
•
Discovery—The power LED, the Ethernet LED, and the radio LED flash at a frequency of 2 Hz in turn.
•
Join—The power LED is on, and the Ethernet LED and the radio LED flash at a frequency of 1 Hz
alternatively.
Q. What are the functions of an AC?
A. An AC is a wireless switch that can provide management and forwarding functions. It can manage APs (such
as association), perform channel selection, and transmit power control. An AC can also provide additional
functions, including AAA for wireless access, wireless security, and performance management. For more
information, see the specifications for the device.
Q. Which HP AC products are available?
A. HP AC products include the following:
•
HP 830 8/24-Port PoE+ Unified Wired-WLAN Switch
•
HP 10500/7500 20G Unified Wired-WLAN Module
•
HP 850/870 Unified Wired-WLAN Appliance
Q. How is a fit AP connected to an AC physically?
A. You can connect an AP to an AC directly or through a Layer 2 network or a Layer 3 network, as long as they
can reach each other. The method by which an AC and an AP are connected to each other is independent of
network topology.
Q. How does an AC communicate with a fit AP?
A. An AC and an AP establish a data tunnel to forward data packets, and they establish a control tunnel to
forward control packets for AP configuration and management.
After an AP is associated with an AC and a tunnel is established between them:
•
The AC assigns configurations such as the AP channel, the transmission power, and so on to the AP.
•
The AP reports collected statistics to the AC.
Q. What is the maximum number of VLANs that an AC can support?
A. An AC supports a maximum of 4094 VLANs.
Q. What are the functions of management Ethernet ports on an AC?
A. ACs (other than those in the HP 830 series) provide a management Ethernet port (100/1000Base-T
autosensing port using an RJ-45 connector). You can use the management port for software upgrade and file
upload and download.
Q. Can an AC provide power supply redundancy?
A. Whether an AC can provide power supply redundancy depends on the AC model:
•
HP 850/870 Unified Wired-WLAN Appliance—Supports dual power supplies for power supply
redundancy.
•
HP 10500/7500 20G Unified Wired-WLAN Module—Obtains power from the switch where it is installed.
Whether power supply redundancy is supported depends on the switch.
•
HP 830 8/24-Port PoE+ Unified Wired-WLAN Switch—Has only one power supply and does not support
power supply redundancy.
Q. Does an HP AC support third-party APs?
A. No.
Q. What are the advantages of devices that contain both an access controller engine and a switching engine?
A. A device that contains both an access controller engine and a switching engine has features of both an AC
and a switch. When you log in to the device, you log in to the access controller engine by default. To access
the switch engine, execute the oap connect slot slot-number command in user view when you log in to the
device. To return to the access controller engine, press Ctrl+K.
Devices with the two engines include the HP 830 8/24-Port PoE+ Unified Wired-WLAN Switch and the HP
870 Unified Wired-WLAN Appliance.
Q. Which ports do a fit AP and an AC use for communication?
A. The following table lists the ports that fit APs and ACs often use for communication:
Protocols
Port number
Description
Fit AP
Used by the LWAPP control tunnel.
12223
By default, the port is activated. You cannot configure the port
or shut down it.
Used by the LWAPP data tunnel.
UDP
12222
By default, the port is shut down. It will be activated after the AP
is associated with an AC. If the AP is disassociated with the AC,
the port is shut down.
Used by the location service server.
1144
By default, the port is shut down. To activate the port, enable the
AerosScout server first. The port number is configurable.
AC
12223
Used by the LWAPP control tunnel.
By default, the port is activated. You cannot shut down it.
Used by the LWAPP data tunnel.
UDP
12222
By default, the port is shut down. It will be activated after the AP
is associated with an AC. If the AP is disassociated with the AC,
the port is shut down.
Used by the IACTP data tunnel.
18001
The port will be activated after an AC-AP connection is
established.
Used by the IACTP control tunnel.
TCP
18001
By default, the port is shut down. To activate the port, first
enable the tunnel. You can configure the port.
Q. Which parameters should be considered when I use an antenna?
A. You should consider the working frequency, gains, direction of polarization, and beam width of the antenna.
Q. What other interference might exist for an AP besides interference from other APs?
A. Other interferences include interference from Bluetooth devices, microwave ovens, cordless phones, and
wireless cameras working in the same frequency, and wireless signals from other frequencies.
Q. How can I view the version of an AC?
A. Execute the display version command on the AC. For detailed version information, execute the _display
version command on the AC.
Licenses
This section contains the most frequently asked questions about licenses.
Q. How do I increase the number of APs that an AC can manage?
A. You can buy a license to increase the number of APs that an AC can manage. For more information, see HP
830 Series PoE+ Unified Wired-WLAN Switch, HP 870 Unified Wired-WLAN Appliance, and HP
10500_7500 20G Unified Wired-WLAN Module License Registration and Activation Guide.
Q. How many APs can an AC manage?
A. The number of APs that an AC can manage depends on the performance of the AC.
The following table lists the number of supported APs according to model and license type:
Description
830 8-Port
PoE+ Unified
Wired-WLAN
Switch
830 24-Port
PoE+ Unified
Wired-WLAN
Switch
10500_7500
20G Unified
Wired-WLAN
Module
850 Unified
Wired-WLAN
Appliance
870 Unified
Wired-WLAN
Appliance
Number of supported
APs by default (with
no license)
12
24
128
64
256
Number of supported
APs of the AP license
12
12
32/128
32/128
32/128
Number of supported
APs with full licenses
24
60
1024
512
1536
The data in the table is accurate as of the publication of this document, but it may change in the future without
notice.
Q. How do I display installed licenses?
A. Execute the display license command.
Q. How do I display the number of supported APs of the AC?
A. Execute the display wlan ap all command to display the maximum number of supported online APs.
AP association
This section contains the most frequently asked questions about AP association.
Q. How can I associate an AP with an AC?
A. To associate an AP with an AC, use one of the following methods:
•
AP serial number—Configure a template and specify the model and serial number for each AP. If several
APs exist, this method can be time-consuming and not cost effective.
•
Auto template for APs with a specific model—Configure APs with a specific model to automatically
associate with the AC and become auto APs.
•
Auto AP—Configure APs of all models to automatically associate with the AC and become auto APs. This
method is the simplest, and it enables the plug-and-play of APs.
To prevent unauthorized APs from associating with the AC, configure AP authentication on the AC when you
use the last two configuration methods. ACs support local authentication and remote authentication for APs.
Both authentication methods support MAC-based authentication and serial number-based authentication.
Q. How can I upgrade the software version of an AP?
A. If you enable the AP version upgrade function by using the wlan ap firmware-update enable command, the
AC checks the AP's version before establishing a tunnel. If their versions are different, the AP downloads a
new version from the AC and reboots. After the reboot, the version upgrade is completed.
If you disable the AP version upgrade function by using the wlan ap firmware-update disable command, the
AP and the AC establish a tunnel with each other without checking their versions.
Q. If an AP cannot successfully be associated with an AC, what are the potential causes?
A. Reasons for an AP to AC association failure can include the following:
•
Network problem—Problems including IP address assignment problems of the DHCP server, transmission
problems, network cable problems, and routing problems
•
AP problem—Problems including an incorrect software version, or an AP failure such as an Ethernet
module failure or power supply failure.
Q. Can I configure auto APs?
A. No. You must transfer the auto AP to a fixed AP by using the wlan auto-ap persistent all command.
Q. Why can't I log in to an AP that has been associated with an AC?
A. It is for security purposes. If you can log in to an AP, the AP has not been associated with an AC.
Q. How is an AP associated with an AC in different fit AP+AC networking environments?
A. An AP can be associated with an AC in direct mode, Layer 2 mode, or Layer 3 mode:
•
Direct mode and Layer 2 mode—The IP addresses of the AC and AP are in the same subnet. The AP can
send Layer 2 broadcasts to discover the AC.
•
Layer 3 mode—The IP addresses of the AC and AP are in different subnets.
Because Layer 2 broadcasts are unable to pass the Layer 3 network, you can do either of the following to
enable the AP to get the IP address of the AC:
{
{
Configure Option 43 on the DHCP server to add the AC address to the DHCP offer packet. Then, the
AP can obtain its own IP address and the AC IP address from the DHCP server.
Configure DNS. This configuration is more complicated than Option 43 configuration. Option 43 is
typically used.
Q. How can I view the version, MAC address, and IP address of an AP that is or was associated with an AC on
the AC?
A. Execute the display wlan ap name ap-name verbose command on the AC to view detailed information about
the specified AP.
Q. How can I view the association status of APs on an AC?
A. Execute the display wlan ap all command on the AC. APs with status R have been associated with the AC.
Q. How can I view MAC addresses and IP addresses of clients on an AC?
A. To display the MAC address of one or more clients, execute the display wlan client command. To display the
IP address of a client with a certain MAC address, execute the arp-snooping enable command to enable the
ARP snooping function globally.
Authentication
This section contains the most frequently asked questions about authentication.
Q. Which authentication methods does an AC support?
A. An AC supports the following authentication methods:
•
802.1X authentication.
•
PSK authentication.
•
MAC address authentication.
•
Portal authentication.
•
PPPoE authentication.
Q. Can an AC cooperate with a third-party LDAP server for authentication?
A. Yes. The AC can cooperate with common LDAP servers, including the Active Directory Server of Microsoft,
the Tivoli Directory Server of IBM, and the Sun ONE Directory Server of Sun.
Q. In a wireless network, which device plays the role of the AAA authenticator?
A. In a wireless network, the AC is the AAA authenticator. You only need to configure the AC, instead of each
AP, as the AAA client. This feature reduces network configurations and operating costs.
Q. Which EAP types does an AC support?
A. The EAP types that an AC supports are as follows:
•
EAP-TLS.
•
EAP-TTLS.
•
PEAP.
•
PEAP-TLS.
•
EAP-MD5. Use this type together with the iNode client.
Rogue APs and rogue clients
This section contains the most frequently asked questions about rogue APs and rogue clients.
Q. How does an AC identify and locate rogue APs, rogue clients, and ad hoc networks?
A. If you configure an AP as a sensor in WIPS, the AP detects rogue APs, rogue clients, and ad hoc networks
based on rules configured on the AC. If any rogue AP or client or ad hoc network is detected, the AP sends
syslog messages to the AC. To locate the detected device, you need to use the IMC network management
software.
Q. Can an AC automatically detect rogue devices?
A. No. You must first enable rouge detection.
Q. Can an AC take countermeasures against a rogue AP that has been identified?
A. Yes. The AC can use countermeasures to disable the AP from providing wireless services.
Q. Do all 802.11n APs support rogue AP detection?
A. Yes. All HP 802.11n APs support rogue AP detection.
Q. Can an AP provide wireless access services and rogue AP detection at the same time?
A. Yes. If you configure the AP to operate in hybrid mode, it can provide wireless access services and rogue
detection at the same time. The AP uses one of the following policies: access first, scanning first, or balanced.
WLAN roaming
This section contains the most frequently asked questions about WLAN roaming.
Q. What is WLAN roaming? How many types of WLAN roaming do we have?
A. WLAN roaming enables wireless clients to roam between APs that use the same SSID, keeping their original
IP addresses and privileges unchanged.
WLAN roaming includes the following types:
•
Layer 2 roaming—Roaming among APs in the same subnet.
•
Layer 3 roaming—Roaming among APs in different subnets.
•
Roaming domain—Roaming among APs managed by different ACs.
Q. Does the IP address of a client remain unchanged during WLAN roaming? Does the client need to be
reauthenticated or log in again?
A. Yes, the IP address of a client remains unchanged during WLAN roaming. The client does not need to be
reauthenticated or log in again.
Q. During WLAN roaming, will a client keep its subnet attributes such as the assigned VLAN, ACL, and routing
policies?
A. Yes. All subnet attributes remain the same during WLAN roaming, including the assigned VLAN, ACL,
priority, and other policies.
Q. Do I need to configure the switch or the router to enable the WLAN roaming function?
A. No.
Q. Do I need to install new client software for WLAN roaming?
A. No.
Q. Is inter-AC communication required to support WLAN roaming?
A. Yes. ACs establish Inter Access Controller Tunneling Protocol (IACTP) tunnels with each other for
communication during inter-AC roaming.
Q. How can I adjust the sensitivity of a wireless network card?
A. Adjust the roaming initiative of the wireless network card. If you set the roaming initiative to the lowest level,
the sensitivity is lowest. If you set the roaming initiative to the highest level, the sensitivity is highest.
AC backup
This section contains the most frequently asked questions about AC backup.
Q. Do ACs support fast primary and backup AC switchover?
A. The HP 850/870 Unified Wired-WLAN Appliance and the HP 10500_7500 20G Unified Wired-WLAN
Module support fast primary and backup AC switchover. It takes less than 100 milliseconds to detect the
failure of the opposite end. In a testing environment with only one AP, the handover time is less than 1
second.
The HP 830 Series PoE+ Unified Wired-WLAN Switch does not support fast primary and backup AC
switchover.
Q. Can services on the backup AC switch back to the primary AC when the primary AC goes down and then
recovers?
A. Yes. To implement this, you must set the AP connection priorities as follows:
•
Set the priority on the primary AC to the highest level (priority 7).
•
Set the priority on the backup AC to a level lower than 7.
Q. Does the AC support N+1 backup? What is the maximum number for N?
A. Yes. The AC supports N+1 backup. The letter N represents the primary AC. You can configure a maximum of
four primary ACs. The number 1 represents the backup AC. When you configure N+1 backup, set the AP
connection priority on the primary AC to the highest level (priority 7) and the AP connection priority on the
backup AC to a level lower than 7. Then, wireless services will switch back from the backup AC to the
primary AC when the primary AC recovers.
Wireless-specific features
This section contains the most frequently asked questions about wireless-specific features.
Q. What is AC uplink detection?
A. When you enable the AC uplink detection function, the AC uses the ICMP echo operation in NQA to test
uplink availability. When the uplink fails, the AC informs the APs to disable the radios to prevent clients from
accessing the network. When the uplink recovers, the AC informs the APs to enable the radios again.
Q. What is user isolation?
A. When user isolation is enabled, clients in the same VLAN or clients that belong to the same SSID cannot visit
each other. You can add the MAC address of the gateway to the list of permitted MAC addresses so that all
clients can access the external networks through the gateway.
Q. What are the functions of the whitelist and blacklist?
A. You can configure the blacklist and whitelist to filter WLAN clients to control client access.
WLAN client access control is accomplished through the following types of lists:
•
Whitelist—Contains the MAC addresses of all clients allowed to access the WLAN. If the whitelist is used,
only permitted clients can access the WLAN, and the access requests from other clients are denied.
•
Static blacklist—Contains the MAC addresses of clients forbidden to access the WLAN.
•
Dynamic blacklist—Contains the MAC addresses of clients forbidden to access the WLAN. A client is
dynamically added to the list if it is considered to be sending attacking frames. The client remains on the
list until the timer of the entry expires. A dynamic blacklist can collaborate with ARP detection. When ARP
detection detects any attacks, the MAC addresses of attackers are added to the dynamic blacklist.
Q. Which wireless load balancing modes are available?
A. Wireless load balancing includes the following modes:
•
Session mode—Triggered by both the maximum session threshold and session gap.
•
Traffic mode—Triggered by both the maximum traffic threshold and traffic gap.
Q. What is a VLAN pool? What are the functions of a VLAN pool?
A. A VLAN pool contains a group of VLANs. If you bind a VLAN pool to a service template on a radio of an AP,
the radio assigns clients to different VLANs in the pool. This feature places wireless clients in different
broadcast domains and assigns IP addresses of discontinuous address fields to clients.
Q. What is an AP group? What are the advantages of an AP group?
A. You can add multiple APs to a specific AP group. APs in the same group share the same configurations, such
as RRM and load balancing. You can apply a user profile to an AP group so that all APs in the group use
configurations of the profile.
Q. What are the functions of WIPS?
A. Wireless intrusion prevention system (WIPS) is a Layer 2 protocol protection feature against 802.11 attacks.
WIPS monitors and analyzes wireless channels through sensors (APs with WIPS enabled) and ACs to detect
devices that threat network security, interfere with network services, and affect network performance. WIPS
automatically takes countermeasures against such intrusions.
Q. What is spectrum analysis?
A. Spectrum analysis enables APs to analyze non-WLAN signals. APs with spectrum analysis enabled can
identify and analyze interferences, and locate the interference source. You do not need extra spectrum
analysis devices to analyze the network spectrum environment in real time.
Q. What is band navigation?
A. Band navigation enables APs to prefer accepting dual-band (2.4 GHz and 5 GHz) clients on their 5 GHz
radio because the 2.4 GHz band is often congested. Band navigation increases overall network
performance.
Configurations and management
This section contains the most frequently asked questions about configurations and management.
Q. How can I configure Option 43 on a DHCP server and Option 52 on a DHCPv6 server?
A. An AP uses the address in the option field to discover the AC to be associated.
To configure Option 43 on the DHCP server and Option 52 on the DHCPv6 server:
•
If there is only one IP address of an AC to send to APs, use the following command:
{
{
•
IPv4—Option 43 hex 80 07 00 00 01 XX XX XX XX
IPv6—Option 52 hex XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX (IPv6 address in
hexadecimal)
If there are two IP addresses of ACs to send to APs, one AC is the backup AC. Use the following command:
{
{
IPv4—Option 43 hex 80 0B 00 00 02 XX XX XX XX XX XX XX XX
IPv6—Option 52 hex XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX (IPv6 addresses of two ACs
in hexadecimal)
Bold text 80 00 00 represents the fixed field. The second octet represents the number of subsequent octets. For
example, 07 means that there are 7 more octets that follow in the command, and 0B means that there are 11
more octets that follow in the command. The fifth octet represents the number of sent IP addresses of ACs. For
example, 01 indicates that only one AC IP address is sent, and 02 indicates that two IP addresses of ACs are
sent. The Option 43 and Option 52 can send a maximum of 14 AC IP addresses. XX represents the IP address
in hexadecimal.
Q. Why must I select two channels that do not overlap when configuring two neighboring APs?
A. The coverage of two neighboring APs might overlap. If they use the same channel or neighboring channels,
signals of the two APs will interfere with each other, which reduces wireless network performance. To avoid
this problem, you must select two channels that do not overlap when configuring two neighboring APs.
Overlapping channels typically exist in the 2.4 GHz band. 802.11b/g uses 24.7 MHz bandwidth, so a
channel at a distance of 25 MHz (5 channels) from it is not an interference channel. Channels 1, 6, and 11,
or channels 1, 7, and 13 are called non-overlapping channels.
Q. How can an AP provide different wireless services?
A. You can create several service templates with different SSIDs and apply these templates to the radio
interfaces on an AP.
Q. How can I separate services of different APs with the same SSID?
A. To separate services of different APs with the same SSID:
1.
Configure a service template with only one SSID, and bind all APs to the service template.
2.
Assign clients to different VLANs. For example, execute the service-template 1 vlan-id 20 command in AP
radio view to assign clients accessing the AP to VLAN 20.
Q. Does the encryption method differ for multicast, broadcast, and unicast packets? How are these packets
encrypted?
A. Yes. Each client is provided with a unicast key. All clients that associate with the same radio and are in the
same VLAN are provided with a shared broadcast/multicast key for encryption.
Q. Can a radio switch between 802.11an and 802.11gn?
A. No, but devices supporting both 802.11an and 802.11gn radios can operate at 802.11an and 802.11gn
at the same time.
Q. Can a client select the access VLAN?
A. No, but a client can select an SSID to select the VLAN attributes indirectly.
Q. Can I configure a mandatory rate for an AC to increase the wireless network performance?
A. Yes. Automatic transmission rate selection by APs is usually the best choice. If the network is not in good
condition, you can configure the AC to use the mandatory rate (the maximum rate) to transmit data. This
method might increase the bandwidth and network performance.
Q. Can I log off a client?
A. Yes. You can execute the reset wlan client command to log off all or specified clients.
Q. Can I configure the maximum idle time that is allowed for a connection between a client and the AP?
A. Yes. Execute the client idle-timeout command.

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz