Scribd
Upload
962 views37 pages

Altai Access Controller Training - 20141210 PDF

The document provides training on how to configure Altai's wireless access controller (AC) system. It begins with an introduction to the AC product lines and specifications. It then discusses the CAPWAP protocol used for AP management and user traffic tunneling. The remainder of the document outlines the steps to configure the AC, including adding APs, creating WLAN and AP groups, mapping groups, and monitoring AP status. The goal is to deliver a concise yet informative summary of the key aspects and configuration process covered in the training document.

Uploaded by

abdirahman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
962 views37 pages

Altai Access Controller Training - 20141210 PDF

The document provides training on how to configure Altai's wireless access controller (AC) system. It begins with an introduction to the AC product lines and specifications. It then discusses the CAPWAP protocol used for AP management and user traffic tunneling. The remainder of the document outlines the steps to configure the AC, including adding APs, creating WLAN and AP groups, mapping groups, and monitoring AP status. The goal is to deliver a concise yet informative summary of the key aspects and configuration process covered in the training document.

Uploaded by

abdirahman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Altai Access Controller Training

-Introduction and Configuration

Date: By Technical Support


Dec, 2014

Confidential Information
Not for Distribution

[Link]

Outline
Product introduction
Application introduction

Configuration

[Link]

Product introduction
Altai Wireless Access Controller (hereinafter called AC) delivers
powerful WLAN access control and user authentication gateway
capability by virtue of Plug & Play, compact design, high
reliability, multiple services, as well as accurate and flexible billing,
integrate multiple functions into one box, e.g. user control and
management, RF management and security, can be widely used
in the enterprise WLAN access, hotel, operator public hotspot
scenarios.

[Link]

Product Overview
Integrated chassis

Access controller 200

Access controller 500

Chassis with service cards

Access controller 2000

Access controller 4000

[Link]

Access controller 12000

AC Specifications
AC 200

AC 500

AC 2000

AC 4000

AC 12000

Service slot

12

Switching slot

10GE SFP+ port

12

36

GE port

24

GE SFP port

48

96

288

Power redundancy

No

Yes

Yes

Yes

Yes

AP license

256

512

2,048

4,096

12,288

Appearance

[Link]

Service Cards and Line Cards for AC 2000/4000/12000

2 x Service card

12 x Service card

Access controller 2000

4 x Service card
2 x Switching card
(included)
2 x Switching card
(included)

Access controller 4000

Access controller 12000

[Link]

Service Cards and Line Cards for AC 2000/4000/12000

2x10GE Line Card,


Front-mounted

2x10GE + 8xGE Line Card,


Front-mounted

8xGE Line Card,


Front-mounted

Service Card
for AC 2000, 4000 and 12000
(back view)

Service Card
(front view)

16xGE + 1x10GE Line Card,


Back-mounted

16xGE Line Card,


Back-mounted
[Link]

Product introduction
Altai AC system supports the IETF CAPWAP protocol for AP
connection, can be flexible deployed in existing Layer-2 or Layer3 network without reconfiguration, effectively reducing network
construction cost. Altai AC products is based on a unified
hardware and software platform, highly normalized design, and
effectively reduce for spare parts
Altai low-end AC has five models as follow deliver different
physical port density and AP access capability respectively
provide on-demand flexible selection for the network.
AP Controller

(CAPWAP based AP management(RF, firmware),


CAPWAP based tunnel for user traffic)

User Gateway

(DHCP server, NAT, Radius-client, Portal redirect)


[Link]

Access Controller

Key features
Flexible forwarding mode
Altai AC provide local forwarding and centralized forwarding
modeuser can flexible setting according to business need and
actual network situation

Abundant Authentication Methods


EAP-TLS/TTLS/SIM/AKA
PEAP
Captive Portal

[Link]

Key features
Easy maintenance
Support WEB/CLI management, unified configuration profile, fast
provision
Deployment across L3 network, flexible networking

[Link]

Outline
Product introduction
Application introduction

Configuration

[Link]

Mechanism overview
The AC can process both control flows and data flows.
Management flow is transmitted over Control And Provisioning of
Wireless Access Points (CAPWAP) protocol. User data flows can
be transmitted over CAPWAP tunnels or not, as required.

The CAPWAP protocol defines how APs communicate with ACs


and provides a general encapsulation and transmission
mechanism for communication between APs and ACs. CAPWAP
defines data tunnel and control traffic.

Reference for CAPWAP: [Link]


[Link]

[Link]

AP-AC call flow

This pair of
message may be
transmitted
multiple times

The three
pairs of
messages are
sent
periodically
after reboot.

[Link]

CAPWAP management traffic

UDP port = 5246


[Link]

CAPWAP tunnel User traffic

UDP port = 5248


[Link]

Application scenario
Distributed forwarding (Local breakout) mode
Centralized forwarding mode

[Link]

Distributed forwarding (Local breakout)


In local forwarding mode, wireless user service data is translated
from 802.3 packets into 802.11 packets, which are then
forwarded by the uplink network device .
The user data traffic is processed as the same as fat-AP in local
forwarding

[Link]

Distributed forwarding (Local breakout)


AC only manages AP
Wireless user data does not be
processed by AC but forwarded to
BRAS by the Layer 2 network
BRAS perform SSID/VLAN based
authentication
Layer 2 connection between AP
and BRAS
AP connects to AC over layer 2/3
network
Local forwarding/Local Breakout
mode is commonly used for
facilitating the usage of the
existing BRAS.

Internet

BRAS
Main AC

Trunk

VRRP

Aggregation
switch

Standby AC
L2 network

Hotspot 1

STA

AP 1

BRAS(Broadband Remote Access Server): one kind of user gateway


[Link]

Hotspot n

switch

AP n

AP 1

AP n

User data traffic


AP Management traffic

Centralized forwarding
In centralized forwarding mode, wireless user service data is
transmitted between APs and ACs over CAPWAP tunnels.
Centralized forwarding is usually used to control wireless user
traffic in a centralized manner(AC). This forwarding mode
facilitates device deployment and controls all wireless user data
flows by aggregating traffic of all wireless users connected to APs
to an AC through CAPWAP data tunnels.

[Link]

Centralized forwarding
AC manages AP and user
Control wireless user traffic in a
centralized manner.
User data is transmitted between
AP and AC over CAPWAP tunnel
and forwarded to Internet after
decapsulated by AC.
AP connects to AC over layer 2/3
network
Concentrated forwarding mode is
commonly used for overlay
network deployment and used in
scenario that needs AC also to be
a user gateway.

RADIUS
server
Internet

Portal
server
Main AC

Aggregation
switch

VRRP
Standby AC

CAPWAP Tunnel
L2/L3 network

Hotspot n

Hotspot 1

STA
User data traffic
AP Management traffic
[Link]

AP 1

AP n

AP 1

AP n

Outline
Product introduction
Application introduction

Configuration

[Link]

How to add AP into AC


Configure AP Version

Tunnel Configuration
Configure WLAN security policy (Optional)
AP Configuration
WLAN Groups
AP Group and WLAN Group mapping
WLAN-VLAN Association
Monitoring the AP status

[Link]

AP version

Models for Altai AP:


A8n: WA8011N-X, A8-Ein: WA8011N, A8in: WA8011N-HE, A2: AP5822, C1n: WA1011N-G, C1an: WA1011N-A
[Link]

Tunnel Configuration

[Link]

WLAN security policy (Optional)

[Link]

AP Configuration
- Create new AP group.

[Link]

AP Configuration
- Add AP into group

Add AP to the specific AP group, here the MAC address is the Ethernet MAC of AP.

[Link]

AP Configuration
- Configure the wireless setting

[Link]

AP Configuration
- Import AP list via file

Sample:

[Link]

WLAN Groups
- Create new WLAN group

[Link]

WLAN Groups
- Edit the WLAN group

Add new WLAN(wireless configuration) in the WLAN group.

[Link]

WLAN Groups
- WLAN configuration sample (open SSID, concentrated forwarding)

[Link]

Continued

[Link]

AP Group and WLAN Group mapping

[Link]

WLAN-VLAN Association

Set the Inner VALN as the WLAN VLAN(in the previous sample, it is 2000), set the Outer VLAN as 0.

[Link]

Monitoring the AP status

[Link]

-End

[Link]

You might also like