== Aruba Wi-Fi Lab == In this lab session we are going to setup and configure enterprise-grade access points. This is a group lab and there will be 9 groups. For this lab please refer to the IP table and network diagram given [https://ws.learn.ac.lk/wiki/campuswifiandeduroam2023Agenda/IPAllocationWiFiLab here]. = Initial setup of the Access Point = We are using two models of access points for this lab Aruba AP-515 and AP-225. Two are having differences in the way they are setup and configurations are done. Note: Each group will be provided two Access points. Each group is allocated 4 ports(given in the table) on a PoE switch which you need to plug your access points. Don't plug both access points at once. First plug one and configure it until done. When you add the second AP it should automatically get the configurations from the previous AP. == Initial setup of AP-515 == When you power up the AP it should show a SSID named setmeup-XX:XX:XX . Connect your laptop to it. Then browse the page https://setmeup.arubanetworks.com/ (prefer chrome browser). It may show up a certificate warning. Select Advanced and proceed to visit the page. [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab1.png, 480px)]] Credentials will be as below. user : admin password : serial number of the AP [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab1a.png, 480px)]] Once logged in you need to select the country code. [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab2.png, 480px)]] It will show a message on Aruba cloud central. [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab3.png, 480px)]] Once click on OK the web page will be displayed. First need to change the IP address of the AP. Go Configuration => Access Points. Select 'IP address for Access Point' as 'Specify statically' and enter IP details given for AP1 in the table. [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab4.png, 480px)]] Then click save and a pop-up will come up displaying reboot of AP required. Close it and go to Maintainance => Reboot and select the AP from the MAC address and reboot the AP. [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab5.png, 480px)]] [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab6.png, 480px)]] [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab7.png, 480px)]] Now you are able login to the AP through a web console. Enter ​https://:4343/ on a browser. Credentials will be as follows. user : admin password : serial number of the AP == Initial setup of AP-225 == Install putty on a laptop with a serial console cable attached(We will provide a shared laptop to setup APs). Connect the AP to the console port. The plug a patch cord to the Ethernet 0 port of the AP. Plug the other end of the patch cord to a given switch port. AP will power up and within five seconds hit enter to stop autoboot of the AP. You will enter to a low level configuration mode of the AP. enter below commands to do IP configuration for the AP. {{{ at apboot mode, setenv ipaddr 192.248.4.X setenv netmask 255.255.255.248 setenv gatewayip 192.248.4.Y setenv dnsip 192.248.1.161 saveenv printenv }}} optional, {{{ setenv domainname g.learn.ac.lk saveenv }}} Then enter 'boot' to load OS image. Console will show as Init -> Master. Then the AP will be the master. Now you are able login to the AP through a web console. Enter https://:4343/ on a browser. Credentials will be as follows. user : admin password : serial number of the AP = System Configurations = After the initial setup let us do some basic system configurations. Go to Configuration => System. In general section you change some important settings. Change settings like Name, System Location, NTP server, Timezone settings and save. [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab9.png, 480px)]] Go to Admin section and create the view only user as below with a password. This user will have Dashboard monitoring capabilities and not any configuration and maintenance. [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab10.png, 480px)]] = Customize AP settings = Navigate to Configuration => Access Points. You will see the current AP listed. select it and click Edit (pencil mark). Then give it a suitable name like GX_AP1. [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab11.png, 480px)]] Next go to Radio section and assign it the radio channels given in the table and save it. You may also change the radio transmit power in dBm. higher the number higher the range of the signal. [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab12.png, 480px)]] = Setting UP SSIDs = Navigate to Configuration => Networks. Click Plus button to add a new Wi-Fi Network. [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab14.png, 480px)]] Give a suitable name as given and select the other options as shown. [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab15.png, 480px)]] Keep the default Client IP and VLAN assignments. [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab16.png, 480px)]] Select the security level Personal, Key management WPA2-Personal as default. Give a suitable password for the SSID. Go next. [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab17.png, 480px)]] Keep the default Access Rules and click finish to save the configuration. [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/campuswifiandeduroam2023Agenda/WiFi-Lab/wifilab18.png, 480px)]] Navigate back Networks menus under Configuration and Dashboard sections. You will see the SSID and you can try to connect that SSID. = Setting up a DHCP server = Login to AP. Go to DHCP servers menu. default DHCP scope is for virtual controller assigned networks. It uses private IP ranges only. IN Local DHCP scopes click new. {{{ Name : WS Type : Local, L2 VLAN :1 Network : 192.168.1.0 Netmask : 255.255.255.0 Default router : 192.168.1.254 DNS : 192.248.1.161 Domain name : .learn.ac.lk Lease time : 720 }}} = Add other Access Points = reset other IAPs and set static IPs. APs in same subnet will be added to the cluster. If there is OS mismatch in new APs will be synced from Master AP and reboot. = Eduroam SSID configuration = login using admin:admin or admin/serialno. Locate Network, Click new. Go through the wizard. 1) Enter ssid, 2) We will assign VC as the DHCP server. Client IP assignement : virtual controller managed Client VLAN assignment : custom and select the above created(WS). 3) click the slider bar to Enterprise security level, key management : WPA-2 Enterprise Authentication server : new enter the radius server ip and secret configured in /etc/freeradius/clients Radius IP address : 192.248.4.XXX Also make sure AP addresses are added as clients to radius server. 4) keep the network Access unrestricted