== Aruba Wi-Fi Lab == In this lab session we are going to setup and configure enterprise-grade access points. This is a group lab and each group will have four persons. For this lab please refer to the IP table given [https://ws.learn.ac.lk/wiki/campuswifiandeduroam2023Agenda/IPAllocationWiFiLab here]. = Initial setup of the Access Point = power on the AP. Within five seconds hit enter to stop autoboot. enter factory_reset. {{{ at apboot mode, setenv ipaddr 192.248.4.X setenv netmask 255.255.255.248 setenv gatewayip 192.248.4.Y setenv dnsip 192.248.1.161 saveenv printenv }}} optional, {{{ setenv domainname g1.learn.ac.lk }}} Then enter boot to load OS image. Console will show as Init -> Master. This AP will be the master. = Setting up a DHCP server = Password will be admin/serialno Go to DHCP servers menu. default DHCP scope is for virtual controller assigned networks. It uses private IP ranges only. There are other 3 types of Local DHCP scopes. Local - DHCP and Gateway is at V. controller, Use NAT (This is the NAT mode) Local, L2 - DHCP is at controller but gateway is located outside the AP. (This is just the AP/Bridge mode) Local, L3 - DHCP and Gateway is at V. controller but use forwarding of traffic. (This is the forwarding/routing mode) IN Local DHCP scopes click new. {{{ Name : WS Type : Local, L2 VLAN :1 Network : 192.248.4.xxx Netmask : 255.255.255.0 Default router : 192.248.4.xxx DNS : 192.248.1.161 Domain name : .learn.ac.lk Lease time : 720 }}} = Setting UP SSIDs = login using admin:admin or admin/serialno. Locate Network, Click new. Go through the wizard. 1) Enter ssid, 2) We will assign VC as the DHCP server. Client IP assignement : virtual controller managed Client VLAN assignment : custom and select the above created(WS). 3) click the slider bar to Enterprise security level, key management : WPA-2 Enterprise Authentication server : new enter the radius server ip and secret configured in /etc/freeradius/clients Radius IP address : 192.248.4.XXX Also make sure AP addresses are added as clients to radius server. 4) keep the network Access unrestricted = Add other Access Points = reset other IAPs and set static IPs. APs in same subnet will be added to the cluster. If there is OS mismatch in new APs will be synced from Master AP and reboot. = Eduroam SSID configuration = login using admin:admin or admin/serialno. Locate Network, Click new. Go through the wizard. 1) Enter ssid, 2) We will assign VC as the DHCP server. Client IP assignement : virtual controller managed Client VLAN assignment : custom and select the above created(WS). 3) click the slider bar to Enterprise security level, key management : WPA-2 Enterprise Authentication server : new enter the radius server ip and secret configured in /etc/freeradius/clients Radius IP address : 192.248.4.XXX Also make sure AP addresses are added as clients to radius server. 4) keep the network Access unrestricted