Cisco Systems OL-6217-01 manual Cisco Swan Logical View

Page 9

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

Cisco SWAN Framework Overview

Figure 2 represents a logical, hierarchical view of the SWAN framework that clearly illustrates the importance of the WDS layer.

Figure 2 Cisco SWAN Logical View

WLSE

ACS

WLCCP messages

RADIUS control

domain

 

WDS

 

WDS

WLAN control

 

802.1x

 

WLCCP

authenticator

WLCCP

domain

messages

 

messages

 

 

 

Data

 

packets

IP

IP

WLAN control

domain

127430

WDS are configured to run on a supporting device—either a Cisco Aironet 1100 or 1200 for a Layer 2 architectural solution or the WLSM for an switch-based, Layer 3 solution. In both cases, infrastructure access points register with the WDS using special WLCCP messages.

Once registered, the infrastructure access points forward client association, authentication, and roaming information through the WDS via WLCCP MN registration messages, allowing the WDS to control and track wireless clients. If client authentication is implemented via any 802.1x with EAP (such as Cisco LEAP, EAP-FAST, PEAP, EAP-TLS, or EAP-TTLS), the WDS performs an additional important role by acting as the 802.1x authenticator for all wireless clients. In 802.1x authentication transactions, the WDS communicates directly with the RADIUS server. Any valid wireless client associated with an infrastructure access point and registered with the WDS.

A WDS, its registered infrastructure access points, and registered clients make up a WLAN control domain. Wireless clients can seamlessly roam between access points within a WLAN control domain. A WDS also collects radio management data from the infrastructure access points and, potentially, the MNs within the WLAN control domain via special WLCCP radio management (WLCCP-RM) messages. This data is aggregated by the WDS and passed on to the WLSE in WLCCP-RM messages. The WLSE uses this RM data to control and manage the radio coverage environment and to detect rogue access points and clients.

Cisco SWAN offers two basic WLAN architectures: an architecture supporting a Layer 2 WLAN control domain and an architecture supporting a Layer 3 WLAN control domain. The Layer 2 architecture leverages access point-based WDS. This architecture is called the access point-based WDS solution. The Layer 3 architecture leverages WLSM-based WDS and is called the switch-based WDS solution.

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

 

OL-6217-01

9

 

 

 

Page 8 Page 10
Image 9
Page 8 Page 10
Contents Corporate Headquarters Cisco Aironet 1400 Series Wireless Bridge Deployment Guide N T E N T S Contents Book Title Xxxxx-xx Audience Acroymns and Terms Cisco Swan Framework Overview Cisco Swan Layers Cisco Swan Logical View Shows the access point-based WDS solution WDS Wlccp Cisco Swan Framework ComponentsHardware Components Software ComponentsImplementing the Cisco Swan Framework Common Tasks CiscoSecure ACS NAS Setup Adding Username and Password Credentials CiscoSecure ACS User Setup AAA-apconfig-radsrvuser username password password AAA-apconfig#radius-server localCiscoWorks Wlse Snmp Community Entry Screen CiscoWorks Wlse Telnet/SSH Credentials Entry Configuring the WDS Access Point Access Point-Based WDS Solution ConfigurationWds-apconfig#username username password password Wds-apconfig#hostname hostnameConfiguring the Infrastructure Access Point Wds-apconfig#wlccp wds priority priority numberWds-apconfig#wlccp wnm ip address wlse ip address Infra-apconfig#hostname hostname Managing the Access Points with the CiscoWorks WlseInfra-apconfig#username username password password Infra-apconfig-line#access-class access-list numberValidating the Configuration Switch-Based WDS Solution ConfigurationConfiguring the Catalyst 6500 Supervisor Wds-ap#show wlccp wds apCreate the Vlan between the supervisor and Wlsm Configuring the WDS on the WlsmWlsmconfig#hostname hostname Wlsmconfig#snmp-server view iso iso includedConfiguring the Infrastructure Access Points Wlsmconfig# wlccp wnm ip address wlse ip addressInfra-apconfig#wlccp ap wds ip address wlsm ip address Validating the Setup Wlsm# show wlccp wds apWlsm# show wlccp wnm status Mobility ap Sup720# show mobility statusFast Secure Roaming with Cckm Infra-apconfig#interface dot11Radio When Using Multiple Encryption Types or VLANsInfra-apconfig-if#encryption mode ciphers cipher-type Infra-apconfig-if-ssid#authentication network-eap eap-groupClick Profile Management Configuring ACU to use CckmCisco Swan Framework Radio Management Cisco Swan Radio Management FeaturesBuilding Tool Pop-Up Window Preparing to Use Cisco Swan Radio ManagementCisco Swan Radio Management Features Page OL-6217-01
Top Page Image Contents