Avaya A6000, AP60, AP65, A2400, A200, A800 Authentication, Quality of Service QoS, Subnet Roaming

Page 17

Aruba Mobility Controller

Configuration Guide

 

VIEW Certified

user-role phones session-acl phone_acl

!

Authentication

In addition to the encryption, it is recommended that you use MAC authentication to authenticate the wireless IP telephones. On the Aruba System, the roles for wireless IP telephones are derived using MAC-authentication. The wireless IP telephones can be authenticated individually using MAC-authentication or as a group using the vendor OUI and derivation rules. For instruction on enabling MAC-authentication refer to Aruba’s User Guide.

For the OUI-based derivation rule, configure the following from the CLI:

aaa derivation rules user

set role condition macaddr starts-with "00:90:7a" set-value phone

Quality of Service (QoS)

Quality of service is achieved by prioritizing the voice traffic over data traffic. To prioritize the voice traffic over data traffic in the AP traffic queues, the “queue high” tag is used at the end of each ACL to prioritize the traffic matching the ACL over all other traffic. In the example shown above:

user alias avpp svc-avpp permit queue high alias avpp user svc-avpp permit queue high

The traffic that matches the above two rules is prioritized over all other traffic. In addition, a DiffServ tag or a Dot1p tag can be configured at the end of each ACL to indicate the relative priority of the traffic to the traffic to the network.

Example:

user alias avpp svc-avpp permit dot1p 4 queue high dot1p-priority 4 tos 4 queue high

alias avpp user svc-avpp permit queue high dot1p-priority 4 tos 4 queue high

By default, the packets are not tagged.

In addition multicast/bradcast traffic in the air can be limited by turning on the firewall voip- prox-arp. This command is available on the CLI alone.

(Aruba)# configuration terminal

(Aruba) (config)# firewall voip-proxy-arp

Subnet Roaming

The Aruba system can be set up to support inter-switch inter-subnet roaming. The topology is as shown in the figure on page 2.

When two or more switches are used in the Aruba WLAN system, one switch has to be identified as the master and the others as the local switch. During VIEW Certification testing, the Aruba 800 was configured as the master switch and the Aruba 6000 was configured as a local switch; therefore, this configuration is used in the following examples.

For instructions on setting up a switch as a local switch refer to Aruba’s User Guides.

Page 17

Page 16 Page 18
Image 17
Page 16 Page 18
Contents Configuration Guide Service InformationCertified Product Summary View CertifiedDefault route Interface settingNetwork Topology Deployment DescriptionConnecting the APs Connecting to the Mobility ControllerCommand, comment, and screen text key Known LimitationsVia the Web interface Ssh admin@switch IP addressVia the CLI Welcome to Aruba Wireless Networks Aruba Initial SetupProvisioning APs Connecting APsAssigning an IP to the Mobility Controller CLI command configuration Ssid ConfigurationWeb-based configuration Configure terminal ap location x.y.zRadio setting 802.11b or 802.11g Access Point ConfigurationPreamble settings Enter the PSK AES Key/PassphraseRecommended AP configuration settings Channel and Tx powerEssid Ap location x.y.z CommandsFor ARM Assignment, select Disabled For ARM Assignment, select Disabled Dynamic RF Management ARM Aware Scanning Security Policies and Quality of Service QoSCreate an alias for the Avpp Create policies for the wireless IP telephone userAssign policies to the role Quality of Service QoS AuthenticationSubnet Roaming User-role phones session-acl phoneaclCommands for the master switch the Aruba CLI commands to set up subnet roamingFrom the Aruba Commands to verify setup for sub-net routingCommands for the local switch the Aruba Show ap config location x.y.z Checking the ConfigurationShow stm connectivity Show station-table
Top Page Image Contents