HP Cloud Network Manager Software manual Wireless configuration

Page 47

nMAC authentication precedes 802.1X authentication - The administrators can enable MAC authentication for 802.1X authentication. MAC authentication shares all authentication server configurations with 802.1X authentication. If a wireless or wired client connects to the network, MAC authentication is performed first. If MAC authentication fails, 802.1X authentication is not triggered. If MAC authentication is successful, 802.1X authentication is attempted. If 802.1X authentication is successful, the client is assigned an 802.1X authentication role. If 802.1X authentication fails, the client is assigned a deny-allrole or mac-auth-onlyrole.

nMAC authentication only role - Allows you to create a mac-auth-onlyrole to allow role-based access rules when MAC authentication is enabled for 802.1X authentication. The mac-auth-onlyrole is assigned to a client when the MAC authentication is successful and 802.1X authentication fails. If 802.1X authentication is successful, the mac-auth-onlyrole is overwritten by the final role. The mac-auth-onlyrole is primarily used for wired clients.

nL2 authentication fall-through - Allows you to enable the l2-authentication-fallthroughmode. When this option is enabled, the 802.1X authentication is allowed even if the MAC authentication fails. If this option is disabled, 802.1X authentication is not allowed. The l2-authentication-fallthroughmode is disabled by default.

For more information on configuring an AP to use MAC + 802.1X Authentication, see Configuring MAC authentication with 802.1X authentication on page 53.

Captive Portal — Captive portal authentication is used for authenticating guest users. For more information on captive portal authentication, see Captive portal for guest access on page 56.

MAC authentication with Captive Portal authentication—This authentication method has the following features:

n If the captive portal splash page type is Internal-Authenticatedor External-RADIUS Server, MAC authentication reuses the server configurations.

n If the captive portal splash page type is Internal-Acknowledged or External-Authentication Text and MAC authentication is enabled, a server configuration page is displayed.

n If the captive portal splash page type is none, MAC authentication is disabled.

n You can configure the mac-auth-onlyrole when MAC authentication is enabled with captive portal authentication.

For more information configuring an AP to use MAC and captive portal authentication, see Configuring MAC authentication with captive portal authentication on page 54.

802.1X authentication with Captive Portal authentication — This authentication mechanism allows you to configure different captive portal settings for clients on the same SSID. For example, you can configure an 802.1x SSID and create a role for captive portal access, so that some of the clients using the SSID derive the captive portal role. You can configure rules to indicate access to external or internal captive portal, or none. For more information on configuring captive portal roles for an SSID with 802.1x authentication, see Configuring captive portal roles for an SSID on page 63.

WISPr authentication—Wireless Internet Service Provider roaming (WISPr) authentication allows a smart client to authenticate on the network when they roam between wireless Internet Service Providers (ISPs), even if the wireless hotspot uses an ISP with whom the client may not have an account.

If a hotspot is configured to use WISPr authentication in a specific ISP and a client attempts to access the internet at that hotspot, the WISPr AAA server configured for the ISP authenticates the client directly and allows the client to access the network. If the client only has an account with a partner ISP, the WISPr AAA server forwards the credentials of the client to the WISPr AAA server of the partner ISP for authentication. When the client is authenticated on the partner ISP, it is also authenticated on hotspot of your ISP as per their service agreements. The AP assigns the default WISPr user role to the client when your ISP sends an

47 Wireless configuration

HP Cloud Network Manager User Guide

Page 46 Page 48
Image 47
Page 46 Page 48
Contents HP Cloud Network Manager User Guide Acknowledgments Document 5998-5742, edition 1 JulyContents Wireless configuration Advanced configuration tasks Captive portal for guest access Reports Maintenance Conventions About this guideIntended audience Related documentsSupported APs Cloud Network Manager UI About Cloud Network ManagerCloud Network Manager overview Activating your Cloud Network Manager subscriptions Cloud Network Manager user interfaceActivating your HP Cloud Network Manager account Search Tabs Notifications Help Data pane User interfaceTabs SearchData pane NotificationsHelp Feedback SupportData pane item Description MonitoringOverview AP details Access pointsData pane item ClientsRemote Console System pane Section DescriptionEvent log Setting notification alerts Importing existing configuration from AP Wireless configurationInitial AP configuration Wireless network profilesNetwork types Understanding wireless network profilesConfiguring Wlan settings Voice Guest Utilization Content FilteDisable Ssid DMO ChannelLocal Probe Configuring Vlan settings for a Wlan Ssid profileCan be Used Without Uplink MAX ClientsManagement KEY Management Configuring security settings for a Wlan Ssid profileKEY Server AuthenticatioRoaming TerminationConfiguring access rules for a Wlan Ssid profile Deleting a Wlan Ssid profile General configuration tasksEditing a Wlan Ssid profile Modifying the AP name Basic configuration tasksConfiguring an NTP server Configuring VC IP addressConfiguring time zone Configuring a preferred bandConfiguring LED display Additional configuration tasksConfiguring VC Vlan Configuring auto join modeEnabling dynamic CPU management Advanced configuration tasksDisabling inter-user bridging Preventing local routing between clientsCustomizing AP parameters Configuring radio profiles for an APConfiguring Arrm assigned radio profiles for an AP Configuring radio profiles manually for APObtaining IP address Configuring uplink Vlan for an APSelect Administrator assigned in 2.4 GHz and 5 GHz Band Mode DescriptionArrm overview Advanced radio resource managementAP control Airtime fairness modeHP MotionAware Arrm metrics Configuring Arrm on an APMonitoring the network with Arrm MA Neighbor SLB ModeMotion Aware CalculatingChannels PowerCustomize ValidIntrusion detection system Configuring radio settings for an APOS fingerprinting Detecting and classifying rogue APsDetection level Detection policy Off Low Medium HighProtection level Protection policy Settings fieldOff Low High Containment methods AuthenticationUnderstanding authentication methods Wireless configuration Internal Radius server Supported authentication serversRadius server authentication with VSA External Radius serverConfiguring an external server for authentication Configuring authentication serversAuthentication termination on AP Retry Count Shared KEY TimeoutShared KEY RetypeClick Save Server Configuring dynamic Radius proxy parametersEnabling dynamic Radius proxy Configuring 802.1X authentication for a network profileConfiguring MAC authentication with 802.1X authentication Configuring MAC authentication for a network profileConfiguring WISPr authentication Blacklisting users dynamically Blacklisting clientsBlacklisting clients manually Session firewall based blacklisting Captive portal for guest accessConfiguring blacklist duration Understanding captive portalSelect the Primary Usage as Guest Configuring a Wlan Ssid for guest accessTypes of captive portal Walled gardenDynamic Multicast Content FilteringInactivity Timeout Multicast TransmissionLocal Probe Request Can be Used WithoutUplink MAX Clients Threshold Configuring internal captive portal for guest network Creating a captive portal profile Configuring external captive portal for a guest networkSelect any one of the following types of authentication External captive portal profilesFailure URLUSE Https Captive PortalType Configuring captive portal roles for an SsidRule Type SplashExternal Configuring walled garden accessInternal Configuring local and local, L3 Dhcp scopes Dhcp configurationDisabling captive portal authentication Configuring Dhcp scopesExcluded Address VlanNetwork NET MaskSelect Wireless Configuration Services Rtls ServicesConfiguring an AP for Rtls support Configuring Dhcp server for client IP assignmentBonjour support overview Configuring OpenDNS credentialsBonjour support configuration Bonjour support with Cloud Network Manager Bonjour support solutionSelect Wireless Configuration Services Bonjour Support Bonjour support featuresBonjour support services Integration with Cloud Network Manager Configuring an AP for PAN integrationIntegrating an AP with Palo Alto Networks firewall Uplink interfaces Uplink configurationWi-Fi uplink Configuring a Wi-Fi uplink profileEthernet uplink Configuring PPPoE uplink profileEnforcing uplinks Uplink preferences and switchingSetting an uplink priority Layer-3 mobility overview Switching uplinks based on internet availabilityFrom PRE-EMPTION, select Enabled Mobility and client managementConfiguring L3-mobility Snmp and logging Configuring L3 mobility domainConfiguring enterprise domains Enterprise domainCreating community strings for SNMPv1 and SNMPv2 Configuring SnmpConfiguring community string for Snmp Snmp parameters for APCreating community strings for SNMPv3 Configuring a syslog serverConfiguring Snmp traps Logging level Description Configuring Tftp dump serverSelect Wireless Configuration System Logging Creating a report ReportsDeleting a report Subscription keys MaintenanceFirmware User management Device managementAbbreviation Expansion TerminologyAcronyms and abbreviations Definition GlossaryTerm EAP Term DefinitionDST POE Through a wireless connection

Cloud Network Manager Software specifications

HP Cloud Network Manager is a robust software solution designed to simplify and enhance the management of network infrastructure in cloud environments. As organizations increasingly shift toward cloud computing, they require comprehensive tools to oversee complex network deployments. HP Cloud Network Manager rises to this challenge, offering a powerful suite of features aimed at optimizing performance, automating tasks, and ensuring reliable connectivity.

One of the main features of HP Cloud Network Manager is its intuitive dashboard, which provides users with real-time insights into network operations. This centralized interface allows administrators to monitor the status of various components, identify potential issues, and respond swiftly to anomalies. With advanced analytics capabilities, the software empowers users to make data-driven decisions that enhance network efficiency.

Another critical feature of this software is its automation capabilities. HP Cloud Network Manager simplifies routine network management tasks, such as configuration, provisioning, and software updates, allowing IT teams to focus on strategic initiatives rather than mundane maintenance. Automation reduces the risk of human error and accelerates deployment times, significantly increasing operational agility.

The software also supports multi-cloud environments, enabling organizations to manage their network resources across different cloud platforms seamlessly. This flexibility is essential for businesses that utilize various cloud providers and wish to maintain a unified network strategy. Coupled with its compatibility with open standards, HP Cloud Network Manager facilitates integration with existing IT ecosystems, ensuring a smooth transition to advanced cloud solutions.

Security is a top priority in today's digital landscape, and HP Cloud Network Manager includes integrated security features to protect network assets. It provides visibility into traffic patterns, helping to detect and mitigate potential threats before they become significant issues. Enhanced security protocols ensure that sensitive data remains protected during transit and at rest, aligning with compliance requirements.

Finally, HP Cloud Network Manager is built on cutting-edge technologies, including artificial intelligence and machine learning, which enable proactive network management. These technologies predict network behavior, assisting administrators in optimizing resources and anticipating potential challenges. As a result, organizations can achieve enhanced reliability and performance from their network infrastructure.

In summary, HP Cloud Network Manager is an essential tool for businesses looking to improve their cloud network management capabilities. With its powerful features, supportive technologies, and commitment to security, it stands out as a reliable solution for navigating the complexities of modern network environments.
Top Page Image Contents