1. Manuals
  2. Brands
  3. Extreme Networks Manuals
  4. Software
  5. Summit WM Series
  6. Technical reference manual

Extreme Networks Summit WM Technical Reference Manual

Version 5.1
Hide thumbs Also See for Summit WM:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Maintenance Manual
Summit WM Technical Reference Guide
Software Version 5.1
Extreme Networks, Inc.
3585 Monroe Street
Santa Clara, California 95051
(888) 257-3000
(408) 579-2800
http://www.extremenetworks.com
Published: September 2008
Part number: 120430-00 Rev 02

Advertisement

Table of Contents
loading

Related Manuals for Extreme Networks Summit WM

Summary of Contents for Extreme Networks Summit WM

  • Page 1 Summit WM Technical Reference Guide Software Version 5.1 Extreme Networks, Inc. 3585 Monroe Street Santa Clara, California 95051 (888) 257-3000 (408) 579-2800 http://www.extremenetworks.com Published: September 2008 Part number: 120430-00 Rev 02...
  • Page 2 ServiceWatch, Summit, SummitStack, Triumph, Unified Access Architecture, Unified Access RF Manager, UniStack, the Extreme Networks logo, the Alpine logo, the BlackDiamond logo, the Extreme Turbodrive logo, the Summit logos, the Powered by ExtremeXOS logo, and the Color Purple, among others, are trademarks or registered trademarks of Extreme Networks, Inc.

  • Page 3: Table Of Contents

    SLP Directory Agent Option (Option 78) ..................18 SLP Service Scope Option (Option 79) ..................19 Dynamic Host Configuration Protocol – Summit WM Controller and AP Discovery and other Services.20 DHCP setup using the internal DHCP server.................22 DHCP setups for relayed WM-AD’s and AP deployment networks............23 DHCP configuration example: OSC dhcpd on Linux ..............23...
  • Page 4 Configuring Computer-only Authentication using the Wireless Network (IEEE 802.11) Policies Group Policy Extension........................63 Enabling Computer-only Authentication Using the Registry............63 Summary..........................64 Chapter 6: Summit WM Controller diagnostics ................65 Summit WM Controller WM200/2000 diagnostics ................65 Summit WM Controller WM200/2000 capacity ..............65 Summit WM Controller WM200/2000 license capacity ............65 Summit WM Controller WM200/2000 LEDs................66...
  • Page 5 Configuring APs for .1X authentication ..................109 General configuration ......................109 EAP-PEAP configuration ....................109 EAP-TLS configuration with the Summit WM Controller as proxy..........110 EAP-TLS configuration with the Summit WM Controller as pass-through .........111 Bulk EAP-TLS configuration ....................111 Bulk EAP-PEAP configuration.....................112 Verifying the AP .1X configuration ....................112 Limits and technical data ......................113...
  • Page 6 Using ACS ........................137 Automatic Transmit Power Control (ATPC) overview ..............140 ATPC operation .........................141 Using ATPC ........................141 Chapter 15: Logs and Events......................147 STARTUP_MANAGER (0) ......................147 EVENT_SERVER (1) ........................149 CONFIG_MANAGER (2) ......................155 STATS_SERVER (3) ........................157 Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 7 CPDP_AGENT_ID (110)......................210 PORT_INFO_J_MANAGER (118) ....................210 ECHELON (126) ........................211 Chapter 16: Reference lists of standards ..................213 RFC list..........................213 802.11 standards list......................214 Supported Wi-Fi Alliance standards ..................215 Glossary ............................. 217 Index ............................221 Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 8 Table of Contents Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 9: About This Guide

    Controller, Access Points, and WM software. Who should use this guide This guide is a reference for system administrators who install and manage the Summit WM Controller, Access Points, and WM software system. Any administrator performing tasks described in this guide must have an account with full administrative privileges.

  • Page 10: Formatting Conventions

    ● Formatting conventions The Summit WM Controller, Access Points, and WM software documentation uses the following formatting conventions to make it easier to find information and follow procedures: Bold text is used to identify components of the management interface, such as menu items and ●...

  • Page 11: Protocols And Standards

    WM Controller, Access Points, and WM software. These lists include the Requests for Comment (RFCs) of the Internet Engineering Task Force (IETF) and the 802.11 standards developed by the Institute of Electrical and Electronics Engineers (IEEE). Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 12 About this guide Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 13: Chapter 1: System Capacities

    System Capacities This chapter provides the supported limits and capacities of the Summit WM Controller software system. Summit WM Controller WM20/WM200/2000 The following table specifies the performance capacities of the Summit WM Controller WM20/WM200/ 2000 platforms. Table 1: Summit WM Controller WM20/WM200/2000 system capacities...

  • Page 14: Altitude Access Point

    System Capacities Table 2: Summit WM Controller WM100/WM1000 system capacities Limit WM1000 WM100 Max # of APs Max throughput 2 Gbits/sec 400 Mbits/sec Max # of users (single controller) 4096 2048 Max # of users (multi-box/reserved) 4096 Local + 4096 Foreign...

  • Page 15: Feature Capacities

    Max # APs per failover WM1000/WM2000 Note:Failover limit is limited by the capacity of the controller category in question WM200 WM100 WM20 Failover time 200 APs – 1 Minute WM1000/WM2000 Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 16: Maximum Failover Capacity Matrix

    Capacity WM100 WM1000 WM20 WM200 WM2000 Table 7: Legend Legend All Summit WM Controllers within the same release (V5 R1). Conditional Number of APs allowed in failover is restricted by platform capacity. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 17: Chapter 2: Configuration Of Dynamic Host Configuration Protocol (Dhcp)

    Service Location Protocol (SLP). The combination of Dynamic Host Configuration Protocol (DHCP), Option 78 and 79, and SLP provide a technique that defines the Summit WM Controller as the only element on the network that the Wireless AP can communicate with.

  • Page 18: Service Location Protocol (Slp) (Rfc2608)

    SLP Directory Agent Option (Option 78) The SLP Directory Agent Option 78 specifies a list of IP addresses for SLP Directory Agents. Directory Agents should be listed in order of preference. Summit WM Controllers register themselves as directory agents. The Length value must include one for the Mandatory byte and include four for each Directory Agent address which follows.

  • Page 19: Slp Service Scope Option (Option 79)

    If the Mandatory byte is 0, static configuration takes precedence over the DHCP provided scope list. If the Mandatory byte is 1, the <Scope List> provided in this option must be used by the SLP Agent. The Scope List String usage is defined in the SLPv2 specification (RFC2608). Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 20: Dynamic Host Configuration Protocol - Summit Wm Controller And Ap Discovery And Other Services

    Wireless laptop This simple setup has the following properties: A Summit WM Controller connected to a core network segment (a.b.c.d), ● APs connected on both direct (e.f.g.h) and indirect (i.j.k.l) subnets, ● An existing DHCP server somewhere in the core segment, and ●...
  • Page 21 WM Controllers deployed on the same segment. For setups that use multiple Summit WM Controllers a DHCP server in area A is required to answer requests for option 78 to allow availability and mobility to work. No addresses will be consumed.

  • Page 22: Dhcp Setup Using The Internal Dhcp Server

    APs to find the Summit WM Controller across subnet. The APs can use a static list of Summit WM Controllers to connect to or use DNS but by far the most common method is to allow them to use DHCP option 78 to locate a service location protocol (SLP) director agent that is generally hosted on the Summit WM Controller itself.

  • Page 23: Dhcp Setups For Relayed Wm-Ad's And Ap Deployment Networks

    DHCP setups for relayed WM-AD’s and AP deployment networks Sometimes it is necessary to use a DHCP server external from the Summit WM Controller to give offer DHCP addresses. Popular reasons for this are: Support for DHCP options that are not exposed through Summit WM Controller GUI (Summit WM ●...
  • Page 24 This file can be divided into the following four areas: General options: lines 1-3 ● Scope for 10.0.0.0/24 subnet: lines 4-8 ● Scope for 172.16.1.0/24 subnet (voice subnet): lines 9-18 ● Scope for 172.16.2.0/24 subnet (laptop subnet): lines 19-27 ● Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 25: General Options

    This scope is defined to address wireless handsets. Notice the use of option 151 (now called ‘svp’ within the scope). Delivery of this option would be impossible from the Summit WM Controller itself but it can be delivered through DHCP relay. The other options are self-explanatory.

  • Page 26: Wireless Ap Dhcp Registration Setup (Windows)

    You can configure the DHCP service that is included with Windows 2000 and Windows 2003 to provide DHCP option 78. Extreme Networks Summit WM Access Points (Wireless AP) as clients to the Summit WM Controller (Summit WM Controller) may require the configuration of DHCP options 78 for controller discovery.
  • Page 27 27-1B 58-3A 89-59 120-78 151-97 182-B6 213-D5 244-F4 28-1C 59-3B 90-5A 121-79 152-98 183-B7 214-D6 245-F5 29-1D 60-3C 91-5B 122-7A 153-99 184-B8 215-D7 246-F6 30-1E 61-3D 92-5C 123-7B 154-9A 185-B9 216-D8 247-F7 Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 28: Dns Settings For Wireless Ap Discovery

    Host (A) (W2003 server) 3 First field enter ext-summitwm-connect-1 which is the default name for the Extreme Networks Summit WM Controller, then enter the IP address of the WM ESA port that will host the Wireless AP connections. 4 Select Create Pointer <Finish>. This will create a pointer and append the WM reference “ext- summitwm-connect-1”...

  • Page 29: Chapter 3: Rogue Access Point Detection

    The rogue AP detection feature is only supported for use with Altitude 350-1 and 350-2d models. The Analysis Engine is the brains of this feature and runs on one Summit WM Controller in the network. It polls all Data Collectors periodically (default is every 5 seconds) and analyzes the polled data to identify new devices.
  • Page 30 A client configured in ad-hoc mode has been identified 6 Inactive Wireless AP with known SSID – Major Alarm A “known” Wireless AP has been detected that the Summit WM Controller has identified as not in service (stolen?) Inactive Wireless AP with unknown SSID – Major Alarm A “known”...

  • Page 31: Chapter 4: Creating The Windows Security Infrastructure

    For Protected EAP (PEAP) with Microsoft Challenge Handshake Authentication Protocol version 2 (MS- CHAP v2) authentication, root certification authority (CA) certificates on each wireless client. PEAP-MS- CHAP v2 is a password-based secure authentication method for wireless connections. Depending on the Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 32: Intranet Wireless Deployment Steps

    Step 5: Deploying and Configuring Wireless APs. ● Step 6: Configuring Wireless Network (IEEE 802.11) Policies Group Policy Settings ● Step 7: Installing Computer Certificates on Wireless Client Computers for EAP-TLS ● Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 33: Step 1: Configuring The Certificate Infrastructure

    In Windows Server 2003, Windows XP, and Windows 2000, you can view the certificate chain from ● the Certification Path tab in the properties of a certificate in the Certificates snap-in. You can view Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 34: Step 1A: Installing A Certificate Infrastructure

    The offline root and intermediate CAs do not have to be Windows Server 2003 or Windows 2000 CAs. Issuing CAs can be subordinates of a third party intermediate Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 35 If a new CRL is manually published to the Active Directory, the local CRL on the IAS server is not updated. The local CRL is updated when it expires. This can create a situation wherein Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 36: Step 1B: Installing Computer Certificates

    If you are using a Windows Server 2003, Enterprise Edition, or Windows Server 2003, Datacenter Edition, enterprise CA as an issuing CA, you can install user certificates through autoenrollment. Configuring user certificate autoenrollment for wireless user certificates requires you to duplicate Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 37 Ensure that all appropriate domain system containers are configured for autoenrollment of user certificates either through the inheriting of group policy settings of a parent system container or explicit configuration. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 38: Step 2: Configuring Active Directory For Accounts And Groups

    It is also possible to import a certificate by double-clicking a certificate file that is stored in a folder or sent in an email message. Although this works for certificates created with Windows Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 39 To register the IAS server in the default domain using Internet Authentication Service: 1 Log on to the IAS server with an account that has domain administrator permissions. 2 Open the Internet Authentication Service snap-in. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 40 (1812 and1645 for authentication and 1813 and1646 for accounting), in Authentication and Accounting, type your port settings. To use multiple ports for authentication or accounting requests, separate the ports with commas. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 41: Step 3B: Configuring A Wireless Remote Access Policy

    Protected EAP (PEAP) EAP type, and then click Configure. In the Protected EAP Properties dialog box, select the appropriate computer certificate and ensure that Secured password (EAP- MSCHAP v2) is selected as the EAP type. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 42 6 If the vendor-specific attribute is not in the list of available RADIUS attributes, click the Vendor- Specific attribute, and then click Add. 7 In the Multivalued Attribute Information dialog box, click Add Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 43 2 Select the policy or create a new one. To create a new one: Right-click Remote Access Policies, and then select New Remote Access Policy. The New ● Remote Access Policy wizard is displayed. Follow the wizard steps to create a new policy. ● Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 44 Creating the Windows Security Infrastructure 3 Click Edit Profile. The Edit Dial-In Profile dialog is displayed. 4 Click the Advanced tab. 5 Click Add. The Add Attribute dialog is displayed. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 45 4329 8 Configure the applicable attributes as per the dictionary file at: /etc/extreme/raddb/ dictionary.extreme. Dictionary file File at /etc/extreme/raddb/dictionary.extreme the VSAs are: # dictionary.extreme - Extreme Networks Summit WM LAN Controller VSA dictionary VENDOR Extreme Networks 4329 BEGIN-VENDOR Extreme Networks...

  • Page 46: Step 4: Configuring The Secondary Ias Server (If Applicable)

    If you change the IAS server configuration in any way, use the Internet Authentication Service snap-in to change the configuration of the primary IAS server and then use steps 7 and 8 above to synchronize those changes on the secondary IAS server Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 47: Step 5: Deploying And Configuring Wireless Aps

    Deploy your wireless APs to provide coverage for all the areas of coverage for your wireless network. Configure your Summit WM Controller and Wireless APs to support WPA, WPA2, or WEP encryption with 802.1X authentication. Additionally, configure RADIUS settings on your Summit WM Controller...

  • Page 48: Step 7: Installing Computer Certificates On Wireless Client Computers For Eap-Tls

    /refreshpolicy machine_policy at a command prompt. If the domain is not configured for autoenrollment, you can request a “Computer” certificate using ● the Certificates snap-in or you can execute a CAPICOM script to install a computer certificate. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 49: Step 8: Installing User Certificates On Wireless Client Computers For Eap-Tls

    1 Open an MMC console that contains Certificates – Current User. 2 In the console tree, right-click Personal, then point to All Tasks, and then click Request New Certificate to start the Certificate Request wizard. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 50: Floppy Disk-Based Installation

    Click Next. 8 On the Completing the Certificate Export Wizard page, click Finish Import a certificate 1 Open an MMC console containing Certificates - Current User 2 Open Personal, and then open Certificates. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 51: Step 9: Configuring Wireless Clients For Eap-Tls

    IAS server is used, type the part of the DNS name that is common to all of the IAS servers. For example, if you have two IAS servers named Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 52: Step 10: Configuring Wireless Client Computers For Peap-Ms-Chap V2

    IAS server (enabled by default). If you want to specify the names of the authentication servers that must perform validation, select Connect to these servers and type the names. In Select Authentication Method, click Secured password (EAP-MSCHAP v2). Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 53 CA certificate of the issuing CA of computer certificates on the IAS servers is installed in their local computer certificate store. Alternately, you can use the Certificates snap-in to import the root CA certificates to the Certificates (Local Computer)\Trusted Root Certification Authorities\Certificates folder on each wireless client computer. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 54: Additional Intranet Wireless Deployment Configurations

    For example, create a WirelessInternetUsers that contains global groups of business partner, vendor, or other non-employee user and computer accounts. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 55: Using A Third-Party Ca

    Usage [EKU]). An EKU is identified using an object identifier (OID). The OID for Server Authentication is “1.3.6.1.5.5.7.3.1”. They must contain the fully qualified domain name (FQDN) of the computer account of the IAS ● server computer in the Subject Alternative Name property. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 56: Certificates On Wireless Client Computers

    IAS also runs in the local system security context. Therefore, you must configure proxy server settings from the local system security context so that they apply to IAS. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 57 ProxyCfg.exe that works with Windows 2000 Server, see 830605 - The Proxycfg.exe configuration tool is available for WinHTTP 5.1. For more information about how to use ProxyCfg.exe, see ProxyCfg.exe, a Proxy Configuration Tool. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 58 Creating the Windows Security Infrastructure Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 59: Chapter 5: Windows Recommendations And Best Practices

    To install computer certificates, use auto-enrollment - This requires the use of a Windows 2000 or ● Windows Server 2003 Certificate Services server as an enterprise CA at the issuer CA level. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 60: Wireless Aps

    Windows XP Wireless Auto Configuration. For easier deployment, use wireless network adapters that have Plug and Play drivers already ● included with Windows XP or are available through Windows Update (http://www.windowsupdate.com). Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 61: Active Directory

    Server 2003 IAS supports RADIUS proxy functionality through the configuration of connection request policies and remote RADIUS server groups. For this example, connection request policies are created to match different portions of the User-Name RADIUS attribute corresponding to each Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 62: Scalability

    For more information about computer authentication and user authentication, see “Windows XP Wireless Deployment Technology and Component Overview” at http://www.microsoft.com/technet/ prodtechnol/winxppro/maintain/wificomp.mspx You can configure computer-only authentication using the Wireless Network (IEEE 802.11) Policies Group Policy extension or through the registry. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 63: Configuring Computer-Only Authentication Using The Wireless Network (Ieee 802.11) Policies Group Policy Extension

    In both cases, you create a script file that is read by the tool to add a registry setting. The tool has to be run in the security context of a local administrator account. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 64: Summary

    RADIUS servers to the wireless APs, and configure your wireless APs as RADIUS clients to the IAS servers. You can also configure Internet access for business partners, use third-party CAs, and use IAS RADIUS proxies for cross-forest authentication or load balancing. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 65: Chapter 6: Summit Wm Controller Diagnostics

    Summit WM Controller diagnostics WARNING! Changes or modifications made to the Summit WM Controller or the Wireless APs which are not expressly approved by Extreme Networks could void your service contract. Only authorized Extreme Networks service personnel are permitted to service the system. Procedures that should be performed only by Extreme Networks personnel are clearly identified in this guide.

  • Page 66: Summit Wm Controller Wm200/2000 Leds

    WARNING INT LED display switch The reported states for the Summit WM Controller WM200/2000 are: Run LED – This indicator indicates CPU activity. Once CPU initialization is complete, the Run LED ● blinks with CPU activity. Activity LED – This indicator will be turned on upon application (SMT) start. It indicates that the ●...
  • Page 67 NOTE The error codes represented by the SSD are context dependent on the state of the LEDs (ACT, W, E). Summit WM Controller WM200/2000 LED states and Seven Segment Display (SSD) codes Firmware initialization: Table 14: LED states and SSD codes during firmware initialization...
  • Page 68 The system will reboot. Green MF 1000 card failure. Backup sectors exhausted. Green NP 4000 card initialization failure. Firmware self test (BIST) has detected failure in one or more components (memory, bus, interconnects) Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 69: System Startup

    The Activity LED becomes active to indicate that the system has completed startup diagnostic procedures (POST), and the OS has properly loaded. The Act LED indicates that the Summit WM Convergence Software is running. The corresponding running state of the application is indicated in the SSD.
  • Page 70 Summit WM Controller diagnostics Table 19: Summit WM Controller WM200/2000 application states (Continued) Condition Level Comment Action System halted. Administrator Major This SSD code indicates that the Reset system power to requested halting of system. administrator has requested the halting restore operational of system's operations.
  • Page 71 Table 19: Summit WM Controller WM200/2000 application states (Continued) Condition Level Comment Action Error LED Failed to identify FDD. Possibly Re-insert card. If card due to removal of FDD card. present, contact Technical Support to • Activity LED = Enabled arrange replacement.

  • Page 72: Summit Wm Controller Wm200/2000 Protocols

    SNMP Alarms are generated for each of the conditions corresponding to Major and Critical logs. Summit WM Controller WM200/2000 protocols The Summit WM software uses several protocols. All the protocols are IP based protocols, and as a result have corresponding TCP and UDP ports associated with them. You must note the TCP/UDP ports that are required for the proper functioning of the Summit WM Controller and the Wireless APs.

  • Page 73: Summit Wm Controller Wm20 Diagnostics

    Backup Server uploads) Summit WM Controller WM20 diagnostics Summit WM Controller WM20 capacity Table 21 shows the filesystem capacity for the Summit WM Controller WM20. Table 21: Summit WM Controller WM20 filesystem capacity Filesystem Size Comment 21 GB Main partition for OS and application installation /home 1.9 GB...

  • Page 74: Using The Console Port

    Summit WM Controller diagnostics Table 21: Summit WM Controller WM20 filesystem capacity Filesystem Size Comment /var/controller.upgrade 4.9 GB System image storage (Wireless APs, Controller, OS updates) /rescue 1.0 GB Using the console port Connect to the console port of the Summit WM20 Controller to perform diagnostics or a rescue procedure.

  • Page 75: Summit Wm Controller Wm20 Rescue Procedure

    HDD with a new one that has the factory default image on it. You can then use the Rescue procedure to revert to your previous image with your old configurations. The Summit WM Controller WM20 supports the following methods for rescue: Local – Rescue file is directly present on filesystem ●...

  • Page 76: Summit Wm Controller Wm20 Leds

    The hot swap lever is not enabled in the current release. Pulling the hot swap lever will not affect the normal operation if the Summit WM Controller WM20 is already running. However, if you attempt to reboot the Summit WM Controller WM20 with the hot swap lever pulled out, the controller will fail to reboot.

  • Page 77: Summit Wm Controller Wm20 Protocols

    • Solid Blue when the hot swap lever is pulled out Summit WM Controller WM20 protocols The Summit WM Controller WM20 uses similar protocols to the Summit WM Controller WM200/2000. For more information, see “Summit WM Controller WM200/2000 protocols” on page...
  • Page 78 Summit WM Controller diagnostics Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 79: Chapter 7: Hardware Maintenance

    Summit WM Controller WM200/2000 maintenance WARNING! The Summit WM Controller WM200/2000 system may not be operated in a LAN in which a DC voltage is overlaid on the data lines, since there are still switches that connect directly without checking the supply voltage first.

  • Page 80: Summit Wm Controller Wm200/2000 Power Supply

    (Figure 10). The redundant power supply provides the Summit WM Controller WM200/2000 with two power supplies. Having two power supplies provides administrators with the option of connecting a second power supply to an independent power source to ensure constant power availability in case of a power outage.

  • Page 81: Power Frus

    PAPST 3412 N/2. Figure 12: Fan Tray The fan trays are positioned on the left and right in the Summit WM Controller WM200/2000 shelf. Each fan features three conductors (12 V, ground (GND), speed signal). The fan trays are connected to the backplane by a connection cable.

  • Page 82: Hme

    Figure 14 illustrates the ventilation grills for the Summit WM Controller WM200/2000 fans. Figure 13: Fan tray covers and numbering of fans Fan tray cover (Fans 1 and 2)

  • Page 83: Sme Card

    16) is a full size (6U) Compact PCI (cPCI) form-factor card. Figure 16: SME card The SME card has the following main components: Pentium M processor ● Micron North Bridge with dual PCI bus ● Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 84: Npe 2411 Card

    As such, replacement of the SME requires that the product key be transferred from the old SME card to the new one. This transfer should be arranged through Extreme Networks technical support or sales support. NPE 2411 card...

  • Page 85: Summit Wm Controller Wm200/2000 Power And Maintenance Procedures

    4 Check the resistance reading on the meter. The meter reading must be between 0.80 and 1.20 mega ohms. 5 Replace the wrist strap and cord assembly if the reading is not within the allowable range. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 86 3 Attach one end of the coiled wire to the wrist strap and the other end to the alligator clip, if necessary. 4 Connect the alligator clip to an unpainted portion of the cabinet frame. This safely channels electrostatic charges to ground. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 87 Remove cards by pressing/pulling the cPCI card ears ● NOTE Cards are locked from manufacturing with a screw at each end. In order to remove a card, the holding screws must be remove. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 88 Hardware maintenance Powering off the Summit WM Controller WM200/2000 To power off the Summit WM Controller WM200/2000: 1 Login on the Summit WM GUI. 2 From the main menu, click Summit Controller Configuration. The Summit Controller Configuration page is displayed.

  • Page 89: Summit Wm Controller Wm20 Maintenance

    Summit WM Controller WM20 maintenance WARNING! You should avoid operating the Summit WM Controller WM20 in a LAN in which the DC voltage is overlaid on the data lines because the LAN may have switches that connect directly without checking the supply voltage. Depending upon the transformer at the LAN interface, voltages of up to 500 Volts can be induced.
  • Page 90 No electrical connection exists between the Wireless APs and the Summit WM Controller WM20. The Summit WM Controller WM20 and the Wireless APs communicate with each other via the IP network. For more information, see the Summit WM User Guide.

  • Page 91: Summit Wm Controller Wm20 Power And Maintenance Procedures

    Summit WM Controller WM20 power and maintenance procedures The power and maintenance procedures for the Summit WM Controller WM20 is similar to the Summit WM Controller WM200/2000. For more information, see “Powering off the Summit WM Controller WM200/2000” on page...
  • Page 92 Hardware maintenance Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 93: Chapter 8: Wds - Wireless Distribution Service

    Every member of the WDS tree — root, repeater, or satellite — can support normal AP operation on ● the same radio used for WDS. The WDS feature is completely integrated into the Summit WM framework and supports most of its ● features (for example, multiple WM-AD per radio, availability, WPAv1/v2, WMM/11e, all WM-AD types: bridged at AP, routed and bridged at WM) with only certain exceptions (for example, intrusion detection, DRM) detailed below.
  • Page 94 If link persistence is enabled on an AP operating as WDS parent and the AP loses its communication ● to the controller, the AP will preserve the existing children but it will not accept new children until it Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 95 VLAN tag. The WDS bridge preserves both L2 and L3 QoS tags. The packets are prioritized based on the their ● 802.1p L2 tags. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 96 (it actually hurts) when the packet loss is actually caused by congestion. Figure 22: Goodput dependency on number of hops Goodput dependency on no. of hops no. of hops Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 97: Using Wds

    WM GUI. In addition, if an AP has been configured for a rogue scan, none of its radios can be assigned to a WDS WM-AD. The Summit WM GUI does not allow the user to disable a WDS WM-AD on an AP that is operating ●...
  • Page 98 Create a WDS WM-AD for each coverage gap (it is also possible to configure a single WDS WM- ● AD for all gap fillers but it is may be less flexible in the future). Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 99: Using Wds To Extend Coverage In An Area That Does Not Have Ethernet Infrastructure

    3 Identify the channels to be used by every WDS link. Investigate alternatives to avoid overloading a single channel: Keep neighboring WDS trees on different (non-overlapping) channels. ● If you are using more than one WDS hop, try switching between radios every hop. ● Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 100 WDS – Wireless Distribution Service 4 Then do the following: Create a WDS WM-AD for each independent coverage area. ● For each WDS child, set the preferred and back-up parents. ● Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 101: Using Wds To Connect Two Ethernet Networks

    4 Then do the following: Create a WDS WM-AD for all APs involved in a bridge. ● For each WDS child set the preferred and back-up parents. ● Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 102 ● CAUTION Ensure that the WDS bridge does not create a L2 loop, i.e. that there is no connection between Ethernet ports of the APs that have the bridging WDS WM-AD enabled. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 103: Chapter 9: Ap As 802.1X Supplicant

    Use the Summit WM GUI to create and install the Credentials on the AP. You can install credentials on an AP individually or use the AP 802.1X Multi-edit page to do bulk credential installations.

  • Page 104: Transferring Credentials From The Summit Wm Controller To Ap

    2 Install a TLS certificate on the target AP. The certificate file is received from the third-party CA and is delivered from the Summit WM Controller to the AP as part of the AP configuration. When the Summit WM Controller is not used to generate the certificate signing request, the certificate file contains a private key which will be sent to the AP.

  • Page 105: Storing Credentials On The Ap

    The Summit WM Controller stores the AP’s private key and certificate for as long as is required to transfer it to the AP. Once the AP acknowledges the successful receipt of a valid key and certificate, the Summit WM Controller destroys its copies.

  • Page 106: Tls Certificate Expiration

    AP once the CA has generated a signed certificate in DER encoding (.CER). In this mode, the administrator is responsible for uploading the AP’s certificate to the AP using the Summit WM GUI. The Summit WM Controller installs the pair of certificate + private key to the AP. Figure 24 below illustrates the process of installing TLS certificates using proxy mode.

  • Page 107: Tls Server Authentication

    Otherwise, if the credentials are wrong or the AP is not configured for 802.1X, the AS blocks all traffic and the AP will be inaccessible for the Summit WM Controller or telnet. In such a case, either the AP should be connected to another non-802.1X port or the 802.1X can be turned off on the access switch for that port until the AP is connected to the Summit WM Controller and proper authentication credentials are installed.

  • Page 108: Eap-Tls Authentication

    In the case of authentication failure, the AP begins the process from the beginning by sending an EAP start message. If for any reason the AP cannot successfully complete the authentication, it will remain in this cycle. Status of the EAP-TLS authentication is displayed on the AP LEDs. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 109: Eap-Peap Authentication

    AP does not participate in .1X authentication, as long as there are valid credentials installed on the Use the Summit WM GUI’s 802.1X tab to configure individual APs. The Summit WM GUI’s 802.1X tab is available only for AP models that support .1X supplicant feature.

  • Page 110: Eap-Tls Configuration With The Summit Wm Controller As Proxy

    The AP should be connected to the Summit WM Controller in order to receive and acknowledge the configuration. If the AP is not connected, the configuration will be pushed the next time it connects to the Summit WM Controller. Configure AP...

  • Page 111: Eap-Tls Configuration With The Summit Wm Controller As Pass-Through

    Bulk Configuration provides configuration of multiple APs simultaneously. When creating a bulk CSR, the Summit WM Controller creates a collection of .csr files (one for each AP) packed in a .tar file. Each .csr file is named according to the corresponding AP serial number. The distinguished name information (country, location, etc) used in the CSR are the same for all APs selected —...

  • Page 112: Bulk Eap-Peap Configuration

    Save the configuration. The certificate status window displays the results of the configuration push ● to the AP. The AP may reject the configuration for one of the reasons described in “Transferring credentials from the Summit WM Controller to AP” on page 104. Create CRs for selected Upload .zip...

  • Page 113: Limits And Technical Data

    RSA with RC4 128 SHA ● Table 24: Encryption Symmetric encryption Crypto Alg Key Length Mode Implemented RSA_AES_128_CBC_SHA 128 bits RSA_RC4_128_SHA 128 bits RSA_RC4_128_MD5 Asymmetric encryption RSA_AES_128_CBC_SHA Max 4096 bits RSA_RC4_128_MD5 RSA_RC4_128_SHA Encryption Protocols Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 114 • RFC-3268, AES Ciphersuites for Transport Layer Security • RFC-3280, Internet X.509 Public Key Infrastructure • RFC-3546, Transport Layer Security Extensions (partially supported) • RFC-4279, Pre-Shared Key Ciphersuites for Transport Layer Security Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 115: Chapter 10: Mac Based Authentication

    The MAC-based authentication feature is designed to further control access to the network resources for the wireless clients over the Summit WM system. It is based on the authentication of the client’s MAC address using the same process as for the user’s RADIUS authentication.

  • Page 116: Roaming

    The access_accept may include the session timeout, which will be applied to the pre-authenticated session timer. It also may include the re-direction URL, which should be included in the filter definitions for the WM-AD. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 117: Assumptions/Recommendations

    The system will allow redundancy on both levels. Vendor Interoperability MAC-based authentication has been tested with the following platforms: Newbury Locale Server ● ● FreeRADIUS ● Funk Steel Belted RADIUS & Odyssesy ● Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 118 MAC Based Authentication Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 119: Chapter 11: Snmp Mibs

    ● NOTE When enabling SNMP for a Summit WM Controller, use the Publish AP as interface of controller drop-down list to enable or disable publishing the Wireless AP and their interfaces as interfaces of the Summit WM Controller. By default this option is enabled.

  • Page 120: Rfc1213

    Wireless AP and its interface occupy the next available interface number. RFC1213 This MIB is fully supported and Summit WM Controller's system related information can be obtained through this MIB. Other information such as IP addresses of interfaces, SNMP stats or IP routing are retrievable through this MIB as well.

  • Page 121: Proprietary Mibs

    IP addresses, Radius information, and DHCP. accessPoints – This group provides information about all Wireless APs and their attributes. ● mobileUnits – This group provides information about mobile units associated with the Summit WM ● Controller.
  • Page 122 SNMP MIBs Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 123: Chapter 12: Freeradius And Security

    Uncomment all auth types that are in use (files is the name of the type that uses the user file). clients.conf file This file contains definitions of RADIUS clients that are allowed to interact with the RADIUS server for AAA information. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 124: Users File

    RADIUS client address. The answer is that whatever interface the Summit WM Controller will use to send the packet to the RADIUS server. In the CLI of the Summit WM Controller use the ping <target> command to determine which interface will be used if it is not obvious. If the path to the RADIUS server changes based upon OSPF routing updates then it is best to enter all possibilities into this file.

  • Page 125: Eap.conf File

    CHAP and change the Auth. Type in the WM-AD settings under the Auth & Acct tab to use CHAP. #vocera badge example "0009EF003BAF" Auth-Type := CHAP, User-Password == "0009EF003BAF" You may also switch to MS-CHAP or MS-CHAPv2 in the Summit WM Controller and then format the user entry as follows: #vocera badge example "0009EF003BAF"...

  • Page 126: Debugging Freeradius

    The TLS section contains pointers to the server certificate file(s) provided from your Certificate Authority. With the minimal setup shown above (and the properly installed certificates) both TLS and PEAP are active. Debugging FreeRADIUS radiusd -X radtest Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 127: Chapter 13: Radius Attributes

    Funk Steel Belted RADIUS), or can be configured manually on most server products. Table 25 defines the Extreme Networks VSAs currently implemented in the Summit WM Controller, Access Points, and WM software solution, defined using the Extreme Networks Organizationally Unique Identifier (OUI):...

  • Page 128: Radius Accounting

    Account-Start Packet Table 26 lists the information elements (including VSAs) supported in a RADIUS Start message, issued by Summit WM Controller, Access Points, and WM software, with RADIUS Accounting enabled: Table 26: Information elements supported in RADIUS Start messages Attribute RAD.

  • Page 129: Termination Codes

    Extreme-AP-Name WM-AD-Name string Extreme-WM-AD-Name SSID string Extreme-SSID Termination Codes The RADIUS client (Summit WM Controller or AP) terminates the wireless device user’s session when one of the following events occur: user request ● idle timeout ● session timeout ● administrator reset ●...

  • Page 130: Supported Attributes In Radius Authentication And Radius Response Messages

    SSID WM- WM-AD CP AD CP AD CP SSID Auth Auth Auth WM-AD WM-AD (MSCHAP) (CHAP) (PAP) Attributes from Radius Server Termination-Action Login-Lat-Group Filter-ID Class Session-Timeout Login-Lat-Port (auth_state) Acct-Interim-Interval Tunnel-Private-Group_ID MS-MPPE-Recv-Key MS-MPPE-Send-Key Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 131 Y (PAP) Y (PAP) MS-CHAP-Challenge (MSCHAP) (MSCHAP) MS-CHAP-Response (MSCHAP) (MSCHAP) Framed MTU Called-Station-ID Calling-Station-ID EAP-Message Message-Authenticator VSA to Radius Server BP-Name BP-Serial WM-AD-Name SSID BSS-MAC X= No Y= Yes N= Not Applicable Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 132 RADIUS Attributes Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 133: Chapter 14: Drm - Dynamic Radio Management

    802.11b/g channels are spaced at only 5MHz apart, while non-overlapping channels should be at least 20MHz apart for OFDM PHY rates (6, 9, 12, 18, 24, 36, 48 and 54 Mbps) and 25MHz apart for CCK PHY rates (1, 2, 5.5 and Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 134: Interference From Non-Overlapping Channels

    “ghosting” on the end image. If two signal copies arrive at the receiver with the same amplitude and opposite phase, they will cancel each other. This effect is often noticeable in the short wave communications and it is called “fading”. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 135: Load Balancing

    Transmit Power Control (ATPC) is an even more powerful tool because it can adjust, on the fly, the Tx power on all Wireless APs in order to compensate for both static and dynamic RF environment changes. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 136: Automatic Channel Selection (Acs) Overview

    ACS. ACS operation ACS can be triggered by one of the following events: A new Wireless AP registers with the Summit WM Controller and the AP Default Settings channel ● is Auto.

  • Page 137: Using Acs

    For a new deployment, it is important to run ACS on all Wireless APs simultaneously in order to obtain the optimal channel arrangement. To achieve this, allow all Wireless APs to register to the Summit WM Controller. Then using the WAP Multi-edit screen, select all the Wireless APs, and select Auto from the Channel drop-down list, and then click Save.
  • Page 138 RF environment. To ensure that ACS is run on every new Wireless AP, select Auto from the Channel drop-down list on the WAP Default Settings screen, and then click Save Settings. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 139 ACS on that Wireless AP to see if the situation improves. To do so, navigate to the corresponding radio page, select Auto from the Request New Channel drop-down list, and then click Save. This triggers ACS on that particular Wireless AP and particular radio. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 140: Automatic Transmit Power Control (Atpc) Overview

    As time passes, the RF environment continues to change, so it is worth to periodically re-optimize the channel arrangement. To do so, ensure that all Wireless APs are connected to the Summit WM Controller and then, on the WAP Multi-edit screen select all the Wireless APs, select Auto from the Channel drop-down list, and then click Save.

  • Page 141: Atpc Operation

    2 From the Auto Tx Power Ctrl drop-down list, click On. 3 In the Max Tx Power drop-down list, click the maximum allowed, which is 18dBm for the default internal and external antennas. (For more information, see the Summit WM User Guide for setting Max Tx Power for other antennas.) 4 In the Min Tx Power drop-down list, click the minimum allowed, 8 dBm for 11b/g and 0dBm for 11a.
  • Page 142 This may be a sign that the Tx power must be increased on other Wireless APs or that a new Wireless AP has to be added to the network. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 143 7dB to 15dBm, thus fully compensating the attenuation introduced by the people. In the second case, the ATPC output will still increase by 7dB, but from 3dBm instead of 8dBm. Hence, both Wireless APs will operate with only 10dBm instead of 15dBm. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 144 For an existing deployment that does not use ATPC, it is recommended to enable ATPC in order to take advantage of the on-the-fly automatic adjustment and increase the network reliability. However, exercise Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 145 3 From the Auto Tx Power Ctrl drop-down list, click Enabled. 4 In the Max Tx Power drop-down list, click the maximum allowed, which is 18dBm for the default internal and external antennas. (For more information, see the Summit WM User Guide for setting Max Tx Power for other antennas.).
  • Page 146 Tx power must be decreased on other Wireless APs or that this Wireless AP may be redundant. Adjust the Min Tx Power setting to match the new Current Tx Power setting. ● Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 147: Chapter 15: Logs And Events

    Logs and Events The Summit WM Controller is designed to behave like an appliance. It is either in an operational state, or it has failed due to a hardware problem or low level packet processing issue. In general, the system will self recover by rebooting if the system fault is recoverable.
  • Page 148 [%d]. Received Message. Origin %d Destination %d Action % Status %. Received Web/CLI message. Received invalid Web/CLI message. Startup manager can't connect to component listener. Component [%d] disconnected. Component [%d] connected. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 149: Event_Server (1)

    Socket select error - 100% Internal Component Failure. If problem persists, contact CPU utilization can occur and Log system may not be Technical Support to overall system performance will working properly. investigate. be impaired. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 150 File pointer information Internal Component Failure. If problem persists, contact corrupted - File sized. Message Log system may not be Technical Support to will be dropped. working properly. Failed to log investigate. configuration change. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 151 - Error Logging. Reporting of rogue Technical Support to no:%d. Message will be devices may be affected. Only investigate. dropped. relevant if Summit WM series Spy is enabled. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 152 Payload initialization failed for Problem interpreting log If problem persists, contact message type [%d]. message. Log entry may not be Technical Support to performed. Low impact to the investigate. system. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 153 System. SNMP encode failed. Problem interpreting log If problem persists, contact message. Log entry may not be Technical Support to performed. Low impact to the investigate. system to the System. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 154 If problem persists, contact specified log type [%d]. system. Technical Support to investigate. Exported image already exists Possible problem with logging If problem persists, contact [%s]. system to the System. Technical Support to investigate. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 155: Config_Manager (2)

    Please select another default image. This alarm will repeat as long as the system is in automatic mode:%s Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 156 System is shutting down in None applied. Wireless Controller response to administration will be rebooted. operation (explicit request, software upgrade, license key, etc.…) Config succeeded. Serial Successful confirmation of AP None number:%s configuration. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 157: Stats_Server (3)

    If problem persists, contact internal connection failure. Stats Server unable to Technical Support to Retrying connection in 5 establish proper inter-process investigate. seconds. communications. May affect system status reports, user accounting and CDRs. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 158 No statistics will be functional operation. Affects Technical Support to reported for interval. ability to report Mobility investigate. domain statistics. Trace Received unexpected CIA message Received IXP_MU_STATS_BUNDLE_NOT IFY message Received IXP_RU_STATS_BUNDLE_NOT IFY message Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 159: Security_Manager (4)

    Technical Support to communicate with Apache Affects ability to provide investigate. server. internal captive portal. Could indicate problem with Apache Server instantiation. Component could be restarted to see if problem persists. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 160 If problem persists, contact tracking tag (token)%d. This Technical Support to will not impact success/failure investigate. of authentication request - it may create a memory leak if multiple tokens cannot be deleted. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 161 Error trying to close all No negative impact to system. If problem persists, contact sockets. However, they will However indicates possible Technical Support to time out on their own. issue with resource de- investigate. allocation. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 162 Technical Support to configuration is incorrect or will be applied as “Default” investigate. incomplete! rather than more specific filterID indicated through radius authentication. User network access to network may be different than administration intended. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 163 Radius Server. Reachability of RadiusServer component (Radius Client) utilizing the RadiusTest feature which communicates with the in GlobalSettings. If problem Radius Server. persists contact Technical Support to investigate. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 164 Startup/Shutdown Mgr. Processing Apache message was unsuccessful. Processing CIA message was unsuccessful. Processing Radius Client message was unsuccessful. Processing EAP message unsuccessful. Get Next Available session tracking tag (token) %d. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 165 Radius Client for session tracking tag Received Authentication failure message from Radius Client for session tracking tag (token, msgId) %d. Unknown authentication message received from Radius Client for session tracking tag Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 166 (CIA/CM) shutting down without properly closing the socket. Send MU_GET_PARAMS_REQ to MU Mgr. Error on sending MU_GET_PARAMS_REQ to MU Mgr. Received MU_GET_PARAMS response from MU Mgr. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 167 Config Policy List from Config Manager for session tracking tag (token) Closed EAP Socket %d. Closed Radius Socket %d. Closed CIA socket %d. Closed Apache socket %d. Received CIA message. Received EAP message. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 168 (token) %d. Captive portal authentication request will fail. Apache socket is zero. Cannot send a message to the Apache Server. Radius socket is zero. Cannot send a message to Radius. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 169 Send authentication success message to EAP for sessionId Send authentication failure message to EAP for sessionId Send EAP Access request message for sessionId %d Error on sending EAP Access request message for sessionId Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 170 Clear timeout flag for sessionId SessionId %d timed out Received unknown status for sessionId %d so assume failure Setup EAP entry returns failure for sessionId %d Received status failed for sessionId %d regarding getting/setting MU params Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 171: Ru_Manager (6)

    License. Verify that purchase Recommend systems support limits match on both systems. same capacity. Some AP may Contact Sales support to become unable to provide RF discuss allowance increases. service. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 172 Licensed software licence Validate License Key connect but maximum licensed reached. Additional APs may parameters. Contact Sales connections reached. not become Active therefore Support to discuss options on affecting intended coverage capacity increase. area. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 173 Active therefore affecting intended coverage affecting intended coverage area. Ensure failover capacity area. matches between the two controllers. Availability Link established Info. Availability pairing None with Peer%s. restored. Trace RU Manager TRACE: %s Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 174: Radius_Client (7)

    Radius Server. Users may be and in WM-AD definition. unable to gain proper network Verify Reachability of access. RadiusServer utilizing the RadiusTest feature in GlobalSettings. If problem persists contact Technical Support to investigate. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 175 Verify Reachability of parameters. Default parameters RadiusServer utilizing the will be used. No expected RadiusTest feature in impact to user authentication. GlobalSettings. If problem persists contact Technical Support to investigate. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 176 Radius Response: %s Radius Authentication State None WPA2 pre-authentication Radius Authentication State None success. %s. Trace Sent RADC_WM- AD_CONFIG_REQ. Received message from CM: cia_type %d, type %d. Got CP_Entry[%d]:wm- ad_id:%d,flags:%d,radius_svr_i p:%d,rad_svr_port:%d,nas_ip: %d,nas_port:%d,authtype:%d Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 177: Host_Service_Manager (8)

    Unable to initialize internal Internal operation problem. If problem persists contact program thread. Mobility May affect Mobility Domain Technical Support to Manager will halt. state. Component will be investigate. restarted automatically. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 178 Set Configuration data failed. Possible problem with If problem persists contact The Mobility Manager may be configuration of Mobility Technical Support to restarted. feature component subset. investigate. Possibly Minor impact on Inter-Controller feature. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 179 (127) stale registered mobility Mobility establishment reached. New controllers will domain elements. exhausted. Please remove stale not be allowed to join mobility identifiers from permissions domain. list on manager. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 180 Sending configuration change Mobility State management None to neighbor with IP address%s. Mobility Agent disconnected Mobility State management None from the Mobility Manager. Agent will attempt to reconnect with the Mobility Manager. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 181 My ip address is %s My ixp ip address is %s Read VN packet hdr with %s. Write VN packet hdr with %s. Read VN packet with ac_num %d, mu_num %d, and tunnel_num %d Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 182 Send CIA_IXP_MU_DEREGISTER_RE Q message Send CIA_IXP_AC_INIT message Send CIA_AC_TUNNEL_REGISTER_ REQ message Send CIA_AC_TUNNEL_DEREGISTE R_REQ message Received CIA_AC_TUNNEL_REGISTER_ RESP message Received CIA_AC_TUNNEL_DEREGISTE R_RESP message Send CIA_IXP_MU_REGISTER_PARA MS_RESP message Received CIA_IXP_MU_REGISTER_PARA MS_REQ message Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 183 CM Suppress heartbeat Unsuppress heartbeat Unable to match access controller information %d to data supplied for client. Received shutdown request directed to vnMgr. Mobility Manager slpd registration successful for IP address %s. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 184: Stack_Adapter (10)

    Process%s killed by restart CLI command. Minor FTP for%s failed. FTP operation failed. Revisit If problem persists Contact operation parameters. Technical Support for Back-up process failed investigation. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 185: Langley (13)

    Possible interruption in inter- Technical Support for from properly processing a process communication. investigation. request. Langley will continue running, however this error may be an indicator of a larger system problem. Error Details:%s Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 186: Nsm_Server (15)

    Technical Support for connection. investigation. Can not set MTU for Possible configuration If problem persists Contact interface%s. problem. May affect system Technical Support for ability to communicate investigation. properly with its network peers. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 187: Ospf_Server (17)

    Technical Support for Message will be ignored and operation, however may be investigation. processing continued. symptom of more serious condition. Info NSM started normally. Component state None Static route deleted Component state None successfully. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 188: Cdr_Collector (23)

    Technical Support for record. CDR Manager will halt. Situation should repair investigation. following component restart. However condition may be result of larger issue with memory resource utilization. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 189 Unable to add array property to Internal operation error. If problem persists Contact internal message payload [%d]. Specific CDR record may not Technical Support for Error will be ignored and be consistent. investigation. processing continued. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 190 CDR minor:%s. Unable to subscribe messages. Internal operation error. If problem persists Contact Specific CDR record may not Technical Support for be consistent. investigation. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 191 CDR record was written to file Accounting state If problem persists Contact with session id%d. Technical Support for investigation. CDR Manager started normally. Accounting sub-system state If problem persists Contact Technical Support for investigation. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 192 Y message. Received IXP_MU_STATS_NOTIFY message. Received SECMGR_MU_AUTHENTICATE D_NOTIFY message. Received IXP_MU_GET_PARAMS_RESP message. Sent IXP_MU_GET_PARAMS_REQ message Received SMT_SHUTDONW_COMPONE NT_REQ message Sent SMT_SHUTDONW_COMPONE NT_RESP message. Received ES_LOG_LVL_UPDATE_NOTIF Y message. Received and dropped an unexpected message. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 193: Rf_Data_Collector (36)

    Scan Domain). Determine if outage was caused by network path interruption. If interruption was caused by failure of INS controller, please review the log of that controller to determine appropriate action. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 194: Remote_Ins (58)

    Technical Support for system's memory resource investigation. management. Unable to initialize semaphores Internal operation error. May If problem persists Contact indicate a larger problem with Technical Support for system's memory resource investigation. management. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 195 Problem may prevent Rogue AP Technical Support for detached pthread attributes. (Summit WM series Spy) investigation. Connection cannot be setup. detection from taking place. Component may need to be restarted. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 196 Minor Internal operation issue. May If problem persists Contact run_analysis_against_specific_li result in problems with memory Technical Support for st: cleanup_memory_for_data management for the system. investigation. for AP failed. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 197 Received request from CM to Summit WM series Spy feature None delete RFDC session with ip state addr%s Connection with RFDC session Summit WM series Spy feature None with ip addr%s is up state Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 198 Summit WM series Spy feature (add/Remove of controllers from Scan Domain). Determine if outage was caused by network path interruption. If interruption was caused by failure of INS controller, please review. Trace Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 199: Llc_Handler (62)

    If problem persists Contact Cannot determine langley exist shall cause component to Technical Support for connection options. Thread will terminate and be automatically investigation. exit started by system's health monitor facility. Situation should repair itself. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 200: Radius_Accounting (64)

    If problem persists contact reporting/CDR for system Technical Support to users. Doesn't affect users investigate. state, however, it doesn't allow owner to provide proper billing for services rendered. Major Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 201: Ru_Sesmgr_Id (65)

    Administrator changed mobility credentials change. domain membership list. Mobility tunnels with Peers Inter-AC Mobility State. None reset due to membership Administrator changed mobility credentials change on current domain membership list. controller. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 202 May be result of Upgrade will take place administration specification of automatically. firmware upgrade request. %s transmission failed. Interprocess communication If problem persists Contact failure between AP and Technical Support for controller. investigation. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 203: Mu_Sesmgr_Id (66)

    Client session de-registration Administration request to user None succeeded (%s) Reason is: de-registration. Administrator request from GUI. Client session de-registration Administration/Policy request None succeeded (%s) Reason is: to user de-registration. Request from Other BM. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 204: Filter_Mgr_Id (67)

    [%d]. that some of the intended determine effectiveness of filter rules for a definition have existing definitions and not been persisted. identify set of rules to possible delete to create additional space Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 205 NACK - error [%d]. sub-system will retry Technical Support for investigation. Filter stats response returned Internal operation failure. Filter If problem persists Contact NACK - error [%d]. sub-system will retry Technical Support for investigation. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 206 FE. Filter sub-system will retry. investigation. FE delete request timer has Failure to obtain response to If problem persists Contact expired. filter provisioning operation to Technical Support for FE. Filter sub-system will retry. investigation. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 207: Redirector4 (68)

    Internal component error. If problem persists Contact Typical clients will retry Technical Support for operation. investigation. BEAST (75) Table 53: BEAST (75) logs and events Log ID Log Message Comment Action Critical Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 208 Failed to send statistics Failure to communicate with a If problem persists Contact request for AP serial specific AP for the purpose of Technical Support for number:%s. retrieving RF statistics. investigation. Request will be retried. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 209: Beaconpoint (99)

    Table 55: FILTER_MANAGER_ID (103)logs and events Log ID Log Message Comment Action Info Filter Manager configuration Notification of completion of None complete - all filter parameters pushing filtering policy to FE. have been resolved. Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 210: Redir_Id (106)

    Next hop overwrite for WM-AD If problem persists Contact (%s) is not resolved. May be Technical Support for possible result of investigation. misconfiguration. Info Next hop device is reachable Next hop resolution state. None again (%s) Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 211: Echelon (126)

    Technical Support for investigation. Major FE Link is up. FE is ready to start receiving None provisioning configuration from MP and to begin providing data services. Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 212 Logs and Events Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 213: Chapter 16: Reference Lists Of Standards

    This section provides the Internet Engineering Task Force (IETF) Request for Comments (RFCs) standards supported by Summit WM Controller, Access Points, and WM software. The Request for Comments is a series of notes about the Internet, submitted to the Internet Engineering Task Force (IETF) and designated by an RFC number, that may evolve into an Internet standard.

  • Page 214: 802.11 Standards List

    Port based network access control 802.1aa 802.1X maintenance 802.3af DTE Power via MDI (Power over Ethernet) 802.3 CSMA/CD (Ethernet) 802.3i 10Base-T 802.3u 100Base-T 802.3x Full Duplex 802.3z 1000Base-X (Gigabit Ethernet) 802.1d MAC bridges Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 215: Supported Wi-Fi Alliance Standards

    WPA - Personal ● WPA2 ● WPA2 - Enterprise ● WPA2 - Personal ● ● EAP-TLS ● EAP-TTLS/MSCHAPv2 ● PEAPv0/EAP-MSCHAPv2 ● PEAPv1/EAP-GTC ● EAP-SIM ● Optional - Quality of Service ● ● Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 216 Reference lists of standards Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 217: Glossary

    Call Detail Record Cell RF coverage area provided by Summit WM Access Point or an Access Point Command Line Interface CAPWAP Tunneling Protocol A ratio of two power levels P1 and P2 expressed on a logarithmic scale 10*log10(P1/P2) Power level P expressed as dB vs 1mW, i.e.
  • Page 218 Network Address Translation Protocol Network Operations Center RADIUS Remote Authentication Dial In User Service Radio Frequency Rest of World Radio Signal Service Location Protocol Simple Network Management Protocol SNMP Signal-to-Noise Ratio SSID Service Set Identifier Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 219 Usually a laptop or other device that requires authentication or has to access supplicant service from a network point of attachment Transmit or Transmission Wireless ISP WISP WLAN Wireless Local Area Network WM-AD WM Access Domain Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 220 Glossary Summit WM Technical Reference Guide, Software Version 5.1...

  • Page 221: Index

    ATPC - Automatic Transit Power Control, 140 FreeRADIUS, 123 existing deployment, 144 new deployment, 141 operation, 141 group policy, 63 guide, about this, 9 certificate infrastructure, 33 certification path, 33 codes, LED states and seven segment display, 67 Summit WM Technical Reference Guide, Software Version 5.1...
  • Page 222 42 Windows security infrastructure, 31 RFC list, 213 wireless access points, 60 RFC1213, 120 wireless deployment, 32 roaming, 116 wireless remote access policy, 41 rogue systems, 30 WPA, 59 WPA2, 59 Summit WM Technical Reference Guide, Software Version 5.1...

Table of Contents