Table of Contents
Advertisement
Chapter 6 Deployment Examples (CLI)
Step 4
Configure wireless clients
Define the "employee" SSID on all the wireless clients in wireless network-2 and -3. Specify WPA-PSK for network
authentication, AES or TKIP for data encryption, and the preshared key N38bu7Adr0n3.
The setup of hive1 is complete. Wireless clients can now associate with the HiveAPs using SSID "employee" and
access the network. The HiveAPs communicate with each other to share client associations (to support fast roaming)
and routing data (to select optimal data paths).
E
3: U
XAMPLE
SING
In this example, you use a Microsoft AD (Active Directory) server and a RADIUS server to authenticate wireless
network users. To accomplish this, you make the following modifications to the hive set up in
•
Configure settings for the RADIUS server on the HiveAPs
•
Change the SSID parameters on the HiveAPs and wireless clients to use IEEE 802.1X
The basic network design is shown in
Figure 3 Hive and 802.1X Authentication
Wireless Network-1
Wireless Network-2
Wired Hive Backhaul Communications
Wireless Hive Backhaul Communications
Wireless Network Access Connections
Wired Ethernet Network Connections
78
IEEE 802.1X A
Figure
3.
Hive1
HiveAP-1
HiveAP-2
The HiveAPs receive PEAP (Protected EAP) authentication requests
from clients and forward them inside RADIUS authentication packets
to the RADIUS server at 10.1.1.10. The RADIUS server is in turn
linked to the database of the Active Directory server on which all the
user accounts have previously been created and stored.
UTHENTICATION
Internet
Firewall
Switch
DHCP
Server
HiveAP-3
"Deploying a
Hive":
RADIUS Server
10.1.1.10
Active Directory
Server
Wireless Network-3
Aerohive
Advertisement
Table of Contents
