Summary of Contents for Dell PowerConnect W-IAP3WN
Page 1
Dell PowerConnect W-Series nstant Access Point 6.1.3.4-3.1. User Guide...
Page 2
, the ® registered Aruba the Mobile Edge Company logo, and Aruba Mobility Management System . Dell™, the DELL™ logo, and PowerConnect™ are trademarks of Dell Inc. All rights reserved. Specifications in this manual are subject to change without notice.
Page 4
Image management using Cloud Server ..............89 Image management using Dell PowerConnect W-AirWave ........89 Automatic Firmware Image Check and Upgrade..............89 Upgrading to New Version...................... 90 4 | Contents Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 5
Configuring External Captive Portal Authentication when Adding a Guest Network Configuring External Captive Portal Authentication when Editing a Guest Network External Captive Portal Authentication using Dell PowerConnect W-ClearPass Guest- Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Contents | 5...
Page 6
Connect ............................ 126 Creating a Web Login page in the Dell PowerConnect W-ClearPass GuestConnect Configuring the RADIUS Server in Instant ..............126 MAC Authentication........................127 Configuring MAC Authentication..................127 Walled Garden Access........................128 Creating a Walled Garden Access ..................128 Wired Authentication on an IAP ....................
Page 7
Dell PowerConnect W-AirWave Integration and Management ......189 Dell PowerConnect W-AirWave Features ................. 189 Image Management....................... 189 IAP and Client Monitoring..................... 189 Template-based Configuration..................... 190 Trending Reports ........................190 Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Contents | 7...
Page 8
Intrusion Detection System ....................190 Wireless Intrusion Detection System (WIDS) Event Reporting to Dell PowerConnect W- AirWave ........................... 190 RF Visualization Support for Dell Instant ................191 Configuring Dell PowerConnect W-AirWave ................191 Creating your Organization String ..................191 About Shared Key........................192 Entering the Organization String and AMP Information into the IAP ....
Page 9
Whitelist DB Configuration if the Controller is acting as the Whitelist Entry ....241 VPN Local Pool Configuration ....................242 IAP VPN Profile Configuration....................242 Appendix B Abbreviations ........................245 Abbreviations ..........................245 Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Contents | 9...
Page 10
10 | Contents Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Dell Instant consists of an Instant Access Point (IAP) and a Virtual Controller (VC). The Virtual Controller resides within one of the access points. In a Dell Instant deployment only the first IAP needs to be configured. After the first IAP is deployed, the subsequent IAPs will inherit all the required information from the Virtual Controller.
CAUTION: Indicates a risk of damage to your hardware or loss of data. WARNING: Indicates a risk of personal injury or death. Contacting Support Website Support Main Website dell.com Support Website support.dell.com Dell Documentation support.dell.com/manuals 12 | About this Guide Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
This chapter provides information that is required to setup Dell PowerConnect W-Series Instant Access Point and access the Instant User Interface. Initial Setup This section provides a pre-installation checklist and describes the initial procedures required to set up Dell Instant. Pre-Installation Checklist Before installing the Instant Access Point (IAP), make sure that you have the following: Ethernet cable of required length to connect the IAP to the home router.
4. In the Mac operating system, click the AirPort icon. A list of available Wi-Fi networks is displayed. 5. Click on the instant network. NOTE: While connecting to the provisioning Wi-Fi network, ensure that the client is not connected to any wired network. 14 | Initial Configuration Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
5. In the apboot mode, use the following commands to disable the provisioning network: apboot> factory_reset apboot> setenv disable_prov_ssid 1 apboot> saveenv apboot> reset Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Initial Configuration | 15...
Login into Instant User Interface Launch a web browser and navigate to instant.dell-pcw.com (or any URL or web address). In the login screen, enter the following credentials: Username— admin Password— admin Figure 3 Instant User Interface Login Screen When you use a provisioning Wi-Fi network to connect to the internet, all browser requests are directed to the Instant user interface.
NOTE: Moving an IAP from one cluster to another requires a factory reset of the IAP that is being moved. Chapter 5, “Managing IAPs” on page 71 for more information. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Initial Configuration | 17...
Page 18
18 | Initial Configuration Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
The Instant UI consists of the following elements: Banner Search Tabs Links Views These elements are explained in the following sections. Figure 5 Instant UI Interface Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Instant User Interface | 19...
Each tab is explained in the following sections. Networks Tab This tab displays a list of Wi-Fi networks that are configured in the Dell Instant network. The network names appear as links. The expanded view displays the following information about each Wi-Fi network: Name—...
Access Points Tab If the Auto Join Mode feature is enabled, a list of enabled and active IAPs in the Dell Instant network is displayed in the Access Points tab. The IAP names are displayed as links. If the Auto Join Mode feature is disabled, a New link appears. Click on this link to add a new IAP to the network.
This link appears in the top right corner of Instant UI only if a new image version is available on the image server and Dell PowerConnect W-AirWave is not configured. For more information about the New version available link and its functions, see “Firmware Image Server in Cloud Network”...
RTLS— View or edit the RTLS server settings. Dell RTLS— Enable this to integrate with Dell PowerConnect W-AirWave Management platform, Ekahau Real Time Location Server and Nearbuy Real Time Location Server. Specify the IP address and port number of the server to which location reports are sent, a shared secret key, and the frequency at which packets are sent to the server.
Page 24
OpenDNS— Instant supports OpenDNS business solutions which requires an OpenDNS (opendns.com) account comprising a username and a password. These credentials will be used by Instant to access OpenDNS to provide enterprise-level content filtering. 24 | Instant User Interface Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 25
L3 Mobility— View or configure the Layer-3 mobility settings. See “Layer-3 Mobility” on page 93 for more information. This link displays the configuration parameters Adaptive Radio Management (ARM) and Radio features. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Instant User Interface | 25...
Authentication Servers— Use this window to configure an external RADIUS server for a wireless network. See “Configuring an External RADIUS Server” on page 110 for more information. 26 | Instant User Interface Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Figure 14 Use this window to define how to communicate with the remote controller. See Chapter 27, “VPN Configuration” on page 227 for more information. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Instant User Interface | 27...
This link displays the Maintenance window. The Maintenance window allows you to maintain the Wi-Fi network. It consists of the following tabs: About— Displays the Build Time, IAP model name, Dell Instant OS version, Web address of Dell and ...
Page 29
For more information, see “Rebooting the IAP” on page 87. Convert — Provides an option to change the network from a Virtual Controller managed network to a Dell Mobility Controller managed network. For more information, see “Migrating to a Mobility Controller Managed Network”...
4. Click Run. NOTE: Use the support commands under the supervision of Dell technical support. You can view the following information for each access point in the Dell Instant network using the support window: AP Access Rule Table— Displays all the ACL rules of the selected IAP.
Page 31
VC About— Displays some info of the selected IAP, including AP type, build time of image, image version. VC Allowed AP Table— Displays allowed AP enable/disable status and allowed AP list of the selected IAP. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Instant User Interface | 31...
Page 32
IDS AP Table— Displays the Monitored IAP Table, which lists all the IAPs monitored by the selected IAP. ARM Bandwidth Management— Displays bandwidth management information for the selected IAP. 32 | Instant User Interface Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Use this link to logout of the Instant UI. Monitoring This link displays the Monitoring pane. This pane can be used to monitor the Dell Instant network. Use the down arrow located to the right side of these links to compress or expand the monitoring pane. The monitoring...
Page 34
Signal— Displays the signal strength of the client. Depending on the signal strength of the client, the color of the lines on the Signal bar changes from Green > Orange > Red. Green— Signal strength is more than 20 decibels. 34 | Instant User Interface Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 35
Virtual Controller in the last 15 minutes. In the Network or IAP view, this graph displays the incoming and outgoing throughput traffic for the selected network or IAP in the last 15 minutes. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Instant User Interface | 35...
This graph shows channel utilization information such as, channel quality, availability and utilization metrics as seen by a spectrum monitor for the 2.4 GHz radio band. The data displayed includes percentage of Quality, Availability, Wi-Fi utilization, and Interference utilization. 36 | Instant User Interface Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 37
IAPs display data from the one channel they are monitoring. Figure 28 Channel Details Information For more information on spectrum monitoring, see “Spectrum Monitor” on page 97. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Instant User Interface | 37...
Access Points— Displays the IP address of the IAP to which the client is connected. Details— Provides complete details of the alert. 38 | Instant User Interface Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 39
These alerts occur in the event of a system fault. An Active Fault consists of the following fields: Time— Displays the system time when an event occurs. Number— Indicates the number of sequence. Description— Displays the event details. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Instant User Interface | 39...
Where— Provides information about the IAP that detected the foreign client. Click the pushpin icon to view the information. For more information on the intrusion detection feature, see Chapter 18, “Intrusion Detection System” 40 | Instant User Interface Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Instant UI. In addition, this link is also located at the bottom left corner of the Instant UI. A default language is selected based on the language preferences in the client desktop operating system or browser. If Dell Instant cannot detect the language, then English (En) is used as the default language.
Client view— The Client view provides information that is necessary to monitor a selected client. In the Client view, all the clients in the Dell Instant network are listed in the Clients tab. Click the IP address of the client that you want to monitor. Client view for that client appears.
Employee Network An Employee network is a classic Wi-Fi network. This network type is supported with full customization on Dell Instant. It is used by the employees in the organization. Passphrase based or 802.1X based authentication methods are supported on this network type. Employees can access the protected data of an enterprise through the employee network after successful authentication.
The default values are 1 mbps for 2.4GHz and 6 mbps for 5.0GHz bands. Multicast traffic can be sent at up to 24 mbps when this option is enabled. This option is disabled by default. 44 | Wireless Network Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 45
Transmit Rates— Indicates the ability to configure the basic and supported rates per SSID for Dell Instant. Select to set the minimum and maximum legacy (non-802.11n) transmit rates for each band —...
Page 46
7. Set the appropriate security levels using the slider in the Security tab. The default level is Personal. The available options are Enterprise, Personal, and Open which are described in the following tables. Figure 38 Employee Security Tab— Enterprise 46 | Wireless Network Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 47
Blacklisting tab of the PEF window. 7. Click Upload Certificate and browse to upload a certificate file for the internal server. See “Certificates” on page 129 for more information. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Wireless Network | 47...
Page 48
Blacklisting tab of the PEF window. 10. Click Upload Certificate and browse to upload a certificate file for the internal server. See “Certificates” on page 129 for more information. 48 | Wireless Network Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 49
235. 7. Click Upload Certificate and browse to upload a certificate file for the internal server. See “Certificates” on page 129 for more information. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Wireless Network | 49...
Page 50
“Creating a New User Role” on page 137 for more information. 3. Unrestricted— Select this to set no restrictions on access based on destination or type of traffic. 50 | Wireless Network Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Voice Network Use the Voice network type when you want devices that provide only voice services like handsets or only applications that require voice-like prioritization need connectivity. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Wireless Network | 51...
Dynamic multicast optimization— When Enabled, the IAP converts multicast streams into unicast streams over the wireless link. DMO enhances the quality and reliability of streaming video, while preserving the bandwidth available to non-video clients. 52 | Wireless Network Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 53
Transmit Rates— Indicates the ability to configure the basic and supported rates per SSID for Dell Instant. Select to set the minimum and maximum legacy (non-802.11n) transmit rates for each band —...
Page 55
10. NOTE: Navigate to PEF > Blacklisting in the WebUI to specify the duration of the blacklisting on the Blacklisting tab of the PEF window. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Wireless Network | 55...
Page 56
User” on page 235. 10. Click Upload Certificate and browse to upload a certificate file for the internal server. See “Certificates” on page 129 for more information. 56 | Wireless Network Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 57
“Creating a New User Role” on page 137 for more information. Unrestricted— Select this to set no restrictions on access based on destination or type of traffic. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Wireless Network | 57...
Typically, a guest network is an un- encrypted network. However, you can specify encryption settings in the Security tab (see step 5 of the following procedure). 58 | Wireless Network Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Dynamic multicast optimization— When Enabled, the IAP converts multicast streams into unicast streams over the wireless link. DMO enhances the quality and reliability of streaming video, while preserving the bandwidth available to non-video clients. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Wireless Network | 59...
Page 60
DTIM value for power saving. c. Transmit Rates— Indicates the ability to configure the basic and supported rates per SSID for Dell Instant. Select to set the minimum and maximum legacy (non-802.11n) transmit rates for each band - 2.4GHz and 5GHz.
Page 61
2. Passphrase format— Specify either an alphanumeric or a hexadecimal string. Ensure that the hexadecimal string must be exactly 64 digits in length. 3. Passphrase— Enter a pre-shared key (PSK) passphrase. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Wireless Network | 61...
Page 62
For more information, see “Walled Garden Access” on page 128. None Select this option if you do not want to set the captive portal authentication. 62 | Wireless Network Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 63
Passphrase format — Specify either an alphanumeric or a hexadecimal string. Ensure that the hexadecimal string must be exactly 64 digits in length. c. Passphrase — Enter a pre-shared key (PSK) passphrase. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Wireless Network | 63...
Page 64
“Creating a New User Role” on page 137 for more information. Unrestricted— Select this to set no restrictions on access based on destination or type of traffic. 64 | Wireless Network Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
By default, you can create up to six networks or WLANs. You can enable the Extended SSID option and create up to 16 WLANs. W-IAP175, W-IAP104, and W-IAP105 devices support up to 8 SSIDs and W-IAP3WN, W- Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Wireless Network | 65...
5. Reboot the AP for the changes to take effect. After you enable the option and reboot, the Wi-Fi link and mesh are disabled automatically. Figure 49 Enabling Extended SSID 66 | Wireless Network Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Mesh Instant Access Points A Dell Instant mesh network requires at least one valid uplink (wired or 3G) connection. The IAP with the valid uplink connection is the mesh portal. The mesh portal may also act as a Virtual Controller. The unwired IAPs are mesh points.
Instant Mesh Setup Instant mesh can be provisioned in two ways — Over-the-air provisioning and over-the-wire provisioning. Over- the-air provisioning is available when only one Dell Instant mesh network is being advertised and it does not work for ROW version of IAPs.
Page 69
Mesh Points from the switch and place the IAPs at the desired location. The IAPs with valid uplink connections are the mesh portal. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Mesh Network | 69...
Page 70
NOTE: The IAP mesh point will get an IP address from the same DHCP pool as the portal, and this DHCP request goes through the portal. 70 | Mesh Network Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
This chapter describes the Preferred band, Auto join mode, Terminal Access, LED display, and Syslog server features in Dell Instant. In addition, the chapter provides procedures for adding and removing IAPs, editing the IAP settings, and upgrading the firmware on the IAP using the Instant UI.
Disabling Auto Join Mode 3. Click OK. Terminal Access To enable or disable the telnet access to the IAP's CLI, navigate to Settings > Advanced > Terminal access. 72 | Managing IAPs Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
LED Display to enable or disable the LEDs. When Disabled, all the LEDs are turned off. Use this option in environments where LEDs can be a distraction. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Managing IAPs | 73...
NOTE: The LED display is always in Enabled mode while rebooting the IAP. TFTP Dump Server Enter the IP address of a TFTP server to store core dump files. 74 | Managing IAPs Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
You can increase the number of SSIDs or networks that can be created by enabling the extended SSID option. To enable this feature, navigate to Settings > General and click Show advanced options in the Instant UI. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Managing IAPs | 75...
Deny local routing— This feature allows you to deny local routing traffic between clients which are connected to the same IAP or are on the same Instant network. 76 | Managing IAPs Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
To enable or disable the telnet access to the IAP's CLI, go to Settings > Advanced > Terminal access. Figure 60 Terminal Access NOTE: Instant does not support configuration using CLI. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Managing IAPs | 77...
Syslog Server Syslog Facility Levels Dell Instant supports facility-based logging levels. Syslog Facility is an information field associated with a syslog message. It is an application or operating system component that generates a log message. The following seven facilities are supported by Syslog: AP-Debug—...
Messages of general interest to system users. Debug Messages containing information useful for debugging. Adding an IAP to the Network To add an IAP to the Dell Instant network, assign an IP address. For more information, see “Assigning an IP Address to the IAP” on page 14.
1. In the Access Points tab, click the IAP for which you want to change the IP address. The edit link appears. 2. Click the edit link. The Edit AP window appears. 80 | Managing IAPs Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
4. Click OK and reboot the IAP. Configuring Adaptive Radio Management Adaptive Radio Management (ARM) is enabled in Dell Instant by default. However, if ARM is disabled, perform the following steps to enable it. 1. In the Access Points tab, click the IAP for which you want to configure ARM.
2. Click the edit link. An Edit AP window appears. 3. In the Edit AP window, select the Uplink tab. 4. Select Enable from the Eth0 Bridging drop box. 5. Click OK. 82 | Managing IAPs Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
The IAP then reboots and comes up as a RAP. The IAP then establishes an IPSEC connection with the controller and begins operating in RAP mode. If an IAP entry for the AP is present in the firmware image cloud server, the IAP gets Dell PowerConnect W- ...
Page 84
If there is no response from the cloud server or Dell PowerConnect W-AirWave, the IAP comes up in Dell Instant mode. NOTE: A description of the firmware image cloud server can be found in the section named Firmware Image Server in Cloud Network, within this chapter.
Page 85
NOTE: Ensure the Mobility Controller IP Address is reachable by the IAPs. 5. Click Convert Now to complete the conversion. Figure 72 Confirm Access Point Conversion 6. The IAP will reboot and begin operating in RAP mode. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Managing IAPs | 85...
NOTE: In order for the RAP conversion to work, ensure that you configure the Instant AP in the controller white-list and enable the FTP service on the controller. NOTE: If the VPN setup fails and an error message pops up, please click OK, copy the error logs and share them with your Dell support engineer.
The IAP will then boot with the factory default settings. NOTE: W-IAP92, W-IAP93, W-IAP104, W-IAP105, W-IAP134, W-IAP135, W-IAP3WN, W-IAP3WNP — These IAP platforms support reset button. W-IAP175P and W-IAP175AC do not have reset buttons. Please contact Dell support for the factory reset process on these IAPs.
Page 88
Unable to contact Access Points after reboot was initiated message appears. Figure 78 Reboot Successful 7. Click OK to close the window and re-login to the system. 88 | Managing IAPs Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
When new IAPs joining the network need to synchronize its software with that of the virtual controller, and the new IAP is of a different class, the image file for the new IAP will be provided by Dell PowerConnect W- AirWave.
Upgrading to New Version To manually check for a new firmware image version: Manual 1. Navigate to Maintenance > Firmware to select and manually upgrade the image file. 90 | Managing IAPs Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 91
The following examples describe the image file format for two different classes of IAPs: TFTP: URL for W-IAP134/135: tftp://10.64.147.8/DellInstant_Cassiopeia_6.1.3.4-3.1.0.0_xxxx URL for W-IAP105/92/93: tftp://10.64.147.8/DellInstant_Orion_6.1.3.4-3.1.0.0_xxxx FTP: ftp://10.64.147.8/DellInstant_Cassiopeia_6.1.3.4-3.1.0.0_xxxx Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Managing IAPs | 91...
Automatic 1. Click Check for New Version to automatically check for images on the Dell image server in the cloud. The field is replaced with the Image Check in Progress message. After the image check is completed, one of the following messages will appear: No new version available—...
Overview Dell Instant layer-3 mobility solution defines a Mobility Domain as a set of Instant networks, with same WLAN access parameters, across which client roaming is supported. The Instant network to which the client first connects is called its home network. When the client roams to a foreign network, an AP in the home network (home AP) anchors all traffic to or from this client.
Enter the client subnet in the IP address text box. b. Enter the mask in the Subnet mask text box. c. Enter the VLAN ID in the home network in the VLAN ID text box. 94 | Layer-3 Mobility Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 95
Enter the home VC IP address for this subnet in the Virtual Controller IP text box. Figure 85 Add Subnets Information 6. Click OK. Figure 86 Example Layer-3 Configuration Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Layer-3 Mobility | 95...
2. Click the Show advanced options link and then click L3 Mobility. 3. Select Enabled from the Home agent load balancing drop-down list. Figure 87 Home Agent Load Balancing Enabled 96 | Layer-3 Mobility Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
You can convert all IAPs in an Instant network into a hybrid IAPs by selecting the Background spectrum monitoring option in the Dell Instant network’s 802.11a and 802.11g radio profiles. APs in Access Mode continue to provide normal access service to clients, while providing the additional function of monitoring RF interference.
3. Click the Radio tab. 4. From the Access Mode drop-down list, select Spectrum Monitor. 5. Click OK. 6. Reboot the IAP for the changes to take effect. 98 | Spectrum Monitor Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 99
For the 5 GHz radio, specify the spectrum band you want that radio to monitor by selecting Lower, Middle, or Higher from the Standalone spectrum band drop-down list. d. Click OK. Figure 90 Monitor Middle Band for 5 GHz Radio Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Spectrum Monitor | 99...
Spectrum monitors and hybrid APs assign a unique spectrum ID per device type. Cfreq Center frequency of the signal sent from the device. Bandwidth Channel bandwidth used by the device. 100 | Spectrum Monitor Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Some industrial, healthcare or manufacturing environments may also have other equipment that behave like a microwave and may also be classified as a Microwave device. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Spectrum Monitor | 101...
The percentage of the channel currently being used by Wi-Fi devices. Interference Util (%) The percentage of the channel currently being used by non-Wi-Fi interference + Wi-Fi ACI (Adjacent Channel Interference) 102 | Spectrum Monitor Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
ID, device type, IP address of the spectrum monitor or hybrid AP, and the timestamp. Virtual Controller reports the detailed device information to AMP. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Spectrum Monitor | 103...
Page 104
104 | Spectrum Monitor Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Network Time Protocol (NTP) is required to obtain the precise time from a server and to regulate the local time in each network element. If NTP server is not configured in the Dell Instant network, an IAP reboot may lead to variation in time and data.
Page 106
106 | NTP Server Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Virtual Controller IP Address You can specify a single static IP address that can be used to manage a multi-AP Dell Instant network. This IP address is automatically provisioned on a shadow interface on the IAP that takes the role of a Virtual Controller.
(or prefix) is the common part of the address range, the mask (suffix) specifies how long the variable part of the address range is. Figure 96 Configuring the DHCP Server 9. Click Ok to apply the changes. 108 | Virtual Controller Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
NOTE: A NAS acts as a gateway to guard access to a protected resource. A client connecting to the wireless network first connects to the NAS. The Dell Instant network supports internal RADIUS server and external RADIUS server for 802.1x authentication.
LEAP— Lightweight Extensible Authentication Protocol (LEAP) uses dynamic WEP keys for authentication between the client and authentication server. NOTE: Dell does not recommend to use the LEAP authentication method because it does not provide any resistance to network attacks. External RADIUS Server In the external RADIUS server, the IP address of the Virtual Controller is configured as the NAS IP address.
Page 111
Key Attribute— Indicates the attribute that should be used as a key in search for the LDAP server. For Active Directory, the value is sAMAccountName. Timeout— Enter a value between 1 and 30 seconds. The default value is 5. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Authentication | 111...
IP Address of the Virtual Controller for communication with external RADIUS servers. You must set the Virtual Controller IP address as a NAS client in the RADIUS server if Dynamic RADIUS Proxy is enabled. 112 | Authentication Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Captive Portal Dell Instant network supports captive portal authentication method for a Guest network type. In this method, a web page is displayed to a guest user who tries to access the internet. The user has to authenticate or accept 116 | Authentication Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Internal — Acknowledged c. External — RADIUS Server d. External— Authentication text e. None “Guest Network” on page 58 for more information on the splash page type options. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Authentication | 117...
12. Click Next and click Finish. Configuring Internal Captive Portal Authentication when Editing a Guest Network To configure internal captive portal authentication when editing a guest network, perform the following steps: 118 | Authentication Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
6. Select an external RADIUS server from the Authentication server drop-down list to authenticate user credentials at run time. If there is no external RADIUS server in the drop-down list, click New to add a Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Authentication | 119...
3. To change the policy text, click the second square in the splash page, type the required text in the Policy text box, and click OK. The policy text should not exceed 255 characters. 120 | Authentication Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
2. Click the edit link. The Edit window for the network appears. 3. Navigate to Security tab and select None from the Splash page type drop-down list. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Authentication | 121...
4. Click Next and then click Finish. External Captive Portal Dell Instant supports external captive portal authentication. The external portal can be on the cloud or on a server outside the enterprise network. Configuring External Captive Portal Authentication when Adding a Guest Network To configure external captive portal authentication when adding a guest network, perform the following steps: 1.
Page 123
9. Max authentication failures— Users who fail to authenticate the number of times specified here will be dynamically blacklisted. The maximum value for this entry is 10. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Authentication | 123...
Port: Enter the number of the port to be used for communicating with the external splash page server. d. Auth text: Enter the authentication text. This indicates the text string returned by the external server after a successful authentication. 124 | Authentication Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 125
URL: Enter the URL for the external splash page server. c. Port: Enter the number of the port to be used for communicating with the external splash page server. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Authentication | 125...
5. Click Next to continue. 6. In the Security tab, select External- RADIUS Server and update the following fields. a. Enter the IP address of the Dell PowerConnect W-ClearPass GuestConnect server in the IP or hostname field. The IP address is 10.65.77.245.
MAC authentication can be used alone, but typically it is combined with other forms of authentication, such as WEP authentication. Because MAC addresses are easily observed during transmission and easily changed on the client, this form of authentication should be considered nothing more than a minor hurdle. Dell recommends against the use of MAC-based authentication.
3. To deny users access to a domain, click New and enter the domain name or URL in the Blacklist section of the window. This prevents unauthenticated users from viewing specific websites. When a URL specified in 128 | Authentication Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Upload New Certificate to directly upload the certificate. Refer Loading Certificates using Instant WebUI for further instructions. 2. Dell PowrConnect W-AirWave: Navigate to Device Setup > Certificate and then click Add New Certificate. Refer Loading Certificates using Dell PowrConnect W-AirWave for further instructions.
5. If you have selected Server certificate type, then enter a passphrase in Passphrase and reconfirm. The default password is whatever. 6. Click Browse and select the appropriate certificate file, and click Upload Certificate.The Certificate Successfully Installed window appears. 130 | Authentication Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Loading Certificates using Dell PowrConnect W-AirWave You can now manage Instant AP certificates using the Dell PowrConnect W-AirWave Management server (AMP). The AMP directly provision the certificates for basic certificate verification (i.e certificate type, format, version, serial number etc) before accepting the certificate and uploading to an IAP network. The AMP packages the text of the certificate into an HTTPS message and sends it to the Virtual Controller of the IAP network.
Page 132
Organization name in the Instant Web UI. Refer to Entering the Organization String and AMP Information into the IAP for further information. Figure 115 Selecting the Group 132 | Authentication Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 133
Figure 116 Virtual Controller Certificate 6. Click Save to apply the changes only to Dell PowrConnect W-AirWave. Click Save and Apply to apply the changes to the Instant AP. NOTE: To unselect the certificate options, click Revert.
Page 134
134 | Authentication Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Encryption Types Supported in Dell Instant Encryption is the process of converting data into an undecipherable format or code when it is transmitted on a network. Encryption prevents unauthorized use of the data. The following encryption types are supported in Dell Instant: Though WEP is an authentication method, it is also an encryption algorithm where all users typically share the same key.
Voice Network or Handheld devices 802.1X or PSK as supported by the device AES if possible, TKIP or WEP if necessary (combine with restricted policy enforcement firewall (PEF) user role). 136 | Encryption Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Chapter 12 Role Derivation Every client in a Dell Instant network is associated with a user role, which determines the client’s network privileges, how often it must re-authenticate, and which bandwidth contracts are applicable. This chapter describes creating and assigning roles using the Instant UI.
To create role assignment rules for the user role: 1. Click New in the Role Assignment Rules section of the window. The default user role is the newly created user role. 138 | Role Derivation Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
IAP assigns Apple iOS devices to the role that you choose. Table 21 Validated DHCP Fingerprint Device DHCP Option DHCP Fingerprint Apple iOS Option 55 370103060F77FC Android Option 60 3C64686370636420342E302E3135 Blackberry Option 60 3C426C61636B4265727279 Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Role Derivation | 139...
NOTE: When creating more than one role assignment rule based on RADIUS attributes, a DHCP option, and 802.1Xauthentication- type, the first matching rule in the rule list is applied. 140 | Role Derivation Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Vendor Specific Attributes (VSA) When an external radius server is used, the user VLAN can be derived from the Dell-User-Vlan VSA.The VSA is then carried in Access-Accept packet from the radius server. The IAP can analyze the return message and get the value as VLAN to assign the user.
2. Select the VLAN tab and check the Dynamic radio button under the client VLAN assignment. 3. Click the New button to assign the user to a VLAN. The New VLAN Assignment Rule window appears. 142 | User VLAN Derivation Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
5. Click the New button under the Access rules. 6. Select the Rule type as VLAN assignment. 7. Enter the ID of the VLAN in the VLAN id textbox. 8. Click OK. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide User VLAN Derivation | 143...
Page 144
8. Enter the string to match in the String textbox. 9. Select the role to be assigned from the Role textbox. 10. Click OK. Figure 125 To Use a Defined User VLAN Role 144 | User VLAN Derivation Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
2. Select the VLAN tab and check the static radio button under the client VLAN assignment. 3. Enter the ID of the VLAN in the VLAN ID textbox. 4. Click OK. Figure 126 Configuring VLAN Derivation Rules Using SSID Profile Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide User VLAN Derivation | 145...
Page 146
146 | User VLAN Derivation Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Dell Instant implements a Instant Firewall feature that uses a simplified firewall policy language. An administrator can define the firewall policies on an SSID or wireless LAN such as the Guest network or an Employee network.
H.323-User Datagram Protocol http-proxy2 Hypertext Transfer Protocol-proxy2 http-proxy3 Hypertext Transfer Protocol-proxy3 http Hypertext Transfer Protocol https Hypertext Transfer Protocol Secure icmp Internet Control Message Protocol 148 | Instant Firewall Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Instant UI. You can allow or deny access to any or all of these destinations depending on your requirements. Table 23 Destination Options Destination Description To all destinations Access is allowed or denied to all destinations. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Instant Firewall | 149...
Select to a network from the Destination drop-down list. Enter appropriate IP address in the IP text box. Enter appropriate netmask in the Netmask text box. 150 | Instant Firewall Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Select to a particular server from the Destination drop-down list and enter appropriate IP address in the IP text box. e. Click OK. 6. Click Finish. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Instant Firewall | 151...
Select except to a particular server from the Destination drop-down list and enter appropriate IP address in the IP text box. e. Click OK. 6. Click Finish. 152 | Instant Firewall Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Enter the appropriate IP address in the IP text box. Enter the appropriate netmask in the Netmask text box. e. Click OK. 6. Click Finish. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Instant Firewall | 153...
Page 154
Figure 131 Defining Rule — Deny bootp Service Except to a Network 154 | Instant Firewall Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Content Filtering is based on per SSID, and up to four domain names can be configured manually. When enabled, all DNS requests to non-corporate domains on this wireless network are sent to the OpenDNS server. NOTE: Regardless of whether content filtering is disabled or enabled, instant.dell-pcw.com is always resolved internally on Instant.
The content filtering configuration applies to all the IAPs in the Dell Instant network and the service is enabled or disabled globally across all the wireless networks that are configured in the Dell Instant. Enterprise Domains The Enterprise Domain Names displays all the DNS domain names that are valid on the enterprise network. This list is used to determine how client DNS requests should be routed.
OS Fingerprinting The OS Fingerprinting feature gathers information about the client that is connected to the Dell Instant network to find the operating system that the client is running on. The following is a list of advantages of this feature: Identifying rogue clients—...
Page 158
158 | OS Fingerprinting Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
ARM Features This section describes ARM features that are available in Dell Instant. Channel or Power Assignment This feature automatically assigns channel and power settings for all the IAPs in the network according to changes in the RF environment.
IAP. Here, the administrator can configure the ARM channels in the channel width window. The valid channels automatically show in the static channel assignment window. 160 | Adaptive Radio Management Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
IAP RF environment. Each IAP gathers other metrics on their ARM-assigned channel to provide a snapshot of the current RF health state. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Adaptive Radio Management | 161...
Configuring Administrator Assigned Radio Settings for IAP Adaptive Radio Management (ARM) is enabled on Dell Instant by default. It automatically assigns appropriate channel and power settings for the IAPs. To manually configure radio settings: 1. In the Access Points tab, click the AP for which you want to enable ARM. The edit link appears.
Configuring Radio Profiles in Instant Dell Instant supports radio profile configuration. The radio settings are available for both the 2.4-GHz and the 5- GHz radio profiles. You can configure the radios separately, using the parameters described in table on each radio.
Page 164
NOTE: Reboot the IAP after configuring the radio profile settings in order for the changes to take effect. 164 | Adaptive Radio Management Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Rogue AP Detection and Classification The most important IDS functionality offered in the Dell Instant network is the ability to detect rogue APs, interfering APs, and other devices that can potentially disrupt network operations. An AP is considered to be a rogue AP if it is both unauthorized and plugged into the wired side of the network.
Page 166
Medium Detect Adhoc networks using VALID SSID— Valid SSID list will be auto-configured based on Instant AP configuration Detect Malformed Frame— Large Duration 166 | Intrusion Detection System Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 167
Detect EAP Rate Anomaly Detect Rate Anomaly Detect Chop Chop Attack Detect TKIP Replay Attack IDS Signature— Air Jack IDS Signature— ASLEAP Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Intrusion Detection System | 167...
Page 168
The following table describes the detection policies that are enabled in Client Protection Custom settings field. Table 29 Client Protection Policies Detection Level Detection Policy All detection policies are disabled Protect Valid Station High Protect Windows Bridge 168 | Intrusion Detection System Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
You can enable wired and wireless containments to prevent unauthorized stations from connecting to your Instant network. Instant supports the following types of containment mechanisms: Wired containment— When enabled, Dell PowerConnect W-Series Instant Access Points will generate ARP packets on the wired network to contain wireless attacks.
Page 170
170 | Intrusion Detection System Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Dell Instant supports versions 1, 2c, and 3 of Simple Network Management Protocol (SNMP) for reporting purposes only. In other words, SNMP cannot be used for setting values in a Dell system in the current IAP. SNMP Parameters for IAP You can configure the following parameters for IAP.
Page 172
8. Click OK. To edit the details for a particular user, select the user and click Edit. To delete a particular user, select the user and click Delete. 172 | SNMP Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Figure 143 Creating Users for SNMPV3 SNMP Traps Dell Instant supports the configuration of external trap receivers in the Instant UI. Only the IAP acting as the Virtual Controller will generate traps. The OID of the traps is 1.3.6.1.4.1.14823.2.3.3.1.200.2.X. Figure 144 SNMP Traps Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 174
NOTE: Dell PowerConnect W-Series-specific management information bases (MIBs) describe the objects that can be managed using SNMP. See the Dell PowerConnect W-Series Instant Access Point MIB Reference Guide for information about the Dell PowerConnect W-Series and Aruba MIBs and SNMP traps.
Ethernet port platform deployments, the root AP must use the 3G uplink. In this release of Dell Instant, you can form an IAP network by connecting the downlink port of an AP to other APs. Only one AP in the network uses its downlink port to connect to the other APs. This AP (called the root AP) acts as the wired device for the network, provides DHCP service and an L3 connection to the ISP uplink with NAT.
Page 176
176 | Hierarchical Deployment Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Displays the status of the admin. The following figure displays the wired parameters of the Ethernet profile configuration: Figure 146 Ethernet Profile Configuration - Wired Tab Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Ethernet Downlink | 177...
Page 178
Disable— Disable MAC Authentication on the profile (default). Enable— Enable MAC Authentication on the profile. The following figure displays the security parameters of the Ethernet profile configuration: 178 | Ethernet Downlink Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 179
Allow— Allow users based on the access rule. Deny— Deny users based on the access rule. Service Type of service. Destination Specify the destination. Options Disable or enable logging. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Ethernet Downlink | 179...
To assign an Ethernet downlink profile to Ethernet 2 port, select the profile from the 0/2 drop down list. Figure 151 Assigning a Profile to the Ethernet Port 180 | Ethernet Downlink Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Uplink Configuration Uplink Configuration Overview The Dell PowerConnect W-Instant supports 3G USB modems for the corporate Instant network. The 3G USB modems can be used to extend the connectivity to places where Ethernet uplink cannot be configured. By using this, the client traffic can reach the internet and the corporate network. It also provides a reliable backup link for the Ethernet based Instant network.
All the new auto-detected modems falls under this category as the parameter necessary to automatically configure them are unknown. The following table lists the types of supported 3G modems: 182 | Uplink Configuration Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 183
Huawei E180 for Movistar in Spain True Auto Detect (continued) ZTE-MF820 Huawei E173s-1 Sierra 320 Longcheer WM72 U600(3G mode) Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Uplink Configuration | 183...
Page 184
USB modem parameter from the Instant WebUI. Use the following procedure to provision 3G/4G uplink manually: 1. In the settings tab, click the show advanced settings hyperlink. 184 | Uplink Configuration Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 185
ISP to configure the modem, or configure the individual modem parameters manually. If the user cannot view the list of country or ISP from the drop-down list, then the user has to configure the modem parameters manually. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Uplink Configuration | 185...
Select the type of uplink from the uplink preference drop-down list under Management. To use a 3G/4G uplink, select 3G/4G from the Uplink preference drop-down list. 186 | Uplink Configuration Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
In the Password and Retype fields, enter the PPPoE password and confirm it. 4. Click OK. 5. Reboot the IAP for the configuration to take effect. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Uplink Configuration | 187...
Page 188
Figure 159 PPPoE Settings 188 | Uplink Configuration Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
IAP and Client Monitoring Dell PowerConnect W-AirWave allows you to find any IAP or client on the wireless network and to see real-time monitoring views. These monitoring views can be used to aggregate critical information and high-end monitoring information.
The WIDS report cites the number of IDS events for devices that have experienced the most instances in the prior 24 hours, and provides links to support additional analysis or configuration in response. 190 | Dell PowerConnect W-AirWave Integration and Management Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Additional strings in the Organization String are used to create a hierarchy of sub folders under the folder named “Org”: subfolder1 would be a folder under the “Org” folder subfolder2 would be a folder under subfolder1 Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Dell PowerConnect W-AirWave Integration and Management | 191...
In networks that are not using DHCP option 60 and 43, it is easy to use the standard DHCP options 60 and 43 for Dell AP or Dell Instant AP. For Dell APs these options can be used to indicate the, master controller or the local controller.
Page 193
4. Go to Server Manager and select Server Options in the IPv4 window. (This sets the value globally. Use options on a per-scope basis to override the global options.) 5. Right click on Server Options and select the configuration options. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Dell PowerConnect W-AirWave Integration and Management | 193...
Page 194
Figure 165 Instant and DHCP options for Dell PowerConnect W-AirWave— Server Options 6. Select 060 Dell Instant AP in the Server Options window and enter Dell InstantAP in the String Value. Figure 166 Instant and DHCP options for Dell PowerConnect W-AirWave—060 Dell Instant AP in Server Options 7.
60 and 43 for giving the DHCP clients info about certain services such as PXE to the DHCP clients. In such an environment, it is not possible to use the standard DHCP option 60 and 43 for Dell APs.
Page 196
This method describes how to set up a DHCP server to send option 43 with Dell PowerConnect W-AirWave information to Dell Instant IAP. This section assumes that option 43 will be sent per scope since option 60 is being shared by other devices as well.
Page 197
Figure 170 Dell PowerConnect W-AirWave — New Group Figure 171 Dell PowerConnect W-AirWave —Monitor Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Dell PowerConnect W-AirWave Integration and Management | 197...
Page 198
198 | Dell PowerConnect W-AirWave Integration and Management Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Virtual Controller View The Virtual Controller view is the default view.This view allows you to monitor the Dell Instant network. The following Instant UI elements are available in this view: Tabs— Contains three tabs— Networks, Access Points, and Clients. For detailed information about the tabs, ...
RF Dashboard The RF Dashboard section displays the following information: IP address, Signal, and Speed information about the clients in the Dell Instant network. If the speed or signal strength of a client is low, IP address of the client appears as a link. Click the link to monitor the client. For more information, see “Client View”...
Page 201
Virtual the last 15 minutes. Controller at 11:43 hours. To see the exact number of clients in the Dell Instant network at a particular time, hover the cursor over the graph line.
Network View All Wi-Fi networks in the Dell Instant network are listed in the Networks tab. Click the network that you want to monitor. Network View for the selected network appears. Similar to the Virtual Controller view, the Network view also has three tabs— Networks, Access Points, and Clients.
Security level— The type of user authentication and data encryption for this network. Usage Trends The Usage Trends section displays the following graphs for the selected network: Clients Figure 176 Clients Graph Throughput Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Monitoring | 203...
Instant Access Point View All IAPs in the Dell Instant network are listed in the Access Points tab. Click the IAP that you want to monitor. Access Point view for that IAP appears.
The Overview section displays the common RF metrics for the selected access point over the last 15 minutes. The following graphs are displayed for the selected IAP: Neighboring APs Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Monitoring | 205...
Page 207
3. Study the CPU Utilization graph in the Overview pane. For example, the graph shows that the CPU utilization of the IAP is 30% at 12:09 hours. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Monitoring | 207...
Page 208
The Overview section also has two links— 2.4 GHz and 5 GHz. The following graphs are displayed for each band: Utilization 208 | Monitoring Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 210
NOTE: You can also click the rectangle icon under the Utilization column in the RF Dashboard pane to see the Utilization graph for the selected IAP. The rectangle icon is seen as follows: 210 | Monitoring Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 211
The IAP view appears. 3. Study the 2.4 GHz Mgmt Frames graph. For example, the graph shows that 3 management frames were out of the radio at 13:50 hours. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Monitoring | 211...
Errors graph for the selected IAP. Client View In the Virtual Controller view, all clients in the Dell Instant network are listed in the Clients tab. Click the IP address of the client that you want to monitor. Client view for that client appears.
RF Trends The RF Trends section displays the following graphs for the selected client: Signal Figure 192 Signal Graph Frames Figure 193 Frames Graph Speed Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Monitoring | 213...
Page 214
For example, the graph on the left shows that signal strength for the client is 54.0 dB at 12:23 hours. 214 | Monitoring Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 215
15 minutes. To see the exact throughput at a particular time, hover the cursor over the graph line. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Monitoring | 215...
Access Point— IAP name with which the client was associated. NOTE: Mobility information about the client is reset each time it roams from one IAP to another. 216 | Monitoring Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Alert Types Alerts are generated when a user encounters problems while accessing or connecting to the Wi-Fi network. These alerts enable you to troubleshoot the problems. The alerts that are generated on Dell Instant can be categorized as follows: 802.11 related association and authentication failure alerts.
Page 218
DHCP request timed out This client did not receive a response to Check the status of the DHCP server in its DHCP request in time. the network. 218 | Alert Types and Management Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Chapter 26 Policy Enforcement Firewall Dell’s Policy Enforcement Firewall (PEF) module for Dell Instant provides identity-based controls to enforce application-layer security, prioritization, traffic forwarding, and network performance policies for wired and wireless networks. The PEF window displays the external/internal authentication servers, currently defined roles for all the networks, blacklisted clients and to enable or disable the protocols for ALG.
NOTE: A special default role with the same name as the network is automatically defined for each network. These roles cannot be deleted or renamed. 220 | Policy Enforcement Firewall Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
ACLs. If, however, the control signaling packets are encrypted, the IAP cannot determine which dynamic ports are used for voice or video traffic. In these Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Policy Enforcement Firewall | 221...
Page 222
Ports used by the Apple Facetime Application Port Packet Type TCP/UDP 3478-3497 5223 16384-16387 16393-16402 The following screenshots are configuration examples for Microsoft OCS and Apple Facetime applications. 222 | Policy Enforcement Firewall Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Client Blacklisting The client blacklisting denies connectivity to the blacklisted clients. When a client is blacklisted in a Dell IAP, the client is not allowed to associate with the IAP in the network. If a client is connected to the network when it is blacklisted, a deauthentication message will be send to force the client to disconnect.
2. Click on the New button under the Manual Blacklisting window. 3. Enter the MAC address of the client to be blacklisted in the MAC address to add textbox. Figure 203 Manual Blacklisting 224 | Policy Enforcement Firewall Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Instant firewall now supports the ALG (Application Layer Gateway) functions such as SIP, Vocera, Alcatel NOE, and Cisco Skinny protocols. To enable or disable the protocols for ALG in Dell Instant perform the following steps: 1. Select PEF from the top right of the Instant UI.
IAP and the client, or wait for few minutes to ensure the changes take effect. Firewall-based Logging Instant firewall now supports firewall based logging function. The firewall logs on the Instant APs are generated as syslog messages. 226 | Policy Enforcement Firewall Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
The VPN configuration functionality enables the IAP to create a single VPN tunnel from the Virtual Controller to a Dell Mobility Controller in your corporate office. Here, the VPN tunnels from the Instant APs terminate on the Dell Mobility Controller. The controller solely acts as a VPN end-point and does not supply the Instant AP with any configuration.
This step is optional. 7. Click Next to continue. Routing Profile Configuration Instant can terminate VPN connections on Dell Mobility Controllers. The Routing profile defines the corporate subnets which need to be tunneled through the IPSec tunnel. Figure 207 Tunneling—...
Type— Indicates the type of DHCP server. Available options are Local, Distributed L3, Distributed L2, Centralized L2. Local implies that this is a NAT mode DHCP subnet. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide VPN Configuration | 229...
IAP, it is important that this value is configured consistent across all branches. DNS server— An optional field which defines the DNS server. 230 | VPN Configuration Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Domain name— An optional field which defines the domain name. Lease time— An optional field which defines the lease time for client 2. Click OK to apply these changes. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide VPN Configuration | 231...
The following table describes the behavior of DHCP Relay Agent and Option 82 in the IAP. Table 44 Ports used by the Apple Facetime Application DHCP Relay Option82 Behavior Enabled Enabled DHCP packet relayed with the ALU-specific Option 82 string 232 | VPN Configuration Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 233
Disabled DHCP packet not relayed, but broadcasted without the ALU-specific Option 82 string 2. Click OK to apply these changes. Figure 212 Centralized L2 DHCP Configuration Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide VPN Configuration | 233...
Page 234
234 | VPN Configuration Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
User Database In Dell Instant, the user database consists of a list of guest and employee users. Addition of a user involves specifying a username and password for the user. The login credentials for these users are provided outside the Dell Instant system.
To delete all users or multiple users at a time, select the usernames that you want to delete, and click Delete All. NOTE: Deleting a user only removes the user record from the user database, and won't disconnect the online user under this username. 236 | User Database Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
The channels that can be used in a particular country differ based on the regulations of that country. The initial Wi-Fi setup requires you to specify the country code for the country in which the Dell Instant will operate. This configuration sets the regulatory domain for the radio frequencies that the IAPs use. Within the regulated transmission spectrum, a high-throughput 802.11a, 802.11b/g, or 802.11n radio setting can be...
Republic of Korea (South Korea) China France Hong Kong Singapore Taiwan Brazil Israel Saudi Arabia Lebanon United Arab Emirates South Africa Argentina Australia Austria Bolivia Chile Greece 238 | Regulatory Domain Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
Page 239
Panama Russia Kuwait Liechtenstein Lithuania Mexico Morocco New Zealand Poland Puerto Rico Slovak Republic Slovenia Thailand Uruguay Panama Russia Egypt Trinidad and Tobago Turkey Costa Rica Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Regulatory Domain | 239...
Page 240
Serbia and Montenegro Indonesia Peru Venezuela Jamaica Bahrain Oman Jordan Bermuda Colombia Dominican Republic Guatemala Philippines Sri Lanka El Salvador Tunisia Islamic Republic of Pakistan Qatar Algeria 240 | Regulatory Domain Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...
If an external whitelist is being used, the AP MAC address needs to be saved in the RADIUS server as a lower-case entry without any delimiter. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Controller Configuration for VPN | 241...
Network Access Server Network Address Translation Name Server Network Time Protocol PEAP Protected Extensible Authentication Protocol Privacy Enhanced Mail Power over Ethernet RADIUS Remote Authentication Dial In User Service Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Abbreviations | 245...
Page 246
Table 46 List of abbreviations (Continued) Abbreviation Expansion Virtual Controller Vendor-Specific Attributes WLAN Wireless Local Area Network 246 | Abbreviations Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide...