HP MSM3xx Management And Configuration Manual
  1. Manuals
  2. Brands
  3. HP Manuals
  4. Wireless Access Point
  5. MSM3xx
  6. Management and configuration manual

HP MSM3xx Management And Configuration Manual

Msm3 series/msm4 series
Hide thumbs Also See for MSM3xx:
Table of Contents

Quick Links

See also: Reference Manual
HP MSM3xx / MSM4xx Access Points Management and Configuration Guide
5400zl Switches
HP MSM3xx / MSM4xx Access Points
Installation and Getting Started Guide
Management and Configuration Guide
Table of Contents
loading

Related Manuals for HP MSM3xx

Summary of Contents for HP MSM3xx

  • Page 1 HP MSM3xx / MSM4xx Access Points Management and Configuration Guide 5400zl Switches HP MSM3xx / MSM4xx Access Points Installation and Getting Started Guide Management and Configuration Guide...
  • Page 3 HP MSM3xx / MSM4xx Access Points Management and Configuration Guide...
  • Page 4 Publication Number material. 5998-1147 The only warranties for HP products and services are set forth January 2011 in the express warranty statements accompanying such products and services. Nothing herein should be construed as Applicable Products constituting an additional warranty.

  • Page 5: Table Of Contents

    Warnings and cautions ...................1-3 Management tool ....................1-3 Ports .........................1-3 Commands and program listings ..............1-4 New in this release ......................1-4 Introducing the MSM3xx/4xx Access Points ............1-5 Key features......................1-5 Controlled mode versus autonomous mode ............1-6 Controlled mode .....................1-6 Autonomous mode..................1-7 Summary ......................1-9 Safety information......................1-10...

  • Page 6: Wireless Configuration

    Contents Security policies....................2-6 Security ......................2-6 Web server .......................2-7 Auto-refresh.....................2-7 Web inactivity logout..................2-7 SNMP ..........................2-7 Configuring SNMP settings ..................2-8 Attributes ......................2-9 v1/v2c communities ..................2-9 v3 users ......................2-9 Notification receivers ...................2-10 Security ......................2-10 SOAP ..........................2-11 Configuring the SOAP server ................2-11 Server settings ....................2-11 Security ......................2-12 Security considerations................2-12 CLI ..........................2-12...
  • Page 7 Contents Performance degradation and channel separation........3-3 Selecting channels in the 2.4 GHz band ............3-4 Distance between APs..................3-6 Automatic transmit power control ...............3-7 Supporting 802.11n and legacy wireless clients ..........3-7 Radio configuration .....................3-8 Radio configuration parameters ................3-16 Regulatory domain..................3-16 Operating mode.....................3-16 Wireless mode ....................3-18 Channel width ....................3-22 Channel extension ..................3-23...
  • Page 8 Management with VLANs ..................4-4 Viewing and editing VSC profiles ................4-5 VSC configuration options ..................4-5 General........................4-7 If Use HP MSM Controller option is enabled..........4-7 If Use HP MSM Controller option is disabled ..........4-7 Virtual AP........................4-9 WLAN .......................4-9 Wireless clients....................4-11 Quality of service ..................4-12 Allowed wireless rates .................4-13...

  • Page 9: Network Configuration

    Contents MAC filter ......................4-19 IP filter ........................4-20 VSC data flow ......................4-21 Stand-alone deployment ..................4-21 VSC on autonomous AP ................4-21 AP deployed with a controller ................4-22 VSC on controller..................4-23 Quality of service (QoS) ....................4-23 Priority mechanisms ...................4-24 802.1p......................4-24 VSC-based priority ..................4-24 Differentiated Services (DiffServ) ..............4-25 TOS .........................4-25 IP QoS......................4-25...
  • Page 10 Contents VLAN bridging......................5-9 Bandwidth control .......................5-9 Discovery protocols ....................5-10 CDP ........................5-10 LLDP........................5-10 LLDP agent ....................5-11 LLDP over local mesh ..................5-11 LLDP settings ....................5-11 TLV settings ......................5-12 Basic TLVs......................5-12 802.3 TLVs ......................5-13 DNS ..........................5-14 DNS servers......................5-14 DNS advanced settings ..................5-14 IP routes ........................5-15 Configuration .......................5-15 Active routes....................5-15 Default routes....................5-16...

  • Page 11: Local Mesh

    Contents Access Reject attributes.................6-8 Access Challenge attributes ................6-8 Accounting Request attributes ..............6-9 Configuring administrative accounts on a RADIUS server ......6-11 Access Request attributes................6-11 Managing certificates....................6-12 Trusted CA certificate store ................6-12 Installing a new CA certificate ..............6-13 CA certificate import formats ..............6-13 Default CA certificates .................6-14 Certificate and private key store ...............6-14 Installing a new private key/public key certificate chain pair ....6-15...
  • Page 12 Contents Maximum range (ack timeout)..............7-7 LLDP ..........................7-9 Local mesh profiles ......................7-9 Configuring a local mesh profile ...............7-10 Settings......................7-11 AES/CCMP .....................7-11 Policy manager....................7-11 Addressing .....................7-12 Sample local mesh deployments ................7-16 RF extension ......................7-16 Building-to-building connections ..............7-17 Dynamic networks ....................7-18 Maintenance Config file management....................8-2 Manual configuration file management ..............8-2 Backup configuration..................8-2 Reset configuration ..................8-3...
  • Page 13 Contents Console ports Console port connector specifications..............A-2 MSM335 and MSM422 console port ..............A-2 MSM410, E-MSMS430, E-MSM460, E-MSM466 console port ......A-2 Regulatory information Notice for U.S.A....................B-2 Manufacturer's FCC Declaration of Conformity Statement..... B-2 FCC Class B statement.................. B-2 FCC Class A statement..................
  • Page 14 Contents...
  • Page 15 Contents About this guide ......................1-2 Products covered....................1-2 Important terms .....................1-3 Conventions ......................1-3 New in this release .......................1-4 Introducing the MSM3xx/4xx Access Points ............1-5 Key features......................1-5 Controlled mode versus autonomous mode ............1-6 Safety information......................1-10 HP support ........................1-11 Getting started ......................1-11 Online documentation ....................1-11...

  • Page 16: Introduction

    About this guide About this guide This guide explains how to install, configure, and operate HP MSM3xx/MSM4xx Access Points in autonomous mode. Basic information on operating in controlled mode is also provided. For detailed controlled-mode instructions, see the MSM7xx Controllers Management and Configuration Guide.

  • Page 17: Important Terms

    Important terms The following terms are used in this guide. Term Description AP or MSM AP Refers to any HP MSM3xx or MSM4xx Access Point. Controller Refers to any HP MSM7xx Controller, including both Access Controller and Mobility Controller variants. Conventions...

  • Page 18: Commands And Program Listings

    Introduction New in this release Commands and program listings Monospaced text identifies commands and program listings as follows: Example Description Command name. Specify it as shown. use-access-list Items in italics are parameters for which you must supply ip_address a value. Items enclosed in square brackets are optional.

  • Page 19: Introducing The Msm3Xx/4Xx Access Points

    Introducing the MSM3xx/4xx Access Points Introducing the MSM3xx/4xx Access Points The HP MSM APs bring intelligence to the network edge, providing scalable, seamless wireless access anywhere, anytime. They dispense multiple network services, enforce robust security and deliver high performance client access, unlike thin or lite access points. An...

  • Page 20: Controlled Mode Versus Autonomous Mode

    MSM APs can operate in one of two modes: controlled mode (default) or autonomous mode. Note This guide explains how to install, configure, and operate HP MSM3xx/MSM4xx Access Points in autonomous mode. For detailed controlled-mode instructions, see the MSM7xx Controllers Management and Configuration Guide.

  • Page 21: Autonomous Mode

    Introduction Introducing the MSM3xx/4xx Access Points The following example shows multiple APs installed to offer public access networking at several different physical locations. A single controller is used to manage the devices and control access to the wireless network. Data Center...
  • Page 22 Introduction Introducing the MSM3xx/4xx Access Points An autonomous AP can be used to create a wireless extension to an existing network and provide intelligent data-forwarding that maintains the security of the network. For example: RADIUS DCHP server server Corporate Network 192.168.5.0...

  • Page 23: Summary

    Introduction Introducing the MSM3xx/4xx Access Points Summary The operational differences between the two modes are summarized in the following table. Feature/function Controlled mode AP Autonomous mode AP Reset AP to factory default AP remains in controlled AP changes from autonomous settings mode.

  • Page 24: Safety Information

    Failure to do so may result in personal injury, fire, equipment damage, or a voided warranty. The HP hardware warranty provides no protection against damage caused by static discharge or a lightning strike.

  • Page 25: Hp Support

    ProCurve. Additionally, your HP-authorized networking products reseller can provide you with assistance. Before contacting support To make the support process most efficient, before calling your networking dealer or HP Support, you first should collect the following information: Collect this information Where to find it Product identification.
  • Page 26 Introduction Online documentation 1-12...
  • Page 27 Chapter 2: Management Management Contents Management tool......................2-2 Starting the management tool................2-2 Customizing management tool settings..............2-3 SNMP ..........................2-7 Configuring SNMP settings ..................2-8 SOAP ..........................2-11 Configuring the SOAP server ................2-11 CLI ..........................2-12 Configuring CLI support ..................2-13 System time.........................2-14 LEDs..........................2-15 Country........................2-16...

  • Page 28: Management

    Management Management tool Management tool The management tool is a web-based interface to the AP that provides easy access to all configuration and monitoring functions. The computer used to connect to the management tool must:  Have at least Microsoft Internet Explorer 7/8 or Mozilla Firefox 3.x. Be able to establish an IP connection with the AP.

  • Page 29: Customizing Management Tool Settings

    Management Management tool Customizing management tool settings To customize management tool settings, select Management > Management tool. ive user Administrat authentication Login credentials for administrative users can be verified using local account settings and/or a RADIUS sever.  Local account settings: A single manager and operator account can be configured locally under Manager account and Operator account on this page.

  • Page 30: Manager And Operator Accounts

    Management Management tool  RADIUS server: Using a RADIUS server enables you to have multiple accounts, each with a unique login name and password. Identify accounts using the vendor specific attribute web-administrative-role. See Configuring administrative accounts on a RADIUS server on page 6-11.
  • Page 31 Management Management tool The following options can be used to prevent the management tool from being locked by an idle manager or operator:  Terminates the current manager session: When enabled, an active manager or operator session will be terminated by the login of another manager. This prevents the management tool from being locked by an idle session until the Account inactivity logout timeout expires.

  • Page 32: Security Policies

    Management Management tool Security policies Security policies affect both manager and operator accounts. Select from one of the following options:  Follow FIPS 140-2 guidelines: When selected, implements the following requirements from the FIPS 140-2 guidelines:  Passwords must be at least six characters long. ...

  • Page 33: Web Server

    The AP provides a robust SNMP implementation supporting both industry-standard and custom MIBs. For information on supported MIBs, see the MSM SNMP MIB Reference Guide. The AP supports SNMP v1/v2c/v3 and both MIB II and HP-specific MIB attributes via the HP Enterprise MIB.

  • Page 34: Configuring Snmp Settings

    Management SNMP Configuring SNMP settings Select Management > SNMP to open the SNMP agent configuration page. By default, the SNMP agent is enabled (SNMP agent configuration in title bar is checked). If you disable the agent, the AP will not respond to SNMP requests.

  • Page 35: Attributes

    Management SNMP Attributes System name Specify a name to identify the AP. By default, this is set to the placeholder %serial number%, which is automatically replaced with the serial number of the AP. Location Specify a descriptive name for the location where the AP is installed. Contact Contact information for the AP.

  • Page 36: Notification Receivers

    Management SNMP Security Security protocol defined for the user. Authentication type and encryption type are separated a slash. For example, MD5/DES indicates MD5 authentication and DES encryption. Access level Type of access assigned to the user:  Read-only: The user has read and notify access to all MIB objects. ...

  • Page 37: Soap

    The AP provides a SOAP interface that can be used by SOAP-compliant client applications to perform configuration and management tasks. An MSM SOAP/XML SDK zip file is available at www.hp.com/networking/SOAP-XML-SDK. Look for the file corresponding to your MSM software version.

  • Page 38: Cli

    Management HTTP authentication When enabled, access to the SOAP interface is available via HTTP with the specified username and password. TCP port Specify the number of the TCP port that SOAP uses to communicate with remote applications. Default is 448. Security Use these settings to control access to the SOAP interface.

  • Page 39: Configuring Cli Support

    Management Configuring CLI support Select Management > CLI to open the Command Line Interface (CLI) configuration page. Secure shell access Enable this option to allow access to the CLI via an SSH session. The CLI supports SSH on the standard TCP port (22). SSH connections to the CLI can be made on any active interface.

  • Page 40: Serial Port Access

    Management System time Local manager account The login username and password are the same as those defined for the local manager account. If this account is disabled, the last known username and password for this account are used. Administrative user authentication settings The login username and password use the same settings (Local and/or RADIUS) as defined for the manager account under Administrative user authentication.

  • Page 41: Leds

    AP tries the next server and so on. By default, the list contains two ntp vendor zone pools that are reserved for HP networking devices. By using these pools, you will get better service and keep from overloading the standard ntp.org server. For more information visit: www.pool.ntp.org.

  • Page 42: Country

    Management Country Country Select Management > Country to open the Country page. This page enables you to configure the country in which the controller operates. Note The Country page is not available on APs delivered with a fixed country setting. Set the country in which the AP will operate.
  • Page 43 Chapter 3: Wireless configuration Wireless configuration Contents Wireless coverage......................3-2 Factors limiting wireless coverage..............3-2 Configuring overlapping wireless cells...............3-3 Supporting 802.11n and legacy wireless clients ..........3-7 Radio configuration .....................3-8 Radio configuration parameters ................3-16 Advanced wireless settings ................3-27 Wireless neighborhood ....................3-32 Scanning modes ....................3-32 Viewing scan results....................3-34 Identifying unauthorized APs................3-34 Viewing wireless information ...................3-35...

  • Page 44: Wireless Coverage

    AP. The following sections provide information on wireless coverage. A tool that can help simplify planning a secure wireless network is the HP RF Planner. For more information, see the RF Planner Admin Guide.

  • Page 45: Physical Characteristics Of The Location

    Wireless configuration Wireless coverage  Select Status > Wireless to view detailed information about packets sent and received, transmission errors, and other low-level events.  Select Status > Client data rate matrix to view information about data rates for all connected client stations.

  • Page 46: Selecting Channels In The 2.4 Ghz Band

    Wireless configuration Wireless coverage The following example shows two overlapping wireless cells operating on the same channel (frequency). Since both APs are within range of each other, the number of deferred transmissions can be large. The solution to this problem is to configure the two AP to operate on different channels. Unfortunately, in the 2.4 GHz band, adjacent channels overlap.
  • Page 47 Wireless configuration Wireless coverage The number of channels available for use in a particular country are determined by the regulations defined by the local governing body and are automatically configured by the AP based on the Country setting you define by selecting Management > Country. This means that the number of non-overlapping channels available to you varies by geographical location.

  • Page 48: Distance Between Aps

    Wireless configuration Wireless coverage Alternatively, you can stagger cells to reduce overlap and increase channel separation, as shown in the following figure. Using only three frequencies across multiple cells in North America. This strategy can be expanded to cover an even larger area using three channels, as shown in the following figure.

  • Page 49: Automatic Transmit Power Control

    APs more frequently. Automatic transmit power control The automatic power control feature enables the AP to dynamically adjust its transmission power to avoid causing interference with neighboring HP APs. For information see Transmit power control on page 3-31.

  • Page 50: Radio Configuration

    Wireless configuration Radio configuration Radio configuration To define configuration settings for a radio, select Wireless > Radio(s). This opens the Radio(s) configuration page. The contents of this page will vary depending on the product. The following screen shots show the Radio(s) configuration page for each AP type. (For all screen shots: Operating mode is set to Access Point and Local Mesh, and Advanced wireless settings has been expanded to show the complete set of configurable settings.)
  • Page 51 Wireless configuration Radio configuration E-MSM460 and E-MSM430...
  • Page 52 Wireless configuration Radio configuration MSM422 3-10...
  • Page 53 Wireless configuration Radio configuration MSM410 3-11...
  • Page 54 Wireless configuration Radio configuration MSM335 (radio 1 and 2) 3-12...
  • Page 55 Wireless configuration Radio configuration MSM335 (radio 3) 3-13...
  • Page 56 Wireless configuration Radio configuration MSM320 3-14...
  • Page 57 Wireless configuration Radio configuration MSM310 3-15...

  • Page 58: Radio Configuration Parameters

    Tools > Network trace feature.  Sensor: Enables RF sensor functionality on the radio. HP APs are smart APs, and do not forward broadcast packets when no client stations are connected. Therefore, the RF sensor function will not be able to detect these APs unless they have at least one connected wireless client station.
  • Page 59 Wireless configuration Radio configuration Access point Access point Local mesh Product and Local Monitor Sensor only only mesh ✔ ✔ ✔ ✔ ✕ E-MSM430 ✔ ✔ ✔ ✔ ✕ E-MSM460 ✔ ✔ ✔ ✔ ✕ E-MSM466 The following table shows all radio parameters that are configurable for each operating mode.

  • Page 60: Wireless Mode

    Wireless configuration Radio configuration Wireless mode Supported wireless modes are determined by the regulations of the country in which the AP is operating, and are controlled by the country setting on the AP. To configure the country setting, see Country on page 2-16.
  • Page 61 Data rates Up to 300 Mbps. HP refers to this mode as Pure 802.11n. When operating in this mode, the AP does not permit non-802.11n clients to associate. Legacy clients can see the access point, and may attempt to associate, but they will be rejected. The AP makes this determination based on the supported rates that the client presents during its association request.
  • Page 62 Note This mode is sometimes incorrectly called Greenfield. Greenfield is an 802.11n-specific preamble that can be used by clients and APs. HP APs do not support this preamble and therefore do not support Greenfield mode. When to use this mode...
  • Page 63 For 802.11g clients: Up to 54 Mbps. For 802.11b clients: Up to 11 Mbps. HP refers to this mode as Compatibility mode because the AP allows both 802.11n and legacy clients to associate. The AP advertises protection in the beacon when legacy clients are associated or operating on the same channel.

  • Page 64: Channel Width

    Wireless configuration Radio configuration 802.11g Supported on MSM310, MSM320, MSM335, MSM410, MSM422 Frequency band 2.4 GHz Data rates Up to 54 Mbps. This is a legacy mode that can be used to support older wireless client stations. 802.11a MSM310, MSM320, MSM335, MSM410, MSM422 Supported on Frequency band 5 GHz...

  • Page 65: Channel Extension

    Wireless configuration Radio configuration The channel selected on the radio page is the primary channel and the secondary (or extension) channel is located adjacent to it. The secondary channel is either above or below depending on which channel was selected as the primary. In the 5 GHz band, the channels are paired: 36 and 40 are always used together, 44 and 48 are always used together, etc.
  • Page 66 When operating in 802.11a or 802.11n (5 GHz) modes, channels do not interfere with each other, enabling APs to operate on two adjacent channels without interference. HP APs support Dynamic Frequency Selection (802.11h) and Transmit Power Control (802.11d) for 802.11a operation in European countries. These options are automatically enabled as required.

  • Page 67: Interval

    Wireless configuration Radio configuration  On the MSM410, MSM422 (radio 1): When Wireless mode is 802.11n (2.4 GHz) or 802.11n/g or 802.11n/b/g, and Channel width is Auto 20/40 MHz, the Channel extension parameter value affects which channels are shown in the Channel list. Although it is recommended that you use the 5 GHz band for all 802.11n activity, if you insist upon using 802.11n and a 40 MHz Channel width in the crowded 2.4 GHz band, it is best to select channels as follows, according to the number of 2.4 GHz channels available...

  • Page 68: Automatic Channel Exclusion List

    Wireless configuration Radio configuration Automatic channel exclusion list Not available in Monitor or Sensor modes. Used when Automatic is selected under Channel, this parameter determines the channels that are not available for automatic selection. To select more than one channel, hold down Ctrl as you select the channel names.

  • Page 69: Antenna Gain

    Wireless configuration Radio configuration MSM422 Select either Internal or External according to the following guidelines: The MSM422 features three internal antennas in the lower flap for Radio 1 (802.11n/a/b/g)  (corresponding to external connectors A, B, and C) and two internal antennas in the upper flap for Radio 2 (801.11a/b/g) (corresponding to external connector D).

  • Page 70: Tx Beamforming

    HP APs support the following two explicit beamforming techniques:  Non-compressed beamforming, in which the client station calculates and sends the steering matrix to the AP.

  • Page 71: Tx Protection

    Wireless configuration Radio configuration Tx protection Supported on: E-MSM430, E-MSM460, E-MSM466 Not available in Monitor or Sensor modes. When an AP is operating in an 802.11n mode, and legacy (a/b/g) traffic is present on the same channel as 802.11n traffic, this feature can be used to ensure maximum 802.11n throughput. The following options are available: ...

  • Page 72: Maximum Range (Ack Timeout)

    Wireless configuration Radio configuration Maximum range (ack timeout) Only available in modes that support Local Mesh. Fine tunes internal timeout settings to account for the distance that a link spans. For normal operation, timeout is optimized for links of less than 1 km. Note This is a global setting that applies to all wireless connection made with the radio.

  • Page 73: Multicast Tx Rate

    2.4 GHz band, all channels must be set to the lowest acceptable value for your regulatory domain. For a list of supported antennas, see the Accessories section for your AP at www.hp.com/networking/support (for Product Brand, select ProCurve). For specific power limits according to your regulatory domain, consult the Antenna Power-Level Settings Guide also available at the same address.

  • Page 74: Wireless Neighborhood

    Wireless configuration Wireless neighborhood Set power to Specify the transmission power in dBm or as a percentage of the maximum output power. When you select Save, percentage values are rounded up or down so that the dBm value is always a whole number). Note that the actual transmit power used by the radio may be less than the specified value.

  • Page 75: Automatic Channel Selection

    Wireless configuration Wireless neighborhood Automatic channel selection When the Automatic channel selection feature is enabled, scanning occurs as follows:  On the E-MSM430, E-MSM460, E-MSM466: Scanning only occurs when the channel selection interval expires. This may cause interruptions to voice calls. Therefore, configuring a short channel selection interval is not recommended.

  • Page 76: Viewing Scan Results

    Wireless configuration Wireless neighborhood Viewing scan results To view the results of the latest scan, open the Wireless > Neighborhood page. For example: To update scanning results, select the refresh button in your browser. Identifying unauthorized APs When an AP is discovered during a scan, its MAC address is compared against the list of authorized APs (which you must define).

  • Page 77: Viewing Wireless Information

    Wireless configuration Viewing wireless information You must edit the Brief list file to remove extra text that appears before and after each MAC address. For example, if the brief list appears as follows: # MAC SSID 00:03:52:07:f5:11 "AP_1"...
  • Page 78 Wireless configuration Viewing wireless information This page lists all wireless clients associated with all VSCs. MAC Address MAC address assigned to the client station. Select the MAC address to view more detailed information on the client. IP address IP address assigned to the client station. VLAN assigned to the client station.

  • Page 79: Viewing Wireless Client Data Rates

    Wireless configuration Viewing wireless information Viewing wireless client data rates To view information on the data rates used by all wireless client stations currently connected to the AP, select Status > Client data rate matrix. High throughput (HT) rate traffic Displays information for users connected via any 802.11n mode.

  • Page 80: Legacy Rate Traffic

    Wireless configuration Viewing wireless information Data rates in Mbps Channel width / Guard interval 20 MHz/ 800 ns 20 MHz/ 400 ns 40 MHz/ 800 ns 40 MHz/ 400 ns 26.00 28.90 54.00 60.00 39.00 43.30 81.00 90.00 52.00 57.80 108.00 120.00 78.00...

  • Page 81: Wireless Access Points

    Wireless configuration Viewing wireless information Wireless access points To view wireless information for the AP, select Status > Wireless. The information you see will vary depending on the AP. For example, this is the status page on an MSM422. Access point status Wireless port UP: Port is operating normally.
  • Page 82 Wireless configuration Viewing wireless information Tx fragments The number of MPDUs of type Data or Management delivered successfully; i.e., directed MPDUs transmitted and being ACKed, as well as non-directed MPDUs transmitted. Tx multicast frames The number of MSDUs, of which the Destination Address is a multicast MAC address (including broadcast MAC address), transmitted successfully.
  • Page 83 Wireless configuration Viewing wireless information QoS low priority tx Total number of QoS low priority packets that have been sent. QoS medium priority tx Total number of QoS medium priority packets that have been sent. QoS high priority tx Total number of QoS high priority packets that have been sent. QoS very high priority tx Total number of QoS very high priority packets that have been sent.
  • Page 84 Wireless configuration Viewing wireless information Rx fragments The number of MPDUs of type Data or Management received successfully. Rx multicast frames The number of MSDUs, with a multicast MAC address (including the broadcast MAC address), as the Destination Address, received successfully. Rx unicast frames The number of MSDUs, with a unicast MAC address as the Destination Address received successfully.

  • Page 85: Working With Vscs

    Chapter 4: Working with VSCs Working with VSCs Contents Key concepts.........................4-2 Stand-alone deployment ..................4-2 Deployment with a controller ................4-3 Management with VLANs ..................4-4 Viewing and editing VSC profiles ................4-5 VSC configuration options ..................4-5 General........................4-7 Virtual AP........................4-9 Egress VLAN ......................4-14 Wireless security filters..................4-14 Wireless protection....................4-16 MAC-based authentication .................4-19 Location-aware ....................4-19...

  • Page 86: Key Concepts

    Working with VSCs Key concepts Key concepts A VSC (virtual service community) is a collection of configuration settings that define key operating characteristics of an AP. In most cases, a VSC is used to define the characteristics of a wireless network. Multiple VSC definitions can be created to enable support for different types of users.

  • Page 87: Using More Than One Authentication Type In A Vsc

    Working with VSCs Key concepts WPA / WPA2 and 802.1X authentication Full support is provided for users with WPA / WPA2 client software, and 802.1X client software that uses the following:  EAP-TLS: Extensible Authentication Protocol Transport Layer Security.  EAP-TTLS: Extensible Authentication Protocol Tunnelled Transport Layer Security.

  • Page 88: Management With Vlans

    Working with VSCs Key concepts In this type of installation, VSC definitions on both the AP and controller must match so that traffic from wireless users connected to the AP can be sent to the controller for handling. For example, if two VSCs are being used, they could be configured as follows: VSC Profiles SSID = Guest VLAN ID = 20...

  • Page 89: Viewing And Editing Vsc Profiles

    Select VSC on the main menu to open the VSC page. This page lists all defined VSC profiles and enables you to add new ones. The HP VSC profile is defined by default.  To edit an existing profile, select its Name.
  • Page 90 Working with VSCs VSC configuration options The following screen capture shows the configuration of the default VSC profile. The description that follow describe how to configure each parameter.

  • Page 91: General

    General Availability of certain VSC features and their functionality are dependent on the setting of the Use HP MSM Controller in the General box. This option determines how authentication and access control are handled by the VSC. If Use HP MSM Controller option is enabled...
  • Page 92 When access control is disabled, user traffic sent by the AP must bypass the controller, otherwise it will be interpreted and processed. The following table shows how VSC configuration options are affected by setting the Use HP MSM controller option.

  • Page 93: Virtual Ap

    Working with VSCs VSC configuration options Virtual AP These settings define the characteristics of the wireless network created by the VSC, including its name, the number of clients supported, and quality of service settings. This box is split into four sections: WLAN, Wireless clients, Quality of service, and Allowed wireless rates.
  • Page 94 Working with VSCs VSC configuration options The device transmits a beacon every 100 ms. The DTIM counts down with each beacon that is sent, therefore if the DTIM is set to 5, then client stations in low-power mode will wake up every 500 ms (.5 second) to receive multicast traffic.

  • Page 95: Wireless Clients

    Working with VSCs VSC configuration options  Once a client is associated at 5 GHz, the AP will not respond to any 2.4 GHz probes from the client as long as the client’s signal strength at 5 GHz is greater than -80 dBm (decibel milliwatt).

  • Page 96: Quality Of Service

    Working with VSCs VSC configuration options Generally, most users will be involved in the bidirectional exchange of unicast packets. In this case, the rules can be simplified by assuming that the most restrictive setting for this option takes precedence. For example: ...

  • Page 97: Allowed Wireless Rates

    Working with VSCs VSC configuration options Allowed wireless rates Select the wireless transmission speeds (in Mbps) that this VSC will support for each wireless mode. Clients will only be able to connect at the rates that you select. If a client does not support the selected rate and mode, it will not be able to connect to this VSC.

  • Page 98: Egress Vlan

    AP to exchange traffic with a specific upstream device.  If Use HP MSM Controller is enabled under General, the AP will only forward user traffic that is addressed to the access controller (MSM7xx Controller) defined on the Security >...

  • Page 99: Default Wireless Security Filter Definitions

    Select the access controller link to open the Security > Access controller page where you can configure access controller options.  If Use HP MSM Controller is disabled under General, then you can manually configure the security filters as required using the following options. ...

  • Page 100: Wireless Protection

    HTTPS traffic not addressed to the AP (or upstream device) is also blocked, which means wireless users cannot access the management tool on other HP APs. Outgoing wireless traffic filters Applies to traffic sent from the AP to wireless users.

  • Page 101: Wpa

    WPA2 mode. Authentication must occur via an external device (unless preshared keys are used). If Use HP MSM controller is enabled under General, this must be an HP MSM Controller, otherwise a third-party RADIUS server can be used.

  • Page 102: Wep

    GTC is also provided. Check your external RADIUS server for supported authentication methods. Authentication must occur via an external device. If Use HP MSM controller is enabled (under General), this must be an HP MSM Controller. Otherwise a third-party RADIUS server can be used.

  • Page 103: Mac-Based Authentication

    Location-aware This feature enables you to control logins to the public access network based on the AP, or group of APs, to which a user is connected. It is only available when Use HP MSM controller is enabled under General.

  • Page 104: Ip Filter

    Working with VSCs VSC configuration options When both this option and the MAC-based authentication options are enabled, the following applies: if a user's MAC address does not appear in the MAC filtering list then MAC-based authentication takes place for that user. Specify the MAC address as six pairs of hexadecimal digits separated by colons;...

  • Page 105: Wireless Security Filters

    Working with VSCs VSC data flow VSC data flow Each VSC provides a number of configurable options. The following diagrams illustrate how traffic from wireless users is handled by VSC definitions on an AP and controller, and shows the options that apply on each device. Stand-alone deployment VSC on autonomous AP Ingress...

  • Page 106: Ap Deployed With A Controller

    Working with VSCs VSC data flow Features Authentication: Authentication can be either 802.1X or MAC. To validate user  credentials the AP makes use of an external RADIUS server, which can be the controller or a third-party device. For more information, see Stand-alone deployment on page 4-2 ...

  • Page 107: Vsc On Controller

    VLAN (LAN or Internet port): Traffic with a VLAN ID is handled by the VSC with a matching VLAN definition. Untagged (LAN port): Untagged traffic on the LAN port may originate from wired  users, or APs operating in autonomous mode (HP or third-party). Features  Authentication: The controller supports 802.1X, MAC, or HTML authentication. To validate user login credentials the controller can use the local user accounts or make use of a third-party authentication server (Active Directory or RADIUS).

  • Page 108: Priority Mechanisms

    802.1p (VLAN priority field value) VSC-based priority This mechanism is unique to HP. It enables you to assign a single priority level to all traffic on a VSC. If you enable the VSC-based priority mechanism, it takes precedence regardless of the priority mechanism supported by associated client stations.

  • Page 109: Differentiated Services (Diffserv)

    Working with VSCs Quality of service (QoS) Differentiated Services (DiffServ) This mechanism classifies traffic based on the value of the Differentiated Services (DS) codepoint field in IPv4 and IPv6 packet headers (as defined in RFC2474). The codepoint is composed of the six most significant bits of the DS field. Queue DiffServ (DS codepoint value) 111000 (Network control)

  • Page 110: Upstream/Downstream Traffic Marking

    Working with VSCs Quality of service (QoS) Upstream/downstream traffic marking Depending on the priority mechanism that is active, upstream and downstream traffic is marked as described in this section. Upstream traffic marking This table describes the marking applied to wireless traffic sent by connected client stations to the AP and then forwarded onto the wired network by the AP.
  • Page 111 Working with VSCs Quality of service (QoS) Note Although the WMM specification refers to 802.1D and not 802.1p, this guide uses the term 802.1p because it is more widely recognized. (The updated IEEE 802.1D: ISO/IEC 15802-3 (MAC Bridges) standard covers all parts of the Traffic Class Expediting and Dynamic Multicast Filtering described in the IEEE 802.1p standard.) 4-27...
  • Page 112 Working with VSCs Quality of service (QoS) 4-28...
  • Page 113 Chapter 5: Network configuration Network configuration Contents Port configuration ......................5-2 Bridge port configuration ..................5-3 Port configuration ....................5-4 Wireless port configuration..................5-5 VLAN support .......................5-5 Defining a VLAN ....................5-5 Defining an egress VLAN for a VSC..............5-7 Configuring a default VLAN .................5-8 Assigning VLANs to individual users ..............5-8 VLAN bridging......................5-9 Bandwidth control .......................5-9 Discovery protocols ....................5-10...

  • Page 114: Port Configuration

    Network configuration Port configuration Port configuration The Port configuration page displays summary information about all logical and physical ports and VLANs. Open this page by selecting Network > Ports. Note If the AP you are configuring only has a single port, this manual refers to it as Port 1. Ignore references to Port 2.

  • Page 115: Bridge Port Configuration

    Network configuration Port configuration Bridge port configuration All ports (Ethernet and wireless) on the AP are bridged. Therefore, common settings are configured using the bridge port (which is a logical port). To verify, and possibly adjust bridge port configuration, select Network > Ports > Bridge port. Assign IP address via The bridge port supports the following addressing options: ...

  • Page 116: Vlan

    Network configuration Port configuration Port configuration To verify and possibly adjust port configuration, select Network > Ports > [Port 1 | Port 2]. Configuration options for both ports are the same. VLAN Allows you to define a default VLAN on the port. VLAN ID Defines the default VLAN ID for this port.

  • Page 117: Link

    Network configuration VLAN support Link Speed  Auto: Lets the AP automatically set port speed based on the type of equipment it is connected to.  10: Forces the port to operate at 10 mbps.  100: Forces the port to operate at 100 mbps. ...

  • Page 118: Creating A Network Profile

    Network configuration VLAN support Creating a network profile 1. Select Network > Network profiles. By default the list is empty. 2. Select Add New Profile. 3. Under Settings, specify a Name to identify the profile. 4. Select VLAN, and then set ID to the VLAN ID you want to assign. You can also define a range of VLANs in the form X-Y, where X and Y can be 1 to 4094.

  • Page 119: Defining An Egress Vlan For A Vsc

    Network configuration VLAN support 2. Select Add New VLAN. The Add/Edit VLAN page opens. 3. Under General, select the port to which the VLAN will be bound. Once a VLAN has been defined on a port, the port assignment cannot be changed. To assign the VLAN to a different port, delete the VLAN definition and create a new one on the required port.

  • Page 120: Configuring A Default Vlan

    Network configuration VLAN support 2. Under Egress VLAN, select an VLAN ID. To be included in the drop-down list, the VLAN must be defined on the Network > Ports page and not be assigned to a VLAN range. 3. Select Save. Configuring a default VLAN You can configure port 1 (or port 2) with a default VLAN setting so that any outgoing traffic that is not tagged with a VLAN ID receives the default VLAN ID.

  • Page 121: Vlan Bridging

    Network configuration Bandwidth control VLAN bridging If you assign a VLAN ID to more than one interface, the VLAN is bridged across the interfaces. For example, if you create the VLANs shown in the following table, all VLAN traffic with ID 50 is bridged across all three interfaces.

  • Page 122: Discovery Protocols

    Network configuration Discovery protocols Discovery protocols Select Network > Discovery protocols to configure LLDP and CDP options. Both protocols provide a mechanism for devices on a network to exchange information with their neighbors. The AP can be configured to transmit CDP (Cisco Discovery Protocol) information on all ports.

  • Page 123: Lldp Agent

    Network configuration Discovery protocols LLDP operates at layer 2 and requires an LLDP agent to be active on each network interface that will send and receive LLDP advertisements. LLDP advertisements can contain a variable number of TLV (type, length, value) information elements. Each TLV describes a single attribute of a device.

  • Page 124: Tlv Settings

    Network configuration Discovery protocols Generate dynamic system names When enabled, this feature replaces the system name with a dynamically generated value containing the following information:  System name of the neighboring device to which the port is connected, obtained via the System Name TLV.

  • Page 125: Tlvs

    Network configuration Discovery protocols Mandatory TLVs The AP always sends these TLVs with the values as shown. Chassis ID (Type 1): The MAC address of the AP.   Port ID (Type 2): The MAC address of the port on which the TLV will be transmitted. ...

  • Page 126: Dns

    Network configuration The AP provides several options to customize DNS handling. To configure these options, select Network > DNS. DNS servers  Server 1: Specify the IP address of the primary DNS server for the AP to use.  Server 2: Specify the IP address of the secondary DNS server for the AP to use. ...

  • Page 127: Ip Routes

    Network configuration IP routes DNS switch over This setting controls how the AP switches back to the primary DNS server after it has switched to the secondary DNS server because the primary was unavailable.  When enabled, the AP switches back to the primary server after it becomes available again.

  • Page 128: Ip Qos

    Network configuration IP QoS  Gateway: IP address of the gateway to which the AP forwards routed traffic (known as the next hop). An asterisk is used by system routes to indicate a directly connected network.  Metric: Priority of a route. If two routes exist for a destination address, the AP chooses the one with the lower metric.

  • Page 129: Configuration

    Network configuration IP QoS Configuration To view and configure IP QoS profiles, select Network > IP QoS. Initially, no profiles are defined. To create an IP QoS profile select Add New Profile. Settings  Profile name: Specify a unique name to identify the profile. ...

  • Page 130: Example

    Network configuration IP QoS Example This example shows how to create two IP QoS profiles and associated them with a VSC. The two profiles are:  Voice: Provides voice traffic with high priority.  Web: Provides HTTP traffic with low priority. Create the profiles 1.

  • Page 131: Assign The Profiles To A Vsc

    Network configuration IP QoS 11. Set Priority to Low. 12. Select Save. Assign the profiles to a VSC 1. Select VSC on the main menu and then select one of the VSC profiles in the Name column. Scroll down to the Quality of service section under Virtual AP . 2.

  • Page 132: 802.1X Supplicant

    Network configuration 802.1X supplicant 802.1X supplicant The 802.1X supplicant can be used when the AP is connected to a secure switch port that requires 802.1X authentication. To configure the 802.1X supplicant, select Network > 802.1X supplicant. Important If this option is enabled and the AP is connected to a unsecured switch port, 802.1X is ...
  • Page 133 Network configuration 802.1X supplicant Anonymous Name used outside the TLS tunnel by all three EAP methods. If this field is blank, then the value specified for Username is used instead. 5-21...
  • Page 134 Network configuration 802.1X supplicant 5-22...
  • Page 135 Chapter 6: Security Security Contents Using an external RADIUS server ................6-2 Configuring a RADIUS client profile on the AP..........6-2 Configuring user accounts on a RADIUS server ..........6-5 Configuring administrative accounts on a RADIUS server ......6-11 Managing certificates....................6-12 Trusted CA certificate store ................6-12 Certificate and private key store ...............6-14 Certificate usage ....................6-16 About certificate warnings .................6-17...

  • Page 136: Using An External Radius Server

    4-19. Note  On VSCs that have the Use HP MSM controller option enabled (creating an access- controlled VSC), see the MSM7xx Controllers Management and Configuration Guide for details on how user authentication is configured.  When a VSC has the Use HP MSM controller option disabled (creating a non-access- controlled VSC), an external RADIUS server can be used to validate user credentials for WPA, 802.1X, or MAC-based authentication as described in this section.

  • Page 137: To Define A Radius Profile

    Security Using an external RADIUS server To define a RADIUS profile 1. Select Authentication > RADIUS profiles. The RADIUS profiles page opens. 2. Select Add New Profile. The Add/Edit RADIUS Profile page opens. 3. Configure the profile settings as described in the following section. 4.
  • Page 138 Security Using an external RADIUS server  Retry interval: Specify the number of seconds that the RADIUS server waits before access and accounting requests time out. If the server does not receive a reply within this interval, the AP switches between the primary and secondary RADIUS servers, if a secondary server is defined.

  • Page 139: Configuring User Accounts On A Radius Server

    Security Using an external RADIUS server Primary/Secondary RADIUS server  Server address: IP address or fully-qualified domain name of the primary RADIUS server.  Secret/Confirm secret: Specify the password for the AP to use to communicate with the RADIUS server. The shared secret is used to authenticate all packets exchanged with the server, proving that the packets originate from a valid/trusted source.
  • Page 140 Security Using an external RADIUS server Descriptions  Acct-Session-Id (32-bit unsigned integer): A unique accounting ID used to make it easy to match up records in a log file.  Called-Station-Id (string): BSSID of the VSC used by a wireless client, or the MAC address of the LAN port used by a wired client.

  • Page 141: Access Accept Attributes

    Security Using an external RADIUS server  Vendor-specific attribute type number = 0 Attribute type: A string in the following format =  Access Accept attributes This table lists all attributes supported in Access Accept packets for each authentication type. Attribute Admin login 802.1X...

  • Page 142: Access Reject Attributes

    Security Using an external RADIUS server  MAC clients are blocked and must de-associate and then re-associate to start a new MAC authentication cycle.  Termination-Action: As defined by RFC 2865. If set to 1:  Customer traffic is not allowed during the 802.1X re-authentication. ...

  • Page 143: Accounting Request Attributes

    ✔ ✔ NAS-Port ✔ ✔ NAS-Port-Type ✔ ✔ User-Name Vendor-specific (HP/Colubris) ✔ ✔ SSID Descriptions  Acct-Input-Gigawords (32-bit unsigned integer): High 32-bit value of the number of octets/bytes received by the user. Only present when Acct-Status-Type is Interim-Update or Stop.
  • Page 144 Security Using an external RADIUS server  Acct-Output-Gigawords (32-bit unsigned integer): High 32-bit value of the number of octets/bytes sent by the user. Only present when Acct-Status-Type is Interim-Update or Stop. As defined in 2869.  Acct-Output-Octets (32-bit unsigned integer): Low 32-bit value of the number of octets/ bytes sent by the user.

  • Page 145: Configuring Administrative Accounts On A Radius Server

     Vendor-specific (Colubris-AVPair SSID): SSID that the customer is associated with. The HP Colubris-AVPair attribute conforms to RADIUS RFC 2865. You may need to define this attribute on your RADIUS server (if it is not already present) using the following...

  • Page 146: Managing Certificates

    Security Managing certificates  Vendor-specific attribute type number = 0 Attribute type: A string in the following format =  The following keyword and value is supported for administrative accounts: web-administrative-role=role Where: Parameter Description Use one of the following values to identify the role of the account: role ...

  • Page 147: Installing A New Ca Certificate

    Security Managing certificates The AP uses the CA certificates to validate certificates supplied by: Managers accessing the AP management tool   SOAP clients communicating with the AP SOAP server The following information is displayed for each certificate in the list: A sequentially assigned number to help identify certificates with the same common name.

  • Page 148: Default Ca Certificates

    SOAP client to ensure that it is issued by a trusted certificate authority (CA).  Management Console Dummy Authority: Used when the management tool communicates with HP PCM/PMM software. Certificate and private key store Caution For security reasons, you should replace the default certificate with your own.

  • Page 149: Installing A New Private Key/Public Key Certificate Chain Pair

    Default installed private key/public key certificate chains The following private key/public key certificate chains are installed by default:  wireless.hp.local: Default certificate used by the management tool, SOAP server, and HTML-based authentication.  Management Default client certificate: This certificate is used to identify the management tool when it communicates with HP PCM/PMM software.

  • Page 150: Certificate Usage

    Security Managing certificates Note When a web browser connects to the AP using SSL, the AP sends only its own SSL certificate to the browser. This means that if the certificate has been signed by an intermediate certificate authority, and if the web browser only knows about the root certificate authority that signed the public key certificate of the intermediate certificate authority, the web browser does not get the whole certificate chain it needs to validate the identity of the AP.

  • Page 151: Changing The Certificate Assigned To A Service

    Security MAC lockout Changing the certificate assigned to a service Select the service name to open the Certificate details page. For example, if you select Web management tool, you will see: Under Authentication to the peer, select a new Local certificate and then select Save. About certificate warnings When you connect the management tool, certificate warnings occur because the default certificate installed on the AP is not registered with a certificate authority.
  • Page 152 Security MAC lockout Adding a MAC lockout address 1. Select Security > MAC lockout. 2. Select Add New MAC Address. 3. Specify the MAC address as six pairs of hexadecimal digits separated by colons. For example: 00:00:00:0a:0f:01. 4. Select Save. 6-18...
  • Page 153 Chapter 7: Local mesh Local mesh Contents Introduction ........................7-2 Local mesh link types ....................7-3 Static local mesh links ..................7-3 Dynamic local mesh links..................7-4 Quality of service ......................7-6 Radio configuration .....................7-7 LLDP ..........................7-9 Local mesh profiles ......................7-9 Configuring a local mesh profile ...............7-10 Sample local mesh deployments ................7-16 RF extension ......................7-16 Building-to-building connections ..............7-17...

  • Page 154: Introduction

    Local mesh Introduction Introduction The local mesh feature enables you to create wireless links between one or more APs. These links create a wireless bridge that interconnects the networks connected to the Ethernet port on each AP. For example, AP #2 and AP #3 use the local mesh feature to create a wireless link between the main office network and a small network in a warehouse.

  • Page 155: Local Mesh Link Types

    Local mesh Local mesh link types Note Depending on the radio regulations of some countries, DFS channels are only available on the 802.11aband, which is the preferred band for local mesh backhaul. If more than one node detects radar simultaneously and must switch channels, each node does not necessarily switch to the same channel, and the network might never reconverge.

  • Page 156: Dynamic Local Mesh Links

    Local mesh Local mesh link types  All APs must be on the same subnet, and each AP must have a unique IP address. If AES/CCMP security is enabled, the same key must be defined on all APs.   Only one static wireless link can be defined between any two APs.

  • Page 157: Operational Modes

    Local mesh Local mesh link types Term Definition Alternate master A node that is configured in Alternate master mode, which enables it node to make upstream and downstream connections. Slave node A node that is configured in Slave mode, which enables it to make upstream connections only.

  • Page 158: Quality Of Service

    Local mesh Quality of service Operating channel If a mesh operates on a dynamic frequency selection (DFS) channel, the master node selects the operating channel. If another node detects radar and switches channels, that node reports the channel switch to the master node, which initiates a channel switch for the nodes connected to it.

  • Page 159: Radio Configuration

    Local mesh Radio configuration Radio configuration Simultaneous AP and local mesh support (single radio) A single radio can be configured to simultaneously support wireless users and one or more local mesh links. Although this offers flexibility, it does have the following limitations: ...
  • Page 160 Local mesh Radio configuration This is a global setting that applies to all wireless connections made with a radio, not just for local mesh links. Therefore, if you are also using a radio to access an AP, adjusting this setting may lower the performance for users with marginal signal strength or when interference is present.

  • Page 161: Lldp

    Local mesh LLDP LLDP Support can be enabled for LLDP on local mesh links (see LLDP over local mesh on page 5-11). When this feature is active, APs on the other side of a local mesh link are shown as neighbors. Note LLDP is not supported over local mesh links on APs operating in controlled mode.

  • Page 162: Configuring A Local Mesh Profile

    Local mesh Local mesh profiles To view or add profiles select Wireless > Local mesh. To configure a profile, select its name in the list. Or to add a profile, select Add New Profile. Configuring a local mesh profile To configure a profile, select its name in the list. The Local mesh profile page opens. 7-10...

  • Page 163: Settings

    Local mesh Local mesh profiles Settings Enabled/Disabled Specify if the profile is enabled or disabled. The profile is only active when enabled. Name Name of the profile. Select the interface to use for this link. Speed (Static links only) Sets the speed the link will operate at. For load balancing, you may want to limit the speed of a link when connecting to multiple destinations.

  • Page 164: Addressing

    Local mesh Local mesh profiles Addressing Static Use this option to create simple back-to-back links between two APs. When creating static links, both APs must be operating on the same wireless channel. Make sure that the channel selection on the Wireless > Radio(s) page is not set to Automatic. ...
  • Page 165 Local mesh Local mesh profiles  Slave: Slave nodes can only establish upstream links with master or alternate master nodes. Slave nodes cannot establish downstream links with any other nodes.  Alternate Master: An alternate master node must first establish an upstream link with a master or alternate master node before it can establish downstream link with an alternate master or slave node.
  • Page 166 Local mesh Local mesh profiles Minimum SNR (Alternate master or slave nodes) This node will only connect with other nodes whose SNR is above this setting (in dB). SNR cost per hop (Alternate master or slave nodes) This value is an estimate of the cost of a hop in terms of SNR. It indicates how much SNR a node is willing to sacrifice to connect to node one hop closer to the root node, because each hop has an impact on performance, especially when using a single radio.
  • Page 167 Local mesh Local mesh profiles When a node joins a new mesh, it is considered to be the consequence of a car change (or replacement of an AP). This event triggers the following actions:  The node software is updated, given that a software update URL is configured. ...

  • Page 168: Sample Local Mesh Deployments

    Local mesh Sample local mesh deployments Restart Discovery (Alternate master or slave nodes) This button tells the AP to bring down any link it has already established and restart looking for the best master to which it can connect. It can be used when a new master is installed close to a slave and you want the slave to connect to that master, without rebooting.

  • Page 169: Building-To-Building Connections

    Local mesh Sample local mesh deployments Building-to-building connections You can also use local mesh to create point-to-point links over longer distances. in this scenario, two dual-radio APs create a wireless link between networks in two adjacent buildings. Each AP is equipped with a directional external antenna attached to radio 1 to provide the wireless link.

  • Page 170: Dynamic Networks

    Local mesh Sample local mesh deployments Dynamic networks In this scenario, a controller is deployed with several APs to provide wireless coverage of a large area. Instead of using a backbone LAN, wireless links are used to interconnect all APs. AP 1 is the master.
  • Page 171 Chapter 8: Maintenance Maintenance Contents Config file management....................8-2 Manual configuration file management ..............8-2 Scheduled operations....................8-3 Software updates......................8-4 Performing an immediate software update............8-5 Performing a scheduled update................8-5 Licenses .........................8-5 Factory reset considerations ................8-7 Generating and installing a feature license ............8-7...

  • Page 172: Config File Management

    Maintenance Config file management Config file management The configuration file contains all the settings that customize the operation of the AP. You can save and restore the configuration file manually or automatically. Select Maintenance > Config file management. Manual configuration file management The following options are available for manual configuration file management.

  • Page 173: Reset Configuration

    Maintenance Config file management  All other configuration information: All other configuration information is saved as plain text, allowing the settings to be viewed with a standard text editor. Reset configuration Resetting to factory defaults on page D-1. Restore configuration The Restore configuration option enables you to load a previously saved configuration file.

  • Page 174: Software Updates

    Maintenance Software updates 6. For URL, specify the path that leads to the local or remote directory in which to save the configuration file or from which to load the configuration file. For example:  ftp://username:[email protected]/new.cfg  http://192.168.132.11/new.cfg 7. Select Validate to test that the specified URL is correct. 8.

  • Page 175: Performing An Immediate Software Update

    Maintenance Licenses Performing an immediate software update To update the AP software now, Browse to the software file (extension .cim) and then select Install. Performing a scheduled update The AP can automatically retrieve and install software from a local or remote web site identified by its URL.

  • Page 176: Factory Installed Licenses

    Maintenance Licenses Select Maintenance > Licenses. An example from the MSM320 is shown. Factory installed licenses This table lists all licenses that were installed on the AP at the factory. These licenses are always active and cannot be removed or disabled. User installed licenses This table lists all user installed licenses.

  • Page 177: Factory Reset Considerations

    Once you receive your license registration card, follow this procedure to generate and install a feature license on your AP. Generating a license 1. Go to www.hp.com/networking/mynetworking and sign in. New users must first create an account. 2. Select the My Licenses tab at the top of the page.

  • Page 178: Installing A License

    Maintenance Licenses 8. Use the Save As button to save the license key file on your system or use Send Email to send the license key file and information to an email address. The email will contain both the license file and the license key information displayed on this page. 9.

  • Page 179: Console Port Connector Specifications

    Appendix A: Console ports Console ports Contents Console port connector specifications..............A-2 MSM335 and MSM422 console port ..............A-2 MSM410, E-MSMS430, E-MSM460, E-MSM466 console port ......A-2...

  • Page 180: Console Port Connector Specifications

    Console ports Console port connector specifications Console port connector specifications The console ports are wired as described in this section. MSM335 and MSM422 console port The MSM335 and MSM422 provide a DB-9 (female) console (serial) port connector. The DB-9 connector (DCE) has pin assignments as follows: To connect to a computer, use a standard (straight-through) serial cable (male-to-female).

  • Page 181: Regulatory Information

    Appendix B: Regulatory information Regulatory information Contents Notice for U.S.A....................B-2 Notice for Canada....................B-3 Notice for the European Community..............B-4 Supported External Antennas................B-5 Notice for Brazil, Aviso aos usuários no Brasil ..........B-6 Notice for Taiwan ....................B-6 DOCs for the European Community ..............

  • Page 182: Notice For U.s.a

    Regulatory information Notice for U.S.A. Manufacturer's FCC Declaration of Conformity Statement Manufacturer: Hewlett-Packard Company 3000 Hanover Street Palo Alto, CA 94304-1185 USA For questions regarding this declaration, contact the Product Regulations Manager at the above address or phone number. FCC Class B statement (Applies to: MSM310, MSM310-R, MSM320, MSM325, MSM320-R, MSM335, MSM422, E-MSM430, E-MSM460, and E-MSM466.) This FCC Class B device complies with Part 15 of the FCC rules.

  • Page 183: Fcc Class A Statement

    Regulatory information FCC Class A statement (Applies to: MSM410) This is an FCC Class A device. In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures. This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules.

  • Page 184: Notice For The European Community

    R&TTE Directive 1999/5/EC. Compliance with these directives implies conformity to harmonized European standards (European Norms) that are listed on the EU Declaration of Conformity that has been issued by HP for this device. See also DOCs for the European Community on page B-6.

  • Page 185: Disposal Of Waste Equipment By Users In Private Household In The European Union

    Regulatory information  This device employs a radar detection feature required for European Community and EFTA country operation in the 5 GHz band. This feature is automatically enabled when the country of operation is correctly configured for any European Community or EFTA country.

  • Page 186: Notice For Brazil, Aviso Aos Usuários No Brasil

    Regulatory information Notice for Brazil, Aviso aos usuários no Brasil Este equipamento opera em caráter secundário, isto é, não tem direito à proteção contra interferência prejudicial, mesmo de estações do mesmo tipo, e não pode causar interferência a sistemas operando em caráter primário. Notice for Taiwan DGT LPD (Low Power Device) Statement DOCs for the European Community...
  • Page 187 Supplier’s Name: Hewlett-Packard Company Manufacturer's Address: 8000 Foothills Blvd., Roseville, CA 95747 U.S.A. declares, that the product Product Name: HP E-MSM310,E-MSM313 Access Point Product Number(s): J9379B, J 9350B Regulatory Model No: MRLBB-0901 Product Options: J8441A, J 8444A, J8997A, J8999A, J9401A, J9405A/B,...
  • Page 188 Hewlett-Packard Company Manufacturer's Address: 8000 Foothills Blvd., Roseville, CA 95747 U.S.A. declares, that the product Product Name: HP E-MSM320, E-MSM325 Access Point Product Number(s): J9364B, J 9373B Regulatory Model No: MRLBB-0902 Product Options: J8441A, J 8444A, J8997A, J8999A, J9401A, J9405A/B,...
  • Page 189 Supplier’s Name: Hewlett-Packard Company Manufacturer's Address: 8000 Foothills Blvd., Roseville, CA 95747 U.S.A. declares, that the product Product Name: HP E-MSM310-R Access Point Product Number(s): J9383B Regulatory Model No: MRLBB-0904 conforms to the following Product Specifications: Safety: IEC 60950-1:2005 / EN 60950-1:2006...
  • Page 190 Supplier’s Name: Hewlett-Packard Company Manufacturer's Address: 8000 Foothills Blvd., Roseville, CA 95747 U.S.A. declares, that the product Product Name: HP E-MSM320-R Access Point Product Number(s): J9368B Regulatory Model No: MRLBB-0903 conforms to the following Product Specifications: Safety: IEC 60950-1:2005 / EN 60950-1:2006...
  • Page 191 Supplier’s Name: Hewlett-Packard Company Manufacturer's Address: 8000 Foothills Blvd., Roseville, CA 95747 U.S.A. declares, that the product Product Name: HP E-MSM335 Access Point Product Number(s): J9357B Regulatory Model No: MRLBB-0910 Product Options: J8441A, J 8444A, J8997A, J8999A, J9401A, J9406A, J9407A...
  • Page 192 Supplier’s Name: Hewlett-Packard Company Manufacturer's Address: 200 Forest Street, Marlborough, MA 01752-3085 U.S.A. declares, that the product Product Name: HP E-MSM410 Access Point Product Number(s): J9427A, J 9427B, J9626A Regulatory Model No: MRLBB-0802 conforms to the following Product Specifications: Safety:...
  • Page 193 Hewlett-Packard Company Manufacturer's Address: 8000 Foothills Blvd., Roseville, CA 95747 U.S.A. declares, that the product Product Name: HP E-MSM422 Access Point Product Number(s): J9359B, J 9617A Regulatory Model No: MRLBB-0909 Product Options: J8441A, J 8444A, J8997A, J8999A, J9401A, J9406A, J9407A...
  • Page 194 Hewlett-Packard Company Manufacturer's Address: 8000 Foothills Blvd., Roseville, CA 95747 U.S.A. declares, that the product Product Name: HP E-MSM430 Dual Radio 802.11n AP HP E-MSM460 Dual Radio 802.11n AP Product Number(s): J9651A, J 9653A J9591A, J 9618A Regulatory Model No: MRLBB-1001...
  • Page 195 Supplier’s Name: Hewlett-Packard Company Manufacturer's Address: 8000 Foothills Blvd., Roseville, CA 95747 U.S.A. declares, that the product Product Name: HP E-MSM466 Dual Radio 802.11n AP Product Number(s): J9622A, J 9619A Regulatory Model No: MRLBB-1002 Product Options: J9169A, J 9170A, J9171A, J9659A...
  • Page 196 Regulatory information B-16...

  • Page 197: Connecting External Antennas

    Appendix C: Connecting external antennas Connecting external antennas Contents Introduction ......................... C-2 802.11n MIMO antennas for the E-MSM466 ............C-2 802.11a/b/g antennas for MSM APs ..............C-3 Radio power-level setting example ................C-5...

  • Page 198: Introduction

    Antenna Power-Level Setting Guide (for MSM Products) available from www.hp.com/networking/support. This appendix applies to you if you use any of the HP antennas discussed in this appendix with HP MSM access points. Guides for the antennas discussed in this appendix are available online from: www.hp.com/networking/support.

  • Page 199: 802.11A/B/G Antennas For Msm Aps

    HP offers a lightning arrestor as an accessory, HP product number J8996A. All HP devices are designed to be compliant with the rules and regulations in locations they are sold and will be labeled as required. Any changes or modifications to HP equipment, not expressly approved by HP, could void the user's authority to operate this device.

  • Page 200: Optional 802.11A/B/G Antennas For Msm Aps

    Connecting external antennas Introduction Optional 802.11a/b/g antennas for MSM APs These four optional 802.11a/b/g antennas are certified for use with these MSM APs: Antenna Freq. 4.4 dBi 7.4 dBi 3/4 dBi 6.9/7.7 dBi Band 2.4GHz 2.4GHz Dual Band Dual Band (J8441A) (J8444A) (J8997A)

  • Page 201: Radio Power-Level Setting Example

    Search for the part number of your antenna. In this example, an optional HP antenna J8997A is to be used on an autonomous MSM AP configured for 802.11g in the USA. Per the Maximum RF Power Setting chart screenshot below, the intersection of row UNITED STATES and column 802.11g Mode/J8997A,...
  • Page 202  For autonomous access points, see Transmit power control on page 3-31.  For controlled access points, see Transmit power control in the MSM7xx Controllers Management and Configuration Guide. Documentation is available online from: www.hp.com/networking/support. For Product Brand, select ProCurve.

  • Page 203: Read This Before Resetting To Factory Defaults

    Appendix D: Resetting to factory defaults Resetting to factory defaults Contents Read this before resetting to factory defaults ............D-2 Resetting to factory defaults..................D-2 Using the reset button..................D-2 Using the management tool................. D-2 Factory defaulting ruggedized products ..............D-4...

  • Page 204: Read This Before Resetting To Factory Defaults

    Resetting to factory defaults Read this before resetting to factory defaults Read this before resetting to factory defaults Resetting an AP to factory defaults has the following effects:  The AP is returned to controlled mode operation. If required, switch the AP back to autonomous mode as described in the product Quickstart.
  • Page 205 Resetting to factory defaults Resetting to factory defaults 2. Under Reset configuration, select Reset. To reset the AP to factory defaults and FORCE it back into its default controlled mode, follow this procedure: 1. Select Maintenance > System. 2. Under Factory reset, select Reset to Factory Default.

  • Page 206: Factory Defaulting Ruggedized Products

    (for Product Brand, select ProCurve). Look for a zip file with the Factory Default Scripts for the HP MSM310-R and MSM320-R. Download the zip file and extract its content to a folder on your computer. ...
  • Page 207 Resetting to factory defaults Factory defaulting ruggedized products To reset a ruggedized product to factory defaults, follow this procedure: 1. Disconnect any cable from the AP. 2. Disconnect power from the PoE injector. 3. Configure your computer LAN port with a static IP address of 192.168.1.2 and a subnet mask of 255.255.255.0.
  • Page 208 Resetting to factory defaults Factory defaulting ruggedized products...
  • Page 210 To learn more, visit www.hp.com/networking © Copyright 201 1 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services.

This manual is also suitable for:

Msm4xxMsm310Msm310-rMsm320Msm320-rMsm325 ... Show all

Table of Contents