Alcatel-Lucent AOS-W 6.5.3.x

To Next Page

To Previous Page

712| Remote Access Points AOS-W 6.5.3.x| User Guide

n Persistent—Permanently enables the virtual AP after the remote AP initially connects to the switch.

Recommended for 802.1X SSIDs.

n Standard—Enables the virtual AP when the remote AP connects to the switch. Recommended for 802.1X,

tunneled, and split-tunneled SSIDs. This is the default behavior.

While using the backup configuration, the remote AP periodically retries its IPSec tunnel to the switch. If you

configure the remote AP in backup mode, and a connection to the switch is re-established, the remote AP stops

using the backup configuration and immediately brings up the standard remote AP configuration. If you

configure the remote AP in always or persistent mode, the backup configuration remains active after the IPSec

tunnel to the switch has been re-established.

Backup Configuration Behavior for Wired Ports

If the connection between the remote AP and the switch is disconnected, the remote AP will be exhibit the

following behavior:

n All access ports on the remote AP will be moved to bridge forwarding mode ,irrespective of their original

forwarding mode..

n Clients will receive an IP address from the remote AP's DHCP server.

n Clients will have complete access to Remote AP's uplink network. You cannot enforce or modify any access

control policies on the clients connected in this mode.

This section describes the following topics:

n Configuring Fallback Mode on page 712

n Configuring the DHCP Server on the Remote AP on page 714

n Configuring Advanced Backup Options on page 716

Configuring Fallback Mode

To configure the fallback mode, you must:

n Configure the AAA profile

n Configure the virtual AP profile

Configuring the AAA Profile for Fallback Mode

In the WebUI

The AAA profile defines the authentication method and the default user role for unauthenticated users:

1. Navigate to the Security > Authentication > AAA Profiles page. From the AAA Profiles Summary list,

click Add.

2. Enter the AAA profile name, then click Add.

3. Select the AAA profile that you just created:

a. For Initial role, select the appropriate role (for example, “logon”).

b. For 802.1X Authentication Default Role, select the appropriate role (for example, “default”), then

click Apply.

c. Under the AAA profile that you created, locate 802.1X Authentication Server Group, and select the

authentication server group to use (for example “default”), then click Apply.

If you need to create an 802.1X authentication server group, select new from the 802.1X Authentication Server

Group drop-down list, and enter the appropriate parameters.

Alcatel-Lucent AOS-W 6.5.3.x - Page 712