EasyManuals Logo

Siemens SCALANCE W1750D UI User Manual

Siemens SCALANCE W1750D UI
570 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #539 background imageLoading...
Page #539 background image
AP-VPN Deployment Scenarios
35.2 Scenario 2 - IPsec: Single Datacenter with Multiple controllers for Redundancy
SCALANCE W1750D UI
Configuration Manual, 02/2018, C79000-G8976-C451-02
539
Configuration Steps
CLI Commands
UI Procedure
7. Configure wired port and
wireless SSIDs using the au-
thentication servers.
Configure wired ports to operate in L3 mode and associate
Distributed, L3 mode VLAN 30 to the wired port profile.
(scalance)(config) # wired-port-profile wired-
port
(scalance)(wired-port-profile "wired-port")#
switchport-mode access
(scalance)(wired-port-profile "wired-port")#
allowed-vlan all
(scalance)(wired-port-profile "wired-port")#
native-vlan 30
(scalance)(wired-port-profile "wired-port")# no
shutdown
(scalance)(wired-port-profile "wired-port")#
access-rule-name wired-port
(scalance)(wired-port-profile "wired-
port")# type
employee
(scalance)(wired-port-profile "wired-port")#
auth- server server1
(scalance)(wired-port-profile "wired-port")#
auth- server server2
(scalance)(wired-port-profile "wired-port")#
dot1x
(scalance)(wired-port-profile "wired-
port")# exit
(scalance)(config)# enet1-port-profile wired-port
Configure a wireless SSID to operate in L2 mode and
associate Centralized, L2 mode VLAN 20 to the WLAN
SSID profile.
(scalance)(config) # wlan ssid-profile guest
(scalance)(SSID Profile "guest")# enable
(scalance)(SSID Profile "guest")# type guest
(scalance)(SSID Profile "guest")# essid guest
(scalance)(SSID Profile "guest")# opmode opensys-
tem
(scalance)(SSID Profile "guest")# vlan 20
(scalance)(SSID Profile "guest")# auth-server
server1
(scalance)(SSID Profile "guest")# auth-server
server2
(scalance)(SSID Profile "guest")# captive-portal
internal
NOTE:
This example uses internal captive portal use case
using external authentication server. You can also use an
external captive portal example.
NOTE:
The SSID type
guest
is used in this example to
enable configuration of captive portal. However, corporate
access through VPN tunnel is still allowed for this SSID
because the VLAN associated to this SSID is a VPN-
enabled VLAN (20 in this example).
See Configuring a Wired
Profile and Wireless Net-
work Profiles
8. Create access rule for wired
and wireless authentication. In
this example, the rule permits
all traffic.
For wired profile:
(scalance)(config)# wlan access-rule wired-port
(scalance)(Access Rule "wired-port")# rule any
any match any any any permit
For WLAN SSID:
(scalance)(config)# wlan access-rule guest
(scalance)(Access Rule "guest")# rule any any
match any any any permit
See Configuring ACL Rules
for Network Services
NOTE
: Ensure that you execute the
commit apply
command in the SCALANCE W CLI before saving the configuration and
propagating changes across the AP cluster.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Siemens SCALANCE W1750D UI and is the answer not in the manual?

Siemens SCALANCE W1750D UI Specifications

General IconGeneral
BrandSiemens
ModelSCALANCE W1750D UI
CategoryWireless Access Point
LanguageEnglish

Related product manuals