About the HP 830 Series Switch and HP 10500/7500 20G Unified Module s Part number: 5998-3903 Software version: 3308P29 (HP 830 Series Switch) 2308P29 (HP 10500/7500 20G Unified Module) Document version: 6W102-20131112
Legal and notice information Copyright 2013 Hewlett-Packard Development Company, L.P. No part of this documentation may be reproduced or transmitted in any form or by any means without prior written consent of Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
Contents About the HP 830 Series Switch and HP 10500/7500 20G Unified Module s 1 Typical network scenarios 4 HP 10500/7500 20G unified wired-wlan module network scenario 4 HP 830 series PoE+ unified wired-wlan switch network scenario 4 Feature matrixes 6 Support and other resources 10 Contacting HP 10 Subscription service 10 Related information 10 Documents 10 Websites 10 Conventions 11 i
About the HP 830 Series Switch and HP 10500/7500 20G Unified Module s The HP 830 Series Switch and HP 10500/7500 20G Unified Module s describe the software features for the HP 830 series PoE+ unified wired-wlan switch access controller engine and HP 10500/7500 20G unified wired-wlan module, and guide you through the software configuration procedures. These configuration guides also provide configuration examples to help you apply the software features to different network scenarios. on guide Fundamentals on Guide WLAN Content Describes how to access the command line interface (CLI), log in to and set up the AC, upgrade the software, manage files and licenses, and use the basic management functions. This guide includes: CLI Login management FTP and TFTP File system management on file management Software upgrade License management Device management Describes how to configure WLAN services, WLAN security, WLAN roaming, WLAN RRM, WLAN QoS, WLAN IDS, and WLAN mesh link. This guide includes: WLAN interface WLAN access WLAN security IACTP tunnel and WLAN roaming WLAN RRM WLAN IDS WLAN QoS WLAN mesh link Advanced WLAN WLAN high availability WLAN optimization 1
on guide Layer 2 Layer 3 IP Multicast on Guide ACL and QoS on Guide Content Covers Layer 2 technologies and features used on a LAN switched network, such as Ethernet interface, loopback and null interfaces, VLAN technology, MAC address table management, and Layer 2 forwarding. This guide includes: Ethernet interface Loopback and null Interfaces VLAN MAC address table Ethernet link aggregation Layer 2 forwarding PPPoE Describes IP addressing (including static and dynamic IPv4 and IPv6 address assignment), network performance optimization, ARP, and interoperation between IPv4 and IPv6. This guide includes: ARP IP addressing DHCP DHCPv6 DNS IPv6 DNS Adjacency table Flow classification IPv6 basics IP performance optimization IP routing basics Static routing IPv6 static routing Covers Layer 2 IPv4 multicast protocol IGMP snooping, and Layer 2 IPv6 multicast protocol MLD snooping. This guide includes: IGMP snooping MLD snooping Multicast VLAN IPv6 multicast VLAN Describes how to classify traffic with ACLs, and allocate network resources and manage congestions with QoS technologies to improve network performance and network use efficiency. You can use ACLs to help other function modules (such as QoS and IP routing) classify or filter traffic. This guide includes: ACL QoS 2
on guide Security High Availability on Guide Network Management and Monitoring on Guide OAA HP 10500 & 7500 20G Unified Module Fundamentals on Guide Content Covers security features. The major security features available on the AC include: identity authentication (AAA, public Key, and PKI), access security (802.1X, MAC authentication, portal, and port security), secure management (SSH, user profile, and password control), SSL, and security protection. This guide includes: Security overview AAA 802.1X MAC authentication Portal Port security User profile Password control Public key PKI SSH SSL TCP attack protection ARP attack protection IPsec User isolation Describes high availability technologies and features for network fault detection and diagnosis. This guide includes: High availability overview VRRP Stateful failover Track Describes features that help you manage and monitor your network, for example, display system information, and use the ping and tracert commands to check and debug network connectivity. This guide includes: System maintenance and debugging NQA NTP IPC SNMP RMON Information center Describes the open application architecture (OAA), how to log in to the HP open application platform (OAP) card connected to your device and reset the operating system of the OAP card. Describes the compatibility between the HP 10500/7500 20G unified wired-wlan module and Ethernet switches, and the required configurations for an HP 10500/7500 20G unified wired-wlan module to cooperate with an Ethernet switch. 3
Typical network scenarios HP 10500/7500 20G unified wired-wlan module network scenario As shown in Figure 1: The HP 10500/7500 20G unified wired-wlan module is installed on a Layer 2 or Layer 3 switch. The switch is connected to APs directly or over an IP network. The clients access the network through the APs. Figure 1 Network diagram HP 830 series PoE+ unified wired-wlan switch network scenario As shown in Figure 2, the HP 830 series PoE+ unified wired-wlan switch that has both AC and switch functions is connected to APs directly or over an IP network, and clients access the network through the APs. 4
Figure 2 Network diagram 5
Feature matrixes In this document, "Yes" means a feature or command is supported, and "No" means not supported. The HP 10500/7500 20G unified wired-wlan module adopts the OAA architecture. It works as an OAP card on a switch to exchange data and status and control information with the switch through their internal interfaces. Do not configure services such as QoS rate limit and 802.1X authentication on the internal interfaces. The access controller engine and switching engine of an HP 830 series PoE+ unified wired-wlan switch adopt the OAA architecture. The switching engine is integrated on the access controller engine as an OAP software. You actually log in to the access controller engine when you log in to the switch by default. HP recommends not configuring QoS rate limiting or 802.1X authentication on the internal aggregate interfaces (BAGG1) between the switching engine and the controller engine on an HP 830 switch. Inappropriate rate limiting or authentication settings on the internal aggregate interfaces can cause communication problems between the switching engine and the controller engine. On the HP 830 24-port switch, the switching engine's internal aggregate interface is formed by GigabitEthernet 1/0/29 and GigabitEthernet 1/0/30. On the HP 830 8-port switch, the switching engine's internal aggregate interface is formed by GigabitEthernet 1/0/11 and GigabitEthernet 1/0/12. On all HP 830 switches, the controller engine's internal aggregate interface is formed by GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2. This document only describes the feature matrix for the access controller engine of an HP 830 series PoE+ unified wired-wlan switch. For feature and configuration information about the switching engine of an HP 830 series PoE+ unified wired-wlan switch, see related HP 830 series PoE+ unified wired-wlan switch switching engine manuals. Table 1 Feature matrix Configurat ion guide Feature Function HP 10500/7500 20G Unified Module HP 830 24-Port HP 830 8-Port Login management File system management AUX user interface Storage media supported CF. Flash. CF. Fundament als License management APs supported Supports 128 concurrent APs by default, and can be extended to support 1024 APs. Supports 24 concurrent APs by default, and can be extended to support 60 APs. Supports 12 concurrent APs by default, and can be extended to support 64 APs. Device management Configuring temperature alarm thresholds for boards 6
Configurat ion guide Feature Function HP 10500/7500 20G Unified Module HP 830 24-Port HP 830 8-Port WLAN access Maximum number of SSIDs supported 512. 64. 64. WLAN WLAN IDS WLAN high availability Maximum number of dynamic blacklist entries Maximum number of static blacklist entries 512. 256. 256. 64. 32. 32. AC hot backup Specify the VLAN ID for the ports transmitting data between ACs. Specify the heartbeat interval between ACs. Layer 2 Layer 2 forwarding Layer 2 FPGA fast forwarding PPPoE PPPoE server PPP users Assigning PPP service types for a local user Security AAA Specifying a backup source address for RADIUS packets Specifying the authentication method for PPP users Specifying the authorization method for PPP users 7
Configurat ion guide Feature Function HP 10500/7500 20G Unified Module HP 830 24-Port HP 830 8-Port Portal Port security IPsec Specifying the accounting method for PPP users Specifying the device ID used in stateful failover mode Configuring stateful failover for portal authentication Maximum number of PSK users IPsec stateful failover Setting the anti-replay information synchronization intervals in IPsec stateful failover mode 20480. 1024. 1024. High Availability Network Manageme nt and Monitoring VRRP VRRP Stateful failover Stateful failover IPC IPC Information center Log file OAA OAA OAP module configuration No. Yes. Yes. 8
Configurat ion guide Feature Function HP 10500/7500 20G Unified Module HP 830 24-Port HP 830 8-Port HP 10500750 0 20G Unified Wired-WLA N Module Fundament als HP 105007500 20G unified wired-wlan module basic configuration HP 105007500 20G unified wired-wlan module basic configuration 9
Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.com/support Before contacting HP, collect the following information: Product model names and numbers Technical support registration number (if applicable) Product serial numbers Error messages Operating system type and revision level Detailed questions Subscription service HP recommends that you register your product at the Subscriber's Choice for Business website: http://www.hp.com/go/wwalerts After registering, you will receive email notification of product enhancements, new driver versions, firmware updates, and other product resources. Related information Documents Websites To find related documents, browse to the Manuals page of the HP Business Support Center website: http://www.hp.com/support/manuals For related documentation, navigate to the Networking section, and select a networking category. For a complete list of acronyms and their definitions, see HP FlexNetwork Technology Acronyms. HP.com http://www.hp.com HP Networking http://www.hp.com/go/networking HP manuals http://www.hp.com/support/manuals HP download drivers and software http://www.hp.com/support/downloads HP software depot http://www.software.hp.com HP Education http://www.hp.com/learn 10
Conventions This section describes the conventions used in this documentation set. Command conventions Convention Boldface Italic Description Bold text represents commands and keywords that you enter literally as shown. Italic text represents arguments that you replace with actual values. [ ] Square brackets enclose syntax choices (keywords or arguments) that are optional. { x y... } [ x y... ] { x y... } * [ x y... ] * &<1-n> Braces enclose a set of required syntax choices separated by vertical bars, from which you select one. Square brackets enclose a set of optional syntax choices separated by vertical bars, from which you select one or none. Asterisk-marked braces enclose a set of required syntax choices separated by vertical bars, from which you select at least one. Asterisk-marked square brackets enclose optional syntax choices separated by vertical bars, from which you select one choice, multiple choices, or none. The argument or keyword and argument combination before the ampersand (&) sign can be entered 1 to n times. # A line that starts with a pound (#) sign is comments. GUI conventions Convention Boldface Description Window names, button names, field names, and menu items are in bold text. For example, the New User window appears; click OK. > Multi-level menus are separated by angle brackets. For example, File > Create > Folder. Symbols Convention WARNING CAUTION IMPORTANT NOTE TIP Description An alert that calls attention to important information that if not understood or followed can result in personal injury. An alert that calls attention to important information that if not understood or followed can result in data loss, data corruption, or damage to hardware or software. An alert that calls attention to essential information. An alert that contains additional or supplementary information. An alert that provides helpful information. 11
Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features. Represents an access controller, a unified wired-wlan module, or the switching engine on a unified wired-wlan switch. Represents an access point. Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your device. 12