AP + Radius Server IPv6.

Similar documents
Using Access Point Communication Protocols

Lesson Overview & Objectives

Configure Multicast on Cisco Mobility Express AP's

IPv6 Client IP Address Learning

Software-Defined Access Wireless

DHCP. DHCP Proxy. Information About Configuring DHCP Proxy. Restrictions on Using DHCP Proxy

Software-Defined Access Wireless

CCIE Wireless v3.1 Workbook Volume 1

Software-Defined Access Wireless

DHCPv6 Overview 1. DHCPv6 Server Configuration 1

DHCPv6 Options Support

CCIE Wireless v3 Workbook Volume 1

Configuring IPv6 First-Hop Security

Cisco 440X Series Wireless LAN Controllers Deployment Guide

IPv6 Stateless Autoconfiguration

Cisco 8500 Series Wireless Controller Deployment Guide

AP Connectivity to Cisco WLC

Configuring DHCP. Restrictions for Configuring DHCP for WLANs. Information About the Dynamic Host Configuration Protocol. Internal DHCP Servers

Lightweight AP (LAP) Registration to a Wireless LAN Controller (WLC)

Configuring DHCP. Restrictions for Configuring DHCP for WLANs. Information About the Dynamic Host Configuration Protocol. Internal DHCP Servers

Configuring Link Aggregation

FlexConnect. Information About FlexConnect

Step 2. Manual configuration of global unicast and link-local addresses

Configuring Link Aggregation

Configuring Hybrid REAP

Chapter 5 Lab 5-2 DHCP INSTRUCTOR VERSION

CCIE Wireless v3 Lab Video Series 1 Table of Contents

Configuration Examples for DHCP, on page 37 Configuration Examples for DHCP Client, on page 38 Additional References for DHCP, on page 38

Multicast VLAN, page 1 Passive Clients, page 2 Dynamic Anchoring for Clients with Static IP Addresses, page 5

Configuring OfficeExtend Access Points

SJTU 2018 Fall Computer Networking. Wireless Communication

DHCPv6 OPERATIONAL ISSUES Tom Coffeen 4/7/2016

CASE STUDY: BUILDING A SECURE AND RELIABLE IPV6 GUEST WIFI NETWORK

Internetwork Expert s CCNP Bootcamp. Wireless LANs. WLANs replace Physical (layer 1) and Data Link (layer 2) transports with wireless

Cisco Aironet 1815T (Teleworker) Access Point Deployment Guide

Configuring the Service Discovery Gateway

Configuring the Switch for Access Point Discovery

HPE IMC UAM BYOD Quick Deployment on Mobile Device Configuration Examples

DHCP and DDNS Services

Mobility Groups. Information About Mobility

Personal Firewall Default Rules and Components

Configuring Backup Controllers

IPv6 Community Wifi. Unique IPv6 Prefix per Host. IPv6 Enhanced Subscriber Access for WLAN Access Gunter Van de Velde Public.

Configuring the AP-Manager Interface

ipxe Finding Feature Information Information About ipxe

Converged Access: Enabling Wireless

Configuring FlexConnect Groups

Setup. Grab a vncviewer like: Or

Call Flows for 3G and 4G Mobile IP Users

D-Link DSR Series Router

HPE IMC BYOD WLAN MAC Authentication Configuration Examples

COE IPv6 Roadmap Planning. ZyXEL

Configuring Cisco Mobility Express controller

RFC8273. Unique IPv6 Prefix per Host. RIPE 76 - Marseille May Jordi Palet

IPv6 Neighbor Discovery

Cisco Deploying Basic Wireless LANs

Implementing the Dynamic Host Configuration Protocol

Completing Interface Configuration (Transparent Mode)

Patrick Grossetete Cisco Systems Cisco IOS IPv6 Product Manager 2003, Cisco Systems, Inc. All rights reserved.

Deployment Guide for Cisco Guest Access Using the Cisco Wireless LAN Controller, Release 4.1

CCNA Routing & Switching

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Implementing DHCP for IPv6

Internet Control Message Protocol

SLAACers. IPv6 Accountability without DHCPv6. Library and Information Services School of Oriental and African Studies London. Networkshop 39, 2011

Cisco Troubleshooting Cisco Wireless Enterprise Networks WITSHOOT v1.1

Configuring IPv6 PDP Support on the GGSN

This course prepares candidates for the CompTIA Network+ examination (2018 Objectives) N

Ports and Interfaces. Ports. Information About Ports. Ports, page 1 Link Aggregation, page 5 Interfaces, page 10

Cisco CCNA (ICND1, ICND2) Bootcamp

Configuring IPv6 for Gigabit Ethernet Interfaces

DHCPv6 (RFC3315 RFC4361)

Creating Wireless Networks

Configure Devices Using Converged Access Deployment Templates for Campus and Branch Networks

HPE ArubaOS-Switch IPv6 Configuration Guide YA/YB.16.02

DHCP and DDNS Services for Threat Defense

IPv6 at CiscoLive 2013

DHCP and DDNS Services

Connecting the Cisco 1500 Series Mesh Access Points to the Network

WLAN high availability

IPv6 Neighbor Discovery

HP FlexFabric 5930 Switch Series

IPv6 Snooping. Finding Feature Information. Restrictions for IPv6 Snooping

Enterprise IPv6, Affecting Positive Change

Configuring DHCP. About DHCP Snooping, page 2 About the DHCPv6 Relay Agent, page 8

VIEW Certified Configuration Guide. Cisco

CompTIA Network+ Study Guide Table of Contents

Configuring AP Groups

COPYRIGHTED MATERIAL. Con t e n t s. Chapter 1 Introduction to Networking 1. Chapter 2 Overview of Networking Components 21.

IPv6 New RFCs. LACNIC 29 - Panamá May Jordi Palet

The Netwok Layer IPv4 and IPv6 Part 2

Configuring Interfaces (Transparent Mode)

Mobile IP. rek. Petr Grygárek Petr Grygarek, Advanced Computer Networks Technologies 1

Internet Protocol v6.

The OSI model of network communications

CCNA 2 (v v6.0) Chapter 10 Exam Answers % Full

IPv6 Neighbor Discovery

Calix T07xG HGU ONT Operation and Maintenance Guide

FortiNAC. Cisco Airespace Wireless Controller Integration. Version: 8.x. Date: 8/28/2018. Rev: B

Configuring Auto-Anchor Mobility

Transcription:

AP + Radius Server IPv6 sysadmin@coe.psu.ac.th

Traditional WiFi Network Core Switch Subnet 1 Subnet 2 L3 Switch L3 Switch Subnet 11 Subnet 12 Subnet 21 Subnet 22 AP11 AP12 AP21 AP22 SSID1 SSID2 SSID3 SSID4 2

WiFi Network with WLC Core Switch Radius Server WLC L3 Switch Subnet 1 Subnet 2 L3 Switch Subnet 11 Subnet 12 Subnet 21 Subnet 22 AP11 AP12 AP21 AP22 SSID1 SSID2 SSID1 SSID2 SSID1 SSID2 SSID1 SSID2 3

WiFi Network with WLC Core Switch Radius Server WLC L3 Switch Subnet 1 Subnet 2 L3 Switch Subnet 11 Subnet 12 Subnet 21 Subnet 22 AP11 AP12 AP21 AP22 SSID1 SSID2 SSID1 SSID2 SSID1 SSID2 SSID1 SSID2 3

Engineering NET VLAN1146 172.31.16.0/20 2001:3c8:9009:610::/60 VLAN253 APs VLAN1147 172.31.32.0/20 2001:3c8:9009:620::/60 VLAN253 APs VLAN1148 172.31.48.0/20 2001:3c8:9009:630::/60 VLAN253 APs เคร องกล อ ตสาหการ ไฟฟ า 172.31.254.101 172.31.254.102 172.31.254.103 Service Port Interface (VLAN254) ==> 172.31.254.2, 255.255.255.0 AP Manager Interface (VLAN253) ==> 172.31.253.2, 255.255.255.0 PSU WiFi (802.1x) (VLAN192) ==> 172.31.192.2, 255.255.248.0 PSU WiFi (Web Login) (VLAN208) ==> 172.31.208.2, 255.255.248.0 Virtual Interface ==> 1.1.1.1 802.1Q Trunk 802.1Q Trunk VLAN253 APs 802.1Q Trunk 172.31.254.104 โยธา 802.1Q Trunk VLAN1149 172.31.64.0/20 2001:3c8:9009:640::/60 LAG HP5800 L3 Switch Server Room, S. Bldg. 172.31.254.110 802.1Q Trunk VLAN253 APs 802.1Q Trunk 802.1Q Trunk 802.1Q Trunk 172.31.254.105 เคม 172.31.0.101 ncs.eng.psu.ac.th Cisco Prime Infrastructure 2.1 VLAN1150 172.31.80.0/20 2001:3c8:9009:650::/60 172.31.254.108 อาคารบร หาร(ห องช มสาย) 172.31.254.107 บรรยายกลาง 172.31.254.106 เหม องแร VLAN1151 172.31.96.0/20 2001:3c8:9009:660::/60 VLAN253 APs VLAN1152 172.31.112.0/24 2001:3c8:9009:670::/64 VLAN253 APs VLAN2152 172.31.116.0/24 2001:3c8:9009:674::/64 VLAN253 APs โรงหล อ VLAN253 APs VLAN2148 172.31.56.0/24 2001:3c8:9009:638::/64 4

Engineering NET VLAN1146 172.31.16.0/20 2001:3c8:9009:610::/60 VLAN253 APs VLAN1147 172.31.32.0/20 2001:3c8:9009:620::/60 VLAN253 APs VLAN1148 172.31.48.0/20 2001:3c8:9009:630::/60 VLAN253 APs เคร องกล อ ตสาหการ ไฟฟ า 172.31.254.101 172.31.254.102 172.31.254.103 Service Port Interface (VLAN254) ==> 172.31.254.2, 255.255.255.0 AP Manager Interface (VLAN253) ==> 172.31.253.2, 255.255.255.0 PSU WiFi (802.1x) (VLAN192) ==> 172.31.192.2, 255.255.248.0 PSU WiFi (Web Login) (VLAN208) ==> 172.31.208.2, 255.255.248.0 Virtual Interface ==> 1.1.1.1 802.1Q Trunk 802.1Q Trunk VLAN253 APs 802.1Q Trunk 172.31.254.104 โยธา 802.1Q Trunk VLAN1149 172.31.64.0/20 2001:3c8:9009:640::/60 LAG HP5800 L3 Switch Server Room, S. Bldg. 172.31.254.110 802.1Q Trunk VLAN253 APs 802.1Q Trunk 802.1Q Trunk 802.1Q Trunk 172.31.254.105 เคม 172.31.0.101 ncs.eng.psu.ac.th Cisco Prime Infrastructure 2.1 VLAN1150 172.31.80.0/20 2001:3c8:9009:650::/60 172.31.254.108 อาคารบร หาร(ห องช มสาย) 172.31.254.107 บรรยายกลาง 172.31.254.106 เหม องแร VLAN1151 172.31.96.0/20 2001:3c8:9009:660::/60 VLAN253 APs VLAN1152 172.31.112.0/24 2001:3c8:9009:670::/64 VLAN253 APs VLAN2152 172.31.116.0/24 2001:3c8:9009:674::/64 VLAN253 APs โรงหล อ VLAN253 APs VLAN2148 172.31.56.0/24 2001:3c8:9009:638::/64 4

CAPWAP Control And Provisioning of Wireless Access Points RFC 5415 Based on LWAPP + DTLS (Datagram Transport Layer Security) Running on UDP 5246 for Control Channel 5247 for Data Channel 5

DHCPv6 Option 52 RFC 5417:Control And Provisioning of Wireless Access Points (CAPWAP) Access Controller DHCP Option This Option is used to supply IPv6 Management Interface Address of Primary, Secondary and Tertiary Wireless Controller APs send DHCPv6 Solicit and Request packets to all DHCP servers multicast address (FF02::1:2) 6

/etc/dhcp/dhcpd6.conf option dhcp6.domain-search ipv6wlc.local ; option dhcp6.name-servers 2001:4860:4860::8888; option dhcp6.capwap-ac-v6 code 52 = array of ip6-address; default-lease-time 86400; max-lease-time 172800; 7

/etc/dhcp/dhcpd6.conf # IPv6-APs subnet6 2001:3c8:9009:102::/64 { range6 2001:3c8:9009:102::101 2001:3c8:9009:102::254; } option dhcp6.capwap-ac-v6 2001:3c8:9009:101::101; 8

DHCPv6 pool on Cisco Router! ipv6 dhcp pool VLAN102 address prefix 2001:3C8:9009:102::/64 lifetime 86400 172800 vendor-specific 52 suboption 1 address 2001:3C8:9009:101::101! 9

VLAN Interface on Cisco Router! interface Vlan102 no ip address ipv6 address FE80::102:1 link-local ipv6 address 2001:3C8:9009:102::1/64 ipv6 nd managed-config-flag ipv6 nd other-config-flag! 10

WiFi Network with WLC Core Switch Radius Server WLC Infrastructure Network (IPv4) AP11 AP12 AP21 AP22 SSID1 SSID2 SSID1 SSID2 SSID1 SSID2 SSID1 SSID2 11

AP + WLC + Radius IPv6 Core Switch Radius Server WLC Infrastructure Network (IPv6) AP11 SSID1 SSID10 SSID2 SSID3 SSID4 SSID5 SSID6 SSID7 SSID8 SSID9 12

CAPWAP Prefer-Mode Configuration 13

AP IPv6 Discovery Mechanism 14

IPv6 Wireless Client Connectivity IPv4 Client 802.11 IPv4 802.11 IPv6 IPv4 Client CAPWAP IPv4 IPv4 VLAN IPv6 CAPWAP Ethernet IPv4 CAPWAP Tunnel Ethernet IPv4/IPv6 Router IPv6 Client IPv6 Client 802.11 15

SLAAC Address Assignment 2001:db8:0:20::3/64 CAPWAP IPv6 Router CAPWAP 2001:db8:0:20::1/64 2001:db8:0:20::2/64 Router Advertisement (RA) Prefix 2001:db8:0:20::/64 16

DHCPv6 Address Assignment CAPWAP IPv6 Router CAPWAP 2001:db8:0:20::1/64 DHCPv6 Request DHCPv6 Server 2001:db8:0:20::100/64 17

IP Mobility Wireless Controller LAG IPv4/IPv6 Mobility Wireless Controller LAG CS4506e HP5800 PSU WiFi (802.1x) 2001:3c8:9009:158::/64 172.30.88.0/23 PSU WiFi (802.1x) 2001:3c8:9009:6C0::/64 172.31.192.0/22 18

PSU CC CoE Engineering 19

PSU CC CoE Engineering IPv4/IPv6 Mobility 19

IP Mobility 20

IP Mobility 21

IP Mobility 22

IP Mobility 23

24

25

26

27

28

29

30

31

32

for WPA2 Enterprise (802.1x) 33

34

35 Radius Server

for Web Login 36

37 Web Login Policy

Router Advertisement Guard 38

Syslog Over IPv6 2001:db8:b::1 2001:db8:a::1/64 Mgmt: 2001:db8:b::101 IPv6 Router Syslog Server IP: 2001:db8:a::5/64 39

IPv6 Radius Lab SSID1 SSID2 SSID3 SSID4 IPv6WLC Radius1 Radius2 Radius3 Radius4 SSID5 SSID6 SSID7 SSID8 SSID9 SSID10 IPv6-AP-2602i IPv6Router Switch 40 Radius5 Radius6 Radius7 Radius8 Radius9 Radius10

Radius Server List SSID SSID1 SSID2 SSID3 SSID4 SSID5 SSID6 SSID7 SSID8 SSID9 SSID10 Radius Server s IPv6 Address 2001:3C8:9009:101::201 2001:3C8:9009:101::202 2001:3C8:9009:101::203 2001:3C8:9009:101::204 2001:3C8:9009:101::205 2001:3C8:9009:101::206 2001:3C8:9009:101::207 2001:3C8:9009:101::208 2001:3C8:9009:101::209 2001:3C8:9009:101::210 41

Information for Radius Servers WLC + Radius Servers over WiFi SSID = IPv6WLC-Mgmt PSK = 12345678 Bridged this connection to your VirtualBox s VM WLC IPv6 Address 2001:3c8:9009:101::101 Shared Secret IPv6WLC 42

Squid Proxy over IPv6 sysadmin@coe.psu.ac.th

Lab Scenario WUNCA 33 C2960-X Training Room 513 202.28.254.64/26 PC1 PC36 44

Lab Scenario Training Room 513 202.28.254.64/26 PC1 Proxy Server PC36 Proxy Server PC1 s Internal IPv6 Network 2001:3C8:9009:201::/64 PC36 s Internal IPv6 Network 2001:3C8:9009:236::/64 VirtualBox IPv6 Client VirtualBox IPv6 Client 45

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback