Remerciez-le!

Remerciez @Admin pour avoir partagé cet document gratuitement, de la manière la plus simple, en partageant sur les réseaux sociaux.

Aerohive Deployment Guide 1 Aerohive Deployment Guide For Aerohive APs, Routers

Aerohive Deployment Guide 1 Aerohive Deployment Guide For Aerohive APs, Routers, HiveOS Virtual Appliances, and HiveManager Aerohive Technical Publications To register, get the latest product documentation, see compliance information, and download software updates, visit www.aerohive.com/support. Copyright Notice Copyright © 2013 Aerohive Networks, Inc. All rights reserved. Aerohive Networks, the Aerohive Networks logo, HiveOS, and HiveManager are trademarks of Aerohive Networks, Inc. All other trademarks and registered trademarks are the property of their respective companies. Information in this document is subject to change without notice. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without receiving written permission from: Aerohive Networks, Inc. 330 Gibraltar Drive Sunnyvale, CA 94089 P/N 330002-22, Rev. A 2 Aerohive About This Guide This guide summarizes the different HiveManager systems—physical HiveManager appliance, HiveManager Virtual Appliance, and HiveManager Online—and presents the basics of using the HiveManager GUI. It explains how to deploy and configure Aerohive APs in wireless-only environments and how to deploy and configure Aerohive routers and HiveOS Virtual Appliances as Layer 3 VPN gateways in wireless and routing environments. The guide also introduces HiveOS, the operating system that runs on Aerohive APs, routers, and HiveOS Virtual Appliances, and includes some example configurations using the CLI. Finally, it contains several tables listing the various traffic types that must traverse the network to support Aerohive device functionality. This guide is intended as a resource for all Aerohive administrators to aid in the deployment of their Aerohive products. Deployment Guide 3 Contents Chapter 1 Using HiveManager ................................................................................................. 5 HiveManager Management Systems ......................................................................6 HiveManager Online.......................................................................................................... 8 HiveManager Virtual Appliance....................................................................................... 8 Installing and Connecting to the HiveManager GUI .............................................9 Introduction to the HiveManager GUI ...................................................................14 Viewing Reports................................................................................................................ 15 Searching .......................................................................................................................... 16 Dragging Firewall Policy Rules ........................................................................................ 17 Multiselecting.................................................................................................................... 18 Cloning Configurations.................................................................................................... 18 Sorting Displayed Data.................................................................................................... 19 HiveManager Configuration Workflow (Enterprise Mode) ..................................20 Updating Software on HiveManager.....................................................................22 Updating HiveOS Firmware .....................................................................................23 Updating Devices in a Mesh Environment .................................................................... 24 Chapter 2 Wireless-Only Configuration ................................................................................. 27 Example 1: Connecting APs to HiveManager ......................................................28 Example 2: Creating a Network Policy with a Hive ..............................................35 Example 3: Defining an SSID....................................................................................37 Example 4: Assigning a User Profile and VLAN to the SSID ..................................39 Example 5: Assigning the Configuration to APs ....................................................42 Chapter 3 Wireless and Routing Configuration..................................................................... 47 Example 1: Deploying a HiveOS Virtual Appliance..............................................48 Installing an ESXi Hypervisor on a Server........................................................................ 48 Creating and Activating Virtual Networks and Mapping Network Settings ............. 49 Promiscuous Mode ....................................................................51 Deploying a HiveOS Virtual Appliance as a Layer 3 VPN Gateway.......................... 52 Example 2: Configuring the VPN Gateway and Routers.....................................60 Example 3: Auto Provisioning the Routers..............................................................66 Example 4: Deploying Routers on the Network ....................................................67 Contents 4 Aerohive Chapter 4 HiveOS..................................................................................................................... 71 Common Default Settings and Commands .........................................................72 Configuration Overview ..........................................................................................73 Device-Level Configurations........................................................................................... 73 Policy-Level Configurations............................................................................................. 74 HiveOS Configuration File Types .............................................................................75 Chapter 5 Deployment Examples (CLI)................................................................................. 79 Example 1: Deploying a Single AP..........................................................................80 Example 2: Deploying a Hive ..................................................................................83 Example 3: Using IEEE 802.1X Authentication........................................................89 Example 4: Applying QoS........................................................................................92 Example 5: Loading a Bootstrap Configuration ...................................................99 CLI Commands for Examples................................................................................102 Commands for Example 1............................................................................................. 102 Commands for Example 2............................................................................................. 102 Commands for Example 3............................................................................................. 103 Commands for Example 4............................................................................................. 104 Commands for Example 5............................................................................................. 106 Chapter 6 Traffic Types .......................................................................................................... 107 Index ....................................................................................................................................... 115 Deployment Guide 5 Chapter 1 Using HiveManager You can conceptualize the Aerohive cooperative control architecture as consisting of three broad planes of communication. On the data plane, wireless clients gain network access by forming associations with Aerohive APs and routers. On the control plane, Aerohive devices communicate with each other to coordinate functions such as best-path forwarding, fast roaming, and automatic RF (radio frequency) management. On the management plane, HiveManager provides centralized configuration, monitoring, and reporting of multiple devices. These three planes are shown in Figure 1. Figure 1 Three communication planes in the Aerohive cooperative control architecture As you can see in Figure 1, HiveManager operates solely on the management plane. Any loss of connectivity between HiveManager and the devices it manages only affects device manageability; such a loss has no impact on communications occurring on the control and data planes. The management plane is the logical division of administrative traffic relating to the configuration and monitoring of Aerohive devices. From a management system, an admin can use the HiveManager to configure, maintain, and monitor multiple devices, essentially coordinating the control and data planes from a single, central location. Data Plane Control Plane Management Plane The data plane is the logical division of wireless client traffic (user data) traversing a wireless-to-wired LAN. Traffic in the data plane follows optimal paths that various mechanisms in the control plane determine. The control plane is the logical division of traffic that hive members use to collaborate on how best to forward user data, coordinate radio frequencies, and provide layer-2 and layer-3 roaming capabilities with each other. To the wired network ... Management System Chapter 1 Using HiveManager 6 Aerohive This chapter explains how to do the following basic tasks: • Use the console port to change the network settings for the MGT interface • Power on HiveManager and connect it to a network • Make an HTTPS connection from your management system to HiveManager and log in to the GUI It then introduces the HiveManager GUI and includes a summary of the configuration workflow. Finally, the chapter concludes with procedures for updating HiveManager software and device firmware. The sections are as follows: • "HiveManager Management Systems" on page 6 • "HiveManager Online" on page 8 • "HiveManager Virtual Appliance" on page 8 • "Installing and Connecting to the HiveManager GUI" on page 9 • "Introduction to the HiveManager GUI" on page 14 • "Viewing Reports" on page 15 • "Searching" on page 16 • "Dragging Firewall Policy Rules" on page 17 • "Multiselecting" on page 18 • "Cloning Configurations" on page 18 • "Sorting Displayed Data" on page 19 • "HiveManager Configuration Workflow (Enterprise Mode)" on page 20 • "Updating Software on HiveManager" on page 22 • "Updating HiveOS Firmware" on page 23 • "Updating Devices in a Mesh Environment" on page 24 HIVEMANAGER MANAGEMENT SYSTEMS The Aerohive HiveManager Network Management System provides centralized configuration, monitoring, and reporting for all types of Aerohive devices: APs, routers, and Cloud VPN Gateways. Aerohive offers two main types of HiveManager systems: • HiveManager Online, which is a cloud-based management system hosted by Aerohive • Standalone HiveManager appliances, which can be physical or virtual appliances (VMware) that you own and operate on your premises HiveManager Online is a cloud-based service running on hardware hosted and maintained by Aerohive. The HiveManager appliance can be either a physical high-capacity 1U appliance or a HiveManager Virtual Appliance, which is a virtual machine for VMware hypervisors that you can install and run on a computer on your network (see Figure 2 on page 7). Deployment Guide 7 HIVEMANAGER MANAGEMENT SYSTEMS Figure 2 Physical HiveManager appliance, HiveManager Online, and HiveManager Virtual Appliance For details about the physical HiveManager appliances, see the Aerohive Hardware Reference Guide. Virtual PC 10.1.1.5/24 HiveManager 10.1.1.8/24 Admin’s PC 10.1.1.5/24 Virtual Switch myhive.aerohive.com HiveManager Online HiveManager Virtual Appliance Switch Switch Firewall Internal Network 10.1.1.0/24 Aerohive Devices Internal Network 10.1.1.0/24 Aerohive Devices Front panel Mounting bracket USB ports Console port Ethernet ports Port 1 = MGT, Port 2 = LAN Ports 3-6 reserved for future use Mounting bracket Status LEDs POWER STATUS HDD Rear panel Power fan On/Off switch AC power inlet System fans Port 1 Port 2 HiveManager 1U High Capacity Appliance Chapter 1 Using HiveManager 8 Aerohive HiveManager Online Aerohive hosts HiveManager Online at myhive.aerohive.com, maintaining the HiveManager hardware and updating the HiveManager software as new releases become available. You receive access to a VHM (virtual HiveManager) running on the HiveManager hardware. Each VHM is an independent management system with its own administrators managing their own set of Aerohive devices. Without the expense of buying a physical appliance or HiveManager Virtual Appliance, HiveManager Online can be the most cost-efficient choice for managing a small number of devices. After purchasing a HiveManager Online account, you receive your login URL and credentials in an email message. After logging in, you enter the MyHive landing space. From there, you can access the HiveManager Online redirection server (or redirector) and your VHM. Through your VHM, you can manage Aerohive devices deployed remotely. By default, devices first try to connect to a local HiveManager. If they cannot find one locally, they then automatically try to reach the redirector, and if the serial number of the device is already assigned to a VHM, the server redirects the device to it (see Figure 3). Figure 3 MyHive If a device serial number is not in the redirection server, then the server does not respond to the CAPWAP connection attempts from that device. For details about the initial CAPWAP connection process, see "How Aerohive Devices Connect to HiveManager" on page 32. HiveManager Virtual Appliance HiveManager Virtual Appliance is similar to a physical HiveManager appliance except that uploads/Ingenierie_Lourd/ aerohive-deployment-guide.pdf