| |||||||||||
|
Agere
ORiNOCO AS-2000 - Part 2: Some setups are a breeze, while others reinforce the accuracy of Murphy's Law. Learn how the Agere ORiNOCO AS-2000 fared for configuration as we put it to the test on addressing and monitoring.
Yesterday, we established the basic building blocks of our Agere WLANinstalling ORiNOCO cards, drivers, Client Manager, and AS Client software. Today, we continue our saga, describing AS-2000 installation, configuration, and monitoring, explaining how to integrate this wireless access server with an existing wired network. AS-2000 and AS Manager In a pinch, the AS-2000 CLI (accessed by serial port or telnet) can be used to load image or configuration updates from a TFTP server or reconfigure addresses. Traffic counters are visible from the CLIa ping client would be a great addition. Admins can also monitor traps or administer the device using its enterprise MIB and a third-party SNMP manager.
Configuration System parameters include the ability to administratively take the AS-2000 offline now or later. SNMP parameters include an access table that limits administrative access to specified source IPs. (If you lock yourself out or forget the IPs entered here, you can get back in by resetting the device to factory defaults.)
IAPP parameters control communication between ORiNOCO base stations, such as announcement interval and response time, handover timeout and retransmission count. With only one AS-2000, we were unable to exercise handoffbut its intent is to enable roaming by eliminating the need to reconnect when moving from one AS to another. Dynamic address assignment
4) Finally, a RADIUS server can be configured to supply IP addresses when accepting an Access Request. On the AS-2000, select RADIUS as the IP address assignment type and configure RADIUS parameters (discussed below). Actual address assignments are configured on the RADIUS serverif RADIUS does not return an IP address, PPP session establishment fails. PPP parameters also determine session idle timeout (disable if you want session timeout controlled by RADIUS) and the authentication protocol used between the AS-2000 and your RADIUS server (PAP or CHAP).
Each RADIUS server is identified by IP address, destination port, and shared secret. These values must match those defined on your RADIUS serverin our case, the Interlink AAA Engine. The RADIUS Statistics button displays counters that are useful in diagnosing connectivity problems. For example, if an AS Client cannot connect, check the Access Request counter. If this counter is not incrementing, the problem lies between the client and the AS-2000. Otherwise, check the Access Retransmissions counterthis signals connectivity or access issues between the AS-2000 and the RADIUS server. Otherwise, check the Access Rejects counterthis signals authentication failure, such as when the user supplied bad credentials. We had no real issues integrating the AS-2000 with the Interlink AAA
Engine. A bad route caused early retransmissionsthis is where traceroute
would have been handy in the AS-2000. We also configured the AAA Engine
to ignore an unencapsulated vendor-specific attribute (MAC address) supplied
by the AS-2000. After this, it was smooth sailing. |
|
|||||||||
|
|
|||||||||||