HP Vm200 User Manual
Have a look at the manual HP Vm200 User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1114 HP manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
Managing the V-M200 System time 3-5 Configuring the system time Select Management > System time to open the System time page. This page enables you to configure time server and time zone information. Set timezone Select the timezone for your area and enable support for daylight savings time if required. If the rules for daylight savings time are different in your area, click Customize DST Rule to make the appropriate changes. Set date & time (manually) Use this option to manually set the system date and time.
Managing the V-M200 Country 3-6 Set date and time (time servers) (A working Internet connection is required to use this option.) Select this option to have the V-M200 periodically contact a network time server to update its internal clock. By default, the list contains pool.ntp.org, which is a large, virtual cluster of timeservers providing reliable NTP service. When multiple servers are defined, the V-M200 contacts the first server in the list. If the server does not reply, the V-M200 tries the next server, and so on. Time server protocol Select the protocol that will be used to communicate with the time servers. Country NoteThe country page is not available on V-M200s delivered with a fixed country setting. The country of operation, also known as the regulatory domain, determines the availability of certain wireless settings on the V-M200. Once the country has been set, the V-M200 automatically limits the available wireless channels, channel width, and adjusts the radio power level in accordance with the regulations of the selected country. To configure country settings, select Management > Country. CautionIncorrectly selecting the country may result in illegal operation and may cause harmful interference to other systems. Please ensure that the V-M200 is operating in accordance with channel, power, indoor/outdoor restrictions, and license requirements for the intended country. If you fail to heed this caution, you may be held liable for violating the local regulatory compliance. NoteIn some regions, you are prompted to select the country of use during setup. The currently selected country (regulatory domain) is displayed on the management tool home page.
Chapter 4: Working with wireless communities 4 Working with wireless communities Contents Overview.......................................................................................................................4-2 Managing wireless communities ................................................................................ 4-3 About the default wireless community ............................................................... 4-3 Wireless community configuration options .............................................................. 4-4 General.................................................................................................................... 4-5 Wireless settings .................................................................................................... 4-5 Ethernet VLAN ....................................................................................................... 4-7 Wireless protection................................................................................................ 4-7 MAC-based authentication ................................................................................. 4-12 MAC filtering........................................................................................................ 4-14 Wireless community data flow ................................................................................. 4-15 Quality of service (QoS) ............................................................................................ 4-15 Upstream/downstream traffic marking ............................................................ 4-17
Working with wireless communities Overview 4-2 Overview The V-M200 allows you to create up to four wireless communities. Each wireless community defines the settings for a distinct wireless network, with its own network name (SSID), settings for wireless protection, user authentication, VLANs, quality of service, and more. For example, in the following scenario, four wireless communities are defined. Each wireless community is configured with a different wireless network name (SSID), and the priority of user traffic is set to different levels using the QoS feature. Even though multiple wireless communities are in use, all wireless users are on the same network (192.168.5.0). This means that all wireless users can reach resources on the corporate network. However, communication between wireless users may or may not be possible depending on the configuration settings defined for each wireless community. Wireless community 1 SSID = Employee Security = WPAPriority = Normal Wireless community 2 SSID = Guest Security = NonePriority = Low Wireless community 3 SSID = Admin Security = WPAPriority = High Wireless community 4 SSID = Phone Security = NonePriority = Very High 192.168.5.0 DHCP server Company network
Working with wireless communities Managing wireless communities 4-3 Managing wireless communities Wireless communities are managed on the Wireless communities page, which you open by selecting Wireless > Communities. You can define up to four wireless communities. To edit an existing community, click its name in the list. To add a new community, click Add New Wireless Community Profile. In both cases, the Add/Edit Wireless Community page opens providing access to all configuration options. (See Wireless community configuration options on page 4-4 for details.) About the default wireless community By default, a single wireless community is defined. It is named HP Networking, which is also its network name (SSID). CautionThe default wireless community does not have any security or authentication options enabled. To protect the wireless network from malicious third-party wireless users, it is strongly recommended that you enable some form of wireless protection on the default wireless community.
Working with wireless communities Wireless community configuration options 4-4 Wireless community configuration options Wireless community settings are configured using the Add/Edit Wireless Community page. If you edit the default wireless community (HP Networking) you will see these settings. The following sections describe all wireless community configuration options and explain how they can be used.
Working with wireless communities Wireless community configuration options 4-5 General Controls general settings for the wireless community. Wireless community Select this checkbox to enable the wireless community. Once enabled, wireless users can connect to the wireless network defined by the community. Community name Define a name to identify the community on the V-M200. Wireless settings Configures the wireless network created by the wireless community. Network name (SSID) Specify a name to uniquely identify the wireless network associated with this wireless community. Each wireless user that wants to connect to this community must use this name. The name is case-sensitive. Broadcast the network name This option controls whether the network name (SSID) is broadcast to all wireless users or not. When enabled, it means that the wireless network will be visible to wireless users when they scan the wireless neighborhood. Most wireless adapter cards have a setting that enables them to automatically discover APs that broadcast their names and automatically connect to the one with the strongest signal. When disabled, it means that the network is not visible to scans and that wireless users must manually specify the network name (SSID) to successfully connect to the network.
Working with wireless communities Wireless community configuration options 4-6 Allow traffic between All/No wireless clients This option controls the exchange of traffic between wireless users. The following settings are available: All: Wireless users connected to the same community can communicate with each other over the wireless network. No: Wireless users cannot communicate with each other over the wireless network. Communication between users on different wireless communities Communication between wireless users who are connected to different wireless communities can only occur if the users are assigned to the same VLAN. In addition, the following rules govern how traffic is exchanged: Unicast traffic exchanged between wireless communities is controlled by the setting of the receiving community. Multicast traffic exchanged between wireless communities is always controlled by the setting of the sending community. The following table summarizes all possible scenarios: For example, if two communities have the following settings, then all wireless users on both communities can communicate with each other. Allow traffic between wireless clients set to all. Ethernet VLAN set to the same value on both communities. By assigning VLAN attributes on a per-user basis via RADIUS (VLAN assignment via RADIUS on page 6-5), you can enable communication between specific users only. Priority mechanism The quality of service (QoS) feature provides a number of different mechanisms to prioritize wireless traffic sent to wireless client stations. This is useful when you have defined multiple wireless communities and want to ensure a specific level of service for each one. For example, if you have two communities, one for employees and one for guests, you might want to make the employee traffic higher priority so that employee traffic is never delayed due to excessive guest traffic. See Quality of service (QoS) on page 4-15 for more information on using this feature. SenderReceiverUnicast trafficMulticast traffic All All Allowed Allowed All No Blocked Allowed No All Blocked Blocked No No Blocked Blocked
Working with wireless communities Wireless community configuration options 4-7 Ethernet VLAN Use this option to bind the wireless community to a specific VLAN on the Ethernet port. All traffic sent/received on the Ethernet port by the wireless community will be assigned to the VLAN you specify. If you do not set a VLAN, traffic is sent untagged. However, a VLAN can still be assigned on a per-user basis by setting an attribute in the users RADIUS account (when using RADIUS- based authentication). See Working with VLANs on page 6-4 for information on using this feature. Wireless protection The V-M200 provides several methods to protect wireless transmissions from eavesdropping and to safeguard network access from unauthorized users. To choose the method that best meets the needs of your network, refer to the sections that follow. WPA Wi-Fi Protected Access (WPA) is a security protocol that provides for both encryption of the wireless data stream (via TKIP or AES/CCMP) and authentication of wireless users using an third-party RADIUS server (via 802.1X/EAP). The WPA options you see change depending on the setting of Key source. Key source set to PreShared Key
Working with wireless communities Wireless community configuration options 4-8 Security method WPA (TKIP): WPA with TKIP encryption. Original version of the standard. Still supported by many legacy clients. WPA2 (AES/CCMP): WPA2 (802.11i) with AES/CCMP encryption. More secure than WPA (TKIP). If all your users have WPA2 client software, select this option for the maximum possible security. WPA or WPA2: Mixed mode supports both WPA (version 1) and WPA2 (version 2) at the same time. Some legacy WPA clients may not work if this mode is selected. This mode is slightly less secure than using the WPA2 (AES/CCMP) mode. NoteWPA (TKIP) cannot be used when the radio operating mode supports 802.11n. Key source This option determines how the WPA encryption keys are generated and whether 802.1X authentication is used. PreShared Key: The V-M200 uses the key you specify in the Key field to generate the TKIP or AES/CCMP keys that are used to encrypt the wireless data stream. Since this is a static key, it is not as secure as the RADIUS option. Specify a key that is between 8 and 63 alphanumeric characters in length. It is recommended that the preshared key be at least 20 characters long, and be a mix of letters and numbers. The double quote character (”) should not be used. Key source set to RADIUS