This guide describes how to set up and test your Aerohive environment so you can use it with Cloud4Wi WAP2 Enterprise service
Log in to the ExtremeCloud IQ Dashboard
To start the configuration process, log in to the ExtremeCloudIQ Dashboard as admin. For existing environments with additional users, log in as a user with administrative privileges.
The ExtremeCloud IQ Dashboard appears. Your access points are displayed.
Note: There are a number of options you can set. Only the options that require your input are shown. Default values are used for options that don’t need adjustment.
Configure the wireless LAN
To configure the wireless LAN, you create a network policy (profile), an SSID, and RADIUS servers.
Create a network policy
- Click Configure in the menu bar on the left of the Dashboard.
- Select Network Policies.
The Network Policy page appears. - Click Add Network Policy.
The Network Policies New Policy page appears. The Policy Details tab is open. - Under What type of policy are you creating?, leave the box checked next to Wireless. Uncheck the boxes next to Switches and Routing.
- Enter a Policy Name, such as “Cloud4Wi_network_policy”.
- Click Save on the bottom right.
The Wireless Networks page appears.
Create an SSID
- Click Configure in the menu bar on the left of the dashboard.
- Select Network Policies under Configure.
- Select Wireless Networks at the top.
- Click + to create an SSID.
- Select All other Networks (standard).
A page appears where you’ll define the SSID and authentication settings. - Enter an SSID Name for internal purposes, such as “Cloud4Wi_Secure_WiFi” and a Broadcast Name that your clients will see. The names can be the same.
- For SSID Usage, select Enterprise. (The default is Private Pre-Shared Key.)
In the field Key Management select WPA2-802.1X and as Encryption Method chose CCMP (AES)
Add RADIUS authentication servers to the network policy
It’s important to set up a secure RADIUS connection between the wireless LAN controller and Cloud4Wi.
To add RADIUS authentication servers to your network policy, you create a server group and then add servers to the group.
- Still on the Wireless Networks page, scroll down to Authentication Settings.
- Under Authenticate via RADIUS Server, click + to add a RADIUS server group.
The Configure RADIUS Servers dialog box appears. - Enter a RADIUS Server Group Name, such as “Cloud4Wi_radius_group”.
- Click Settings to the right of the server group description.
The Select RADIUS Settings dialog box appears. - Change the Accounting interim update interval to 300 (seconds).
- Click Save RADIUS Settings on the bottom right.
You return to the Configure RADIUS Servers dialog box. - Click + under External RADIUS Server to add a RADIUS server to the server group.
The dialog box expands to display a New External RADIUS Server section. - Enter the Name, such as “Primary_radius”.
- Click + next to IP/Host Name.
- Select IP Address.
The New IP Address or Host Name dialog box appears. - Enter the object Name, such as “Primary”.
- Enter the Primary RADIUS IP Address (52.48.102.108) in IP Address.
- Click Save IP Object on the bottom right.
You return to the New External RADIUS Server section. You see the name of the object you created in the IP/Host Name field. - Enter the Shared Secret communicated by Cloud4Wi team during delivery of your Cloud4Wi account
- Click Save External RADIUS on the bottom right.
You return to the Configure RADIUS Servers page where you see the server you added (Primary_radius). - Check the box next to the server you added. This indicates you want to add it to the server group.
- Click Save RADIUS on the bottom right to save your RADIUS configuration.
You return to the Authenticate via RADIUS Server section of the Wireless Networks page. You see the RADIUS server group and server you created. - Repeat steps 7-17 to add the secondary RADIUS server for high availability. The secondary RADIUS IP address is 34.252.97.217
- Click Save on the bottom right to save your network policy configuration.
You return to the Wireless Networks page where you see the SSID you created.
Assign the SSID to the network policy
- Still on the Wireless Networks page, select the SSID by clicking the checkbox next to the SSID (Cloud4Wi_Secure_WiFi).
- Click Next on the bottom right. Clicking Next assigns the selected SSID to the network policy.
The network policy configuration is complete.