This document describes how to extend your wired network to wireless.

Scenario: Your company has an established ProCurve wired infrastructure, centrally managed by ProCurve Manager (PCM), and now wants to implement wireless services.

Solution: Insert a Wireless Edge Services Module (WESM) in a ProCurve Switch 5400zl Series and deploy radio ports.

» Return to top

The ProCurve Switch 5400zl Series in which you want to integrate the new module is already managed by ProCurve Manager Plus (PCM+).

» Return to top

Figure 1. System configuration

1. The WESM is inserted in slot F on the 5406zl switch. Perform basic configuration from the CLI interface of the switch:

2. The WESM can be configured from its Web interface: http://10.1.10.5.
   Note: You need to have Java™ installed on your virtual server. If the software is not already installed, download and install it now.
   Log on as manager/procurve.
3. On the first page you will see a warning:
   Country Code is not set. Use Network Setup page to set the country code.
   Go to the Network Setup page. Choose your country’s code and click Apply.
4. For radio port deployment and adoption, plug two radio ports into any of the ports configured with your wireless VLAN on the ProCurve Switch 5406zl. The orange LEDs will blink rapidly; after 30 seconds, the two LEDs will blink less rapidly, indicating that the radio ports have been adopted.
5. To view radio port adoption on the WESM interface, go to Device Information | Radio Adoption Statistics. The two radio ports will appear:

6. On the ProCurve Switch 5406zl, confirm that VLAN 2100 has been created. Also confirm that the radio ports detected by default by Layer Link Discovery Protocol (LLDP) are placed in this VLAN. The virtual downlink port has been automatically tagged in this VLAN:

7. In PCM+, the ProCurve Wireless Edge Services zl Module appears with its two radio ports. Note that radio parameters (Channel, Tx Power, and RF Detection) can be easily viewed.

8. If desired, you can modify radio port parameters from here. For example, to enable neighbor detection on one of the radios, select the second icon from the left, above the radio list, and choose Enable automatic channel selection.
   

» Return to top

Now create two WLANs to enable wireless access for the Marketing and Finance groups.

5.1. Create the marketing and finance WLANs

1. To begin creating the Marketing WLAN on the WESM, go to Network Setup | WLAN Setup and edit SSID 1:

Configure the following parameters for SSID 1:
SSID: Marketing
Description: WLAN for Marketing employees
VLAN ID: Dynamic Assignment
Authentication: 802.1X EAP
Encryption: WPA/WPA2-TKIP and WPA2-AES

2. Open the Config menu (near the Encryption parameters) and enable Fast Roaming options for the WLAN:
   • PMK caching
   • Opportunistic Key Caching
   • Pre-Authentication
   When a wireless station has to roam, this enables it to associate more quickly with a new WESM.
   
3. To edit the RADIUS configuration, enter the address of the RADIUS server (10.1.10.10) and the RADIUS Shared Secret (procurve). Enable Re-authentication and choose CHAP as the Authentication Protocol.
   
4. Enable the SSID:

5. Now use a similar procedure to create and enable a Finance WLAN on the WESM.

5.2. Set up authentication on the RADIUS server

1. On the IAS RADIUS server, add the WESM as a new client, with shared secret procurve:
   
2. To configure IDM, from the Identity Management Configuration, create the new location wireless. From the Wireless Devices tab, select the Wireless Edge Services zl Module and include all radios:
   
   
   
   
   
3. Add a new rule to the Marketing Access Policy Group:
   Location: wireless
   Time: ANY
   System: ANY
   WLAN: Marketing
   Access Profile: Marketing
   
   
   
4. Also add a new rule to the Finance Access Policy Group:
   Location: wireless
   Time: ANY
   System: ANY
   WLAN: Financev Access Profile: Finance
   Note: If you cannot see Marketing and Finance in the list of service set identifiers (SSIDs), re-discover the Wireless Edge Services zl Module from PCM.

5.3. Configure the 5400zl switch with the new VLANs

1. To configure the 5400zl switch, tag the Marketing and Finance VLANs on port FUP.

This concludes the procedure for extending your wired network to wireless. If you have questions, additional information can be found in these sources:

• ProCurve Wireless Edge Services Management and Configuration Guide:
  http://cdn.procurve.com/training/Manuals/WESM-zl-MgmtCfg-Feb2008-59918626.pdf
• Other manuals for the ProCurve Wireless Edge Services Module:
  http://h40060.www4.hp.com/procurve/includes/manuals/index.php?cc=uk&lc=en&content=wireless_zl
• Firmware versions used:
• K.13.09 on ProCurve Switch 5406zl
• WT.01.15 on ProCurve Wireless Edge Services Module zl
• Network management software versions:
• ProCurve Manager Plus (PCM+) 2.3
• ProCurve Mobility Manager (PMM) 2.0
• Operating systems:
• On server machine: Microsoft^® Windows^® Server 2003 Enterprise Edition with latest service packs and updates
• On client machine: Windows XP Service Pack 3 with latest updates

» Return to top