Configuring Bridge

The following procedure describes how to configure a bridge. Each step is described in detail later in this chapter.

The bridge feature requires the PEFNG license. If you do not have the PEFNG license on yourmanaged device, you must install it before you configure bridge. For details on installing licenses, refer to theAruba暴徒ility MasterLicensing Guide.

1.Define a sessionACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.that routes the traffic.

a.Create rules to permitDHCPDynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.and local data traffic.

b.应用会话ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.to a user role. For information about user roles and policies, seeRoles and Policies.

2.Configure theremote APRemote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.’sAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profile. Specify the authentication method (802.1XorPSK) and the default user role for authenticated users. The user role specified in theAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profile must contain the sessionACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.defined in the previous step. Optionally, use theremote APRemote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.’sAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profile to enableRADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.accounting.

3.Configure the virtual AP profile:

a.Specify the AP group or ap-name to which the virtual AP profile applies.

b.Set theVLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN.in the virtual AP.

c.When specifying the use of a bridge configuration, use bridge forward mode.

d.Create and apply the applicableSSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.profile. Optionally under AP system profile, configure theRemote APRemote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.DHCPDynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.pool.Remote APRemote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.DHCPDynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.VLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN.must be same as virtual AP'sVLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN.. If the client needs to obtain from theRemote APRemote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.DHCPDynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.Server.

When creating a new virtual AP profile In the WebUI, you can simultaneously configure theSSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.. For information about AP profiles, seeAP Configuration Profiles.