Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

ON THIS PAGE

Understanding Network Director SSID Configuration Using Profiles

 

Service set identifiers (SSIDs) uniquely identify a set of profile configurations with names up to 32 characters long. SSIDs are broadcast to clients by access points—the SSID name appears in the list of available wireless networks on clients’ laptops or other devices. For a wireless user, connecting to an SSID is as easy as selecting a name from the list. However, creating that SSID involves more steps.

This topic describes:

Configuring an SSID with Network Director

Configuring an SSID is more complicated than connecting to an SSID. You can think of the SSID as a number of puzzle pieces (called profiles) that work together to form the SSID. You typically associate all of the following profiles with each SSID:

  • VLAN profile

  • Access information in an Access profile

  • Authentication information in an Authentication profile

  • Authorization information in an Authorization profile

  • WLAN configuration in a WLAN Service profile

  • Radio configuration in a Radio profile

Figure 1 illustrates the connections between profiles.

Note

Some profiles are optional, depending on your configuration.

Figure 1: SSID Information is Located in These Profiles
SSID Information is Located in These Profiles

Another way to think of the relationship between profiles is shown in Figure 2. You build the needed profiles, starting with profiles at the far right of the chart and working your way to the left. When the Radio profile is assigned to radios discovered by the controller, the profile configuration is complete.

Figure 2: Relationship Between Profiles Needed to Create an SSID
Relationship Between Profiles Needed to Create an SSID

SSID Access Information

Access profiles include details about authentication methods and accounting servers used by an SSID. Radius, LDAP, and local authentication are the supported authentication methods and RADIUS and LDAP are the supported accounting methods. For more information about Access profiles, see Understanding Access Profiles or Creating and Managing Access Profiles.

SSID Authentication Information

Authentication profiles include the authentication method and authentication parameters used for SSID client authentication. Available authentication methods are 802.1X (dot1x), MAC-RADIUS, Captive Portal, and Last Resort. 802.1X is the default authentication method for all device types. For more information about Authentication profiles, see Understanding Authentication Profiles. To create, edit, or delete an Authentication profile, see Creating and Managing Authentication Profiles.

SSID WLAN Information

You name SSIDs in the WLAN Service profile, in addition to configuring the encryption method (WPA or WPA2), and beaconing. Typically, you also indicate VLAN use, SSID bandwidth limits, radio load balancing, proxy ARP, DHCP restrictions, and permitted client types.

Call admission control, retry counts, guard interval, frame aggregation, MSDU, MPDU, client bandwidth limits, MTU, idle client probing, data rates, and WMM Power Save are also configured in the WLAN Service profile.

For more information, see Understanding WLAN Service Profiles or Creating and Managing a WLAN Service Profile.

SSID Radio Information

Radio-profiles are used to form groups of radios and define which wireless services are broadcast by the group. Additional radio related parameters are also configured at this level.

For more information, see Understanding Radio Profiles or Creating and Managing a Radio Profile.

What Do I Do When all of Profiles are Complete?

If you are using Network Director, radios only actually broadcast an SSID after you assign a Radio profile to a controller (see Assigning a Radio Profile to Radios, then deploy the controller configuration (see Deploying Configuration to Devices.) At this time, all associated profiles also go into effect.

Related Documentation