Understanding Network Director SSID Configuration Using Profiles
Service set identifiers (SSIDs) uniquely identify a set of profile configurations with names up to 32 characters long. SSIDs are broadcast to clients by access points—the SSID name appears in the list of available wireless networks on clients’ laptops or other devices. For a wireless user, connecting to an SSID is as easy as selecting a name from the list. However, creating that SSID involves more steps.
This topic describes:
Configuring an SSID with Network Director
Configuring an SSID is more complicated than connecting to an SSID. You can think of the SSID as a number of puzzle pieces (called profiles) that work together to form the SSID. You typically associate all of the following profiles with each SSID:
Access information in an Access profile
Authentication information in an Authentication profile
Authorization information in an Authorization profile
WLAN configuration in a WLAN Service profile
Radio configuration in a Radio profile
Figure 1 illustrates the connections between profiles.
Some profiles are optional, depending on your configuration.
Another way to think of the relationship between profiles is shown in Figure 2. You build the needed profiles, starting with profiles at the far right of the chart and working your way to the left. When the Radio profile is assigned to radios discovered by the controller, the profile configuration is complete.
SSID Access Information
Access profiles include details about authentication methods and accounting servers used by an SSID. Radius, LDAP, and local authentication are the supported authentication methods and RADIUS and LDAP are the supported accounting methods. For more information about Access profiles, see Understanding Access Profiles or Creating and Managing Access Profiles.
SSID Authentication Information
Authentication profiles include the authentication method and authentication parameters used for SSID client authentication. Available authentication methods are 802.1X (dot1x), MAC-RADIUS, Captive Portal, and Last Resort. 802.1X is the default authentication method for all device types. For more information about Authentication profiles, see Understanding Authentication Profiles. To create, edit, or delete an Authentication profile, see Creating and Managing Authentication Profiles.
SSID WLAN Information
You name SSIDs in the WLAN Service profile, in addition to configuring the encryption method (WPA or WPA2), and beaconing. Typically, you also indicate VLAN use, SSID bandwidth limits, radio load balancing, proxy ARP, DHCP restrictions, and permitted client types.
Call admission control, retry counts, guard interval, frame aggregation, MSDU, MPDU, client bandwidth limits, MTU, idle client probing, data rates, and WMM Power Save are also configured in the WLAN Service profile.
SSID Radio Information
Radio-profiles are used to form groups of radios and define which wireless services are broadcast by the group. Additional radio related parameters are also configured at this level.
What Do I Do When all of Profiles are Complete?
If you are using Network Director, radios only actually broadcast an SSID after you assign a Radio profile to a controller (see Assigning a Radio Profile to Radios, then deploy the controller configuration (see Deploying Configuration to Devices.) At this time, all associated profiles also go into effect.