Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Deploy Mist Edge at the Site Level

This chapter provides information about the various tasks that you perform to deploy the Juniper Mist™ Edge at the site level.

You can configure Juniper Mist Edge as a Site edge:

  • For deployments where traffic must be tunneled at each site due to the underlying network constraints or security concerns.

  • When only APs from a single site need to be tunneled to a Juniper Mist Edge.

  • When you have many sites with site-specific Juniper Mist Edge appliances and you want to reuse a WLAN template for ease of operation.

Create Mist Tunnel (Site Level)

After you claim the Juniper Mist Edge, you can assign it to a site. Assign Mist Edge interface with warning: Do not select a Mist Edge for multiple sites. Site dropdown: Connecticut selected. Assign to Site and Cancel buttons at bottom. More option in top-right. Background shows table with details like version and IP address.

To create a Mist Tunnel at the site level:

  1. From the left menu of the Juniper Mist portal, select Organization > Site Configuration and select your desired site.
  2. On the Site Configuration page, to add a tunnel for the desired site, click Add Tunnel.
    Site configuration interface for Connecticut with fields for site name and ID, country, time zone, map search, Mist Tunnels, Radius Proxy, and Access Assurance settings.
  3. On the Add Tunnels page, in the VLAN ID(s) field, enter all the user VLANs that you want to extend from your corporate network to the APs. Separate the VLAN IDs in the list with commas.
    Add Tunnels configuration window for network setup with fields for VLAN IDs, Protocol selection (UDP selected), AP Subnets, MTU (1500), Hostnames or IPs, and Tunnel Timers. Options include IPsec, Primary Cluster (enabled), Secondary Cluster, Auto Preemption (disabled), and Anchor Mist Tunnel (No Tunnel selected). Save and Cancel buttons at the bottom.
  4. Select Enable Primary Cluster. In the Hostname IPs field, enter the IP address or the fully qualified domain name (FQDN) of the cluster with which the APs will communicate.
    This cluster IP address is the same as the tunnel IP address that you configured on the Juniper Mist Edge.
  5. Click Save.

Configure WLAN Template

A WLAN template is a collection of WLAN policies, tunneling policies, and WxLAN policies. Instead of repeating a given configuration across multiple service set identifiers (SSIDs), with WLAN templates you can set it once and then attach APs to the template to automatically inherit the setting. Both the APs and WLAN must belong to the same site.

You must use the WLAN Templates to enable the corporate SSID. You can create a WLAN template and use the template assignment for:

  • Specific sites or a collection of individual sites that are mapped to a Site-Group.

  • Entire organization with actual office sites added as exceptions.

To configure a WLAN template:

  1. From the left menu of the Juniper Mist portal, select Organization > Wireless > WLAN Templates.
  2. On the WLAN Templates page, click Create Template.
  3. On the New Template page, enter a name and click Create. The name will appear in the WLAN Template list. In the newly created WLAN template page, select Entire Org or Sites and Site Groups to assign the template to an organization or to Sites and Site groups.
    Figure 1: WLAN Template Assigned to Site and Site Groups Configuration interface showing fields for Name with CorpSite entered, Applies to with Entire Org and Sites and Site Groups options, and a checkbox for Limited to APs in profiles.
    Figure 2: WLAN Template Assigned to Entire Organization with Some Exceptions Configuration interface with Name field set to test. Applies to Entire Org selected. Exceptions include Connecticut site with options to add or remove. Limited to APs checkbox unchecked with empty input area below.
  4. On the WLAN templates page, select Add WLAN in the WLANs pane.
    Create WLAN page appears.
    1. In the Create WLAN page, you can specify the security settings.Configuration interface for wireless network security settings with options for Security Type and Fast Roaming.
    2. Enter other settings, as needed. For tips about the various WLAN settings, see WLAN Options.
    3. In the Create WLAN page, specify the number of VLANs to be tunneled through the Juniper Mist Edge in the VLAN ID field.
      User interface for VLAN settings with Tagged option selected and VLAN ID 100 entered, range 1 to 4094.
      Note that Juniper® Series of High-Performance Access Points do not tunnel any WLAN configured with an untagged VLAN. You can choose the APs that are tunneled as per the deployment type.
    4. For site-level deployment, in the Create WLAN page, select Custom Forwarding to and then select Site Edge from the drop-down list.
      Configuration interface for Custom Forwarding: Untagged VLAN not supported for WLAN tunneling to Mist Edge. Custom Forwarding to Site Mist Edge enabled. Dropdown for forwarding site selection. Disable WLAN when Mist Tunnel goes down option unchecked.
      You can also set Mist to disable the WLAN when the tunnel goes down by selecting the Disable WLAN when Mist Tunnel goes down check box.
    5. Click Create.