Overview of Configuration Steps

Configuring the IP address

Field Menu Value
Security Policy LAN-> IP Configuration-> Interfaces -><en1-0-> Trusted
Address Mode LAN ->IP Configuration-> Interface s-><en1-0-> Static
IP Address / Netmask LAN ->IP Configuration ->Interfaces -><en1-0-> 192.168.10.1 / 255.255.255.0

Create bridge groups and assign LAN interface

Field Menu Value
Interface Description System Management ->Interface Mode / Bridge Groups ->Interfaces en1-0
Mode / Bridge Group System Management ->Interface Mode / Bridge Groups ->Interfaces New Bridge Group
Configuration Interface System Management ->Interface Mode / Bridge Groups ->Interfaces en1-0

Put Wireless LAN Controller into operation

Field Menu Value
Region Wireless LAN Controller-> Wizard Germany
Interface Wireless LAN Controller ->Wizard BRIDGE_BR0
DHCP Server Wireless LAN Controller ->Wizard Internal
IP Address Range Wireless LAN Controller ->Wizard e. g. 192.168.10.100 / 192.168.10.150

Choose radio profile and configure WLAN access to the local network.

Field Menu Value
Use two independent radio profiles Wireless LAN Controller-> Wizard ->Next Enabled
Radio profile for module 1 (for all Access Points) Wireless LAN Controller-> Wizard ->Next 2.4 GHz Radio Profile
Radio profile for module 2 (only for APs with two radio modules) Wireless LAN Controller-> Wizard ->Next 5 GHz Radio Profile
Network Name (SSID) Wireless LAN Controller-> Wizard ->Next -><vss-1>-> Local Network
Preshared Key Wireless LAN Controller ->Wizard ->Next -><vss-1>-> e. g. supersecret

Configure guest WLAN

Field Menu Value
Network Name (SSID) Wireless LAN Controller ->Wizard ->Next ->Add e.g. Guest-Network
Security Mode Wireless LAN Controller-> Wizard ->Next-> Add WPA PSK
WPA Mode Wireless LAN Controller-> Wizard ->Next ->Add WPA2
Preshared Key Wireless LAN Controller-> Wizard ->Next-> Add e.g. Super-Secret-1
VLAN Wireless LAN Controller-> Wizard ->Next-> Add Enabled
VLAN ID Wireless LAN Controller ->Wizard ->Next-> Add e. g. 10
Manage Wireless LAN Controller ->Wizard ->Next Enabled

Configure Access Points with the Wireless LAN Controller

Field Menu Value
Wireless LAN Controller Wizard Wireless LAN Controller-> Wizard ->Next-> Next ->Next START

Configure the IP address for the virtual Bridge Interface

Field Menu Value
Based on Ethernet Interface LAN ->IP Configuration ->Interfaces-> New br0
Interface Mode LAN-> IP Configuration-> Interfaces-> New Tagged (VLAN)
VLAN ID LAN ->IP Configuration ->Interfaces-> New 10
Security Policy LAN-> IP Configuration ->Interfaces ->New Untrusted
Address Mode LAN-> IP Configuration ->Interfaces-> New Static
IP Address / Netmask LAN ->IP Configuration ->Interfaces-> New 192.168.11.1 / 255.255.255.0

Configure the IP Address Range for the guest network

Field Menu Value
IP Pool Name Local Services ->DHCP Server-> IP Pool Configuration-> New Guest-Address-Pool
IP Address Range Local Services ->DHCP Server ->IP Pool Configuration ->New e. g. 192.168.11.100 / 192.168.11.150

Configure DHCP use

Field Menu Value
Interface Local Services-> DHCP Server-> DHCP Configuration ->New br0-1
IP Pool Name Local Services-> DHCP Server-> DHCP Configuration-> New Guest-Address-Pool
Pool Usage Local Services ->DHCP Server-> DHCP Configuration ->New Local

Set up firewall

Field Menu Value
BRIDGE_BR0 Firewall-> Policies ->IPv4 Filter Rules ->Default Filter Rules Trusted Enabled
Description Firewall-> Services-> Groups-> New e.g. Guest-Locl-Access
Members Firewall-> Services-> Groups-> New e.g. dhcp , dns and echo
Source Firewall ->Policies-> IPv4 Filter Rules-> New BRIDGE_BR0-1
Destination Firewall-> Policies ->IPv4 Filter Rules ->New LOCAL
Service Firewall-> Policies ->IPv4 Filter Rules ->New Guest-Local-Access
Action Firewall-> Policies ->IPv4 Filter Rules ->New Access
Source Firewall ->Policies-> IPv4 Filter Rules-> New BRIDGE_BR0-1
Destination Firewall-> Policies ->IPv4 Filter Rules ->New WAN_INTERNET
Service Firewall-> Policies ->IPv4 Filter Rules ->New e.g. any
Action Firewall-> Policies ->IPv4 Filter Rules ->New Access
Status of the IPv4 Firewall Firewall-> Policies-> Options Enabled

Copyright© Version 01/2020 bintec elmeg GmbH