HP ProCurve 745wl User manual
Installation and
Getting Started Guide
www.procurve.com
ProCurve Secure Access 700wl Series
PROCURVE
SECURE ACCESS 700WL SERIES
INSTALLATION AND GETTING
STARTED GUIDE
ii
© Copyright 2004, 2006 Hewlett-Packard Development
Company, L.P. The information contained herein is
subject to change without notice.
Publication Number
5991-4756
June, 2006
Edition 1
Applicable Products
Trademark Credits
Windows NT®, Windows®, and MS Windows® are US
registered trademarks of Microsoft Corporation.
Disclaimer
The only warranties for HP products and services are set
forth in the express warranty statements accompanying such
products and services. Nothing herein should be construed
as constituting an additional warranty. HP shall not be liable
for technical or editorial errors or omissions contained
herein.
Warranty
See the Customer Support/Warranty booklet included with
the product.
A copy of the specific warranty terms applicable to your
Hewlett-Packard products and replacement parts can be
obtained from your HP Sales and Service Office or
authorized dealer.
ProCurve Access Control Server 745wl (J9038A)
ProCurve XL Access Controller Module (J8162A)
iii
CONTENTS
Preface vii
Audience vii
Document Objectives vii
Organization vii
Related Publications ix
Document Conventions ix
Support Information ix
Compliance and Safety Notices ix
Chapter 1 Introduction to the ProCurve 700wl Series 1-1
Overview 1-1
Centralized Administration of the 700wl Series system 1-1
Order of Network Installation 1-2
Access Control Server with One or More Access Controller
Modules 1-2
Redundant Access Control Servers with One or More Access
Controller Modules 1-2
Tools and Information Required 1-3
Chapter 2 Hardware Installation 2-1
Hardware Description 2-1
System Memory/Storage 2-2
Chassis 2-2
Power Supply 2-2
Fans 2-2
I/O Ports 2-2
Controls and Indicators 2-3
Rear Chassis 2-4
Site Planning Checklist 2-4
Site Power Requirements and Heat Dissipation 2-5
Installing a 700wl Series System 2-6
Unpacking 2-6
iv Installation and Getting Started Guide
Rack Mounting the Chassis 2-6
Connecting Power to the Chassis 2-7
Chapter 3 Network Setup 3-1
Getting Started 3-1
Access Control Server Setup 3-2
IP Addressing Considerations 3-2
Initial Configuration Using the CLI 3-3
Initial Configuration Using the Administrative Console 3-8
Access Controller Module Setup 3-14
IP Addressing Considerations 3-14
Initial Configuration Using the CLI 3-15
Completing the Installation 3-15
Chapter 4 Basic Configuration 4-1
Procedure Overview 4-1
Preparation 4-2
Creating a User Account in the Built-In Database 4-2
User Authentication Through the Default Logon Page 4-3
PPTP Gateway Configuration 4-4
Configuring Access Policies for Encryption 4-5
PPTP Client Configuration 4-8
User Authentication Via PPTP Connection 4-11
External Authentication Service Configuration 4-11
Verify the External Authentication Service 4-15
Appendix A Troubleshooting A-1
Appendix B LCD Display Description B-1
Display Description B-1
Button Functionality B-1
Powering On and System Boot B-2
Default Display B-2
Main Menus B-2
System Shutdown B-3
Appendix C Technical Specifications, Safety and Compliance C-1
Technical Specifications C-1
Environmental Ranges C-1
Installation and Getting Started Guide v
Power Requirements C-1
Physical Dimensions C-1
Safety and Regulatory Compliance C-2
Physical Interface C-2
Appendix D Cable and Connector Specifications D-1
Serial Console Port D-1
10/100 Downlink Ethernet Cables D-2
Power Crossover Connector D-2
Appendix E Safety and EMC Regulatory Statements E-1
Safety Information E-1
U.S.A. E-9
Canada E-9
Australia/New Zealand E-9
Japan E-9
Korea E-9
BSMI E-10
Regulatory Model Identification Number E-10
European Community E-11
Appendix F Recycle Statements F-1
Waste Electrical and Electronic Equipment (WEEE) Statements F-1
Index IX-1
vii
PREFACE
This preface describes the objective, audience, use, and organization of the Installation and Getting Started
Guide. It also outlines the document conventions, related documentation, and support information.
Audience
The audience for this document is the network administrator who wants to enable network users to
communicate using the 700wl Series system. This document is intended for authorized personnel who
have previous experience working with network telecommunications systems or similar equipment. It is
assumed that the personnel using this document have the appropriate background and knowledge to
complete the procedures described in this document.
Document Objectives
This document contains procedural information describing the installation and configuration of the
ProCurve Access Control Server 745wl and XL Access Controller Module. Each procedure is written in a
task-oriented format consisting of numbered step-by-step instructions. In most cases, several procedures
are required to complete one overall task. All procedures should be performed in the order they appear in
this document, unless otherwise instructed.
This document also provides instructions for the creation of a basic configuration of the ProCurve Secure
Access 700wl Series that allows a user to:
• Connect to the 700wl Series system (optionally using the PPTP secure protocol)
• Log in and be authenticated through the ProCurve 700wl Series built-in database
• Pass IP traffic and have access to network resources.
A system running with this configuration is suitable for basic evaluation or demonstration purposes.
Organization
This document is organized as follows:
Chapter 1— Introduction
This chapter gives an overview of the 700wl Series system installation procedure.
viii ProCurve Secure Access 700wl Series Installation and Getting Started Guide
Chapter 2— Hardware Installation
This chapter describes the installation of the ProCurve Access Control Server 745wl. Installation of the XL
Access Controller Module is described in the ProCurve Series 5300xl Switches Installation and Getting Started
Guide.
Chapter 3— Network Setup
This chapter describes the network configuration of the Access Control Server after it has been physically
installed.
Chapter 4—Basic Configuration
This chapter leads you through the configuration of a basic system setup that includes user accounts and
user authentication, as well as a PPTP gateway, and support for an external authentication service. such
as LDAP.
Appendix A—Troubleshooting
This chapter presents troubleshooting procedures for the 700wl Series system.
Appendix B—LCD Display Description
This appendix describes the LCD display on the Access Control Server 745wl. The display can be used to
view the system’s network parameters, and to power down the system.
Appendix C—Technical Specifications, Safety and Compliance
This appendix describes the technical specifications of the system, and provides safety and compliance
information.
Appendix D—Cable and Connector Specifications
This appendix describes the Serial Connector and the Standard Ethernet cables for use with the 700wl Series
system.
Appendix E—Safety and EMC Regulatory Statements
This appendix describes safety and EMC regulatory information for the 700wl Series system.
Appendix F—Recycle Statements
This appendix describes Waste Electrical and Electronic Equipment (WEEE) information for the 700wl
Series system.
ProCurve Secure Access 700wl Series Installation and Getting Started Guide ix
Related Publications
The following publications provide additional information:
• ProCurve Secure Access 700wl Series Management and Configuration Guide
• ProCurve 700wl Series Release Notes
•ProCurve Series 5300xl Switches Installation and Getting Started Guide
Document Conventions
The following text conventions are used in this document:
The following icons are used to alert you to important information:
Support Information
See the ProCurve Networking web site at www.procurve.com. Click on technical support and select
support services for a list of available support resources and options for contacting HP.
Compliance and Safety Notices
Technical specifications, safety information, and regulatory compliance statements can be found in
Appendix C, “Technical Specifications”. This information should be read thoroughly before installing
the HP system equipment.
Convention Definition
Boldface Arial Screen menus that you click to select, field names, and commands that
you select are in boldface Arial.
Italic Palatino New terms that are defined in the text, and emphasized terms are in italic
Palatino.
Courier Filenames and commands or text that you type are in Courier.
Icon Notice Type Alerts you to...
None Note Helpful suggestions or information that is of special importance in
certain situations.
None Caution Risk of personal injury, loss of system functionality, or loss of data.
Warning Risk of severe personal injury, system damage, or irrecoverable
loss of data.
1-1
1
INTRODUCTION TO THE PROCURVE
700WL SERIES
This chapter gives a brief description of the installation procedures for ProCurve 700wl Series products. It
consists of the following sections
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
Order of Network Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Tools and Information Required . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
Overview
Two products make up the ProCurve 700wl Series:
• ProCurve Access Control Server 745wl
• ProCurve XL Access Controller Module
The physical installation of the Access Control Server 745wl is described fully in Chapter 2, “Hardware
Installation”. The hardware installation is always performed first, before the network installation. The XL
Access Controller Module is installed in the 5300xl switches, and, therefore, its installation is described in
the ProCurve Series 5300xl Switches Installation and Getting Started Guide.
Centralized Administration of the 700wl Series system
Wireless network clients physically connect through Access Controller Modules, but authentication and
rights administration for these clients is handled centrally from the Access Control Server. In addition, all
configuration of the Access Controller Modules connected to the system is handled by the Administrative
Console located in the Access Control Server. Once you have installed an Access Controller Module onto
your network, you should not need to perform any administration functions directly on the Access
Controller Module.
From the centralized Administrative Console on your Access Control Server you can perform the
following configuration functions:
• Configure the 700wl Series system setup, including bridging, DHCP Network for NAT Clients,
Forwarding of IP Address broadcasts, setting up HTTP proxies, configuring SNMP settings, and
setting the system date & time
• Update the 700wl Series system software or return to a previous version
• Set up a Wireless Data Privacy policy for clients using VPN protocols
• Set up Authentication Policies for how users authenticate themselves to the system
• Set up Access Policies to control what users can do over the network
1-2 ProCurve Secure Access 700wl Series Installation and Getting Started Guide
Introduction to the ProCurve 700wl Series
• Set up Identity Profiles to put users in groups that share the same access policies
• Set up Connection Profiles that allow you to specify different Access Policies for users based on
location, time of day, VLAN tags, and Authentication Policies
• Set up redundant Access Control Servers to provide failover
Additionally, the Administrative Console provides functions for monitoring the status of the system
components, as well as monitoring clients logged onto the system and their sessions.
Order of Network Installation
The order of installation depends on the complement of equipment you wish to install. There are two
basic configurations, and for each, there is an order of network installation as follows:
• Access Control Server 745wl with at least one XL Access Controller Module
• Two redundant Access Control Server 745wls with at least one XL Access Controller Module
Access Control Server with One or More Access Controller Modules
If you are installing one Access Control Server 745wl and one or more XL Access Controller Modules,
perform installation in the following order:
Step 1. Install the Access Control Server, following the steps in Chapter 2, “Hardware Installation” in this
manual.
Step 2. Perform the network setup for the Access Control Server, following the steps in “Access Control
Server Setup” on page 3-2.
Step 3. Install the Access Controller Modules following the steps in the ProCurve Series 5300xl Switches
Installation and Getting Started Guide.
Step 4. Once the Access Controller Modules are recognized by the Access Control Server and appear in
the Access Control Server Administrative Console, perform any additional setup required,
following the steps in“Completing the Installation” on page 3-15.
Redundant Access Control Servers with One or More Access Controller
Modules
Step 1. Install each Access Control Server, following the steps in Chapter 2, “Hardware Installation” in
this manual.
Note: It is strongly recommended that an Access Control Server 745wl be used as the
secondary Access Control Server. If you use an Access Control Server 740wl as the redundant
Access Control Server, transferring the primary 745wl workload to a secondary 740wl may
result in the working integrity being compromised due to 740wl limitations.
Step 2. Perform the network setup for each Access Control Server, following the steps in“Access Control
Server Setup” on page 3-2.
ProCurve Secure Access 700wl Series Installation and Getting Started Guide 1-3
Introduction to the ProCurve 700wl Series
Note the IP address and shared secret of the Access Control Server that you plan to designate as
the Primary Access Control Server. Do not configure the Access Control Servers (yet) as
redundant peers.
Step 3. Install the Access Controller Modules following the steps in the ProCurve Series 5300xl Switches
Installation and Getting Started Guide.
Configure the Access Controller Modules with the IP address and shared secret of the Primary
Access Control Server.
Step 4. Once the Access Controller Module is recognized by the Primary Access Control Server and
appears in the Access Control Server Administrative Console, perform any additional setup
required, following the steps in “Completing the Installation” on page 3-15.
Step 5. On the Access Control Server that is to be the redundant (non-Primary) Access Control Server, set
the shared secret to be the same as the Primary Access Control Server.
Step 6. On the Primary Access Control Server, configure redundancy, following the steps in Chapter 6,
“Configuring the Network” in the ProCurve Secure Access 700wl Series Management and
Configuration Guide.
Tools and Information Required
To perform network installation for an Access Control Server or Access Controller Module, the
information defined in Table 1-1 may be required:
Note: The information you gather here is required during configuration and is presented here as a
reminder to find it before beginning the network installation.
Table 1-1. Installation Parameters
Parameter Form
Hostname (Fully-Qualified) Not required. Must be fully-qualified if provided.
Example: am21b.corp.com
Note: A hostname is required only for Access Control Servers that will have a
real Secure Socket Layer (SSL) certificate installed. If you install a signed SSL
certificate, the hostname must match that on the SSL certificate.
Domain name Defines the system’s domain if a hostname is not provided. This is optional.
Example: xyzcorp.com
IP address Can be configured as a static IP address or can be obtained via DHCP.
Note: The IP address of the Access Control Server will be needed to configure
Access Controller Modules.
Subnet Mask Defines the system’s subnet range. Can be obtained via DHCP. Example:
255.255.255.0.
Gateway (router) IP address Defines the default router. Can be obtained via DHCP.
Primary and Secondary DNS
server IP addresses
Defines the location of the primary and backup DNS servers. Can be obtained
via DHCP.
1-4 ProCurve Secure Access 700wl Series Installation and Getting Started Guide
Introduction to the ProCurve 700wl Series
Many of these parameters can be supplied by the DHCP server if the system is configured to obtain its IP
address via DHCP. If the system is configured to use a static IP address, then all the parameters shown in
the table must be provided when the system is configured for the network.
The following tools and equipment are required to install a 700wl Series system in a rack:
• Tape measure and level
• Number 2 Phillips screwdriver
Shared Secret Secret key used to establish trust relationship between an Access Control
Server and an Access Controller Module. Alphanumeric string. The same
shared secret must be configured on each system.
Table 1-1. Installation Parameters
Parameter Form
2-1
2
HARDWARE INSTALLATION
This chapter describes the hardware installation of the ProCurve Access Control Server 745wl. (The XL
Access Controller Module is installed in the 5300xl switches, and, therefore, its installation is described in
the ProCurve Series 5300xl Switches Installation and Getting Started Guide.) You must be sure that the site
requirements are met and carefully follow the procedures described to physically install the equipment.
This chapter consists of the following sections:
Hardware Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
Site Planning Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4
Installing a 700wl Series System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6
Hardware Description
This section describes the hardware features of the Access Control Server 745wl, which is designed for
high-performance, high-density wiring-closet applications. Figure 2-1 shows an Access Control Server
745wl.
Figure 2-1. Access Control Server 745wl
The Access Control Server 745wl consists of a chassis, power supply, fans, I/O ports, indicators, and
switches. This unit has two RJ-45 connectors—one for the network uplink, used to connect the unit to the
network, and one that is used for the redundant Access Control Server.
2-2 ProCurve Secure Access 700wl Series Installation and Getting Started Guide
Hardware Installation
Figure 2-2 shows a front panel view of the Access Control Server 745wl.
Figure 2-2. Front panel view—Access Control Server 745wl
System Memory/Storage
The Access Control Server 745wl is equipped with a hard disk.
Chassis
The chassis is 17.00” (43.2 cm) wide, 22.00” (55.9 cm) deep, and 3.5” (8.9 cm) high, which is 2 rack units
(RU) high. It weighs approximately 35 lbs (15.9 kg). It can be rack-mounted using the front brackets
provided.
Power Supply
TheAccess Control Server 745wl contains an auto voltage sensing power supply. Input is 100-220 volts,
2.5A, 50/60 Hz, with a measured 350 watts output.
Fans
Note: For environmental specifications, see “Site Power Requirements and Heat Dissipation” on
page 2-5.
The system fan assembly provides cooling air for the internal chassis components. The fans exhaust warm
air from the back and draw in cool air at the front. The Access Control Server 745wl monitors its internal
fan speeds, internal chassis temperature, and power supply voltages. The status of these values are
reported by system software.
I/O Ports
Table 2-1 summarizes the functional I/O ports on the Access Control Server 745wl.
ProCurve Secure Access 700wl Series Installation and Getting Started Guide 2-3
Hardware Installation
Controls and Indicators
Controls
There is only one control on the front of the chassis, a power button, labeled I/0. The power button is a
momentary switch and is used to turn on the system.
Note: The front panel power button should not be used to power off the system. Turning off the
system should be performed through software.
There is also a power supply switch on the rear of the Access Control Server 745wl, next to the power
cord socket. This switch must be left in the On (I) position for the unit to be operational, and cannot be
used to power on the system. When this switch is in the Off (0) position, the front panel power button
will not function.
System Status Indicator
There is one system status LED indicator on the front of the chassis—Power (ON). ON is lit when the
power supply is plugged into a live outlet, the rear panel On/Off switch is in the On position, and the
power is turned on by the front panel On/Off button.
LCD Display
The LCD display can be used to view the system’s network parameters, and to power down the system.
The LCD display is located in the middle of the front panel of the Access Control Server 745wl. It is a 16-
character by two-line display, with six buttons located to the right of the display (Figure 2-3).
Figure 2-3. LCD Display
Appendix B, “LCD Display Description” describes the messages and operation of the LCD display panel.
Table 2-1. I/O Ports
Port Function Description
Number
of Ports
Network Uplink RJ-45, 10Base-T/
100Base-TX/1000Base-T
1
Serial Console DB9, Serial Port 1
2-4 ProCurve Secure Access 700wl Series Installation and Getting Started Guide
Hardware Installation
Network Uplink Status Indicators
A detailed view of the network interface (uplink port) is shown in Figure 2-4.
Figure 2-4. Network Uplink port
The two LEDs, LED1 and LED2, provide information on the port speed and data connection state of the
default network uplink port as shown in Table 2-2.
Rear Chassis
Figure 2-5 shows the rear of the Access Control Server 745wl. There is one control on the rear of the
chassis, a power switch. This switch cannot be used to power on the system. When this switch is in the
Off (0) position, the front panel power button will not function.
Note: The power switch must be left in the On (I) position for the unit to be operational.
Figure 2-5. Rear chassis of an Access Control Server 745wl
Site Planning Checklist
Before installing an Access Control Server 745wl or XL Access Controller Module, you should evaluate
the items in the following site planning checklist:
Space Evaluation
•Spaceandlayout
Table 2-2. Network uplink LED status
LED State LED1 (Port Speed) LED2 (Connection)
On Green: 10 Mbps, 1000 Mbps Link 100 Mbps, 1000 Mbps Link
Off 100 Mbps Link and Activity 10 Mbps Link and Activity
Blinking Green (Blink): 10 Mbps, 1000 Mbps Activity 100 Mbps, 1000 Mbps Link
LED1 LED2
Other manuals for ProCurve 745wl
1
This manual suits for next models
2
Table of contents
Other HP IP Access Controllers manuals
