AP-VPN Deployment Scenarios
35.2 Scenario 2 - IPsec: Single Datacenter with Multiple controllers for Redundancy
SCALANCE W1750D UI
538
Configuration Manual, 02/2018, C79000-G8976-C451-02
Configuration Steps
CLI Commands
UI Procedure
5. Configure Centralized,
L2and Distributed, L3
withVLAN 20 and VLAN
30,respectively.
Centralized, L2 profile
(scalance)(config)# ip dhcp l2-dhcp
(scalance)(DHCP Profile "l2-dhcp")# server-type
Centralized,L2
(scalance)(DHCP Profile "l2-dhcp")# server-vlan
20
Distributed, L3 profile
(scalance)(config)# ip dhcp l3-dhcp
(scalance)(DHCP Profile "l3-dhcp")# server-
typeDistributed,L3
(scalance)(DHCP Profile "l3-dhcp")# server-vlan
30
(scalance)(DHCP Profile "l3-dhcp")# ip-
range10.30.0.0 10.30.255.255
(scalance)(DHCP Profile "l3-dhcp")# dns-
server10.1.1.50,10.1.1.30
(scalance)(DHCP Profile "l3-dhcp")# domain-
namecorpdomain.com
(scalance)(DHCP Profile "l3-dhcp")# client-count
200
NOTE: The IP range configuration on each branch will be
the same. Each AP will derive a smaller subnet based on
the client count scope using the Branch ID (BID) allocated
by controller.
See Configuring Central-
ized DHCP Scopes and
Configuring Distributed
DHCP Scopes
6. Create authentication serv-
ers for user authentication. The
example in the next column
assumes 802.1X SSID.
(scalance)(config)# wlan auth-server server1
(scalance)(Auth Server "server1")# ip 10.2.2.1
(scalance)(Auth Server "server1")# port 1812
(scalance)(Auth Server "server1")# acctport 1813
(scalance)(Auth Server "server1")# key
"presharedkey"
(scalance)(Auth Server "server1")# exit
(scalance)(config)# wlan auth-server server2
(scalance)(Auth Server "server2")# ip 10.2.2.2
(scalance)(Auth Server "server2")# port 1812
(scalance)(Auth Server "server2")# acctport 1813
(scalance)(Auth Server "server2")# key
"presharedkey"
See Configuring an
External Server for Authen-
tication