Configuring a WLAN scenario for bridging payload data to the central site

This is an example of how L2TPv3 is used in a scenario where several access points use bridging to transfer their payload data to a central router (referred to here as the "concentrator"), where the data are made available via a separate Ethernet port.

Note: Before LCOS 10.20, this scenario would have required a WLAN controller.
  1. Prepare the WLAN configuration on the access points. To enable roaming, SSID names and encryption settings should be configured identically on each AP.
  2. Now configure the concentrator, which is to accept the L2TPv3 Ethernet sessions from the individual access points.
    1. Under Communication > Remote sites > L2TP in the L2TP endpoints table, create an entry "DEFAULT”. Enter a descriptive name for the new entry. Set the L2TP version to "L2TPv3". Do not specify an IP address. Set a password to increase security and enable the "Authenticate remote end" option to use the password for authentication during connection establishment. Leave the remaining settings at their default values.




      The IP address is empty. This is then a "wildcard" entry that can accept connections from any remote site.

    2. Under Communication > Remote sites > L2TP in the L2TP Ethernet table, create a new entry. Use Remote site to set a name for the Ethernet tunnel, e.g. the name of the SSID to which the tunnel on the access points is to be linked. Leave the field L2TP endpoint empty so that any (authenticated) sessions can be accepted. This method avoids having to create an entry for each individual access point in the L2TP endpoint table: The wildcard entry created in the previous step is used instead. Under Interface you now configure the virtual interface to which the L2TP Ethernet tunnel is to be connected. If the access points operate multiple SSIDs that are to be bridged to the central site, use this table to create an entry for each SSID, each with a unique name under Remote site.




      Note: In our scenario, the payload data of all connected access points are routed to the virtual interface configured here. Furthermore, the payload data of all access points connected to this virtual interface are bridged to one another—rather like the WLAN controller-based layer-3 tunneling technique.
    3. Under Interfaces > LAN > LAN bridge settings > Port table, link the virtual L2TP interface selected earlier to a LAN interface where you set the same bridge group. Repeat this for any additional L2TP virtual interfaces for additional SSIDs.




    4. This concludes the configuration of the concentrator.
  3. The following example shows how to configure an access point to transfer payload data to the concentrator.
    1. Under Communication > Remote sites > L2TP, create a new entry in the L2TP endpoints table. Enter a descriptive name for the new entry. Set the L2TP version to "L2TPv3". Enter the IP address or host name where the access point contacts the concentrator. Enter the password you set when configuring the concentrator and select "Authenticate remote end" to use the password for authentication. Leave the remaining settings at their default values.
    2. Under Communication > Remote sites > L2TP in the L2TP Ethernet table, create a new entry. Under Remote site, enter a name that identifies the Ethernet tunnel. This must be the same as the name given to this Ethernet tunnel on the concentrator. In the field L2TP endpoint, select the L2TP endpoint table entry that was created in the previous step. This endpoint is then used to establish the Ethernet tunnel. Under Interface you now configure the virtual interface to which the L2TP Ethernet tunnel is to be connected.




    3. Under Interfaces > LAN > LAN bridge settings > Port table, link the virtual L2TP interface selected earlier to a WLAN interface by setting the same bridge group. Repeat this for any additional L2TP virtual interfaces for additional SSIDs.








    4. Carry out the configuration described here for the other access points. Once the configuration has been completed in this way, the identical configuration can be used on all of the access points and no further adaptations are necessary for the individual APs.

www.lancom-systems.com

LANCOM Systems GmbH | A Rohde & Schwarz Company | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E‑Mail info@lancom.de

LANCOM Logo