Paper Title - Aruba Networks [PDF]

Technology Solution Guide Deploying Accuris Networks AccuROAM Wi-Fi Offload Solution With Aruba Networks’ Secure Mobility Solution AccuROAM Software version 1500 – v8.1 iOS Client V1.0 Android Client V1.0 Aruba 3600 Access Controller AOS version 6.0 Aruba AP-105 Access Point

WARRANTY DISCLAIMER THE FOLLOWING DOCUMENT, AND THE INFORMATION CONTAINED HEREIN IS PROVIDED ON AN "AS IS" BASIS. ARUBA MAKES NO REPRESENTATIONS, WARRANTIES, CONDITIONS OR GUARANTEES AS TO THE USEFULNESS, QUALITY, SUITABILITY, TRUTH, ACCURACY OR COMPLETENESS OF THISDOCUMENT AND THE INFORMATION CONTAINED IN THIS DOCUMENT.

DISCLAIMER OF LIABILITY Aruba Networks, Inc. disclaims liability for any personal injury, property or other damages of any nature whatsoever, whether special, indirect, consequential or compensatory, directly or indirectly resulting from the certification program or the acts or omissions of any company or technology that has been certified by Aruba Networks.

Certification does not mean that the company is a subcontractor or under the technical control or direction of Aruba Networks. In conducting the certification program Aruba Networks is not undertaking to render professional or other services for or on behalf of any person or entity.

Deploying Accuris Networks Wi-Fi Offload Solution With Aruba Networks’ Secure Mobility Solution 1

Table of Contents Introduction .................................................................................................................................................. 3 Solution Components ................................................................................................................................... 3 Accuris Networks Solution........................................................................................................................ 3 Aruba WLAN Solution ............................................................................................................................... 4 Solution Qualification ................................................................................................................................... 4 Qualification Objective ............................................................................................................................. 4 Aruba Wireless LAN Settings .................................................................................................................... 5 Test Methodology .................................................................................................................................... 7 Conclusion ................................................................................................................................................ 8 Appendix 1 – Successful WISPr RADIUS exchange...................................................................................... 10 Appendix 2 – Successful EAP-SIM RADIUS exchange.................................................................................. 12 Appendix 3 – Aruba Access Controller Configuration File .......................................................................... 22


Introduction This document describes the interoperability testing completed between Aruba’s wireless LAN (AOS version. 6.0) infrastructure and Accuris Networks AccuROAM AAA server and the Accuris Networks WISPr 1+ clients. The document is intended to be used in conjunction with Aruba and Accuris Networks configuration guides. Please contact the respective company’s sales engineering or support groups should additional information be required. Solution Verified:

Accuris Networks AccuROAM server / handset clients

Aruba Product:

Aruba WLAN Solution OS version 6.0– APs and ACs

Partner Solution Tested:

Accuris Networks; AccuROAM Server Software version 1500-v8.1 Accuris Networks: WISPr 1+ clients: iOS Client – Software version 1.0 Android Client – Software version 1.0

Solution Components Accuris Networks Solution The Accuris Networks Wi-Fi offload solution is designed to offer a seamless and secure handover from a cellular network to an Aruba Wi-Fi network. The solution consists of two primary components:  

AccuROAM Server; Accuris Networks Handset client,

The AccuROAM server is required in all cases, while the clients are required only for WISPr based access . The AccuROAM platform provides a suite of integrated functional components to support the following services:      

EAP-SIM/AKA/TLS, WiSPr 1.0, 1+, and WiSPr 2.0 authentication; Location and presence; Mobile service-continuity to end-users on the Aruba Wi-Fi including voice, messaging and supplementary services; Tunneled data access to route data through the PDG while associated with the Aruba Wi-Fi network; RADIUS-to- TAP conversion or file manipulation for reporting / data mining; and Control of post-pay and prepaid service-access while on the Aruba Wi-Fi network.


Aruba WLAN Solution The focus of interoperability testing with Aruba Wi-Fi was to ensure support for EAP-SIM/EAP-AKA and WISPr based access. AP-105 Access Points and a 3600 Mobility Controller were used for this purpose. For EAP-SIM/AKA, the Mobility Controller handles the EAP protocol and packages it into RADIUS messaging for further delivery to the mobile network to complete the authentication process. The Mobility Controller inspects messages and sets routing based on identified REALM information. For WISPr, the Mobility Controller offers the required WISPr details within the HTTP of the landing page presented to the client for login. This allows a suitable smart client to detect the required WISPr support on the network and complete the automated login process. The Mobility Controller also directs RADIUS requests to the AccuROAM AAA server based on HTTP requests generated by the client.

Certified Product Summary Manufacturer

Accuris Networks

Products Certified

Accuris Networks AccuROAM Wi-Fi offload solution

Hardware Model Numbers

HP DL 380 G7

Software Version Numbers

Release 1500-v8.1

Client Version Numbers

iOS client – 1.0 Android client – 1.0

Features Tested EAP Access

EAP-SIM / EAP-AKA

WISPr Access

WISPr 1 access – proprietary Accuris Networks WISPr client

CDR Generation

RADUIS Accounting Record Generation and transfer

Solution Qualification Qualification Objective The objective of qualification testing was to validate the interoperability of the Accuris Networks AccuROAM server and the Accuris Networks Wi-Fi offload clients with Aruba’s wireless LAN infrastructure using both EAP and WISPs topologies. These are presents, respectively, in the following two figures.


EAP Topology

WISPr Topology

Aruba Wireless LAN Settings This section assumes that the user is familiar with Mobility Controller configuration and operation, as well as RADIUS configuration and operation. For additional information on Aruba controller


configuration please refer to the Aruba OS User Guide and the Aruba WISPr Primer documents available from support.arubanetworks.com. The following instructions assume the presence of a fully operational Aruba wireless network, complete with an operational captive portal, as a prerequisite to WISPr integration. RADIUS Setting Define the RADIUS servers. The authentication and accounting requests will be sent to the defined servers from the Mobility Controller. The user account username/passwords are stored on these RADIUS servers. aaa authentication-server radius host key ! aaa server-group allow-fail-through auth-server !

WISPr authentication profile configuration aaa authentication wispr default-role “wispr authenticated role” server-group wispr-location-id-socc “US” ((specify the location)) wispr-location-id-cc “1” wispr-location-id-ac “000” wispr-location-id-network wispr-location-name-operator-name !

Initial User Role Apply the WISPr profile to the initial role of the SSID that the WISPr smart clients will access. This is typically the same SSID that is used for standard captive portal users. The WISPr process does not interfere with captive portal. User-role preauth-wispr-user captive-portal wispr access-list session logon-control access-list session captiveportal access-list session pre-authaccess !


Certificates Install the server certificate using the controller’s webUI and note the CN. crypto-local pki ServerCert testcert web-server switch-cert testcert captive-portal-cert testcert !

Refer to Appendix 3 for the Mobility Controller configuration used in the testing.

Accuris Networks Settings The following Accuris Networks AccuROAM/client settings are recommended for use with the Mobility Controller. Accuris Networks Clients:  

Client settings are automatically configured on client install – default settings are recommended SMS destination number: 447624802789

AccuROAM settings   

SIGTRAN Setup – e.214 address translation for mobile network IMSIs RADIUS Setup – IP connection to AC. Shared Secret configured to accept RADIUS connection Realm configured to match Aruba and thus accept RADIUS requests UDID’s for all test handsets

Test Methodology The following tests were conducted for EAP-SIM and non-EAP using both Apple iPhone and Google Android based devices:     

Download of WPA supplicant profile; Detection of test access point; Attachment to Wi-Fi access point; Disconnection and reconnected to access point; Web browsing and file download when attached.

All tests were successful concluded. The tables below summarize the test results by test case and client device platform.


Test Title

Test Description

Result

iPhone EAP-SIM TEST CASES CAT-EAP-I-0001

Successful download of WPA supplicant profile to iPhone

OK

CAT-EAP-I-0002

Successful detection of test access point

OK

CAT-EAP-I-0003

Successful attachment to Wi-Fi access point *

OK

CAT-EAP-I-0004

Successful disconnection and reconnected to Access Point

OK

CAT-EAP-I-0005

Successful Web browsing and file download when attached

OK

iPhone Non-EAP TEST CASES CAT-WSP-I-0001

Successful download of client to the iPhone device

OK

CAT-WSP-I-0002


OK

CAT-WSP-I-0003

Successful attachment to Wi-Fi access point

OK

CAT-WSP-I-0004

Successful disconnection and Reconnected to access point

OK

CAT-WSP-I-0005


OK

Android Non-EAP TEST CASES – Samsung Galaxy CAT-WSR-A-0001

Successful download of client on an Android device

OK

CAT-WSR-A-0002


OK

CAT-WSR-A-0003

Successful attachment to Wi-Fi access point

OK

CAT-WSR-A-0004

Successful disconnection and reconnected to access point

OK

CAT-WSR-A-0005


OK

* Attachment includes both full authentication back to the network AuC, and fast re-authentication as detailed in RFC 4186/4187. ** Pseudonym Identity is also supported as detailed in RFC 4186/4187

Conclusion Testing confirmed the interoperability of Aruba’s wireless LAN (AOS version. 6.0) infrastructure and Accuris Networks’ AccuROAM AAA server and WISPr 1+ clients. This solution enables service providers to deploy a robust Wi-Fi offloading solution - leveraging Aruba’s best-in-class performance, scalability,


and security – with the confidence that connection, disconnection, and security features will be handled appropriately.

© 2012 Aruba Networks, Inc. Aruba Networks’ trademarks include ®, Aruba Networks®, Aruba Wireless Networks®, the registered Aruba the Mobile Edge Company logo, Aruba Mobility Management System®, Mobile Edge Architecture®, People Move. Networks Must Follow®, RFProtect®, and Green Island®. All rights reserved. All other trademarks are the property of their respective owners. Specifications are subject to change without notice.


Appendix 1 – Successful WISPr RADIUS exchange The WISPr attachment involves the following RADIUS sequence:

Access Request:


Access Accept:


Appendix 2 – Successful EAP-SIM RADIUS exchange The EAP-SIM attachment and accounting involves the following RADIUS sequence:

Access Request 1 – message 1:


Access Challenge 1 – message 2:




Access Challenge 2 – message 4:




Access Accept 1 – message 6:


Accounting Request 1 – message 7:


Accounting Response 1 - message 8:


Accounting Request 2 - message 9:


Accounting Response 2 – message 10:


Appendix 3 – Aruba Access Controller Configuration File version 6.0 hostname "Aruba3600-US" clock timezone 0 location "Building1.floor1" controller config 22 ip NAT pool dynamic-srcnat 0.0.0.0 0.0.0.0 ip access-list eth validuserethacl permit any ! netservice svc-netbios-dgm udp 138 netservice svc-snmp-trap udp 162 netservice svc-syslog udp 514 netservice svc-l2tp udp 1701 netservice svc-ike udp 500 netservice svc-smb-tcp tcp 445 netservice svc-dhcp udp 67 68 alg dhcp netservice svc-https tcp 443 netservice svc-pptp tcp 1723 netservice svc-sec-papi udp 8209 netservice svc-sccp tcp 2000 alg sccp netservice svc-http-accl tcp 88 netservice svc-telnet tcp 23 netservice svc-netbios-ssn tcp 139 netservice svc-sip-tcp tcp 5060 netservice svc-kerberos udp 88 netservice svc-tftp udp 69 alg tftp netservice svc-http-proxy3 tcp 8888 netservice svc-noe udp 32512 alg noe netservice svc-cfgm-tcp tcp 8211 netservice svc-adp udp 8200 netservice svc-pop3 tcp 110 netservice svc-lpd-tcp tcp 631 netservice svc-rtsp tcp 554 alg rtsp netservice svc-msrpc-tcp tcp 135 139 netservice svc-dns udp 53 alg dns netservice svc-h323-udp udp 1718 1719 netservice svc-h323-tcp tcp 1720 netservice svc-vocera udp 5002 alg vocera netservice svc-http tcp 80 netservice svc-http-proxy2 tcp 8080 netservice svc-sip-udp udp 5060 netservice svc-nterm tcp 1026 1028 netservice svc-noe-oxo udp 5000 alg noe netservice svc-papi udp 8211 netservice svc-natt udp 4500 netservice svc-ftp tcp 21 alg ftp netservice svc-microsoft-ds tcp 445 netservice svc-svp 119 alg svp netservice svc-smtp tcp 25 netservice svc-gre 47 netservice svc-netbios-ns udp 137 netservice svc-sips tcp 5061 alg sips netservice svc-smb-udp udp 445 Deploying Accuris Networks Wi-Fi Offload Solution With Aruba Networks’ Secure Mobility Solution 22

netservice svc-cups tcp 515 netservice svc-esp 50 netservice svc-v6-dhcp udp 546 547 netservice svc-snmp udp 161 netservice svc-bootp udp 67 69 netservice svc-msrpc-udp udp 135 139 netservice svc-ntp udp 123 netservice svc-icmp 1 netservice svc-ssh tcp 22 netservice svc-lpd-udp udp 631 netservice svc-v6-icmp 58 netservice svc-http-proxy1 tcp 3128 time-range night-hours periodic weekday 18:01 to 23:59 weekday 00:00 to 07:59 ! time-range weekend periodic weekend 00:00 to 23:59 ! time-range working-hours periodic weekday 08:00 to 18:00 ! ip access-list session v6-icmp-acl any any svc-vocera permit queue high ! ip access-list session control any any svc-natt permit user any udp 68 deny any any svc-icmp permit any any svc-dns permit any any svc-papi permit any any svc-sec-papi permit any any svc-cfgm-tcp permit any any svc-adp permit any any svc-tftp permit any any svc-dhcp permit ! ip access-list session allow-diskservices any any svc-netbios-dgm permit any any svc-netbios-ssn permit any any svc-microsoft-ds permit any any svc-netbios-ns permit ! ip access-list session validuser network 169.254.0.0 255.255.0.0 any any deny any any any permit ipv6 any any any permit ! ip access-list session v6-https-acl any any svc-icmp permit ! ip access-list session WISPr_Policy ! ip access-list session v6-dhcp-acl ! ip access-list session captiveportal Deploying Accuris Networks Wi-Fi Offload Solution With Aruba Networks’ Secure Mobility Solution 23

user user user user user user

alias controller svc-https dst-nat 8081 any svc-http dst-nat 8080 any svc-https dst-nat 8081 any svc-http-proxy1 dst-nat 8088 any svc-http-proxy2 dst-nat 8088 any svc-http-proxy3 dst-nat 8088

! ip access-list session allowall any any svc-icmp permit any any any permit any any svc-sip-udp permit queue high any any svc-sip-tcp permit queue high ! ip access-list session https-acl any any svc-https permit ! ip access-list session dns-acl user any udp 68 deny any any svc-icmp permit any any svc-dns permit any any svc-dhcp permit any any svc-natt permit any host 172.16.0.253 svc-sip-udp permit queue high any any svc-gre permit any any svc-cfgm-tcp permit ! ip access-list session ra-guard ! ip access-list session logon-control user any udp 68 deny any any svc-icmp permit any any svc-dns permit any any svc-dhcp permit any any svc-natt permit any any svc-gre permit any any svc-cfgm-tcp permit user alias controller svc-https dst-nat 8081 ! ip access-list session v6-allowall ! ip access-list session tftp-acl any any svc-tftp permit ! ip access-list session skinny-acl any any svc-sccp permit queue high ! ip access-list session srcnat user any any src-nat ! ip access-list session vpnlogon user any svc-ike permit user any svc-esp permit any any svc-l2tp permit any any svc-pptp permit any any svc-gre permit ! Deploying Accuris Networks Wi-Fi Offload Solution With Aruba Networks’ Secure Mobility Solution 24

ip access-list session captiveportal6 ! ip access-list session noe-acl any any svc-noe permit queue high ! ip access-list session ap-acl any user svc-telnet permit any any udp 5555 permit any any svc-gre permit any any svc-syslog permit any user svc-snmp permit user any svc-http permit user any svc-http-accl permit user any svc-smb-tcp permit user any svc-msrpc-tcp permit user any svc-snmp-trap permit user any svc-ntp permit user alias controller svc-ftp permit any any svc-svp permit queue high user host 224.0.1.116 any permit ! ip access-list session AmigoPod-permit ! ip access-list session v6-logon-control ! ip access-list session h323-acl any any svc-h323-tcp permit queue high any any svc-h323-udp permit queue high ! vpn-dialer default-dialer ike authentication PRE-SHARE a47508ceb01f70a316349683785eb9b6bf51469ac648f919 ! user-role ap-role ! user-role wispr_user wispr "WISPr_Auth" access-list session logon-control access-list session captiveportal access-list session vpnlogon access-list session v6-logon-control access-list session allowall ! user-role Accuris_WEP-guest-logon captive-portal "Accuris_WEP-cp_prof" wispr "WISPr_Auth" access-list session logon-control access-list session captiveportal access-list session vpnlogon ! user-role guest-logon access-list session captiveportal6 access-list session logon-control access-list session captiveportal access-list session vpnlogon access-list session v6-logon-control Deploying Accuris Networks Wi-Fi Offload Solution With Aruba Networks’ Secure Mobility Solution 25

! user-role guest vlan 1 access-list session validuser ! user-role Accuris_OPEN-logon wispr "WISPr_Auth" access-list session logon-control access-list session captiveportal access-list session vpnlogon access-list session v6-logon-control ! user-role stateful-dot1x ! user-role WISPr1APb-guest-logon access-list session captiveportal6 access-list session logon-control access-list session captiveportal access-list session vpnlogon access-list session v6-logon-control ! user-role Accuris_OPEN-guest-logon access-list session captiveportal6 access-list session logon-control access-list session captiveportal access-list session vpnlogon access-list session v6-logon-control ! user-role logon access-list session captiveportal6 access-list session logon-control access-list session captiveportal access-list session vpnlogon access-list session v6-logon-control ! ! controller-ip vlan 1 interface mgmt shutdown ! dialer group evdo_us init-string ATQ0V1E0 dial-string ATDT#777 ! dialer group gsm_us init-string AT+CGDCONT=1,"IP","ISP.CINGULAR" dial-string ATD*99# ! dialer group vivo_br init-string AT+CGDCONT=1,"IP","zap.vivo.com.br" dial-string ATD*99# ! Deploying Accuris Networks Wi-Fi Offload Solution With Aruba Networks’ Secure Mobility Solution 26

dialer group gsm_asia init-string AT+CGDCONT=1,"IP","internet" dial-string ATD*99***1# !

vlan-name VLAN_1 vlan VLAN_1 1 no spanning-tree interface gigabitethernet description "GE1/0" trusted trusted vlan 1-4094 !

1/0

interface gigabitethernet description "GE1/1" trusted trusted vlan 1-4094 !

1/1


1/2


1/3

interface vlan 1 ip address 172.16.0.254 255.255.255.0 ! ip default-gateway 172.16.0.1 uplink disable ap mesh-recovery-profile cluster RecoveryMm2SC9h8xCeWzmVY wpa-hexkey 13355a2a9734446e94d13450f055559afc90fc3fa9bf67dc3f4e7a678d90b240ff3f3f639e61d 126762b8c402ba39fcd15c777ee8bacadb38a76c19e7816e4c8e44954022344b09715f033e225 c45b6b wms general poll-interval 60000 general poll-retries 3 general ap-ageout-interval 30 general adhoc-ap-ageout-interval 5 general sta-ageout-interval 30 general learn-ap disable Deploying Accuris Networks Wi-Fi Offload Solution With Aruba Networks’ Secure Mobility Solution 27

general general general general

persistent-neighbor enable propagate-wired-macs enable stat-update enable collect-stats disable

! crypto ipsec transform-set default-boc-bm-transform esp-3des esp-sha-hmac crypto ipsec transform-set default-rap-transform esp-aes256 esp-sha-hmac vpdn group l2tp ! ip dhcp pool Accuris default-router 172.16.0.1 dns-server 85.91.1.128 85.91.1.130 lease 3 0 0 0 network 172.16.0.0 255.255.255.0 authoritative ! service dhcp ip dhcp default-pool private ! vpdn group pptp ! mux-address 0.0.0.0 adp discovery enable adp igmp-join enable adp igmp-vlan 0 voice rtcp-inactivity disable voice sip-midcall-req-timeout disable ssh mgmt-auth username/password mgmt-user admin root d42b905a011cdff8dc9b8d6ab13ce7be800609c23d0676d26c no database synchronize database synchronize rf-plan-data ip mobile domain default ! ip igmp ! no firewall attack-rate cp 1024 ! firewall cp ! firewall cp Deploying Accuris Networks Wi-Fi Offload Solution With Aruba Networks’ Secure Mobility Solution 28

packet-capture-defaults tcp disable udp disable sysmsg disable other disable ! ip domain lookup ! country US aaa authentication mac "default" ! aaa authentication dot1x "Accuris_OPEN-dot1x_prof" ! aaa authentication dot1x "Accuris_WLAN-dot1x_prof" ! aaa authentication dot1x "default" ! aaa authentication dot1x "dot1x_prof-heg79" ! aaa authentication-server radius "ianslinux" host "10.50.1.62" key 5843006372c6ac28550b63ce5f3852bd authport 8300 acctport 8301 ! aaa server-group "Accuris" auth-server ianslinux ! aaa server-group "default" auth-server ianslinux auth-server Internal ! aaa authentication via connection-profile "default" ! aaa authentication via web-auth "default" ! aaa authentication via global-config ! aaa profile "Accuris_OPEN-aaa_prof" initial-role "Accuris_WEP-guest-logon" no devtype-classification ! aaa profile "Accuris_WEP-aaa_prof" initial-role "Accuris_WEP-guest-logon" ! aaa profile "Accuris_WLAN-aaa_prof" initial-role "wispr_user" ! aaa profile "default" ! aaa authentication captive-portal "Accuris_OPEN-cp_prof" ! aaa authentication captive-portal "Accuris_WEP-cp_prof" no user-logon ! aaa authentication captive-portal "default" ! aaa authentication captive-portal "WISPr1APb-cp_prof" ! aaa authentication wispr "default" Deploying Accuris Networks Wi-Fi Offload Solution With Aruba Networks’ Secure Mobility Solution 29

! aaa authentication wispr "WISPr_Auth" default-role "wispr_user" ! aaa authentication vpn "default" ! aaa authentication mgmt ! aaa authentication stateful-ntlm "default" ! aaa authentication stateful-kerberos "default" ! aaa authentication stateful-dot1x default-role "wispr_user" enable ! aaa authentication via auth-profile "default" ! aaa authentication wired ! web-server ! papi-security ! guest-access-email ! voice logging ! voice dialplan-profile "default" ! voice real-time-config ! voice sip ! aaa password-policy mgmt ! control-plane-security ! valid-network-oui-profile ! ap system-profile "default" ! ap regulatory-domain-profile "default" country-code US valid-11g-channel 1 valid-11g-channel 6 valid-11g-channel 11 valid-11a-channel 36 valid-11a-channel 40 valid-11a-channel 44 valid-11a-channel 48 valid-11a-channel 149 valid-11a-channel 153 valid-11a-channel 157 valid-11a-channel 161 valid-11a-channel 165 Deploying Accuris Networks Wi-Fi Offload Solution With Aruba Networks’ Secure Mobility Solution 30

valid-11g-40mhz-channel-pair valid-11g-40mhz-channel-pair valid-11a-40mhz-channel-pair valid-11a-40mhz-channel-pair valid-11a-40mhz-channel-pair valid-11a-40mhz-channel-pair

1-5 7-11 36-40 44-48 149-153 157-161

! ap wired-ap-profile "default" ! ap enet-link-profile "default" ! ap mesh-ht-ssid-profile "default" ! ap mesh-cluster-profile "default" ! ap wired-port-profile "default" ! ap mesh-radio-profile "default" ! ids general-profile "default" ! ids unauthorized-device-profile "default" ! ids profile "default" ! rf arm-profile "default" ! rf optimization-profile "default" ! rf event-thresholds-profile "default" ! rf am-scan-profile "default" ! rf dot11a-radio-profile "default" ! rf dot11g-radio-profile "default" ! wlan dot11k-profile "default" ! wlan voip-cac-profile "default" ! wlan ht-ssid-profile "Accuris_OPEN-htssid_prof" ! wlan ht-ssid-profile "Accuris_WEP-htssid_prof" ! wlan ht-ssid-profile "Accuris_WLAN-htssid_prof" ! wlan ht-ssid-profile "default" ! wlan edca-parameters-profile station "default" ! wlan edca-parameters-profile ap "default" ! wlan ssid-profile "Accuris_OPEN-ssid_prof" essid "WISPr1APb" ht-ssid-profile "Accuris_OPEN-htssid_prof" Deploying Accuris Networks Wi-Fi Offload Solution With Aruba Networks’ Secure Mobility Solution 31

! wlan ssid-profile "Accuris_WEP-ssid_prof" essid "Accuris_WEP" ht-ssid-profile "Accuris_WEP-htssid_prof" ! wlan ssid-profile "Accuris_WLAN-ssid_prof" essid "Accuris_WLAN" ht-ssid-profile "Accuris_WLAN-htssid_prof" ! wlan ssid-profile "default" ! wlan virtual-ap "Accuris_OPEN-vap_prof" aaa-profile "Accuris_OPEN-aaa_prof" ssid-profile "Accuris_OPEN-ssid_prof" vlan 1 no blacklist band-steering ! wlan virtual-ap "Accuris_WEP-vap_prof" aaa-profile "Accuris_WEP-aaa_prof" ssid-profile "Accuris_WEP-ssid_prof" vlan 1 ! wlan virtual-ap "Accuris_WLAN-vap_prof" aaa-profile "Accuris_WLAN-aaa_prof" ssid-profile "Accuris_WLAN-ssid_prof" vlan 1 no blacklist band-steering ! wlan virtual-ap "default" ! ap provisioning-profile "default" master set "172.16.0.254" ! ap-group "default" virtual-ap "Accuris_WLAN-vap_prof" virtual-ap "Accuris_OPEN-vap_prof" ! logging level debugging user-debug 00:13:ce:1a:b6:5b logging level debugging user-debug 78:d6:f0:60:a4:a0 snmp-server enable trap process monitor log end
