No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Principles

Principles

Basic Concepts

  • Agile Controller-Campus: serves as a core part of Huawei Cloud Managed Network (CMN) Solution and provides unified management of Huawei network devices, such as APs, ARs, switches, and firewalls. The Agile Controller-Campus supports unified multi-tenant management, plug-and-play devices, and batch network service deployment, and provides APIs for interworking with third-party platforms and extending value-added services.
  • Empty configuration: factory settings of an AP.
  • Registration center: Huawei device registration query center. It is a main component in the Huawei CloudCampus Solution, and allows query of the management mode and home cloud management platform of a device.Based on the query result, the device determines whether to switch to the cloud managed mode and with which cloud management platform it needs to register.
  • Cloud mode: working mode of an AP in cloud managed state. An AP works as a Fit AP by default. To implement unified network management on the Agile Controller-Campus, switch the AP to a cloud AP. Use one of the following methods to switch an AP to a cloud AP:
    • Using the Dynamic Host Configuration Protocol (DHCP): An AP sends a DHCP request to a DHCP server that has information about the Agile Controller-Campus configured. After receiving the request, the DHCP server replies with a DHCP response packet carrying information about the Agile Controller-Campus in the Option 148 field. According to the information, the AP restarts and switches to a cloud AP. This method requires that the AP be unconfigured.
    • Using the registration center: An AP accesses the registration center based on the center's URL and port number of the preset on the AP or obtained during a software upgrade. Then the AP queries the registration center for the device management mode by ESN. According to the obtained information, the AP restarts and switches to a cloud AP.
    • Using the CLI: After commands used for switching an AP to a cloud AP are configured, the AP displays a message, indicating that the current configuration will be cleared and the AP will restart. After the restart, the AP switches to a cloud AP. If an AP is configured, you can run commands to switch it to a cloud AP but cannot use DHCP.
    • Using the mobile app (Huawei CMN): You can use the app to scan or manage SSIDs to switch an AP to a cloud AP.

Process of Switching the AP Mode and Obtaining the Agile Controller-Campus Address Through a DHCP Server

Figure 4-1  Basic network of Huawei CMN Solution

On the network shown in Figure 4-1, the Agile Controller-Campus uses the NETCONF protocol to manage APs. This process is as follows:

  1. DHCP phase

    After connecting to the network, an AP uses DHCP to obtain information about the Agile Controller-Campus from a DHCP server. The DHCP server is generally an egress gateway or an independent network device. The following describes how an AP obtains information about the Agile Controller-Campus:

    1. The default management interface VLANIF 1 of an AP has been enabled to dynamically obtain an IP address by default. If the AP is unconfigured, it sends a DHCP request to apply for an IP address after it is powered on. After receiving the request, the DHCP server replies with a DHCP response packet carrying information about the Agile Controller-Campus in the Option 148 field. The AP then parses the Option 148 field, restarts, and switches to a cloud AP.
      NOTE:
      Only unconfigured APs can use DHCP to switch to cloud APs. If the DHCP method is unavailable, you can only run commands or use a mobile app (HUAWEI CMN) to switch an AP to a cloud AP.
    2. After the AP is switched to a cloud AP, the DHCP process will be repeated. The AP then parses the Option 148 field to obtain the IP address or URL of the Agile Controller-Campus and saves it locally. The IP address or URL of the Agile Controller-Campus can also be configured on the AP. If the AP obtains the IP address or URL of the Agile Controller-Campus using both DHCP and CLI, the IP address or URL obtained using DHCP is preferentially used.
  2. Registration authentication phase

    After obtaining the IP address or URL of the Agile Controller-Campus, the AP sends a connection request carrying the AP certificate to the Agile Controller-Campus. The Agile Controller-Campus authenticates the AP certificate first. If the authentication succeeds, it replies with a response packet carrying the CA certificate of the Agile Controller-Campus. The AP will then authenticate the CA certificate. After the bidirectional authentication succeeds, a NETCONF transmission channel is established. NETCONF establishes a transmission channel using the Secure Shell (SSH) protocol to ensure data transmission security. Therefore, the certificate authentication process of an AP is implemented based on the SSH protocol.

  3. Unified management phase on the Agile Controller-Campus

    After a NETCONF transmission channel is established, the Agile Controller-Campus can manage and operate the AP. All the data exchanged between the Agile Controller-Campus and AP will be encrypted.

Process of Switching the AP Mode and Obtaining the Agile Controller-Campus Address Through the Registration Center

In addition to the DHCP method, an AP can switch its working mode and obtain the Agile Controller-Campus address through the registration center, implementing plug-and-play. On the network shown in Figure 4-2, a registration center is deployed. The process involves the setup and interaction of two HTTP 2.0 connections. One HTTP 2.0 connection is set up between the Agile Controller-Campus and registration center to synchronize information about devices to be managed. The other is set up between the AP and registration center to to switch the AP mode and obtain the Agile Controller-Campus address.

Figure 4-2  Cloud managed network with a registration center deployed

HTTP 2.0 connection setup and interaction between the Agile Controller-Campus and registration center

On the network shown in Figure 4-3, after an administrator imports information about a new device (such as the device ESN and type) to the Agile Controller-Campus, the platform initiates an HTTP request to the registration center for uploading information. Upon receiving the request, the registration center performs HTTP 2.0 two-way authentication and set up a connection. Then the Agile Controller-Campus uploads the device ESN and Agile Controller-Campus information to the registration center.

Figure 4-3  HTTP 2.0 connection setup and interaction between the Agile Controller-Campus and registration center

HTTP 2.0 connection setup and interaction between the AP and registration center

The latest delivered APs supporting cloud management features are pre-configured with the URL (register.naas.huawei.com) and port number (10020) of the registration center. Devices in V200R007 that support cloud-based management and do not have the Huawei registration center's URL or port number preconfigured can be upgraded to the latest software version to obtain default settings. After connecting to the network shown in Figure 4-4, an AP proactively initiates an HTTP query application to the registration center. Then the AP and registration center set up an HTTP 2.0 connection through two-way authentication. When the connection is set up successfully, the AP sends query packets carrying its own ESN to the registration center. The registration center responds with the obtained ESN and the cloud management mode. Based on information in the response packet, the AP switches from traditional mode to cloud managed mode, and restarts. Then the AP sends an HTTP request to perform two-way authentication and set up an HTTP 2.0 request with the registration center. Based on the ESN, the AP obtains information about the Agile Controller-Campus and registers with the Agile Controller-Campus.

Figure 4-4  HTTP 2.0 connection setup and interaction between the AP and registration center
Translation
Download
Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 118726

Downloads: 309

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next