Microsoft Word - Interoperability
Report_Aerohive_6.1r2_R1.docINTEROPERABILITY REPORT
Ascom i62
HiveOS version 6.1r2
Ascom, Gothenburg
Jan 2014
TABLE OF CONTENT: INTRODUCTION
...........................................................................................................................
3
About Ascom
............................................................................................................................
3 About Aerohive Networks
.........................................................................................................
3
SITE INFORMATION
....................................................................................................................
4 SUMMARY
....................................................................................................................................
5
General conclusion
...................................................................................................................
6 Known issues
............................................................................................................................
6
TEST CONFIGURATION
..............................................................................................................
7 Ascom WLAN Infrastructure Verification – VoWiFi
...................................................................
7
APPENDIX A: TEST CONFIGURATIONS
....................................................................................
8 Aerohive HiveManager and AP120, 121, 141, 330 and 350
Access Points. ............................ 8
ESS, Security settings.
..........................................................................................................
8 Quality of Service (QoS)
.....................................................................................................
14 Radio Configuration
............................................................................................................
16
Ascom i62
...............................................................................................................................
19 Innovaphone IP6000 (IP PBX)
................................................................................................
22
APPENDIX B: DETAILED TEST RECORDS
..............................................................................
23
Interoperability Report - Ascom i62 / Aerohive Networks 3
2014-01-10
INTRODUCTION This document describes necessary steps and guidelines
to optimally configure the Aerohive Networks solutions WLAN
platform with Ascom i62 VoWiFi handsets.
The guide should be used in conjunction with both Aerohives and
Ascoms configuration guide(s).
About Ascom
Ascom Wireless Solutions (www.ascom.com/ws) is a leading provider
of on-site wireless communications for key segments such as
hospitals, manufacturing industries, retail and hotels. More than
75,000 systems are installed at major companies all over the world.
The company offers a broad range of voice and professional
messaging solutions, creating value for customers by supporting and
optimizing their Mission-Critical processes. The solutions are
based on VoWiFi, IP-DECT, DECT, Nurse Call and paging technologies,
smartly integrated into existing enterprise systems. The company
has subsidiaries in 10 countries and 1,200 employees worldwide.
Founded in the 1950s and based in Göteborg, Sweden, Ascom Wireless
Solutions is part of the Ascom Group, listed on the Swiss Stock
Exchange.
About Aerohive Networks People want to work anywhere; on any
device, and IT needs to enable them -- without drowning in
complexity or compromising on security, performance, reliability or
cost. Aerohive's mission is to Simpli-Fi these enterprise access
networks with a cloud-enabled, self-organizing, service-aware,
identity-based infrastructure that includes innovative Wi-Fi, VPN,
branch routing and switching solutions. Aerohive was founded in
2006 and is headquartered in Sunnyvale, Calif. The company's
investors include Kleiner Perkins Caufield & Byers, Lightspeed
Venture Partners, Northern Light Venture Capital, New Enterprise
Associates, Inc. (NEA) and Institutional Venture Partners (IVP).
For more information, please visitwww.aerohive.com, call us at
408-510-6100, follow us on Twitter @Aerohive, subscribe to our
blog, join ourcommunity or become a fan on our Facebook page.
Interoperability Report - Ascom i62 / Aerohive Networks 4
2014-01-10
SITE INFORMATION
Test Site(s): Ascom US 598 Airport Blvd Suite 300 Morrisville 27560
NC Participants: Karl-Magnus Olsson, Ascom HQ, Morrisville, NC TEST
TOPOLOGY
Interoperability Report - Ascom i62 / Aerohive Networks 5
2014-01-10
SUMMARY
Please refer to Appendix B for detailed results for respective
access point. WLAN Controller Features
High Level Functionality Result
Association, Multiple ESSIDs OK
Preauthentication Not tested
PMKSA Caching OK
802.11 Power-save mode OK
Roaming
Roaming, WPA-PSK, TKIP Encryption OK
Roaming, WPA2-PSK, AES Encryption OK
Roaming, PEAP-MSCHAPv2 Auth, AES Encryption OK
Interoperability Report - Ascom i62 / Aerohive Networks 6
2014-01-10
General conclusion The result of the verified test areas, such as
authentication, association, handover and call stability test,
produced in very good results. The roaming times, both PSK and
802.1x were excellent by ranging in the interval 25 to 50m.
Performance has also been proven to be very good. In both active
and U-APSD mode it was possible to keep up 12 simultaneously calls
per AP one single access point. Keep in mind that the limitation
was available handsets and not system capacity.
Known issues
Interoperability Report - Ascom i62 / Aerohive Networks 7
2014-01-10
TEST CONFIGURATION
Aerohive HiveOS software 6.1r2 AP120/121/141/330/350 Ascom i62, v
5.1.22 (WLAN driver version 3.5.c)
Signaling Protocol: SIP, Innovaphone IP6000 used as SIP server.
Version 9 hotfix 13
Configuration of WLAN System:
Beacon Interval: 100ms DTIM Period: 5 802.11bg(n) 802.11a(n) WMM/
U-APSD Enabled (See appendix A for QoS profiles) 802.11d Regulatory
Domain: World mode
Ascom i62 Configuration:
World Mode Regulatory Domain set to World mode. IP DSCP for Voice:
0x30 (48) – Class selector 6 IP DSCP for Signaling: 0x1A (26) –
Assured Forwarding 31
Keep in mind that security options and power save modes were
adjusted according to requirements in individual test cases. Please
refer to appendix A for information regarding device
configuration.
Interoperability Report - Ascom i62 / Aerohive Networks 8
2014-01-10
APPENDIX A: TEST CONFIGURATIONS
Aerohive HiveManager and AP120, 121, 141, 330 and 350 Access
Points.
In the following chapter you will find screenshots and explanations
of basic settings in order to get the Aerohive Networks solution
operational with Ascom i62. Please note that security settings were
modified according to requirements in individual test cases. The
configuration file is found at the bottom of this chapter. ESS,
Security settings.
List of all configured SSIDs
Interoperability Report - Ascom i62 / Aerohive Networks 9
2014-01-10
WPA2 PSK (Personal)
- Select WPA/WPA2 PSK (Personal) - Select WPA2-PSK and CCMP and Key
Management and Encryption Method - Key can be entered in HEX or in
ASCII format. Example shows a key entered in ASCII format.
Interoperability Report - Ascom i62 / Aerohive Networks 10
2014-01-10
WPA2 802.1X (Enterprise)
- Select WPA/WPA2 802.1X (Enterprise) - Select WPA2-802.1X and CCMP
and Key Management and Encryption Method - Make sure Enable
Proactive PMK ID response is checked.
Interoperability Report - Ascom i62 / Aerohive Networks 11
2014-01-10
WPA2 802.1X (Enterprise) – RADIUS configuration
- Configure the IP Address to the Radius server - Type in the
“secret” that corresponds to the secret configured in the Radius
server.
Data rate configuration. (Same for all encryption methods)
- To improve the performance in the wireless system it is
recommended to disable the lowest data rates.
Interoperability Report - Ascom i62 / Aerohive Networks 12
2014-01-10
Advanced SSID settings (Same for all encryption methods)
- Set the DTIM settings to 5. DTIM value 5 is recommended in order
to allow maximum battery conservation without impacting the
quality. A lower value is possible but will negatively impact the
standby time.
- Make sure Enable WMM is checked. - Make sure Enable Unscheduled
Automatic Power Save Delivery is checked. U-APSD is not
mandatory but is highly recommended as it will significantly
increase the talk time.
Interoperability Report - Ascom i62 / Aerohive Networks 13
2014-01-10
User Profile.
- Use the default Rate Control & Queuing Policy. See section
QoS for details.
Interoperability Report - Ascom i62 / Aerohive Networks 14
2014-01-10
Quality of Service (QoS)
Classifier Maps
- Create classifier map according to the screenshot and enable
DiffServ and 802.11e
Interoperability Report - Ascom i62 / Aerohive Networks 15
2014-01-10
Marker Maps
- Create a Marker Map. Note that these are the system default
values.
Rate Control & Queuing
- Make sure that the system default values look as per above.
Interoperability Report - Ascom i62 / Aerohive Networks 16
2014-01-10
Radio Configuration
Radio Profiles. (5Ghz)
- Example shows the default profile radio_na0 - Channel with is set
to 20Mhz but 40Mhz has also been verified. - Make sure the beacon
period is set to 100TU
Interoperability Report - Ascom i62 / Aerohive Networks 17
2014-01-10
Radio Profiles. (2.4Ghz)
- Example shows the default profile radio_ng0 - Channel with is set
to 20Mhz. 40Mhz channel width is not recommended on the 2.4Ghz
band. - Make sure the beacon period is set to 100TU
Interoperability Report - Ascom i62 / Aerohive Networks 18
2014-01-10
Configuration of access points
- Radio profiles used is the default (radio_na0 and radio_ng0). See
earlier steps for configuration of the radio profiles.
- In the example channel has been set manually for each access
point (for testing). Note. 1. Enabling more than 8 channels will
degrade roaming performance. Ascom strongly recommends against
going above this limit. 2. Using 40 MHz channels (or
“channel-bonding”) will reduce the number of non-DFS* channels to
two in ETSI regions (Europe). In FCC regions (North America), 40MHz
is a more viable option because of the availability of additional
non-DFS channels. The handset can co-exist with 40MHz stations in
the same ESS. 3. Make sure that all non-DFS channel are taken
before resorting to DFS channels. The handset can cope in mixed
non-DFS and DFS environments; however, due to “unpredictability”
introduced by radar detection protocols, voice quality may become
distorted and roaming delayed. Hence Ascom recommends avoiding the
use of DFS channels in VoWIFI deployments. *) Dynamic Frequency
Selection (radar detection)
Interoperability Report - Ascom i62 / Aerohive Networks 19
2014-01-10
Aerohive configuration files: See attached file (Ap120 running
config.txt , Ap121 running config.txt , Ap330 running config.txt)
for configuration.
Interoperability Report - Ascom i62 / Aerohive Networks 20
2014-01-10
Ascom i62
Ascom i62 Network configurations (WPA2-PSK)
- Set IP DSCP for voice to 0x30 (48) – CS6 to match default
mappings in the Aerohive system.
Interoperability Report - Ascom i62 / Aerohive Networks 21
2014-01-10
i62 network settings for 802.1X authentication
(PEAP-MSCHAPv2)
- Set IP DSCP for voice to 0x30 (48) – CS6 to match default
mappings in the Aerohive system.
If 802.1X Authentication is used a root certificate has to be
uploaded to the phone by “right clicking” - > Edit certificates.
Note that both a root and a client certificate are needed for TLS.
Otherwise only a root certificate is needed. Server certificate
validation can be overridden in version 4.1.12 and above per
handset setting (Validate server certificate).
Interoperability Report - Ascom i62 / Aerohive Networks 22
2014-01-10
Innovaphone IP6000 (IP PBX) The Innovaphone IP6000 was configured
with a static IP address of 172.20.106.113. Signaling is less
relevant here since testing homes in on interoperability in
relation to the WLAN infrastructure and not features of the IP PBX.
IP6000 configuration: See attached file
(complete-IP6000-08-03-a6.txt) for configuration.
Interoperability Report - Ascom i62 / Aerohive Networks 23
2014-01-10
APPENDIX B: DETAILED TEST RECORDS VoWIFI Pass 13 Fail 0 Comments 0
Untested 21 Total 34 See attached file
(WLANinteroperabilityTestReport_Aerohive.xls) for detailed test
results. MISCELLANEOUS Please refer to the test specification for
WLAN systems on Ascom’s interoperability web page for explicit
information regarding each test case. See URL (requires login):
https://www.ascom-ws.com/AscomPartnerWeb/en/startpage/Sales-tools/Interoperability
Interoperability Report - Ascom i62 / Aerohive Networks 24
2014-01-10
Document History Rev Date Author Description PA 2013-12-16 SEKMO
Initial draft R1 2014-01-07 SEKMO Minor corrections. Revision
R1
security mac-filter Ascom_intop default permit security mac-filter
CompTest80211AH default permit security mac-filter
CompTest80211AH1X default permit security-object CompTest80211AH
security-object CompTest80211AH security protocol-suite
wpa2-aes-psk ascii-key *** security-object CompTest80211AH
default-user-profile-attr 1 security-object CompTest80211AH1X
security-object CompTest80211AH1X security aaa radius-server
primary 172.20.106.113 shared-secret *** security-object
CompTest80211AH1X security aaa radius-server accounting primary
172.20.106.113 shared-secret *** security-object CompTest80211AH1X
security protocol-suite wpa2-aes-8021x roaming
proactive-pmkid-response ptk-rekey-period 30 security-object
CompTest80211AH1X default-user-profile-attr 1 ssid CompTest80211AH
ssid CompTest80211AH security-object CompTest80211AH ssid
CompTest80211AH security mac-filter CompTest80211AH ssid
CompTest80211AH dtim-period 5 ssid CompTest80211AH 11g-rate-set
11-basic 12 18 24 36 48 54 ssid CompTest80211AH uapsd ssid
CompTest80211AH1X ssid CompTest80211AH1X security-object
CompTest80211AH1X ssid CompTest80211AH1X security mac-filter
CompTest80211AH1X ssid CompTest80211AH1X dtim-period 5 ssid
CompTest80211AH1X 11g-rate-set 11-basic 12 18 24 36 48 54 ssid
CompTest80211AH1X uapsd hive Ascom_intop hive Ascom_intop security
mac-filter Ascom_intop hive Ascom_intop password *** interface
wifi0 radio channel 1 interface wifi0 radio power 13 interface
wifi1 mode access interface wifi1 radio channel 36 interface wifi1
radio power 13 interface mgt0 hive Ascom_intop interface wifi0 ssid
CompTest80211AH interface wifi1 ssid CompTest80211AH interface
wifi0 ssid CompTest80211AH1X interface wifi1 ssid CompTest80211AH1X
hostname AP120_1_US admin root-admin admin password *** dns
server-ip 172.20.96.20 ntp server hm-emea-002.aerohive.com clock
time-zone 1 clock time-zone daylight-saving-time 03-31 01:59:59
10-27 02:59:59 config version 24 config rollback enable snmp
location US_LAB@ no os-detection method dhcp-option55 os-detection
method user-agent capwap client server name
hm-emea-002.aerohive.com capwap client dtls hm-defined-passphrase
*** key-id 1 capwap client vhm-name Ascominterop no capwap client
dtls negotiation enable qos classifier-profile eth0 diffserv qos
classifier-profile US-SSID1 diffserv qos classifier-profile
US-SSID2 diffserv interface eth0 qos-classifier eth0 ssid
CompTest80211AH qos-classifier US-SSID1 ssid CompTest80211AH1X
qos-classifier US-SSID2 user-profile INTOP qos-policy def-user-qos
vlan-id 1 attribute 1 no bonjour-gateway enable application
reporting auto
WLAN TR
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
PASS
PASS
PASS
PASS
PASS
PASS
#105
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
PASS
PASS
PASS
PASS
PASS
PASS
#110
PASS
PASS
PASS
PASS
PASS
PASS
FreeRadius
FAIL
#111
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
See Comment
PASS
PASS
PASS
PASS
PASS
PASS
PASS
#150
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
#401
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
PASS
PASS
PASS
PASS
PASS
PASS
802.11bgn: 52ms 802.11an: 48ms, 802.11bgn:47 ms 802.11an: 26ms ,
802.11bgn:28 ms 802.11an: 27ms
#408
PASS
PASS
PASS
PASS
PASS
PASS
802.11bgn: 28ms 802.11an: 25ms , 802.11bgn:31 ms 802.11an: 37ms,
802.11bgn:49 ms 802.11an: 34ms
#409
#410
PASS
PASS
PASS
PASS
PASS
PASS
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
NOT TESTED
PASS
PASS
PASS
PASS
PASS
PASS
24h+
security mac-filter Ascom_intop default permit security mac-filter
CompTest80211AH default permit security mac-filter
CompTest80211AH1X default permit security-object CompTest80211AH
security-object CompTest80211AH security protocol-suite
wpa2-aes-psk ascii-key *** security-object CompTest80211AH
default-user-profile-attr 1 security-object CompTest80211AH1X
security-object CompTest80211AH1X security aaa radius-server
primary 172.20.106.113 shared-secret *** security-object
CompTest80211AH1X security aaa radius-server accounting primary
172.20.106.113 shared-secret *** security-object CompTest80211AH1X
security protocol-suite wpa2-aes-8021x roaming
proactive-pmkid-response ptk-rekey-period 30 security-object
CompTest80211AH1X default-user-profile-attr 1 ssid CompTest80211AH
ssid CompTest80211AH security-object CompTest80211AH ssid
CompTest80211AH security mac-filter CompTest80211AH ssid
CompTest80211AH dtim-period 5 ssid CompTest80211AH 11g-rate-set
11-basic 12 18 24 36 48 54 ssid CompTest80211AH uapsd ssid
CompTest80211AH1X ssid CompTest80211AH1X security-object
CompTest80211AH1X ssid CompTest80211AH1X security mac-filter
CompTest80211AH1X ssid CompTest80211AH1X dtim-period 5 ssid
CompTest80211AH1X 11g-rate-set 11-basic 12 18 24 36 48 54 ssid
CompTest80211AH1X uapsd hive Ascom_intop hive Ascom_intop security
mac-filter Ascom_intop hive Ascom_intop password *** interface
wifi0 radio channel 6 interface wifi0 radio power 12 interface
wifi1 mode access interface wifi1 radio channel 44 interface wifi1
radio power 12 interface mgt0 hive Ascom_intop interface wifi0 ssid
CompTest80211AH interface wifi0 ssid CompTest80211AH1X interface
wifi1 ssid CompTest80211AH interface wifi1 ssid CompTest80211AH1X
hostname AP121_1_US admin root-admin admin password *** dns
server-ip 172.20.96.20 ntp server hm-emea-002.aerohive.com clock
time-zone 1 clock time-zone daylight-saving-time 03-31 01:59:59
10-27 02:59:59 config version 10 config rollback enable snmp
location "US LAB@" no os-detection method dhcp-option55
os-detection method user-agent capwap client server name
hm-emea-002.aerohive.com capwap client dtls hm-defined-passphrase
*** key-id 1 capwap client vhm-name Ascominterop no capwap client
dtls negotiation enable qos classifier-profile eth0 diffserv qos
classifier-profile US-SSID1 diffserv qos classifier-profile
US-SSID2 diffserv interface eth0 qos-classifier eth0 ssid
CompTest80211AH qos-classifier US-SSID1 ssid CompTest80211AH1X
qos-classifier US-SSID2 user-profile INTOP qos-policy def-user-qos
vlan-id 1 attribute 1 no bonjour-gateway enable application
reporting auto
security mac-filter Ascom_intop default permit security mac-filter
CompTest80211AH default permit security mac-filter
CompTest80211AH1X default permit security-object CompTest80211AH
security-object CompTest80211AH security protocol-suite
wpa2-aes-psk ascii-key *** security-object CompTest80211AH
default-user-profile-attr 1 security-object CompTest80211AH1X
security-object CompTest80211AH1X security aaa radius-server
primary 172.20.106.113 shared-secret *** security-object
CompTest80211AH1X security aaa radius-server accounting primary
172.20.106.113 shared-secret *** security-object CompTest80211AH1X
security protocol-suite wpa2-aes-8021x roaming
proactive-pmkid-response ptk-rekey-period 30 security-object
CompTest80211AH1X default-user-profile-attr 1 ssid CompTest80211AH
ssid CompTest80211AH security-object CompTest80211AH ssid
CompTest80211AH security mac-filter CompTest80211AH ssid
CompTest80211AH dtim-period 5 ssid CompTest80211AH 11g-rate-set
11-basic 12 18 24 36 48 54 ssid CompTest80211AH uapsd ssid
CompTest80211AH1X ssid CompTest80211AH1X security-object
CompTest80211AH1X ssid CompTest80211AH1X security mac-filter
CompTest80211AH1X ssid CompTest80211AH1X dtim-period 5 ssid
CompTest80211AH1X 11g-rate-set 11-basic 12 18 24 36 48 54 ssid
CompTest80211AH1X uapsd hive Ascom_intop hive Ascom_intop security
mac-filter Ascom_intop hive Ascom_intop password *** interface
wifi0 radio channel 1 interface wifi0 radio power 13 interface
wifi1 mode access interface wifi1 radio channel 36 interface wifi1
radio power 13 interface mgt0 hive Ascom_intop interface wifi0 ssid
CompTest80211AH interface wifi1 ssid CompTest80211AH interface
wifi0 ssid CompTest80211AH1X interface wifi1 ssid CompTest80211AH1X
hostname AP330_1_US admin root-admin admin password *** dns
server-ip 172.20.96.20 ntp server hm-emea-002.aerohive.com clock
time-zone 1 clock time-zone daylight-saving-time 03-31 01:59:59
10-27 02:59:59 config version 5 config rollback enable snmp
location SupportLab@ no os-detection method dhcp-option55
os-detection method user-agent capwap client server name
hm-emea-002.aerohive.com capwap client dtls hm-defined-passphrase
*** key-id 1 capwap client vhm-name Ascominterop no capwap client
dtls negotiation enable qos classifier-profile eth0 diffserv qos
classifier-profile US-SSID1 diffserv qos classifier-profile eth1
diffserv qos classifier-profile red0 diffserv qos
classifier-profile agg0 diffserv qos classifier-profile US-SSID2
diffserv interface eth1 qos-classifier eth1 interface eth0
qos-classifier eth0 ssid CompTest80211AH qos-classifier US-SSID1
ssid CompTest80211AH1X qos-classifier US-SSID2 user-profile INTOP
qos-policy def-user-qos vlan-id 1 attribute 1 no bonjour-gateway
enable application reporting auto