Networking

How to quickly deploy Riverbed's Xirrus wireless solution

Many organizations are are turning to cloud-based wireless systems similar to Cisco's Meraki. Here's how to quickly deploy the Xirrus wireless solution from Riverbed.

It's becoming more common these days to see networking solutions moving to the cloud. In the past, I've written about Riverbed's SteelConnect SD-WAN solution which features a cloud-hosted management interface. Many other solutions exist in the SD-WAN and wireless spaces. We've seen Cisco's Meraki solution which provides a similar user experience. Riverbed has recently acquired Xirrus Wireless Networks and now offers the same type of solution. Currently the cloud-based management interface is not integrated into the SteelConnect Manager, but in time it should be. If you already have wireless AP's as part of the SteelConnect solution they operate independent of the Xirrus APs and they are configured in two different places.

SEE: Network security policy (Tech Pro Research)

Ease of use

What really impresses me with the Xirrus solution is its ease of use. When Riverbed provisioned my management interface, I received an email with login information. Initial login presented me with a pretty empty interface. As you can see in the initial screenshot below there are 2 AP's that are registered to my account, however they are not up.

2017-12-0107-50-02.png

Getting your AP's registered is as simple as connecting them to a network where they can obtain DHCP and reach the controller. I've now connected both of my APs and they appear in the management interface.

2017-12-0511-46-23.png

Clicking on the box takes you into more details on the two AP's that are registered.

2017-12-0511-47-52.png

Since nothing special has happened yet, we should next create a wireless network that clients can attach to.

SEE: Wireless networking policy (Tech Pro Research)

Creating a wireless network

To begin, we need to create a profile. Start by clicking on profiles and then select the "New Profile" button.

create-profile.png

Next, give the profile a name. In this case we will call the profile Corp1.

2017-12-0113-19-57.png

Once you've created the profile you are presented with a page that has three configuration tabs:

  • Configuration
  • Access Points
  • Clients

We will tour those areas later on. For now, we should configure our Locale information. This includes our country and time zone as seen below.

2017-12-0113-20-06.png

Next, click on SSIDs and then on New SSID.

2017-12-0113-20-23.png

As you can see we've set the SSID value to Xirrus1 and the band to support 2.4GHz and 5GHz. The Encryption/Authentication defaults to None/Open, and we've enabled the SSID. We'd like to broadcast this one so that option has been enabled. We are providing no access-control.

Next lets get some encryption setup. Using the dropdown select WPA2.

2017-12-0113-20-45.png

A new window appears to configure the settings.

encryption.png

Select your encryption method. We are choosing the recommendation of AES.

Next click the authentication tab.

2017-12-0113-21-49.png

Here you can define the Pre-shared Key for the connection. Click Save.

Next, select the Network tab. This is where you need to decide what you want to do in terms of IP addressing and DNS. I've left these at the default value.

2017-12-0113-22-36.png

Next, select Policies. You can define Global policies, SSID's policies and so on. I'm not going to make any changes here because I simply want to get the wireless network running as quickly as possible. I'll add policies later.

2017-12-0113-22-48.png

Next, select Bonjour Director. This is a neat service. In the Apple world, services are announced using Boujour. This works great if you are on the same VLAN. But if you want to, say, Airplay to an AppleTV in the conference room but you are on the Employee VLAN, you're going to have problems. This option fixes that.

2017-12-0113-22-54.png

Finally set your administrator info. You can click Save All to save your changes.

2017-12-0113-23-00.png

Adding an access point

Now we need to add an access-point and attach it to a profile. Click the Access Point tab and Add Access Points.

2017-12-0113-23-14.png

Select the Access Points on the left and add them to the Corp1 Profile. Then click Add Access Points.

2017-12-0113-23-40.png

You'll note that the APs are being configured at this time.

2017-12-0113-25-13.png

Once configured the AP's will show Activated.

2017-12-0113-30-16.png

Testing connectivity

At this point in the configuration, you should be able to connect a client. Now that a client is connected, we can click the Clients tab and view the connected client.

2017-12-0113-30-30.png

Our clients also show ip on our dashboard.

2017-12-0113-30-43.png

And of course you want to test connectivity from the client. In the screenshots below I used an application called Net Analyzer to view my network settings and test connectivity.

attachment-1.png

Additional features

There are several other features that can be enabled within the solution. Guest access portals are easily created. Integration with a AAA server is also there as well. I think as the solution matures and integrates with the SteelConnect solution, it will be a strong competitor against the Meraki solution. Since Cisco has acquired Viptela it seems natural that these two companies are well-pitted against each other in the SD-WAN and wireless space. Of course, Cisco isn't the only competitor. Riverbed's agility and ease of use make it one of my favorites in the space and warrant a strong look by anyone shopping the market for a new solution.

Also see:

About Brandon Carroll

Brandon Carroll has been in the industry since the late 90s specializing in data networking and network security in the enterprise and data center. Brandon holds the CCIE in security and is a published author in network security.

Editor's Picks

Free Newsletters, In your Inbox