Overriding a profile’s network configuration – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 142
130
Brocade Mobility RFS Controller System Reference Guide
53-1003099-01
5
8. Define the following Connection settings for the PPPoE point-to-point connection with the
PPPoE client:
9. Set the Network Address Translation (NAT) direction for the PPPoE configuration.
Network Address Translation (NAT) converts an IP address in one network to a different IP
address or set of IP addresses in another network. The access point router maps its local
(Inside) network addresses to WAN (Outside) IP addresses, and translates the WAN IP
addresses on incoming packets to local IP addresses. NAT is useful because it allows the
authentication of incoming and outgoing requests, and minimizes the number of WAN IP
addresses needed when a range of local IP addresses is mapped to each WAN IP address. The
default setting is None (neither inside or outside).
10. Define the following Security Settings for the PPPoE configuration:
11. Use the spinner control to set the Default Route Priority for the default route obtained using
PPPoE.
Select from 1 - 8,000. The default setting is 2,000.
12. Select OK to save the changes to the PPPoE screen. Select Reset to revert to the last saved
configuration. Saved configurations are persistent across reloads.
Overriding a Profile’s Network Configuration
Setting a profile’s network configuration is a large task comprised of numerous administration
activities. Each of the activities described below can have an override applied to the original profile
configuration. Applying an override removes the device from the profile configuration that may be
shared by other devices and requires careful administration to ensure this one device still supports
the deployment requirements within the managed network.
A profile’s network configuration process consists of the following:
Password
Provide the 64 character maximum password used for authentication by the PPPoE client.
Authentication Type
Use the drop-down menu to specify the authentication type used by the PPPoE client, and
whose credentials must be shared by its peer access point. Supported authentication options
include None, PAP, CHAP, MSCHAP, and MSCHAP-v2.
Maximum Transmission
Unit (MTU)
Set the PPPoE client maximum transmission unit (MTU) from 500 - 1,492. The MTU is the
largest physical packet size in bytes a network can transmit. Any messages larger than the
MTU are divided into smaller packets before being sent. A PPPoE client should be able to
maintain its point-to-point connection for this defined MTU size. The default MTU is 1,492.
Client Idle Timeout
Set a timeout in either Seconds (1 - 65,535), Minutes (1 - 1,093) or Hours. The Access Point
uses the defined timeout so it does not sit idle waiting for input from the PPPoE client and
server that may never come. The default setting is 10 minutes.
Keep Alive
Select this option to ensure the point-to-point connect to the PPPoE client is continuously
maintained and not timed out. This setting is disabled by default.
Inbound IP Firewall
Rules
Use the drop-down menu to select a firewall (set of IP access connection rules) to apply to the PPPoE
client connection. If a firewall rule does not exist suiting the data protection needs of the PPPoE client
connection, select the
Create
icon to define a new rule configuration or the
Edit
icon to modify an
existing rule. For more information, see
.
VPN Crypto Map
Use the drop-down menu to apply an existing crypt map configuration to this PPPoE interface.