technology solution guide - arubanetworks.com · networks®, the registered aruba the mobile edge...

Technology Solution Guide Deploying the Janam XM66 and XG100 with Aruba Networks’ Secure Mobility Solution

H/W Version: XM66

S/W Version : ROM 1.07.00.1067 H/W Version: XG100 S/W Version : ROM WM6_XG100_OSB55508

This document describes the best practices for configuring the Janam PDA and Janam gun with Aruba’s secure mobility infrastructure.

Deploying Janam XM66 and XG100 with Aruba Networks’ Secure Mobility Solution 1

WARRANTY DISCLAIMER

THE FOLLOWING DOCUMENT, AND THE INFORMATION CONTAINED HEREIN IS PROVIDED ON

AN "AS IS" BASIS. ARUBA MAKES NO REPRESENTATIONS, WARRANTIES, CONDITIONS OR

GUARANTEES AS TO THE USEFULNESS, QUALITY, SUITABILITY, TRUTH, ACCURACY OR

COMPLETENESS OF THIS DOCUMENT AND THE INFORMATION CONTAINED IN THIS DOCUMENT.

DISCLAIMER OF LIABILITY

Aruba Networks, Inc. disclaims liability for any personal injury, property or other damages of

any nature whatsoever, whether special, indirect, consequential or compensatory, directly or

indirectly resulting from the certification program or the acts or omissions of any company or

technology that has been certified by Aruba Networks.

Certification does not mean that the company is a subcontractor or under the technical control

or direction of Aruba Networks. In conducting the certification program Aruba Networks is not

undertaking to render professional or other services for or on behalf of any person or entity.


Table of Contents Table of Contents .......................................................................................................................................... 2

Introduction .................................................................................................................................................. 3

Solution Components ................................................................................................................................... 3

Aruba Campus WLAN Solution ................................................................................................................. 3

Janam XM66 Rugged PDA......................................................................................................................... 4

Janam XG100 Rugged Gun ....................................................................................................................... 4

ArubaEdge Solution Qualification ................................................................................................................. 5

Qualification Objective ............................................................................................................................. 5

Network Topology .................................................................................................................................... 5

Test Methodology .................................................................................................................................... 6

Summary Test Results .............................................................................................................................. 6

Known Limitations ........................................................................................................................................ 7

Conclusion ..................................................................................................................................................... 7

APPENDIX A ................................................................................................................................................... 8

Configuration ............................................................................................................................................ 8

Janam XM66 Configuration and Settings ............................................................................................. 8

Janam XG100 Configuration and Settings ............................................................................................ 9

Aruba Mobility Controller Configuration and Settings ...................................................................... 10

About Aruba ........................................................................................................................................... 13

About Janam ........................................................................................................................................... 13

Product Support Information ................................................................................................................. 13


Introduction This document describes the steps and guidelines necessary to configure Aruba’s wireless LAN

infrastructure to work interoperably with Janam’s XM66 PDA and XG100 gun.

The guide is intended to be used in conjunction with Aruba and Janam configuration guides. Please

contact the respective company’s sales engineering or support groups should additional information be

required.

Solution Verified: Janam XM66 PDA

Janam XG100 Gun

Aruba Product: Aruba Wireless LAN Solution

Partner Solutions

Tested:

XM66W-1NGFBR00

ROM 1.07.00.1067

XG100W-LBGFBV00

ROM XG100_WM_ OSB55508

Solution Components

Aruba Campus WLAN Solution Secure and reliable mobility is the responsibility of the enterprise network, which must support a wide

range of converged clients over wireless, wired, and remote access networks. Laptops and smartphones

are capable of simultaneously running voice, data, and now video applications, an operating model that

breaks traditional dedicated VLAN and SSID architectures. Delivering the quality of service (QoS),

bandwidth, and management tools necessary to accommodate these devices on a grand scale – within a

campus environment, to users on the road, and in branch offices – requires a specially tailored system

design.

Aruba’s unique application and device fingerprinting enable the system to detect the types of traffic

flows, and the devices from which they originate. The network can then be dynamically conditioned to

deliver QoS - on an application-by-application, device-by-device basis - as needed to ensure highly

reliable application delivery. Aruba’s integrated policy enforcement firewall isolates applications from

one another to essentially create multiple dedicated virtual networks, and then allocates the necessary

bandwidth for each user and application.

To ensure reliable application delivery in changing RF environments, Aruba’s Adaptive Radio

Management (ARM) technology forces client devices to shift away from the noisy 2.4GHz band to the

quieter 5GHz band, adjusts radio power levels to blanket coverage areas, load balance by shifting clients


between access points, and even allocates airtime based on the capabilities of each client device. The

result is a superb user experience without any user involvement.

These services are complemented by security systems that ensure the integrity of the network. Rogue

detection, wireless intrusion and prevention, access control, remote site VPN, content security scanning,

end-to-end data encryption, and other services protect the network and users at all times.

Aruba’s extensive portfolio of campus, branch/teleworker, and mobile solutions simplify operations and

secure access to unified communications applications and services - regardless of the user's device,

location, or network. This dramatically improves productivity, lowering capital and operational costs

while providing a superior uninterrupted user experience.

Janam XM66 Rugged PDA Janam’s XM66 is a rugged mobile computer that delivers advanced barcode scanning and robust wireless

LAN communications. The PDA features a powerful processor and mobile DDR memory for rapid memory

access, fast data acquisition, and reduced power consumption. Janam’s XM Series devices are sculpted to

fit in the hand, weigh less than 10 ounces (283 grams), and have a full 3.5" (89mm) display. Built to

withstand multiple 4’ (1.2m) drops on concrete, and sealed to IP54 standards, these mobile computers are

designed to operate in the presence of environmental extremes.

Janam XG100 Rugged Gun Janam’s XG100 rugged gun-shaped mobile computer was designed for scan-intensive, extended shift

use in demanding environments. The XG100 features field-upgradeable 2D barcode scanning, secure

Wi-Fi and mobile DDR memory. Industrial-grade construction (sealed to IP64 standards and designed to

withstand multiple 6’ (1.8m) drops to concrete) enables operation in hostile operating conditions. The

battery is located in the handle, enhancing user comfort and productivity, and integrated EAS tags help

protect the asset against theft. LED tail lights provide feedback during overhead scanning, and vibrator

alerts offer positive feedback in loud environments.


Product Summary

Manufacturer Janam

Products Certified

Hardware Model Numbers XM66W-1NGFBR00 WLAN 802.11 a/b/g

XG100W-1DGDBV00 WLAN 802.11 b/g

Software Version Numbers XM66 ROM: 1.07.00.1067

XG100 ROM: XG100_WM_ OSB55508

RF Features Tested

Radio Supported Summit Data Communications SDCCF10G1

QoS Features Supported / Tested WMM capable

ArubaEdge Solution Qualification

Qualification Objective

Validate the interoperability of the Janam XM66/XG100 on Aruba’s wireless LAN infrastructure.

Network Topology

The figure below shows the reference topology used for RF interoperability testing.


Aruba Wireless LAN Settings

The following Mobility Controller settings were used for the interoperability testis:

RF settings

o Beacon interval: 100ms

o DTIM period: 3 beacon intervals

Encryption/Authentication

o The scanners support and were tested for open authentication, WPA2 Personal, and WPA2 Enterprise

o OKC was enabled in the 802.1X Authentication Profile for WPA2 Enterprise key caching

Adaptive Radio Management

o ARM, band steering, and WMM/U-APSD were all enabled

Janam XM66/XG100 Configuration and Settings

The XM66 and XG100 were configured to connect to the Mobility Controller is accordance with the

procedure shown in Appendix A.

Test Methodology Connectivity was validated for various encryption types. Inter- and intra-VLAN roaming times were

measured to ensure that real-time applications can be supported.

Summary Test Results

Test ID Test Description Test Result

5.1 Basic Connectivity tests - Sanity Check PASS

5.2.1 Open SSID Association Time PASS

5.2.2 WPA / WPA-2 PSK Association Time PASS

5.2.3 WPA / WPA-2 Enterprise Association Time PASS

5.3.1 Roaming test with WAP2-PSK PASS

5.3.2 Roaming tests with WPA2-Enterprise PMK PASS

5.3.3 Roaming tests with WPA2-Enterprise OKC PASS

5.4.1 Power save mode tests Not tested


Known Limitations EAP Type errors: When configuring profiles on the SCU that do not use EAP types, an EAP type can be

selected from the EAP Type drop-down menu. Attempting to “commit” a profile with an incorrect mix of

Encryption and EAP types results in an error.

Disabling the radio: If “Disable” is the shown on the Main tab of the SCU, changing to the Status tab and

tapping the spacebar can disable the radio.

Manual WEP configuration option: Scanning for an SSID set to “CKIP Auto” results in the configuration

option of “Manual WEP.”

User credentials request when returning to coverage area: Going out-of-range of an access point and

then returning to the coverage area will cause some devices using WPA or WPA2 with a username and

password configuration to display a pop-up box requesting the user’s credentials.

Ad hoc mode/Channel mode support issue: Ad hoc mode does not support the BG Channel Mode

setting in the Global tab.

SCU – Ad hoc connection shown before completed: When the radio mode is Ad Hoc, the SCU displays a

connection five to ten seconds before the connection is actually established. This is consistent with the

behavior of Windows Zero Config (WZC) when it is used instead of SCU.

Incorrect AP name displays: When associated using an Ad Hoc profile with SD radios (such as MSD10G

and MSD10AG), the SCU may display an incorrect AP name on the Status tab, i.e., it may use a Cisco AP

name from a legacy, infrastructure mode profile connection.

Auto profile and setMonitorMode: When using the SDK function MonitorMode do not use auto-profile

features. Instead Auto Profile should be disabled in the global settings.

pspDelay support: The pspDelay setting is not supported on the SDC-MSD10G and SDCMSD10AG

modules.

Conclusion The tests validated that Janam’s XM66 PDA and XG100 gun met the security, QoS, and connectivity

requirements necessary for interoperable operation on Aruba’s secure mobility infrastructure.

© 2011 Aruba Networks, Inc. Aruba Networks’ trademarks include ®, Aruba Networks®, Aruba Wireless

Networks®, the registered Aruba the Mobile Edge Company logo, Aruba Mobility Management System®,

Mobile Edge Architecture®, People Move. Networks Must Follow®, RFProtect®, and Green Island®. All

rights reserved. All other trademarks are the property of their respective owners.

Specifications are subject to change without notice.


APPENDIX A

Configuration

Janam XM66 Configuration and Settings

Configure radio and security settings, monitor performance and activity, and troubleshoot issues using

the Summit Client Utility (SCU).

To run the SCU:

From the Start menu, select Programs.

Select the directory called Summit

Locate the SCU icon and double-click.

To configure the radio for your wireless network:

Use the Admin Login button on the Main window to authenticate as an administrator (default

password: SUMMIT).

Create a profile on the Profile window, specifying all important parameters such as SSID,

authentication method, and encryption type.

Save the profile using the Commit button.

To connect to your wireless network, go to the Main window and select the profile that you

created.

Default settings have been carefully selected and should not be changed. For detailed set-up

and configuration please review the Summit Quick Start Guide

(http://www.summitdatacom.com/Documents/summit_quick_start_v3_03.html).

http://www.summitdatacom.com/Documents/summit_quick_start_v3_03.html


Janam XG100 Configuration and Settings

Configure radio and security settings, monitor performance and activity, and troubleshoot issues using

the Summit Client Utility (SCU).

To run the SCU:

From the Start menu, select Programs.

Select the directory called Summit

Locate the SCU icon and double-click.

To configure the radio for your wireless network:

Use the Admin Login button on the Main window to authenticate as an administrator (default

password: SUMMIT).

Create a profile on the Profile window, specifying all important parameters such as SSID,

authentication method, and encryption type.

Save the profile using the Commit button.

To connect to your wireless network, go to the Main window and select the profile that you

created.

Default settings have been carefully selected and should not be changed. For detailed set-up

and configuration please review the Summit Quick Start Guide

(http://www.summitdatacom.com/Documents/summit_quick_start_v3_03.html).

http://www.summitdatacom.com/Documents/summit_quick_start_v3_03.html


Aruba Mobility Controller Configuration and Settings

ip access-list session allowall

any any any permit

!

user-role ArubaCertOpen

access-list session allowall

!

user-role ArubaCertPSK


!

user-role ArubaCertAuth


!

aaa authentication dot1x "apse-dot1x-dot1x_prof"

termination enable

termination eap-type eap-peap

termination inner-eap-type eap-mschapv2

!

aaa authentication dot1x "apse-open-dot1x_prof"

!

aaa authentication dot1x "apse-psk-dot1x_prof"

!

aaa server-group "apse-dot1x"

!

aaa profile "apse-dot1x-aaa_prof"

authentication-dot1x "apse-dot1x-dot1x_prof"

dot1x-default-role "ArubaCertAuth"

dot1x-server-group "apse-dot1x"

!

aaa profile "apse-open-aaa_prof"

initial-role "ArubaCertOpen"

!

aaa profile "apse-psk-aaa_prof"

initial-role "ArubaCertPSK"

authentication-dot1x "apse-psk-dot1x_prof"

!

rf arm-profile "ARM_profile"

min-tx-power 18

rogue-ap-aware

voip-aware-scan

backoff-time 120

!

wlan ht-ssid-profile "apse-dot1x-htssid_prof"

!

wlan ht-ssid-profile "apse-open-htssid_prof"

!


wlan ht-ssid-profile "apse-psk-htssid_prof"

!

wlan ht-ssid-profile "Company-Name-htssid_prof"

!

wlan ht-ssid-profile "default"

!

wlan ht-ssid-profile "pauls-company-htssid_prof"

!

wlan edca-parameters-profile station "default"

!

wlan edca-parameters-profile ap "default"

!

wlan ssid-profile "apse-dot1x-ssid_prof"

essid "apse-dot1x"

opmode wpa2-aes wpa2-tkip

ht-ssid-profile "apse-dot1x-htssid_prof"

!

wlan ssid-profile "apse-open-ssid_prof"

essid "apse-open"

ht-ssid-profile "apse-open-htssid_prof"

!

wlan ssid-profile "apse-psk-ssid_prof"

essid "apse-psk"

opmode wpa2-psk-aes wpa2-psk-tkip

wpa-passphrase "arubacert1"

ht-ssid-profile "apse-psk-htssid_prof"

!

wlan virtual-ap "apse-dot1x-vap_prof"

aaa-profile "apse-dot1x-aaa_prof"

ssid-profile "apse-dot1x-ssid_prof"

vlan 1

!

wlan virtual-ap "apse-open-vap_prof"

aaa-profile "apse-open-aaa_prof"

ssid-profile "apse-open-ssid_prof"

vlan 1

!

wlan virtual-ap "apse-psk-vap_prof"

aaa-profile "apse-psk-aaa_prof"

ssid-profile "apse-psk-ssid_prof"

vlan 1

!

ap-group "apse-cert"

virtual-ap "apse-open-vap_prof"

virtual-ap "apse-psk-vap_prof"

virtual-ap "apse-dot1x-vap_prof"


ap-system-profile "apsys_prof-npl07"

!


About Aruba

Aruba is a global leader in distributed enterprise networks. Its award-winning portfolio of campus,

branch/teleworker, and mobile solutions simplify operations and secure access to all corporate

applications and services – regardless of the user’s device, location, or network. This dramatically

improves productivity and lowers capital and operational costs.

Listed on the NASDAQ and Russell 2000® Index, Aruba is based in Sunnyvale, California, and has

operations throughout the Americas, Europe, Middle East, and Asia Pacific regions. To learn more, visit

Aruba at http://www.arubanetworks.com. For real-time news updates follow Aruba on Twitter and

Facebook.

About Janam Janam Technologies LLC is a provider of rugged, handheld computing devices for mobile workers. Janam

combines deep industry knowledge with advanced technologies to deliver products and accessories that

increase productivity, reduce costs, and improve customer satisfaction. Specializing in purpose-built

mobile computers that scan barcodes and communicate wirelessly, Janam develops products for

mission-critical applications in retail, healthcare, hospitality, manufacturing, and logistics.

Product Support Information Aruba Support: http://www.arubanetworks.com/support.php

Janam Support: http://www.janam.com/service-support.php

http://www.arubanetworks.com/support.php

http://www.janam.com/service-support.php