3Com WL-450, WL-463 manual Security Filters, Client List Timeout, Uplink Port MAC Address Filtering

Page 36

VLAN Switch ports must be tagged ports that match the VLAN ID on the Access Point. Associated client VLAN IDs will appear in the Syslog file in ASCII Decimal format.

When VLAN filtering is enabled, the access point queries the server for the VLAN IDs of associating clients and saves the VLAN IDs. If a client does not have a VLAN ID, the access point assigns its own native VLAN ID to that client.

To enable VLAN filtering, enter a VLAN ID (a number between 1 and 4095) in the Native VLAN ID field and select VLAN Enable.

When VLAN filtering is disabled, the access point ignores VLAN-tagged frames.

SECURITY FILTERS

These options allow you to block communication among wireless clients (client-to-client blocking) and prevent wireless clients from performing access point administration.

o

o

Local Bridge Filter—Enable this filter to prevent direct communication between wireless clients, creating a more secure wireless network.

AP Management Filter—Enable this filter to prevent wireless clients from accessing the access point for management; for example through TELNET or SNMP.

CLIENT LIST TIMEOUT

This option sets the timeout for inactive clients to be disassociated and removed from the associated client list. The interval can be set to 1, 5, 10, 30 or 60 minutes (default is 30 minutes).

UPLINK PORT MAC ADDRESS FILTERING

This feature allows associated wireless clients to communicate only with specific selected MAC addresses on a sub net. By only allowing clients to communicate with a few specific servers such as DHCP server, a Gateway, or a local web server, clients are blocked from communicating with other clients on the local sub net, but are still allowed (via the gateway) to communicate with severs on the Internet. Note: In most cases client to client blocking should also be enabled as the Uplink Filter only works on packets coming into the AP from its Ethernet (uplink) port.

For security reasons it is desirable to block client to client communications for wireless clients associated with an Access Point (AP). It is also desirable to block client to client communications between clients associated with different AP’s on the local sub net. For instance an airport may have several AP’s to service several "hot spots" within

36

Image 36
Contents Wireless LAN Access Points 8250/8500/8750 3Com Corporation 350 Campus Drive Marlborough, MA Contents System Configuration Regulatory Compliance Information Index Product Features IntroductionSecurity Performance and ReliabilityManageability Wireless Network Standards FAR-REACHING 802.11GHIGH-PERFORMANCE 802.11A Network Configuration and Planning AD HOC Wireless LANInfrastructure Wireless LAN Infrastructure Wireless LAN for Roaming Wireless PCSTerminology Page Installing the Access Point Installation RequirementsPower Requirements Safety InformationPage Connecting the Standard Antennas Before YOU BeginConnecting Power Using the Power Supply Using a POWER-OVER-ETHERNET LAN Port Checking the LedsMounting on a Wall Plastic anchors and 3 screws Flat Surface Installation Selecting and Connecting a Different Antenna Model Back Power Settings on the Access Point for External Antennas Installing Software UtilitiesPage Using the 3COM Wireless Device Manager Launching a Wireless Device ConfigurationClick Configure Configuration Login Setting the Country CodeUsing the PRE-IP Configuration Wizard Basic Setup Advanced Setup IdentificationDhcp Client Radius Secure WEB Server ConnectionAuthentication Page Field Default Description Filter Control Filtering by VlanClient List Timeout Security FiltersUplink Port MAC Address Filtering Snmp Filtering by Ethernet Protocol TypeAdministration System LOG Radio Settings StatusRadio Interface Page Security Configuring Authentication Configuring EncryptionWPA Configuration WEP Configuration HOW to Setup the Access Point for Radius Authentiction Select Advanced SetupSelect Advanced Setup HOW to Setup the Access Point for WPA with PRE-SHAREDPSK KEYWPA Configuration for Windows XP WEPWPA-PSK AES Troubleshooting Click Configure Client service area to match Where to GO for Help Troubleshoot Online Obtaining Support for Your ProductAccess Software Downloads Contact US Telephone Technical Support and RepairCountry Telephone Number North America Telephone Regulatory Compliance Information Industry Canada IC Emissions Compliance Statement Additional Country Restrictions WL-463, 802.11g Radio Module Safety Compliance Notice Index Radius TCP/IP