VLAN Switch ports must be tagged ports that match the VLAN ID on the Access Point. Associated client VLAN IDs will appear in the Syslog file in ASCII Decimal format.
When VLAN filtering is enabled, the access point queries the server for the VLAN IDs of associating clients and saves the VLAN IDs. If a client does not have a VLAN ID, the access point assigns its own native VLAN ID to that client.
To enable VLAN filtering, enter a VLAN ID (a number between 1 and 4095) in the Native VLAN ID field and select VLAN Enable.
When VLAN filtering is disabled, the access point ignores
SECURITY FILTERS
These options allow you to block communication among wireless clients
o
o
Local Bridge
AP Management
CLIENT LIST TIMEOUT
This option sets the timeout for inactive clients to be disassociated and removed from the associated client list. The interval can be set to 1, 5, 10, 30 or 60 minutes (default is 30 minutes).
UPLINK PORT MAC ADDRESS FILTERING
This feature allows associated wireless clients to communicate only with specific selected MAC addresses on a sub net. By only allowing clients to communicate with a few specific servers such as DHCP server, a Gateway, or a local web server, clients are blocked from communicating with other clients on the local sub net, but are still allowed (via the gateway) to communicate with severs on the Internet. Note: In most cases client to client blocking should also be enabled as the Uplink Filter only works on packets coming into the AP from its Ethernet (uplink) port.
For security reasons it is desirable to block client to client communications for wireless clients associated with an Access Point (AP). It is also desirable to block client to client communications between clients associated with different AP’s on the local sub net. For instance an airport may have several AP’s to service several "hot spots" within
36
