Chapter 4 Configuring VLANs

VLAN Security Policy

Single VLAN ID which allows Unencrypted packets

Identifies the number of the VLAN on which unencrypted packets can pass between the access point and the switch. This setting is configurable.

Optionally allow Encrypted packets on the unencrypted VLAN

Determines whether the access point passes encrypted packets on an unencrypted VLAN. This setting permits a client device to associate to the access point allowing both WEP and non-WEP associations.

VLAN ID

A unique number that identifies a VLAN. This number must match VLANs set on the switch. The setting is configured by the user.

VLAN Name

A unique name for a VLAN configured on the access point. This setting is configured by the user. The VLAN name is for information only and is not used by the switch or access point as a parameter for determining the destination of data.

Existing VLANs

A list of successfully configured VLANs on the access point. As the user configures VLANs, they appear in this list by ID number and name. From this list, you can edit or remove a VLAN.

VLAN Security Policy

You can define a security policy for each VLAN on the access point. This enables you to define the appropriate restrictions for each VLAN you configure. The following parameters can be configured on the radio’s Internal SSID page:

SSID Name—a unique name for each wireless VLAN

Maximum number of associations—ability to limit maximum number of wireless clients per SSID

Default VLAN ID—VLAN ID mapping on the wired side

Policy Group ID—The identification number of the applicable policy group.

Accept Authentication types—Open, Shared, and Network-EAP

Require EAP: —Under Open, Shared, and Network-EAP

Default Unicast Address Filter—Allowed or Disallowed under Open, Shared, and Network-EAP

MAC authentication—Under Open, Shared, and Network-EAP when the Default Unicast Address Filter setting is Disallowed

The following parameters can be configured on the VLAN ID page:

VLAN Name—The unique name for the VLAN

VLAN Enable—Enables or disables this VLAN

Default Priority—Ability to apply default CoS for each VLAN

Cisco Aironet 1200 Series Access Point Software Configuration Guide

4-4

OL-2159-05

 

 

Page 70
Image 70
Cisco Systems DL-2159-05 Vlan Security Policy, Single Vlan ID which allows Unencrypted packets, Vlan Name, Existing VLANs