Manuals / Motorola / Computer Equipment / Switch

Motorola WS5100 manual SNMP Trap on discovery, Authorized AP Lists, Rogue AP Report, ACLs

Models: WS5100

1 364
Download 364 pages 29.43 Kb
Page 33
Image 33
SNMP Trap on discovery

Overview 1-23

SNMP Trap on discovery

An SNMP trap is sent for each detected and Rogue AP. Rogue APs are only detected, and notification is provided via a SNMP trap.

NOTE: Wired side scanning for Rogue APs using WNMP is not supported. Similarly,

Radius lookup for approved AP is not provided.

Authorized AP Lists

The switch allows you to configure a list of authorized access ports based on their MAC addresses. The switch evaluates the APs against the configured authorized list after obtaining Rogue AP information from one of the 2 mechanisms as mentioned in Rogue AP Detection on page 1-22.

Rogue AP Report

After determining which are authorized APs and which are Rogue, the switch prepares a report.

1.2.5.11 ACLs

ACLs control access to the network through a set of rules. Each rule specifies an action taken when a packet matches the given set of rules. If the action is deny, the packet is dropped, if the action is permit, the packet is allowed, if the action is to mark, the packet is tagged for priority. The switch supports the following types of ACLs:

IP Standard ACLs

IP Extended ACLs

MAC Extended ACLs

Wireless LAN ACLs

ACLs are identified by either a number or a name (the exception being MAC extended ACLs which take only name as their identifier). Numbers are predefined for IP Standard and Extended ACLs, whereas a name can be any valid alphanumeric string not exceeding 64 characters. With numbered ACLs, the rule parameters have to be specified on the same command line along with the ACL identifier. For named ACLs, rules are configured within a separate CLI context. For information on creating an ACL, see

Configuring ACLs on page 6-16.

1.2.5.12Local Radius Server

Radius is a common authentication protocol utilized by the 802.1x wireless security standard. Radius improves the WEP encryption key standard, in conjunction with other security methods such as EAP-PEAP. The switch has one onboard Radius server. For information on configuring the switch’s resident Radius Server, see Configuring the Radius Server on page 6-62.

1.2.5.13IPSec VPN

IP Sec is a security protocol providing authentication and encryption over the Internet. Unlike SSL (which provides services at layer 4 and secures two applications), IPsec works at layer 3 and secures everything in the network. Also unlike SSL (which is typically built into the Web browser), IPsec requires a client installation. IPsec can access both Web and non-Web applications, whereas SSL requires workarounds for non-Web access such as file sharing and backup.

A VPN is used to provide secure access between two subnets separated by an unsecured network. There are two types of VPNs:

Page 32 Page 34
Page 33
Image 33
Motorola WS5100 manual SNMP Trap on discovery, Authorized AP Lists, Rogue AP Report, ACLs, 1.2.5.12Local Radius Server
Page 32 Page 34