Advanced Configuration AP-700 User Guide
SSID/VLAN/Security
105
Typical User VLAN Configurations
VLANs segment network traffic into workgroups, which enable you to limit broadcast and multicast traffic. Workgroups
enable clients from different VLANs to access different resources using the same network infrastructure. Clients using the
same physical network are limited to those resources available to their workgroup.
The AP can segment users into a maximum of 16 different workgroups per radio, based on an SSID/VLAN grouping (also
referred as a VLAN Workgroup or a Sub-network).
The primary scenarios for using VLAN workgroups are as follows:
1. VLAN disabled: Your network does not use VLANs, and you cannot configure the AP to use multiple SSIDs.
2. VLAN enabled, each VLAN workgroup uses a different VLAN ID Tag.
3. VLAN enabled, a mixture of Tagged and Untagged workgroups exist.
4. VLAN enabled, all VLANs untagged: VLAN is enabled in order to use SSID. (Note that typical use of SSIDs assumes
actual use of VLANs.)
NOTE: VLAN must be enabled to configure security per SSID.
Management VLANFigure 4-37 Mgmt VLAN
VLAN Tagging Management
Control Access to the AP
Management access to the AP can easily be secured by making management stations or hosts and the AP itself
members of a common VLAN. Simply configure a non-zero management VLAN ID and enable VLAN to restrict
management of the AP to members of the same VLAN.
CAUTION: If a non-zero management VLAN ID is configured then management access to the AP is re stricted to wired
or wireless hosts that are members of the same VLAN. Ensure your management platform or host is a
member of the same VLAN before attempting to manage the AP.
1. Click Configure > SSID/VLAN/Security > Mgmt VLAN.
2. Set the VLAN Management ID to a value of between 1 and 4094. (A value of -1 disables VLAN Tagging).