Advanced Configuration

AP-700 User Guide

SSID/VLAN/Security

Typical User VLAN Configurations

VLANs segment network traffic into workgroups, which enable you to limit broadcast and multicast traffic. Workgroups enable clients from different VLANs to access different resources using the same network infrastructure. Clients using the same physical network are limited to those resources available to their workgroup.

The AP can segment users into a maximum of 16 different workgroups per radio, based on an SSID/VLAN grouping (also referred as a VLAN Workgroup or a Sub-network).

The primary scenarios for using VLAN workgroups are as follows:

1.VLAN disabled: Your network does not use VLANs, and you cannot configure the AP to use multiple SSIDs.

2.VLAN enabled, each VLAN workgroup uses a different VLAN ID Tag.

3.VLAN enabled, a mixture of Tagged and Untagged workgroups exist.

4.VLAN enabled, all VLANs untagged: VLAN is enabled in order to use SSID. (Note that typical use of SSIDs assumes actual use of VLANs.)

NOTE: VLAN must be enabled to configure security per SSID.

Management VLAN

Figure 4-37 Mgmt VLAN

VLAN Tagging Management

Control Access to the AP

Management access to the AP can easily be secured by making management stations or hosts and the AP itself members of a common VLAN. Simply configure a non-zero management VLAN ID and enable VLAN to restrict management of the AP to members of the same VLAN.

CAUTION: If a non-zero management VLAN ID is configured then management access to the AP is restricted to wired or wireless hosts that are members of the same VLAN. Ensure your management platform or host is a member of the same VLAN before attempting to manage the AP.

1.Click Configure > SSID/VLAN/Security > Mgmt VLAN.

2.Set the VLAN Management ID to a value of between 1 and 4094. (A value of -1 disables VLAN Tagging).

105

Page 105
Image 105
Proxim AP-700 manual Management Vlan, Typical User Vlan Configurations, Control Access to the AP, 105