Lancom Systems LS61367 Benutzerhandbuch
LANCOM WLC-4006
Scope of features: as of LCOS version 7.8x
WLAN profile settings*
Radio channels 2.4 GHz
Up to 13 channels, max. 3 non- overlapping (2.4 GHz band)
Radio channels 5 GHz
Up to 26 non- overlapping channels (available channels and further obligations such as automatic DFS2 dynamic channel
selection depending on national regulation)
selection depending on national regulation)
Roaming
Seamless handover between radio cells, IAPP support with optional restriction to an ARF context, IEEE 802.11d support
VLAN
VLAN ID definable per interface, WLAN SSID, point- to- point connection and routing context (4094 IDs)
Multi- SSID
Simultaneous use of up to 8 independent WLAN networks per WLAN interface
Security
IEEE 802.11i / WPA2 with passphrase or 802.1x and hardware- accelerated AES, closed network, WEP64, WEP128, WEP152,
802.1x /EAP
802.1x /EAP
Quality of Service
Prioritization according to Wireless Multimedia Extensions (WME, subset of IEEE 802.11e)
Background scanning
Detection of rogue AP's and the channel information for all WLAN channels during normal AP operation.
The Background Scan Time Interval defines the time slots in which an AP or Router searches for a foreign WLAN network in its
vicinity. The time interval can be specified in either milliseconds, seconds, minutes, hours or days
vicinity. The time interval can be specified in either milliseconds, seconds, minutes, hours or days
Client detection
Rogue WLAN client detection based on probe requests
WLAN operating modes
WLAN access point in infrastructure mode
*) Note
Depends on the access points in operation
WLAN operating modes
WLAN access point
Infrastructure mode (autonomous operation or managed by LANCOM WLAN Controller)
WLAN Controller
Number of managed devices
Any combination of up to 6 LANCOM access points and WLAN routers can be centrally managed by the LANCOM WLAN
Controller. The WLC- 12 expansion option enables up to 12 LANCOM WLAN access points and WLAN routers to be managed.
Capacities can be expanded even further by employing multiple Controllers.
Controller. The WLC- 12 expansion option enables up to 12 LANCOM WLAN access points and WLAN routers to be managed.
Capacities can be expanded even further by employing multiple Controllers.
Smart Controller technology
The WLAN Controller can switch user data per AP Radio or per SSID in the following ways:
쮿
Direct switching to the LAN at the AP (for maximum performance, e.g. for 802.11n- based access points)
쮿
Logical seperation of user data into VLAN's (e.g. for WLAN guest access accounts)
쮿
Central tunneling to the Controller* (layer 3 tunneling between different IP Subnets) *feature in preparation
Auto Discovery
LANCOM access points and WLAN routers automatically discover the WLAN Controller by means of DNS name or IP addresses.
Even AP's at remote sites or in home offices with no direct access to the Controller can be integrated into the central Controller
Even AP's at remote sites or in home offices with no direct access to the Controller can be integrated into the central Controller
Authentication and Authorization
Access Points can be authenticated manually or automatically. Signaling of new access points by LED, e- mail message, SYSLOG
and SNMP traps. Manual authentication via LANmonitor or WEBconfig GUI tools. Semi- automatic authentication based on
access- point lists in the Controller ('bulk mode'). Fully automatic authentication with default configuration assignement (can be
activated/deactivated separately, e.g. during the rollout phase).
and SNMP traps. Manual authentication via LANmonitor or WEBconfig GUI tools. Semi- automatic authentication based on
access- point lists in the Controller ('bulk mode'). Fully automatic authentication with default configuration assignement (can be
activated/deactivated separately, e.g. during the rollout phase).
Authenticated access points can be identified by means of digital certificates; certificate generation by integrated CA (Certificate
Authority); certificate distribution by SCEP (Simple Certificate Enrollment Protocol). Access points can be blocked by CRL
(Certificate Revocation List).
Authority); certificate distribution by SCEP (Simple Certificate Enrollment Protocol). Access points can be blocked by CRL
(Certificate Revocation List).
Management communication protocol
CAPWAP (Control and Provisioning Protocol for Wireless Access Points)
Encryption
DTLS encryption of the control channel between WLAN Controller and Access Point (256- bit AES encryption with digital
certificates, incl. hardware encryption accelerator; encryption can be disabled for diagnostic purposes).
certificates, incl. hardware encryption accelerator; encryption can be disabled for diagnostic purposes).
Firmware deployment
Central Firmware deployment and management of the Access Points. Requires an external web server.
Automatic Firmware update on the Access Points is also possible. The Controller checks every day, depending on the defined
policy, for the latest Firmware and compares it with the versions in the devices. This can also be activated using Cron jobs. If
there is a Firmware mismatch, then the Controller downloads the matching Firmware from the server and updates the
corresponding Access Points and Routers.
policy, for the latest Firmware and compares it with the versions in the devices. This can also be activated using Cron jobs. If
there is a Firmware mismatch, then the Controller downloads the matching Firmware from the server and updates the
corresponding Access Points and Routers.
Script distribution
Enables the complete configuration of non- WLAN specific functions such as Redirects, Protocol Filter, ARF etc. Internal storage
of up to three script files (max. 64 kByte) for provisioning access points without a separate HTTP server
of up to three script files (max. 64 kByte) for provisioning access points without a separate HTTP server
RF management and automatic RF
optimization
optimization
The channel deployment can be static or can be automated.
Upon activation of the RF Optimization setting, the Access Points search for an optimal channel in the 2.4 GHz band. The
selected channels are sent to the Controller saves these channels on the corresponding Access Points. RF Optmization can also
be activated for individual Access Points.
selected channels are sent to the Controller saves these channels on the corresponding Access Points. RF Optmization can also
be activated for individual Access Points.
Transmit power setting static between 0 to - 20 dB.
Alarm notification in case of Access Point failure by LED, e- mail, SYSLOG and SNMP traps.
Configuration management
Definition and grouping of all logical and physical WLAN parameters by means of WLAN configuration profiles. Fully automatic
or manual profile assignment to WLAN Access Points; automatic transfer and configuration verification (policy enforcement).
or manual profile assignment to WLAN Access Points; automatic transfer and configuration verification (policy enforcement).
Inheritance of configuration profiles
Support of hierarchical WLAN profile groups. New profiles can be easily created by inheriting parameters from existing profiles.
Management operating modes
The AP can be set to 'managed' or 'unmanaged' mode for each radio interface. With LANCOM WLAN routers, the Controller
manages the WLAN part only (split management).
manages the WLAN part only (split management).