3com 3CRWE850075A Manuale Utente
34
F
ILTERING
BY
VLAN
The access point supports filtering of up to 64 VLANs (virtual local area networks).
VLAN IDs must be configured for each client on one of the RADIUS authentication
servers specified on the RADIUS configuration page. If a RADIUS server is not being
used or not setup to update the VLAN ID, then the access point will tag all ethernet
packets with the Native VLAN ID (defaulted to 1).
VLAN IDs must be configured for each client on one of the RADIUS authentication
servers specified on the RADIUS configuration page. If a RADIUS server is not being
used or not setup to update the VLAN ID, then the access point will tag all ethernet
packets with the Native VLAN ID (defaulted to 1).
If a RADIUS authentication server will be used to create/modify the VLAN ID, the
following attributes must be provisioned on the RADIUS Server to be passed back to
the authenticating client:
following attributes must be provisioned on the RADIUS Server to be passed back to
the authenticating client:
The AP’s IP address is the RADIUS Client/Radius User
Tunnel_type (64) = VLAN (13)
Tunnel_Medium_type (65) = 802
Tunnel_Private_group_ID (81) = VLAN ID specified in Hexadecimal format.
Tunnel_type (64) = VLAN (13)
Tunnel_Medium_type (65) = 802
Tunnel_Private_group_ID (81) = VLAN ID specified in Hexadecimal format.
VLAN Switch ports must be tagged ports that match the VLAN ID on the Access
Point. Associated client VLAN IDs will appear in the Syslog file in ASCII Decimal
format.
Point. Associated client VLAN IDs will appear in the Syslog file in ASCII Decimal
format.
When VLAN filtering is enabled, the access point queries the server for the VLAN IDs
of associating clients and saves the VLAN IDs. If a client does not have a VLAN ID,
the access point assigns its own native VLAN ID to that client.
of associating clients and saves the VLAN IDs. If a client does not have a VLAN ID,
the access point assigns its own native VLAN ID to that client.
To enable VLAN filtering, enter a VLAN ID (a number between 1 and 4095) in the
Native VLAN ID field and select VLAN Enable.
Native VLAN ID field and select VLAN Enable.
When VLAN filtering is disabled, the access point ignores VLAN-tagged frames.
S
ECURITY
F
ILTERS
These options allow you to block communication among wireless clients
(client-to-client blocking) and prevent wireless clients from performing access point
administration.
(client-to-client blocking) and prevent wireless clients from performing access point
administration.
n
Local Bridge Filter—Enable this filter to prevent direct communication between
wireless clients, creating a more secure wireless network.
wireless clients, creating a more secure wireless network.
n
AP Management Filter—Enable this filter to prevent wireless clients from
accessing the access point for management; for example through TELNET or
SNMP.
accessing the access point for management; for example through TELNET or
SNMP.