Netgear WC7520 - ProSafe 20-AP Wireless Controller Manual De Referência
System Planning and Deployment Scenarios
29
ProSafe 20-AP Wireless Controller WC7520
Client VLANs
Each authenticated wireless user is placed into a VLAN that determines the user’s DHCP
server, IP address, and Layer 2 connection. Although you could place all authenticated
wireless users into the single VLAN that is specified in the basic security profile, the wireless
controller allows you to group wireless users into separate VLANs based on the wireless
SSID to differentiate access to network resources. For example, you might place authorized
employee users into one VLAN, and itinerant users, such as contractors or guests, into a
separate VLAN. To use different VLANs, you need to create different security profiles.
server, IP address, and Layer 2 connection. Although you could place all authenticated
wireless users into the single VLAN that is specified in the basic security profile, the wireless
controller allows you to group wireless users into separate VLANs based on the wireless
SSID to differentiate access to network resources. For example, you might place authorized
employee users into one VLAN, and itinerant users, such as contractors or guests, into a
separate VLAN. To use different VLANs, you need to create different security profiles.
DHCP Server
The wireless controller can function as a DHCP server and assign IP addresses to both
wireless and wired devices that are connected to it. You can add up to 64 DHCP server
pools, each assigned to a different VLAN.
wireless and wired devices that are connected to it. You can add up to 64 DHCP server
pools, each assigned to a different VLAN.
Client Authentication and Data Encryption
A user needs to authenticate to the WLAN to be able to access WLAN resources. The
wireless controller supports several types of security methods, including those that require an
external RADIUS or LDAP authentication server.
wireless controller supports several types of security methods, including those that require an
external RADIUS or LDAP authentication server.
The encryption option that you can select depends upon the authentication method that you
have selected. The following table lists the authentication methods available, with their
corresponding encryption options:
have selected. The following table lists the authentication methods available, with their
corresponding encryption options:
Table 2. Authentication and encryption options
Authentication method
Encryption option
Authentication server
Open system
64-bit, 128-bit, or 152-bit WEP None
Shared Key
64-bit, 128-bit, or 152-bit WEP None
WPA-PSK
TKIP or TKIP+AES
None
WPA2-PSK
AES or TKIP+AES
None
WPA-PSK and WPA2-PSK
TKIP+AES
None
WPA
TKIP or TKIP+AES
One of the following authentication servers:
• External RADIUS server
• Internal authentication server
• External LDAP server