Manualshelf

User's Manual

ManualsBrandsAirgo Networks ManualsElectronicsTrue MIMO Access Point
71727374757677787980
Zone Privacy
Installation and User Guide: Airgo Access Point 149
VLANs. A VLAN switch is able to segregate traffic between the two VLANs such that any client
of the first AP is not able to contact any client on the second AP.
To provide full connectivity between APs for management traffic, assign all ports on the APs to the
management VLAN.
Zone Privacy Deployment without VLANs
When zone privacy is implemented without VLANs, communication forwarding rules can affect
station and management traffic between the APs. The following deployment constraints apply
(Figure 105):
The root AP for the wireless backhaul network must be attached to the wired network because
all downstream APs are guaranteed connectivity only to the root AP.
APs should be managed using policy distribution from NM Portal because the station has
connectivity to only a subset of APs over the wireless backhaul.
Station reassociation fails if a station roams to a BSS started by an AP that cannot exchange
Inter Access Point Protocol (IAPP) messages with the AP from which the station has moved.
The IAPP messages are used to support roaming of client stations between APs and enable
neighboring APs to keep up-to-date information concerning the status of roaming client
stations.
Figure 105: Zone Privacy Using a Single VLAN
Zone Privacy Deployment on Multiple VLANs
When zone privacy is deployed using multiple VLANs, you can designate one VLAN for
management traffic and others for user data. Enabling zone privacy only on the VLANs that carry
user data traffic eliminates several of the constraints caused by connectivity limitations. The
following requirements apply when using multiple VLANs to deploy zone privacy:
The root AP for the wireless backhaul network must be attached to the wired network.
Zone privacy for subscribers must be enabled on a non-management VLAN.
APs can be managed directly from any station, if that the station is on the management VLAN.
Roaming is unaffected by zone privacy because IAPP messages are sent on the management
VLAN that has full connectivity over the wireless distribution system.
“root” AP must be
connected to a wired
network
APs managed indirectly by NM portal
Roaming is impacted