Manualshelf

Specifications

ManualsBrandsAlcatel ManualsComputer equipmentOmniAccess AP61
21222324252627282930
Overview 5
Chapter 1
provides the ability to enable local probe responses for remotely connected
APs. This feature may be configured under the Wireless LANÆAdvanced
section of the Web-based management interface, or may be configured under
the “ap location” section of the CLI.
Auto-Blacklist Firewall Extended Action
AOS-W 2.2 provides the ability to automatically blacklist (prevent association
to any AP) clients who violate a rule in a firewall policy. This is useful for
protecting wireless LANs made up of devices that cannot perform
authentication, such as Wi-Fi voice handsets or barcode scanners. Devices
such as these should be placed into a role with an extremely restrictive
firewall policy, for example allowing only SIP traffic to a SIP gateway. If an
attacker were to compromise an encryption key or spoof a MAC address on
such a network, a single firewall policy violation (i.e. sending an HTTP request
or initiating a port scan) would cause the station to be immediately
disconnected from the network. This feature may be configured by selecting
it as an extended action in any firewall policy.
Enhanced AP-Switch Discovery and Alcatel Discovery
Protocol
In order for thin APs to operate, they must be able to locate and connect to a
Wi-Fi switch. Alcatel APs have always had the ability to automatically locate a
switch, boot from it, and become operational without requiring any
configuration. In the past, this was based on APs obtaining an address
through DHCP and performing a DNS lookup on the hostname
Alcatel-master”. While this method of switch location is still popular, a
number of customers requested alternate methods of AP configuration.
AOS-W 2.2 adds “Alcatel Discovery Protocol” (ADP) to provide this
functionality. ADP is present in the switch by loading AOS-W.
APs will go through the following sequence to locate a switch:
Power is applied. If AP does not already contain a pre-configured IP address,
it will issue a DHCP request to obtain an address.
If DHCP response contains an Alcatel vendor-specific option (see below), it
will use this vendor-specific option to contact an Alcatel switch and continue
the boot process.
If the DHCP response contains a DNS server address, the AP will perform DNS
lookup of the hostname “Alcatel-master.<subdomain>”, where <subdomain>
was learned from the DHCP server. If this request is successful, the AP will
use the returned IP address to contact an Alcatel switch and continue the
boot process.