Specifications

ManualsBrandsAlcatel ManualsComputer equipmentOmniAccess AP61

100

OmniAccess Reference: AOS-W System Reference

70 Part 031652-00 May 2005

Role VLAN ID –This parameter allows the user to be mapped to a particular

VLAN based on the role assigned. This parameter only works when using L2

authentication such as 802.1x, MAC address role mapping, ESSID role

mapping, or encryption type role mapping, because these happen before an IP

address has been assigned. If a user authenticates using a L3 mechanism such

as VPN or captive portal, this parameter has no effect.

Bandwidth Contract – Applies a bandwidth contract, or rate limiting policy, to

the user role to prevent any one user from monopolizing network resources.

Bandwidth contracts may be viewed or edited by navigating to

Configuration >

Security > Advanced > Bandwidth

Contract. A new bandwidth contract may also

be created while adding or editing a user role – to do this, select Add New,

supply a name for the bandwidth contract, and fill in the desired bandwidth

limit either in kilobits per second or in megabits per second. Bandwidth

contracts are part of the user role, but are applied independently on a per-user

basis. For example, if two users are active on the network and both are part of

the same role with a 500kbps bandwidth contract, then each user will be able

to use up to 500kbps.

VPN Dialer – If VPN is used is an access method, a user may login using

captive portal and download a customized VPN “dialer”. This dialer is a

Windows application that configures the VPN client built into Microsoft

Windows 2000 and Windows XP. The VPN dialer may be customized based on

the user role. This parameter specifies which customization profile should be

available for download to users who are part of this user role. See the section

entitled “

Configuring VPN Settings” for more information on setting up VPN

dialers.

L2TP Pool – If VPN is used as an access method, specifies which address pool

the user’s IP address should be assigned from when the user negotiates an

L2TP/IPSec session. Address pools are configured under Configuration >

Security > VPN Settings > IPSec > Address Pools

. See the section entitled

“

Configuring VPN Settings” for more information on setting up L2TP/IPSec.

PPTP Pool – If VPN is used as an access method, specifies which address pool

the user’s IP address should be assigned from when the user negotiates a

PPTP session. Address pools are configured under Configuration > Security >

VPN Settings > PPTP > Address Pools

. See the section entitled “Configuring VPN

Settings

” for more information on setting up PPTP.

Access Control Lists

Access Control Lists (ACLs) are a common way of restricting certain types of

traffic on a physical port. (ACLs can be applied on a per user, per group, as well

as a per port basis.) Standard and extended ACLs are both available for

compatibility with router software from other popular vendors. However,

traffic policies provide equivalent and greater function than standard and

extended ACLs, and should be used instead. When filtering non-IP traffic on a