Manualshelf

user manual

ManualsBrandsCisco Systems ManualsNetwork RouterNetwork Router DL-2159-05
21222324252627282930
1-5
Cisco Aironet 1200 Series Access Point Software Configuration Guide
OL-2159-05
Chapter 1 Overview
VLAN Support
VLAN Support
Version 12.01T1 supports VLAN technology by mapping SSIDs to VLANs. With the multiple-SSID
capability, the access point can support up to 16 VLAN subnets.
What is a VLAN?
A switched network can be logically segmented into virtual local area networks (VLANs), on a physical
or geographical basis, or by functions, project teams, or applications. For example, all workstations and
servers used by a particular workgroup team can be connected to the same VLAN regardless of their
physical connections to the network or the fact that they might be intermingled with devices for other
teams. Reconfiguration of VLANs can be done through software rather than physically unplugging and
moving devices or wires.
A VLAN can be thought of as a broadcast domain that exists within a defined set of switches. A VLAN
consists of a number of end systems, either hosts or network equipment (such as bridges and routers),
connected by a single bridging domain. The bridging domain is supported on various pieces of network
equipment, such as LAN switches that operate bridging protocols between them with a separate group
for each VLAN.
VLANs are created to provide the segmentation services traditionally provided by routers in LAN
configurations. Routers in VLAN topologies provide broadcast filtering, security, address
summarization, and traffic-flow management. None of the switches within the defined group will bridge
any frames, not even broadcast frames, between two VLANs. Several key issues must be considered
when designing and building switched LAN networks.
LAN segmentation
Security
Broadcast control
Performance
Network management
Communication between VLANs
VLANs are extended into the wireless realm by adding IEEE 802.1Q tag awareness to the access point.
Frames destined for wireless LAN clients on different VLANs are transmitted by the access point
wirelessly on different SSIDs with different WEP keys. The only clients that can receive and process
packets are those with the correct WEP keys. Conversely, packets coming from a client associated with
a certain VLAN are 802.1Q tagged before they are forwarded onto the wired network.
Figure 1-1 illustrates the difference between traditional physical LAN segmentation and logical VLAN
segmentation with wireless devices connected.