Manualshelf

System information

ManualsBrandsProCurve ManualsComputer equipment420
131132133134135136137138139140
General System Configuration
Configuring VLAN Support
Configuring VLAN Support
A VLAN is a group of network nodes that can be located anywhere in the
network, but communicate as though they belong to the same physical
segment. In large networks, VLANs are used to organize network nodes to
reflect departmental (such as Marketing or R&D) or usage groups (such as
guests). The VLANs are defined by software in switches and other devices
across the enterprise network. VLANs help to simplify network management
by allowing nodes to be moved to a new VLAN without having to change any
physical connections.
VLANs confine broadcast traffic to the originating group, which helps prevent
broadcast storms and provides a cleaner and more secure network environ-
ment. VLANs inherently provide a high level of network security since traffic
must pass through a configured Layer 3 link to reach a different VLAN.
The access point can enable the support of VLAN-tagged traffic passing
between wireless clients and the wired network. This VLAN tagging extends
the wired network’s VLANs to wireless clients. Associated clients are assigned
to a VLAN and can only send and receive traffic within that VLAN. This enables
the access point to provide secure support for different wireless users with
various levels of network access and permissions.
Client VLAN Assignment. The access point supports both “static” and
“dynamic” VLAN assignment for wireless clients. Dynamic VLAN assignment
enables up to 64 VLAN IDs to be mapped to specific wireless clients after
successful 802.1X authentication. If clients are not assigned to a specific
VLAN, they are assigned to the default VLAN of the associated SSID interface.
Static VLAN assignment always assigns clients to the default VLAN of the
associated SSID interface.
Management VLAN. A management VLAN can be configured for secure
management access to the access point. The management VLAN is for
managing the access point through remote management tools, such as the web
interface, SSH, Telnet, or SNMP. The access point only accepts management
traffic that is tagged with the specified management VLAN ID.
Tagged and Untagged VLANs. When VLAN support is enabled on the
access point, traffic passed to the wired network is tagged with the appro-
priate VLAN ID, either an assigned client VLAN ID, a default VLAN ID, or the
management VLAN ID. The access point also allows one untagged VLAN,
5-62