User Manual Part 3
Table Of Contents
- Introduction
- 1.1 New Features
- 1.2 Feature Overview
- 1.2.1 Single or Dual Mode Radio Options
- 1.2.2 Separate LAN and WAN Ports
- 1.2.3 Multiple Mounting Options
- 1.2.4 Antenna Support for 2.4 GHz and 5.2 GHz Radios
- 1.2.5 Sixteen Configurable WLANs
- 1.2.6 Support for 4 BSSIDs per Radio
- 1.2.7 Quality of Service (QoS) Support
- 1.2.8 Industry Leading Data Security
- 1.2.9 VLAN Support
- 1.2.10 Multiple Management Accessibility Options
- 1.2.11 Updatable Firmware
- 1.2.12 Programmable SNMP v1/v2/v3 Trap Support
- 1.2.13 Power-over-Ethernet Support
- 1.2.14 MU-MU Transmission Disallow
- 1.2.15 Voice Prioritization
- 1.2.16 Support for CAM and PSP MUs
- 1.2.17 Statistical Displays
- 1.2.18 Transmit Power Control
- 1.2.19 Advanced Event Logging Capability
- 1.2.20 Configuration File Import/Export Functionality
- 1.2.21 Default Configuration Restoration
- 1.2.22 DHCP Support
- 1.2.23 Multi-Function LEDs
- 1.3 Theory of Operations
- Hardware Installation
- Getting Started
- System Configuration
- Network Management
- Configuring Access Point Security
- 6.1 Configuring Security Options
- 6.2 Setting Passwords
- 6.3 Enabling Authentication and Encryption Schemes
- 6.4 Configuring Kerberos Authentication
- 6.5 Configuring 802.1x EAP Authentication
- 6.6 Configuring WEP Encryption
- 6.7 Configuring KeyGuard Encryption
- 6.8 Configuring WPA Using TKIP
- 6.9 Configuring WPA2-CCMP (802.11i)
- 6.10 Configuring Firewall Settings
- 6.11 Configuring VPN Tunnels
- 6.12 Configuring Content Filtering Settings
- 6.13 Configuring Rogue AP Detection
- 6.14 Configuring User Authentication
- Monitoring Statistics
- Command Line Interface Reference
- Configuring Mesh Networking
- Technical Specifications
- Usage Scenarios
- Customer Support
- Index
AP-51xx Access Point Product Reference Guide
9-34
13. The team does not want any MUs connecting to the mesh WLAN, only the devices
comprising the mesh network. Therefore, the team leaves the Maximum MUs field as is,
and will use the Radio Configuration page to control the number of client bridge
connections.
14. The team verifies the Enable Client Bridge Backhaul checkbox is selected for both AP3
and AP4 to ensure the WLAN is available in the WLAN drop-down menu within the Radio
Configuration screen.
15. The IT team then verifies that steps 10 through 14 have been carried out identically for both
AP3 and AP4.
The IT team now needs to define a security policy for AP3 and AP4 complimentary with the
policy created for AP1 and AP2 to both protect the data within the mesh network and ensure
all 4 access points within the network can interact with one another.
16. The IT Team selects the Create button to the right of the Security Policy drop-down menu
and defines a WPA2/CCMP supported security policy exactly like the one created for AP1
and AP2. For more information, see how the team defined the security policy starting on step
16 within Trion’s Initial Deployment on page 9-19.
It is assumed all of the existing MU traffic defined for AP1 and AP2 will also be used in the
extended coverage area for AP3 and AP4 with no known additions to the MU traffic at this
time. Thus the IT team refers to the ACL created for AP1 and AP2 and defines an ACL exactly
like it for AP3 and AP4.
17. The team selects the Create button (to the right of the MU Access Control drop-down
menu and defines an ACL policy like the one created for AP1 and AP2. The team also
remembers to go to the AP1 ACL and add AP3 and AP4 to the list of devices allowed to
connect to AP1.
For more information, see how the team defined the ACL policy starting on step 22 within
Trion’s Initial Deployment on page 9-19.
18. The team decides to leave the Disallow MU to MU Communication checkbox unselected
for the mesh WLAN for AP3 and AP4, as the team still considers all MU traffic within the
shipping yard known and not a threat to the growing mesh network.
19. The team selects the Use Secure Beacon checkbox from the Edit WLAN screen to not
transmit the AP- 5131’s ESSID between APs 1 through 4. If a hacker tries to find an ESSID
via an MU, the AP- 5131’s ESSID does not display since the ESSID is not in the beacon.
20. The team does not select the Accept Broadcast ESSID checkbox, as they still do not want
MUs randomly joining their carefully constructed mesh network.