36
VLAN Switch ports must be tagged ports that match the VLAN ID on the Access
Point. Associated client VLAN IDs will appear in the Syslog file in ASCII Decimal
format.
When VLAN filtering is enabled, the access point queries the server for the VLAN IDs
of associating clients and saves the VLAN IDs. If a client does not have a VLAN ID,
the access point assigns its own native VLAN ID to that client.
To enable VLAN filtering, enter a VLAN ID (a number between 1 and 4095) in the
Native VLAN ID
field and select
VLAN Enable.
When VLAN filtering is disabled, the access point ignores VLAN-tagged frames.
S
ECURITY
F
ILTERS
These options allow you to block communication among wireless clients
(client-to-client blocking) and prevent wireless clients from performing access point
administration.
o
Local Bridge Filter
—Enable this filter to prevent direct communication between
wireless clients, creating a more secure wireless network.
o
AP Management Filter
—Enable this filter to prevent wireless clients from
accessing the access point for management; for example through TELNET or
SNMP.
C
LIENT
L
IST
T
IMEOUT
This option sets the timeout for inactive clients to be disassociated and removed from
the associated client list. The interval can be set to 1, 5, 10, 30 or 60 minutes (default is
30 minutes).
U
PLINK
P
ORT
MAC A
DDRESS
F
ILTERING
This feature allows associated wireless clients to communicate only with specific
selected MAC addresses on a sub net. By only allowing clients to communicate with a
few specific servers such as DHCP server, a Gateway, or a local web server, clients are
blocked from communicating with other clients on the local sub net, but are still
allowed (via the gateway) to communicate with severs on the Internet.
Note:
In most
cases client to client blocking should also be enabled as the
Uplink Filter
only works
on packets coming into the AP from its Ethernet (uplink) port.
For security reasons it is desirable to block client to client communications for wireless
clients associated with an Access Point (AP). It is also desirable to block client to
client communications between clients associated with different AP’s on the local sub
net. For instance an airport may have several AP’s to service several "hot spots" within