beautypg.com

Enabling/disabling vlan protocol, Performing advanced configuration – Proxim ORINOCO AP-2000 User Manual

Page 85

background image

85

Performing Advanced Configuration

The AP can segment users into a maximum of 16 different workgroups (32 if using two cards in a Dual-radio AP)
based on an SSID/VLAN pair (also referred as a VLAN Workgroup or a Sub-network).

NOTE

The ability to configure up to 16 VLAN/SSID pairs and to configure a security profile per SSID is available only
for 802.11b/g APs and 802.11a Upgrade Kit APs.

802.11b APs do not support multiple VLAN/SSID pairs. APs with the 802.11a card support multiple
VLAN/SSID pairs, but do not support the security profile per SSID capability.

The three primary scenarios for using VLAN workgroups are as follows:
1. VLAN disabled: Your network does not use VLANs, and you cannot configure the AP to use multiple SSIDs.
2. VLAN enabled, each VLAN workgroup uses a different VLAN ID Tag
3. VLAN enabled, a mixture of Tagged and Untagged workgroups

Enabling/Disabling VLAN Protocol

Control Access to the AP

Management access to the AP can easily be secured by making management stations or hosts and the AP itself
members of a common VLAN. Simply configure a non-zero management VLAN ID and enable VLAN to restrict
management of the AP to members of the same VLAN.

CAUTION

!

If a non-zero management VLAN ID is configured then management access to the AP is restricted to wired or
wireless hosts that are members of the same VLAN. Ensure your management platform or host is a member
of the same VLAN before attempting to manage the AP.

1. Click Configure > SSID/VLAN/Security.
2. Set the VLAN Management ID to a value between -1 and 4094 (a value of 0 disables VLAN management).
3. Place a check mark in the Enable VLAN Protocol box.

Provide Access to a Wireless Host in the Same Workgroup

The VLAN feature can allow wireless clients to manage the AP. If the VLAN Management ID matches a VLAN User ID,
then those wireless clients who are members of that VLAN will have AP management access.

CAUTION

!

Once a VLAN Management ID is configured and is equivalent to one of the VLAN User IDs on the AP, all
members of that User VLAN will have management access to the AP. Be careful to restrict VLAN membership
to those with legitimate access to the AP.

1. Click Configure > SSID/VLAN/Security.
2. Set the VLAN Management ID to use the same VLAN ID as one of the configured SSID/VLAN pairs. See

Typical

User VLAN Configurations

for details.

3. Place a check mark in the Enable VLAN Protocol box.

Disable VLAN Management

1. Click Configure > SSID/VLAN/Security.
2. Remove the check mark from the Enable VLAN Protocol box to disable all VLAN functionality.