Brocade Mobility 7131 Access Point Product Reference Guide (Supporting software release 4.4.0.0 and later) User Manual
Page 154
142
Brocade Mobility 7131 Access Point Product Reference Guide
53-1002517-01
5
NOTE
A WLAN configured to support Mesh should not have a Kerberos or 802.1x EAP security policy
defined for it, as these two authentication schemes are not supported within a Mesh network.
5. Configure the Advanced field as required to set MU interoperability permissions, secure
beacon transmissions, broadcast ESSID acceptance and Quality of Service (QoS) policies.
Security Policy
Use the scroll down
Security Policies
menu to select the security scheme best suited for
the new or revised WLAN. Click the
Create
button to jump to the New Security Policy
screen where a new policy can be created to suit the needs of the WLAN. For more
information, see Configuring WLAN Security Policies on page 5-143
MU Access Control
Select an ACL policy suiting the WLAN‘s MU introperability requirements from the
drop-down menu. If the existing ACL policies do not satisfy the requirements of the WLAN, a
new ACL policy can be created by pressing the
Create
button. For more information, see
Configuring a WLAN Access Control List (ACL) on page 5-144.
Kerberos User Name
Displays the read-only Kerboros User Name used to associate the wireless client. This value
is the ESSID of the access point.
Kerberos Password
Enter a Kerberos password if
Kerberos
has been selected as the security scheme from
within the
Security Policies
field. The field is grayed out if Kerberos has not been
selected for the WLAN. For information on configuring Kerberos, see Configuring Kerberos
Authentication on page 6-194.
Disallow MU to MU
Communication
The MU-MU Disallow feature prohibits MUs from communicating with each other even if
they are on different WLANs, assuming one of the WLAN’s is configured to disallow MU-MU
communication. Therefore, if an MU’s WLAN is configured for MU-MU disallow, it will not be
able to communicate with any other MUs connected to this access point.
Use Secure Beacon
Select the
Use Secure Beacon
checkbox to not transmit the access point’s ESSID. If a
hacker tries to find an ESSID via an MU, the ESSID does not display since the ESSID is not
in the beacon. Brocade Mobility recommends keeping the option enabled to reduce the
likelihood of hacking into the WLAN.
Accept Broadcast
ESSID
Select the
Accept Broadcast ESSID
checkbox to associate an MU that has a blank
ESSID (regardless of which ESSID the access point is currently using). Sites with
heightened security requirements may want to leave the checkbox unselected and
configure each MU with an ESSID. The default is selected.
enable Rate Limiting
Select this checkbox to set MU rate limiting values for this WLAN in both the upstream and
downstream direction. Once selected, two fields display enabling you to set MU radio
bandwidth for each associated MU in both the wired-to-wireless and wireless-to-wired
directions. Set an allocation between 100 and 300,000 kbps. The default value is 1000
kbps. For more information, see Configuring MU Rate Limiting on page 5-176.
Quality of Service
Policy
If QoS policies are undefined (none), select the
Create
button to launch the
New QoS
Policy
screen. Use this screen to create a QoS policy, wherein data traffic for the new or
revised WLAN can be prioritized to best suit the MU transmissions within that WLAN. For
more information, see Setting the WLAN Quality of Service (QoS) Policy on page 5-147.