Wds guidelines – Allied Telesis AT-WA7400/EU User Manual
Page 176

Chapter 16: Configuring the Wireless Distribution System (WDS)
176
You can enable Static
WEP
on the WDS link (bridge). When WEP is
enabled, all data exchanged between the two access points in a WDS link 
is encrypted using a fixed WEP key that you provide.
Static WEP is the only security mode available for the WDS link, and it 
does not provide effective data protection to the level of other security 
modes available for service to client stations. If you use WDS on a 
LAN
intended for secure wireless traffic you are putting your network at risk. 
Therefore, Allied Telesyn recommends using WDS to bridge the guest 
network only for this release. Do not use WDS to bridge access points on 
the internal network unless you are not concerned about the security risk 
for data traffic on that network.
For more information about the effectiveness of different security modes, 
see Appendix B, “Configuring Security on Wireless Clients” on page 217. 
This topic also covers use of plain text security mode for access point-to-
station traffic on the guest network, which is intended for less sensitive 
data traffic.
WDS Guidelines
The following list summarizes some critical guidelines regarding
WDS
configuration:
The only security mode available on the WDS link is Static
WEP
, which
is not very secure. Therefore, Allied Telesyn recommends that you use 
WDS to bridge the guest network only for this release. Do not use 
WDS to bridge access points on the internal network unless you are 
not concerned about the security risk for data traffic on that network.
When using WDS, be sure to configure WDS settings on both access 
points participating in the WDS link.
You can have only one WDS link between any pair of access points. 
That is, a remote MAC address may appear only once on the WDS 
page for a particular access point.
Both access points participating in a WDS link must be on the same 
radio channel and using the same IEEE 802.11 mode. (See 
“Configuring Radio Settings” on page 147 for information on 
configuring the Radio mode and channel.)
Do not create loops with either WDS bridges or combinations of 
Wired (Ethernet) connections and WDS bridges. Spanning Tree 
Protocol (
STP
), which manages path redundancy and prevent
unwanted loops, is not enabled for this release.
Keep these rules in mind when working with WDS in this release of the 
AT-WA7400 Management Software:
Any two access points can be connected by only a single path; either a 
WDS bridge (wireless) or an Ethernet connection (wired), but not both.
Do not create backup links.
