HP ProCurve Wireless Access Point 420 - Hewlett Packard
HP ProCurve Wireless Access Point 420 - Hewlett Packard
HP ProCurve Wireless Access Point 420 - Hewlett Packard
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Access</strong> <strong>Point</strong> Configuration<br />
Setting up Filter Control<br />
Setting up Filter Control<br />
The access point can employ VLAN ID and network traffic frame filtering to<br />
control access to network resources and increase security.<br />
<strong>Access</strong> and Frame Filtering. You can prevent communications between<br />
wireless clients associated to the access point, only allowing traffic between<br />
clients and the wired network. You can also prevent any wireless client from<br />
performing any access point configuration through any of its management<br />
interfaces, including web, Telnet, or SNMP access. Frame filtering can also be<br />
enabled to control specific Ethernet protocol traffic that is forwarded to or<br />
from wireless clients.<br />
VLAN ID Filtering. The access point can enable the support of VLANtagged<br />
traffic passing between wireless clients and the wired network. Up to<br />
64 VLAN IDs can be mapped to specific wireless clients, allowing users to<br />
remain within the same VLAN as they move around a campus site. This feature<br />
can also be used to control access to network resources from wireless clients,<br />
thereby improving security.<br />
A VLAN ID (a number between 1 and 4095) can be assigned to each client after<br />
successful authentication using IEEE 802.1x and a central RADIUS server.<br />
The user VLAN IDs must be configured on the RADIUS server for each user<br />
authorized to access the network. If a user does not have a configured VLAN<br />
ID, the access point assigns the user to its own configured native VLAN ID.<br />
When setting up VLAN IDs for each user on the RADIUS server, be sure to use<br />
the RADIUS attributes and values as indicated in the following table.<br />
Number RADIUS Attribute Value<br />
64 Tunnel-Type VLAN (13)<br />
65 Tunnel-Medium-Type 802<br />
81 Tunnel-Private-Group-ID VLANID(1 to 4095 as hexadecimal)<br />
Not e The specific configuration of RADIUS server software is beyond the scope of<br />
this guide. Refer to the documentation provided with the RADIUS server<br />
software.<br />
5-32