Cisco WAP200 Administration Guide - Page 33

Wireless, protection - default login

Get Cisco WAP200 - Small Business Wireless-G Access Point PDF manuals and user guides
UPC - 745883574452
View all Cisco WAP200 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 33 highlights

Chapter 2 How it works Chapter 2 Outgoing wireless traffic filters Applies to traffic sent from the WAP-200 to wireless client stations. Accepted • Any IP traffic coming from the upstream device, except NetBIOS packets. • PPPoE traffic from the upstream device. • IP broadcast packets, except NetBIOS • ARP and DHCP Offer and ACK packets. • Any traffic coming from the WAP-200 itself, including 802.1x. Blocked • All other traffic is blocked. This includes NetBIOS traffic regardless of its source/ destination address. Custom Use this option to define your own filters. To use the default filters as a starting point, click Get Default Filters. Filters are specified using standard pcap syntax (http://www.tcpdump.org/ tcpdump_man.html) with the addition of a few Colubris-specific placeholders. These placeholders can be used to refer to specific MAC addresses and are expanded by the WAP-200 when the filter is activated. Once expanded, the filter must respect the pcap syntax. The pcap syntax is documented in the tcpdump man page: Placeholders %a - MAC address of the access controller, as specified on the Security > Access controller page. %b - MAC address of the bridge. %g - Mac address of the default gateway assigned to the WAP-200 on the Network > Ports page %w - MAC address of wireless port. Wireless protection Select the type of protection you want to use for the wireless network created by the VSC. Important: 802.1x and WPA sessions are terminated by the WAP-200. This means that the WAP-200 handles all authentication tasks and must communicate with the RADIUS server or access controller to validate login credentials. Therefore, the RADIUS server or access controller must be reachable. WPA This option enables support for users with WPA client software. Mode Select the WPA mode that the WAP-200 will use. • WPA (TKIP) 1: WPA with TKIP encryption. • WPA2 (AES/CCMP): WPA2 (802.11i) with CCMP encryption. • WPA or WPA2: Mixed mode supports both WPA (version 1) and WPA2 (version 2) at the same time. 33

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
Chapter 2
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - How it works - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Chapter 2
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 33 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Outgoing wireless traffic filters
Applies to traffic sent from the WAP-200 to wireless client stations.
Accepted
Any IP traffic coming from the upstream device, except NetBIOS packets.
PPPoE traffic from the upstream device.
IP broadcast packets, except NetBIOS
ARP and DHCP Offer and ACK packets.
Any traffic coming from the WAP-200 itself, including 802.1x.
Blocked
All other traffic is blocked. This includes NetBIOS traffic regardless of its source/
destination address.
Custom
Use this option to define your own filters. To use the default filters as a starting point,
click
Get Default Filters
.
Filters are specified using standard pcap syntax (http://www.tcpdump.org/
tcpdump_man.html) with the addition of a few Colubris-specific placeholders. These
placeholders can be used to refer to specific MAC addresses and are expanded by the
WAP-200 when the filter is activated. Once expanded, the filter must respect the pcap
syntax. The pcap syntax is documented in the tcpdump man page:
Placeholders
%a - MAC address of the access controller, as specified on the
Security > Access
controller
page.
%b - MAC address of the bridge.
%g - Mac address of the default gateway assigned to the WAP-200 on the
Network >
Ports
page
%w - MAC address of wireless port.
Wireless
protection
Select the type of protection you want to use for the wireless network created by the
VSC.
Important:
802.1x and WPA sessions are terminated by the WAP-200. This means that
the WAP-200 handles all authentication tasks and must communicate with the RADIUS
server or access controller to validate login credentials. Therefore, the RADIUS server
or access controller must be reachable.
WPA
This option enables support for users with WPA client software.
Mode
Select the WPA mode that the WAP-200 will use.
WPA (TKIP) 1: WPA with TKIP encryption.
WPA2 (AES/CCMP): WPA2 (802.11i) with CCMP encryption.
WPA or WPA2: Mixed mode supports both WPA (version 1) and WPA2 (version 2) at
the same time.