Dell PowerConnect W-Airwave W-Airwave 7.2 Configuration Guide - Page 50

Table 7 WLANs > Advanced Page Fields (Continued) Field Default Description Station Blacklisting Yes Blacklist Time 3600 Authentication Failure 3600 Blacklist Time Fast Roaming No Strict Compliance No VLAN Mobility No Remote AP Operation standard Drop Broadcast and No Multicast Enable or disable DoS prevention functions, as defined in virtual AP profiles. The blacklisting option can be used to prevent access to clients that are attempting to breach the security. When a client is blacklisted in the Dell PowerConnect W system, the client is not allowed to associate with any AP in the network for a specified amount of time. If a client is connected to the network when it is blacklisted, a de-authentication message is sent to force the client to disconnect. While blacklisted, the client cannot associate with another SSID in the network. If station blacklisting is enabled, specify the time in seconds for which blacklisting is enabled. When a client is blacklisted in the Dell PowerConnect W system, the client is not allowed to associate with any AP in the network for a specified amount of time. You can configure a maximum authentication failure threshold in seconds for each of the following authentication methods:  802.1x  MAC  Captive portal  VPN When a client exceeds the configured threshold for one of the above methods, the client is automatically blacklisted by the controller, an event is logged, and an SNMP trap is sent. By default, the maximum authentication failure threshold is set to 0 for the above authentication methods, which means that there is no limit to the number of times a client can attempt to authenticate. With 802.1x authentication, you can also configure blacklisting of clients who fail machine authentication. NOTE: This requires that the External Services Interface (ESI) license be installed in the controller. NOTE: When clients are blacklisted because they exceed the authentication failure threshold, they are blacklisted indefinitely by default. You can configure the duration of the blacklisting; Fast roaming is a component of virtual AP profiles in which client devices are allowed to roam from one access point to another without requiring reauthentication by the main RADIUS server. Define whether clients should have strict adherence to settings on this page for network access. Define whether clients in the WLAN and VLAN should have mobility or roaming privileges. Define the rights for remote APs in this WLAN. Options are as follows:  standard  persistent  backup  always Remote APs connect to a controller using Layer-2 Tunneling Protocol and Internet Protocol Security (L2TP/IPSec). AP control and 802.11 data traffic are carried through this tunnel. Secure Remote Access Point Service extends the corporate office to the remote site. Remote users can use the same features as corporate office users. For example, voice over IP (VoIP) applications can be extended to remote sites while the servers and the PBX remain secure in the corporate office. Secure Remote Access Point Service can also be used to secure control traffic between an AP and the controller in a corporate environment. In this case, both the AP and controller are in the company's private address space. Specify whether the WLAN should drop broadcast and multicast mesh network advertising on the WLAN. 50 | Dell PowerConnect W Configuration Reference Dell PowerConnect W AirWave 7.2 | Configuration Guide