25 additional lan subnet, 26 on-board radius server authentication, Additional lan subnet – Motorola AP-51XX User Manual

AP-51xx Access Point Product Reference Guide

1-18

Once the access point (in client bridge mode) establishes at least one wireless connection, it
establishes other wireless connections in the background as they become available. In this way, the
access point can establish simultaneous redundant links. An access point (in client bridge mode) can
establish up to 3 simultaneous wireless connections with other AP-5131s or AP-5181s. A client bridge
always initiates the connections and the base bridge is always the acceptor of the mesh network data
proliferating the network.

Since each access point can establish up to 3 simultaneous wireless connections, some of these
connections may be redundant. In that case, the STP algorithm determines which links are the
redundant links and disables the links from forwarding.

For an overview on mesh networking as well as details on configuring the access point’s mesh
networking functionality, see

Configuring Mesh Networking on page 9-1

.

1.2.25 Additional LAN Subnet

In a typical retail or small office environment (wherein a wireless network is available along with a
production WLAN) it is frequently necessary to segment a LAN into two subnets. Consequently, a
second LAN is necessary to “segregate” wireless traffic.

The access point now has a second LAN subnet enabling administrators to segment the access
point’s LAN connection into two separate networks. The main access point LAN screen now allows
the user to select either LAN1 or LAN2 as the active LAN over the access point’s Ethernet port. Both
LANs can still be active at any given time, but only one can transmit over the access point’s physical
LAN connection. Each LAN has a separate configuration screen (called LAN 1 and LAN 2 by default)
accessible under the main LAN screen. The user can rename each LAN as necessary. Additionally,
each LAN can have its own Ethernet Type Filter configuration, and subnet access (HTTP, SSH, SNMP
and telnet) configuration.

For detailed information on configuring the access point for additional LAN subnet support, see

Configuring the LAN Interface on page 5-1

.

1.2.26 On-board Radius Server Authentication

The access point has the ability to work as a Radius Server to provide user database information and
user authentication. Several new screens have been added to the access point’s menu tree to
configure Radius server authentication and configure the local user database and access policies. A
new Radius Server screen allows an administrator to define the data source, authentication type and
associate digital certificates with the authentication scheme. The LDAP screen allows the
administrator to configure an external LDAP Server for use with the access point. A new Access Policy