Brocade Mobility 5181 Access Point Product Reference Guide (Supporting software release 4.4.0.0) User Manual
Page 380
366
Brocade Mobility 5181 Access Point Product Reference Guide
53-1002516-01
Configuring mesh networking support
9
If none of the existing policies are suitable, select the Create button to the right of the Security
Policy drop-down menu and configure a policy suitable for the mesh network. For information
on configuring a security using the authentication and encryption techniques available to the
access point, see
“Only a qualified installation professional should set or restore the access
point’s radio and power management configuration in the event of a password reset.”
8. ACL policies should be configured to allow or deny a range of MAC addresses from
interoperating with the WLAN used with the mesh network. ACLs should be defined based on
the client bridge and repeater (an access point defined as both a base and client bridge)
association requirements within the mesh network.
For information on defining an ACL for use with the WLAN assigned to the mesh network, see
“Configuring a WLAN Access Control List (ACL)”
NOTE
The Kerberos User Name and Kerberos Password fields can be ignored, as Kerberos is not
supported as a viable authentication scheme within a mesh network.
9. Select the Disallow Client to Client Communication check box to restrict Clients from
interacting with each other both within this WLAN, as well as other WLANs.
Selecting this option could be a good idea, if restricting device “chatter” improves mesh
network performance. If base bridges and client bridges are added at any given time to extent
the coverage are of a mesh network, the data going back and forth amongst just those radios
could be compromised by network interference. Adding mesh device traffic could jeopardize
network throughput. If however, Client to Client communication is central to the organization
(for example, scanners sharing data entry information) then this checkbox should remain
unselected.
10. Select the Use Secure Beacon check box to not transmit the ESSID amongst the access points
and devices within the mesh network. If a hacker tries to find an ESSID via an Client, the
access point’s ESSID does not display since the ESSID is not in the beacon. Brocade
recommends keeping the option enabled to reduce the likelihood of hacking into the WLAN.
11. Select the Accept Broadcast ESSID check box to associate an Client that has a blank ESSID
(regardless of which ESSID the access point is currently using). Traffic within a mesh network
probably consists of known devices, so you may want to leave the checkbox unselected and
configure each Client with an ESSID. The default is selected. However, for WLANs used within a
mesh network, Brocade recommends unselecting this option as it would prevent the AP from
answering to blank ESSID probes from other wireless clients.
12. If there are certain requirements for the types of data proliferating the mesh network, select an
existing policy or configure a new QoS policy best suiting the requirements of the mesh
network. To define a new QoS policy, select the Create button to the right of the Quality Of
Service Policy drop-down menu.
For detailed information on configuring a QoS policy, see
“Setting the WLAN Quality of Service
13. Click Apply to save the changes made to the mesh network configured WLAN.An access point
radio is now ready to be configured for use with this newly created mesh WLAN.