Wireless Configuration and Security
43
ProSAFE Dual Band Wireless-N Access Point with RFID Support, WNDAP380R
Security profiles let you configure unique security settings for each SSID on each radio of the
wireless access point. For each radio, the wireless access point supports up to eight security
profiles (BSSIDs) that you can configure on the individual Edit Wireless Network screens that
are accessible from the Edit Security Profile screen (see
Configure and Enable Security
Profiles
on page
46).
Security Profile Concepts
Security profiles include the following main components:
•
Network authentication
The wireless access point is set by default as an open system with no authentication.
When you configure network authentication, bear in mind that not all wireless adapters
support WPA or WPA2. Consult the product documentation for your wireless adapter and
WPA or WPA2 client software for instructions about how to configure WPA or WPA2
settings.
For information about the types of network authentication that the wireless access point
supports, see
Configure and Enable Security Profiles
on page
46.
•
Data encryption
The available data encryption options depend on the network authentication setting that
you select (the default is no encryption). The data encryption settings are explained in
Configure and Enable Security Profiles
on page
46.
•
Wireless client security separation
If this feature is enabled, the associated wireless clients (using the same SSID) are not
able to communicate with each other. This feature is useful for hotspots and other public
access situations. By default, wireless client separation is disabled. For more information,
see
Configure and Enable Security Profiles
on page
46.
•
VLAN ID
If this feature is enabled and if the network devices (hubs and switches) on your LAN
support the VLAN (802.1Q) standard, the default VLAN ID for the wireless access point is
associated with each profile. The default VLAN ID needs to match the IDs that are used
by the other network devices. For more information, see
Configure and Enable Security
Profiles
on page
46.
Some concepts and guidelines regarding the SSID are explained in the following list:
•
A basic service set (BSS) consists of a group of wireless clients and a single wireless
access point that use the same security profile or service set identifier (BSSID). The
actual identifier in the BSSID is the MAC address of the wireless radio. (A wireless radio
can have multiple MAC addresses, one for each security profile.)
•
An extended service set (ESS) consists of a group of wireless clients and multiple
wireless access points that use the same identifier (ESSID).
•
Different wireless access points within an ESS can use different channels. To reduce
interference, adjacent wireless access points should use different channels.
•
Roaming is the ability of wireless clients to connect wirelessly when they physically move
from one BSS to another one within the same ESS. The wireless client automatically
changes to the wireless access point with the least interference or best performance.