Filter
Top Products
AT-TQ2403 Management Software User's Guide 133
Figure 50: Bridge Distant Wired LAN by WDS Diagram
Using WDS to Extend the Network Beyond the Wired Coverage Area
An ESS can extend the reach of the network into areas where cabling would be difficult, costly, or
inefficient.
For example, suppose you have an access point which is connected to the network by Ethernet and
serving multiple client stations in one area ("East Wing" in our example) but cannot reach others which
are out of range. Suppose also that it is too difficult or too costly to wire the distant area with Ethernet
cabling. You can solve this problem by placing a second access point closer to the second group of
stations ("Poolside" in our example) and bridge the two APs with a WDS link. This extends your
network wirelessly by providing an extra hop to get to distant stations.
Security Considerations Related to WDS Links
It is important to set some type of security on WDS links. You can set any type of security on the WDS
link, regardless of the security setting applied to the APs on the link. For example, you may have the
security on AP1 set to None and the security on AP2 set to WEP. Even though both settings are
different, you can choose to set the security on the WDS link as either None or WEP. The only
exception to this rule is in the case of WPA (PSK). The WPA (PSK) security setting can only be set on
the WDS link if you have set security on both AP1 and AP2 to either WPA Personal or WPA Enterprise.
Understanding Static (WEP) Data Encryption
Static Wired Equivalent Privacy (WEP) is a data encryption protocol for 802.11 wireless networks. Both
access points in a given WDS link must be configured with the same security settings. For static WEP,
either a static 64-bit (40-bit secret key + 24-bit initialization vector (IV)) or 128-bit (104-bit secret key +
24- bit IV) Shared Key is specified for data encryption.
You can enable Static WEP on the WDS link (bridge). When WEP is enabled, all data exchanged
between the two access points in a WDS link is encrypted using a fixed WEP key that you provide.
Static WEP does not provide effective data protection to the level of other security modes available for
service to client stations. If you use Static WEP on a LAN intended for secure wireless traffic you are
putting your network at risk. Therefore, we recommend using WPA (PSK) encryption on any WDS links
on an Internal network. Do not use Static WEP based WDS to bridge access points on the Internal
network unless you have no concerns about the security risk for data traffic on that network. For more
information on WPA (PSK), see “Understanding WPA (PSK) Data Encryption
”.