Filter
Top Products
5/26/05 Cisco WLAN Solution WLANs
OL-7426-03
Ethernet (PoE) capability. This power distribution plan can be used to reduce the cost of
individual AP power supplies and related cabling.
About Cisco WLAN Solution WLANsCisco WLAN Solution WLANs
The Cisco WLAN Solution can control up to 16 Wireless LANs for Cisco 1000 Series Lightweight Access
Points. Each WLAN has a separate WLAN ID (1 through 16), a separate WLAN SSID (WLAN Name), and
can be assigned unique security policies.
The Cisco 1000 Series lightweight access points broadcast all active Cisco WLAN Solution WLAN SSIDs
and enforce the policies defined for each WLAN.
If Management over Wireless
is enabled across Cisco WLAN Solution, the Cisco WLAN Solution operator
can manage the System across the enabled WLAN using CLI and Telnet (Command Line Interface),
http/https (Web User Interface
), and SNMP (Cisco Wireless Control System).
To configure the Cisco WLAN Solution WLANs, refer to Configuring WLANs
.
About Access Control ListsAccess Control Lists
The Operating System allows you to define up to 64 Access Control Lists (ACLs), similar to standard
firewall Access Control Lists. Each ACL can have up to 64 Rules (filters).
Operators can use ACLs to control client access to multiple VPN servers within a given WLAN. If all the
clients on a WLAN must access a single VPN server, use the IPSec/VPN Gateway Passthrough setting in
the IPSec Passthrough
section.
After they are defined, the ACLs can be applied to the Management Interface, the AP-Manager Inter-
face, or any of the Operator-Defined Interfaces.
Refer to Access Control Lists > New in the Web User Interface Online Help or Creating Access Control
Lists in the Configuring the Cisco Wireless LAN Controller sections for instructions on how to configure
the Access Control Lists.
About Identity NetworkingIdentity Networking
Cisco Wireless LAN Controllers can have the following parameters applied to all clients associating with
a particular WLAN: QoS, global or Interface-specific DHCP server, Layer 2 and Layer 3 Security Policies,
and default Interface (which includes physical port, VLAN and ACL assignments).
However, the Cisco Wireless LAN Controller can also have individual clients (MAC addresses) override
the preset WLAN parameters by using MAC Filtering or by Allowing AAA Override parameters. This
configuration can be used, for example, to have all company clients log into the corporate WLAN, and
then have clients connect using different QoS, DHCP server, Layer 2 and Layer 3 Security Policies, and
Interface (which includes physical port, VLAN and ACL assignments) settings on a per-MAC Address
basis.
When Cisco WLAN Solution operators configure MAC Filtering for a client, they can assign a different
VLAN to the MAC Address, which can be used to have OS automatically reroute the client to the
Management Interface
or any of the Operator-Defined Interfaces, each of which have their own VLAN,
ACL, DHCP server, and physical port assignments. This MAC Filtering can be used as a coarse version of
AAA Override, and normally takes precedence over any AAA (RADIUS or other) Override.
CAUTION: Cisco recommends that you assign one set of VLANs for WLANs and a
different set of VLANs for Management Interfaces to ensure that Cisco Wireless LAN
Controllers properly route VLAN traffic.