Filter
Top Products
Working with VSCs
VSC configuration options
Client data tunnel
When a VSC is access-controlled, client traffic that is sent between the AP and service
controller can be carried in the client data tunnel. This provides the following benefits:
User traffic is segregated from the backbone network and can only travel to the service
controller.
Underlying network topology is abstracted enabling full support for L2-connected users
across routed networks.
The client data tunnel is always used when the connection between a controlled AP and its
service controller traverses at least one router. The client data tunnel supports NAT traversal,
so it can cross routers that implement NAT.
Optionally the client data tunnel can also be used when a controlled AP and its service
controller are on the same subnet. To do this, enable the Always tunnel client traffic
option.
Performance and security settings for the client data tunnel can be customized on the
Service controller >> Controlled APs > Client data tunnel page.
Less security/better performance: The default provides adequate security with better
performance.
High security/less performance: Provides maximum security but with reduced
performance.
The client tunnel does not encrypt the data stream. To protect client traffic with encryption
requires that client stations use WPA or VPN software.
Under Wireless protection, enable WPA with the Terminate WPA at the service
controller. This requires client stations that support WPA.
Use VPN-based authentication. See Securing wireless client sessions with VPNs on
page 12-3.
Quality of service
Lets you prioritize traffic on the VSC. See Quality of service (QoS) on page 2-25.
2-10