Filter
Top Products
Working with VSCs
VSC data flow
Features
Authentication: The service controller supports 802.1X, MAC, or HTML authentication.
To validate user login credentials the service controller can use the local user accounts or
make use of a third-party authentication server (Active Directory or RADIUS). See
Authentication types on page 7-3.
Access control features: The service controller provides a number of features that can
be applied to user sessions. Features can be enabled globally or on a per-account basis.
See Account profiles on page 7-6.
Egress
The service controller enables user traffic to be forwarded to different output interfaces,
which include the routing table, VLAN ID, or GRE tunnel. See VSC egress mapping on
page 2-11.
Access control disabled
VSC on controlled AP
Ingress
The AP only handles wireless traffic. The SSID is the name of the wireless network that the
user associates with.
Features
Authentication: The AP supports 802.1X or MAC authentication. To validate user login
credentials the AP makes use of a third-party authentication server (service controller or
third-party RADIUS server). See Authentication types on page 7-3.
Wireless security filters: Enables the AP to block traffic unless it is addressed to a
specific destination (like the service controller). See Wireless security filters on
page 2-13.
Wireless MAC filter: Enables the AP to only allow wireless-to-wired LAN traffic for
specific wireless-user MAC addresses.
Wireless IP filter: Enables the AP to only allow wireless-to-wired LAN traffic for
specific wireless-user IP addresses.
Egress
Bridged onto port 1+2: Unless a centralized mode tunnel has been established, user
and authentication traffic is bridged onto ports 1 and 2.
VLAN: VLAN tags can be assigned for all traffic on a VSC. See Defining VLANs on
page 3-28.
2-23