Configuring Mesh Networking
9-11
are typically not guest networks, wherein public assess is more important than data
protection. Symbol also discourages user-based authentication schemes such as
Kerberos and 802.1x EAP, as these authentication schemes are not supported within a
mesh network.
If none of the existing policies are suitable, select the Create button to the right of the
Security Policy drop-down menu and configure a policy suitable for the mesh
network. For information on configuring a security using the authentication and
encryption techniques available to the
AP-5131, see Enabling Authentication and Encryption Schemes on page 6-5.
8. ACL policies should be configured to allow or deny a range of MAC addresses from
interoperating with the WLAN used with the mesh network. ACLs should be defined
based on the client bridge and repeater (an AP-5131 defined as both a base and client
bridge) association requirements within the mesh network.
For information on defining an ACL for use with the WLAN assigned to the mesh
network, see Configuring a WLAN Access Control List (ACL) on page 5-31.
9. Select the Disallow MU to MU Communication checkbox to restrict MUs from
interacting with each other both within this WLAN, as well as other WLANs.
Selecting this option could be a good idea, if restricting device “chatter” improves mesh
network performance. If base bridges and client bridges are added at any given time to
extent the coverage are of a mesh network, the data going back and forth amongst just
those radios could be compromised by network interference. Adding mesh device traffic
could jeopardize network throughput. If however, MU to MU communication is central
to the organization (for example, scanners sharing data entry information) then this
checkbox should remain unselected.
NOTE The Kerberos User Name and Kerberos Password fields can be
ignored, as Kerberos is not supported as a viable authentication scheme
within a mesh network.