Configuring Mesh Networking
9-33
13. The team does not want any MUs connecting to the mesh WLAN, only the devices
comprising the mesh network. Therefore, the team leaves the Maximum MUs field as is,
and will use the Radio Configuration page to control the number of client bridge
connections.
14. The team verifies the Enable Client Bridge Backhaul checkbox is selected for both AP3
and AP4 to ensure the WLAN is available in the WLAN drop-down menu within the Radio
Configuration screen.
15. The IT team then verifies that steps 10 through 14 have been carried out identically for both
AP3 and AP4.
The IT team now needs to define a security policy for AP3 and AP4 complimentary with the
policy created for AP1 and AP2 to both protect the data within the mesh network and ensure
all 4 AP-5131s within the network can interact with one another.
16. The IT Team selects the Create button to the right of the Security Policy drop-down menu
and defines a WPA2/CCMP supported security policy exactly like the one created for AP1
and AP2. For more information, see how the team defined the security policy starting on step
16 within Trion’s Initial Deployment on page 9-18.
It is assumed all of the existing MU traffic defined for AP1 and AP2 will also be used in the
extended coverage area for AP3 and AP4 with no known additions to the MU traffic at this
time. Thus the IT team refers to the ACL created for AP1 and AP2 and defines an ACL exactly
like it for AP3 and AP4.
17. The team selects the Create button (to the right of the MU Access Control drop-down
menu and defines an ACL policy like the one created for AP1 and AP2. The team also
remembers to go to the AP1 ACL and add AP3 and AP4 to the list of devices allowed to
connect to AP1.
For more information, see how the team defined the ACL policy starting on step 22 within
Trion’s Initial Deployment on page 9-18.
18. The team decides to leave the Disallow MU to MU Communication checkbox unselected
for the mesh WLAN for AP3 and AP4, as the team still considers all MU traffic within the
shipping yard known and not a threat to the growing mesh network.
19. The team selects the Use Secure Beacon checkbox from the Edit WLAN screen to not
transmit the AP- 5131’s ESSID between APs 1 through 4. If a hacker tries to find an ESSID
via an MU, the AP- 5131’s ESSID does not display since the ESSID is not in the beacon.
20. The team does not select the Accept Broadcast ESSID checkbox, as they still do not want
MUs randomly joining their carefully constructed mesh network.