Configuring Security and Other Services
Configuring Self Healing Options
Figure 48.
A low severity event is now triggered each time a client connects with an RSSI lower than the
threshold value entered. Go to Monitor > All Events/Activities to monitor these events.
Tunnel Configuration
Only WLANs with Tunnel Mode enabled are affected. See
"Managing a Wireless Local Area Network"
for a WLAN.
To configure data encryption and filtering for tunneled WLANs:
1. Go to Configure > Services.
2. Scroll down to the bottom of the page and locate the Tunnel Configuration section.
3. Enable the check boxes next to the features you want to enable:
•
Enable tunnel encryption for tunneled traffic: By default, when WLAN traffic is
tunneled to ZoneDirector, only the control traffic is encrypted while data traffic is
unencrypted. When this option is enabled, the Access Point will decrypt 802.11 packets
and then use an AES-encrypted tunnel to send them to ZoneDirector.
•
Block multicast traffic from network to tunnel: Prevents [all/non-well-known] multi-
cast traffic from propagating on the tunnel.
•
Block broadcast traffic from network to tunnel except ARP and DHCP: Prevents all
broadcast traffic other than Address Resolution Protocol and DHCP packets.
•
Enable Proxy ARP of tunnel WLAN with rate limit threshold __.: Reduces broadcast
neighbor discovery packets (ARP and ICMPv6 Neighbor Solicit) over tunnels. When
ZoneDirector receives a broadcast ARP request for a known host, it acts on behalf of
the known host to send out unicast ARP replies at the rate limit specified. If ZoneDirector
Enabling active client detection
"Advanced Options"
chapter for information on enabling Tunnel Mode
in the
72