Configuring Security and Other Services
Tunnel Configuration
Tunnel Configuration
Only WLANs with Tunnel Mode enabled are affected.
See
Advanced Options
on enabling Tunnel Mode.
To configure data encryption and filtering for tunneled WLANs:
1. Go to Configure > Services
2. Scroll down to the bottom of the page and locate the Tunnel Configuration section.
3. Enable the check boxes next to the features you want to enable.
• Enable tunnel encryption for tunneled traffic: By default, when WLAN traffic
is tunneled to ZoneDirector, only the control traffic is encrypted while data traffic
is unencrypted. When this option is enabled, the Access Point will decrypt 802.11
packets and then use an AES-encrypted tunnel to send them to ZoneDirector.
• Block multicast traffic from network to tunnel: Prevents [all/non-well-known]
multicast traffic from propagating on the tunnel.
• Block broadcast traffic from network to tunnel except ARP and DHCP:
Prevents all broadcast traffic other than Address Resolution Protocol and DHCP
packets.
• Enable Proxy ARP of tunnel WLAN with rate limit threshold __.: Reduces
tunnels. When ZoneDirector receives a broadcast ARP request for a known host,
it acts on behalf of the known host to send out unicast ARP replies at the rate
limit it will forward it to the tunnel to all APs according to the rate limit threshold
set in the Packet Inspection Filter (see
4. Click Apply in the same section to save your changes.
84
on page 160 in the WLAN configuration section for information
Packet Inspection Filter
on page 85).
Ruckus Wireless ZoneDirector
Release 10.0 User Guide