Packet Forwarding
The Packet Forwarding feature enables you to redirect traffic generated by wireless clients that are all associated to
the same AP-600 to a single MAC address. This filters wireless traffic without burdening the AP-600 and provides
additional security by limiting potential destinations or by routing the traffic directly to a firewall. You can redirect to a
specific port (Ethernet or WDS) or allow the bridge's learning process (and the forwarding table entry for the selected
MAC address) to determine the optimal port.
1 2 7 (
1 2 7 (
1 2 7 (
1 2 7 (
The gateway to which traffic will be redirected should be node on the Ethernet network. It should not be a
wireless client.
Configuring Interfaces for Packet Forwarding
Configure your AP-600 to forward packets by specifying interface port(s) to which packets are redirected and a
destination MAC address.
1. Within the Packet Forwarding Configuration screen, check the box labeled Enable Packet Forwarding.
2. Specify a destination Packet Forwarding MAC Address. The AP-600 will redirect all unicast, multicast, and
broadcast packets received from wireless clients to the address you specify.
3. Select a Packet Forwarding Interface Port from the drop-down menu. You can redirect traffic to:
–
Ethernet
–
A WDS connection (see
–
Any (traffic is redirected to a port based on the bridge learning process)
4. Click OK to save your changes.
Security
The AP-600 provides three security features to protect your network from unauthorized individuals.
–
MAC Access
–
WEP Encryption
–
802.1x
The HTTP interface provides a configuration screen for each of these features.
MAC Access
The MAC Access tab allows you to build a list of stations, identified by their MAC addresses, authorized to access the
network through the AP-600. The list is stored inside each AP-600 within your network. Note that you must reboot the
AP-600 for any changes to the MAC Access Control Table to take effect.
•
Enable MAC Access Control: Check this box to enable the Control Table.
•
Operation Type: Choose between Passthru and Block. This determines how the stations identified in the MAC
Access Control Table are filtered.
•
If set to Passthru, only the addresses listed in the Control Table will pass through the bridge.
•
If set to Block, the bridge will block traffic to or from the addresses listed in the Control Table.
•
MAC Access Control Table: Click Add to create a new entry. Click Edit to change an existing entry. Each entry
contains the following field:
–
MAC Address: Enter the wireless client's MAC address.
–
Comment: Enter an optional comment such as the client's name.
•
Status: The entry is enabled automatically when saved (so the Status field is only visible when editing an
entry). You can also disable or delete entries by changing this field's value.
1 2 7 (
1 2 7 (
1 2 7 (
1 2 7 (
For larger networks that include multiple Access Points, you may prefer to maintain this list on a centralized
location using the
Wireless Distribution System (WDS)
MAC Access Control Via RADIUS
Advanced Configuration
for details)
Authentication.
58