116 Summit 300-48 Switch Software User Guide
Unified Access Security
2 Remove the wireless port from the default VLAN.
config vlan default delete ports 1:5
NOTE
NOTE: Following warning message may be displayed as a result of the above command. This will
not prevent the port from being deleted from the default vlan:
WARNING: Security profile applied to port 1:5 refers to the VLAN Default. Removing
the port from the VLAN will cause incorrect behavior
3 Add the wireless port to the management VLAN as an untagged port.
config vlan manage-wireless add ports 1:5 untagged.
4 Assign an IP address to the VLAN.
config vlan manage-wireless ipaddress 10.211.37.1/24
5 Configure this VLAN as the management VLAN.
config wireless management-vlan manage-wireless
NOTE
Following warning message may occur as a result of the above command. This will not prevent the
command from executing.
Warning: Changing the management VLAN can cause access points to loose contact with
LAC.
6 Assign a management IP address for each wireless port (port 1:5 in the example). Be sure that the
address is in the same network as the wireless management-vlan.
config wireless port 1:5 ip-address 10.211.37.105
7 Create an RF profile for the A interfaces by copying from the default profile.
create rf-profile RF_A copy DEFAULT_A
8 Create an RF profile for the G interfaces by copying from the default profile.
create rf-profile RF_G copy DEFAULT_G
Security Configuration Examples
Refer to the examples in this section when configuring any of the available wireless security options for
the Summit 300-48 switch. The examples encompass most typical security scenarios.
NOTE
Because of the requirement to add potential wireless ports to the wireless management-vlan as
untagged ports, adding a wireless port to a data/client vlan requires that the port be added as a tagged
port.
NOTE
The “default-user-vlan” parameter is NOT used as a destination vlan in the case of an authentication
failure. For this parameter, if the client authentication succeeds, the client will be placed into the VLAN
To Next Page
Loading...
