Users Guide
46 | Configuration Reference Dell PowerConnect W-AirWave 7.4 | Configuration Guide
Mobile IP Yes Enable or disable mobile IP functions. This setting specifies whether the controller is
the home agent for a client. When enabled, this setting detects when a mobile client
has moved to a foreign network and determines the home agent for a roaming client.
HA Discovery on
Association
No Enable or disable HA discovery on Association. In normal circumstances a controller
performs an HA discovery only when it is aware of the client’s IP address which it
learns through the ARP or any L3 packet from the client. This limitation of learning the
client’s IP and then performing the HA discovery is not effective when the client
performs an inter switch move silently (does not send any data packet when in power
save mode). This behavior is commonly seen with various handheld devices, Wi-Fi
phones, etc. This delays HA discovery and eventually resulting in loss of downstream
traffic if any meant for the mobile client.
With HA discovery on association, a controller can perform a HA discovery as soon
as the client is associated. By default, this feature is disabled. You can enable this on
virtual APs with devices in power-save mode and requiring mobility. This option will
also poll for all potential HAs.
DoS Prevention No Enable or disable DoS prevention functions, as defined in virtual AP profiles.
Station Blacklisting Yes Enable or disable DoS prevention functions, as defined in virtual AP profiles. The
blacklisting option can be used to prevent access to clients that are attempting to
breach the security.
When a client is blacklisted in the Dell PowerConnect W system, the client is not
allowed to associate with any AP in the network for a specified amount of time. If a
client is connected to the network when it is blacklisted, a de-authentication
message is sent to force the client to disconnect. While blacklisted, the client cannot
associate with another SSID in the network.
Blacklist Time 3600 If station blacklisting is enabled, specify the time in seconds for which blacklisting is
enabled. When a client is blacklisted in the Dell PowerConnect W system, the client is
not allowed to associate with any AP in the network for a specified amount of time.
Authentication Failure
Blacklist Time
3600 You can configure a maximum authentication failure threshold in seconds for each of
the following authentication methods:
802.1x
MAC
Captive portal
VPN
When a client exceeds the configured threshold for one of the above methods, the
client is automatically
blacklisted by the controller, an event is logged, and an SNMP trap is sent. By default,
the maximum authentication failure threshold is set to 0 for the above authentication
methods, which means that there is no limit to the number of times a client can
attempt to authenticate.
With 802.1x authentication, you can also configure blacklisting of clients who fail
machine authentication.
NOTE: This requires that the External Services Interface (ESI) license be installed in
the controller.
NOTE: When clients are blacklisted because they exceed the authentication failure
threshold, they are blacklisted indefinitely by default. You can configure the duration
of the blacklisting.
Fast Roaming No Fast roaming is a component of virtual AP profiles in which client devices are allowed
to roam from one access point to another without requiring reauthentication by the
main RADIUS server.
Strict Compliance No Define whether clients should have strict adherence to settings on this page for
network access.
VLAN Mobility No Define whether clients in the WLAN and VLAN should have mobility or roaming
privileges.
Table 7 WLANs > Advanced Page Fields (Continued)
Field Default Description