User Guide
Table Of Contents
- Front
- Introduction
- Bridge GUI and Administrative Access
- 2.1 Bridge GUI
- 2.2 Administrative Accounts and Access
- 2.2.1 Global Administrator Settings
- 2.2.2 Individual Administrator Accounts
- 2.2.2.1 Administrator User Names
- 2.2.2.2 Account Administrative State
- 2.2.2.3 Administrative Role
- 2.2.2.4 Administrator Audit Requirement
- 2.2.2.5 Administrator Full Name and Description
- 2.2.2.6 Administrator Interface Permissions
- 2.2.2.7 Administrator Passwords and Password Controls
- 2.2.2.8 Adding Administrative Accounts
- 2.2.2.9 Editing Administrative Accounts
- 2.2.2.10 Deleting Administrative Accounts
- 2.2.2.11 Changing Administrative Passwords
- 2.2.2.12 Unlocking Administrator Accounts
- 2.2.3 Administrator IP Address Access Control
- 2.2.4 SNMP Administration
- Network and Radio Configuration
- 3.1 Network Interfaces
- 3.2 Bridging Configuration
- 3.3 Radio Settings
- 3.3.1 Advanced Global Radio Settings
- 3.3.2 Individual Radio Settings
- 3.3.3 DFS Operation and Channel Exclusion
- 3.3.4 Radio BSS Settings
- 3.3.4.1 BSS Administrative State and Name
- 3.3.4.2 BSS SSID and Advertise SSID
- 3.3.4.3 Wireless Bridge and Minimum RSS
- 3.3.4.4 User Cost Offset and FastPath Mesh Mode
- 3.3.4.5 BSS Switching Mode and Default VLAN ID
- 3.3.4.6 BSS G Band Only Setting
- 3.3.4.7 BSS WMM Setting
- 3.3.4.8 BSS DTIM Period
- 3.3.4.9 BSS RTS and Fragmentation Thresholds
- 3.3.4.10 BSS Unicast Rate Mode and Maximum Rate
- 3.3.4.11 BSS Multicast Rate
- 3.3.4.12 BSS Description
- 3.3.4.13 BSS Fortress Security Setting
- 3.3.4.14 BSS Wi-Fi Security Settings
- 3.3.4.15 Configuring a Radio BSS
- 3.3.5 ES210 Bridge STA Settings and Operation
- 3.3.5.1 Station Administrative State
- 3.3.5.2 Station Name and Description
- 3.3.5.3 Station SSID
- 3.3.5.4 Station BSSID
- 3.3.5.5 Station WMM
- 3.3.5.6 Station Fragmentation and RTS Thresholds
- 3.3.5.7 Station Unicast Rate Mode and Maximum Rate
- 3.3.5.8 Station Multicast Rate
- 3.3.5.9 Station Fortress Security Status
- 3.3.5.10 Station Wi-Fi Security Settings
- 3.3.5.11 Establishing an ES210 Bridge STA Interface Connection
- 3.3.5.12 Editing or Deleting the ES210 Bridge STA Interface
- 3.3.5.13 Enabling and Disabling ES210 Bridge Station Mode
- 3.4 Basic Network Settings Configuration
- 3.5 Location or GPS Configuration
- 3.6 DHCP and DNS Services
- 3.7 Ethernet Interface Settings
- 3.7.1 Port Administrative State
- 3.7.2 Port Speed and Duplex Settings
- 3.7.3 Port FastPath Mesh Mode and User Cost Offset
- 3.7.4 Port Fortress Security
- 3.7.5 Port 802.1X Authentication
- 3.7.6 Port Default VLAN ID and Port Switching Mode
- 3.7.7 Port QoS Setting
- 3.7.8 Port Power over Ethernet
- 3.7.9 Configuring Ethernet Ports
- 3.8 QoS Implementation
- 3.9 VLANs Implementation
- 3.10 ES210 Bridge Serial Port Settings
- Security, Access, and Auditing Configuration
- 4.1 Fortress Security
- 4.1.1 Operating Mode
- 4.1.2 MSP Encryption Algorithm
- 4.1.3 MSP Key Establishment
- 4.1.4 MSP Re-Key Interval
- 4.1.5 Access to the Bridge GUI
- 4.1.6 Secure Shell Access to the Bridge CLI
- 4.1.7 Blackout Mode
- 4.1.8 FIPS Self-Test Settings
- 4.1.9 Encrypted Data Compression
- 4.1.10 Encrypted Interface Cleartext Traffic
- 4.1.11 Encrypted Interface Management Access
- 4.1.12 Guest Management
- 4.1.13 Cached Authentication Credentials
- 4.1.14 Fortress Beacon Interval
- 4.1.15 Global Client and Host Idle Timeouts
- 4.1.16 Changing Basic Security Settings:
- 4.1.17 Fortress Access ID
- 4.2 Internet Protocol Security
- 4.3 Authentication Services
- 4.3.1 Authentication Server Settings
- 4.3.2 The Local Authentication Server
- 4.3.2.1 Local Authentication Server State
- 4.3.2.2 Local Authentication Server Port and Shared Key
- 4.3.2.3 Local Authentication Server Priority
- 4.3.2.4 Local Authentication Server Max Retries and Retry Interval
- 4.3.2.5 Local Authentication Server Default Idle and Session Timeouts
- 4.3.2.6 Local Authentication Server Global Device, User and Administrator Settings
- 4.3.2.7 Local 802.1X Authentication Settings
- 4.3.2.8 Configuring the Local RADIUS Server
- 4.3.3 Local User and Device Authentication
- 4.4 Local Session and Idle Timeouts
- 4.5 ACLs and Cleartext Devices
- 4.6 Remote Audit Logging
- 4.1 Fortress Security
- System and Network Monitoring
- System and Network Maintenance
- Index
- Glossary
Bridge GUI Guide: Network Configuration
74
function is Disabled by default, at which setting the BSS
accepts connections from both 802.11g and 802.11b devices.
Enabling
G Band Only prevents 802.11b wireless devices from
connecting to the BSSs. The older 802.11b is the slower of the
two 2.4 GHz wireless standards and most new devices support
802.11g. Consult the connecting device’s documentation to
determine which standard(s) it supports.
The
G Band Only setting does not apply to BSSs on 802.11a
radios.
You can configure
G Band Only only in Advanced View.
3.3.4.7 BSS WMM Setting
NOTE:
On BSSs
serving as Core in-
terfaces in a FP Mesh
network (Section 3.3.4.4),
Fortress recommends
the WMM default of
En-
abled
, to allow prioriti-
zation of FP Mesh
control packets.
Traffic received on BSSs Enabled for Wi-Fi Multimedia (the
default) is prioritized according to the QoS (Quality of Service)
tags included in its VLAN tags, if present, or directly in its
802.11 headers, if no VLAN tags are present.
Disabling WMM disables only the priority treatment of packets
received wirelessly, disregarding any priority marking in the
802.11 header. When WMM is disabled on a BSS, traffic
received on the interface is treated as untagged and marked
internally for
Medium (or Best Effort) QoS handling. The internal
marking is used if the data is transmitted out an interface that
requires marking (such as another WMM-enabled BSS or an
802.1Q VLAN trunk).
Refer to Section 3.8 for more on the Bridge’s WMM and QoS
implementation.
3.3.4.8 BSS DTIM Period
APs buffer broadcast and multicast messages for devices on
the network and then send a Delivery Traffic Indication
Message to “wake-up” any inactive devices and inform all
network clients that the buffered messages will be sent after a
specified number of beacons have been transmitted. (The
beacon interval, described in Section 3.3.2.8, is configured on
the
Radio Settings screen.)
The
DTIM Period determines the number of beacons in the
countdown between transmitting the initial DTIM and sending
the buffered messages. Whole values from
1 to 255, inclusive,
are accepted; the default is
1.
A longer
DTIM Period conserves power by permitting longer
periods of inactivity for power-saving devices, but it also delays
the delivery of broadcast and multicast messages. Too long a
delay can cause multicast packets to go undelivered.
Because the broadcast beacon counts down the
DTIM Period,
the specified
Beacon Interval (configured on the Radio Settings
screen and described in Section 3.3.2.8.) also affects the DTIM
function.
You can configure
DTIM Period only in Advanced View.