MSM7xx Controllers Configuration Guide v6.4.0

ManualsBrandsHP ManualsNetwork HardwareHP 425 Wireless Dual Radio 802.11n (WW) Access Point

131

132

133

134

135

136

137

138

139

140

Access control enabled

This diagram shows traffic flow when an access-controlled VSC is bound to an AP.

Access control enabled

VSC on controlled AP

Ingress

- SSID (from association)

Features

- Wireless security filters

- Wireless MAC filter

Wireless IP filter

Wireless traffic

VSC on controller

Features

- Authentication (MAC, 802.1X, HTML, VPN)

- Access control features

Egress

- Routing table

- VLAN

- IP GRE tunnel

User and

authentication

traffic

Egress

- Bridged onto port 1+2 (untagged)

- Bridged onto port 1 (VLAN)

- Client data tunnel

Ingress

- SSID (Centralized data tunnel)

- SSID (location-aware)

- VLAN

- Untagged

VSC on controlled AP

Ingress

The AP only handles traffic from wireless users, except for the HP 517 and MSM317 which can

handle traffic from both wireless and wired users. The SSID is the name of the wireless network

with which the user associates.

Features

• Wireless security filters: Enables the AP to block traffic unless it is addressed to a specific

destination, such as the controller. See “Wireless security filters” (page 126).

• Wireless MAC filter: Enables the AP to allow or deny access to the wireless network for specific

wireless user MAC addresses.

• Wireless IP filter: Enables the AP to only allow wireless-to-wired LAN traffic for specific

destination IP addresses.

Egress

• Bridged onto port 1+2 (untagged): Untagged user and authentication traffic is bridged onto

ports 1 and 2.

• Bridged onto port 1 (VLAN): VLAN tagged traffic is bridged onto port 1 only. VLAN tags can

be assigned on a per-user basis via RADIUS attributes (see “Defining account profiles”

(page 357)), or for all traffic on a VSC (see “Assigning egress VLANs to a group” (page 170)).

• Client data tunnel: When this option is enabled, the AP creates a data tunnel to the controller

to carry all user traffic. See Client data tunnel.

For a more detailed explanation on how wireless traffic is routed between an AP and controller,

see “Traffic flow for wireless users” (page 221).

136 Working with VSCs