Advanced WLAN settings enable an administrator to specify a WLAN's frame protection mode and RADIUS NAS-Identifier for WLAN authentication and accounting packets. Advanced WLAN settings also include customizing a MCS (modulation and coding scheme) for access point radio channel width and guard interval.
To configure advanced WLAN settings:
Select Configuration > Wireless LANs > Wireless LAN Policy to display available WLANs.
Select the Add button to create an additional WLAN or select Edit to modify the properties of an existing WLAN.
Select Advanced.
Refer to the Protected Management Frames (802.11w) field to set the WLAN's frame protection mode and security association.
802.11w provides protection for both unicast management frames and broadcast / multicast management frames. The ‘robust management frames‘ are Action, Disassociation and Deauthentication frames. The standard provides one security protocol CCMP, for protection of unicast robust management frames. Protected management frames protocol only applies to robust management frames after establishment of RSNA PTK. Robust management frame protection is achieved by using CCMP for unicast management frames, broadcast/multicast integrity protocol (BIP) for broadcast/multicast management frames and SA query protocol for protection against (re)association attacks.
|
Mode |
Select a radio button option to determine whether management frames are continually or optionally protected. Disabled is the default setting. |
|
SA Query Attempts |
Use the spinner control to set the number of security association query attempts between 1-10. The default value is 5. |
|
SA Query Retry Timeout |
The timeout value is the configurable interval used to timeout association requests that exceed the defined interval. Set the timeout value between 100-1,000 milliseconds. The default value is 201 milliseconds. |
Refer to the Advanced RADIUS Configuration field to set the WLAN's NAS configuration and RADIUS Dynamic Authorization.
|
NAS Identifier |
Specify what's included in the RADIUS NAS-Identifier field for WLAN authentication and accounting packets. Configuring a value is optional, and defaults are used if not configured. |
|
NAS Port |
The profile database on the RADIUS server consists of user profiles for each connected network access server (NAS) port. Each profile is matched to a username representing a physical port. When authorizing users, it queries the user profile database using a username representative of the physical NAS port making the connection. Set the numeric port value from 0-4,294,967,295. |
|
RADIUS Dynamic Authorization |
Select the check box to enable a mechanism that extends the RADIUS protocol to support unsolicited messages from the RADIUS server. These messages allow administrators to issue change of authorization (CoA) messages, which affect session authorization, or Disconnect Messages (DM), which terminated a session immediately. This feature is disabled by default. |
Enable Fast BSS Transition to enable 802.11r fast roaming. This setting is disabled by default.
802.11r is an attempt to undo the burden that security and QoS added to the handoff process and restore it back to an original four message exchange. The central application for 802.11r is VOIP using mobile phones within wireless networks.
Refer to the Radio Rates field to define selected data rates for both the 2.4 and 5.0 GHz bands.
Define both minimum Basic and optimal Supported rates as required for the 802.11b rates, 802.11g rates and 802.11n rates supported by the 2.4 GHz band and the 802.11a and 802.11n rates supported by the 5.0 GHz band. These are the supported client rates within this WLAN. 802.11n MCS rates are defined as follows for MCS 1-3 streams, both with and without short guard intervals (SGI):
|
MCS-1Stream Index |
Number of Streams |
20 MHz No SGI |
20 MHz With SGI |
40 MHz No SGI |
40 MHz With SGI |
|---|---|---|---|---|---|
|
0 |
1 |
6.5 |
7.2 |
13.5 |
15 |
|
1 |
1 |
13 |
14.4 |
27 |
30 |
|
2 |
1 |
19.5 |
21.7 |
40.5 |
45 |
|
3 |
1 |
26 |
28.9 |
54 |
60 |
|
4 |
1 |
39 |
43.4 |
81 |
90 |
|
5 |
1 |
52 |
57.8 |
108 |
120 |
|
6 |
1 |
58.5 |
65 |
121.5 |
135 |
|
7 |
1 |
65 |
72.2 |
135 |
150 |
|
MCS-2Stream Index |
Number of Streams |
20 MHz No SGI |
20 MHz With SGI |
40 MHz No SGI |
40 MHz With SGI |
|---|---|---|---|---|---|
|
0 |
2 |
13 |
14.4 |
27 |
30 |
|
1 |
2 |
26 |
28.9 |
54 |
60 |
|
2 |
2 |
39 |
43.4 |
81 |
90 |
|
3 |
2 |
52 |
57.8 |
108 |
120 |
|
4 |
2 |
78 |
86.7 |
162 |
180 |
|
5 |
2 |
104 |
115.6 |
216 |
240 |
|
6 |
2 |
117 |
130 |
243 |
270 |
|
7 |
2 |
130 |
144.4 |
270 |
300 |
|
MCS-3Stream Index |
Number of Streams |
20 MHz No SGI |
20 MHz With SGI |
40 MHz No SGI |
40 MHz With SGI |
|---|---|---|---|---|---|
|
0 |
3 |
19.5 |
21.7 |
40.5 |
45 |
|
1 |
3 |
39 |
43.3 |
81 |
90 |
|
2 |
3 |
58.5 |
65 |
121.5 |
135 |
|
3 |
3 |
78 |
86.7 |
162 |
180 |
|
4 |
3 |
117 |
130.7 |
243 |
270 |
|
5 |
3 |
156 |
173.3 |
324 |
360 |
|
6 |
3 |
175.5 |
195 |
364.5 |
405 |
|
7 |
3 |
195 |
216.7 |
405 |
450 |
802.11ac MCS rates (theoretical throughput for single spatial streams) are defined as follows, both with and without short guard intervals (SGI):
|
MCS Index |
20 MHz No SGI |
20 MHz With SGI |
40 MHz No SGI |
40 MHz With SGI |
80 MHz No SGI |
80 MHz With SGI |
|---|---|---|---|---|---|---|
|
0 |
6.5 |
7.2 |
13.5 |
15 |
29.3 |
32.5 |
|
1 |
13 |
14.4 |
27 |
30 |
58.5 |
65 |
|
2 |
19.5 |
21.7 |
40.5 |
45 |
87.8 |
97.5 |
|
3 |
26 |
28.9 |
54 |
60 |
117 |
130 |
|
4 |
39 |
43.3 |
81 |
90 |
175.5 |
195 |
|
5 |
52 |
57.8 |
108 |
120 |
234 |
260 |
|
6 |
58.5 |
65 |
121.5 |
135 |
263.3 |
292.5 |
|
7 |
65 |
72.2 |
135 |
150 |
292.5 |
325 |
|
8 |
78 |
86.7 |
162 |
180 |
351 |
390 |
|
9 |
N/A |
N/A |
180 |
200 |
390 |
433.3 |
Select OK when completed to update this WLAN's advanced settings. Select Reset to revert the screen back to its last saved configuration.
Print
this page
Email this topic
Feedback
View PDF
Download EPUB