| Setting | Description |
|---|---|
| Name | Type a Name for the new profile. |
| Hive Control Traffic Port | Type the port number for Hive traffic control. Hive communications operate at Layers 2 and 3. The default port number for Layer 3 hive communications and for roaming-related traffic is UDP 3000. If a different service on your network is already using port 3000, you can change this to any number from 1024 to 65535, as long as the new setting is at least 50 greater or less than the current setting. For example, if the current port number is 3000, you can set a new port number higher than 3050. |
| Description | (Optional) Type a description for the new profile. Although optional, entering a description is helpful for troubleshooting and for identifying the profile. |
| Alarms | |
| CAPWAP Delay Alarms | Toggle the setting ON or OFF. |
| Security | |
| Encryption Protection | Toggle the setting ON or
OFF. Disable Encryption Protection to have ExtremeCloud IQ derive a default password from the hive name. |
| Encryption Password | Choose between Auto Generate and
Manual. Hive members use this password to authenticate to each other over the wireless backhaul link using WPA-PSK CCMP (AES). To see the password that you entered, clear the check box. |
| MAC-based DoS Prevention Rules | Select Hive or Client, and modifying the settings in the dialog
box. Extreme Networks devices ship with the default hive- and SSID-lever DoS detection settings for a number of frame types that are commonly used when launching DoS attacks. You can raise the thresholds to avoid receiving too many false alarms or lowering them to receive more alarms indicative of spikes in certain types of traffic.
For both types of rules, you can change the alarm thresholds and enable or disable settings for each DoS Detection type: Probe Requests and Responses, (Re) Associations, Association and Disassociation Requests and Responses, Authentication and Deauthentication, and EAP over LAN (EAPoL). Wireless clients periodically send probe requests to see if any access points are within range. The threshold determines the number of messages per minute required to trigger an alarm about a possible DoS attack. The alarm interval determines the length between repeated alarms when the number of messages continues to exceed the threshold. |
| Wireless Mesh Settings | |
| Request to Send Threshold | Type a value in bytes. This is the maximum frame size in bytes that requires the device to first send an request to send (RTS (request to send) message before sending a large frame. The default setting is 2346 bytes. |
| Fragment Threshold | Type a value in bytes. This is the maximum IEEE 802.11 frame size in bytes that the device uses when sending control traffic over the wireless backhaul link to other members. If the device needs to send a frame that is larger, it first breaks it into smaller fragments. The default setting is 2346 bytes. |
| Require minimum wireless signal strength for creating wireless mesh | Select the check box to require a minimum wireless signal strength for creating wireless mesh, and configure the related settings. |
| Signal Strength Threshold | Use the slider to specify a signal strength between 90 dBm and -
55 dBm. This value is the minimum signal strength required to enable members to form a wireless backhaul link. The default is -80 dBm. |
| Polling Interval | Type a value for the time interval from 1 to 60 minutes for
polling the signal strength of neighboring members. A lower interval increases traffic on the network slightly, especially in environments where there are lots of members, however it also increases the responsiveness of members to changes in signal strength. A higher interval reduces responsiveness to signal strength changes, which can be preferable in an environment where severe and frequent signal strength fluctuations would cause members to continually drop and re-establish connections. The default is every 60 seconds. |
| Client Roaming > Detect neighbor devices | |
| Devices send keepalive heartbeats every | Type a value and select a unit of time from the menu to set the
interval between keepalive heartbeats. The default is 10 seconds, and the range is 5 to 360,000 seconds (100 hours). To calculate the length of time, multiply the keepalive interval by the number of missed keepalives. Using the default settings, 10 seconds (interval) x 5 (missed keepalives), a neighbor ages out after 50 seconds. |
| Remove neighbor if the number of missed keepalive heartbeats exceeds | Type the number of the number of missed heartbeats before ExtremeCloud IQ removes a neighbor. |
| Client Roaming > Share connected client information(Roaming cache) | |
| Devices send client information every | Type a value and select a unit of time from the menu to specify how often devices send client information. The default is 60 seconds. |
| Remove cached client information when absent from updates after | Type the number of missed updates, after which ExtremeCloud IQ deletes cached client information for the affected client. |
| Update all hive members within radio range, including Layer 3 neighbors | Select the check box to update all hive members within radio range, including Layer 3 neighbors. |
| Update hive members in the same subnet and VLAN. | Select the check box to update hive members in the same subnet and VLAN. |
| IP Address Preference | |
| Use IP address type first with | (Required) From the menu, select IPv4 or IPv6. |