5 - 92 WiNG 5 Access Point System Reference Guide
5.3.5.14 Profile Network Configuration and Deployment Considerations
Profile Network Configuration
Before defining a profile's network configuration, refer to the following deployment guidelines to ensure the profile
configuration is optimally effective:
• Administrators often need to route traffic to interoperate between different VLANs. Bridging VLANs are only for
non-routable traffic, like tagged VLAN frames destined to some other device which will untag it. When a data
frame is received on a port, the VLAN bridge determines the associated VLAN based on the port of reception.
• Static routes, while easy, can be overwhelming within a large or complicated network. Each time there is a
change, someone must manually make changes to reflect the new route. If a link goes down, even if there is a
second path, the router would ignore it and consider the link down.
• Static routes require extensive planning and have a high management overhead. The more routers that exist in a
network, the more routes needing to be configured. If you have N number of routers and a route between each
router is needed, then you must configure N x N routes. Thus, for a network with nine routers, you'll need a
minimum of 81 routes (9 x 9 = 81).
5.3.6 Profile Security Configuration
An access point profile can have its own firewall policy, wireless client role policy, WEP shared key authentication
and NAT policy applied.
For more information, refer to the following sections:
•
Defining Profile VPN Settings
•
Defining Profile Security Settings
•
Setting the Certificate Revocation List (CRL) Configuration
•
Setting the Profile's NAT Configuration
•
Setting the Profile's Bridge NAT Configuration