ZyXEL Communications NWA-3500 Marine Radio User Manual


 
Chapter 6 Tutorial
NWA-3500/NWA-3550 User’s Guide
91
Log into each AP’s Web configurator and click ROGUE AP > Rogue AP. Click
Refresh. If any of the MAC addresses from Table 17 on page 86 appear in the
list, the friendly AP function may be incorrectly configured - check the ROGUE
AP > Friendly AP screen.
If any entries appear in the rogue AP list that are not in Table 17 on page 86,
write down the AP’s MAC address for future reference and check your e-mail
inbox. If you have received a rogue AP alert, email alerts are correctly
configured on that NWA.
If you have another access point that is not used in your network, make a note
of its MAC address and set it up next to each of your NWAs in turn while the
network is running.
Either wait for at least ten minutes (to ensure the NWA performs a scan in that
time) or login to the NWA’s Web configurator and click ROGUE AP > Rogue AP
> Refresh to have the NWA perform a scan immediately.
•Check the ROGUE AP > Rogue AP screen. You should see an entry in the list
with the same MAC address as your “rogue” AP.
•Check the LOGS > View Logs screen. You should see a Rogue AP
Detection entry in red text, including the MAC address of your “rogue” AP.
Check your e-mail. You should have received at least one e-mail alert (your
other NWAs may also have sent alerts, depending on their proximity and the
output power of your “rogue” AP).
6.4 How to Use Multiple MAC Filters and L-2
Isolation Profiles
This example shows you how to allow certain users to access only specific parts of
your network. You can do this by using multiple MAC filters and layer-2 isolation
profiles.
6.4.1 Scenario
In this example, you run a company network in which certain employees must
wirelessly access secure file servers containing valuable proprietary data.
You have two secure servers (1 and 2 in the following figure). Wireless user
“Alice” (A) needs to access server 1 (but should not access server 2) and wireless
user “Bob” (B) needs to access server 2 (but should not access server 1). Your