Secure vlan trunk and wisp
Posted: Sat Mar 18, 2006 1:30 pm
Must first admit im totally new to MT and have looked through some documentation, but im still some confused. Have used Cisco Aironet series for bridging, AP and repeater for some years now and with the latest IOS versions many things can be done easily.
If we want to trunk some vlans its done by first creating a native vlan where the AP/Bridge management ip is set. To this vlan we create a infrastructure ssid then encryption for this ssid. After this we must create the vlans we want to bridge in the trunk. Transparent bridging is not an option (?) on Aironet.
Mostly we configure all our Cisco devices as RootBridge-with clients or NonRootBridge with clients. Then we also can broadcast a hotspot vlan with a ssid. If we create a ssid to a vlan in the trunk this will no longer use the native vlans encryption, so you must make a new proper encryption if you want.
I suppose something similar can be done with MT, but how? The term VirtualAP maybe the answer?
Our goal is to secure bridge our corporate vlans but we want to let an ISP to use our infrastructure for private customers also. They will use PPPoe and we have created a vlan for them in our network infrastructure.
We use Witelcom Dragon II (Atheros) 5ghz equipment with MT RouterOS onboard. Some of them has two radiochips with a omni hotspotantenna and flatpanel for point to point. We will also let cusomers use the trunk flatpanels if possile.
If we want to trunk some vlans its done by first creating a native vlan where the AP/Bridge management ip is set. To this vlan we create a infrastructure ssid then encryption for this ssid. After this we must create the vlans we want to bridge in the trunk. Transparent bridging is not an option (?) on Aironet.
Mostly we configure all our Cisco devices as RootBridge-with clients or NonRootBridge with clients. Then we also can broadcast a hotspot vlan with a ssid. If we create a ssid to a vlan in the trunk this will no longer use the native vlans encryption, so you must make a new proper encryption if you want.
I suppose something similar can be done with MT, but how? The term VirtualAP maybe the answer?
Our goal is to secure bridge our corporate vlans but we want to let an ISP to use our infrastructure for private customers also. They will use PPPoe and we have created a vlan for them in our network infrastructure.
We use Witelcom Dragon II (Atheros) 5ghz equipment with MT RouterOS onboard. Some of them has two radiochips with a omni hotspotantenna and flatpanel for point to point. We will also let cusomers use the trunk flatpanels if possile.