Starting with LCOS version 10.12, the configuration of LANCOM access points and WLAN routers that operate without a WLC as a base station (i.e. unmanaged) now has changes to the options for controlling the communications between WLAN clients operating on the same SSID.

These changes now make it possible to configure the communications between WLAN clients separately for each SSID.

For example, communications between WLAN clients in a hotspot SSID can be completely blocked (also across different access points), and in another SSID (e.g. encrypted for internal company purposes) the communications between WLAN clients (also across different access points) can be allowed.


Requirements:

• LCOS as of version 10.12 (download latest version)
• LANtools as of version 10.12 (download latest version)
• LANCOM access point or WLAN router

Changing the configuration of LANCOM access points and WLAN routers:

1) In the menu Wireless LAN → Security → General settings you have the option to globally allow or prevent traffic between the SSIDs.

• With the option Allow selected here, you can configure further settings for the communications between WLAN clients in the settings for the respective logical WLAN network (SSID) (see item 2).
• With the option Deny selected here, no communication is possible between the WLAN clients connected to any SSID on this access point.untersagt.

2) The previous option in the logical WLAN network (SSID) settings “Allow traffic between stations of this SSID” was renamed to “Direct traffic between stations” and enhanced with additional configuration options:

• Allow (default): This option is enabled by default in the settings for each SSID. It allows communications to take place between all of the WLAN clients that are connected to the SSID.
• Deny (for this AP): Communication is prohibited between WLAN clients connected to this SSID on this access point. However, communication with WLAN clients in the same SSID on other LANCOM access points in the LAN is still possible.
• Deny (for all APs in LAN): Communication is prohibited between WLAN clients connected to this SSID and this access point. Also, communication is prohibited between WLAN clients that are in the same SSID as broadcast by other LANCOM access points in the LAN. This setting is particularly suitable for use in Public Spot SSIDs.

LANCOM access points use the IAPP protocol to discover the communication options available to them on the LAN. Please note that the IAPP protocol only functions within the local network.