Configuring the Wireless Network

The Device view > Network section > Wireless page shows the wireless network settings (if applicable). 802.1x is supported. When you access WiFi for the first time, you must set up the initial configuration.

The information on the Wireless page is displayed in card format. Each network has its own card which shows the connected assets and the enabled transmitters:

  • 2.4GHz radio band (802.11be (2.4GHz, WiFi7))

  • 5GHz radio band (802.11be (5GHz, WiFi7))

  • 6GHz radio band (802.11be (6GHz, WiFi7)) - 2560 / 2570 appliances only

Click Add to add a guest or standard wireless network (Virtual Access Points).

  • Guest wireless network - Uses hotspot by default and is unprotected by default (no password required).

  • Standard wireless network - A protected wireless network that requires a password and does not use a hotspot by default.

To edit an existing network configuration, click theSettings icon on the card.

Wireless Configuration

To configure or edit a Wireless Network:

  1. Click the network card.

  2. At the top of the card the Network name (SSIS) is displayed.

  3. Click the toggle to Enable network.

  4. Select the applicable radio bands.

  5. Click to Enable active band steering.

    With Band Steering, you do not need to decide which transmitter (2.4GHz or 5GHz or WiFi7) to define your wireless network. The network automatically switches between the transmitters to get the best quality at any given time.

    • Passive band steering - The client (connected device) determines when to switch bands. This type of band steering is enabled by default it you select more than one radio band. To define a regular VAP network without band steering, select one transmitter only.

    • Active band steering - The gateway determines when to switch.

After you complete the initial configuration, the transmitter is enabled and these options become available:

  • Wireless Network:

    • Edit existing WiFi networks.

    • Delete WiFi networks.

  • Menu Options:

    • Clone - Duplicate the WiFi network settings.

    • Enable/Disable - Toggle the WiFi network On or Off.

    • Delete - Remove the WiFi network.

  • Network Status Indicators:

    • Active/Inactive status.

    • Password protected status.

    • "No password" warning - Click Edit to add missing information.

Dynamic Frequency Selection (DFS)

Note - This is only in specific appliances that support WiFi6.

DFS detects radar signals that must be protected against interference from 5.0 GHz (802.11ac/n) radios. When these signals are detected, the operating frequency of the 5.0 GHz (802.11ac/n) radio switches to one that does not interfere with the radar systems. DFS is enabled by default.

802.1x (a/n/ac/ax) is supported. The advantage of WiFi6 (802.11ax) is that it improves the throughput-per-area in high-density scenarios such as corporate offices, shopping malls, and dense residential areas.

For configuration, see below.

Cloning a VAP

You cannot edit or change the main wireless network, or if you have only a single VAP (Virtual Access Point). However, if you clone your VAP, you can edit the clone.

To clone a VAP:

Select the relevant VAP and click Clone.

When you clone a VAP, it receives a new name which is displayed in the table. The IP address and range of the clone is different than the original.

To edit a VAP:

  1. Double click the relevant VAP or select the VAP name and click Edit.

    The Edit window opens.

    Note - The wireless radio transmitter is the main VAP.

  2. In the Configuration tab, select the Wireless Security:

    • Protected network (recommended) – Enter the relevant information in the fields.

    • Unprotected network (not recommended)

  3. In the Advanced Settings section (click the arrow to expand), select the options you want:

    • Hide the Network Name (SSID) - When selected, this wireless network name is not automatically shown to users scanning for them. Connecting to the wireless network can be done manually by adding the specified network name.

    • Allow Station-to-Station traffic - When selected, allows wireless stations on this network to communicate with each other. When cleared, traffic between wireless stations is blocked.

    • Enable MAC address filtering. If you select his option, you must enter the MAC addresses that are allowed to access the wireless network.

  4. Click Apply

Additional Configurations

  1. Click Password Protected.

    The Change Wireless Network Password window opens.

  2. Select the Security type from pull-down menu.

  3. Authenticate using: Select Password or RADIUS server from the pull-down menu.

  4. For Password - Enter a new password (if want to change).

    Optional: Click Show to show the characters.

  5. Select if you want to Allow access from this network to local networks (wireless network is trusted).

  6. Click Apply

  1. For these fields, select options from the pull-down menu:

    • Operation mode

    • Channel width

    • Channel

    • Transmitter power

  2. In the Advanced section, select the Guard Interval from the pull-down menu.

  3. With DFS, an unlicensed device can use 5HGz frequency bands already allocated to radar systems without causing interference. The device detects the presence of a radar system on the channel and if the radar level is above a specific threshold, it vacates that channel and selects an alternate channel.

    1. For Operation mode, select 802.11a/n/ac/ax (5GHz).

    2. Select Enable DFS - When using an automatic channel, this allows the ACS (Automatic Channel Selection) to select channels that overlap with radar frequencies.

      Note - It may take a minute for the wireless radio to start transmitting due to regulation requirements when using channels that overlap with radar frequencies.

    3. Select Enable Zero-Wait DFS - This allows the wireless module to use a non-DFS channel while scanning channels that overlap with radar frequencies and build a list of "vacant" channels (channels where radar is not detected). When this list is ready, the wireless module may instantly switch to a non DFS channel without turning off the wireless transmission.

      Note - If you select the 160MHz channel width, make sure to disable the Enable Zero-Wait DFS feature. Otherwise, due to regulatory constraints, it may take at least 1 hour before the wireless module starts to transmit in 160MHz channel width.

  4. Click Apply

Depending on your configuration, you may see other tabs and sections to configure:

  • Interface Connection

    Assigned to - Select Separate network or one of the existing configured networks.

    When selecting a separate network configure this information:

    • IP address - IPv4 and IPv6 addresses

    • Subnet mask - for IPv4 addresses

    • Prefix length - for IPv6 addresses

  • DHCPv4 Server

    Select one of the options:

    • Enabled - Enter the IP address range and if necessary the IP address exclude range.

      The appliance's own IP address is automatically excluded from this range

      You can also exclude or reserve specific IP addresses by defining network objects in the Users & Objects view > Network Resources section > Network Objects page.

      Reserving specific IP addresses requires the MAC address of the device.

    • Relay - Enter the DHCP server IP address.

    • Disabled.

  • IPv6 Auto Assignment

    Select one of the options:

    • SLAAC (Stateless Address Autoconfiguration)

    • DHCPv6 Server - Enter the IP address range and the IP addresses exclude range

    • DHCPv6 Server Relay - Enter the DHCPv6 server IP address and the Secondary DHCPv6 server IP address

These options create automatic rules that are shown in the Access Policy > Firewall section > Policy page.

  • Allow access from this network to local networks (Wireless network is trusted)

  • Log traffic from this network to local networks

  • Click the checkbox to exclude from DNS proxy.

  • Advanced IPv6 settings

    Configure the Router advisement fields.

Note - In IPv4-only mode, this tab is called DHCPv4 Settings.

The values for the DHCP options configured on this tab will be distributed by the DHCP server to the DHCP clients.

  • DNS Server Settings (For DHCPv6/SLAAC)

    Select one of these options:

    • Auto - Use the DNS configuration of the device

    • Use the following IP addresses - Enter the first, second and third DNS servers

  • DNS Server Settings (For DHCPv4)

    These settings are effective only if a DHCPv4 server is enabled.

    • Auto - Use the DNS configuration of the device

    • Use the following IP addresses - Enter the first, second and third DNS servers

  • Default Gateway

    Select one of these options:

    • Use this gateway's IP address as the default gateway.

    • Use the following IP address - Enter an IP address to use as the default gateway.

  • WINS

    • Select one of these options:

    • Use the WINS servers configured for the internet connection

    • Use the following WINS servers - Enter the IP addresses of the First and Second WINS servers.

  • Lease

    • Lease time - Configure the timeout in hours for a single device to retain a dynamically acquired IP address.

  • Other Settings

    • You can optionally configure these additional parameters so they will be distributed to DHCP clients:

    • Time servers

    • Call manager

    • TFTP server

    • TFTP boot file

    • X Window display manager

    • Avaya IP phone

    • Nortel IP phone

    • Thomson IP phone

  • Custom Options

    • Lets you add custom options that are not listed above.

    For each custom option, you must configure the name, tag, type, and data fields.

    When you finish editing the network, click Save.

Wireless Scheduler

You can set scheduled times for the WiFi to be on and off and differentiate between radio bands (2.4GHz and 5GHz).

Use Case: Configure the WiFi to work only during normal business hours and be off on weekends when the business is closed.

  1. In the Wireless page, click Radio Settings.

    The Wireless Radio Edit window opens.

  2. Go to the Scheduler tab.

  3. Move the slider to ON to enable the wireless scheduler.

  1. In the Wireless Radio Edit window, click New.

  2. Under Choose Days, select the specific days.

  3. Click Apply