You can customize the IP Settings of the AP. If you want the LAN port settings of a specific AP model to be different from the LAN port settings configured at the venue level, you can override them for a specific AP.

1. On the navigation bar, click Wi-Fi > Access Points > AP List.
   The AP List page is displayed.
2. Click the name of the AP for which you want to customize the AP LAN port settings, then on the Overview page, click Configure. Alternatively, click the checkbox for the specific AP name, then click Edit.
   The AP configuration page is displayed, defaulting to the General tab view.
3. Select the Networking tab.
   The Networking settings page is displayed. By default, the IP Settings section is displayed.

   
   
   

4. (Optional) In the IP Settings section, you can choose one of the following options.
   • Dynamic: When you select Dynamic, the IP address and DNS are configured dynamically.
   • Static: When you select Static, you must enter the IP address, network mask, gateway, and DNS primary and secondary IP addresses.
5. (Optional) From the left mini-navigation bar, click LAN Ports (or alternatively, scroll down the GUI page).
   The LAN Ports settings section is displayed. The default setting is to use the LAN port settings of the venue (the fields are all inactive and grayed out). To customize any of the LAN port settings, click the Customize option; the fields become active, allowing you to modify the settings.

   

6. Select each LAN port sub-tab that you need to reconfigure, and configure the following as necessary:
   • Enable PoE Out: By default, the Enable PoE Out option is disabled. You can enable this option by toggling the Enable PoE Out option to ON. This option is available for specific AP models only.
   • Enable Port: This toggle switch is set to ON by default. You may disable the port or re-enable the port by clicking the toggle switch.
   • Ethernet Port Profile: Manages the configuration settings for Ethernet ports on networking devices. Select an Ethernet port profile from the drop-down list or click Add Profile to create a new Ethernet port profile. Refer to Adding an Ethernet Port Profile for more information.
   • Enable SoftGRE Tunnel: Tunnels the traffic to a SoftGRE gateway. Toggle the Enable SoftGRE Tunnel switch to ON. Select a SoftGRE profile from the SoftGRE Profile drop-down list or click Add Profile to create a new SoftGRE profile. Refer to Creating a SoftGRE Profile for more information.
     Note: The uplink port does not support SoftGRE tunneling, which will cause the AP(s) to disconnect.
     Note: SoftGRE tunnel is not supported if you select an Ethernet port profile with 802.1X Role as Supplicant. If SoftGRE tunnel is already enabled and you switch to a profile with the 802.1X Supplicant role, then SoftGRE tunnel will be automatically disabled.
     Note: There is no alternative keep-alive detection mechanism between the AP and the SoftGRE server other than ping. As a result, if the primary SoftGRE service goes down but the ping to its IP address still succeeds, then the AP will not fail over to the backup gateway.
   • Client Isolation: Enabling client isolation enhances network security by preventing devices on the same Wi-Fi network from communicating directly with each other. To apply client isolation, a manual device reboot is necessary. You can choose the specific AP devices from the AP list and click Reboot to restart them.
     Note: Enabling client isolation on the uplink will disconnect the AP.
   • Isolate Packets: You can isolate data packets within the network to enhance network security and performance by controlling how data is transmitted and received within the network. Select unicast, multicast, and broadcast packets from the dropdown menu. Isolating unicast packets prevents direct communication between individual devices on the same network. Isolating multicast packets prevents specific devices from receiving data from the same device unless explicitly allowed. Isolating broadcast packets prevents all devices from receiving data from one device.
   • Automatic support for VRRP/HSRP: Enabling Automatic support for VRRP and HSRP ensures seamless failover and increased network reliability by dynamically managing router failover without manual intervention. This maintains high availability and reliability in critical network environments.
   • Client Isolation Allowlist: Enabling Client Isolation on a specific port for an AP model at a particular venue prevents devices on the same network from communicating with each other. However, the Client Isolation Allowlist permits certain devices to bypass this restriction and communicate with isolated clients. You can select an allowlist from the drop down menu or click Add Policy to create one. These policies allow specific devices, to communicate with isolated clients despite the isolation settings.

     To create a policy, provide the Policy Name, Description and add clients to the policy from the Select from Connected Clients. You can also add clients by clicking Add New Client. Click Policy Details to view information about the policy.

   • (Optional) If you want to revert to the default port settings, click Reset to default. A confirmation message is displayed, click Continue. Depending on the AP model, the following configurations will be reset to their default settings: Enable Port, Port Type, VLAN untag ID, VLAN member, and Enable PoE Out.
7. Click Apply.