Show all vlan profile name on monotiro top wlans

While you can configure as many as 15 service set identifiers (SSIDs) per radio, a good rule of thumb for device profiles and WLAN templates is to use only two or three WLANs per AP. The idea is to minimize the airtime overhead incurred by beacon management frames, which are sent every 102.4ms per radio, at the Minimum Basic Rate (MBR). In other words, unless you are carefully considering data rates and co-channel contention in order to achieve four, six, or even eight active WLANs on an AP, we recommend two or three WLANs per AP max.


This option excludes a given WLAN from the Wi-Fi service-level expectations (SLEs). You use this option typically for troubleshooting or to prevent the source of outlier data from influencing the overall SLE.

WLAN Status

This option controls whether an AP broadcasts the configured WLAN. You can also use it to hide the SSID and instead broadcast the AP by name.

Radio Band

Choose which radio frequencies to broadcast on the WLAN: 2.4 GHz, 5 GHz, or 6 GHz. Wireless clients typically experience better performance when connected to the 5-GHz band rather than the 2.4-GHz band. The 5-GHz band has more channels, resulting in less co-channel contention, and there are more sources of interference on the 2.4-GHz band.

SeeRadio Management (technology), Radio Management (page), and Radio Settings (RF Templates).

Band Steering

Band steering detects whether a connected client has dual-band (2.4 GHz and 5 GHz) capabilities. This option steers clients with dual-band capability to join the 5-Ghz band if the signal is good. Both the 2.4-GHz and 5-GHz radios need to be enabled on the WLAN. Band steering is disabled by default.

Note that even with band steering, clients can still hear beacon frames from the 2.4-GHz radios and can sometimes connect to these radios.

See Radio Management (dual band) and Dual Band Usage Examples.

Client Inactivity

You configure an inactivity timer on your WLAN to prevent congestion. The AP deauthenticates inactive clients, as defined by the time you set here. The default time is 1800 seconds.


Geofencing can prevent clients with a received signal strength indicator (RSSI) below a specified decibel-milliwatt (dBM) level from joining the network. You can set a minimum client RSSI, per radio band, to prevent clients who are beyond a given distance or range from joining the WLAN. Geofencing applies only to the initial association. Therefore, if a client is already associated to the network, the client will not be dissociated if its RSSI value falls below the configured threshold. The default is disabled for all radio-bands.

See Enable Geofencing.

Data Rates

Set data rates to prevent clients with slow connections from degrading the overall WLAN performance. The default isCompatible, which allows all connections. The other options are:

  • No Legacy (2.4G, no 11b)—Prevents 802.11b and 802.11g devices from joining the WLAN. This option has the effect of adding capacity to the network.
  • High Density (disable all lower rates)—Prevents 802.11b and 802.11g clients from joining the network and enforces a minimum signal level.
  • Custom Rates

Disabling clients with lower data rates can improve WLAN performance in three ways:

  • Increase throughput by ensuring clients are transmitting data only at higher rates.
  • Encourage clients to roam, reducing the effects of a sticky client.
  • Reduce management frame overhead by increasing the MBR. Wi-Fi Protocols You use this option to enable or disable Wi-Fi 6 on the supported APs. WLAN Rate Limit

You use this option to configure a WLAN rate limit to enforce an uplink and downlink rate for the WLAN. You can configure rate limits per AP, per client, and per application. You can also limit the total bandwidth allocation for a given application.

Per-Client Rate Limit

Client rate limits set the uplink and downlink rate per client.

Application Rate Limit

This option limits the uplink or downlink rate per client for the specified application. You must identify applications by their name or hostname.

Apply to Access Points Select the APs you want this WLAN to apply to: All, Specific, or according to the AP label. Isolation

Peer-to-peer isolation prevents Layer 2 peer traffic on the same WLAN, AP, or wired or wireless subnet. This option is disabled by default. (For Layer 3 filtering, you can create WxLAN policies.)

Subnet isolation requires firmware version 0.12 or later, and clients must have a DHCP address.

Filtering (Wireless)

  • ARP
  • Broadcast/Multicast
  • Allow mDNS
  • Allow SSDP
  • Allow IPv6 Neighbor Discovery

These filters reduce the amount of management frames sent by APs in the WLAN. Filtering can significantly improve performance by freeing up radio air time which is otherwise consumed as a routine part of the operational overhead.

  • By default, Mist APs support proxy Address Resolution Protocol (ARP), which means the AP sends an ARP response on behalf of the client instead of forwarding the packet over the air. The ARP filter prevents ARP broadcast requests to a given WLAN interface. If not enabled, the proxy ARP will try to resolve all unknown Ethernet address requests by flooding the request to any unfiltered interfaces. We recommend leaving the ARP filter enabled.
  • The Broadcast / Multicast filter blocks broadcasts and multicast packets on the given AP interface so they are not forwarded to the switch. It includes IPv6 broadcasts, multicast, and IPv4/IPv6 mDNS frames. Note that the following are excluded (not blocked by this filter): DHCP broadcasts and IPv6 neighbor discovery frames (ICMPv6).
  • The mDNS filter works in conjunction with the Broadcast / Multicast filter (it must also be enabled). When enabled, it exempts mDNS packets including IPv4 and IPv6 mDNS, from being blocked with the Broadcast / Multicast filter for the given interface. Recall that Apple Bonjour uses mDNS for its network discovery (and so you may need to enable the mDNS filter exception to support it).
  • Simple Service Discovery Protocol (SSID) are advertisement beacons for discovering Universal Plug and Play (UPnP) devices on the wireless network. The SSDP filter works in conjunction with: Broadcast / Multicast filter (it must also be enabled). When enabled, it exempts SSDP packets, including IPv4 and IPv6 SSDP, from being blocked with the Broadcast / Multicast filter for the given interface. DTIM Period

The Delivery Traffic Indication Message (DTIM) period specifies how to broadcast DTIM beacons (which, by extension, can influence how often the other devices must wake up and thus their power consumption). DTIM beacons help synchronize the network.

The value is a multiplier. The default is 2, which means every other frame. The range is from 1 to 10.

Custom Forwarding By default, the WLAN forwards tagged or untagged client traffic through the primary Ethernet port, Eth0. You use custom forwarding in conjunction with Mist Edge, or for example, to ensure that guest and corporate traffic use different networks.

  • Eth0 + PoE—Default. Forward traffic out the Eth0 port.
  • Eth1—Forwards traffic through the second Ethernet port of the AP. This mode requires the WLAN VLAN to be untagged. You must connect Port Eth1 to a physically separate LAN. SSID Scheduling You use this option to customize your WLAN by choosing the exact days and times to broadcast the SSID. Also supports multiple time ranges for each day. By default this mode is disabled. QoS Priority

Use quality of service (QoS) to prioritize traffic so that the more important traffic does not get held up in a queue during congestion. Juniper APs can prioritize wireless traffic to optimize the shared radio for maximum application performance.

Wi-Fi Multimedia (WMM) is a Wi-Fi Alliance specification based on the IEEE 802.11e wireless QoS standard to support traffic prioritization. This specification uses the following access categories to prioritize transmission:

  • 0=Background (not used by Juniper APs)
  • 1=Best Effort
  • 2=Video
  • 3=Voice Multimedia Extensions

When multiple concurrent applications compete for network resources, Juniper APs can use MMEs to define and improve the wireless signal quality and performance.

Multimedia extensions (MMEs) are architectural extensions to general-purpose processors to boost the performance of multimedia workloads. Throughput is not guaranteed by WMM.


AirWatch mobility management solutions to ensure secure network access for authorized devices.

When enabled, the APs allow traffic to pass only for those clients already identified in the AirWatch console. If enabled, you need to specify the AirWatch console URL, the API key, and your login credentials for the managed devices.

Application QoS

You use application quality of service (AppQoS) to identify and control access to specific applications. This option provides the granularity of stateful firewall rules to match and enforce QoS at the application layer.

Bonjour Gateway

Requires firmware v0.8.x or later. When enabled, the Bonjour gateway is coordinated among all the APs in the WLAN. the gateway is limited to the same broadcast domain on the wired network. Devices such as a printer provide the Bonjour service, and clients request the service. If the Bonjour client is on a different VLAN than the Bonjour server, you need to enable the Bonjour gateway on the SSID.

Discovery VLANs are VLANs where Bonjour clients can discover Bonjour services. You must specify all the allowed VLANs and the VLAN ID for each VLAN with a service about which you want to learn.


Supports WPA3, WPA2, Legacy, OWE, and Open Access, with either Enterprise (802.1X) and Personal (SAE), as well as single or multiple passphrases, TKIP, etc.

See Rogues, Honeypots, and Neighbor APs, Classify and Ban Designated Wireless Clients, Preshared Keys, and Multi-Preshared Keys.

Fast Roaming

Enable fast roaming to allow clients that are connected to the network using WPA2 or WPA3 security to remain connected as they roam between APs. With fast roaming, WPA2 and WPA3 clients do not need to re-authenticate with the authentication server every time they change APs in the same network.

See Enable Fast Roaming.


Required for each WLAN. Specify the type of VLAN the AP will use in the switch connection.

For pre-shared key (PSK)-based network segmentation, choosePool in the WLAN configuration (Organization > WLAN Templates > Add WLAN button, and then VLAN). In the pool field, specify each VLAN ID you will reference in the VLAN ID field of the PSKs you create (Organization > WLAN Templates > Pre-Shared Key> Add Key button, and then VLAN ID).

If you are using multiple PSK and want to put clients in different VLANs according to their site, you can do so by using a site variable for the VLANs in the Pool field. In this case, you'll leave the VLAN ID field blank in the PSK configuration page. If the site variable doesn't already exist, be sure to create one (Organization | Admin > Site Configuration, and then select the site and scroll down the Site Configuration page to the Site Variables sections where you canAdd Variable).

See Leveraging Roles in a PSK.

Guest Portal

The Guest Portal enables a landing page that users are directed to when they connect to the network. You can set any custom portal field as a required field and use this information as a way to monitor users of the guest WLAN.

What is the name of the WLAN profile?

SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile defines the name of the network, authentication type for the network, basic rates, transmit rates, SSID. SSID is a name given to a WLAN and is used by the client to access a WLAN network.

How does an AP extend VLANs onto the wireless LAN?

The AP Group VLANs feature is an additional method used to limit the broadcast domains to a minimum. This is done by logically segmenting a WLAN into different broadcast domains. It limits the broadcast of a WLAN to a smaller group of LAPs.

Which tab in the WLAN configuration screen of a WLC configures VLAN mapping?

WLAN creation and SSID to VLAN mapping is configured on the WLAN tab of the WLC configuration. Each WLAN SSID is associated to a VLAN previously created and linked to a pysical interface on Controller tab.

Which two profiles does the site tag on the 9800 WLC group?

Site Tag defines if the APs are in Local Mode or Flexconnect mode . Other AP modes like Sniffer, Sensor, Monitor, Bridge can be configured directly on the AP. The Site Tag also contains the AP Join Profile and Flex Profile that are applied to the AP.