Understanding Mesh Profiles
A Mesh profile contains major parameters required for configuring the Mesh function. To enable radios of an AP group or a specified AP to set up Mesh links, a Mesh profile must be applied to the radios.
Security profile: After a security profile is bound to a Mesh profile, parameters in the security profile will be used for Mesh link setup to ensure security of Mesh links, The WPA2+PSK+AES security policy is recommended for a Mesh security profile.
The security policy can be set to open system authentication only for the Mesh network in rail transportation scenarios.
- Mesh whitelist profile: A Mesh whitelist profile contains MAC addresses of neighboring APs allowed to set up Mesh links with an AP. After a Mesh whitelist profile is applied to an AP radio, only APs with MAC addresses in the whitelist can access the AP, and other APs are denied. On common Mesh networks, a Mesh whitelist must be configured for a Mesh node.
- A neighboring AP with the MAC address in the whitelist can set up a wireless virtual link with the local AP only after passing security authentication.
- On a Mesh network where ATs are deployed, after FWA is enabled in a Mesh profile, you do not need to configure a Mesh whitelist for a Mesh node. All ATs are allowed to access the Mesh node.
- AP group radio or AP radio: You can configure major feature parameters for radios in an AP group or a specified AP radio, including the working channel and bandwidth, antenna gain, transmit power, and radio coverage distance. For example, when configuring the Mesh function, configure the same channel for radios of Mesh APs.
- Radio profile: The radio profile is classified into the 2G and 5G radio profiles. You can configure other radio parameters for Mesh links through a radio profile.
- AP wired port profile: The AP wired port profile is used to configure AP wired port parameters and Mesh roles. When configuring Mesh services, you need to configure AP wired port parameters according to actual situations, enabling the Mesh network to transmit user services. For example, if direct forwarding is used on a Mesh network, you need to configure wired ports of Mesh APs to allow service VLANs to pass through.
- Mesh handover profile: After a Mesh handover profile is bound to a Mesh profile, the Mesh profile can provide the fast Mesh link handover function and apply to train-ground communication scenarios. A Mesh handover profile and the FWA mode of a Mesh profile are mutually exclusive. A Mesh handover profile cannot be referenced by the Mesh profile in which the FWA mode is enabled
By default, the system provides the Mesh profile default. Both the default Mesh profile default and a self-defined Mesh profile have the security profile default-mesh referenced by default. In the security profile default-mesh, the security policy is set to WPA2+PSK+AES and the security key to huawei_secmesh. If the default security profile default-mesh is used, you are advised to change the security key of the profile to ensure security.