Black Box LWN602WA 802.11abg Access Point User Manual LWN602A user rev4 v4 1r5

Black Box Corporation 802.11abg Access Point LWN602A user rev4 v4 1r5

UserManual.wiki >

Black Box >

LWN602WA User Manual >

User Manual

1. User Manual
2. User Manual 2

User Manual

Provides the speed, range, security, adapability, and manageability to replace wired networks at an enterprise level.Intelligent 802.1n wireless access points work together to increase network efficiency.SmartPath™ Enterprise Wireless System User GuideLWN602A LWN600VMA LWN602AE LWN600CM-1LWN602HA LWN600CM-3 LWN602HAE LWN602WAOrder toll-free in the U.S.: Call 877-877-BBOX (outside U.S. call 724-746-5500)FREE technical support 24 hours a day, 7 days a week: Call 724-746-5500 or fax 724-746-0746Mailing address: Black Box Corporation, 1000 Park Drive, Lawrence, PA 15055-10187EBSITEWWWBLACKBOXCOMs%MAILINFO BLACKBOXCOMCustomer Support Information

724-746-5500 | blackbox.com Page 3FCC StatementsFederal Communication Commission Interference StatementEach Black Box product described in this manual complies with part 15 of the FCC Rules when operating under the following restrictions: (1) This device may not cause harmful interference, and (2) they must accept any RF interference received, including interference that might cause an unwanted impact on their operation.This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one of the following measures:Reorient or relocate the receiving antenna.Increase the separation between the equipment and receiver.Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.Consult the dealer or an experienced radio/TV technician for help.FCC Caution: Any changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate this equipment.Important: FCC Regulatory Warning NoticesLWN602A devices are restricted to indoor use due to their operation in 5 GHz frequencies, which are shared by mobile satellite systems and government radar systems. The FCC requires that these products only be used indoors to reduce the potential for harmful interference with co-channel radar that might be operating in the 5.25–5.35 or 5.47–5.725 GHz frequency ranges in the same area. The conflicting activity of radar stations and these devices can cause interference or damage to each other. In addition, these devices have a radar detection function that might interrupt normal operations when they detect a radar signal. To reduce the risk of interference even further, installing these devices away from windows is recommended.LWN602A devices operating within the 5.15–5.25 GHz frequency range are restricted to indoor environments.The FCC region code is set in the device during the manufacturing process, the option to set it to any region other than FCC is disabled, and the country code selection function has been completely removed from all U.S. models. It is impossible for the end user to change the region to anything other than FCC.FCC Radiation Exposure StatementThis equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with a minimum distance of 23 centimeters (9 inches) between the radiator and your body.The availability of some specific channel and/or operational frequency bands are country dependent and are firmware programmed at the factory to match the intended destination. The firmware setting is not accessible by end user.Only attach antennas that are certified for use with this device. Replacing antennas with unauthorized, high-gain antennas greatly increases the risk of interference and invalidates the FCC certification.

724-746-5500 | blackbox.com Page 4NOM Statement/Radiation Exposure StatementInstrucciones de Seguridad(Normas Oficiales Mexicanas Electrical Safety Statement)1. Todas las instrucciones de seguridad y operación deberán ser leídas antes de que el aparato eléctrico sea operado.2. Las instrucciones de seguridad y operación deberán ser guardadas para referencia futura.3. Todas las advertencias en el aparato eléctrico y en sus instrucciones de operación deben ser respetadas.4. Todas las instrucciones de operación y uso deben ser seguidas.5. El aparato eléctrico no deberá ser usado cerca del agua—por ejemplo, cerca de la tina de baño, lavabo, sótano mojado o cerca de una alberca, etc.6. El aparato eléctrico debe ser usado únicamente con carritos o pedestales que sean recomendados por el fabricante. 7. El aparato eléctrico debe ser montado a la pared o al techo sólo como sea recomendado por el fabricante.8. Servicio—El usuario no debe intentar dar servicio al equipo eléctrico más allá a lo descrito en las instrucciones de operación. Todo otro servicio deberá ser referido a personal de servicio calificado. 9. El aparato eléctrico debe ser situado de tal manera que su posición no interfiera su uso. La colocación del aparato eléctrico sobre una cama, sofá, alfombra o superficie similar puede bloquea la ventilación, no se debe colocar en libreros o gabinetes que impidan el flujo de aire por los orificios de ventilación.10. El equipo eléctrico deber ser situado fuera del alcance de fuentes de calor como radiadores, registros de calor, estufas u otros aparatos (incluyendo amplificadores) que producen calor.11. El aparato eléctrico deberá ser connectado a una fuente de poder sólo del tipo descrito en el instructivo de operación, o como se indique en el aparato.12. Precaución debe ser tomada de tal manera que la tierra fisica y la polarización del equipo no sea eliminada.13. Los cables de la fuente de poder deben ser guiados de tal manera que no sean pisados ni pellizcados por objetos colocados sobre o contra ellos, poniendo particular atención a los contactos y receptáculos donde salen del aparato.14. El equipo eléctrico debe ser limpiado únicamente de acuerdo a las recomendaciones del fabricante.15. En caso de existir, una antena externa deberá ser localizada lejos de las lineas de energia.16. El cable de corriente deberá ser desconectado del cuando el equipo no sea usado por un largo periodo de tiempo.17. Cuidado debe ser tomado de tal manera que objectos liquidos no sean derramados sobre la cubierta u orificios de ventilación.18. Servicio por personal calificado deberá ser provisto cuando: A: El cable de poder o el contacto ha sido dañado; u B: Objectos han caído o líquido ha sido derramado dentro del aparato; o C: El aparato ha sido expuesto a la lluvia; o D: El aparato parece no operar normalmente o muestra un cambio en su desempeño; o E: El aparato ha sido tirado o su cubierta ha sido dañada.Important: Radiation Exposure StatementThis equipment complies with radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with a minimum distance of 8 inches (20 cm) between the radiator and your body. This transmitter must not be colocated or operating with any other antenna or transmitter. For more information about RF exposure limits, visit www.fcc.gov (U.S.) or www.ic.gc.ca (Canada).

724-746-5500 | blackbox.com Page 6Countries of Operation and Conditions of Use in the European Communitys3MART0ATH!0SAUTOMATICALLYLIMITTHEALLOWABLECHANNELSDETERMINEDBYTHECURRENTCOUNTRYOFOPERATION)NCORRECTLYENTERINGthe country of operation might result in illegal operation and cause harmful interference to other systems. The admin is obligated to ensure SmartPath APs are operating according to the channel limitations, indoor/outdoor restrictions and license requirements for each European Community country as described in this section.s3MART0ATH!0SCANBEOPERATEDINDOORSOROUTDOORSINALLCOUNTRIESOFTHE%UROPEAN#OMMUNITYUSINGTHE'(ZBANDChannels 1–13, except where noted below:– In Italy and Luxembourg, you must apply for a license from the national spectrum authority to operate a SmartPath AP outside your own premises and for public use or service.– In Belgium outdoor operation is only permitted using the 2.46- to 2.4835-GHz band: Channel 13.– In France outdoor operation is limited to the 2.454- to 2.4835-GHz band (Channels 8 to 13) at a maximum of 10 mW EIRP (effective isotropic radiated power).– In Norway, the 2.4-GHz band cannot be used outdoors within a 20-km radius of the center of Ny-Ålesund.– In Russia, the 2.4-GHz band is for indoor use only.s"ECAUSERADARSYSTEMSUSESOMEBANDSINTHE'(ZSPECTRUM7,!.DEVICESOPERATINGINTHESEBANDSMUSTUSE$YNAMICFrequency Selection (DFS) to detect radar activity and switch channels automatically to avoid interfering with radar operations. For the ETSI region, the SmartPath AP (LWN602HA) is certified for the latest ETSI EN 301 893 v1.5.1 DFS requirements and can use DFS channels 52 to 140 (5.26 GHz to 5.32 GHz, and 5.5 GHz to 5.7 GHz). To comply with ETSI regulations when deploying a SmartPath AP (LWN602HA) device outdoors, set the 5-GHz radio to operate on the DFS channels and enable DFS. When deploying a SmartPath AP (LWN602HA) indoors, then the 5-GHz radio can also use Channels 36 to 48 as well as the DFS chan-nels. The maximum transmit power for channels from 36 to 48 is 17 dBm in the ETSI region. Because this maximum is enforced by SmartPath OS, the SmartPath AP automatically limits the power to 17 dBm even if the setting is greater than that.s4HEAVAILABILITYOFSOMESPECIFICCHANNELSANDOROPERATIONALFREQUENCYBANDSARECOUNTRYDEPENDENTANDAREFIRMWARE programmed at installation to match the intended destination. The firmware setting is accessible by the end user. Some national restrictions are noted below:– In Italy and Luxembourg, you must apply for a license from the national spectrum authority to operate a SmartPath AP outside your own premises and for public use or service in the 5.15- to 5.35-GHz band (Channels 36 to 64) and 5.47- to 5.725-GHz band (Channels 100 to 140).– In Russia, you can only use the 5.15- to 5.35-GHz band at 100 mW (20 dBm) indoors, in closed industrial and warehouse areas, and on-board aircraft for local network and crew communications during all stages of a flight and for public WLAN access only at an altitude of 3000 meters or higher. You can only use the 5.65- to 5.825-GHz band with 100 mW EIRP on board aircraft at an altitude of 3000 meters or higher.Declaration of Conformity in Languages of the European CommunityEnglish: Hereby, we declare that this Radio LAN device is in compliance with the essential requirements and other relevant provisions of Directive 1999/5/EC.Finnish: Valmistaja Black Box vakuuttaa täten että Radio LAN device tyyppinen laite on direktiivin 1999/5/EY oleellisten vaatimusten ja sitä koskevien direktiivin muiden ehtojen mukainen.Dutch: Hierbij verklaart Black Box dat het toestel Radio LAN device in overeenstemming is met de essentiële eisen en de andere relevante bepalingen van richtlijn 1999/5/EG. Bij deze Black Box dat deze Radio LAN device voldoet aan de essentiële eisen en aan de overige relevante bepalingen van Richtlijn 1999/5/EC.French: Par la présente Black Box déclare que cet appareil Radio LAN est conforme aux exigences essentielles et aux autres dispositions relatives à la directive 1999/5/CE.Swedish: Härmed intygar Black Box att denna Radio LAN device står I överensstämmelse med de väsentliga egenskapskrav och övriga relevanta bestämmelser som framgår av direktiv 1999/5/EG.

724-746-5500 | blackbox.com Page 7SmartPath AP Safety ComplianceDanish: Undertegnede Black Box erklærer herved, at følgende udstyr Radio LAN device overholder de væsentlige krav og øvrige relevante krav i direktiv 1999/5/EF.German: Hiermit erklärt Black Box, dass sich dieser/diese/ dieses Radio LAN device in Übereinstimmung mit den grundlegenden Anforderungen und den anderen relevanten Vorschriften der Richtlinie 1999/5/EG befindet". (BMWi) Hiermit erklärt Black Box die Übereinstimmung des Gerätes Radio LAN device mit den grundlegenden Anforderungen und den anderen relevanten Festlegungen der Richtlinie 1999/5/EG. (Wien)Italian: Con la presente Black Box dichiara che questo Radio LAN device è conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999/5/CE.Spanish: Por medio de la presente Black Box declara que el Radio LAN device cumple con los requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999/5/CE.Portuguese: Black Box declara que este Radio LAN device está conforme com os requisitos essenciais e outras disposições da Directiva 1999/5/CE.SmartPath AP Safety CompliancePower Cord SafetyPlease read the following safety information carefully before installing a SmartPath AP:WARNING: Installation and removal of SmartPath APs must be carried out by qualified personnel only.s3MART0ATH!0SMUSTBECONNECTEDTOAGROUNDEDEARTHEDOUTLETTOCOMPLYWITHINTERNATIONALSAFETYSTANDARDSs$ONOTCONNECT3MART0ATH!0STOAN!#OUTLETPOWERSUPPLYWITHOUTAGROUNDEARTHCONNECTIONs4HEAPPLIANCECOUPLERTHECONNECTORTOTHEUNITANDNOTTHEWALLPLUGMUSTHAVEACONFIGURATIONFORMATINGWITHAN%.60320/IEC320 appliance inlet.s4HESOCKETOUTLETMUSTBENEARTHE3MART0ATH!0ANDEASILYACCESSIBLE9OUCANONLYREMOVEPOWERFROMA3MART0ATH!0 by disconnecting the power cord from the outlet.s3MART0ATH!0SOPERATEUNDER3AFETY%XTRA,OW6OLTAGE3%,6CONDITIONSACCORDINGTO)%#4HECONDITIONSAREONLY maintained if the equipment to which they are connected also operates under SELV conditions.s!3MART0ATH!0RECEIVINGPOWERTHROUGHITS0OWEROVER%THERNET0O%INTERFACEMUSTBEINTHESAMEBUILDINGASTHEEQUIPMENTfrom which it receives power.France and Peru only:SmartPath APs cannot be powered from IT* supplies. If your supplies are of IT type, then a SmartPath AP must be powered by 230 V (2P+T) via an isolation transformer ratio 1:1, with the secondary connection point labelled Neutral, connected directly to ground (earth). *Impédance à la terreIMPORTANT: Before making connections, make sure you have the correct cord set. Check it (read the label on the cable) against the description in this section.U.S.A. and Canada only: s4HECORDSETMUSTBE5,® and CSA certified.s-INIMUMSPECIFICATIONSFORTHEFLEXIBLECORD- No. 18 AWG, not longer than 2 m, or 16 AWG - Type SV or SJ- The cord set must have a rated current capacity of at least 10 A.

724-746-5500 | blackbox.com Page 8SmartPath AP Safety Compliances4HEATTACHMENTPLUGMUSTBEANEARTHGROUNDINGTYPEWITH.%-!0!6OR.%-!!6 configuration.Denmark only:s4HESUPPLYPLUGMUSTCOMPLYWITH3ECTION$3TANDARD$+AOR$+As3WITZERLANDs4HESUPPLYPLUGMUSTCOMPLYWITH3%6!3%U.K. only:s4HESUPPLYPLUGMUSTCOMPLYWITH"3PIN!ANDBEFITTEDWITHA!FUSETHATCOMPLIESWITH"3s4HEPOWERMAINSCORDMUSTBE(!2OR"!3%#MARKEDANDBEOFTYPE(/66&'/MINIMUMs)%#RECEPTACLE

724-746-5500 | blackbox.com Page 9Table of ContentsTable of Contents1. Specifications .............................................................................................................................................................................12 1.1 SmartPath AP (LWN602HA)................................................................................................................................................12 1.2 SmartPath AP (LWN602A) ..................................................................................................................................................12 1.3 SmartPath EMS VMA (LWN600VMA) .................................................................................................................................13 1.4 SmartPath Outdoor Access Point (LWN602WA) ..................................................................................................................132. Preparing for a WLAN Deployment .............................................................................................................................................14 2.1 Assessing Your Requirements .............................................................................................................................................14 2.2 Planning .............................................................................................................................................................................14 2.2.1 Upgrading from Existing Wi-Fi...............................................................................................................................14 2.2.2 New WLAN Deployment .......................................................................................................................................15 2.2.3 Site Surveys ...........................................................................................................................................................15 2.2.4 Budgetiing Wi-Fi: The Chicken and Egg Problem ...................................................................................................16 2.2.5 Bandwidth Assumptions for Wi-Fi .........................................................................................................................18 2.2.6 Overcoming Physical Impediments ........................................................................................................................18 2.2.7 Preparing the Wired Network for Wireless.............................................................................................................20 2.2.8 Online Planner.......................................................................................................................................................21 2.3 Operational Considerations ................................................................................................................................................23 2.3.1 Tuning ...................................................................................................................................................................23 2.3.2 Spectrum Analysis .................................................................................................................................................23 2.3.3 Troubleshooting ....................................................................................................................................................28 2.3.4 Management ........................................................................................................................................................28 2.3.5 Automatic and Semi-Automatic Rogue Mitigation .................................................................................................28 2.3.6 Deploying with Confidence ...................................................................................................................................30 2.4 Basic Wi-Fi Concepts ..........................................................................................................................................................30 2.5 New and Enhanced SmartPath OS Features for Release 4.0r1 ..................................................................................................... 34 2.6 New and Enhanced SmartPath EMS VMA Features for Release 4.0r1 ......................................................................................... 34 2.7 New and Enhanced SmartPath OS and SmartPath EMS VMA Features for Release 4.1r1 ............................................................ 353. The Smart Path AP (LWN602HA) Overview .................................................................................................................................36 3.1 Hardware Description .........................................................................................................................................................36 3.2 Ethernet and Console Ports ................................................................................................................................................38 3.2.1 Smart PoE .............................................................................................................................................................39 3.2.2 Aggregate and Redundant Interfaces ................................................................................................................... 40 3.2.3 Console Port .........................................................................................................................................................41 3.3 Status LEDs .........................................................................................................................................................................43 3.4 Antennas ........................................................................................................................................................................... 44 3.4.1 Multiple In, Multiple Out (MIMO) ..........................................................................................................................45 3.4.2 Using MIMO with Legacy Clients ...........................................................................................................................47 3.5 Mounting the Smart Path AP (LWN602HA) ........................................................................................................................47 3.5.1 Ceiling Mount .......................................................................................................................................................47 3.5.2 Plenum Mount ......................................................................................................................................................50 3.5.3 Suspended Mount .................................................................................................................................................52 3.5.4 Surface Mount ......................................................................................................................................................55 3.6 Device, Power, and Environmental Specifications ................................................................................................................564. The Smart Path AP (LWN602A) Overview ....................................................................................................................................57 4.1 Hardware Description .........................................................................................................................................................57 4.2 Ethernet Port ......................................................................................................................................................................58 4.3 Status Indicator ..................................................................................................................................................................58 4.4 Antennas ............................................................................................................................................................................59 4.5 Mounting a Smart Path AP (LWN602A) .............................................................................................................................60 4.5.1 Ceiling Mount .......................................................................................................................................................60 4.5.2 Surface Mount ......................................................................................................................................................61

724-746-5500 | blackbox.com Page 11Table of Contents 9.5.4 Update SmartPath APs ........................................................................................................................................149 9.6 Multiple Default Routes ....................................................................................................................................................15010. SmartPath Operating System (OS) .............................................................................................................................................153 10.1 Common Default Settings and Commands .......................................................................................................................153 10.2 Configuration Overview ...................................................................................................................................................155 10.2.1 Device-Level Configurations ................................................................................................................................155 10.2.2 Policy-Level Configurations..................................................................................................................................155 10.3 SmartPathOS Configuration File Types ..............................................................................................................................15611. Deployment Examples (CLI) .......................................................................................................................................................161 11.1 Example 1: Deploying a Single SmartPath AP ....................................................................................................................162 11.2 Example 2: Deploying a Cluster ........................................................................................................................................165 11.3 Example 3: Using IEEE 802.1x Authentication ...................................................................................................................170 11.4 Active Directory Configuration Improvement ....................................................................................................................173 11.5 RADIUS Authentication for VHM Administrators ..............................................................................................................176 11.6 Example 4: Applying QoS .................................................................................................................................................177 11.7 Example 5: Loading a Bootstrap Configuration .................................................................................................................184 11.8 Command Line Interface (CLI) Commands for Examples ...................................................................................................186 11.8.1 Commands for Example 1 ...................................................................................................................................186 11.8.2 Commands for Example 2 ...................................................................................................................................186 11.8.3 Commands for Example 3 ...................................................................................................................................187 11.8.4 Commands for Example 4 ...................................................................................................................................187 11.8.5 Commands for Example 5 ...................................................................................................................................18912. Traffic Types ...........................................................................................................................................................................191Appendix. Country Codes .................................................................................................................................................................194

724-746-5500 | blackbox.com Page 12Chapter 1: Specifications1. Specifications1.1 Smart Path AP (LWN602HA)Antennas: (3) omnidirectional 802.11b/g/n antennas, and (3) omnidirectional 802.11a/n antennasNOTE: Antennas are not included.Interface: Serial Port: 9600 bps, 8 data bits, no parity, 1 stop bit, no flow control; Ethernet: Autosensing 10/100/1000 BASE-T/TX Mbps; both ports comply with the IEEE 802.3af and the 802.at standard for Power over Ethernet (PoE)Connectors: (3) RJ-45: (2) 10/100/1000BASE-T/TX Ethernet ports, (1) RJ-45 serial console port; (3) 802.11a/b/g/n RP-SMA , (3) 802.11a/n RP-SMA, (1) barrel connector for powerIndicators: (5) Status LEDs: (1) Power, (1) ETH0, (1) ETH1, (1) WIFI0, (1) WIFI1Temperature Tolerance: Operating: -4 to +131° F (-20 to +55° C); Storage: -40 to +176° F (-40 to +80° C)Relative Humidity: 95% maximumPower: Optional AC power adapter: Input: 100–240 VAC; Output: 48 VDC, 0.625 amps; *PoE nominal input voltages: 802.3af: 48 VDC, 0.35 amps; 802.3at: 48 V, 0.625 amps; RJ-45 power input pins: Wires 4, 5, 7, 8 or 1, 2, 3, 6*NOTE: When using 802.af, power should be applied to both Ethernet ports to maintain all features (see Section 3.2.1, Smart PoE).Size: 1.25"H x 8.5"W x 8"D (3.2 x 21.5 x 20.3 cm)Weight: 3 lb. (1.4 kg)1.2 Smart Path AP (LWN602A)Antennas: (2) omnidirectional 802.11b/g/n antennas, and (2) omnidirectional 802.11a/n antennasInterface: RJ-45 power input pins: Wires 4, 5, 7, 8 or 1, 2, 3, 6Connectors: (1) RJ-45 autosensing 10/100/1000BASE-T/TX Mbps port; complies with the IEEE 802.3af and the 802.at standard for Power over Ethernet (PoE), (1) barrel connector for powerIndicators: (1) Status LED that conveys operational states for system power, firmware updates, Ethernet and wireless interface activity and major alarmsTemperature Tolerance: Operating: +32 to +104° F (0 to +40° C); Storage: -40 to +185° F (-40 to +85° C)Relative Humidity: 95% maximum. noncondensingPower: Optional AC power adapter: Input: 100–240 VAC; Output: 48 VDC, 0.625 amps; PoE nominal input voltages: 802.3af: 48 VDC, 0.35 amps; 802.3at: 48 V, 0.625 amps; RJ-45 power input pins: Wires 4, 5, 7, 8 or 1, 2, 3, 6Size: 2"H x 6.5"W x 6.5"D (5.1 x 16.5 x 16.5 cm)Weight: 1.75 lb. (0.8 kg)

724-746-5500 | blackbox.com Page 13Chapter 1: Specifications1.3 Smart Path EMS Virtual Management Appliance (VMA) Software (LWN600VMA)Maximum Supported APs — 5000Minimum System Requirements — Processor: Dual-core 2 GHz; Memory: 2 GB VM, 1 GB host; Storage: 10 GB available disk spaceTested Virtualization Platforms —ESXi 4.0 or better; Player on CentOS; Player on Windows Vista®1.4 SmartPath Outdoor Access Point (LWN602WA)Antennas — (4) N-type female connectors for external antennasEnvironmental Compliance — IP68 Mounting Options — Horizontal or vertical pole mount; pole must be 1" to 3.5" (2.5 cm to 8.9 cm) in diameter; wall or flat surface mountPoE Nominal Input Voltage — 48 V, 30 wattsWind Speed ToleranceMPHKPHConnectors — (1) RJ-45 Ethernet connector: autosensing 10/100/1000 Mbps; compliant with the IEEE 802.3at standard for PoETemperature Tolerance — Operating: -40 to +131° F (-40 to +55° C); Storage: -40 to +176° F (-40 to +80° C)Relative Humidity — Up to 100%Size — Without antennas: 3"H x 77⁄8"W x 95⁄8"L (7.6 x 20 x 22.4 cm)Weight — With antennas: 4.85 lb. (2.199 kg); With antennas and brackets: 6.05 lb. (2.744 kg)NOTE: For information on how to install the SmartPath Outdoor Wireless Access Point (LWN602WA), see the LWN602WA Installation Guide at ftp://ftp.blackbox.com/anonymous/manuals/L/LWN602WA_install.pdf

724-746-5500 | blackbox.com Page 14Chapter 2: Preparing for a WAN Deployment2. Preparing for a WAN DeploymentTo ensure a smooth WLAN deployment, you need to begin with a bit of planning. A straightforward review of your deployment plan before you begin will provide the best results in the least amount of time. The goals of this chapter are to assist you in assessing your readiness for WLAN implementation and to provide tips and tricks to resolve any issues that might arise in your environment. NOTE: This guide assumes an understanding of corporate data networking and past experience with LAN configuration and deployment. It also assumes some basic Wi-Fi understanding.2.1 Assessing Your RequirementsTo get started with your Black Box WLAN installation, examine the basic requirements of your implementation. First, consider who your stakeholders are and take the time to fully understand their access requirements. Talk to department managers within your organization and make sure everyone has documented the full complement of potential network users. Check if the applications are standard employee applications or if there are other requirements, such as access for guests or consultants.Next, make a complete list of the application types that your network will need to support. Begin your list with mission-critical applications, paying special attention to those that generate high levels of traffic and those requiring deterministic behavior. Identify applications with heavy data requirements and expected service levels.Demanding applications such as voice and video will require a higher density of access points. Many enterprises are investigating the potential of VoWLAN (Voice over WLAN) in the hopes of integrating mobile phones and IP-PBX systems. Doing so requires an evaluation of other data transmission types that can disrupt the quality of voice conversations. Because voice traffic is sensitive to network jitter and latency, an inadequate number of access points can degrade quality. To the user, excessive jitter and delay can cause clipped conversations or dropped calls. Additional quality and reliability issues might arise when transmitting video, such as for training video or surveillance operations, because of the sheer size of the data stream.Other applications such as network backup and file transfers can also have an impact on the network. Therefore, take into account any bandwidth-intensive applications if you expect your mobile workforce to be accessing the WLAN while these applications or services are occurring.Considering the above issues will result in a more informed—and therefore more successful—deployment plan.2.2 PlanningThis section reviews the fundamental elements for planning your WLAN deployment. This includes conducting a site survey, both for an upgrade from an existing WLAN and for a completely fresh—or greenfield—deployment.2.2.1 Upgrading from Existing Wi-FiIf you are upgrading to SmartPath from an existing WLAN, you already have plenty of data about how your current network is performing. This information can lead to more informed decisions about your new implementation. To begin, perform a quick site survey with the existing access points in place. If they are less than three years old and support 802.11g, their coverage and capacity will be lower than the SmartPath 802.11n radio. If the coverage is good and has the appro-priate density for your deployment, the simplest approach is to replace one set of access points with a new set of SmartPath APs. However, this scenario is rare because network upgrades are usually done to improve capacity and to augment the existing layout with a denser deployment of access points.Be sure to take note whether your existing network uses “fat” or “thin” APs (access points). A “fat” AP is an autonomous or standalone access point, which contains the capability to connect to any Ethernet switch. With a “thin” AP, most of the intelli-gence has been removed and replaced in a centralized WAN controller. An upgrade from fat APs to SmartPath APs is very natural. Generally, with fat APs you simply need to unplug the existing ones and plug in the new SmartPath APs and provision them. With this approach, you can maintain or enhance all existing VLANs and security policies. This is a huge advantage over migrating from fat AP to controller-based solutions because you typically need to re-architect the network.

724-746-5500 | blackbox.com Page 15Chapter 2: Preparing for a WAN DeploymentUpgrading from a thin AP solution is also easy. However, because a thin AP makes use of an overlay tunneled network, you sometimes have to add a local VLAN for access or use tunnels to replicate the overlay network. However, because using VLANs rather than tunnels provides significant performance and scalability advantages, this is clearly the recommended path.2.2.2 New WLAN DeploymentIn a new—or greenfield—WLAN deployment, you do not have the benefit of an existing network for testing and analysis, which makes your job a bit more difficult. In this case, the following key questions are critical to the proper design of your WLAN:s(OWMANYUSERSWILLNEEDWIRELESSSERVICEANDWHATAPPLICATIONSWILLTHEYUSE Determining the scope of your WLAN deployment will have a major impact on capacity and coverage. Will only certain groups WITHINTHEORGANIZATIONHAVE7,!.ACCESSORWILLITBEROLLEDOUTACROSSTHEENTERPRISE7ILLYOUPROVIDEGUESTACCESSTOVISI-TORSCONSULTANTSANDCONTRACTORS-OST7,!.SSUPPORTJUSTDATAAPPLICATIONSBUTMANYORGANIZATIONSARECONSIDERINGADDINGvoice services. Voice support raises other design considerations that drive the need for denser deployments of access points and different Quality of Service (QoS) settings.s!RETHEREANYKNOWNMAJORSOURCESOFINTERFERENCE&OREXAMPLEISTHEREANEARBYCAFETERIAWITHMICROWAVEOVENS#OMMERCIALGRADEMICROWAVESAREAPARTICULARLYBADSOURCEOFINTERFERENCE)STHEREAWIRELESSTELEPHONEORVIDEOSURVEILLANCESYSTEMNOTUSING7I&I)STHEREARADARINSTALLATIONNEARBY)Fyou cannot find the answer to these questions easily, consider employing a spectrum analysis product, such as the AirMagnet® Spectrum Analyzer.s!REBUILDINGBLUEPRINTSAVAILABLE With blueprints, you can see the location of elevators, load-bearing walls, and other building characteristics that can impact signal quality. Different materials, such as concrete walls, brick walls, cubicle walls, glass, and elevator shafts impact signal quality differently. You can often load these blueprints into a planning or site survey tool to make the process easier.s7HATDEVICESNEEDTOACCESSTHE7,!. Determine and document the full complement of devices that people will use to access the WLAN. The performance requirements of the WLAN will depend on both the applications and the capabilities of the client devices. For example, design engineers, architects, and doctors tend to work with bandwidth-hungry applications, so you might need to provide greater capacity. Conversely, if it is a warehouse with a low client density of mostly barcode scanners, a lower access point density might be suitable. Finally it is important to consider voice, or the future use of voice. If some or all people will use VoWLAN (Voice over WLAN) devices, that can affect how many users each access point can accommodate.NOTE: For some access point User Guidelines, see Section 2.2.5, Bandwidth Assumptions for Wi-Fi.2.2.3 Site SurveysOne of the first questions IT managers ask when they are preparing for a WLAN deployment is whether or not a site survey should be performed. In a site survey, the administrator walks around the facility with a site survey tool to measure the radio frequency (RF) coverage of a test access point or the existing WLAN infrastructure.Whether or not you decide to do a site survey for your enterprise depends on the cost of the survey and the complexity of the environment. Here are the three ways to deploy a wireless network—with and without a site survey:s0REDEPLOYMENT3URVEY The safest approach is to perform a site survey before deployment to determine the best locations for the access points. Typically, site survey professionals temporarily place access points in different locations, take measurements, and adjust their settings and locations as necessary. After they complete the survey, they install the access points and then perform another site survey to confirm that the goals have been achieved. This method is clearly the most reliable way to deploy a wireless network; however, it can be expensive, time consuming, and impractical if an enterprise has many sites.

724-746-5500 | blackbox.com Page 16Chapter 2: Preparing for a WAN Deployments$EPLOYAND#HECK In this scenario, an initial site survey is not performed. Instead, wireless administrators make educated guesses on the best locations for the access points, or they use a planning tool to determine the locations more reliably. After deploying the access points, the administrators do a quick site survey. If they need to provide greater coverage, they deploy additional access points. If there are areas where access points are interfering with each other, they then relocate one or more of them. With cooperative RF control, SmartPath APs automatically adjust their channel and power to compensate for coverage gaps and areas of interference. The deploy-and-check approach is often much cheaper and faster than doing a predeployment site survey. The risk is that you might have to move some access points and CAT5 (Category 5) Ethernet cables if you do not plan properly. SmartPath provides a huge competitive advantage in the deploy-and-check approach, thanks to its flexible mesh networking capability. An administrator can deploy with mesh (before running wires) and check the performance in several layouts, determine the best layout, and then run the wires to their final location.s$EPLOYWITHOUT3URVEY Although it is usually advisable to do a site survey, there are many situations in which it is not feasible or even necessary. If the location is sufficiently small—for example, a deployment of only three or fewer access points—site surveys have limited value because there is virtually no opportunity for interference. If there are numerous remote locations, a site survey might be impractical because of the cost of traveling to each site. In these locations, you can use a slightly denser deployment to ensure appropriate coverage and capacity. SmartPath APs automatically adjust their radio power levels to ensure that there is minimal overlap from interfering channels. Usually the cost of extra access points is offset by the cost saved by not doing a site survey in a remote location.2.2.4 Budgeting Wi-Fi: The Chicken and Egg ProblemThe hardware cost of a Wi-Fi solution is generally driven by the number of access points needed, and a SmartPath network is no exception. Unfortunately, a traditional challenge of budgeting for Wi-Fi is that it is difficult to know how many access points to plan for until you have deployed and measured them. There are methods of doing site surveys before a deployment to answer these questions. While doing so is often worthwhile, you might just need a general idea of what you should budget. Fortunately there are some simple guidelines that you can use to figure out how many access points you need, including the number of access points per square foot, the number of clients per access point, and the distance between access points.s!CCESS0OINTSPER3QUARE&OOT The simplest and most common way of budgeting access points is per square foot. You simply take the square footage of a building and divide it by some number. The most common metric used today is one access point for every 4000 to 5000 square feet for standard offices with cubicles. However, if you need to support voice applications, you need a higher concentration of access points. In this case, the recommended formula is one access point for every 3000 square feet, or even as low as one access point for every 2000 square feet. In the lightest weight convenience networks, it is possible to use fewer access points, and densities as low as one access point for every 10,000 to 15,000 square feet can be successful. Keep in mind that such a deployment often has dead spots and can only support very low client densities.s.UMBEROF#LIENTSFOR%ACH!CCESS0OINT Another way to determine the number of access points needed is to consider the number of clients you want each access point to support. In a standard office environment, most enterprises plan to support an average of 5 to 15 clients per access point. Although the specifications of most access points state that they can support up to about 120 clients, a significantly lower density is recommended to get an acceptable throughput for standard office applications. If you expect to support voice over Wi-Fi in the enterprise, account for those phones as well. With the addition of voice, the client density substantially increases, requiring you to plan for an average of 5 to 10 data clients and 5 to 10 voice clients for each access point. Remember that voice clients consume virtually zero bandwidth when they are not on a call. However, when they are on a call, it is imperative that the traffic goes through.

724-746-5500 | blackbox.com Page 17Chapter 2: Preparing for a WAN Deployments$ISTANCE"ETWEEN!CCESS0OINTS In a standard office environment, it is a good idea to ensure that access points are between 30 and 100 feet from one another. A distance of 30 feet is needed in high-density environments and those with many walls separating access points. A distance of 100 feet is sufficient in low-density areas with plenty of open space.These three tips can help determine how many access points to deploy in a given area. In general, the square footage estimate provides the best budgeting estimate, with client estimations and the distance between access points confirming the square foot-age calculations.As with all rules, there are exceptions. If certain locations in the network have a higher density of clients, such as conference rooms or lecture halls, a higher density of access points is required. Conversely if there are large open areas with few active clients, fewer access points are sufficient.Planning ToolsIf following general guidelines does not provide enough confidence or if the deployment environment is particularly challenging, you might consider using software planning tools like AirMagnet Planner or Ekahau® Site Survey (ESS). Black Box also includes a free planning tool with the SmartPath AP on-line software. Such tools are useful in determining the placement of access points without performing a site survey.Associated Access Point CostsAfter you determine how many access points you need, it becomes simpler to determine the other costs involved with deploying Wi-Fi because most are driven by the quantity of access points. These costs include the following:s)NSTALLATIONAND7IRING- CAT5: CAT5 wiring is required for all SmartPath APs acting as portals.* One advantage of SmartPath networks is that you can deploy SmartPath APs in a mesh to avoid some of the wiring costs.- Power: Power lines are required for all SmartPath APs acting as mesh points.† Portals receive power through power lines or through Ethernet cables by using the Power-over-Ethernet (PoE) option.- Installation: SmartPath APs can simply snap into standard dropped-ceiling environments. However, if the installation is in a warehouse or any environment without dropped ceilings, consider the installation costs.s)NFRASTRUCTURE0O%3WITCHES You must cable every SmartPath AP acting as a portal to a switch port. For PoE, there are several considerations:- 802.3af: The current PoE specification provides enough power for all 802.11a/b/g access points.- 802.3at: The current PoE specification supports higher power devices like 802.11n access points.- PoE injectors and midspans: These save money on switch upgrades by injecting power into standard Ethernet connections.s3ITE3URVEYAND$EBUGGING3OFTWARE- For a sizable deployment, you probably will use site survey and debugging software. Deployment and troubleshooting tools from Ekahau and AirMagnet pay for themselves very quickly. These products enable the validation of a deployment and allow you to troubleshoot client and access point issues. (For more information, see Section 2.3, Operational Considerations.)s0ROFESSIONAL3ERVICES- When deploying wireless LANs, professional services are often required to perform site surveys.*A portal is a cluster member that links one or more mesh points to the wired LAN.†Mesh points are cluster members that use a wireless backhaul connection to link through a portal to the wired LAN.

724-746-5500 | blackbox.com Page 18Chapter 2: Preparing for a WAN Deployments#LIENT3OFTWARE- Depending on the deployment, users can use built-in Microsoft® Windows®, Linux® and/or Macintosh® client software (supplicants).- For better services and troubleshooting, consider a third-party supplicant such as Juniper Networks® Odyssey Client.2.2.5 Bandwidth Assumptions for Wi-FiPeople frequently talk about how much coverage an access point provides; however, it is capacity—not coverage—that typically constrains an access point in an enterprise environment. The challenge is not how far the RF signal can travel (coverage), but how to deliver enough bandwidth to meet the demands of business applications (capacity). In other words, you might be able to cover an office of 50 people with one access point, but if all 50 people choose to access it at the same time, it might become overload-ed. Indeed, if you use the formulas provided in this paper, you should find the saturation of access points on your campus to be more than sufficient. Enterprise users are accustomed to speedy switched networks and expect similar performance from their wireless LAN connections. This is why documenting the size and type of applications that will rely on your WLAN is so critical to your planning. In short, if you plan for optimal capacity, complete coverage will follow automatically.In general, the way to increase capacity is to add more access poisnts (within reason) and tune down the radio power to avoid interference. One reason for deploying a high-capacity network is to create a WLAN for voice and data applications. In such a WLAN, everyone has a VoIP handset running wirelessly all the time.In general, the following table shows the standard densities for office deployments:Table 2-1. Standard densities for office deployments.Office RequirementsExpected Data Rate with 802.11g ClientsExpected Data Rate with 802.11n ClientsAccess Point Density)20 MHz 40 MHzCoverage (low capacity) 12 to 24 Mbps -39 Mbps -81 Mbps 1 access point per 8000 square feetStandard office deployment 36 Mbps -104 Mbps -216 Mbps 1 access point per 5000 square feetStandard office deployment with voice 54 Mbps -130 to -144 Mbps -270 to -300 Mbps 1 access point per 2000 to 3000 square feetNOTE: Data rate is not the same as TCP throughput. Because of various headers, inter-frame gaps, and session creation, real TCP throughput usually does not exceed 22 Mbps at data rates of 54 Mbps.2.2.6 Overcoming Physical ImpedimentsNot every potential deployment is a standard business campus. The following scenarios are a few that merit special consideration.s/PEN3PACE Open spaces, such as a large foyer or an outdoor area, are very easy to cover with Wi-Fi because there are few impediments to propagation and fewer opportunities for multipath interference. In such spaces, Wi-Fi signals can propagate many hundreds of feet. This is good if you want to provide coverage for just a few users. You will run into challenges if there are many users and high-capacity service goals. In these situations, it is important to tune down the RF to a minimal level. The SmartPath APs do this on their own automatically. Another trick is to take advantage of obstacles that block Wi-Fi. Look for trees or walls and put neighboring access points on either side of them. Doing so limits the interference of the two access points and allows for the installation of more access points with less interference.s7AREHOUSEAND2ETAIL Warehouse and retail environments present many challenges. One of the largest challenges is that RF characteristics often change because of varying inventory levels and, in the case of retail, seasonal displays (such as tinsel or a stack of soda cans on an end cap). Additionally, metal shelves and high ceilings can be challenges to propagation. To resolve with these issues, it is wise to put at least one access point per aisle to ensure coverage for that aisle. This usually requires a higher density of access points than would otherwise be required.

724-746-5500 | blackbox.com Page 19Chapter 2: Preparing for a WAN Deployments#ONFIGURING!NTENNAS As anyone who has administered a WLAN system in the past knows, proper configuration of the access point antennas at the outset can save you lots of trouble. The SmartPath AP (LWN602A) has internal antennas that cannot be adjusted. However, the antennas for the SmartPath (LWN602HA) are adjustable. The SmartPath AP (LWN602A) has a pair of fixed, dual-band omnidirectional antennas; and the SmartPath AP (LWN602HA) can support up to six single-band omnidirectional antennas (three for the 2.4-GHz radio and three for the 5-GHz radio). You typically orient these antennas vertically, positioning the anten-nas on all SmartPath APs in the same direction. Omnidirectional antennas create a coverage areas that can be toroidal (dough-nut-shaped) or cardioid (heart- or plum-shaped), broadcasting to the sides much more effectively than up or down (see Figure 2-1). In general, this is good for most office environments because you have large flat floors. However, it can be a problem in environments with high ceilings. Toroidal Pattern Cardioid PatternFigure 2-1. Omnidirectional antenna radiation patterns.The SmartPath AP can accommodate external antennas via coaxial jacks on its chassis. The jack is a standard male RP-SMA con-nector. Various patch, directional, and omnidirectional antennas can be used to change the coverage pattern. The most common external antennas are patch antennas. These are directional antennas that provide coverage in a single direction. Most commonly they have a transmission pattern as shown in Figure 2-2. Based on the gain, the signal will be wide (like the low gain antenna shown on top) or narrow and long (like the high gain antenna shown on the bottom). Note that the coverage patterns are not perfect for these antennas and that they often broadcast slightly in other directions than the primary one. These extra “lobes” can be seen in both of the patterns shown below.Higher GainLower Gain(Bird’s Eye View)Patch AntennasHigher GainBird’s Eye ViewHigher GainLower GainPatch AntennasFigure 2-2. Directional antenna patterns.

724-746-5500 | blackbox.com Page 21Chapter 2: Preparing for a WAN Deployment2.2.8 Online Planner EnhancementsSeveral enhancements were made to improve the usability and accuracy of the on-line planner. Perimeter Wall Type: You can now specify a wall type for building perimeter walls. The perimeter is the blue line that defines the area of a building in which SmartPath EMS VMA can automatically place SmartPath AP icons. To apply a wall type to a perimeter that you have already drawn, right-click the perimeter line, click “Change Wall Type," and then choose Dry Wall (3 dB), Brick Wall (10 dB), or Concrete (12 dB). (See Figure 2-3.) To apply a wall type in previous releases, you had to draw a blue perimeter, and then trace over it with another wall type, such as a brick wall. The new approach is much more efficient.Figure 2-3. Choosing wall type.Wall Opacity: The main purpose of adding walls to a map is to show their effect on signal attenuation. After adding walls—including perimeter walls—you can diminish their opacity so that they blend into the background map instead of standing out PROMINENTLYINTHEFOREGROUND4OADJUSTTHEIROPACITYCLICK/PERATION'LOBAL3ETTINGSORRIGHTCLICKTHETOPLEVELMAPNAMEand click “Global Settings.” Then choose the percent of opacity that you want for the walls from the Opacity of walls drop-down list (see Figure 2-4). Figure 2-4. Wall opacity.Meaningful SmartPath AP Host Names: When using the Auto Placement feature, SmartPath EMS VMA automatically names the SmartPath AP icons. However, names like “LWN602A-0021400” are not particularly meaningful. You can give them names like "Lobby" or "Conf Room 1," which makes it easier for installers to use an exported PDF report to know where each one goes. To change the host name of a SmartPath AP icon, right-click it, and then edit the Host Name field in the AP Details dialog box that appears (see Figure 2-5). To see the host names in the GUI and in PDF reports, choose “Host Name” from the AP Labels drop-down list on the View tab.

724-746-5500 | blackbox.com Page 22Chapter 2: Preparing for a WAN DeploymentFigure 2-5. AP details.Setting the Navigation Tree Width: By default, the width of the navigation tree is 180 pixels. If you want to make the tree wider or narrower, based on the length of map names and the depth of the nested structure, you can reset the width by clicking /PERATION5PDATE4REE7IDTHSEE&IGURE4HENENTERADIFFERENTVALUEINPIXELSANDCLICKh5PDATEv$IFFERENTADMINISTRATORScan define different settings, which SmartPath EMS VMA retains for each one when they return to the topology section. Note that making the tree width too narrow can cause some of the information in the notifications section at the bottom of the tree panel to be cut off. Figure 2-6. Navigation tree width.Auto Placement Improvements: The calculation for the automatic placement of SmartPath AP icons on a map has been revised to leave smaller coverage holes on maps (see Figure 2-7). The automatic placement of icons, especially on smaller floor plans, sometimes left considerable coverage holes. With the new improvements, coverage is now greater than 90% and often greater than 95%.

724-746-5500 | blackbox.com Page 23Chapter 2: Preparing for a WAN DeploymentFigure 2-7. Auto placement.2.3 Operational ConsiderationsTo make your WLAN deployment process as smooth as possible, you should consider more than just the distribution and installation of access points. You should also consider how you will manage, optimize, and troubleshoot your WLAN after deployment.2.3.1 TuningApproach building an enterprise WLAN with the same life-cycle approach you would apply to a wired network. After you deploy the WLAN, revisit key network engineering processes to account for changes in the environment. Watch for access points that are overloaded or are underused, and check for potential dead spots. Furthermore, be aware that the likely points of failure can change as the environment changes. For example, a neighboring business might install access points that cause RF interference on your network. You should schedule and perform periodic walkthroughs to ensure that the design goals of the wireless network continue to be met. The SmartPath EMS VMA provides quick views into how the network is behaving, which SmartPath APs are the most heavily loaded, and which have the most clients.2.3.2 Spectrum Analysis Black Box SmartPath APs have the ability to perform spectrum analysis in both the 2.4-GHz and 5-GHz band. Spectrum analysis provides a live view of the RF environment so that you can plan for further WLAN deployment or troubleshoot WLAN issues such as high retransmission rates caused by device interference or slow connections from overuse. There are two main spectrum analysis functions: the graphical rendering of the RF environment in an FFT trace and swept spectrogram, and the identification of interference devices such as cordless phones, microwave ovens, video bridges, and Bluetooth devices. The SmartPath APs that support each of the spectrum analysis functions are listed in the following table: Table 2-2. Supported spectrum analysis functions.Access Point FFT Graphs and Swept Spectrographs Interference Device IdentificationSmartPath AP (LWN602A) Yes YesSmartPath AP (LWN602HA) No No

724-746-5500 | blackbox.com Page 24Chapter 2: Preparing for a WAN DeploymentThe number of SmartPath APs that can perform a spectral scan concurrently varies depending on the SmartPath EMS VMA platform you use. SmartPath EMS VMA Virtual Appliance limits the number of concurrent scans to two (that is, only two SmartPath APs can perform spectrum analysis functions as the same time); the physical SmartPath EMS VMA permits up to 20 concurrent scans.To start the spectrum analyzer feature: #LICK-ONITOR!CCESS0OINTS3MART0ATH!0SSELECTTHE3MART0ATH!0ONWHICHYOUWANTTOSTARTTHESPECTRUMANALYZER FEATUREANDTHENCLICK4OOLS3PECTRUM!NALYSISA message appears with a warning that performing spectrum analysis on the selected SmartPath AP will affect performance and prompts you to confirm your decision. As a general rule, try to use this tool on SmartPath AP portals that are not actively serving clients rather than on mesh points with which clients are currently associated. 2. If you want to continue, click “Yes.” SmartPath EMS VMA immediately initiates the analysis tool on the selected SmartPath AP and displays the analysis pane, which contains three main areas: a status bar at the top of the pane, an area containing the graphical analysis feedback, and an interference reporting area at the bottom of the pane.NOTE: To use the spectrum analysis feature on a radio in access mode, you must have at least one SSID configured on your WLAN on at least one SmartPath AP running SmartPath OS 4.0r1.Status Bar The status bar contains a brief overview of the current analysis parameters, including which SmartPath AP is employed, the frequency band and channels, and the time remaining in the analysis. In addition to the parametric information, four navigation buttons are also displayed.Figure 2-8. Status bar.Settings: Click to open a dialog box in which you can change the parameters of the spectrum analysis. Modify the following settings, and then click “Update:”Interface: Choose which interface you want to use to collect data by the band with which it is associated. If you choose 2.4 GHz (11n/b/g), then the SmartPath AP uses its wifi0 interface to monitor the 2.4-GHz band. If you choose 5 GHz (11n/a), then it uses its wifi1 interface to monitor the 5-GHz band. 2.4-GHz Channels: This field only appears if you choose 2.4 GHz (11n/b/g) from the Interface drop-down list. In this field, you can enter any combination of channels that occurs in the 2.4-GHz band. If you are entering noncontiguous channels, then sepa-rate the channel numbers by commas. If you are entering a range of channels, use the hyphen ( - ) to indicate the range. For example, to monitor Channel 1, 5, and the range 7 through 11, then enter 1, 5, 7-11 into this field. To monitor the entire band, enter 1-11, or 1-13, or 1-14, depending on the channels allowed for your region. 5.0-GHz Channels: This field only appears if you choose 5 GHz (11n/a) from the Interface drop-down list. In this field you can enter any combination of channels that occurs in the 5-GHz band. If you are entering noncontiguous channels, then separate the channel numbers by commas. If you are entering a range of channels, use a hyphen ( - ) to indicate the range. For example, to monitor Channel 36, 48, and the range 149 through 165, then enter 36, 48, 149-165 into this field. To monitor the entire band, enter 36-165.Data Collect Interval: The data collection interval refers to the time interval between scans of the spectrum. Each time the SmartPath AP scans the spectrum, it updates the display. If the data collection interval is five seconds, then the SmartPath AP scans every five seconds and updates the display. You can change the interval from 1 to 30 seconds. The default is a one-second interval.

724-746-5500 | blackbox.com Page 25Chapter 2: Preparing for a WAN DeploymentRun Time: The run time determines how long the scanning process lasts. The default run time is five minutes, which is generally long enough to get a rough idea of the RF (radio frequency) environment. For more intense scrutiny of the RF environment, longer run times are called for. The maximum run time is eight hours. Return:4HE2ETURNBUTTONRETURNSYOUTOTHE-ONITOR!CCESS0OINTS3MART0ATH!0SPAGEWITHOUTSTOPPINGTHEANALYSIS7HENYOURETURNTOTHE-ONITOR!CCESS0OINTS3MART0ATH!0SPAGEANICONAPPEARSTOTHERIGHTOFTHE3MART0ATH!0NAMEindicating that the spectrum analysis feature is enabled, which means that an analysis is running. To return again to the spectrum analysis page, simply click this icon or perform the same steps to start an analysis. Attempting to start an analysis while one is already running does not start a new instance; rather, it returns to the view of the current analysis in progress.Stop: When you click “Stop,” the current analysis ends. SmartPath EMS VMA appliance allows for 10 concurrent scans, and 3MART0ATH%-3/NLINEDISPLAYSTHE-ONITOR!CCESS0OINTS3MART0ATH!0SPAGEAGAINMaximize: Clicking the maximize button (four outward-pointing arrows) on the status bar causes the entire pane to be maxi-mized to fill the browser frame. To return to the normal view, simply click the Restore Down button (four inward-pointing arrows) in the upper right corner of the browser. Graphical Analysis Feedback Area The graphical analysis feedback area displays four representations of the received signals, arranged by default in a two-by-two array. Figure 2-9. Graphical analysis.

724-746-5500 | blackbox.com Page 26Chapter 2: Preparing for a WAN DeploymentEach of the representations can be enlarged to fill the entire analysis pane to provide more detail or to increase its visibility, or be deleted from the array to simplify the display. To change the display in this manner, use the buttons in the upper right corner of each of the representations.Pause/Resume: You can suspend a trace by clicking the Pause button. When you click “Pause,” the button becomes a Resume button (right-pointing triangle). To resume the trace, click “Resume.” NOTE: Pausing one of the displays does not affect any of the other displays and does not stop the collection of data. When you resume a display, it returns to displaying data as if there were no interruption. Maximize: Click the Maximize button (four outward-pointing arrows). This causes the small display to enlarge to fill the entire content pane of the page. This is distinct from the Maximize button on the status bar, which maximizes the content pane to fill the browser. To return to the smaller view, click the Restore Down button. This causes the display to return to the previous arrangement. Close: When you click the Close [ x ] button, the affected display disappears and the neighboring display expands to fill the vacated area. To recover a closed display, navigate away from the spectrum analysis page and then return to it. When you return, SmartPath EMS VMA again organizes the display in its default arrangement. A description of each of the four graphical representations of the RF environment follows: Real-time FFT: The real-time FFT is a trace that indicates the power of a signal (vertical axis) along a domain of frequencies (horizontal axis). The term FFT (fast Fourier transform) refers to the mathematical algorithm used to decompose received signals into their component’s frequencies. Within this display, there are two traces: the red trace indicates the real-time power levels, whereas the gray trace indicates the maximum power level reached during the current data collection session. On maximizing this display, you gain access to the following additional display parameters: Band: You can choose which band you want to monitor in this display: 2.400-2.500 GHz, 5.150-5.350 GHz, 5.470-5.725 GHz, or 5.725-5.850 GHz. Channels: Choose one of the channel combinations in the drop-down list to display channel boundaries within the graph. Center: Use this control to scroll the graph right or left. You can use the Center control in combination with the Span control to zoom in on a specific area of the frequency domain. Span: This control establishes the width of the viewable area, effectively zooming in on the center frequency. Use this control with the Center control to zoom in on a specific area of the frequency domain. Reference Level: By default, the reference level of the graph (the top line) is 0 dBm. When used with the Vertical Scale control, you can zoom in on a specific portion of the actual trace.By changing the reference level using this control, you can also view very low power levels near the noise floor. In a very quiet environment, the noise floor is generally between -130 dBm and -90 dBm; in very noisy or busy environments, it is much higher. Vertical Scale: The vertical scale of a graph indicates how much vertical distance on the graph corresponds to power. By default, the vertical scale is set to 10 dB, which means that a power change of 10 dB corresponds to a specific, physical vertical distance on the graphic display. Changing that setting to 5 dB doubles the vertical resolution of the graph. Because there are many different sizes of monitors, the actual scale that you see in your browser is relative.Max Hold: By default, this check box is selected and SmartPath EMS VMA displays the gray trace that indicates the maximum power level reached during the current data collection session. To turn off the gray trace, clear the check box. FFT Duty Cycle: The FFT duty cycle is the amount of time as a percent of total time that the SmartPath AP receives a signal above 20 dB above the noise floor. FFT duty cycle is often referred to as channel utilization because it indicates to what extent a channel is actually in use in terms of the relative amount of time the signal is present (vertical axis). Within this display, there are two traces: the red trace indicates the real-time duty cycle, whereas the gray trace indicates the maximum duty cycle reached during this data collection session.

724-746-5500 | blackbox.com Page 27Chapter 2: Preparing for a WAN DeploymentOn maximizing this display, you gain access to the following additional display parameters: Band: You can choose which band you want to monitor in this display: 2.400-2.500 GHz, 5.150-5.350 GHz, 5.470-5.725 GHZ, or 5.725-5.850 GHz. Channels: Choose one of the channel combinations in the drop-down list to display channel boundaries within the graph. Center: Use this control to scroll the graph right or left. You can use this control in combination with the Span control to zoom in on a specific area of the frequency domain. Span: This control establishes the width of the viewable area, effectively zooming in on the center frequency. Use this control with the Center control to zoom in on a specific area of the frequency domain.Maximum: By default, the maximum is set to 100%. This means that when the trace reaches the top of the graph, it has a duty cycle of 100%. You can use this control to set a lower maximum to gain resolution. When used with the Minimum control, you can zoom in on a specific portion of the trace. Minimum: By default, the minimum is set to 0%. This means that when the trace reaches the bottom of the graph, it has a duty cycle of 0%. You can use this control to set a higher minimum to gain resolution. When used with the Maximum control, you can zoom in on a specific portion of the trace.Max Hold: By default, this check box is selected and SmartPath EMS VMA allows for 10 concurrent scans, and SmartPath EMS Online displays the gray trace that indicates the maximum duty cycle reached during this data collection session. To turn off the gray trace, clear the checkbox.Swept Spectrogram: A swept spectrogram tracks the signal power over time. That is, it produces a color-coded sweep of spectral information such that the admin can view the real-time FFT in terms of its historical values. The swept spectrogram—also called a heat map—reports the frequency on the horizontal axis, the history (in sweeps) on the vertical axis, and the power encoded as a set of colors. Blue indicates low power levels, whereas red indicates high power levels; the gradient of colors from light blue, through green, yellow, and orange, indicates intermediate power levels.On maximizing this display, you gain access to the following additional display parameters: Band: You can choose which band you want to monitor in this display: 2.400-2.500 GHz, 5.150-5.350 GHz, 5.470-5.725 GHz, or 5.725-5.850 GHz. Channels: Choose one of the channel combinations in the drop-down list to display channel boundaries within the graph. Swept Spectrogram-FFT Duty Cycle: A swept spectrogram of the FFT duty cycle tracks the duty cycle over time. This spectro-gram produces a color-coded sweep of duty cycle information with frequency on the horizontal axis, history (in sweeps) on the vertical axis, and the duty cycle encoded as a set of colors. Blue colors indicate low duty cycle (the darkest blue is 0%), whereas red colors indicate high duty cycles (the darkest red is 100%); the gradient of colors from light blue, through green, yellow, and orange, indicates intermediate duty cycle values.On maximizing this display, you gain access to the following additional display parameters: Band: You can choose which band you want to monitor in this display: 2.400-2.500 GHz, 5.150-5.350 GHz, 5.470-5.725 GHz, or 5.725-5.850 GHz. Channels: Choose one of the channel combinations in the drop-down list to display channel boundaries within the graph.Both swept spectrograms together provide a useful view of how the RF environment behaves over time, which in turn provides clues to uncovering problems, such as identifying intermittent interference sources. Interference Reporting Area The interference reporting area at the bottom of the pane displays any sources of RF interference that the spectrum analyzer can identify. This area provides a summary of all interference sources for quick review. This area contains six columns to help identify the affected channels and the approximate position of the interference.

724-746-5500 | blackbox.com Page 28Chapter 2: Preparing for a WAN DeploymentAP Name: The name of the SmartPath AP that is reporting the interference. If an interference source is reported by a few SmartPath APs, but not others, you can use this to approximate the physical location of the interference. Device Type: SmartPath EMS VMA maps the signature of the interference to a specific device type such as a cordless phone, microwave oven, or Bluetooth, which it then reports in the Device Type column. The device type listing can help determine whether the interference source might be a security concern.Discovered: This column shows the date and time that the SmartPath AP discovered the source of the interference. You can track regular, periodic, and intermittent interference sources using this information.Channel Affected: When SmartPath EMS VMA identifies an interference source, the channel in which it occurs appears here. Center Frequency: The center frequency of the affected channel appears in this column. Occupied Bandwidth: This column displays the bandwidth of the affected range of frequencies. NOTE: The last three columns contain redundant information and provide the same information from different perspectives so that you can gain a more a complete understanding of the affected frequencies and channels.Table 2-3. Interference reporting.AP Name Device Type Discovered Channel Affected Center Frequency Occupied BandwidthSmartPathAP-0e5580 Microwave oven 2011-05-17 12:09:17 9 2542 20SmartPathAP-0e5580 Microwave oven 2011-05-17 12:04:22 10 2457 20During the brief intervals of time that the spectrum analyzer is sampling, no data transfer occurs. However, if the SmartPath AP is very busy processing wireless traffic (that is, it has a high duty cycle), then the sampling and analysis can subtly impact the perfor-mance. In addition, any analysis that monitors multiple channels must accommodate the added time needed for the scanning interface to switch channels.2.3.3 TroubleshootingSome of the most common issues that arise after deploying a new wireless network are RF interference, RADIUS issues, and desk-top client issues. The first step in troubleshooting is to look at logs and use debug commands. Black Box offers an extensive set of event monitoring and debug tools that you can use through SmartPath EMS VMA, the SmartPath AP network management sys-tem. For additional troubleshooting, particularly of clients or neighboring networks, Black Box recommends two tools, which are available on the Internet: Ethereal Warehouser (http://www.wireshark.org/) and AirMagnet Laptop Analyzer (http://www.airmag-net.com/products/laptop.htm).2.3.4 ManagementCurrent Wi-Fi networks typically span an entire company and have complex security policies. Fortunately, the SmartPath EMS VMA Network Management System makes it simple to manage large networks from a central location. It provides a single cen-tralized management instance for the entire wireless network. Although managed SmartPath APs can operate without SmartPath EMS VMA, it simplifies the provisioning of global policy management and centralized configuration and monitoring. SmartPath EMS VMA lowers operating costs by speeding deployment, configuration, and monitoring of the wireless network.Managing faults and alarms is critical to maintaining uptime. You can view and manage events through SmartPath EMS VMA log-ging. Optionally, you can use a third-party tool such as HP® OpenView®.SmartPath EMS VMA makes it easy to monitor and troubleshoot SmartPath APs within a WLAN infrastructure. SmartPath EMS VMA can import hierarchical map views that represent the physical location of the network, from the perspective of the entire world down to the floor level.2.3.5 Manual, Automatic, and Semi-Automatic Rogue Mitigation You can manually mitigate rogue APs and their clients, or you can configure SmartPath APs to mitigate them automatically upon detection. You can also use a semi-automatic approach in which you determine when to start and stop the mitigation and allow the SmartPath APs to determine which SmartPath APs carry out the deauth attacks that comprise the mitigation effort.

724-746-5500 | blackbox.com Page 29Chapter 2: Preparing for a WAN Deployment!FTERCREATINGA7)03POLICYONTHE#ONFIGURATION!DVANCED#ONFIGURATION3ECURITY0OLICIES7)030OLICIES.EWPAGEdefine how you want to perform rogue AP and client mitigation: manually, automatically, or semi-automatically. Each approach is described below. Manual Mitigation To mitigate rogue APs and their clients manually, expand the Optional Settings section and select Manual. The following mitigation parameters apply when operating in manual mode: Period for client detection and mitigation: After you enable rogue detection on a SmartPath AP, it scans detected rogue APs for clients during the period of time that you specify. If you manually start mitigation against a rogue, the SmartPath AP not only continues scanning for clients during this period, it also sends deauth frames to the rogue AP and any detected clients during the same period. For example, if you leave this at its default setting of 1 second, the SmartPath AP checks for rogues and attacks them every second. Consecutive number of mitigation periods: This specifies how many consecutive periods of time to spend attacking a rogue AP and its clients before allowing client inactivity to cause a ceasefire and commence a countdown to end the mitigation. The default setting is 60 consecutive periods. Max time limit for mitigation efforts per rogue AP: This is the maximum amount of time that an attack against a rogue AP can last. If the length of client inactivity does not cause the attack to be suspended or if you do not manually stop the attack, the SmartPath AP will stop it when this time limit elapses. The default duration is 14,400 seconds (4 hours), which means that a SmartPath AP continues checking for clients of a detected rogue for up to four hours and mitigating them if it finds them. Length of client inactivity needed to stop mitigation: The SmartPath AP stops an attack when there are no more clients associated with the mitigated rogue AP for this length of time. The default setting is 3600 seconds (1 hour). If the SmartPath AP detects any associated clients before this length of time elapses, it sends a deauth flood attack and resets the counter to begin the countdown again. If there are no more clients associated with the AP after this length of time elapses, the SmartPath AP stops the mitigation process—even if there is still time remaining in the maximum time limit. NOTE: The remaining parameter—max number of mitigator APs per rogue AP—only applies when using automatic and semi-automatic modes. )N-ANUALMODEYOUMUSTPERIODICALLYCHECKFORROGUE!0SANDTHEIRCLIENTSONTHE-ONITOR!CCESS0OINTS2OGUE!0SPAGE)Fyou find a rogue that you want to mitigate, select the checkbox in each row of a reporting SmartPath AP that you want to use to PERFORMTHEMITIGATIONANDTHENCLICKh-ITIGATION3TARTv7HENYOUTHINKTHATTHEMITIGATIONPROCESSHASCONTINUEDLONGENOUGHANDYOUWANTTOSTOPITSELECTTHECHECKBOXOFEACHATTACKING3MART0ATH!0ANDTHENCLICK-ITIGATION3TOP7ITHmanual mitigation, you manually control the entire mitigation process: which rogues to attack, which SmartPath APs to use in the attack, when to start the attack, and when to stop it.Automatic MitigationTo configure SmartPath APs to mitigate rogue APs and their clients automatically, expand the Optional Settings section and select Automatic. In this mode, SmartPath APs automatically start and stop the mitigation process without any administrator involvement. When you select Automatic, the following option appears: Automatically mitigate rogue APs only if they are connected to your network. By default, this check box is selected. This ensures that SmartPath APs only attack rogue APs that are in their backhaul network, not APs in external networks that happen to be within radio range.NOTE: Be careful not to attack legitimate external APs. If there are neighboring wireless LANs within radio detection range, only enable automatic mitigation of rogue APs detected in your own network.

724-746-5500 | blackbox.com Page 30Chapter 2: Preparing for a WAN DeploymentAll the parameters in the Mitigation Parameters for Rogue APs and Their Clients section apply to SmartPath APs that perform automatic mitigation. In addition to the parameters explained above, there is one other: Max number of mitigator APs per rogue AP: For automatic and semi-automatic mitigation, cluster members choose one SmartPath AP to be the arbitrator AP, which is the one to which all the detector APs send reports. The arbitrator AP also deter-mines which detector APs perform mitigation. When they start, they become mitigator APs. Set the number of mitigator APs that the arbitrator AP can automatically assign to attack a rogue AP and its clients.Semi-Automatic Mitigation To configure SmartPath APs to mitigate rogue APs and their clients semi-automatically, expand the Optional Settings section and select Semi-Automatic. This approach combines elements of both the manual and automatic approaches. Like manual mitigation, YOUMUSTPERIODICALLYCHECKFORROGUE!0SANDTHEIRCLIENTSONTHE-ONITOR!CCESS0OINTS2OGUE!0SPAGECHOOSEAROGUE!0to mitigate, and start the mitigation process. Like automatic mitigation, the arbitrator AP automatically chooses which SmartPath APs perform the attack. Because the arbitrator AP determines which SmartPath APs perform the mitigation, it does not matter which entries on the Rogue APs page you select or how many you select. The arbitrator AP decides which SmartPath AP to assign to do mitigation based on two factors: radio channels and RSSI values. If a SmartPath AP is already using the same channel as a rogue AP, the arbitrator is likely to assign it as a mitigator AP so that it does not have to change channels to launch its attack. If one SmartPath AP reports a stronger RSSI value for a rogue AP than another SmartPath AP, that also increases the likelihood of it being selected as a mitigator because it is within closer attack range of the rogue and its clients.2.3.6 Deploying with ConfidenceMoving a large enterprise—or even a small one—to a WLAN for the very first time need not be daunting. If you have moderate experience with LAN deployments of other types and you have taken time to get answers to the important questions that will affect the network data load, you have every prerequisite for success. The bottom line is to remember to take stock of your project before you begin to ward against unforeseen costs and performance bottlenecks. If you have considered the issues and guidelines presented here, you are not far away from a successful WLAN deployment.2.4 Basic Wi-Fi ConceptsThe goal of this section is to provide some background on Wi-Fi propagation and how to lay out a wireless network. Although radio frequency (RF) engineering is a rather complicated science, this section provides a simple overview on the basics of Wi-Fi propagation and channel layout that you need to be able to install an enterprise WLAN. The first thing to know is that Wi-Fi is forgiving. Wi-Fi tends to transmit a bit farther than you expect, and even in cases of interference, it tends to just work. This can be both a blessing and a curse. It is a blessing because people will likely have access to the network, and it is a curse because your overall performance might be suboptimal without obvious symptoms, like lack of connectivity. Understanding the basics presented in this section will help ensure a high-performance layout.The first concept to understand is signal strength and how it relates to throughput. Radio power is measured in decibels relative to one milliwatt (dBm) where 0 dBm = 1 milliwatt, but decibels increase using a log10 math function. Rather than dusting off your old math books and pulling out your calculator, look at the dBm-to-milliwatt converter that appears below. Often in Wi-Fi, dBm and milliwatts (mW)—and microwatts (μW)—are used interchangeably. The following table converts between the two units of measurement:Table 2-4. dBm-to-milliwatt conversions.dBm-to-milliwatt dBm-to-milliwatt20 dBm = 100 mW 2 dBm = 1.6 mW15 dBm = 32 mW 1 dBm = 1.3 mW10 dBm = 10 mW 0 dBm = 1.0 mW5 dBm = 3.2 mW -1 dBm = 794 μW4 dBm = 2.5 mW -5 dBm = 316 μW3 dBm = 2.0 mW -10 dBm = 100 μW

724-746-5500 | blackbox.com Page 31Chapter 2: Preparing for a WAN DeploymentIn RF, there is also a relative measurement that you can use to compare two numbers. This measurement is simply dB (without the “m”). To see how this concept is applied, consider how radio signal propagation changes over a distance and how it can be affected. Figure 2-3 shows signal strength over distance as a curve that has the best signal strength closer to the access point. It also shows noise. In general, noise is considered to be low-level background RF signals that can interfere with a WLAN. This noise tends to be the garbled background RF that comes from everything from the sun and stars to man-made interfering devices like Bluetooth® headsets. It is impossible to block out noise, and it should not be attempted. This low level of background noise is called the “noise floor.”Signal-to-Noise RatioDistanceNoiseReceived SignalFigure 2-10. Path loss in an open space.When clients send a packet, the ratio of the signal-to-noise (SNR) level defines the quality of the link, which is directly related to the performance of the network. Based on the SNR, the client and AP negotiate a data rate in which to send the packet, so the higher the SNR the better. For good performance, the SNR should be greater than 20 dB, and for optimal performance it should be at least 25 dB.Signal strength not only diminishes over distance, but it can also be affected by objects in the way (see Figure 2-4). This can be a wall, a tree, or even a person. There is a fairly predictable dB drop through most objects that also decreases the SNR, thus decreasing the data rate. Although this appears to be a bad thing, clever Wi-Fi installers use it to their advantage. It enables them to place more access points in a tighter spot by using pre-existing walls and other impediments to Wi-Fi propagation to keep them from interfering with each other.

724-746-5500 | blackbox.com Page 32Chapter 2: Preparing for a WAN DeploymentSignal-to-Noise RatioDistanceNoiseReceived SignalWallFigure 2-11. Path loss through a wall.Microwave ovens, wireless video cameras, Bluetooth headsets, and cordless phones can all interfere with Wi-Fi signals (see Figure 2-5). Excess noise in an environment is often difficult to diagnose and can have a major negative impact on network performance. To discover noise sources, a spectrum analysis system is needed. AirMagnet provides an affordable spectrum analysis tool that operates in the 2.4-GHz and 5-GHz spectra.Signal-to-Noise RatioDistanceNoiseReceived SignalFigure 2-12. Path loss with noise (from a microwave).Now that you have a sense of how Wi-Fi performance changes over distance and with noise, look at some ways to perform channel assignment. If two access points are on the same channel right next to each other, they are forced to share the same spectrum. This means that they share the 54-Mbps speeds available in 802.11a/g or the 300-Mbps speeds in 80211n rather than each being capable of 54- or 300-Mbps speeds independently. This essentially halves the bandwidth for each access point. To manage this situation, make sure that neighboring APs are on different channels and that their power is adjusted so that it does not overlap that of other APs with the same channel.

724-746-5500 | blackbox.com Page 33Chapter 2: Preparing for a WAN DeploymentIn the 2.4 GHz spectrum, there are 11 channels in the United States. However, a Wi-Fi signal consumes more than one channel. Consequently, there are only 3 non-overlapping channels: 1, 6, and 11. To achieve optimal performance, you need to design a channel layout pattern such as the one on the left in Figure 2-6.646052563644406460525636444064605256364440646052563644406460525636444064605256364440646052563644407-to-1 Layout Pattern11611161611161111116 11166111611111613-to-1 Layout Pattern1161Figure 2-13. Channel layout patterns.NOTE: There are alternative 2.4-GHz channel layouts, such as one for four channels using 1, 4, 8 and 11 and another using channels 1, 5, 9 to counter interference from microwaves, which tend to cause interference in the high end of the spectrum. Black Box recommends alternative channel layouts only for the most challenging radio environments.Designing a channel pattern is easier for the 5-GHz spectrum. Depending on the country and the device being used, there are between 4 and 24 channels available for Wi-Fi use. However, in most countries there are at least eight 40-MHz-wide channels with which to work. To simplify the layout of more than 3 channels, most use a 7-to-1 pattern, as is shown on the right in Figure 2-6. This channel layout is much more flexible than the 3-channel system and allows for much better capacity over all channels.The last topic to cover is the concept of multipath. When a client receives a transmission from an access point (or vice versa), the RF signal reaches the client first through a “direct path,” but then shortly thereafter by the “indirect paths” reflected off other objects. The direct path combined with the indirect paths make up multipaths (see Figure 2-7). RF signals can bounce off almost anything—walls, people, plants, and so on—but they bounce off metal most. As the RF signals bounce about while propagating, one or more of the secondary paths can interfere with the primary path, causing the signal strength of the direct path to diminish. In doing so, multipath can greatly decrease signal-to-noise ratio with legacy 802.11a/g radios. With 802.11n, a certain amount of multipath is desirable and increases performance.Primary PathSecondary PathSecondary PathFigure 2-14. Multipath radio waves.NOTE: If you would like to learn more about how radio-frequency propagation works or the details of 802.11, Wikipedia provides excellent background information under the entries “IEEE 802.11,” “radio propagation,” and “multipath.” Additionally, spending a few hours with a site survey tool such as AirMagnet Surveyor or the Ekahau Site Survey (ESS) and a few test APs can increase both your familiarity with Wi-Fi propagation and your confidence about how it behaves.

724-746-5500 | blackbox.com Page 35Chapter 2: Preparing for a WAN DeploymentCAPWAP Latency Reports: SmartPath EMS VMA tracks the average latency in its CAPWAP connections to each managed 3MART0ATH!0ANDDISPLAYSANICONINDICATINGTHEAVERAGEAMOUNTOFCURRENTLATENCYINTHE#ONNECTIONCOLUMNONTHE-ONITOR!CCESS0OINTS3MART0ATH!0SPAGEWHENVIEWEDIN-ONITORMODE!GREENHEXAGONINDICATESNORMALLATENCYBASEDONANaverage that SmartPath EMS VMA has calculated from periodic SmartPath AP reports. The icon changes to yellow when the latency increases to the point that responsiveness has slowed noticeably; however, configuration and image uploads can still succeed. It changes to orange when connectivity issues reach the point that configuration and image upload attempts might no longer be successful. Online Planner: Several enhancements were made to improve the usability and accuracy of the on-line planner.2.7 New and Enhanced SmartPath OS and SmartPath EMS VMA Features for Release 4.1r1 Selective Multicast Forwarding through GRE Tunnels: SmartPath APs can selectively block or allow broadcast and multicast traffic through GRE tunnels to reduce traffic congestion. You can filter traffic either by using a blacklist to block all broadcast and multicast traffic (or to block all except to a few select destinations) or by using a whitelist to allow all broadcast and multicast traffic (or to allow all except to a few destinations).Multiple Default Routing: It is now possible to configure multiple Layer 2 routes based on the VLAN ID of a user so that the SmartPath AP can route Layer 2 traffic through different Ethernet interfaces as appropriate. This allows, for example, a guest user on a corporate network segment to access a more appropriate segment for routing to the Internet while the SmartPath AP forwards traffic from an employee on a different VLAN through a different Ethernet interface.Captive Web Portal Enhancements: The default captive Web portal pages have been redesigned to resize automatically for optimal viewing per device type: smartphone, tablet, and computer monitor. In addition, captive Web portals can now support a registration page with buttons linking to various URLs.IP Multicast Enhancements: To minimize airtime consumption caused by multicast frame transmissions, SmartPath APs can convert multicast to unicast frames when channel use is high or multicast group membership is low. Furthermore, when a SmartPath AP cannot detect any multicast group members among its active clients, it can automatically suppress multicast frame transmissions completely.LLDP Maximum Power: To avoid SmartPath APs sending LLDP (Link Layer Discovery Protocol) transmissions requesting more power through PoE from the connecting switch than the switch can provide, you can set a maximum power level that SmartPath !0SCANREQUESTINTHEIR,,$0ADVERTISEMENTSONTHE#ONFIGURATION!DVANCED#ONFIGURATION.ETWORK/BJECTS,,$0#$00ROFILES.EWPAGE"YDEFAULTTHEMAXIMUMISWATTS

724-746-5500 | blackbox.com Page 36Chapter 3: The SmartPath AP (LWN602HA) Overview3. The SmartPath AP (LWN602HA) OverviewThe SmartPath AP is a high-performance and highly reliable 802.11n wireless access point. The SmartPath AP provides dual concurrent 802.11b/g/n and 802.11a/n radios for 3x3 MIMO (Multiple In, Multiple Out) and dual 10/100/1000 Ethernet ports for link aggregation or link redundancy. Its power management system uses a concept called smart Power over Ethernet (PoE) to adjust its power consumption automatically in response to the available power in different environments. Smart PoE supports the IEEE 802.3af and 802.3at standards.3.1 Hardware DescriptionThe SmartPath AP is a multichannel wireless access point. It is compatible with IEEE 802.11b/g/n (2.4 GHz) and IEEE 802.11a/n (5 GHz) standards and supports a variety of wireless fidelity (Wi-Fi) security protocols, including Wi-Fi Protected Access (WPA) and WPA2.You can see the hardware components on the SmartPath AP in Figures 3-1 and 3-2. Each component is described in Table 3-1.5 GHz (A)5 GHz (B)5 GHz (C)802.11b/g/n RP-SMA Connectors for Detachable Single-Band AntennasDevice Lock Slot Status LEDsFigure 3-1. SmartPath AP front panel.2.4 GHz (A) 2.4 GHz (B) 2.4 GHz (C)ETH0 ETH1 48V DC(.625A)CONSOLE RESET802.11a/n RP-SMA Connectors for Detachable Single-Band Antennas 10-/100-/ Power Console Reset 1000-Mbps Connector Port Button PoE PortsFigure 3-2. SmartPath AP back panel.

724-746-5500 | blackbox.com Page 37Chapter 3: The SmartPath AP (LWN602HA) OverviewTable 3-1. SmartPath (LWN602HA) component descriptions.Component DescriptionStatus LEDsThe status LEDs convey operational states for system power, firmware, Ethernet interfaces, and radios. For details, see Section 3.3, Status LEDs.Device lock slotYou can physically secure the SmartPath AP by attaching a lock and cable (such as a Kensington® notebook lock) to the device lock slot or by using the lock adapter that is included in the mounting kit and a padlock. For more information, see “Locking the SmartPath AP” in Section 3.5.1, Ceiling Mount.802.11a/b/g/n RP-SMA connectorsYou can connect up to six detachable single-band antennas to the male 802.11a/b/g/n reverse polarity-subminiature version A (RP-SMA) connectors. Connect the longer antennas, which support 2.4-GHz frequencies (for IEEE 802.11b/g/n), to the connectors on the side panel with the Ethernet ports. Connect the shorter antennas, which support 5-GHz frequencies (for IEEE 802.11a/n), to the connectors on the side panel with the device lock slot. For details, see Section 3.4, Antennas.10-/100-/1000-Mbps portsThe two 10-/100-/1000-Mbps Ethernet ports—ETH0 and ETH1—support IEEE 802.3af and 802.3at PoE and have RJ-45 connectors. The SmartPath AP can receive power through one or both Ethernet connections from power sourcing equipment (PSE) that is compatible with the 802.3af standard and the 802.3at standard, such as one of the PoE injectors available as an optional accessory from Black Box. (If you connect the SmartPath AP to a power source through the power connector and PoE ports simultaneously, the device draws power through the power connector and automatically disables PoE.)You can configure ETH0 and ETH1 as two individual Ethernet interfaces, combine them into an aggregate interface to increase throughput, or combine them into a redundant interface to increase reliability. You can connect the SmartPath AP to a wired network or to a wired device (such as a security camera) through these ports using bridging. They are compatible with 10/100/1000BASE-T/TX and auto-matically negotiate half- and full-duplex connections with the connecting device. They are autosensing and adjust to straight-through and cross-over Ethernet cables automatically. For details, see Section 3.2, Ethernet and Console Ports.Power connectorThe 48-volt DC power connector (0.625 amps) is one of two methods through which you can power the SmartPath AP. To connect it to a 100–240-volt AC power source, use the AC/DC power adapter that is available as an extra option (LWN600PS-US, LWN600PS-UK, or LWN600PS-EU). Because the SmartPath AP does not have an on/off switch, connecting it to a power source automatically powers on the device.Console portYou can access the CLI by making a serial connection to the RJ-45 console port. The management station from which you make a serial connection to the SmartPath AP must have a VT100 emulation program, such as Tera Term Pro (a free terminal emulator) or Hilgraeve® Hyperterminal® (provided with Windows® operating systems). The following are the serial connection settings: bits per sec-ond: 9600, data bits: 8, parity: none, stop bits: 1, flow control: none. For details, see Section 3.2, Ethernet and Console Ports.Reset buttonThe reset button allows you to reboot the device or reset the SmartPath AP to its factory default settings. Insert a paper clip, or something similar, into the Reset pinhole and press the reset button. To reboot the device, hold the button down between 1 and 5 seconds. To return the configuration to the factory default set-tings, hold it down for at least 5 seconds. After releasing the button, the Power LED goes dark as the system reboots. Then it pulses green while the firmware loads and the system performs a self-test. After the software finishes loading, the Power LED glows steady green.To disable the reset button from resetting the configuration, enter this command: no reset-button reset-config-enable Pressing the button between 1 and 5 seconds will still reboot the SmartPath AP, but pressing it for more than 5 seconds will not reset its configuration.

724-746-5500 | blackbox.com Page 38Chapter 3: The SmartPath AP (LWN602HA) OverviewNOTE: The rear surface of the SmartPath AP is used for heat dissipation to reduce the internal temperature. Consequently, it can become hot, so use caution when handling it.3.2 Ethernet and Console PortsThere are three ports on the SmartPath AP: two RJ-45 10/100/1000BASE-T/TX Ethernet ports and an RJ-45 console port. The pin assignments in the PoE (Power over Ethernet) Ethernet ports follow the TIA/EIA-568-B standard (see Figure 3-3 and Table 3-2). The ports accept standard types of Ethernet cable—CAT3, CAT5, CAT5e, or CAT6—and can receive power over this cable from power sourcing equipment (PSE) that is 802.3af-compatible. If you use CAT5, CAT5e, or CAT6 cables, the SmartPath AP can also support 802.3at-compliant PSE. Such equipment can be embedded in a switch or router, or it can come from purpose-built devic-es that inject power into the Ethernet line en route to the SmartPath AP. Because the PoE ports have autosensing capabilities, the wiring termination in the Ethernet cable can be either straight-through or cross-over.ETH0 8 1Figure 3-3. View of the ETH0 PoE port on the SmartPath AP (LWN602HA). Table 3-2. PoE wire usage and pin assignments.Pin Data Signal802.3af Alternative A (Data and Power on the Same Wires)802.3af Alternative B (Data and Power on Separate Wires) 802.3at Wiring OptionsMDIMDI-XMDI or MDI-X 12341 Transmit + DC+ DC- — DC1+ DC1- DC1+ DC1-2 Transmit - DC+ DC- — DC1+ DC1- DC1+ DC1-3 Receive + DC- DC+ — DC1- DC1+ DC1- DC1+4 Not used — — DC+ DC2+ DC2+ DC2- DC2-5 Not used — — DC+ DC2+ DC2+ DC2- DC2-6 Receive - DC- DC+ — DC1- DC1+ DC1- DC1+7 Not used — — DC- DC2- DC2- DC2+ DC2+8 Not used — — DC- DC2- DC2- DC2+ DC2+ MDI = Medium-dependent interface for straight-through connections. MDI-X = Medium-dependent interface for crossover connectionsThe PoE ports are autosensing and can automatically adjust to transmit and receive data over straight-through or crossover Ethernet connections. Likewise, they can automatically adjust to 802.3af Alternative A and B power delivery methods. Furthermore, when the Alternative A method is used, the ports automatically allow for polarity reversals depending on their role as either MDI or MDI-X. In 802.3at, the 1/2 and 3/6 wire pairs connect to DC source 1 and 4/5 and 7/8 pairs to DC source 2 in PSE. Although the exact polarity depends on the PSE design, the SmartPath AP Ethernet ports can support all possible options.

724-746-5500 | blackbox.com Page 39Chapter 3: The SmartPath AP (LWN602HA) OverviewTable 3-3. T568A Wire Color.Pin T568A Wire Color1 White/Green2Green3 White/Orange4Blue5White/Blue6 Orange7White/Brown8Brown1 8Figure 3-4. T568A Terminated Ethernet Cable with an RJ-45 connector.Table 3-4. T568B Wire Color.Pin T568A Wire Color1 White/Orange2 Orange3 White/Green4Blue5White/Blue6Green7White/Brown8Brown1 8Figure 3-5. T568B Terminated Ethernet Cable with an RJ-45 connector.T568A and T568B are two standard wiring termination schemes. Note that the only difference between them is that the white/green + solid green pair of wires and the white/orange + solid orange pair are reversed.For straight-through Ethernet cables—using either the T568A or T568B standard—the eight wires terminate at the same pins on each end.For cross-over Ethernet cables, the wires terminate at one end according to the T568A standard and at the other according to T568B.3.2.1 Smart PoEThe SmartPath AP (LWN602HA) applies the concept of smart PoE to adjust power consumption as necessitated by varying levels of available power. The SmartPath AP supports PoE on both its ETH0 or ETH1 interfaces and can draw power through either one or through both simultaneously. Based on the available power that the SmartPath AP detects, it manages its internal power use by making the following adjustments:

724-746-5500 | blackbox.com Page 40Chapter 3: The SmartPath AP (LWN602HA) Overviews.OADJUSTMENTSARENEEDEDWHENTHEPOWERLEVELIS7WATTSORHIGHER)FTHEAVAILABLEPOWERDROPSTOARANGEBETWEENand 20 W, the SmartPath AP disables its ETH1 interface, assuming that it is drawing power through its ETH0 interface. If it is drawing power solely through its ETH1 interface, then it disables its ETH0 interface instead.s)FTHEPOWERLEVELDROPSTOTHEn7RANGETHE3MART0ATH!0THENSWITCHESFROMX-)-/-ULTIPLE)N-ULTIPLE/UTTO2x3 (see Section 3.4.1, MIMO).s)NRARECASESWHENTHEPOWERDROPSBETWEENAND7ANDFURTHERPOWERCONSERVATIONISNECESSARYTHE3MART0ATH!0reduces the speed on its active Ethernet interface—ETH0 or ETH1—from 10/100/1000 Mbps to 10/100 Mbps.s&INALLYIFTHEREISAPROBLEMWITHTHE0O%SWITCHOR%THERNETCABLEANDTHEPOWERFALLSBETWEENAND7THE3MART0ATHAP disables its wireless interfaces and returns its ETH0 and ETH1 interfaces to 10-/100-/1000-Mbps speeds.Through the application of smart PoE, the SmartPath AP can make power usage adjustments so that it can continue functioning even when the available power level drops.3.2.2 Aggregate and Redundant InterfacesBy default ETH0 and ETH1 act as two individual Ethernet interfaces. When both interfaces are connected to the network and are in backhaul mode, the SmartPath AP transmits broadcast traffic only through ETH0. The SmartPath AP transmits broadcast traffic through ETH1 only when ETH0 does not have network connectivity. When both Ethernet interfaces are connected to the network and are in access mode, then the SmartPath AP transmits broadcast traffic through all the access interfaces: ETH0, ETH1, and all wireless subinterfaces in access mode.In addition to using ETH0 and ETH1 as individual interfaces, you can combine them into an aggregate interface (agg0) to increase throughput, or combine them into a redundant interface (red0) to increase reliability. The logical red0 and agg0 interfaces support all the settings that you can configure for Ethernet interfaces except those pertaining to physical link characteristics such as link speed. For configuration information, see the next sections.Aggregate InterfaceYou can increase throughput onto the wired network by combining ETH0 and ETH1 into a single logically aggregated interface called "agg0". The aggregate interface effectively doubles the bandwidth that each physical interface has when used individually. In this configuration, both Ethernet ports actively forward traffic, the SmartPath AP applying an internal scheduling mechanism based on the source MAC address of each packet to send traffic through the aggregate member interfaces. To configure an aggregate interface, enter the following commands: interface eth0 bind agg0 interface eth1 bind agg0In addition to configuring the SmartPath AP, you must also configure the connecting switch to support EtherChannel. For exam-ple, the following commands bind two physical Ethernet ports—0/1 and 0/2—to the logical interface port-channel group 1 on a Cisco® Catalyst® 2900 switch running Cisco IOS 12.2: Switch#conf t Switch(config)#interface port-channel 1 Switch(config-if)#switchport mode access Switch(config-if)#spanning-tree portfast Switch(config-if)#exit Switch(config)#interface fastEthernet 0/1 Switch(config-if)#switchport mode access Switch(config-if)#channel-group 1 mode on Switch(config-if)#spanning-tree portfast

724-746-5500 | blackbox.com Page 41Chapter 3: The SmartPath AP (LWN602HA) Overview Switch(config-if)#exi Switch(config)#int fastEthernet 0/2 Switch(config-if)#switchport mode access Switch(config-if)#channel-group 1 mode on Switch(config-if)#spanning-tree portfast Switch(config-if)#exit Switch(config)#exit Switch#wr memFinally, you must cable the Cisco switch and the SmartPath AP together: Cisco 0/1 to SmartPath AP eth0, and Cisco 0/2 to SmartPath AP eth1.Redundant InterfaceIf a single Ethernet link provides sufficient bandwidth and speed, such as a 1000-Mbps link, but you want to ensure link redun-dancy, you can connect the two Ethernet ports to the same switch—or to two different switches—and configure them to act as a redundant interface called "red0". In this mode, only one Ethernet interface is actively forwarding traffic at any one time. If eth0 is active and eth1 is passive and eth0 loses its connection, the SmartPath AP switches over to eth1. To configure a redundant interface, enter the following commands: interface eth0 bind red0 primary interface eth1 bind red0The interface that you specify as primary is the one that the SmartPath AP uses when both interfaces have network connectivity. Because the SmartPath AP uses eth0 as the primary interface by default, it is unnecessary to specify “primary” in the first command above. However, it is included to make the role of eth0 as the primary interface obvious.NOTE: No extra configuration is necessary on the connecting switch or switches to support a redundant interface.Interface Selection for the Default RouteIn cases where there are multiple active interfaces in backhaul mode, the SmartPath AP uses the following logic to choose which interface to use in its default route:s)FTHEREISAN%THERNETINTERFACEANDAWIRELESSINTERFACEINBACKHAULMODETHE3MART0ATH!0USESTHE%THERNETINTERFACEINITSdefault route.s)FTHEREAREMULTIPLE%THERNETINTERFACESINBACKHAULMODETHE3MART0ATH!0CHOOSESWHICHONETOUSEINITSDEFAULTROUTEINthe following order:- It uses red0 or agg0 if one of them has at least one member interface bound to it and its link state is UP.- It uses ETH0 if neither red0 nor agg0 has any member interfaces and the link state for ETH0 is UP.- It uses ETH1 if neither red0 nor agg0 has any member interfaces, the link state for ETH0 is DOWN, and the link state for ETH1 is UP.3.2.3 Console PortThe pin-to-signal mapping in the RJ-45 console port is shown shown in Figure 3-6.

724-746-5500 | blackbox.com Page 42Chapter 3: The SmartPath AP (LWN602HA) OverviewCONSOLE 8 1Figure 3-6. View of the console port on the SmartPath AP (LWN602HA). Table 3-5. Console port pin assignments.Pin Signal Direction1 RTS (Request to Send) Output, unused2 DTR (Data Terminal Ready) Output, unused3 TXD (Transmitted Data) Output4 Ground Ground5 Ground Ground6 RXD (Received Data) Input7 DSR (Data Set Ready) Input, unused8 CTS (Clear to Send) Input, unusedTo make a serial connection between your management system and the SmartPath AP, you can use the console cable that is available as an extra accessory. Insert the RJ-45 connector into the SmartPath AP console port and attach the DB9 connector to the serial (or COM) port on your management system. The management system must have a VT100 terminal emulation program, such as Tera Term Pro (a free terminal emulator) or Hilgraeve Hyperterminal (provided with Windows operating systems). If you want to make your own serial cable and adapter, refer to Figure 3-7 and Table 3-6.Rollover Cable with RJ-45 ConnectorsRJ-45-to-Female DB-9 AdapterConsole PortCOM Port (on Back Panel)CONSOLEManagement SystemSmartPath APManagement SystemFigure 3-7. Wiring details for making a serial cable with an RJ-45-to-female DB9 adapter.

724-746-5500 | blackbox.com Page 43Chapter 3: The SmartPath AP (LWN602HA) OverviewTable 3-6. Wiring details for making a serial cable with an RJ-45-to-female DB9 adapter. Console Port (LWN602HA) RJ-45-to-RJ-45 Rollover Cable RJ-45-to-Female DB9 Adapter Management SystemSignal RJ-45 Pin RJ-45 Pin RJ-45 Pin DB9 Pin SignalRTS (Request to Send)1818CTS (unused)DTR (Data Terminal Ready)2726DSR (unused)TXD (Transmitted Data)3632 RXDGround 4545 GroundGround 5451 GroundRXD (Received Data)6363 TXDDSR (Data Set Ready)7274DTR (unused)CTS (Clear to Send)8187RTS (unused)— — — — 9 RI (Ring Indicator, unused)3.3 Status LEDsThe five status LEDs on the top of the SmartPath AP indicate various states of activity through their color (dark, green, amber, and red) and illumination patterns (steady glow or pulsing).Powers$ARK.OPOWERs3TEADYGREEN0OWEREDONANDTHEFIRMWAREISRUNNINGNORMALLYs0ULSINGGREEN&IRMWAREISBOOTINGUPs3TEADYAMBER&IRMWAREISBEINGUPDATEDs0ULSINGAMBER!LARMINDICATINGAFIRMWAREISSUEHASOCCURREDs3TEADYRED!LARMINDICATINGAHARDWAREISSUEHASOCCURREDETH0 and ETH1s$ARK%THERNETLINKISDOWNORDISABLEDs3TEADYGREEN-BPS%THERNETLINKISUPBUTINACTIVEs0ULSINGGREEN-BPS%THERNETLINKISUPANDACTIVEs3TEADYAMBER-BPS%THERNETLINKISUPBUTINACTIVEs0ULSINGAMBER-BPS%THERNETLINKISUPANDACTIVEWIFI0 and WIFI1s$ARK7IRELESSINTERFACEISDISABLEDs3TEADYGREEN7IRELESSINTERFACEISINACCESSMODEBUTINACTIVEs0ULSINGGREEN7IRELESSINTERFACEISINACCESSMODEANDACTIVEs3TEADYAMBER7IRELESSINTERFACEISINBACKHAULMODEBUTINACTIVEs0ULSINGAMBER7IRELESSINTERFACEISINBACKHAULMODEANDISCONNECTEDWITHOTHERCLUSTERMEMBERSs!LTERNATINGGREENANDAMBER7IRELESSINTERFACEISINBACKHAULMODEANDISSEARCHINGFOROTHERCLUSTERMEMBERS

$724-746-5500 | blackbox.com Page 44Chapter 3: The SmartPath AP (LWN602HA) Overview3.4 AntennasAntennas are an integral part of the SmartPath AP. The SmartPath AP can accept up to six detachable dipole antennas. The three shorter antennas are designed for the 5-GHz band and have a 2-dBi gain. The three longer antennas are designed for the 2.4-GHz band and have a 4.9-dBi gain. These antennas are omnidirectional, providing fairly equal coverage in all directions in a toroidal (donut-shaped) pattern around each antenna (see Figure 2-1). For greater coverage on a horizontal plane, it is best to ori-ent the antennas vertically. So that you can easily do that whether the SmartPath AP chassis is mounted horizontally or vertically, the antennas hinge and swivel (see Figure 3-8).Although cluster members automatically adjust their signal strength according to their environments, you can resize the area of COVERAGEBYINCREASINGORDECREASINGTHESIGNALSTRENGTHMANUALLYBYENTERINGTHEINTERFACE[WIFI\WIFI]RADIOPOWERNUMBERCOMMANDWHERENUMBERCANBEFROMTOANDREPRESENTSAVALUEIND"M5 GHz Antenna for IEEE 802.11a/nLength when fully extended: 5 15/16” (15 cm)2.4 GHz Antenna for IEEE 802.11b/g/nLength when fully extended: 7 7/8” (20 cm)5-GHz Antenna for IEEE 802.11a/nLength when fully extended: 515⁄16" (15 cm)2.4-GHz Antenna for IEEE 802.11b/g/nLength when fully extended: 77⁄8" (20 cm)The base of the antennas hinge up to 90 degrees so that you can orient the antennas independently of the orientation of the SmartPath AP chassis. The antennas also rotate in a full circle.Figure 3-8. SmartPath AP (LWN602HA) antennas.$

724-746-5500 | blackbox.com Page 45Chapter 3: The SmartPath AP (LWN602HA) OverviewWhen mounting the SmartPath AP (LWN602HA) on a ceiling, orient its antennas downward.When mounting the SmartPath AP above a ceiling or on a horizontal beam, orient its antennas upward.When mounting the SmartPath AP on a wall or post, fully extend its antennas upward and downward.Generally, orient the antennas vertically for improved radio coverage, as shown here:Figure 3-9. SmartPath AP antennas, installed.3.4.1 Multiple In, Multiple Out (MIMO) Multiple In, Multiple Out (MIMO) is a major WLAN advancement introduced in the IEEE 802.11n standard in which multiple RF links are formed on the same channel between the transmitter and receiver simultaneously. To accomplish this, the transmitter separates a single data stream into multiple spatial streams, one for each RF chain (an antenna + various digital signal processing modules linked to the antenna). The transmit antennas at the end of each RF chain then transmit their spatial streams. The recipi-ent’s receive antennas obtain streams from all the transmit antennas. In fact, because of multipath, they receive multiple streams from each transmit antenna. The receive antennas pass the spatial streams to the digital signal processors in their RF chains, which take the best data from all the spatial streams and reassemble them into a single data stream once again (see Figure 3-10).Transmit AntennasDigital Signal ProcessorsRF Chains RF Signals (Multipath)Receive AntennasDigital Signal ProcessorsRF Chains802.11n wireless client with two antennasSmartPath AP using two antennasObjectDataReassembled DataDataFigure 3-10. 2x2 MIMO (2 transmit antennas x 2 receive antennas).

724-746-5500 | blackbox.com Page 48Chapter 3: The SmartPath AP (LWN602HA) OverviewMounting Plate12Press the track clips against the ceiling track and swivel them until they snap into place, gripping the edges of the track.If necessary, slide one or both of the clips along the track to position them at the proper distance (2 1/4” or 7 cm) to fit through the holes in the mounting plate.Insert the mounting plate over the screws attached to the track clips, and use the Keps nuts to fasten the plate firmly to the screws on the clips.Use a wrench to tighten the nuts firmly to the bolts and secure the plate to the track.3Through the oblong opening in the plate, drill a hole in the ceiling tile (not shown). Then pass one or both Ethernet cables through the hole, and if you plan to supply power from an AC power source rather than through PoE, pass the power cable through as well.Drill a hole in the ceiling tile and feed cables through here.Ceiling TrackTrack Clip(worms’s eye view with ceiling tiles removed for clarity)2 1/4 “ (7 cm) 21⁄4" (7 cm)21⁄4"Worm’s eye view with ceiling tiles removed for clarity.Figure 3-12. Attaching the track clips and mounting plate to the ceiling track.Attach the SmartPath AP to the mounting plate and connect the cables, as shown in Figure 3-13.NOTE: You can tie the cables to the tie points (small arched strips) on the mounting plate to prevent them from being pulled out of their connections accidentally.

724-746-5500 | blackbox.com Page 49Chapter 3: The SmartPath AP (LWN602HA) OverviewWith the SmartPath AP upside down, align its port side with the bottom end of the plate.Push the SmartPath AP upward, inserting the four tabs on the plate into the four slots on the SmartPath AP.Slide the SmartPath AP toward the bottom end of the plate, locking the tabs inside the slots.Attach the antennas and connect the cables to complete the installation.4675Tab inside slot.Tab locked in place.Mounting PlateSmartPath AP (shown as transparent for clairty)TabSlot(side view)Mounting PlateSmartPath APCeilingCables pass through the hole in the mounting plate and ceilingCeiling(side view)Figure 3-13. Attaching the SmartPath AP to the mounting plate and connecting cables.When done, adjust the ceiling tiles back into their former position.Locking the SmartPath AP (LWN602HA)To lock the SmartPath AP to the mounting plate, use either a Kensington lock or the lock adapter that is included with the mounting kit and a small padlock (not included).To use a Kensington lock, loop the cable attached to the lock around a secure object, insert the T-bar component of the lock into the device lock slot on the SmartPath AP, and then turn the key to engage the lock mechanism.To use the lock adapter:1. Insert the T-shaped extension on the adapter into the device lock slot, and rotate it clockwise so that the curved section extends through the slot in the mounting plate (see Figure 3-14).5 GHz (A)5 GHz (B)5 GHz (C))Rotate the lock adapter clockwise.Insert a lock through the opening.SmartPath APMounting plateInsert a lock through the opening.Figure 3-14. Locking the SmartPath AP to the mounting plate.2. Link a padlock through the opening in the adapter and engage the lock to secure the SmartPath AP to the mounting plate. The opening is 1⁄8" (0.3 cm) in diameter at its narrowest.

724-746-5500 | blackbox.com Page 50Chapter 3: The SmartPath AP (LWN602HA) Overview3.5.2 Plenum MountTo mount the SmartPath AP in the plenum space above a dropped ceiling grid, you need the mounting plate, hanger clip, and a standard 24"-wide hanger frame, which can be ordered separately (call Black Box Technical Support at 724-746-5500 for details).1. With the recessed side of the mounting plate facing downward, insert the hanger clip through the large hole in the center of the plate.2. Squeeze the clip until the projecting tabs at the ends of its two feet snap into the smaller holes on both sides of the larger hole (see Figure 3-15).Insert the hanger clip through the large hole in the mounting plate.Squeeze the hanger clip to pull the tabs on its feet inward until they snap upward into the two holes on either side of the larger hole.Hanger clipMounting plateFigure 3-15. Fitting the hanger clip to the mounting plate.3. Attach the SmartPath AP to the mounting plate, and then attach the antennas to the connectors (see Figure 3-16).With the SmartPath AP upside down, align its port side with the bottom end of the plate.Push the SmartPath AP upward, inserting the four tabs on the plate into the four slots on the SmartPath AP.Slide the SmartPath AP toward the bottom end of the plate, locking the tabs inside the slots.Attach the antennas to the antenna connectors.3Tab inside slot.Tab locked in place.Mounting PlateSmartPath AP (shown as transparent for clairty)TabSlot(side view) Mounting Plateside viewFigure 3-16. Attaching the SmartPath AP to the mounting plate.

724-746-5500 | blackbox.com Page 51Chapter 3: The SmartPath AP (LWN602HA) Overview4. Remove the ceiling tile next to the area where you want to mount the device.5. Press the hanger frame downward into place on the ceiling track until the claws on each leg grips the track below the top ridge (see Figure 3-17).Remove the ceiling tile and enter the plenum.Press the hanger frame onto the ceiling track.Figure 3-17. Clipping the hanger frame onto the track.6. Insert the hanger clip upward through the center slot in the hanger frame, and then twist it counterclockwise until the clip snaps into a locked position against the sides of the crossbar (see Figure 3-18).

724-746-5500 | blackbox.com Page 52Chapter 3: The SmartPath AP (LWN602HA) OverviewInsert the hanger clip upward through the center slot in the hanger frame.Rotate the SmartPath AP and the attached mounting accessories coun-terclockwise until the clip locks in place against the sides of the crossbar.Bird’s eye view with the ceiling tiles and ceiling tracks removed for claritySmartPath AP attached to the mounting plateHanger frameFigure 3-18. Securing the SmartPath AP to the hanger frame.7. Connect one or two Ethernet cables to the network, and—if not using PoE—connect the power cord to a power source.8. Replace the ceiling tile to complete the installation.3.5.3 Suspended MountYou can suspend the SmartPath AP from a horizontal beam, post, strut, or girder. As well as the mounting plate, you need a quad-toggle, a 1.5 mm (0.059 inch) wire rope with hook, and a locking device. ERICO® supplies these items in its CADDY® SPEED LINK product line. The part number for the quad-toggle is SLD15QT250 and that for the set that includes the wire rope, hook, and locking device is SLD15L2T. These items are available through various suppliers.1. With the recessed side of the mounting plate facing downward, insert the four ends of the quad-toggle through holes in the mounting plate.2. Turn the SmartPath AP face down and attach it to the mounting plate (see Figure 3-19).To secure each of the four strands to the mounting plate:1. Insert the metal cleat at the end of a strand through a hole in the plate.2. Sliding the oblong washer along the strand; pass it through the hole.3. Pull the strand upward to lock the cleat and washer against the underside of the plate.To attach the SmartPath AP to the mounting plate:1. Align the tabs on the plate with the wider, circular section of the keyhole shaped slots on the underside of the device, which is face down as shown.

724-746-5500 | blackbox.com Page 53Chapter 3: The SmartPath AP (LWN602HA) Overview2. Push the tabs into the slots and slide the SmartPath AP toward its port panel. This repositions the tabs in the narrower, rectangular section of the slots and holds the device firmly in place below the mounting plate.Mounting PlateThe recommended holes for the four strands are shaded in.5 GHz (A)5 GHz (B)5 GHz (C)To secure each of the four strands to the mounting plate:1. Insert the metal cleat at the end of a strand through a hole in the plate.2. Sliding the oblong washer along the strand, pass it through the hole.3. Pull the strand upward to lock the cleat and washer against the underside of the plate.To attach the SmartPath AP to the mounting plate:1. Align the tabs on the plate with the wider, circular section of the keyhole-shaped slots on the underside of the device, which is face down as shown.2. Push the tabs into the slots and slide the SmartPath AP toward its port panel. This repositions the tabs in the narrower, rectangular section of the slots and holds the device firmly in place below the mounting plate.12Mounting PlateThe recommended holes for the four strands are shaded in.Mounting plateFigure 3-19. Connecting the quad-toggle and SmartPath AP to the mounting plate.3. Draw the wire rope over a support beam, fasten the hook around the wire, and pull the wire until the hook is snug against the underside of the beam.4. Push the plain end of the wire rope—the end without the hook—through the side hole in the locking device in the direction indicated by the arrow on its side, and then pass it through the loop at the end of the quad-toggle.5. Insert the wire rope back through the center hole in the locking device, and then continue pulling it through the locking device until the SmartPath AP is suspended at the height you want (see Figure 3-20). The center tube that runs through the locking device is designed to allow you to pull the rope wire up through it while prevent-ing the rope from slipping back down. If you ever pull too much rope through and need to pull it back down, use a tool such as a screwdriver to press against the inner tube in the locking device to release the rope. Then you can pull it back out (see “Height Correction,” next page).

724-746-5500 | blackbox.com Page 54Chapter 3: The SmartPath AP (LWN602HA) OverviewClip3Wrap the wire rope around a beam, clip the hook to the rope, and then pull the rope downward until it is taut against the beam.Pull downward on the rope.Beam Locking DeviceLoop at Top of Quad-ToggleQuad-ToggleMounting PlateSmartPath APLocking Device4Push the wire rope through the side hole in the locking device and then through the loop in the quad-toggle. 5Pass the wire rope upward through the center hole in the locking device, and continue pulling the rope to raise the SmartPath AP to the height you want. Mounting PlateQuad ToggleClipLocking DeviceLoop at Top of Quad ToggleFigure 3-20. Suspending the SmartPath AP.6. Attach antennas to the antenna connectors on the SmartPath AP, connect one or two Ethernet cables to the network, and— if not using PoE—connect the power cord to a power source. Height CorrectionIf you accidentally pull too much wire rope through the locking device, raising the SmartPath AP too high, and you then need to lower it, do the following: Take a tool, such as a screwdriver with a 1⁄8" flat tip, and press it against the lip of the inner tube in the opposite direction from the arrow on the outside of the locking device (see Figure 3-21). This releases its grip on the rope, enabling you to pull out the rope the same way it was inserted. While maintaining pressure on the tube, adjust the rope until the SmartPath AP is at the height you want. When you are satisfied, stop pressing against the tube so that it can regain its grip on the rope.Press against the lip of the inner tube and hold.While pushing the tube inward, pull the wire rope out.Locking DeviceWire Rope Screw DriverPress against the lip of the inner tube and hold.Locking DeviceWire Rope ScrewdriverWhile pushing the tube inward, pull the rope out.Figure 3-21. Releasing the wire rope from the locking device.

724-746-5500 | blackbox.com Page 55Chapter 3: The SmartPath AP (LWN602HA) Overview3.5.4 Surface MountYou can use the mounting plate to attach the SmartPath AP to any surface that supports its weight, and to which you can screw or nail the plate. First, mount the plate to the surface. Then, through one of the two large openings in the plate, make a hole in the wall so that you can pass the cables through to the SmartPath AP.NOTE: You can tie the cables to the tie points on the mounting plate to prevent them from being pulled out of their connections accidentally.Finally, attach the device to the plate, and connect the cables, as shown in Figure 3-22.Mounting PlateSmartPath APWall1. With the two wings at the sides of the plate extending away from the surface, attach the mounting plate to a secure object such as a wall or beam. Use #8 screws for the oblong holes, and #10 for the larger round ones.2. Cut or drill a hole through one of the openings in the mounting plate to pass the cables through to the SmartPath AP.3. Insert the tabs on the mounting plate into the slots on the underside of the SmartPath AP. Then push the SmartPath AP downward to lock it in place.4. Connect the cables to the SmartPath AP. Depending on the deploy-ment, you might connect one or two Ethernet cables and a power cable.Mounting Plate WallNOTE: There are a variety of holes through which you can screw or nail the plate in place. Choose the two or three that best suit the object to which you are attaching it.Figure 3-22. Mounting the SmartPath AP on a wall.

724-746-5500 | blackbox.com Page 56Chapter 3: The SmartPath AP (LWN602HA) Overview3.6 Device, Power, and Environmental SpecificationsUnderstanding the range of specifications for the SmartPath AP is necessary for optimal deployment and device operation. The following specifications describe the physical features and hardware components, the power adapter and PoE electrical require-ments, and the temperature and humidity ranges in which the device can operate.Device Specificationss#HASSISDIMENSIONS7X(X$XXCMs7EIGHTLBKGs!NTENNAS4HREEOMNIDIRECTIONALBGNANTENNASANDTHREEOMNIDIRECTIONALANANTENNASs3ERIALPORT2*BITSPERSECONDDATABITSPARITYNONESTOPBITSFLOWCONTROLNONEs%THERNETPORTSAUTOSENSING-BPSBOTHPORTSARECOMPLIANTWITHTHE)%%%AFSTANDARDANDTHEFORTHCOMING802.at standard for PoE (Power over Ethernet)Power Specificationss!#$#POWERADAPTERs)NPUTn6!#s/UTPUT6!s0O%NOMINALINPUTVOLTAGESsAF6!s0REAT6!s2*POWERINPUTPINS7IRESOREnvironmental Specificationss/PERATINGTEMPERATURETOª&TOª#s3TORAGETEMPERATURETOª&TOª#s2ELATIVE(UMIDITY-AXIMUM

724-746-5500 | blackbox.com Page 57Chapter 4: The SmartPath AP (LWN602A) Overview4. SmartPath AP (LWN602A) OverviewThe SmartPath AP LWN602A is a high-performance wireless access point suitable for small offices, mobile employees, and tele-COMMUTERS4HE3MART0ATH!0HASTWORADIOSONEFORANANDONEFORBGNBOTHOFWHICHCANOPERATECONCUR-RENTLY"OTHPLATFORMSPROVIDEX-)-/ANDASINGLE%THERNETPORTTHROUGHWHICHTHEYCANBEPOWEREDUSING0O%THATFOLLOWSTHE)%%%AFSTANDARDORTHEATPRESTANDARD/PTIONALLYTHEYCANBEPOWEREDBYAN!#$#DESKTOPPOWERadapter.NOTE: SmartPath AP (LWN602A) devices support 802.11n features. Of particular interest is their support of 2x2 MIMO. For more information, see Section 3.4.1, MIMO and Section 3.4.2, Using MIMO with Legacy Clients.4.1 Hardware DescriptionThe SmartPath AP (LWN602A) is a multichannel wireless access point. It contains a dual-band radio that can operate at either 2.4 GHz or 5 GHz—but not in both bands simultaneously. The SmartPath AP contains a 2.4-GHz radio and a 5-GHz radio that can operate concurrently through four internal antennas. The SmartPath AP supports a variety of Wi-Fi security protocols, including WPA, and WPA2.You can see the hardware components on the SmartPath AP in Figure 4-1. Each component is described in Table 4-1.Reset PinDevice Lock Slot ETH0PoE Port48 VDCStatus IndicatorStatus IndicatorDevice Lock Slot Reset Pin ETH0 PoE Port6$#Figure 4-1. SmartPath LWN602A hardware components.

724-746-5500 | blackbox.com Page 59Chapter 4: The SmartPath AP (LWN602A) Overviews9ELLOW4HEDEFAULTROUTEISTHROUGHABACKHAUL7I&IINTERFACEBUTNOTALLCONDITIONSFORNORMALOPERATIONSWHITEHAVEBEENmet.s7HITE4HEDEVICEISPOWEREDONANDTHEFIRMWAREISOPERATINGNORMALLYTHATISAWIRELESSINTERFACEINACCESSMODEISUP AWIREDORWIRELESSBACKHAULLINKISUPANDTHE3MART0ATH!0HASA#!07!0CONNECTIONTOEITHER3MART0ATH%-36-!ORA management AP.s0URPLE!NEWIMAGEISBEINGLOADEDFROM3MART0ATH%-36-!ORAMANAGEMENT!0s/RANGE!NALARMINDICATINGAFIRMWAREORHARDWAREISSUEHASOCCURREDFor locations where the status indicator might be a distraction or attract unwanted attention, you can adjust its brightness level FROMBRIGHTTHEDEFAULTTOSOFTTODIM9OUCANEVENTURNITOFFCOMPLETELY)N3MART0ATH%-36-!CHOOSETHEBRIGHTNESSLEVELthat you want from the LED Brightness drop-down list on the Configuration > Management Services > Management Options page. Through the CLI, enter [ no ] system led brightness { soft | dim | off }. The four settings are represented graphically in Figure 4-2.Bright Soft Dim OffBright Soft Dim OffFigure 4-2. Adjustable status indicator brightness levels.4.4 AntennasAntennas are an integral part of the SmartPath AP (LWN602A). The SmartPath AP LWN602A has four internal single-band ANTENNAS4WOOFTHEANTENNASOPERATEINTHE'(ZBAND)%%%BGNANDHAVEAD"IGAIN4HEOTHERTWOANTENNASOPERATEINTHE'(ZBAND)%%%ANANDHAVEAD"IGAIN!LLANTENNASAREOMNIDIRECTIONALPROVIDINGFAIRLYEQUALCOVER-age in all directions in a cardioid (heart-shaped) pattern around each antenna (see Figure 2-1).On the SmartPath AP LWN602A, the two 2.4-GHz antennas link to one radio, and the two 5-GHz antennas link to the other radio, both of which can operate concurrently. The relationship of antennas and radios is shown in Figure 4-3.Radio 1RF 802.11b/g/n2.4 GHzRadio 2RF 802.11a/n5 GHz5 GHzAntenna5 GHzAntenna2.4 GHzAntenna2.4 GHzAntenna5-GHz antenna2.4-GHz antenna2.4-GHz antenna5-GHz antennaFigure 4-3. Cut-away view of the SmartPath AP (LWN602A) showing the relationship of the internal antennas and radios.

724-746-5500 | blackbox.com Page 60Chapter 4: The SmartPath AP (LWN602A) Overview4.5 Mounting a SmartPath AP (LWN602A)Using one of the track clips included in the box with the SmartPath AP, you can mount it to a track in a dropped ceiling grid. To mount the SmartPath AP to any flat surface that can support its weight (1.75 lb., 0.8 kg), use two #6 or #8 screws to mount it on a wall and three screws to mount it on a ceiling.NOTE: In addition to these methods, you can also mount the SmartPath AP on a table using the set of four rubber feet that ship with the product. Simply peel the rubber feet off the adhesive sheet and press them against the underside of the SmartPath AP in its four corners.4.5.1 Ceiling MountTo mount a SmartPath AP series device to a track in a dropped ceiling, use the appropriate track clip for the width of the ceiling track. Two clips come with the SmartPath AP: one for 1" (2.54 cm) tracks and one for 1⁄2" (1.27 cm) tracks.1. Nudge the ceiling tiles slightly away from the track to clear some space and slide one tab of the track clip over the edge of the track.2. With the tips of the track clip prongs positioned against the middle of the track, press upward on the other tab until it clears the track edge, as shown in Figure 4-4. Keeping the prongs away from the track edges until both tabs grip the track ensures that the clip does not snap into place prematurely with only one tab in position.1Position the clip so one tab is over the edge of the ceiling track. (The ceiling track is shown as transparent to expose the tab above the track.)The two prongs press upward against the middle of the ceiling track.2Press the other tab upward, flexing the prongs against the track until the tab clears the edge of the track.Position the clip so one tab is over the edge of the ceiling track. (The ceiling track is shown as transparent to expose the tab above the track.) Press the other tab upward, flexing the prongs against the track until the tab clears the edge of the track.The two prongs press upward against the middle of the ceiling track.Figure 4-4. Attaching the track clip to the ceiling track.3. Twist the track clip until it snaps onto the ceiling track, as shown in Figure 4-5. You can then slide the clip along the track to reposition it if necessary.Twist the clip until the prongs snap into place and grip the edges of the track.If necessary, slide the clip along the track to position it exactly where you want it to be.(worms’s eye view with ceiling tiles removed for clarity)3Worms’s eye view with ceiling tiles removed for clarityTwist the clip until the prongs snap into place and grip the edges of the track.If necessary, slide the clip along the track to position it exactly where you want it to be.Figure 4-5. Securing the clip to the track and repositioning it if necessary.4. Holding the SmartPath AP upside down, raise it until the threaded stud on the track clip enters the hole on the SmartPath AP. Then rotate the SmartPath AP until it is firmly attached to the clip (see Figure 4-6).

$724-746-5500 | blackbox.com Page 61Chapter 4: The SmartPath AP (LWN602A) Overview4With the SmartPath AP upside down, lift it until the threaded stud on the track clip enters the hole in the SmartPath AP. Revolve the SmartPath AP until it is securely attached to the clip.SmartPath APWith the SmartPath AP upside down, lift it until the threaded stud on the track clip enters the hole in the SmartPath AP. Rotate the SmartPath AP until it is securely attached to the clip.\Figure 4-6. Attaching the SmartPath AP to the track clip.5. When you have the SmartPath AP in the correct location, cut or drill a hole in the ceiling through which you can then pass the Ethernet and power cables. Pass the cables through the hole and attach them to the SmartPath AP.6. When done, adjust the ceiling tiles back into their former position.NOTE: You can also mount the SmartPath AP to a solid ceiling—or the underside of any horizontal object such as a cross beam—using three #6 or #8 screws. Position the three screws in a T-shaped layout: two screws 2" (5 cm) apart from each other and the third screw center-aligned between them and 4.75" (12 cm) away. Then attach the SmartPath AP to the screws as explained in Section 4.5.2, Surface Mount.Locking the SmartPath APTo lock the SmartPath AP to a secure object, use a Kensington lock and cable. Loop the cable around a securely anchored object, insert the Kensington lock in the device lock slot in the SmartPath AP, and engage the locking mechanism (Figure 4-7).Device Lock SlotKensington Security LockLoop the cable around a secure object, such as a support beam, and then insert the T-bar component of the lock into the device lock slot on the SmartPath AP and turn the key to engage the lock mechanism.SmartPath AP mounted to a ceiling track Support BeamCeiling Track (shown as transparent)Loop the cable around a secure object, such as a support beam, and then insert the T-bar component of the lock into the device lock slot on the SmartPath AP and turn the key to engage the mechanism.Figure 4-7. Locking the SmartPath AP with a Kensington security lock.4.5.2 Surface MountYou can attach the SmartPath AP LWN602A to any flat surface that supports its weight. First, attach two screws to the surface. Then, make a hole in the wall a few inches or centimeters above the screws so that you can pass the cables through the wall to the SmartPath AP. Finally, attach the device to the screws, and connect the cables (see Figure 4-8).$

724-746-5500 | blackbox.com Page 62Chapter 4: The SmartPath AP (LWN602A) Overview 1. Position two #6 or #8 screws 2" (5 cm) apart and fasten them to a secure object such as a wall, post, or beam.#UTORDRILLAHOLEINTHEWALLn nCMABOVETHESCREWSTOPASS the cables through to the SmartPath AP.3. Position the SmartPath AP so that the screws enter the two upper keyhole-shaped slots on the underside of the SmartPath AP. Then push the SmartPath AP downward to lock it in place.4. Connect the cables to the SmartPath AP. Depending on the power source, you might connect just one Ethernet cable or an Ethernet cable and a power cord.SmartPath AP (LWN602A)WallFigure 4-8. Mounting the SmartPath AP on a wall.Instead of passing the cables through a hole in the wall, you can also simply run them along the wall from the port side of the SmartPath AP, which is located at the top of the device when it is mounted on a wall.NOTE: You can use a Kensington lock to secure the SmartPath AP to a stationary object. For information, see “Locking the SmartPath AP” in Section 4.5.1.4.6 Device, Power, and Environmental SpecificationsUnderstanding the specifications for the SmartPath AP LWN602A is necessary for optimal deployment and device operation. The following specifications describe the physical features and hardware components, the power adapter and PoE (Power over Ethernet) electrical requirements, and the temperature and humidity ranges in which the device can operate.Device Specificationss#HASSISDIMENSIONS7X(X$CM7XCM(XCM$s7EIGHTLBKGs!NTENNAS3MART0ATH!0,7.!TWOOMNIDIRECTIONALBGNANTENNASANDTWOOMNIDIRECTIONALANANTENNASs%THERNETPORTONEAUTOSENSING"ASE448-BPSPORTCOMPLIANTWITHTHE)%%%AFSTANDARDANDTHEATstandard for PoE (Power over Ethernet)Power Specificationss$#)NPUT6$#6!s0O%INPUTsAFs0REATs2*POWERINPUTPINS7IRESOREnvironmental Specificationss/PERATINGTEMPERATURETODEGREES&TODEGREES#s3TORAGETEMPERATURETODEGREES&TODEGREES#s2ELATIVE(UMIDITY-AXIMUMNONCONDENSING

724-746-5500 | blackbox.com Page 63Chapter 5: The SmartPath EMS5. The SmartPath EMSThe SmartPath Enterprise Management System (EMS), available as a cloud-based service (LWN600CM-1 or LWN600CM-3) or as a VIRTUALMANAGEMENTAPPLIANCE6-!,7.6-!ISA'5)FORCENTRALLYCONFIGURINGANDMONITORINGTHE!0SASWELLASSETTINGsecurity and guest log-in parameters.s3IMPLIFIEDINSTALLATIONSANDMANAGEMENTOFUPTO3MART0ATH!0Ss0ROFILEBASEDCONFIGURATIONSTHATSIMPLIFYTHEDEPLOYMENTOFLARGENUMBERSOF3MART0ATH!0Ss3CHEDULEDFIRMWAREUPGRADESON3MART0ATH!0SBYLOCATIONs%XPORTATIONOFDETAILEDINFORMATIONON3MART0ATH!0SFORREPORTINGServer RequirementsMinimum Hardware:Processor: Dual-core 2 GHz or better-EMORY'"DEDICATEDTO3MART0ATH%-36IRTUAL!PPLIANCEATLEAST'"FORTHECOMPUTERHOSTINGIT$ISK'"DEDICATEDTO3MART0ATH%-36IRTUAL!PPLIANCEVirtual Layer 2 SwitchComputer10.1.1.5/24Computer Hosting SmartPath EMS VMA Virtual ApplianceSmartPath EMS VMA10.1.1.8/24Logical view of the computer hosting SmartPath EMS VMA Virtual ApplianceSwitchto networkSwitchto networkFigure 5-1. Typical application.

724-746-5500 | blackbox.com Page 64Chapter 6: SmartPath EMS VMA Online (Cloud-Based Service)6. SmartPath EMS VMA On-line (Cloud-Based Service))NADDITIONTOA3MART0ATH%-36-!THE3MART0ATH%-36-!NETWORKMANAGEMENTSYSTEMISAVAILABLEINONEOTHERFORMSmartPath EMS Online is a cloud-based service running on hardware hosted and maintained by Black Box (see Figure 6-1). This management system provides cost-effective alternatives for managing WLAN networks that might not require the investment of a physical appliance. Virtual PC10.1.1.5/24SmartPath EMS10.1.1.8/24Admin’s PC10.1.1.5/24Virtual SwitchSmartPath.blackbox.comSmartPath EMS Online SmartPath EMS Virtual ApplianceSwitchSwitchFirewallInternal Network10.1.1.0/24Managed SmartPath APsManaged SmartPath APsInternal Network10.1.1.0/24  &IGURE3MART0ATH%-3/NLINE &IGURE3MART0ATH%-36-!"LACK"OXHOSTS3MART0ATH%-3/NLINEATSMARTPATHBLACKBOXCOMMAINTAININGTHE3MART0ATH%-36-!HARDWAREANDUPDATINGTHE3MART0ATH%-36-!SOFTWAREASNEWRELEASESBECOMEAVAILABLE9OURECEIVEACCESSTOA6%-3VIRTUAL3MART0ATH%-36-!RUNNINGONTHE3MART0ATH%-36-!HARDWARE%ACH6%-3ISANINDEPENDENTMANAGEMENTSYSTEMWITHITSOWNADMINISTRATORSMANAGINGTHEIROWNSETOF3MART0ATH!0S7ITHOUTTHEEXPENSEOFBUYINGAPHYSICALAPPLIANCEOR3MART0ATH%-36-!6IRTUALAppliance, SmartPath EMS Online can be the most cost-efficient choice for managing a small number of SmartPath APs.After purchasing SmartPath EMS Online, you receive your login URL and credentials in an e-mail message. After logging in, you ENTERTHE3MART0ATHLANDINGSPACE&ROMTHEREYOUCANACCESSYOUR6%-34HROUGHYOUR6%-3YOUCANMANAGE3MART0ATH!0SDEPLOYEDREMOTELY"YDEFAULT3MART0ATH!0SFIRSTTRYTOCONNECT TOALOCAL3MART0ATH%-36-!)FTHE-!#ADDRESSORSERIALNUMBEROFTHE3MART0ATH!0ISALREADYASSIGNEDTOA6%-3 SmartPath.blackbox.com redirects the SmartPath AP to it (see Figure 6-2).NOTE: Once ordered for use with the VEMS, the SmartPath APs will be preconfigured to try and reach the online VEMS (SmartPath.blackbox.com).NOTE: If you factory-reset an AP that has been provisioned to look for the online manager at SmartPath.Blackbox.com, it will default to looking for a local EMS. You have to create an SSH connection to the AP and send two config lines using the VEMS CLI (see below).Enter: Capwap client server primary name: Smartpath.blackbox.com and press the <Enter> key.Save config run boot and press the <Enter> key/NCETHISISDONEWHENTHE!0ISCONNECTEDTOAN)NTERNETCONNECTIONTHE!0WILLLOOKTOTHE6%-3AT3MART0ATHBLACKBOXCOMand show there.

724-746-5500 | blackbox.com Page 65Chapter 6: SmartPath EMS VMA Online (Cloud-Based Service)Home PageOnline ServerVSPM-1SmartPath.blackbox.comHost Name Node ID . . .. . .Serial Number Virtual HMBB-13C210 00197713C210 VSPM-112000831100034Host Name: BB-13C210Node ID: 00197713C210Serial Number: 12000831100034 12(1) The SmartPath AP initially forms a CAPWAP connection with SmartPath.blackbox.com. (2) When the online server discovers an entry for the SmartPath AP assigning it to VSPM-1, it redirects the SmartPath AP to that VSPM.(3) When you log in to SmartPath.blackbox.com VSPM-1, you can see the SmartPath AP listed on the Monitor > Access Points > SmartPath APs page.Figure 6-3. Online server.)FTHE3MART0ATH!0-!#ADDRESSORSERIALNUMBERISIN3MARTPATHBLACKBOXCOMBUTNOTYETASSIGNEDTOTHE6(-THESmartPath AP that forms a CAPWAP connection with Smartpath.blackbox.com remains connected to it. If the SmartPath AP MAC address or serialnumber is not in Smartpath.blackbox.com, then Smartpath.blackbox.com does not respond to the CAPWAP connection attempts from that SmartPath AP. For details about the initial CAPWAP connection process, see "How SmartPath APs #ONNECTTO3MART0ATH%-36-!IN3ECTION6.1 Captive Web Portal EnhancementsThe default captive Web portal pages have been redesigned to resize automatically for optimal viewing per device type: smart-phone, tablet, and computer monitor. In addition, captive Web portals can now support a registration page with buttons linking to various URLs.Two significant enhancements have been made to the captive Web portal feature: the default pages have been revised, and support for a new type of user registration has been added.New Default Captive Web Portal PagesWith the proliferation of mobile devices, the default captive Web portal registration, success, and failure pages have been redesigned to resize automatically to fit the screen of the device accessing them. For example, here is the registration page for user authentication on a computer monitor, a tablet, and a smartphone. You can see how the page adjusts to fit the screen for optimal display no matter what type of device is in use.Figure 6-4. Captive Web portal page shown on a computer monitor, tablet, and smartphone.

724-746-5500 | blackbox.com Page 67Chapter 7: Using SmartPath EMS VMA7. Using SmartPath EMS VMAThink of the cooperative control architecture as consisting of three broad planes of communication. On the data plane, wireless clients gain network access by forming associations with SmartPath APs. On the control plane, SmartPath APs communicate with each other to coordinate functions such as best-path forwarding, fast roaming, and automatic RF management. On the manage-MENTPLANE3MART0ATH%-36-!PROVIDESCENTRALIZEDCONFIGURATIONMONITORINGANDREPORTINGOFMULTIPLE3MART0ATH!0S4HESEthree planes are shown in Figure 7-1.The management plane is the logical division of administrative traffic relating to the configuration and monitoring of SmartPath APs. From a management system, an admin can use the SmartPath EMS to configure, maintain, and monitor multiple SmartPath APs, essentially coordinating the control and data planes from a single, central location.Data PlaneControl PlaneManagement PlaneThe data plane is the logical division of wireless client traffic (user data) traversing a wireless-to-wired LAN. Traffic in the data plane follows optimal paths that various mechanisms in the control plane determine.The control plane is the logical division of traffic that Cluster members use to collaborate on how best to forward user data, coordinate radio frequencies, and provide Layer2 and Layer3 roaming capabilities with each other.To the wired network ...Management SystemFigure 7-1. Three communication planes in the cooperative control architecture.!SYOUCANSEEIN&IGURE3MART0ATH%-36-!OPERATESSOLELYONTHEMANAGEMENTPLANE!NYLOSSOFCONNECTIVITYBETWEEN3MART0ATH%-36-!ANDTHE3MART0ATH!0SITMANAGESONLYAFFECTS3MART0ATH!0MANAGEABILITYSUCHALOSSHASNOIMPACTON communications occurring on the control and data planes.7.1 Installing and Connecting to the SmartPath EMS VMA GUI4OBEGINUSINGTHE3MART0ATH%-36-!'5)YOUMUSTFIRSTCONFIGURETHE-'4INTERFACETOBEACCESSIBLEONTHENETWORKCABLE3MART0ATH%-36-!ANDYOURMANAGEMENTSYSTEMTHATISYOURCOMPUTERTOTHENETWORKANDTHENMAKEAN(440CONNECTIONfrom your system to the MGT interface.NOTE: SmartPath EMS VMA has two Ethernet interfaces—MGT and LAN. You can put just the MGT interface on the network and use it for all types of traffic, or you can use both interfaces—which must be in different subnets—and separate SmartPath EMS VMA management traffic (MGT) from SmartPath AP management traffic (LAN).

724-746-5500 | blackbox.com Page 68Chapter 7: Using SmartPath EMS VMA"ESIDES3MART0ATH%-36-!ANDYOURMANAGEMENTSYSTEMYOUNEEDTWOORTHREE%THERNETCABLESANDASERIALCABLEORhNULLmodem”). The Ethernet cables can be standard CAT3, CAT5, CAT5e, or CAT6 cables with T568A or T568B terminations and 2*CONNECTORS4HESERIALCABLEMUSTCOMPLYWITHTHE23STANDARDANDTERMINATEONTHE3MART0ATH%-36-!ENDWITHAfemale DB9 connector. (For more details, see Section 5.2, Ethernet and Console Ports.)The GUI requirements for the management system are as follows:s-INIMUMSCREENRESOLUTIONOFXPIXELSs3TANDARDBROWSER"LACK"OXRECOMMENDS)NTERNET%XPLORER® v7.0 or Mozilla® Firefox® v2.0.0 or later—with Flash v9.0 or later, which is required for viewing charts with dynamically updated SmartPath AP alarms and wireless client data9OURMANAGEMENTSYSTEMALSONEEDSA64TERMINALEMULATIONPROGRAMSUCHAS4ERA4ERM0ROAFREETERMINALEMULATOROR(ILGRAEVE(YPERTERMINALPROVIDEDWITH7INDOWSTO7INDOWS80OPERATINGSYSTEMS&INALLYYOUNEEDANLICENSEKEYORFORAPHYSICAL3MART0ATH%-36-!APPLIANCETHATDOESNOTHAVE)NTERNETACCESSTOTHE ENTITLEMENTSERVERALICENSEKEY9OUSHOULDHAVERECEIVEDTHISWHENYOUPURCHASEDYOUR3MART0ATH%-36-!SOFTWARELICENSEChanging Network Settings4OCONNECT3MART0ATH%-36-!TOTHENETWORKYOUMUSTFIRSTSETTHE)0ADDRESSNETMASKOFITS-'4INTERFACESOTHATITISINTHE SUBNETTOWHICHYOUPLANTOCABLEIT4ODOTHISYOUCANUSETHE3MART0ATH%-36-!CONSOLEPORT#ONNECTTHEPOWERCABLETOAnVOLTPOWERSOURCEANDTURNON3MART0ATH%-36-!4HEPOWERSWITCHISONTHEBACKpanel of the device.2. Connect one end of an RS-232 serial cable to the serial port (or COM port) on your management system.#ONNECTTHEOTHERENDOFTHECABLETOTHEMALE$"CONSOLEPORTON3MART0ATH%-36-!/NYOURMANAGEMENTSYSTEMRUNA64EMULATIONPROGRAMUSINGTHEFOLLOWINGSETTINGSs"ITSPERSECONDBAUDRATEs$ATABITSs0ARITYNONEs3TOPBITSs&LOWCONTROLNONE5. Log in by entering the default user name (admin) and password (blackbox).4HE3MART0ATH%-36-!#,)SHELLLAUNCHES4OCHANGENETWORKSETTINGSENTER1 (1 Network Settings and Tools), and then enter 1 again (1 View/Set IP/Netmask /Gateway/DNS Settings).7. Follow the instructions to configure the IP address and netmask for the MGT interface, its default gateway, the SmartPath EMS 6-!HOSTNAMEANDDOMAINNAMEANDITSPRIMARY$.3SERVERNOTE: The default IP address/netmask for the MGT interface is 192.168.2.10/24. The default gateway IP address is 192.168.2.1. The LAN interface is disabled by default and does not have a default IP address. You can define network settings for the LAN interface through the SmartPath EMS VMA GUI after you log in.When deciding to use one interface (MGT) or both (MGT and LAN), keep in mind that there are two main types of traffic to and FROM3MART0ATH%-36-!s3MART0ATH%-36-!MANAGEMENTTRAFFICFORADMINACCESSANDFILEUPLOADSs3MART0ATH!0MANAGEMENTTRAFFICANDCONFIGURATIONFILEAND3MART0ATH/3IMAGEDOWNLOADSTOMANAGED3MART0ATH!0S7HENYOUENABLEBOTHINTERFACES3MART0ATH%-36-!MANAGEMENTTRAFFICUSESTHE-'4INTERFACEWHILE3MART0ATH!0MANAGE-ment traffic uses the LAN interface, as shown in Figure 7-2.

724-746-5500 | blackbox.com Page 69Chapter 7: Using SmartPath EMS VMAMGT10.1.2.8/24LAN10.1.1.8/24Switch Router Clusters in different subnetsRouter10.1.3.0/2410.1.4.0/2410.1.5.0/2410.1.1.110.1.2.1Admin10.1.7.34SCP Server 10.1.6.12SmartPath EMS VMAEach cluster contains multiple SmartPath APsClusters in different subnets3TATIC2OUTES3MART0ATH%-36-!SENDSTRAFFICDESTINEDFOR  TO 3MART0ATH%-36-!SENDSTRAFFICDESTINEDFORTO$EFAULT'ATEWAY3MART0ATH%-36-!SENDSTRAFFICHEREWHENTHEREARENOSPECIFICROUTESTOADESTINATIONFigure 7-2. Using both MGT and LAN interfaces.NOTE: To set static routes after you log in to the GUI, click Home > Administration > SmartPath EMS VMA Settings > Routing > Add, set the destination IP address, netmask, and gateway, and then click “Apply.”When only the MGT interface is enabled, both types of management traffic use it. A possible drawback to this approach is that you cannot separate the two types of management traffic into two different networks. For example, if you have an existing man-AGEMENTNETWORKYOUWOULDNOTBEABLETOUSEITFOR3MART0ATH%-36-!MANAGEMENTTRAFFIC"OTH3MART0ATH%-36-!AND3MART0ATH!0MANAGEMENTTRAFFICWOULDNEEDTOFLOWONTHEOPERATIONALNETWORKBECAUSE3MART0ATH%-36-!WOULDNEEDTOcommunicate with the SmartPath APs from its MGT interface (see Figure 7-3). However, if the separation of both types of traffic is not an issue, then using just the MGT interface is a simple approach to consider.MGT10.1.1.8/24LAN0.0.0.0/0Switch Router Clusters in different subnets10.1.3.0/2410.1.4.0/2410.1.5.0/2410.1.1.1Admin10.1.7.34SCP Server 10.1.6.12SmartPath EMS VMAEach cluster contains multiple SmartPath APs.Each cluster contains multiple SmartPath APsClusters in different subnets$EFAULT'ATEWAY3MART0ATH%-36-!SENDSALLTRAFFICTOTHEDEFAULTGATEWAYFigure 7-3. Using just the MGT interface.8. After you finish configuring the network settings, restart network services by entering 6 (6 Restart Network Services) and then enter yes to confirm the action. You can now disconnect the serial cable.Connecting to the GUI through the MGT Interface1. Connect Ethernet cables from the MGT interface and LAN interface—if you are using it—to the network.2. Connect an Ethernet cable from your management system to the network so that you can make an HTTPS connection to the IP address that you set for the MGT interface.

724-746-5500 | blackbox.com Page 70Chapter 7: Using SmartPath EMS VMA3. Open a Web browser and enter the IP address of the MGT interface in the address field. For example, if you changed the IP ADDRESSTOENTERTHISINTHEADDRESSFIELDHTTPSNOTE: If you ever forget the IP address of the MGT interface and cannot make an HTTPS connection to SmartPath EMS VMA, make a serial connection to its console port and enter 1 for "Network Settings and Tools" and then 1 again for "View/Set IP/Netmask/Gateway/DNS Settings.” The serial connection settings are explained in "Changing Network Settings" in Section 7.1, Installing and Connecting to the SmartPath EMS VMA GUI. A login prompt appears.4. Type the default name (admin) and password (blackbox) in the login fields, and then click Log in.Figure 7-4. Login screen.!FTERLOGGINGINTO3MART0ATH%-36-!6IRTUAL!PPLIANCETHE"LACK"OX%ND5SER,ICENSE!GREEMENTAPPEARS2EADITOVERand if you agree with its content, click Agree.!NINITIAL7ELCOMETO3MART0ATH%-36-!DIALOGBOXAPPEARSASSHOWNBELOWFigure 7-5. Welcome screen.

724-746-5500 | blackbox.com Page 71Chapter 7: Using SmartPath EMS VMA#HANGETHECLUSTERNAMEFORYOUR3MART0ATH!0SDEFAULTBLACKBOXCHANGEYOUR3MART0ATH%-36-!LOGINPASSWORDANDSETTHETIMEZONEWHEREYOUARELOCATEDWHICHMIGHTBETHESAMETIMEZONEASTHATFOR3MART0ATH%-36-!ORADIFFERENTONE)Fyou have an entitlement key, click Enter Key. The following dialog box appears.Figure 7-6. Entitlement key screen.For a physical appliance with Internet access, select “Enter Entitlement Key.” Copy the entitlement key text string that Black Box sent you in an e-mail message, paste it in the Entitlement Key field, and then click “Enter.” You also have the option of installing a 3MART0ATH%-36-!LICENSEKEYWHICHISUSEFULIFYOUAREWORKINGWITHANAPPLIANCEINALOCATIONTHATDOESNOTHAVE)NTERNETaccess, such as a test lab. If you already have a license, select “Install License Key,” copy the license key text string previously sup-plied by Black Box in an email message, paste it in the License Key field, and then click “Enter.”&OR3MART0ATH%-3/NLINEAND3MART0ATH%-36-!6IRTUAL!PPLIANCECOPYTHEENTITLEMENTKEYTEXTSTRINGPASTEITINTHEEntitlement Key field, and then click “Enter.” SmartPath EMS Online transmits the entitlement key to the on-line Black Box entitlement server, which replies with all licenses associated with that key.If you do not have an entitlement key or license key yet, click “Continue.” You can access the GUI for a 30-day period without a key. To request an entitlement key or license key, you can send an e-mail to orders@blackbox.com. Make sure to include your customer name and sales order number in the request. When you receive the key, click “Enter Now” in the prompt displayed at the top of the GUI (shown below) or click Home > Administration > License Management. Copy the key from the e-mail and paste it in the appropriate field.Figure 7-7. GUI.9OUARENOWLOGGEDINTOTHE3MART0ATH%-36-!'5),ATERAFTERCOMPLETINGTHE'LOBAL3ETTINGSPAGEINTHENEXTSTEPSYOUcan check details about the installed entitlement key and licenses on the Home > Administration > License Management page. You can also enter more licenses there if necessary. 3MART0ATH%-36-!CANOPERATEINONEOFTWOADMINISTRATIVEMODES%XPRESSAND%NTERPRISE%XPRESSMODETHEDEFAULT provides a simple set of configuration components designed for managing a single network. Enterprise mode provides configuration components for managing multiple networks that require more advanced settings. Because the examples throughout this guide are based on Enterprise mode, switch to that mode by clicking Home > Global Settings and selecting Enterprise (recommended for more advanced networks).*)FYOUCHOOSE%XPRESSYOUCANLATERSWITCHTO%NTERPRISEMODEAND3MART0ATH%-36-!WILLAUTOMATICALLYCONVERTYOURSETTINGSfrom the structure used in Express mode to that used in Enterprise mode. However, after choosing Enterprise, you cannot later switch to Express mode and preserve your settings. To change from Enterprise to Express mode, you must erase the database, and then choose Express after you log back in.8. After selecting Enterprise mode, you have the option of changing the root admin password for logging in to SmartPathAPs. 3MART0ATH%-36-!USESTHISPASSWORDWHENMAKING33(CONNECTIONSANDUPLOADINGAFULLCONFIGURATIONTO3MART0ATH!0SThe default root admin name and password is admin and blackbox. To set a different password, enter it in the New SmartPath AP Password and Confirm Password fields. The SmartPath AP password can be any alphanumeric string from 5 to 32 characters long. To see the password string that you enter, clear Obscure Password.

724-746-5500 | blackbox.com Page 72Chapter 7: Using SmartPath EMS VMAFigure 7-8. Start here screen.4OSAVEYOURSETTINGSANDENTERTHE3MART0ATH%-36-!'5)IN%NTERPRISEMODECLICKh5PDATEv10. A message appears prompting you to confirm your selection of Enterprise mode. After reading the confirmation message, click “Yes.”NOTE: You can change the SmartPath AP root admin name in the Credentials section of the SmartPath AP configuration dialog box (Monitor > Access Points >SmartPath AP > smartpathap_name > Modify). 3MART0ATH%-36-!DISPLAYSTHE'UIDED#ONFIGURATIONPAGETOASSISTYOUWITHTHEMAINCONFIGURATIONSTEPSs$EVICELEVELSETTINGSFOR3MART0ATH!0Ss4HETHREEMAJOR7,!.POLICYLEVELCONFIGURATIONOBJECTSWHICHREFERENCEALLOTHERCONFIGURATIONOBJECTSUSERPROFILESSSIDs, and WLAN policiess4HETRANSFEROFTHEDEVICEANDPOLICYLEVELSETTINGSFROM3MART0ATH%-36-!TO3MART0ATH!0S7.2 Introduction to the SmartPath EMS VMA GUI5SINGTHE3MART0ATH%-36-!'5)YOUCANSETUPTHECONFIGURATIONSNEEDEDTODEPLOYMANAGEANDMONITORLARGENUMBERSOFSmartPath APs. The configuration workflow is described in Section 7.3. The GUI consists of several important sections, which are shown in Figure 7-9.

724-746-5500 | blackbox.com Page 73Chapter 7: Using SmartPath EMS VMA&IGURE)MPORTANTSECTIONSOFTHE3MART0ATH%-36-!'5)Menu Bar: The items in the menu bar open the major sections of the GUI. You can then use the navigation tree to navigate to specific topics within the selected section.Search: This is a tool for finding a text string anywhere in the GUI (except in Reports). You can do a global search or confine a search to a specific part of the GUI.Log Out: Click to log out of your administrative session. If you are logged in as an admin with super user privileges and there are virtual systems, you can exit the home system and enter a different virtual system from here.Navigation Tree: The navigation tree contains all the topics within the GUI section that you chose in the menu bar. Items you select in the navigation tree appear in the main panel.Main Panel: The main panel contains the windows in which you set and view various parameters..OTIFICATIONS3MART0ATH%-36-!DISPLAYSASUMMARYOFNEW3MART0ATH!0SROGUECLIENTSROGUE!0SANDALARMSDETECTEDON managed SmartPath APs here. Clicking a displayed number opens the relevant page with more details.3OMECONVENIENTASPECTSTHATTHE3MART0ATH%-36-!'5)OFFERSARETHEABILITYTOCLONECONFIGURATIONSAPPLYCONFIGURATIONSTO multiple SmartPath APs at once, and sort displayed information. Brief overviews of these functions are presented in the following sections.7.2.1 Viewing ReportsWhen viewing reports that contain graphs (Monitor > Reports …), you can use your mouse to control what information 3MART0ATH%-36-!DISPLAYS-OVINGYOURMOUSEOVERAMEASUREMENTPOINTONANYLINEINAGRAPHDISPLAYSTHETYPEOFDATAbeing reported and the date, time, and value of the measurement. In the graph for active client details (Monitor > Clients > Active #LIENTSCLIENT?MAC?ADDRORAREPORTDEFINEDASA.EW2EPORT6ERSIONMOVINGYOURMOUSEOVERACOLORBOXINTHELEGENDhides all other lines except the one matching that color (see Figures 7-10 and 7-11).

724-746-5500 | blackbox.com Page 74Chapter 7: Using SmartPath EMS VMAFigure 7-10. Working with graphs in reports.Moving the mouse over a measurement point in a graph displays data about that measurement. If measurement points on multi-PLELINESHAPPENTOCONVERGEATTHESAMEPOINT3MART0ATH%-36-!DISPLAYSDATAFORALLOFTHEM(EREYOUCANSEEINFORMATIONabout the total number of transmitted (Tx) and received (Rx) frames and dropped frames.Figure 7-11. Working with graphs in reports.In the graph showing details for a selected active client, moving the mouse over a colored box in the legend hides all other lines EXCEPTTHEONETHATISTHESAMECOLORASTHEBOXUNDERTHEMOUSE(ERE3MART0ATH%-36-!ONLYSHOWSTHEREDLINEFOR transmitted frames because the mouse is over the red box next to Rx Frames in the legend.7.2.2 CAPWAP Latency ReportsCAPWAP Latency Reports:3MART0ATH%-36-!TRACKSTHEAVERAGELATENCYINITS#!07!0CONNECTIONSTOEACHMANAGEDSmartPath AP and displays an icon indicating the average amount of current latency in the Connection column on the Monitor > Access Points > SmartPath APs page when viewed in Monitor mode. A green hexagon indicates normal latency, based on an AVERAGETHAT3MART0ATH%-36-!HASCALCULATEDFROMPERIODIC3MART0ATH!0REPORTS4HEICONCHANGESTOYELLOWWHENTHElatency increases to the point that responsiveness has slowed noticeably; however, configuration and image uploads can still succeed. It changes to orange when connectivity issues reach the point that configuration and image upload attempts might no longer be successful.

724-746-5500 | blackbox.com Page 75Chapter 7: Using SmartPath EMS VMA7.2.3 Searching4HE3MART0ATH%-36-!'5)PROVIDESASEARCHFEATURETHATYOUCANUSETOFINDTEXTSTRINGSTHROUGHOUTTHE3MART0ATH%-36-!database and the entire GUI (except in Reports and Topology) or within one or more specified sections of the GUI. By default, 3MART0ATH%-36-!SEARCHESTHROUGHTHEFOLLOWINGSECTIONSOFTHE'5)#ONFIGURATION!CCESS0OINTS#LIENTS!DMINISTRATIONand Tools. You can also include Events and Alarms in your search, but not Topology. To restrict the scope of your search, click the down arrow to the right of the search icon and select the areas of the GUI that you want to include and clear those that you want to exclude (see Figure 7-12).Figure 7-12. Search tool.The following items are ignored when using the search tool:s4HENAMESOFFIELDSINDIALOGBOXESs4HESETTINGSONTHEFOLLOWING(OME!DMINISTRATIONPAGES3MART0ATH%-36-!3ETTINGS3MART0ATH%-36-!3ERVICESANDSPM Notification Mail Lists#ERTIFICATESCAPTIVEWEBPORTALWEBPAGEFILESANDIMAGEFILESs2EPORTSWhen you enter a word or phrase in the search field and then click the Search icon—or press the Enter key on your keyboard—3MART0ATH%-36-!DISPLAYSTHESEARCHRESULTSINTHELEFTPANELTHATUSUALLYCONTAINSTHENAVIGATIONTREE4HEFIRSTITEMINTHELISTis displayed in the main window. To view a different page, click the page name (see Figure 7-13).

724-746-5500 | blackbox.com Page 76Chapter 7: Using SmartPath EMS VMAFigure 7-13. Search results.NOTE: Do not use quotation marks to enclose a phrase of two or more words. Simply enter the phrase that you want to find with spaces. See the SmartPath EMS VMA on-line Help for more information on the Search tool.7.2.4 MultiselectingYou can select multiple objects to make the same modifications or perform the same operation to all of them at once.Select the check boxes to select multiple noncontiguous objects, or shift-click to select check boxes for multiple contiguous objects.

724-746-5500 | blackbox.com Page 77Chapter 7: Using SmartPath EMS VMAThen click the Modify button to configure them with the same settings.Figure 7-14. Selecting multiple new SmartPath APs.Here, you use the shift-click multiselection method to select a set of the topmost eight SmartPath APs in the list; that is, you select the checkbox for the top SmartPath AP and hold down the SHIFT key while selecting the checkbox for the eighth SmartPath AP from the top.7.2.5 Cloning ConfigurationsWhen you need to configure multiple similar objects, you can save time by configuring just the first object, cloning it, and then making slight modifications to the subsequent objects. With this approach, you can avoid re-entering repeated data.To clone an object, select it in an open window, and then click the Clone button. Retain the settings you want to keep, and modify those you want to change.

724-746-5500 | blackbox.com Page 78Chapter 7: Using SmartPath EMS VMAFigure 7-15. Cloning a cluster.7.2.6 Sorting Displayed DataYou can control how the GUI displays data in the main panel by clicking a column header. This causes the displayed content to reorder itself alphanumerically or chronologically in either ascending or descending order. Clicking the header a second time reverses the order in which the data is displayed.By default, displayed objects are sorted alphanumerically from the top by name. If you click the name again, the order is reversed; that is, the objects are ordered alphanumerically from the bottom.Figure 7-16. Sorting event log entries by SmartPath AP host name and then chronologically.

724-746-5500 | blackbox.com Page 81Chapter 7: Using SmartPath EMS VMA To load a file from an SCP server: File from remote server: (select) IP Address: Enter the IP address of the SCP server. SCP Port: Enter the port number of the SCP server (the default port number for SCP is 22).&ILE0ATH%NTERTHEDIRECTORYPATHAND3MART0ATH%-36-!SOFTWAREFILENAME)FTHEFILEISINTHEROOTDIRECTORYOFTHE3#0server, you can simply enter the file name.5SER.AME4YPEAUSERNAMEWITHWHICH3MART0ATH%-36-!CANACCESSTHE3#0SERVER0ASSWORD4YPEAPASSWORDWITHWHICH3MART0ATH%-36-!CANUSETOLOGINSECURELYTOTHE3#0SERVER or To load a file from the Black Box update server: File from Black Box update server: (select)!POPUPWINDOWAPPEARSWITHALISTOFNEWER3MART0ATH%-36-!IMAGEFILES)FYOUHAVETHELATESTAVAILABLEVERSIONTHELISTWILLBEEMPTY)FTHEREARENEWERIMAGESSELECTTHEONEYOUWANTANDUPGRADE3MART0ATH%-36-!TOTHATIMAGEBYTRANS-FERRINGTHEFILEOVERAN(4403CONNECTIONFROMTHESERVERTO3MART0ATH%-36-!4OSAVETHENEWSOFTWAREANDREBOOT3MART0ATH%-36-!CLICKh/+v7.5 Updating SmartPathOS Firmware3MART0ATH%-36-!MAKESITEASYTOUPDATE3MART0ATH/3FIRMWARERUNNINGONMANAGED3MART0ATH!0S&IRSTYOUOBTAINNEW3MART0ATH!0FIRMWAREFROM"LACK"OX4ECHNICAL3UPPORTANDUPLOADITONTO3MART0ATH%-36-!4HENYOUPUSHTHEFIRMWAREto the SmartPath APs and activate it by rebooting them.NOTE: When upgrading both SmartPath EMS VMA software and SmartPathOS firmware, do so in this order:s5PGRADE3MART0ATH%-36-!3MART0ATH%-36-!CANMANAGE3MART0ATH!0SRUNNINGTHECURRENTVERSIONOFSmartPathOS and also previous versions going back two major releases).s5PLOADTHENEW3MART0ATH/3FIRMWARETOTHEMANAGED3MART0ATH!0SANDREBOOTTHEMTOACTIVATEITs2ELOADTHE3MART0ATH/3CONFIGURATIONSTOTHEMANAGED3MART0ATH!0SEVENIFNOTHINGINTHECONFIGURATIONSHASchanged—and reboot them to activate the configuration that is compatible with the new SmartPathOS image.1. Log in to the Black Box SmartPath Portal to obtain a new SmartPathOS image.2. Save the SmartPathOS image file to a directory on your local management system or network.,OGINTO3MART0ATH%-36-!ANDNAVIGATETO-ONITOR!CCESS0OINTS3MART0ATH!0S4. In the SmartPath APs window, select one or more SmartPath APs, and then click “Update > Upload and Activate SmartPathOS Software.” The Upload and Activate SmartPathOS Software dialog box appears.4OTHERIGHTOFTHE3MART0ATH/3)MAGEFIELDCLICKh!DD2EMOVEv)NTHE!DD2EMOVE3MART0ATH/3)MAGEDIALOGBOXTHATAPPEARSENTERONEOFTHEFOLLOWINGDEPENDINGONHOWYOUINTENDTOUPLOADTHE3MART0ATH/3IMAGEFILETO3MART0ATH%-36-!ANDTHENCLICKh5PLOADv To load a SmartPathOS image file from the Black Box update server: SmartPathOS <version> images from Black Box update server: (select) To load a SmartPathOS image file from a directory on your local management system: Local File: (select); type the directory path and image file name, or click Browse, navigate to the image file, and select it.

724-746-5500 | blackbox.com Page 82Chapter 7: Using SmartPath EMS VMA To load a SmartPathOS image file from an SCP server: SCP Server: (select) IP Address : Enter the IP address of the SCP server. SCP Port: Enter the port number of the SCP server (the default port number for SCP is 22). File Path: Enter the path to the SmartPathOS image file and the file name. If the file is in the root directory of the SCP server, you can simply enter the file name. 5SER.AME4YPEAUSERNAMEWITHWHICH3MART0ATH%-36-!CANACCESSTHE3#0SERVER 0ASSWORD4YPEAPASSWORDTHAT3MART0ATH%-36-!CANUSETOLOGINSECURELYTOTHE3#0SERVERNOTE: To delete an old SmartPathOS file, select the file in the "Available Images" list, and then click Remove.7. Click Upload.#LOSETHEDIALOGBOXBYCLICKINGTHE#LOSEICON8INTHEUPPERRIGHTCORNER"YDEFAULTTHE3MART0ATH%-36-!USES3#0TOTRANSFERTHEFILETOTHESELECTED3MART0ATH!0SANDREQUIRESAMANUALREBOOTof the SmartPath APs to activate it. If you want to change these settings, click Settings in the upper right corner of the Upload and Activate SmartPathOS Software page. A section expands allowing you to change how SmartPathOS images are displayed (by software version or by file name), how the software is activated (these options are explained below), which transfer protocol to use (SCP or TFTP), the type of CONNECTIONBETWEEN3MART0ATH%-36-!ANDTHE3MART0ATH!0SANDHOWLONGTOWAITBEFORETIMINGOUTANINCOMPLETEupdate attempt. In the Activation Time section, select one of the following options, depending on when you want to activate the firmware—by REBOOTINGTHE3MART0ATH!0SAFTER3MART0ATH%-36-!FINISHESLOADINGITs!CTIVATEAT3ELECTANDSETTHETIMEATWHICHYOUWANTTHE3MART0ATH!0STOACTIVATETHEFIRMWARE4OUSETHISOPTIONACCURATELYMAKESURETHATBOTH3MART0ATH%-36-!ANDMANAGED3MART0ATH!0CLOCKSARESYNCHRONIZEDs!CTIVATEAFTER3ELECTTOLOADTHEFIRMWAREONTHESELECTED3MART0ATH!0SANDACTIVATEITAFTERASPECIFIEDINTERVAL4HERANGEISnSECONDSTHATISIMMEDIATELYTOONEHOUR4HEDEFAULTISSECONDSs!CTIVATEATNEXTREBOOT3ELECTTOLOADTHEFIRMWAREANDNOTACTIVATEIT4HELOADEDFIRMWAREGETSACTIVATEDTHENEXTtime the SmartPath AP reboots.NOTE: When choosing which option to use, consider how SmartPath EMS VMA connects to the SmartPath APs it is updating. See Section 7.6.10. To save your settings, click the Save icon in the upper right corner. Otherwise, click the Close icon to use these settings just this time. If you do not save your modified settings, the next time you upload a SmartPathOS image to SmartPath APs, 3MART0ATH%-36-!WILLAGAINAPPLYTHEDEFAULTSETTINGS11. Select the file you just loaded from the SmartPath OS Image drop-down list, select one or more SmartPath APs at the bottom of the dialog box, and then click Upload.3MART0ATH%-36-!DISPLAYSTHEPROGRESSOFTHE3MART0ATH/3IMAGEUPLOADANDITSEVENTUALSUCCESSORFAILUREONTHE Monitor > Access Points > SmartPath AP Update Results page.7.6 Updating SmartPath APs in a Mesh EnvironmentWhen updating cluster members in a mesh environment, be careful of the order in which the SmartPath APs reboot. If a portal completes the upload and reboots before a mesh point beyond it completes its upload—which most likely would happen because portals receive the uploaded content first and then forward it to mesh points—the reboot will interrupt the data transfer TOTHEMESHPOINT4HISCANALSOHAPPENIFAMESHPOINTLINKING3MART0ATH%-36-!TOANOTHERMESHPOINTREBOOTSBEFORETHEmore distant mesh point completes its upload. As a result of such an interruption, the affected mesh point receives an incomplete firmware or configuration file and aborts the update.

724-746-5500 | blackbox.com Page 83Chapter 7: Using SmartPath EMS VMANOTE: A mesh point is a cluster member that uses a wireless backhaul connection to communicate with the rest of the cluster. SmartPath EMS VMA manages mesh points through another cluster member that acts as a portal, which links mesh points to the wired LAN.7HENUPDATING3MART0ATH!0SINAMESHENVIRONMENTTHE3MART0ATH%-36-!COMMUNICATESWITHMESHPOINTSTHROUGHTHEIRportal and, if there are any intervening mesh points, through them as well. While updating SmartPath APs in such an environ-MENTITISIMPORTANTTOKEEPTHEPATHFROMTHE3MART0ATH%-36-!TOALL3MART0ATH!0SCLEARSOTHATTHEDATATRANSFERALONGthat path is not disrupted. Therefore, when updating a firmware image or configuration on SmartPath APs in a mesh environ-ment, make sure that the portal or a mesh point closer to the portal does not reboot before the upload to a mesh point farther away completes.Switch SmartPath AP(Portal)SmartPath AP(Mesh Point 1)SmartPath AP(Mesh Point 2)SmartPath EMS = Wired Link - - - - - = Wireless LinkFigure 7-18. SmartPath APs in a mesh environment.To avoid the reboot of an intervening SmartPath AP from interfering with an ongoing upload to a mesh point beyond it, allow enough time for the firmware to reach the farthest mesh points before activating the firmware. After all the SmartPath APs have THEFIRMWAREREBOOTINGANY3MART0ATH!0SBETWEENTHEMAND3MART0ATH%-36-!BECOMESINCONSEQUENTIAL

724-746-5500 | blackbox.com Page 84Chapter 8: Basic Configuration Examples8. Basic Configuration Examples4HISCHAPTERINTRODUCESTHE3MART0ATH%-36-!'5)IN%NTERPRISEMODETHROUGHASERIESOFEXAMPLESSHOWINGHOWTOCREATEAbasic configuration of an SSID, cluster, and WLAN policy. It then explains how to connect several SmartPath APs to SmartPath %-36-!ACCEPTTHEMFORMANAGEMENTANDPUSHTHECONFIGURATIONTOTHEMOVERTHENETWORKNOTE: Although maps provide a convenient method for organizing and managing your SmartPath AP deployment, they are not strictly required and are not covered in this chapter. For information about using maps, see Section 9.1. You can look at any of the following examples individually to study how to configure a specific feature or view all of them SEQUENTIALLYTOUNDERSTANDTHEBASICWORKFLOWFORCONFIGURINGANDMANAGING3MART0ATH!0STHROUGH3MART0ATH%-36-!The examples are as follows:s3ECTION%XAMPLE$EFININGAN33)$$EFINETHESECURITYANDNETWORKSETTINGSTHATWIRELESSCLIENTSAND3MART0ATH!0SUSEto communicate.s3ECTION%XAMPLE#REATINGA#LUSTER#REATEACLUSTERSOTHATTHE3MART0ATH!0SCANEXCHANGEINFORMATIONWITHEACHother to coordinate client access, provide best-path forwarding, and enforce QoS policy.s3ECTION%XAMPLE#REATINGA7,!.0OLICY$EFINEA7,!.POLICYWHICHCONTAINSTHE33)$ANDCLUSTERDEFINEDINTHEFIRSTtwo examples.s3ECTION%XAMPLE!CCESSAND"ACKHAULONTHE3AME2ADIOs3ECTION%XAMPLE#ONNECTING3MART0ATH!0STO3MART0ATH%-36-!#ABLETWO3MART0ATH!0STOTHENETWORKTOACTAS PORTALSANDSETUPATHIRDONEASAMESHPOINT0UTTHE3MART0ATH!0SONTHESAMESUBNETAS3MART0ATH%-36-!ANDALLOWTHEMTOMAKEA#!07!0CONNECTIONTO3MART0ATH%-36-!s3ECTION%XAMPLE!SSIGNINGTHE#ONFIGURATIONTO3MART0ATH!0S!SSIGNTHE7,!.POLICYTOTHE3MART0ATH!0S!LSOchange SmartPath AP login settings and—if necessary—country codes.s3ECTION%XAMPLE3ELECTIVE-ULTICAST&ORWARDINGTHROUGH'2%4UNNELSs3ECTION%XAMPLE)0-ULTICAST%NHANCEMENTSPhysical devices on the networkConfigurationThe conceptual relationships among the configuration examples in this chapter.Figure 8-1. The conceptual relationships among the configuration examples in this chapter.In the first three examples, you define configuration objects in the Configuration section of the GUI. In the last two examples, you CONNECTSOME3MART0ATH!0STOTHENETWORKENABLETHEMTOMAKEA#!07!0CONNECTIONTO3MART0ATH%-36-!ANDTHENmanage them in the Monitor section of the GUI.8.1 Example 1: Defining an SSIDA service set identifier (SSID) is an alphanumeric string that identifies a group of security and network settings that wireless clients and access points use when establishing wireless communications with each other. In this example, you define the following SSID, which uses a preshared key (PSK) for client authentication and data encryption: SSID name: test1-psk

724-746-5500 | blackbox.com Page 87Chapter 8: Basic Configuration Examples8.2 Example 2: Creating a ClusterA cluster is a group of SmartPath APs that exchanges information with each other to form a collaborative whole. Through coordinated actions based on shared information, cluster members can provide the following services:s#ONSISTENT1UALITYOF3ERVICE1O3POLICYENFORCEMENTACROSSALLCLUSTERMEMBERSs#OORDINATEDANDPREDICTIVEWIRELESSACCESSCONTROLTHATPROVIDESSEAMLESS,AYERAND,AYERROAMINGTOCLIENTSMOVINGFROMone cluster member to another (The members of a cluster can be in the same subnet or different subnets, allowing clients to roam across subnet boundaries.)s$YNAMICBESTPATHROUTINGFOROPTIMIZEDDATAFORWARDINGANDNETWORKPATHREDUNDANCYs!UTOMATICRADIOFREQUENCYANDPOWERSELECTIONFORWIRELESSMESHANDACCESSRADIOSs4UNNELINGOFCLIENTTRAFFICFROMONECLUSTERMEMBERTOANOTHERSUCHASTHETUNNELINGOFGUESTTRAFFICFROMA3MART0ATH!0INTHEinternal network to another SmartPath AP in the corporate DMZ Cluster members use Wi-Fi Protected Access with a preshared key (WPA-PSK) to exchange keys and secure wireless cluster communications. To authenticate and encrypt wireless cluster communications, cluster members use open authentication and CCMP (AES) encryption. CCMP is a rough acronym for "Counter Mode with Cipher Block Chaining Message Authentication Code Protocol" that makes use of Advanced Encryption Standard (AES). This is very similar to the security provided by the SSID in the preceding example.In this example, you define a cluster and name it "cluster-test1". Later, in Section 8.3, you assign the cluster to a WLAN policy, which in turn, you assign to SmartPath AP devices in Section 8.5.NOTE: A WLAN policy is different from a cluster. Unlike the members of a WLAN policy who share a set of policy-based configurations, the members of a cluster communicate with each other and coordinate their activities as access points. WLAN policy members share configurations. Cluster members work together collaboratively.Click Configuration > Advanced Configuration > Clusters > New, enter the following, leave the other options at their default settings, and then click Save: Cluster: cluster1-test (You cannot include spaces in the name of a cluster.) Description: Test cluster for learning how to use the GUI; remove later As was done in the previous example, this note and the name "cluster1-test" are intended to act as reminders to replace this configuration later with a cluster name that you really intend to use. Modify Encryption Protection: (select) Automatically generate password: (select) The password is what cluster members use when authenticating themselves to each other over the wireless backhaul link using WPA-PSK CCMP (AES). As an admin, you never need to see or know what this string is; therefore, using the automatic password generation method saves you the trouble of inventing a long—up to 63 characters—and random alphanumeric string.Optional Settings: Leave the optional settings as they are by default. For information about these settings, and about any setting INTHE'5)FORTHATMATTERSEETHE3MART0ATH%-36-!ONLINE(ELPSYSTEM8.3 Example 3: Creating a WLAN Policy4HROUGH3MART0ATH%-36-!YOUCANCONFIGURETWOBROADTYPESOFFEATURESs0OLICYLEVELFEATURES)NCOMBINATIONTHESEFEATURESFORMPOLICIESTHATCONTROLHOWUSERSACCESSTHENETWORK33)$SUSER profiles, QoS forwarding mechanisms and rates, clusters, AAA (authentication, authorization, accounting) services, management SERVICES$.3.403.-0ANDSYSLOGTUNNELPOLICIES)0AND-!#FIREWALLPOLICIESAND6,!.ASSIGNMENTS

724-746-5500 | blackbox.com Page 88Chapter 8: Basic Configuration Exampless$EVICELEVELFEATURES4HESEFEATURESCONTROLHOWCLUSTERMEMBERSCOMMUNICATEWITHTHENETWORKANDHOWRADIOSOPERATEINdifferent modes, frequencies, and signal strengths.!7,!.POLICYISANASSEMBLYOFPOLICYLEVELFEATURECONFIGURATIONSTHAT3MART0ATH%-36-!PUSHESTOALL3MART0ATH!0STHATyou assign to the policy. Because these configurations are policy-based, they can apply across multiple physical devices. In con-trast, device-level configurations are more appropriately applied to smaller sets of devices or to individual devices themselves.In this example, you create a WLAN policy that includes the SSID and cluster configured in the previous two examples. Although the New WLAN Policy dialog box consists of several pages, for this basic configuration, you only need to configure items on the first page (see Figure 8-3).Figure 8-3. WLAN policy general settings.Click Configuration > WLAN Policies > New, enter the following on the first page of the new WLAN policy dialog box, leave all the other settings as they are, and then click Save: Name: wlan-policy-test1 (You cannot use spaces in the WLAN policy name.) Description: Test WLAN policy for learning how to use the GUI; remove later Cluster: cluster1-test (The cluster was previously configured in “Example 2: Creating a Cluster” in Section 8.2.)33)$0ROFILES#LICK!DD2EMOVE33)$0ROFILECHOOSETESTPSKINTHE!VAILABLE33)$0ROFILESLISTCLICKTHERIGHTARROWTOmove it to the Selected SSID Profiles list, and then click Apply. (The SSID was previously configured in Section 8.1.)The creation of a WLAN policy that puts the SmartPath APs to which you apply it in a cluster and provides them with an SSID is COMPLETE)NTHEFOLLOWINGEXAMPLESYOUDEPLOYSEVERAL3MART0ATH!0SONANETWORKACCEPTTHEMFOR3MART0ATH%-36-! management, and then apply the WLAN policy to them.

724-746-5500 | blackbox.com Page 90Chapter 8: Basic Configuration ExamplesWired Ethernet Backhaul All SmartPath APs: wifi0 = access wifi1 = dual (default settings)SmartPath AP loses its Ethernet connectivity. SmartPathOS 4.0 detects the failure and begins scanning on wifi1 for the best neighbor.SmartPath AP judges signal conditions and determines that SmartPath AP 3 has the best signal quality. SmartPath AP 2 changes its channel to match that of SmartPath AP 3, and establishes a mesh link on Channel 161.Figure 8-4. Overview of failover.To configure a SmartPath AP to use access and backhaul simultaneously: Click Monitor > Access Points > SmartPath APs, select the check box next to the SmartPath AP you want to configure, click “Modify,” select the “Use radio (2.4 GHz) for client access, radio (5 GHz) for client access as well as a mesh link radio,” and then click “Save.”

724-746-5500 | blackbox.com Page 91Chapter 8: Basic Configuration ExamplesFigure 8-5. Select radio.By selecting the Enable the bridging of Ethernet connection devices over the wireless mesh network checkbox, you enable advanced bridging features, such as bridge-access and bridge-802.1Q modes. To configure these modes, click Optional Settings > Interface and Network Settings.8.5 Example 5: Connecting SmartPath APs to SmartPath EMS VMA)NTHISEXAMPLEYOUSETUPTHREE3MART0ATH!0SFORMANAGEMENTTHROUGH3MART0ATH%-36-!#ABLETWOOFTHE3MART0ATHAPs—SmartPath AP1 and SmartPath AP2—to the network. Run an Ethernet cable from the eth0 port on each SmartPath AP to a SWITCHSOTHATTHEYAREINTHESAMESUBNETASTHE)0ADDRESSOFTHE-'4INTERFACEON3MART0ATH%-36-!.EITHERTHE3MART0ATH!0ETHPORTNORTHE3MART0ATH%-36-!,!.PORTAREUSEDINTHISEXAMPLE9OUCANUSE!#$#POWERADAPT-ERSTOCONNECTTHEMTOAn6!#POWERSOURCEORALLOWTHEMTOOBTAINPOWERTHROUGH0O%FROM03%ONTHENETWORK(Both power adapters and PoE injectors are available from Black Box as options.) Place the third SmartPath AP—SmartPath AP3—within range of the other two, and use a power adapter to connect it to an AC power source. See Figure 8-6, in which the switch uses PoE to provide power to SmartPath APs 1 and 2.= Wired Link= Wireless LinkSmartPath EMS VMASingle SubnetLayer-2 Broadcasting DomainRouter/Firewall/DHCP ServerSwitch/PSE The switch delivers power to SmartPath AP1 and Smart-Path AP2 through PoE.SmartPath AP1(Portal)SmartPath AP3(Mesh Point)SmartPath AP3 receives power from a 100-240 VAC outlet.SmartPath AP2(Portal)SmartPath AP3 receives power from a n6!#OUTLETFigure 8-6. Connecting SmartPath APs to the network.By default, the SmartPath APs obtain their network settings dynamically from a DHCP server. SmartPath AP3 reaches the DHCP server after first forming a wireless link with the other two SmartPath APs. (A SmartPath AP in the position of SmartPath AP3 is referred to as a mesh point, and SmartPath APs such as SmartPath AP1 and 2 are called portals.)7ITHINTHEFRAMEWORKOFTHE#!07!0PROTOCOL3MART0ATH!0SACTAS#!07!0CLIENTSAND3MART0ATH%-36-!ASA#!07!0server. Because all devices are in the same subnet in this example, the clients can broadcast CAPWAP Discovery Request messages to discover and establish a secure connection with the server automatically. During the connection process, each client proceeds through a series of CAPWAP states, resulting in the establishment of a secure Datagram Transport Layer Security (DTLS) connection. These states and the basic events that trigger the client to transition from one state to another are shown in Figure 8-7.

724-746-5500 | blackbox.com Page 92Chapter 8: Basic Configuration ExamplesNOTE: To illustrate all possible CAPWAP states, Figure 8-5 begins by showing a SmartPath AP and SmartPath EMS VMA already in the Run state. When a SmartPath AP first attempts to discover a SmartPath EMS VMA—after the SmartPath AP has an IP address for its mgt0 interface and has discovered or has been configured with the SmartPath EMS VMA IP address—it begins in the Discovery state.For information about various ways that SmartPath APs can form a secure CAPWAP connection with a physical SmartPath EMS 6-!APPLIANCEORA3MART0ATH%-36-!6IRTUAL!PPLIANCEINTHESAMEORDIFFERENTSUBNETSANDWITH3MART0ATH%-3/NLINESEEh(OW3MART0ATH!0S#ONNECTTO3MART0ATH%-36-!vINTHISSECTION

724-746-5500 | blackbox.com Page 93Chapter 8: Basic Configuration ExamplesThe CAPWAP client (SmartPath AP) pings the CAPWAP server (SmartPath EMS VMA) but receives no responses within the neighbor-dead-interval.The client transitions to the Discovery state and begins sending Discovery Request messages (broadcast or unicast).If the client continues to send Discovery Request messages until it reaches the max-discovery-interval and max-discovery-count but receives no Discovery Responses, the client then enters the Sulking state and remains in this state until the silent-interval elapses.CAPWAP Client(SmartPath AP)CAPWAP Server(SmartPath EMS VMA)Discovery StateThe CAPWAP client returns to the Discovery state and sends Discovery Request messages.The CAPWAP server receives the Discovery Request message and responds with a Discovery Response.Discovery StateSulking StateThe client sends a Join Request.Join State. . .. . .RunStateIdle StateWhen the client determines its neighbor is dead, it transitions from the Run state to the Idle state.The CAPWAP client and server perform a DTLS (Datagram Transport Layer Security) handshake to establish a secure DTLS connection.The server sends a Join Response.If the Join Response indicates “success”, the client clears its WaitJoin timer and enters the Run state.Note: If the WaitJoin timer expires before the client receives a successful Join Response, the client terminates the DTLS connection and returns to the Discover state.If the Join Response indicates “failure”, the CAPWAP server enters a Reset state and terminates the DTLS session.Figure 8-7. CAPWAP Connection process—beginning from the run state.#HECKTHATTHE3MART0ATH!0SHAVEMADEA#!07!0CONNECTIONWITH3MART0ATH%-36-!Click “Monitor > Access Points > SmartPath APs.”

724-746-5500 | blackbox.com Page 94Chapter 8: Basic Configuration ExamplesThe page displays the three SmartPath APs that you put on the network. If you see the three SmartPath APs, refer to Figure 8-6. If you do not see them, check the following:s$OTHE3MART0ATH!0SHAVEPOWER Check the PWR (Power) status LED on the top of the devices. If it is glowing steady green, it has power and has finished boot-ing up. If the PWR status LED on a SmartPath AP (LWN602HA) is pulsing green, it is still loading the SmartPathOS firmware. If the PWR status LED is dark, the device does not have power. If a SmartPath AP is getting power through PoE from the switch or from a power injector, make sure that the PSE is configured and cabled correctly. If a SmartPath AP is powered from an AC OUTLETMAKESURETHATTHEPOWERCABLEISFIRMLYATTACHEDTOTHEPOWERCONNECTORTHE!#$#POWERADAPTERANDTHEOUTLETs!RETHETWOPORTALS3MART0ATH!0AND3MART0ATH!0CONNECTEDTOTHE%THERNETNETWORK When the devices are properly connected, the ETH0 status LED on the SmartPath AP (LWN602HA) pulses green to indicate a -BPSLINKORAMBERFORA-BPSLINK)FTHE%4(ISDARKMAKESURETHATBOTHENDSOFTHE%THERNETCABLEAREfully seated in the SmartPath AP and switch ports. If the ETH0 status LED is still dark, try a different cable.s$IDTHE3MART0ATH!0SRECEIVENETWORKSETTINGSFROMA$(#0SERVER!TAMINIMUMEACH3MART0ATH!0NEEDSTORECEIVEAN)0ADDRESSNETMASKANDDEFAULTGATEWAYINTHESAMESUBNETAS3MART0ATH%-36-!4OCHECKTHEIRSETTINGSMAKEAPHYSICALORvirtual console connection to the SmartPath APs,* and do the following: To check the IP address, netmask, and default gateway of the mgt0 interface on a SmartPath AP, enter show interface mgt0, and look at the settings displayed in the output.* To make a physical console connection, connect a console cable to the SmartPath AP as explained in Chapter 5 (the SmartPath AP platform chapter). A virtual access console is an SSID that the SmartPath AP automatically makes available for administrative access when it does not yet have a configuration and cannot reach its default gateway. By default, the SSID name is “<host-name>_ac”. Form a wireless association with the SmartPath AP through this SSID, check the IP address of the default gateway that the SmartPath AP assigns to your wireless client, and then make an SSH or Telnet connection to the SmartPath AP at that IP address. When you first connect, the Initial CLI Configuration Wizard appears. Because you do need to configure all the settings presented in the wizard, enter N to cancel it. When prompted to log in, enter the default admin name: BB-(last six digits of MAC address) (for example, BB-123456) and password: blackbox. For SmartPath APs set with "world" as the region code, enter the boot-param country-code number command. For number, enter the country code for the location where you intend to deploy the SmartPath AP. For a list of country codes, see Appendix: Country Codes. A mesh point must first establish a wireless link to a portal over their backhaul interfaces before it can contact a DHCP server. To see that the mesh point (SmartPath AP3) has successfully formed a link with a portal using the default cluster "cluster0", enter show cluster cluster0 neighbor and check the Cstate column. If at least one other SmartPath AP is listed as a neighbor and its cluster state is Auth, the mesh point has successfully formed a link and can access the network. If the cluster state is anything else, it might still be in the process of forming a link. The following are the various cluster states: Disv (Discover)—Another SmartPath AP has been discovered, but there is a mismatch with its cluster ID. Neibor (Neighbor)—Another SmartPath AP has been discovered whose cluster ID matches, but it has not yet been authenticated. CandPr (Candidate Peer)—The cluster ID on a discovered SmartPath AP matches, and it can accept more neighbors. AssocPd (Association Pending)—A SmartPath AP is on the same backhaul channel, and an association process in progress. Assocd (Associated) —A SmartPath AP has associated with the local SmartPath AP and can now start the authentication process. Auth (Authenticated)—The SmartPath AP has been authenticated and can now exchange data traffic. You can also check the presence of cluster neighbors by viewing the entries listed in the Supplicant column for the wifi1.1 interface in the output of the show auth command.

724-746-5500 | blackbox.com Page 95Chapter 8: Basic Configuration Examples If the SmartPath AP does not have any network settings, check that it can reach the DHCP server. To check if a DHCP server is accessible, enter interface mgt0 dhcp-probe vlan-range <number1> <number2>, in which <number1> and NUMBERINDICATETHERANGEOF6,!.)$SONWHICHYOUWANTTHE3MART0ATH!0TOPROBEFOR$(#0SERVERS4HERESULTSof this probe indicate if a DHCP server is present and has responded. If the probe succeeds, check the DHCP server for MAC address filters or any other settings that might interfere with delivery of network settings to the SmartPath AP.s!RETHE3MART0ATH!0SINTHESAMESUBNETAS3MART0ATH%-36-!3MART0ATH!0SMUSTBEINTHESAMESUBNETANDTHESAME6,!.AS3MART0ATH%-36-!FORTHEIRBROADCAST#!07!0$ISCOVERYMESSAGESTOREACHIT)FYOUCANMOVETHE3MART0ATH!0SOR3MART0ATH%-36-!SOTHATTHEYAREALLINTHESAMESUBNETDOSO)FTHEYMUSTBEINDIFFERENTSUBNETSFROMEACHOTHERITISSTILLPOSSIBLEFORTHE3MART0ATH!0STOCONTACT3MART0ATH%-36-!but not by broadcasting CAPWAP messages. For a list of other connection options, see "How SmartPath APs Connect to 3MART0ATH%-36-!ONTHENEXTPAGEs#ANTHE3MART0ATH!0SPINGTHE)0ADDRESSOFTHE3MART0ATH%-36-!-'4INTERFACE Enter the ping <ip_addr> command on the SmartPath AP, where the variable <ip_addr> is the IP address of the SmartPath EMS 6-!-'4INTERFACE)FITDOESNOTELICITANY)#-0ECHOREPLIESFROM3MART0ATH%-36-!MAKESURETHAT3MART0ATH%-36-!is connected to the network through its MGT interface, not its LAN interface, and that the IP address settings for the MGT INTERFACEAREACCURATESEE30!DMIN3MART0ATH%-36-!3ETTINGS)NTERFACE3ETTINGSINTHE3MART0ATH%-36-!'5)s7HATISTHESTATUSOFTHE#!07!0CLIENTRUNNINGONTHE3MART0ATH!0 To check the CAPWAP status of a SmartPath AP, enter the show capwap client command. Compare the "RUN state" with the CAPWAP states explained in Figure 8-5. Check that the SmartPath AP has an IP address for itself and the correct address for 3MART0ATH%-36-!)FFORSOMEREASONTHE3MART0ATH!0DOESNOTHAVETHECORRECTADDRESSFOR3MART0ATH%-36-!YOUcan set it manually by entering the capwap client server name <ip_addr> command, in which <ip_addr> is the SmartPath EMS 6-!-'4INTERFACE)0ADDRESS7HEN3MART0ATH!0SHAVECONTACTED3MART0ATH%-36-!THEYAPPEARINTHE-ONITOR!CCESS0OINTS3MART0ATH!0SPAGEASshown in Figure 8-8.Audit icons: Green square + red triangle: The configuration on a SmartPath AP does not match that on the 3MART0ATH%-36-!Two green squares: they match.CAPWAP connection and security icons:Green linked chain/red unlinked chain: The SmartPath AP is connected or disconnected. Green locked padlock/red unlocked padlock: Connection is secured through DTLS or not. You can customize the table contents by clicking the Edit Table icon. You can add more columns (radio channels and power, for example), remove columns, and reorder them.The host names have been changed to match those in the example. "YDEFAULTTHEHOSTNAMEIS""the last six bytes of its MAC address. (Example: BB-0E5580)The AP type for SmartPath AP1 and SmartPath AP2 is “Portal.” They have Ethernet connections to the network. SmartPath AP3 is the “Mesh Point.” It connects to the network through a portal.Figure 8-8. Monitor > Access Points > SmartPath APs (view mode: Monitor).

$724-746-5500 | blackbox.com Page 96Chapter 8: Basic Configuration ExamplesNOTE: If you see a different group of SmartPath AP settings, make sure that Monitor is selected as the view mode at the top of the SmartPath APs page. The GUI provides two view modes for SmartPath APs, one that focuses on monitoring SmartPath APs (Monitor) and another that focuses on configuring them (Config).How SmartPath APs Connect to SmartPath EMS VMASmartPath APs and SmartPath EMS communicate with one another through CAPWAP (Control and Provisioning of Wireless Access Points). SmartPath APs act as CAPWAP clients and SmartPath EMS acts as a CAPWAP server. SmartPath APs can form a CAPWAP connection with SmartPath EMS in any of the following ways:s7HEN3MART0ATH!0SAREINTHESAMELAYERBROADCASTDOMAINASA3MART0ATH%-3APPLIANCEOR3MART0ATH%-36-!6IRTUALAppliance, the SmartPath APs broadcast CAPWAP Discovery Request messages to discover SmartPath EMS and establish a secure connection with it automatically.s)FTHEREISNO3MART0ATH%-36-!INTHESAMEBROADCASTDOMAINBUTTHE3MART0ATH!0SCANREACHTHE3MART0ATH%-3/NLINEredirector—and serial number entries for the SmartPath APs have already been added to the SmartPath EMS Online ACL (access control list)—then they can form secure CAPWAP connections with the redirector (redirection server). From there, an adminis-TRATORCANASSIGNTHECONNECTED3MART0ATH!0STOA3MART0ATH%-36-!VIRTUALMANAGEMENTAPPLIANCEATTHECLUSTERSITEORTOA3MART0ATH%-36-!APPLIANCEVIRTUALOROTHERWISEATANOTHERSITEs&INALLY3MART0ATH!0SANDALOCAL3MART0ATH%-36-!MIGHTBEINDIFFERENTSUBNETSANDTHE3MART0ATH!0SEITHERCANNOTreach SmartPath EMS Online or they can but they are not listed in the ACL (perhaps because they are not included in any SmartPath EMS Online account). In this case, the SmartPath APs cannot discover SmartPath EMS by broadcasting CAPWAP Discovery Request messages, nor can they reach the redirector. So that the SmartPath APS can form a CAPWAP connection to 3MART0ATH%-3YOUCANUSEONEOFTHEFOLLOWINGMETHODSTOCONFIGURETHEMWITHTHE3MART0ATH%-36-!DOMAINNAMEORIP address or configure them so that they can learn it through DHCP or DNS settings. When SmartPath APs have the IP address of the CAPWAP server, they then send unicast CAPWAP Discovery Request messages to that address.s,OGINTOTHE#,)ONTHE3MART0ATH!0ANDENTERTHE)0ADDRESSORDOMAINNAMEOFTHE#!07!0SERVER capwap client server name <string>s#ONFIGURETHE$(#0SERVERTOSUPPLYTHE3MART0ATH%-36-!DOMAINNAMEAS$(#0OPTIONORITS)0ADDRESSASOPTION226 in its DHCPOFFER. (If you use a domain name, the authoritative DNS server for that domain must also be configured with AN!RECORDTHATMAPSTHEDOMAINNAMETOTHE3MART0ATH%-36-!)0ADDRESS!3MART0ATH!0REQUESTSOPTIONSANDBYDEFAULTWHENITBROADCASTS$(#0$)3#/6%2AND$(#02%15%34MESSAGESNOTE: If you need to change the DHCP option number (perhaps because another custom option with that number is already in use on the DHCP server), enter this command with a different option number: interface mgt0 dhcp client option custom clustermanager <number> { ip | string }s)F3MART0ATH%-36-!CONTINUESTOUSEITSDEFAULTDOMAINNAMEhSMARTPATHEMSVMAvPLUSTHENAMEOFTHELOCALDOMAINTOwhich it and the SmartPath APs belong, configure an authoritative DNS server with an A record that resolves "clustermanager.<local_domain>" to an IP address. If a SmartPath AP does not have an IP address or domain name configured for the CAPWAP server and does not receive an address or a domain name returned in a DHCP option, then it tries to resolve the domain name to an IP address.)FYOUAREUSING3MART0ATH%-3/NLINEINSTEADOFAPHYSICAL3MART0ATH%-36-!APPLIANCEOR3MART0ATH%-36-!6IRTUALAppliance and the SmartPath APs go on-line for the first time without any specific CAPWAP server configuration entered manual-ly or received as a DHCP option, they progress through the following cycle of CAPWAP connection attempts. First, they try to connect with a CAPWAP server at clustermanager.<local_domain>. If that is unsuccessful, they next try to elicit a response from the broadcast of CAPWAP Discovery messages on their local subnet. If neither of these efforts produces a response, they try to connect to SmartPath EMS Online, first using the CAPWAP UDP port 12222 and then using CAPWAP over the HTTP TCP port of 80. This cycle is shown in Figure 8-9.$

Black Box LWN602WA 802.11abg Access Point User Manual LWN602A user rev4 v4 1r5

Black Box Corporation 802.11abg Access Point LWN602A user rev4 v4 1r5

Contents

User Manual

Navigation menu

Namespaces

Views

Navigation