Edimax Technology Co 9574291705 AC1300 Outdoor AP User Manual EW 7429HOB Part 1 Rev 1
Edimax Technology Co Ltd AC1300 Outdoor AP EW 7429HOB Part 1 Rev 1
Contents
EW-7429HOB User Manual Part 1 Rev 1
EW‐74 429H HOB U Manu User M ual 03 3‐2018 / v1.0 CONTENTS CONTENTS ....................................................................................... 2 OVERVIEW....................................................................................... 5 Product Information ................................................................... 6 I‐1 Package Contents ............................................................................. 6 I‐2 System Requirements ...................................................................... 7 I‐3 Hardware Overview ......................................................................... 7 I‐4 LED Status ......................................................................................... 8 I‐5 Reset ................................................................................................. 9 II Quick Setup & Mode Selection .................................................. 10 II‐1 Default Mode: Access Point Mode ................................................ 10 II‐2 Repeater Mode .............................................................................. 13 II‐3 Client Bridge Mode ........................................................................ 16 II‐4 Managed AP Mode ........................................................................ 19 II‐5 Basic Settings ................................................................................. 21 II‐6 Wi‐Fi Protected Setup (WPS) ......................................................... 26 III Hardware Installation .............................................................. 27 III‐1 Antenna .......................................................................................... 27 III‐2 Powering on the Access Point Outdoor ........................................ 28 III‐3 Mounting ........................................................................................ 30 IV Browser Based Configuration Interface .................................... 32 IV‐1 Information .................................................................................... 34 IV‐1‐1 IV‐1‐2 IV‐1‐3 IV‐1‐4 IV‐1‐5 IV‐2 Network Settings ........................................................................... 42 IV‐2‐1 IV‐2‐2 IV‐2‐3 IV‐2‐4 IV‐2‐5 IV‐3 System Information ............................................................................... 34 Wireless Clients ..................................................................................... 37 Wireless Monitor ................................................................................... 38 DHCP Clients .......................................................................................... 39 Log .......................................................................................................... 40 LAN‐Side IP Address .............................................................................. 42 LAN Port ................................................................................................. 44 IGMP Snooping ...................................................................................... 45 STP Management................................................................................... 46 VLAN ...................................................................................................... 47 Wireless Settings ............................................................................ 48 IV‐3‐1 2.4GHz 11bgn ......................................................................................... 48 IV‐3‐1‐1 Basic ............................................................................................................. 49 IV‐3‐1‐2 Advanced ..................................................................................................... 51 IV‐3‐1‐3 Security ........................................................................................................ 53 IV‐3‐1‐3‐1 No Authentication / Additional Authentication ................................54 IV‐3‐1‐3‐2 WEP...................................................................................................... 56 IV‐3‐1‐3‐3 IEEE802.1x/EAP ................................................................................... 56 IV‐3‐1‐3‐4 WPA‐PSK .............................................................................................. 57 IV‐3‐1‐3‐5 WPA‐EAP .............................................................................................. 58 IV‐3‐1‐4 WDS ............................................................................................................. 59 IV‐3‐1‐5 Guest Network ............................................................................................ 61 IV‐3‐2 5GHz 11ac 11an ..................................................................................... 62 IV‐3‐2‐1 IV‐3‐2‐2 IV‐3‐2‐3 IV‐3‐2‐4 IV‐3‐2‐5 Basic ............................................................................................................. 63 Advanced ..................................................................................................... 65 Security ........................................................................................................ 67 WDS ............................................................................................................. 69 Guest Network ............................................................................................ 71 IV‐3‐3 WPS ........................................................................................................ 72 IV‐3‐4 RADIUS ................................................................................................... 74 IV‐3‐4‐1 IV‐3‐4‐2 IV‐3‐4‐3 IV‐3‐5 IV‐3‐6 IV‐3‐7 IV‐3‐8 RADIUS Settings .......................................................................................... 75 Internal Server ............................................................................................. 77 RADIUS Accounts ........................................................................................ 79 MAC Filter .............................................................................................. 81 WMM ..................................................................................................... 83 Schedule................................................................................................. 85 Traffic Shaping ....................................................................................... 87 IV‐3‐9 Bandsteering .......................................................................................... 89 IV‐4 Management .................................................................................. 90 IV‐4‐1 IV‐4‐2 IV‐4‐3 IV‐4‐4 IV‐4‐5 IV‐5 Advanced ........................................................................................ 98 IV‐5‐1 IV‐5‐2 IV‐5‐3 IV‐5‐4 IV‐5‐5 IV‐6 Admin..................................................................................................... 90 Date and Time ....................................................................................... 93 Syslog Server .......................................................................................... 95 Ping Test................................................................................................. 96 I’m Here ................................................................................................. 97 LED Settings ........................................................................................... 98 Update Firmware ................................................................................... 99 Save / Restore Settings ....................................................................... 101 Factory Default .................................................................................... 102 Reboot ................................................................................................. 103 Operation Mode........................................................................... 104 V Appendix ................................................................................ 105 V‐1 Configuring your IP address ......................................................... 105 V‐1‐1 V‐1‐2 V‐1‐3 V‐1‐4 V‐1‐5 V‐2 Windows XP ......................................................................................... 106 Windows Vista ..................................................................................... 108 Windows 7 ........................................................................................... 110 Windows 8 ........................................................................................... 114 Mac ...................................................................................................... 118 Setting AP via ManageEngine MibBrowser with SNMPv3 ‐ Example .................................................................................................... 120 V‐2‐1 V‐2‐2 V‐2‐3 Setting in Web ..................................................................................... 120 Setting Rule.......................................................................................... 121 Setting in ManageEngine MibBrowser ............................................... 121 VI Best Practice ........................................................................... 125 VI‐1 How to Create and Link WLAN & Access Point Groups .............. 125 VI‐1‐1 Create WLAN Group ............................................................................ 125 VI‐1‐2 Create Access Point Group .................................................................. 128 VI‐1‐3 Assign Access Point Group to use the SSID group settings................. 130 OVERVIEW Your device can function in four different modes. AP Mode is a regular access point for use in your wireless network. This is the default mode of the access point. Repeater Mode is a wireless repeater (also called wireless range extender) that takes an existing signal from a wireless router or wireless access point and rebroadcasts it to create a second network. Managed AP Mode acts as a “slave” AP within an AP array (controlled by the AP Controller “master”). Client Bridge Mode determines the device to be a client bridge. The client bridge receives wireless signal and provides it to devices connected to the bridge via Ethernet cable. I Product Information I‐1 Package Contents 1. 2. 3. 4. EW‐7429HOB Access Point Wall Mount Screw Template Wall Mount Screw Set CD 5. 6. 7. 8. Quick Installation Guide Ethernet Cable Pole Mount Strap x2 Antenna x2 I‐2 System Requirements ‐ Existing cable/DSL modem, PoE Switch & router ‐ Computer with web browser for access point configuration I‐3 Hardware Overview Ports and Button LAN 1 POE‐IN LAN 2 POE‐OUT Reset LAN port with Power over Ethernet (PoE) IN LAN port with PoE OUT Reset Button I‐4 LEED Statu us LED 5G (WLAN N) 2.4G N) (WLAN LAN (PSSE) LAN (PD) Statuss Power LEED Statuss On Off On Off On Flashing Off On Flashing Off On Off On Flashing Off Description Wireleess enabled. Wireleess disabled. Wireleess enabled. Wireleess disabled. LAN po ort conne ected. Activitty (transm mitting and receivving). LAN po ort not connected d. LAN po ort conne ected. Activitty (transm mitting and receivving). LAN po ort not connected d. Accesss point bo ooting up. No occcurred errror. The acccess point is on. Upgrad ding firm mware. The acccess point is off. I‐5 Re eset s with yo our accesss point, you y can reset the e device If you expeerience problems baack to itss factory settings.. This ressets all se ettings baack to deefault. 1. Press and ho old the reset buttton on th he accesss point fo or at leasst 10 onds theen releasee the buttton. seco You may need Yo to use a pin or o similarr sharp ob bject to p push the reset button. 2. Wait for thee access point to restart. The T access point is ready for setup ower LED D is turneed on. wheen the Po III Qu uick Seetup & Modee Selecction he unit caan functiion as a standalo ne accesss point (AP Mode), as a repeater Th (R Repeaterr Mode), as part of o an AP array (M Managed AP Mode), or as a client brridge (Cliient Bridge Mode e). Fo ollow thee default mode stteps belo ow and se elect thee desired operatio on modee. II‐‐1 1. De efault Mode: Access Point Mo ode Set your com mputer’ss IP addreess to 19 92.168.2.x where x is a nu umber in the range 3 – 100. Iff you are unsure how h to do d this, please reffer to V‐1 Con nfiguring g your IP address for more e information. Pllease enssure theree are no other acttive netw work conn nections on o your co omputer by disablling Wi‐FFi and oth her Ethern net conneections. 2. Wirre an Ethernet cable to the LAN 1 (PoE‐In) port of tthe accesss point and d the PoEE switch to t powerr up the access po oint. LAN 1 (PoE‐In n) Port 3. Pleaase wait a moment for the device to start up. The device iss ready wheen the Po ower LED D is turneed on. 4. Con nnect a computerr to the switch ussing an Etthernet ccable. 10 5. Enter the device’s default IP address 192.168.2.2 into the URL bar of a web browser. 6. You will be prompted for a username and password. Enter the default username “admin” and the default password “1234”. 7. “System Information” home screen will be shown: 11 8. By default, t devicce is in AP Mode. the Iff you do not n wish to t changee the opeeration mode, swiitch your computeer back to dyynamic IP P address now. 9. If yo ou wish to t change to a diffferent operation n mode, ggo to “Operation Mode” tab to t select the desired operration mo ode. Follow the steps in ng section ns to chaange the operatio on mode. the followin 12 II‐2 Repeater Mode From the default mode above, 1. Select Repeater Mode from the operation mode drop down menu: 2. Press “Apply” and wait for the device to reboot into Repeater Mode: 3. When system page is displayed, go to Wireless Settings Æ Wireless Extender. 13 4. Click Scan to search for and display available SSIDs 5. Click the circle icon to connect to an available source SSID. SSIDs can be configured independently for each frequency 2.4GHz & 5GHz. 14 6. Editt the new w extended SSID accordin g to your prefereence and enter th he secu urity dettails for the sourcce SSID (e e.g. Pre‐sshared K Key). Clickk “Conneect” to proceed. Wait for thee configuration to o take efffect: 7. Thee device (now in Repeater r Mode) will w estab blish a co onnection to the source SSID and repeat the extended d SSID. Th he devicee will beccome a CP client of the ro outer/root AP. Sw witch you ur compu uter backk to DHC dyn namic IP address. 8. To access th he web user interrface, che eck your router/rroot AP’ss settingss to determin ne the deevice’s neew IP add dress. Enter the n new IP ad ddress into the browserr for the web useer interface. Iff you wish h to switcch the op peration mode, pleease reset the devvice to fa actory def efault (via a web useer interfa ace or harrdware reeset). 15 II‐3 Client Bridge Mode From the default mode above, 1. Select Client Bridge Mode from the operation mode drop down menu: 2. Press “Apply” and wait for the device to reboot into Client Bridge Mode: 3. When system page is displayed, go to Wireless Settings Æ Wireless Extender. 16 4. Click Scan to search for and display available SSIDs 5. Click the circle icon to connect to an available source SSID. SSIDs can be configured independently for each frequency 2.4GHz & 5GHz. 17 6. Editt according to your preferrence and enter the t securrity details for thee source SSID (e.g. Pree‐shared Key). Click “Conn nect” to p proceed.. Wait for thee configuration to o take efffect: 7. Thee device (now in Client Briidge Mod de) will receive w wireless signal and provides it to t devicees conneccted to the bridgee via Ethernet cable. The a DHCP client of the t routeer/root A AP. Switcch your devvice will become com mputer back to dyynamic IP P address. 8. To access th he web user interrface, che eck your router/rroot AP’ss settingss to determin ne the deevice’s neew IP add dress. Enter the n new IP ad ddress into the browserr for the web useer interface. Iff you wish h to switcch the op peration mode, pleease reset the devvice to fa actory def efault (via a web useer interfa ace or harrdware reeset). 18 II‐‐4 Managed d AP Mo ode d by an AP A Contro oller Sccenario: The Unitt being managed he accesss point caan be part of an AP A Arrayy by switcching to ““Manage ed AP Th Mode”. n AP Arraay is a grroup of access points centtrally managed byy an AP Controlle er, An where it can monittor, conffigure and managge all Managed AP Ps. An n overvieew of thee system is shown n below: By defaultt, the acceess pointt will auto omaticallly switch mode if an a AP Co Controller r is presen nt in the network. 19 To o manually changge to “Maanaged AP A Mode e”: En nsure you u have th he latest firmware e from thee Edimaxx website for your Ed dimax Prro produccts. 1. Con nnect an AP Controller to the switch currently conn nected to o the acceess pointt and com mputer. 2. From the deefault mo ode abovve, selectt Manageed AP Mo ode from m the dro op down menu: opeeration mode 3. Press “Applyy” and wait w for th he device e to rebo oot into M Managed d AP Mode: W for a few min Wait nutes for the settings to syync. 20 II‐‐5 Baasic Setttings he accesss point arre: Baasic settings of th ‐ LAN IP Address; ; and ; and ‐ 2.4GHzz & 5GHz SSID & Security; ‐ Adminiistrator Name & Passworrd; and ‐ Time & Date Itt is recom mmended that thesse setting gs are con nfigured before ussing the access poiint. Wheneverr a new setting is applied to the acccess poiint, the w webpage e will reeload, as shown below: In nstruction ns below w will help p you configure these settings: Ch hanging IP Address: 1. Go to “Netw work Setttings” > “LAN‐sid de IP Add dress” fo or the scrreen belo ow: 21 2. Enteer the IP address settingss you wish to use for yourr access point. You can use a dyynamic (D DHCP) orr static IP P addresss, depend ding on your netw work envvironmen nt. Click “Apply” to save the t changges and wait w a feew moments fo or the acccess poin nt to relo oad. When you u change your acceess point’’s IP addrress, you need to use u the new IP add dress to access the browseer based configura ation inteerface nstead off the defa ault IP 192 2.168.2.2 2. in hanging SSID for 2.4GHz wireless network Ch 1. 2. Go to “Wire eless Setttings” > “2.4GHz “ 11bgn” > “Basic””. Enteer the neew SSID for f your 2.4GHz wireless network in the “SSSID1” field d and clicck “Applyy”. To utilize multiple 2.4GHz SSSIDs, opeen the dro op down menu lab belled “EEnable SSSID number” and select how w many SSIDs you u require. Then en nter a neew SSID in n the corrrespondin ng numbeered field ds below, before cllicking “A Apply”. 22 Co onfigurin ng Securitty Settings of 2.4 4GHz wire eless nettwork 1. 2. Go to “Wire eless Setttings” > “2.4GHz “ 11bgn” > “Securrity”. Seleect an “A Authenticcation Method”, enter or select fieelds whe ere app propriatee, and clicck “Applyy”. Iff multiplee SSIDs arre used, specify wh hich SSID D to config gure usin ng the “SSSID” dro op down menu. 23 Changing SSID and Configuring Security Setting for 5GHz wireless network Follow the steps outlined in “Changing SSID for 2.4GHz wireless network” and “Configuring Security Setting for 2.4GHz wireless network” but choose the 5GHz option instead. Changing Admin Name and Password 1. Go to “Management” > “Admin” as shown below: 2. Complete the “Administrator Name” and “Administrator Password” fields and click “Apply”. 24 Ch hanging Date and d Time 1. Go to “Management” > “Datte and Time”. 2. Set the correct time and time zone fo or your access po oint usingg the dro op wn menu us. The acccess poiint also supports NTP (Neetwork Time dow Protocol) so o, alternaatively, yo ou can enter the host nam me or IP address of me serveer. Click “Apply” “ when you u are finiished. a tim You can usse the “Acquire Cu Yo urrent Tim me from your PC” button iff you wish to o set the access po oint to th he same time as yo our PC. Th he basic settings of your access po oint are now n conffigured. Please re efer to IIII Haardware e Installattion for guidance e on conn necting your acceess point to a PoEE sw witch. 25 II‐6 Wi‐Fi Protected Setup (WPS) Wi‐Fi Protected Setup is a simple way to establish connections between WPS compatible devices. You can use the WPS button or the configuration webpage activate the access point’s WPS function. 1. Go to “Wireless Settings” > “WPS” on your configuration webpage. 2. Check the checkbox of “Enable” and click “Apply”. 3. On the “Push‐button WPS” line, click “Start” to activate WPS on the AP for approximately 2 minutes. (For more information on “WPS by PIN”, please refer to IV‐3‐3 WPS). 4. Within two minutes, activate WPS on your WPS‐compatible wireless device. Please check the documentation of your wireless device for information regarding its WPS function. 5. The devices will establish a connection. 26 III Hardware Installation After finishing the above setup processes, you may relocate the access point to the desired location. III‐1 Antenna The antennae must be screwed onto the access point. Please screw both antennae on clock‐wise onto the SMA connectors as demonstrated below: SMA Connectors 27 III‐2 1. Powering on the Access Point Outdoor Remove the cap from the underside of the access point by 1) pulling the hook upwards, and 2) pulling the cap downward, as shown below: Removed Underside Cap 2. Wire an Ethernet cable to the LAN 1 (PoE‐In) port of the access point and the PoE switch to power up the access point. LAN 1 (PoE‐In) Port 3. The access point will be powered by the PoE switch. Connect another Ethernet cable to LAN 2 where necessary. 4. Replace the cap and allow the cable(s) to rest in the arch(es) of the cap. 28 5. Let the hook click with the access point and make sure it does not come off easily. The cap serves as a rain‐proof design suitable for use in the open. Click 29 III‐3 Mounting After powering up the access point, mount it according to the desired mounting options: Wall or Pole Mount Wall Mount Attach the mount and access point to a wall using the included wall mount template and wall mount screw sets. 30 Pole Mount Fix the mount and access point to a pole using the included pole mount straps. 31 IV Bro owser Based d Confi figurattion Intterfacee So ome funcctions of the t brow wser based d configu uration in nterface are di disabled fo or differeent modee settings,, please refer to th he section ns ap pplicablee for yourr desired mode. Th he browsser‐based d configu uration in nterface enables you to configure e the deevice’s ad dvanced featuress. The EW W‐7429HOB featu ures a ran nge of ad dvanced fu unctions such as MAC M filteering, MA AC RADIU US autheentication n, VLAN co onfigurattions, up to 32 SSSIDs and many mo ore. To access thee browse er based co onfigurattion interrface: 1. Con nnect a computerr to your access point usin ng an Eth hernet caable. 2. Enteer your access po oint’s IP address in i the UR RL bar of a web browser. Thee access point’s default IP address is 192.168.2.2. 3. You u will be prompte ed for a username e and passsword. TThe defaault username iss “admin” and thee defaultt passwo ord is “12 234”, though it waas ommend ded that you y chan nge the password d during setup (se ee II‐5 reco Bassic Settings). Iff you cann not remeember you ur passw word, reseet the acceess pointt back to its fa actory def efault setttings. Reffer to 0 Reset 32 4 4. You u will arrive at thee “System m Inform mation” sccreen sho own belo ow. 5. Usee the men nu across the top p and dow wn the leeft side to navigate. 6. Where applicable, cllick “App ply” to saave changges and rreload th he accesss poin nt, or “Caancel” to o cancel changes. Pllease wa ait a few seconds f the acccess poin for nt to relo oad after you “App ply” ch hanges. A countdo own will be shown n as exem mplified b below. 33 7. Please refer to the following chapters for full descriptions of the browser based configuration interface. 34 IV‐1 IV‐1‐1 Information System Information “System Information” page displays basic system information. 35 System Model Product Name Uptime System Time Boot From Firmware Version MAC Address Management VLAN ID IP Address Default Gateway DNS DHCP Server Displays the model number of the access point. Displays the product name for reference, which consists of “AP” plus the MAC address. Displays the total time since the device was turned on. Displays the system time. Displays information for the booted hardware, booted from internal memory. Displays the firmware version. Displays the access point’s MAC address. Displays the management VLAN ID. Displays the IP address of this device. Click “Refresh” to update this value. Displays the IP address of the default gateway. IP address of DNS (Domain Name Server) IP address of DHCP Server. Wired LAN Port Settings Specifies which LAN port (1 or 2). Wired LAN Port Status Displays the status of the specified LAN port (connected or disconnected). VLAN Mode/ID Displays the VLAN mode (tagged or untagged) and VLAN ID for the specified LAN port. See IV‐2‐5 VLAN. Wireless 2.4GHz (5GHz) Status Displays the status of the 2.4GHz or 5GHz wireless (enabled or disabled). MAC Address Displays the access point’s MAC address. Channel Displays the channel number the specified wireless frequency is using for broadcast. Transmit Displays the wireless radio transmit power level as a Power percentage. RSSI Received Signal Strength Indicator (RSSI) is a measurement of the power present in a received radio signal. 36 Wireless 2.4GHZ (5GHz) / SSID SSID Displays the SSID name(s) for the specified frequency. Authentication Displays the authentication method for the specified SSID. Method See IV‐3 Wireless Settings. Displays the encryption type for the specified SSID. See IV‐3 Encryption Type Wireless Settings. VLAN ID Displays the VLAN ID for the specified SSID. See IV‐2‐5 VLAN. Displays the additional authentication type for the specified Additional Authentication SSID. See IV‐3 Wireless Settings. Wireless Client Displays whether wireless client isolation is in use for the Isolation specified SSID. See IV‐2‐5 VLAN. Wireless 2.4GHZ (5GHz) / WDS Status MAC Address Displays the peer access point’s MAC address. Encryption Displays the encryption type for the specified WDS. See Type IV‐3‐1‐4 WDS. VLAN Mode/ID Displays the VLAN ID for the specified WDS. See IV‐3‐1‐4 WDS. Select “Refresh” to refresh all information. 37 IV‐1‐2 Wireless Clients “Wireless Clients” page displays information about all wireless clients connected to the device on the 2.4GHz or 5GHz frequency. Refresh time Auto Refresh Time Manual Refresh Select a time interval for the client table list to automatically refresh. Click refresh to manually refresh the client table. 2.4GHz (5GHz) WLAN Client Table SSID Displays the SSID which the client is connected to. MAC Address Displays the MAC address of the client. Tx Displays the total data packets transmitted by the specified client. Rx Displays the total data packets received by the specified client. Signal (%) Displays the wireless signal strength for the specified client. Connected Displays the total time the wireless client has been Time connected to the access point. Idle Time Client idle time is the time for which the client has not transmitted any data packets i.e. is idle. Vendor The vendor of the client’s wireless adapter is displayed here. 38 IV‐1‐3 Wireless Monitor “Wireless Monitor” is a tool built into the device to scan and monitor the surrounding wireless environment. Select a frequency and click “Scan” to display a list of all SSIDs within range along with relevant details for each SSID. Wireless Monitor Site Survey Select which frequency (or both) to scan, and click “Scan” to begin. Channel After a scan is complete, click “Export” to save the results to Survey Result local storage. Site Survey Results Ch Displays the channel number used by the specified SSID. SSID Displays the SSID identified by the scan. MAC Address Displays the MAC address of the wireless router/access point for the specified SSID. Security Displays the authentication/encryption type of the specified SSID. Signal (%) Displays the current signal strength of the SSID. Type Displays the 802.11 wireless networking standard(s) of the specified SSID. Vendor Displays the vendor of the wireless router/access point for the specified SSID. 39 IV‐1‐4 DHCP Clients “DHCP Clients” shows information of DHCP leased clients. 40 IV V‐1‐5 Log og” displaays systeem operaation info ormation n such as up time and “SSystem lo co onnection processses. Thiss informaation is useful forr networkk adminisstrators. Older entrries will be b overwrritten when the lo og is full Saave Cllear Re efresh Click to saave the log as a fiile on your local compute er. Clear all log entrie es. Refresh the current log. he follow wing inforrmation//events are a recorrded by the log: Th USB ount Mountt & unmo Wirele ess Clientt Connected & disconnec cted Key exxchange success & fail Authentication Authen ntication n fail or su uccessful. Association Successs or fail WPS M messa ages M1 ‐ M8 WPS su uccess 41 Change Settings System Boot Displays current model name NTP Client Wired Link LAN Port link status and speed status Proxy ARP Proxy ARP module start & stop Bridge Bridge start & stop. SNMP SNMP server start & stop. HTTP HTTP start & stop. HTTPS HTTPS start & stop. SSH SSH‐client server start & stop. Telnet Telnet‐client server start or stop. WLAN (2.4G) WLAN (2.4G] channel status and country/region status WLAN (5G) WLAN (5G) channel status and country/region status 42 IV V‐2 IV V‐2‐1 Ne etwork Settinggs LAN‐‐Side IP Addresss “LLAN‐side IP addreess” pagee allows you y to co onfigure your acccess point on your Lo ocal Areaa Networrk (LAN). You can enable the t accesss point tto dynam mically reeceive an n IP addreess from your rou uter’s DH HCP serveer or you u can spe ecify a static IP ad ddress fo or your access point, as well w as con nfigure D DNS servers. Th accesss point’s default The IP P addresss is 192.168.2.2. LA AN‐side IP Addresss IP P Addresss o be assigned a Seelect “DHCP Client” for your access point to Asssignmen nt dyynamic IP P addresss from yo our routeer’s DHCP P server. Seelect “Staatic IP” to o manuallly speciffy a staticc/fixed IP P addresss for your acccess point (below w). our accesss point tto assign a Seelect “DHCP Serveer” for yo dyynamic IP P addresss to your PC. You will havee to set a Primaryy DN NS addreess and a Secondaary DNS address. For exam mple, Go oogle’s Primary DNS D address is 8.8 8.4.4 and d Secondary DNS ad ddress is 8.8.8.8. 43 IP Address Subnet Mask Default Gateway Specify the IP address here. This IP address will be assigned to your access point and will replace the default IP address. Specify a subnet mask. The default value is 255.255.255.0 For DHCP users, select “From DHCP” to get default gateway from your DHCP server or “User‐Defined” to enter a gateway manually. For static IP users, the default value is blank. DHCP users can select to get DNS servers’ IP address from DHCP or manually enter a value. For static IP users, the default value is blank. Primary DNS Address DHCP users can select “From DHCP” to get primary DNS server’s IP address from DHCP or “User‐Defined” to manually enter a value. For static IP users, the default value is blank. Secondary DNS Address Users can manually enter a value when DNS server’s primary address is set to “User‐Defined”. Press “Apply” to confirm the settings. 44 IV‐2‐2 LAN Port “LAN Port” page allows you to configure the settings for your access point’s two wired LAN (Ethernet) ports. Wired LAN Port Enable Speed & Duplex Flow Control 802.3az Identifies LAN port 1 or 2. Enable/disable specified LAN port. Select a speed & duplex type for specified LAN port, or use the “Auto” value. LAN ports can operate up to 1000Mbps and full‐duplex enables simultaneous data packets transfer/receive. Enable/disable flow control. Flow control can pause new session request until current data processing is complete, in order to avoid device overloads under heavy traffic. Enable/disable 802.3az. 802.3az is an Energy Efficient Ethernet feature which disables unused interfaces to reduce power usage. Press “Apply” to confirm the settings. 45 IV‐2‐3 IGMP Snooping IGMP snooping is the process of listening to Internet Group Management Protocol (IGMP) network traffic. The feature allows a network switch to listen in on the IGMP conversation between hosts and routers. By listening to these conversations the switch maintains a map of which links IP multicast streams. Multicasts may be filtered from the links which do not need them and thus controls which ports receive specific multicast traffic. This page allows you to enable/disable this feature. Press “Apply” to confirm the settings. 46 IV‐2‐4 STP Management When enabled, STP ensures that you do not create loops when you have redundant paths in your network (as loops are deadly to a network). This page allows you to enable / disable STP management. Press “Apply” to confirm the settings. 47 IV V‐2‐5 VLAN VLAN” (V Virtual Lo ocal Area Networkk) enable es you to o configure VLAN settings. “V A VLAN is a local area netw work whicch maps workstations virttually insstead of hysically and allow ws you to group togetherr or isolate users from eacch other. ph VLAN IDs in i the ran nge 1 – 40 095 are supported d. VLLAN Interface Wired LAN L port 1 or 2 and wireleess SSIDss. Ideentifies LAN Po ort/Wire eless VLLAN Mod de Seelect “Taggged Porrt” or “Un ntagged Port” forr specifie ed LAN intterface. VLLAN ID Seet a VLAN N ID for specified interfacee, if “Unttagged Po ort” is selected. Management VLAN VLLAN ID Sp pecify thee VLAN ID D of the managem ment VLA AN. Onlyy the hostts beelonging to the saame VLAN N can maanage the device. Prress “App ply” to co onfirm th he settings. 48 IV‐3 IV‐3‐1 Wireless Settings 2.4GHz 11bgn The “2.4GHz 11bgn” menu allows you to view and configure information for your access point’s 2.4GHz wireless network across five categories: Basic, Advanced, Security, WDS & Guest Network. 49 IV‐3‐1‐1 Basic The “Basic” screen displays basic settings for your access point’s 2.4GHz Wi‐Fi network (s). Wireless Band Enable SSID Number SSID# VLAN ID Auto Channel Enable or disable the access point’s 2.4GHz wireless radio. When disabled, no 2.4GHz SSIDs will be active. Wireless standard used for the access point. Combinations of 802.11b, 802.11g & 802.11n can be selected. Select how many SSIDs to enable for the 2.4GHz frequency from the drop down menu. A maximum of 16 can be enabled. Enter the SSID name for the specified SSID (up to 16). The SSID can consist of any combination of up to 32 alphanumeric characters. Specify a VLAN ID for each SSID. Enable/disable auto channel selection. Enable: Auto channel selection will automatically set the wireless channel for the access point’s 2.4GHz frequency based on availability and potential interference. Disable: Select a channel manually as shown in the next table. 50 Auto Channel Range Auto Channel Interval Select a range to which auto channel selection can choose from. Select a time interval for how often the auto channel setting will check/reassign the wireless channel. Check/uncheck the “Change channel even if clients are connected” box according to your preference. Channel Select the channel bandwidth: Bandwidth 20MHz (lower performance but less interference); or 40MHz (higher performance but potentially higher interference); or Auto (automatically select based on interference level). BSS Set a Basic Service Set (BSS) rate: this is a series of rates to BasicRateSet control communication frames for wireless clients. When auto channel is disabled, configurable fields will change. Select a wireless channel manually: Channel Channel Bandwidth Select a wireless channel from 1 – 11. Set the channel bandwidth: 20MHz (lower performance but less interference); or 40MHz (higher performance but potentially higher interference); or Auto (automatically select based on interference level). Set a Basic Service Set (BSS) rate: this is a series of rates to BSS BasicRateSet control communication frames for wireless clients. Press “Apply” to apply the configuration, or “Cancel” to forfeit the changes. 51 IV V‐3‐1‐2 Advvanced Th hese setttings are for expeerienced users on nly. Pleasse do nott change any of th he vaalues on this pagee unless you are already familiar w thesse functio with ons. Changing these setttings can Ch n adverseely affect the perfo ormance of your access poiint. Co ontentio on Slot Prreamble Tyype Gu uard In nterval 80 02.11g Prrotection Selecct “Shortt” or “Lon ng” – this value iss used fo or conten ntion wind dows in WMM (seee IV‐3‐6 6 WMM). Set the t wireless radio o preamb ble type. The preaamble tyype in 802.11 based d wirelesss commu unication ns definees the len ngth of th he CRC (Cyclic Redundan ncy Checck) block for comm munication betw ween thee access point and d roaming wirelesss adapte ers. The default valuee is “Shorrt Preamble”. Set the t guard d interval. A shorter interval can im mprove perfo ormancee. ble/disab ble 802.11g prote ection, which incrreases reliability Enab but reduces bandwid dth (clients will seend Requ uest to Se end (RTS) to acccess poiint, and access po oint will broadcas st Clear to t Send (CTS), beforee a packeet is sent from clieent). 52 802.11n Protection Enable/disable 802.11n protection, which increases reliability but reduces bandwidth (clients will send Request to Send (RTS) to access point, and access point will broadcast Clear to Send (CTS), before a packet is sent from client). DTIM Set the DTIM (delivery traffic indication message) period value Period of the wireless radio. The default value is 1. Set the RTS threshold of the wireless radio. The default value is RTS Threshold 2347. Fragment Set the fragment threshold of the wireless radio. The default Threshold value is 2346. Set the transfer rate for multicast packets or use the “Auto” Multicast Rate setting. The range of the transfer rate is between 1Mbps to 54Mbps Tx Power Set the power output of the wireless radio. You may not require 100% output power. Setting a lower power output may enhance security since access to your signal can be potentially prevented from malicious/unknown users in distant areas. Set the beacon interval of the wireless radio. The default value Beacon Interval is 100. Station idle Set the interval for the access point to send keepalive messages timeout to a wireless client to check if the station is still alive/active. Airtime Fairness gives equal amounts of air time (instead of Airtime Fairness equal number of frames) to each client regardless of its theoretical data rate. Set airtime fairness to “Auto”, “Static” or “Disable”. Auto: Share rate is automatically managed. Static: Press “Edit SSID Rate” to manually enter a % for each SSID’s share rate as shown below: The % field must add up to 100% or a message will be displayed: Airtime fairness is disabled if “Disable” is selected. Press “Apply” to apply the configuration, or “Cancel” to forfeit the changes. 53 IV V‐3‐1‐3 Seccurity Th he accesss point provides various security options (wireless data enccryption)). When dataa is encryypted, in nformatio on transm mitted wirelessly cannot be b read by an nyone wh ho does not know w the corrrect enccryption key. Itt is essenttial to con nfigure wireless seecurity in n order to o preventt un nauthorissed accesss to yourr networkk. 54 SSSID Selecction Select a SSID to co onfigure its securrity settin ngs. Brroadcastt SSID Enable orr disable SSID bro oadcast. Enable: th he SSID will w be vissible to clients ass an available Wi‐‐Fi network. Disable: the SSID will w not be b visiblee as an avvailable Wi‐Fi network t clientss – clients must manually to enter the SSID in order to connect. n (disabled) SSID is typicaally more A hidden secure than a visib ble (enab bled) SSID D. Wireless Client Enable orr disable wireless client iso olation. Isolation Wireless client iso olation prrevents clients co onnected d to the access po oint from communicating with eacch other and mproves securityy. Typically, this fu unction is useful for im corporatee environ nments or o public hot spotts and can preven nt brute forcce attackks on clients’ userrnames aand passw words. Lo oad Balancing Load balaancing lim mits the number o wireleess clients of connected to an SSID. Set a load baalancing value (m maximum 100). Au uthentication Select an authentication method from the drop dow wn menu and refer to the appropriaate inform Method mation b below forr your method. IV V‐3‐1‐3‐1 N Authe No enticatio on / Additional Au uthenticcation When “No o Authentication”” is selectted in “A Authenticcation Method”, extra op ptions arre made available e in the next n line: Ad dditional nal authe entication n method d from th he drop Select an addition Au uthentication down menu or sellect “No addition nal autheentication n” for no authenticcation, where no passworrd/key is required d to connect to the acccess poin nt. For other options,, refer to o the info ormation below. “N No additiional autthenticatiion” is no ot recomm mended a as anyonee can co onnect to o your device’s SSIID. 55 Ad dditionall wirelesss authentication methodss can be applied tto all au uthenticaation meethods: WPS mustt be disab bled to usse additio onal auth henticatio on. See IV V‐3‐3 WPSS fo or WPS seettings. MAC Addrress Filte er Reestrict wireless cllients acccess baseed on MA AC addreess speciffied in th he MAC filter tablee. Seee IV‐3‐5 MAC Filtter to conf nfigure MAC M filteriing. MAC‐RAD DIUS Auth henticatiion Reestrict wireless cllients acccess baseed on MA AC addreess via a R RADIUS server, or paassword authentiication via a RADIUS serve er. Seee IV‐3‐4 RADIUS to t configure RADIIUS serveers. WPS mustt be disab bled to usse MAC‐R RADIUS au uthentica ation. Seee IV‐3‐3 W for WPS WPS W settin ngs. MAC Filter & MAC C‐RADIUSS Authen ntication Reestrict wireless cllients acccess using both of o the abo ove MAC C filteringg & RA ADIUS au uthenticaation methods. MAC RADIUS Paassword Select wh hether to o use MAC addresss or passsword e the authenticcation viaa RADIUSS server. If you seelect “Use ollowing passworrd”, ente er the passsword in n the fielld below w. fo T passw The word sho ould matcch the “SShared Seecret” ussed in IV V‐3‐4 RA ADIUS. 56 IV‐3‐1‐3‐2 WEP WEP (Wired Equivalent Privacy) is a basic encryption type. When selected, a notice will pop‐up as exemplified below: Below is a figure showing the configurable fields: Key Length Select 64‐bit or 128‐bit. 128‐bit is more secure than 64‐bit and is recommended. Key Type Choose from “ASCII” (any alphanumerical character 0‐9, a‐z and A‐Z) or “Hex” (any characters from 0‐9, a‐f and A‐F). Default Key Select which encryption key (1 – 4 below) is the default key. For security purposes, you can set up to four keys (below) and change which is the default key. Encryption Key Enter your encryption key/password according to the format 1–4 you selected above. For a higher level of security, please consider using WPA encryption. IV‐3‐1‐3‐3 IEEE802.1x/EAP Below is a figure showing the configurable fields: Key Length Select 64‐bit or 128‐bit. 128‐bit is more secure than 64‐bit and is recommended. 57 IV‐3‐1‐3‐4 WPA‐PSK WPA‐PSK is a secure wireless encryption type with strong data protection and user authentication, utilizing 128‐bit encryption keys. Below is a figure showing the configurable fields: Fast Roaming Settings will also be shown: 802.11r Fast Roaming WPA Type Encryption Key Renewal Interval Pre‐Shared Key Type Pre‐Shared Key When your device roams from one AP to another on the same network, 802.11r uses a feature called Fast Basic Service Set Transition (FT) to authenticate more quickly. FT works with both preshared key (PSK) and 802.1X authentication methods. Select from WPA/WPA2 Mixed Mode‐PSK, WPA2 or WPA only. WPA2 is safer than WPA, but is not supported by all wireless clients. Please make sure your wireless client supports your selection. Select “TKIP/AES Mixed Mode” or “AES” encryption type. Specify a frequency for key renewal in minutes. Choose from “Passphrase” (8 – 63 alphanumeric characters) or “Hex” (up to 64 characters from 0‐9, a‐f and A‐F). Please enter a security key/password according to the format you selected above. 58 80 02.11r Faast Transsition Roaaming Seettings Mobility_d dom Specify th he mobiliity domain (2.4GH Hz or 5GHz) ain En ncryption n Key Specify th he encryp ption keyy Ovver the DS Enable orr disable this funcction. IV V‐3‐1‐3‐5 WPA‐EAP Faast Roam ming Settiings will also be shown: W Type WPA En ncryption Tyype Ke ey Renew wal In nterval Select fro om WPA//WPA2 Mixed Mo ode‐EAP, WPA2‐EEAP or WPA‐EAP P. Select “TK KIP/AES Mixed Mode” or “AES” en ncryption n type. Specify a frequenccy for key renewaal in minutes. WPA‐EAP must be disabled to use MAC‐RADI IUS autheentication n. 80 02.11r Faast Transsition Roaaming Seettings Mobility_d dom Specify th he mobiliity domain (2.4GH Hz or 5GHz) ain En ncryption n Key Specify th he encryp ption keyy Ovver the DS Enable orr disable this funcction. Prress “App ply” to ap pply the configurration, orr “Cancell” to forffeit the ch hanges. 59 IV V‐3‐1‐4 WD DS on Systeem (WDSS) can bridge/repeeat accesss points togetheer Wireless Distributi in an exten nded nettwork. WDS W settings can be b configgured as shown below. When usin ng WDS, configure e the IP address off each acccess poin nt to be in th he same subnet an nd ensuree there iss only onee active D DHCP servver amon ng co onnected d access points, prreferably on the WAN W side. WDS mustt be conffigured on o each access po oint, using correctt MAC ad ddresses. Alll access points sh hould usee the sam me wirele ess channel and eencryptio on method. 60 2.4GHz Select “WDS with AP” to use WDS with access point or “WDS WDS Functionality Dedicated Mode” to use WDS and also block communication with regular wireless clients. When WDS is used, each access point should be configured with corresponding MAC addresses, wireless channel and wireless encryption method. Displays the MAC address of your access point. Local MAC Address WDS Peer Settings WDS # Enter the MAC address for up to four other WDS devices you wish to connect. WDS VLAN VLAN Mode VLAN ID Specify the WDS VLAN mode to “Untagged Port” or “Tagged Port”. Specify the WDS VLAN ID when “Untagged Port” is selected above. WDS Encryption method Encryption Select whether to use “None” or “AES” encryption and enter a pre‐shared key for AES consisting of 8‐63 alphanumeric characters. Press “Apply” to apply the configuration, or “Reset” to forfeit the changes. 61 IV‐3‐1‐5 Guest Network Enable / disable guest network to allow clients to connect as guests. 62 IV‐3‐2 5GHz 11ac 11an The “5GHz 11ac 11an” menu allows you to view and configure information for your access point’s 5GHz wireless network across five categories: Basic, Advanced, Security, WDS & Guest Network. 63 IV‐3‐2‐1 Basic The “Basic” screen displays basic settings for your access point’s 5GHz Wi‐Fi network (s). Wireless Band Enable SSID Number SSID# VLAN ID Auto Channel Auto Channel Range Enable or disable the access point’s 5GHz wireless radio. When disabled, no 5GHz SSIDs will be active. Wireless standard used for the access point. Combinations of 802.11a, 802.11n & 802.11ac can be selected. Select how many SSIDs to enable for the 2.4GHz frequency from the drop down menu. A maximum of 16 can be enabled. Enter the SSID name for the specified SSID (up to 16). The SSID can consist of any combination of up to 32 alphanumeric characters. Specify a VLAN ID for each SSID. Enable/disable auto channel selection. Auto channel selection will automatically set the wireless channel for the access point’s 5GHz frequency based on availability and potential interference. When disabled, configurable fields will change as shown below: Select a range to which auto channel selection can choose from. 64 Auto Channel Interval Select a time interval for how often the auto channel setting will check/reassign the wireless channel. Check/uncheck the “Change channel even if clients are connected” box according to your preference. Channel Select the channel bandwidth: Bandwidth 20MHz (lower performance but less interference); or Auto 40/20 MHz; or Auto 80/40/20 MHz (automatically select based on interference level). BSS Set a Basic Service Set (BSS) rate: this is a series of rates to BasicRateSet control communication frames for wireless clients. When auto channel is disabled, configurable fields will change. Select a wireless channel manually: Channel Channel Bandwidth BSS BasicRateSet Select a wireless channel. Select the channel bandwidth: 20MHz (lower performance but less interference); or Auto 40/20 MHz; or Auto 80/40/20 MHz (automatically select based on interference level). Set a Basic Service Set (BSS) rate: this is a series of rates to control communication frames for wireless clients. Press “Apply” to apply the configuration, or “Cancel” to forfeit the changes. 65 IV V‐3‐2‐2 Advvanced Th hese setttings are for expeerienced users on nly. Pleasse do nott change any of th he vaalues on this pagee unless you are already familiar w thesse functio with ons. Changing these setttings can Ch n adverseely affect the perfo ormance of your access poiint. Gu uard In nterval 80 02.11n Prrotection DTTIM Periiod RTTS Th hreshold Frragment Th hreshold Multicast Raate Sett the guaard intervval. A sho orter inteerval can n improve performancce. Enaable/disaable 802.11n protection, which increases reliabilityy butt reduces bandwidth (clie ents will send Req quest to Send (RTTS) to acccess poin nt, and acccess point will b broadcastt Clear to Sen nd (CTS),, before a packet is sent from clien nt.) Sett the DTIM (delivery traffiic indicattion message) period valu ue of the t wireless radio o. The de efault value is 1. Sett the RTSS thresho old of the e wireless radio. TThe default valuee is 2347. hreshold of the wireless raadio. The e default Sett the fraggment th vallue is 234 46. Sett the tran nsfer ratee for multicast paackets orr use the “Auto” settting. 66 Tx Power Set the power output of the wireless radio. You may not require 100% output power. Setting a lower power output can enhance security since potentially malicious/unknown users in distant areas will not be able to access your signal. Beacon Set the beacon interval of the wireless radio. The default value Interval is 100. Set the interval for keepalive messages from the access point Station idle timeout to a wireless client to verify if the station is still alive/active. Beamforming Beamforming is a signal processing technique used in sensor arrays for directional signal transmission or reception. This is achieved by combining elements in an antenna array in such a way that signals at particular angles experience constructive interference while others experience destructive interference. Beamforming can be used at both the transmitting and receiving ends in order to achieve spatial selectivity. The improvement compared with omnidirectional reception / transmission is known as the directivity of the array. Airtime Fairness gives equal amounts of air time (instead of Airtime Fairness equal number of frames) to each client regardless of its theoretical data rate. Set airtime fairness to “Auto”, “Static” or “Disable”. Auto: Share rate is automatically managed. Static: Press “Edit SSID Rate” to manually enter a % for each SSID’s share rate as shown below: The % field must add up to 100% or a message will be displayed: Airtime fairness is disabled if “Disable” is selected. Press “Apply” to apply the configuration, or “Cancel” to forfeit the changes. 67 IV V‐3‐2‐3 Seccurity Th he accesss point provides various security options (wireless data enccryption)). When dataa is encryypted, in nformatio on transm mitted wirelessly cannot be b read by an nyone wh ho does not know w the corrrect enccryption key. Itt’s essenttial to con nfigure wireless seecurity in order to prevent un nauthorissed accesss to yourr networkk. SSIID Selecttion Seelect whicch SSID to t configure security settings for. Bro oadcast SSID En nable or disable SSID broaadcast. When enaabled, the e SSID will bee visible to t clientss as an avvailable Wi‐Fi W nettwork. When dissabled, the SSID will w not be b visiblee as an avvailable Wi‐Fi neetwork to o clients – clients must maanually eenter the e SSID in order to co onnect. A hidden (disabled) SSID iss typicallly more secure than a visible (enablled) SSID D. 68 Wireless Client Enable or disable wireless client isolation. Wireless client Isolation isolation prevents clients connected to the access point from communicating with each other and improves security. Typically, this function is useful for corporate environments or public hot spots and can prevent brute force attacks on clients’ usernames and passwords. Load Balancing Load balancing limits the number of wireless clients connected to an SSID. Set a load balancing value (maximum 100). Authentication Select an authentication method from the drop down menu Method and refer to the appropriate information in IV‐3‐1‐3 Security for your method. Press “Apply” to apply the configuration, or “Cancel” to forfeit the changes. Please refer back to IV‐3‐1‐3 Security for more information on authentication and additional authentication types. 69 IV V‐3‐2‐4 WD DS on Systeem (WDSS) can bridge/repeeat accesss points togetheer Wireless Distributi in an exten nded nettwork. WDS W settings can be b configgured as shown below. When usin ng WDS, configure e the IP address off each acccess poin nt to be in th he same subnet an nd ensuree there iss only onee active D DHCP servver amon ng co onnected d access points, prreferably on the WAN W side. WDS mustt be conffigured on o each access po oint, using correctt MAC ad ddresses. Alll access points sh hould usee the sam me wirele ess channel and eencryptio on method. 70 5GHz WDS Mode Select “WDS with AP” to use WDS with access point or “WDS WDS Functionality Dedicated Mode” to use WDS and also block communication with regular wireless clients. When WDS is used, each access point should be configured with corresponding MAC addresses, wireless channel and wireless encryption method. Displays the MAC address of your access point. Local MAC Address WDS Peer Settings WDS # Enter the MAC address for up to four other WDA devices you wish to connect. WDS VLAN VLAN Mode VLAN ID Specify the WDS VLAN mode to “Untagged Port” or “Tagged Port”. Specify the WDS VLAN ID when “Untagged Port” is selected above. WDS Encryption Encryption Select whether to use “None” or “AES” encryption and enter a pre‐shared key for AES with 8‐63 alphanumeric characters. Press “Apply” to apply the configuration, or “Reset” to forfeit the changes. 71 IV‐3‐2‐5 Guest Network Enable / disable guest network to allow clients to connect as guests. 72 IV V‐3‐3 WPSS Wi‐Fi Protected Seetup is a simple w to esttablish co way onnectio ons betw ween WPSS co ompatible devices. WPS can be acctivated on o compaatible deevices by pushingg a W butto WPS on on thee compattible devvice or fro om withiin the compatible e device’s firrmware / configu uration in nterface (known as a PBC or “Push B Button Co onfigurattion”). When WP PS is activvated in the t correect mann ner and at a the co orrect tim me for tw wo compaatible deevices, th hey will automaticcally connect. “PIIN co ode WPS” is a varriation off PBC which includes the additiona al use of a PIN co ode betw ween the two devvices for verificati ion. Pllease refe fer to man nufactureer’s instru uctions fo or your otther WPSS device. WPS Ch heck/unccheck thiss box to enable/d disable W WPS functionality. Press “App ply” to ap pply the settings. WPS must be disab bled when using MAC‐RAD DIUS au uthenticaation (seee IV‐3‐4 RADIUS) Prress “App ply” to ap pply the configurration. 73 WPS Product PIN Push‐Button WPS WPS by PIN WPS Security WPS Status Displays the WPS PIN code of the device, used for PIN code WPS. You will be required to enter this PIN code into another WPS device for PIN code WPS. Click “Generate PIN” to generate a new WPS PIN code. Click “Start” to activate WPS on the device for approximately 2 minutes. Enter the PIN code of another WPS device and click “Start” to attempt to establish a WPS connection. WPS function will last for approximately 2 minutes. WPS security status is displayed here. Click “Release” to clear the existing status. 74 IV V‐3‐4 RADIUS he RADIU US menu allows you y to co onfigure the t devicce’s external RAD DIUS servver Th seettings. A RADIUS server provides user‐base ed authe entication n to improve security and offfer wireless clien nt contro ol – userss can be authentic cated beefore gain ning acccess to a networrk. he devicee can utillize a primary and d a secon ndary (baackup) exxternal RADIUS Th seerver for each of its wireleess frequ uencies (2 2.4GHz & 5GHz). To use RAD DIUS servvers, go to t “Wireleess Settings” Æ “SSecurity” and a selecct “M MAC RAD DIUS Auth henticatio on” Æ “Ad dditional Authentiication” and a selectt “M MAC RAD DIUS Auth henticatio on” (see IV V‐3‐1‐3 or IV‐3‐2‐3 3). 75 IV‐3‐4‐1 RADIUS Settings Configure the RADIUS server settings for 2.4GHz and 5GHz. Each frequency can use an internal or external RADIUS server. 76 RADIUS Type Select “Internal” to use the access point’s built‐in RADIUS server or “external” to use an external RADIUS server. RADIUS Server Enter the RADIUS server host IP address. Authentication Set the UDP port used in the authentication protocol of the Port RADIUS server. Value must be between 1 – 65535. Shared Secret Enter a shared secret/password between 1 – 99 characters in length. This should match the “MAC‐RADIUS” password used in IV‐3‐1‐3 or IV‐3‐2‐3. Set a duration of session timeout in seconds between 0 – Session Timeout 86400. Accounting Enable or disable RADIUS accounting. When accounting is enabled (above), set the UDP port used Accounting Port in the accounting protocol of the RADIUS server. Value must be between 1 – 65535. Press “Apply” to apply the configuration, or “Cancel” to forfeit the changes. 77 IV V‐3‐4‐2 Inte ernal Serrver Th he accesss point feeatures a built‐in RADIUS server which can n be conffigured as sh hown bellow used d when “Internal”” is selectted for “RADIUS TType” in the “W Wireless Settings”” Æ “RADIUS” Æ “RADIU US Settinggs” menu u. To use RAD DIUS servvers, go to t “Wireleess Settings” Æ “SSecurity” and a selecct “M MAC RAD DIUS Auth henticatio on” Æ “Ad dditional Authentiication” and a selectt “M MAC RAD DIUS Auth henticatio on” (see IV V‐3‐1‐3 & IV‐3‐2‐3 3). In nternal Se erver C Check/un ncheck to o enable//disable the t accesss point’ss internaal RADIUS seerver. EA AP Intern nal ntication type fro om the drrop down Select EAP internaal authen Au uthentication menu. EA AP Certifficate Displays t EAP certificat the e file forrmat: PCK K#12(*.p pfx/*.p12 2) File Formaat EA AP Certifficate Click “Uplload” to open a new n wind dow and select th he locatio on File o an EAP of P certificaate file to o use. If no n certifiicate file is uploaded , the inteernal RAD DIUS servver will u use a selff‐made certificatee. Sh hared Se ecret Enter a sh hared seccret/passsword fo or use bettween th he intern nal RADIUS seerver and d RADIUSS client. The T sharred secre et should b 1 – 99 characteers in len be ngth. Thiss should match th he “MAC‐RA ADIUS” paassword used in IV‐3‐1‐3 or IV‐3‐2 2‐3. 78 Session Timeout Termination Action Set a duration of session timeout in seconds between 0 – 86400. Select a termination‐action attribute: Reauthentication: sends a RADIUS request to the access point; or, Not‐Reauthentication: sends a default termination‐action attribute to the access point; or Not‐Send: no termination‐action attribute is sent to the access point. Press “Apply” to apply the configuration, or “Cancel” to forfeit the changes. 79 IV‐3‐4‐3 RADIUS Accounts The internal RADIUS server can authenticate up to 256 user accounts. The “RADIUS Accounts” page allows you to configure and manage users. Enter a username in the box below and click “Add” to add the username. 80 Select “Edit” to edit the username and password of the RADIUS account: Press “Apply” to apply the configuration, or “Cancel” to forfeit the changes. User Name Add Reset Enter the user names here, separated by commas. Click “Add” to add the user to the user registration list. Clear text from the user name box. Select User Name Password Check the box to select a user. Displays the user name. Displays if specified user name has a password (configured) or not (not configured). Click “Edit” to open a new field to set/edit a password for the specified user name (below). Customize Delete Selected Delete All Delete selected user from the user registration list. Delete all users from the user registration list. 81 IV V‐3‐5 MAC C Filter MAC filterring is a security feature that can help h to prevent unauthorrized users fro om conn necting to o your acccess point. Th his functiion allow ws you to o define a list of network devices permitted d to co onnect to o the acccess point. Devicees are each identiified by ttheir uniq que MAC ad ddress. Iff a devicee which is i not on the list of o permittted MAC C addressses atttempts to t conneect to thee access point, it will w be deenied. To enable MAC filteering, go o to “Wireeless Settiings” Æ ““2.4G H 11bgn”” Æ “Secu Hz urity” Æ “Addition “ nal Authen ntication”” and seleect “MAC Fiilter” (seee IV‐3‐1‐3 3 or IV‐3‐2 2‐3). Th he MAC address filtering table is displayed d below: 82 Add MAC Address Add Reset Enter a MAC address of computer or network device manually e.g. ‘aa‐bb‐cc‐dd‐ee‐ff’ or enter multiple MAC addresses separated with commas, e.g. ‘aa‐bb‐cc‐dd‐ee‐ff,aa‐bb‐cc‐dd‐ee‐gg’ Click “Add” to add the MAC address to the MAC address filtering table. Clear all fields. MAC address entries will be listed in the “MAC Address Filtering Table”. Select an entry using the “Select” checkbox. Select Delete selected or all entries from the table. MAC Address The MAC address is listed here. Delete Delete the selected MAC address from the list. Selected Delete All Delete all entries from the MAC address filtering table. Export Click “Export” to save a copy of the MAC filtering table. A new window will pop up for you to select a location to save the file. 83 IV‐3‐6 WMM Wi‐Fi Multimedia (WMM) is a Wi‐Fi Alliance interoperability certification based on the IEEE 802.11e standard, which provides Quality of Service (QoS) features to IEE 802.11 networks. WMM prioritizes traffic according to four categories: background, best effort, video and voice. Configuring WMM consists of adjusting parameters on queues for different categories of wireless traffic. Traffic is sent to the following queues: Background Low Priority High throughput, non time sensitive bulk data e.g. FTP Best Effort Medium Traditional IP data, medium throughput and delay. Priority Video High Priority Time sensitive video data with minimum time delay. Voice High Priority Time sensitive data such as VoIP and streaming media with minimum time delay. 84 Queues automatically provide minimum transmission delays for video, voice, multimedia and critical applications. The values can be adjusted further manually: CWMin CWMax AIFSN TxOP Minimum Contention Window (milliseconds): This value is input to the initial random backoff wait time algorithm for retry of a data frame transmission. The backoff wait time will be generated between 0 and this value. If the frame is not sent, the random backoff value is doubled until the value reaches the number defined by CWMax (below). The CWMin value must be lower than the CWMax value. The contention window scheme helps to avoid frame collisions and determine priority of frame transmission. A shorter window has a higher probability (priority) of transmission. Maximum Contention Window (milliseconds): This value is the upper limit to random backoff value doubling (see above). Arbitration Inter‐Frame Space (milliseconds): Specifies additional time between when a channel goes idle and the AP/client sends data frames. Traffic with a lower AIFSN value has a higher priority. Transmission Opportunity (milliseconds): The maximum interval of time an AP/client can transmit. This makes channel access more efficiently prioritized. A value of 0 means only one frame per transmission. A greater value means higher priority. Press “Apply” to apply the configuration, or “Cancel” to forfeit the changes. 85 IV‐3‐7 Schedule The schedule feature allows you to automate the wireless network for the specified time ranges. Wireless scheduling can save energy and increase the security of your network. Check/uncheck the box “Enable” and select “Apply” to enable/disable the wireless scheduling function. 1. Select “Add” to add a schedule. 2. Settings page will be shown if “Continue” is selected: Check/uncheck the box of the desired SSID network, day of schedule and select the Start Time and End Time (using the dropdown menu). Select “Apply” to apply the settings, or “Cancel” to forfeit the schedule. 86 Schedules will be shown in the Schedule List as exemplified below: 3. Select “Add” to add more schedules; or Check the box of currently available schedule, select “Edit” to edit, or select “Delete Selected” to delete; or Select “Delete All” to delete all schedules. 87 IV‐3‐8 Traffic Shaping Traffic shaping is used to optimize or guarantee performance, improve latency, or increase usable bandwidth for some kinds of packets by delaying other kinds. Check the checkbox to enable traffic shaping, specify the down link and up link values, and click “Apply” to apply the configuration, or “Cancel” to forfeit the changes. 88 89 IV‐3‐9 Bandsteering Band steering detects clients capable of 5GHz operation and steers them there to make the more crowded 2.4 GHz band available for clients only capable of connecting to 2.4GHz band. This helps improve end user experience by reducing channel utilization, especially in high density environments. If “User Define” is selected, specify the numbers in the fields below: 90
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.6 Linearized : Yes XMP Toolkit : Adobe XMP Core 4.0-c316 44.253921, Sun Oct 01 2006 17:14:39 Modify Date : 2018:06:20 17:57:06+08:00 Create Date : 2018:06:20 17:57+08:00 Metadata Date : 2018:06:20 17:57:06+08:00 Creator Tool : PScript5.dll Version 5.2 Format : application/pdf Title : Microsoft Word - EW-7429HOB User Manual_1801_20180606 Creator : jenny.liao Document ID : uuid:e03c461b-1091-4d38-bd4d-2dcddd1c15db Instance ID : uuid:b5df231e-1040-4558-b247-9c5f21887de0 Producer : Acrobat Distiller 8.0.0 (Windows) Has XFA : No Page Count : 90 Author : jenny.liaoEXIF Metadata provided by EXIF.tools