Extreme Networks OAP36B HiPath Wireless Outdoor Access Point User Manual II

Download:
Mirror Download [FCC.gov]
Document ID	1395764
Application ID	ENY/fD2iqT0qS1nq/K9EeQ==
Document Description	User Manual II
Short Term Confidential	No
Permanent Confidential	No
Supercede	No
Document Type	User Manual
Display Format	Adobe Acrobat PDF - pdf
Filesize	134.61kB (1682650 bits)
Date Submitted	2010-12-23 00:00:00
Date Available	2010-12-23 00:00:00
Creation Date	2010-12-23 10:19:28
Producing Software	Acrobat Distiller 7.0.5 (Windows)
Document Lastmod	2010-12-23 10:21:01
Document Title	HiPath Wireless Controller, Access Points and Convergence Software V7.21 User Guide
Document Creator	FrameMaker 8.0
Document Author:	Enterasys Networks

hwc_fastfailover.fm
Availability and session availability
Viewing the Wireless AP availability display
7.5 Viewing the Wireless AP availability display
For more information, see Section 11.3, “Viewing the Wireless AP availability
display”, on page 455.
7.6 Viewing SLP activity
In normal operations, the primary HiPath Wireless Controller registers as an SLP
service called ac_manager. The controller service directs the Wireless APs to the
appropriate HiPath Wireless Controller. During an outage, if the remaining HiPath
Wireless Controller is the secondary controller, it registers as the SLP service
ru_manager.
To view SLP activity:
1. From the main menu, click Wireless AP Configuration. The Wireless APs
screen is displayed.
2. In the left pane, click AP Registration. The Wireless AP Registration
screen is displayed.
3. To confirm SLP registration, click View SLP Registration. A pop-up screen
displays the results of the diagnostic slpdump tool, to confirm SLP
registration.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
429
hwc_fastfailover.fm
Availability and session availability
Viewing SLP activity
430
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_mobility.fm
Configuring Mobility
Mobility overview
8 Configuring Mobility
This chapter describes the mobility concept, including:
•
Mobility overview
•
Mobility domain topologies
•
Configuring mobility domain
8.1 Mobility overview
The HiPath Wireless Controller, Access Points and Convergence Software
system allows up to 12 HiPath Wireless Controllers on a network to discover each
other and exchange information about a client session. This technique enables a
wireless device user to roam seamlessly between different Wireless APs on
different HiPath Wireless Controllers.
The solution introduces the concept of a mobility manager; one HiPath Wireless
Controller on the network is designated as the mobility manager and all others
are designated as mobility agents.
The wireless device keeps the IP address, and the service assignments it
received from its home HiPath Wireless Controller—the HiPath Wireless
Controller that it first connected to. The WLAN Service on each HiPath Wireless
Controller must have the same SSID and RF privacy parameter settings.
You have two options for choosing the mobility manager:
•
Rely on SLP with DHCP Option 78
•
Define at the agent the IP address of the mobility manager. By explicitly
defining the IP address, the agent and the mobility manager are able to find
each other directly without using the SLP discovery mechanisms. Direct IP
definition is recommended to provide tighter control of the registration steps
for multi-domain installations.
The HiPath Wireless Controller designated as the mobility manager:
•
Is explicitly identified as the manager for a specific mobility domain. Agents
will connect to this manager to establish a mobility domain.
•
Defines at the agent the IP address of the mobility manager, which allows for
the bypass of SLP. Agents directly find and attempt to register with the
mobility manager.
•
Uses SLP, if this method is preferred, to register itself with the SLP Directory
Agent as SiemensNet.
•
Defines the registration behavior for a multi-controller mobility domain set:
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
431
hwc_mobility.fm
Configuring Mobility
Mobility overview
•
Open mode – A new agent is automatically able to register itself with the
mobility manager and immediately becomes part of the mobility domain
•
Secure mode – The mobility manager does not allow a new agent to
automatically register. Instead, the connection with the new agent is
placed in pending state until the administrator approves the new device.
•
Listens for connection attempts from mobility agents.
•
Establishes connections and sends a message to the mobility agent
specifying the heartbeat interval, and the mobility manager's IP address if it
receives a connection attempt from the agent.
•
Sends regular heartbeat messages containing wireless device session
changes and agent changes to the mobility agents and waits for a returned
update message
The HiPath Wireless Controller designated as a mobility agent does the following:
•
Uses SLP or a statically configured IP address to locate the mobility manager
•
Defines at the agent the IP address of the mobility manager, which allows for
the bypass of SLP. Agents directly find and attempt to register with the
mobility manager.
•
Attempts to establish a TCP/IP connection with the mobility manager
•
Sends updates, in response to the heartbeat message, on the wireless device
users and the data tunnels to the mobility manager.
If a controller configured as the mobility manager is lost, the following occurs:
432
•
Agent to agent connections remain active.
•
Mobility agents continue to operate based on the mobility information last
coordinated before the manager link was lost. The mobility location list
remains relatively unaffected by the controller failure. Only entries associated
with the failed controller are cleared from the registration list, and users that
have roamed from the manager controller to other agents are terminated and
required to re-register as local users with the agent where they are currently
located.
•
The data link between active controllers remains active after the loss of a
mobility manager
•
Mobility agents continue to use the last set of mobility location lists to service
known users
•
Existing users remain in the mobility scenario, and if the users are known to
the mobility domain, they continue to be able to roam between connected
controllers
•
New users become local at attaching controller
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_mobility.fm
Configuring Mobility
Mobility domain topologies
•
Roaming to another controller resets session
The mobility network that includes all the HiPath Wireless Controllers and the
Wireless APs is called the Mobility Domain.
Note: The mobility feature is not backward compatible. This means that all the
HiPath Wireless Controllers in the mobility domain must be running the most
recent HiPath Wireless Convergence Software release.
8.2 Mobility domain topologies
You can configure a mobility domain in the following scenarios:
•
Mobility domain without any availability
•
Mobility domain with availability
•
Mobility domain with session availability
Note: If you are configuring mobility, you must synchronize time on all the HiPath
Wireless Controllers that are part of the mobility domain. For more information,
see Section 3.4.11, “Configuring network time”, on page 92.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
433
hwc_mobility.fm
Configuring Mobility
Mobility domain topologies
• HWC1 and HWC2
are configured for
session availability.
• HWC1, HWC2,
HWC3, Wireless
AP1, Wireless AP2
and Wireless AP3
form a Mobility
Domain
• HWC3 is the
Mobility Manager
whereas HWC1 and
HWC2 are Mobility
Agents
Figure 27
Mobility Domain with fast failover and session availability features
•
The user’s home session is with HWC1.
•
When the user roams from Wireless AP 1 to Wireless AP 2, he establishes
his home session with HWC2.
•
When the user roams, the Wireless AP 1 receives a notification that the user
has roamed away following which it marks the user session as “inactive”.
Consequently, no statistics are sent to the HWC1 for that user.
•
In response to the heart beat message from the mobility manager (HWC3),
the HWC2 sends updates that the user has a new home on HWC2. Upon
receiving the updates, the mobility manager updates its own tables.
Note: The mobility manager’s heart beat time is configurable. If you are
configuring a mobility domain with session availability, you should configure the
heart beat time as one second to enable the mobility manager to update its tables
quickly.
•
If a failover takes place, and the user is still associated with Wireless AP1:
•
434
The Wireless AP 1 fails over, and establishes an active session with
HWC2.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_mobility.fm
Configuring Mobility
Configuring mobility domain
•
•
In response to the heart beat message from the mobility manager
(HWC3), the HWC2 sends updates to the mobility manager on the
failover Wireless AP and its user.
If a failover takes place, and the user has roamed to Wireless AP 2:
•
As part of roaming, the user’s home session moves from HWC1 to
HWC2.
•
Wireless AP 1 establishes active session with HWC 2. Wireless AP 2 is
not impacted by the failover.
8.3 Configuring mobility domain
If you are configuring a mobility domain with availability or session availability, you
must synchronize time on all the HiPath Wireless Controllers that are part of your
mobility domain. For more information, see Section 3.4.11, “Configuring network
time”, on page 92.
To designate a mobility manager:
1. From the main menu, click Wireless Controller Configuration. The
Wireless Controller Configuration screen is displayed.
2. In the left pane, click Mobility Manager. The Mobility Manager Settings
screen is displayed.
3. To enable mobility for this controller, select the Enable Mobility checkbox.
The controller mobility options are displayed.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
435
hwc_mobility.fm
Configuring Mobility
Configuring mobility domain
4. Select the This Wireless Controller is a Mobility Manager option. The
mobility manager options are displayed.
5. In the Port drop-down list, select the interface on the HiPath Wireless
Controller to be used for the mobility manager process. Ensure that the
selected interface’s IP address is routable on the network.
6. In the Heartbeat box, type the time interval (in seconds) at which the mobility
manager sends a Heartbeat message to a mobility agent.
Note: If the mobility domain is configured for fast failover and session
availability, you should configure the mobility manager’s heart beat time as
one second.
7. In the SLP Registration drop-down list, select whether to enable or disable
SLP registration.
8. In the Permission list, select the agent IP addresses you want to approve
that are in pending state, by selecting the agent and clicking Approve. New
agents are only added to the domain if they are approved.
You can also add or delete controllers that you want to be part of the mobility
domain. To add a controller, type the agent IP address in the box, and then
click Add. To delete a controller, click the controller in the list, and then click
Delete.
9. Select the Security Mode option:
•
Allow all mobility agents to connect – All mobility agents can connect
to the mobility manager.
•
Allow only approved mobility agents to connect – Only approved
mobility agents can connect to the mobility manager.
10. To save your changes, click Save.
Note: If you set up one HiPath Wireless Controller on the network as a mobility
manager, all other HiPath Wireless Controllers must be set up as mobility agents.
To designate a mobility agent:
1. From the main menu, click Wireless Controller Configuration. The
Wireless Controller Configuration screen is displayed.
2. In the left pane, click Mobility Manager. The Mobility Manager Settings
screen is displayed.
3. To enable mobility for this controller, select the Enable Mobility checkbox.
The controller mobility options are displayed.
436
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_mobility.fm
Configuring Mobility
Configuring mobility domain
4. Select the This Wireless Controller is a Mobility Agent option. The mobility
agent options are displayed.
5. From the Port drop-down list, select the port on the HiPath Wireless
Controller to be used for the mobility agent process. Ensure that the port
selected is routable on the network.
6. From the Discovery Method drop-down list, select one of the following:
–
SLPD – Service Location Protocol Daemon, a background process acting
as an SLP server, provides the functionality of the Directory Agent and
Service Agent for SLP. Use SLP to support the discovery of siemensNET
service to attempt to locate the area mobility manager controller.
–
Static Configuration – You must provide the IP address of the mobility
manager manually. Defining a static configuration for a mobility manager
IP address bypasses SLP discovery.
In the Mobility Manager Address box, type the IP address for the
designated mobility manager.
7. To save your changes, click Save.
For information about viewing mobility manager displays, see Section 11.7,
“Viewing displays for the mobility manager”, on page 465.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
437
hwc_mobility.fm
Configuring Mobility
Configuring mobility domain
438
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_3rdpartyaps.fm
Working with third-party APs
Define authentication by Captive Portal for the third-party AP WLAN Service:
9 Working with third-party APs
You can set up the HiPath Wireless Controller to handle wireless device traffic
from third-party APs, while still providing policy and network access control. This
process requires the following steps:
•
Define a physical topology to operate in 3rd Party mode.
•
Define a WLAN Service of type Third Party AP.
•
Define a policy
•
Define a VNS
9.1 Define authentication by Captive Portal for the third-party AP WLAN
Service:
802.1x Authentication is not supported directly by the HiPath Wireless Controller.
However, this type of authentication can be supported by the actual third-party
AP. All other options for authentication are supported at the controller.
1. On the WLAN configuration window for the third-party WLAN Service, click
the Auth & Acct tab.
2. In the Authentication Mode drop-down list, click Internal or External, then
click the Configure button.
3. Define the Captive Portal configuration as described in Section 6.9.3.7,
“Configuring Captive Portal for internal or external authentication”, on page
358.
9.2 Define the third-party APs list
1. In the WLAN Services panel, select the third-party WLAN Service.
2. In the IP Address field, type the IP address of a third-party AP.
3. In the Wired MAC Address field, type the MAC address of the AP.
4. Click the Add button to add the AP to the list.
5. Repeat for all third-party APs to be assigned to this WLAN Service.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
439
hwc_3rdpartyaps.fm
Working with third-party APs
Define filtering rules for the third-party APs:
9.3 Define filtering rules for the third-party APs:
1. Because the third-party APs are mapped to a physical port, you must define
the Exception filters on the physical topology, using the Exception Filters
tab. For more information, see Section 6.8.3, “Exception filtering”, on page
327.
2. Define filtering rules that allow access to other services and protocols on the
network such as HTTP, FTP, telnet, SNMP.
3. On the Multicast Filters tab, select Enable Multicast Support and configure
the multicast groups whose traffic is allowed to be forwarded to and from the
VNS using this topology. For more information, see Section 6.8.4, “Multicast
filtering”, on page 330.
In addition, modify the following functions on the third-party AP:
•
Disable the AP's DHCP server, so that the IP address assignment for any
wireless device on the AP is from the DHCP server at the HiPath Wireless
Controller with VNS information.
•
Disable the third-party AP's layer-3 IP routing capability and set the access
point to work as a layer-2 bridge.
The following are the differences between third-party APs and Wireless APs on
the HiPath Wireless Controller, Access Points and Convergence Software
system:
440
•
A third-party AP exchanges data with the HiPath Wireless Controller's data
port using standard IP over Ethernet protocol. The third-party access points
do not support the tunnelling protocol for encapsulation.
•
For third-party APs, the VNS is mapped to the physical data port and this is
the default gateway for mobile units supported by the third-party access
points.
•
A HiPath Wireless Controller cannot directly control or manage the
configuration of a third-party access point.
•
Third-party APs are required to broadcast an SSID unique to their segment.
This SSID cannot be used by any other VNS.
•
Roaming from third-party APs to Wireless APs and vice versa is not
supported.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_mitigator.fm
Working with the Mitigator
Mitigator overview
10 Working with the Mitigator
This chapter describes Mitigator concepts, including:
•
Mitigator overview
•
Enabling the Analysis and data collector engines
•
Running Mitigator scans
•
Analysis engine overview
•
Working with Mitigator scan results
•
Working with friendly APs
•
Maintaining the Mitigator list of APs
•
Viewing the Scanner Status report
10.1 Mitigator overview
The Mitigator is a mechanism that assists in the detection of rogue APs.
Mitigator functionality on the Wireless AP does the following:
•
Runs a radio frequency (RF) scanning task.
•
Alternating between scan functions, providing its regular service to the
wireless devices on the network.
Note: If a Wireless AP is part of a WDS link you cannot configure it to act as a
scanner in Mitigator.
Mitigator functionality on the HiPath Wireless Controller does the following:
•
Runs a data collector application that receives and manages the RF scan
messages sent by the Wireless AP. RF data collector data includes lists of all
connected Wireless APs, third-party APs, and the RF scan information that
has been collected from the Wireless APs selected to perform the scan.
•
Runs an Analysis Engine that processes the scan data from the data collector
through algorithms that make decisions about whether any of the detected
APs or clients are rogue APs or are running in an unsecure environment (for
example, ad-hoc mode).
Note: In a network with more than one HiPath Wireless Controller, it is not
necessary for the data collector to be running on the same controller as the
Analysis Engine. One controller can be a dedicated Analysis Engine while the
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
441
hwc_mitigator.fm
Working with the Mitigator
Enabling the Analysis and data collector engines
other controllers run data collector functionality. No more than one Analysis
Engine can be running at a time. You must ensure that the controllers are all
routable.
10.2 Enabling the Analysis and data collector engines
Before using the Mitigator, you must enable and define the Analysis and data
collector engines.
To enable the Analysis engine:
1. From the main menu, click Wireless Controller Configuration. The
Wireless Controller Configuration screen is displayed.
2. In the left pane, click Mitigator. The Mitigator Configuration screen is
displayed.
3. To enable the Mitigator Analysis Engine, select the Enable Mitigator
Analysis Engine checkbox.
4. To identify the remote RF Data Collector Engine that the Analysis Engine will
poll for data, type the IP address of the HiPath Wireless Controller on which
the remote Data Collector resides in the IP Address box.
Note: Currently, the HiPath Wireless Controller C20N/C20 does not support
the Remote Collection Engines functionality of the HiPath Wireless Controller,
Access Points and Convergence Software solution.
442
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_mitigator.fm
Working with the Mitigator
Enabling the Analysis and data collector engines
5. Set the following for the data collection engine:
•
In the Poll interval box, type (in seconds) the interval that the Analysis
Engine will poll the RF Data Collector to maintain connection status. The
default is 30 seconds.
•
In the Poll retry count box, type the number of times the Analysis Engine
will attempt to poll the RF Data Collector to maintain connection status,
before it stops sending requests. The default is 2 attempts.
6. Click Add. The IP address of the Data Collection Engine, with its Poll Interval
and Poll Retry parameters, is displayed in the list.
Note: For each remote RF Data Collection Engine defined here, you must do
the following:
• Enable it by selecting the Enable Mitigator Analysis Engine checkbox on
the remote HiPath Wireless Controller.
• Ensure that the controllers are routable by whatever means you use (for
example, static routes or OSPF).
7. To add a new collection engine, click Add Collection Engine.
8. Repeat steps 4 to 7.
9. To save your changes, click Apply.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
443
hwc_mitigator.fm
Working with the Mitigator
Running Mitigator scans
10.3 Running Mitigator scans
The Mitigator feature allows you to view the following:
•
Scan Groups
•
Friendly APs
•
AP Maintenance
Note: A scan will not run on an inactive AP, even though it is displayed as part of
the Scan Group. If it becomes active, it will be sent a scan request during the next
periodic scan.
To run the Mitigator scan task mechanism:
1. From the main menu, click Mitigator. The Mitigator screen is displayed.
2. Click the Scan Groups tab.
3. In the Scan Group Name box, type a unique name for this scan group.
444
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_mitigator.fm
Working with the Mitigator
Running Mitigator scans
4. In the Wireless APs list, select the checkbox corresponding to the Wireless
APs you want included in the new scan group, which will perform the scan
function.
Note: A Wireless AP can participate in only one Scan Group at a time.
Siemens recommends that the Scan Groups represent geographical
groupings of Wireless APs.
5. In the Radio drop-down list, click one of the following:
•
Both – Radio 1 and Radio 2 both perform the scan function.
•
radio 1 – Only Radio 1 performs the scan function.
•
radio 2 – Only Radio 2 performs the scan function.
6. In the Channel List drop-down list, click one of the following:
•
All – Scanning is performed on all channels.
•
Current – Scanning is performed on only the current channel.
7. In the Scan Type drop-down list, click one of the following:
•
Active – The Wireless AP sends out ProbeRequests and waits for
ProbeResponse messages from any access points.
•
Passive – The Wireless AP listens for 802.11 beacons.
8. In the Channel Dwell Time box, type the time (in milliseconds) for the
scanner to wait for a response from either 802.11 beacons in passive
scanning, or ProbeResponse in active scanning.
9. In the Scan Time Interval box, type the time (in minutes) to define the
frequency at which a Wireless AP within the Scan Group will initiate a scan of
the RF space. The range is from one minute to 120 minutes.
10. To initiate a scan using the periodic scanning parameters defined above, click
Start Scan.
11. To initiate an immediate scan that will run only once, click Run Now.
Note: If necessary, you can stop a scan by clicking Stop Scan.
A scan must be stopped before modifying any parameters of the Scan Group,
or before adding or removing a Wireless AP from a Scan Group.
The Scan Activity box displays the current state of the scan engine.
12. To view a pop-up report displaying the timeline of scan activity and scan
results, click Show Details.
13. To save your changes, click Save.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
445
hwc_mitigator.fm
Working with the Mitigator
Analysis engine overview
10.4 Analysis engine overview
The Analysis engine relies on a database of known devices on the Controller,
Access Points and Convergence Software system. The Analysis engine
compares the data from the RF Data Collector with the database of known
devices.
This database includes the following:
•
Wireless APs – Registered with any HiPath Wireless Controller with its RF
Data Collector enabled and associated with the Analysis Engine on this
HiPath Wireless Controller.
•
Third-party APs – Defined and assigned to a VNS.
•
Friendly APs – A list created in the Mitigator user interface as potential rogue
access points are designated by the administrator as Friendly.
•
Wireless devices – Registered with any HiPath Wireless Controller that has
its RF Data Collector enabled and has been associated with the Analysis
Engine on this HiPath Wireless Controller.
The Analysis Engine looks for access points with one or more of the following
conditions:
•
Unknown MAC address and unknown SSID (critical alarm)
•
Unknown MAC, with a valid SSID - a known SSID is being broadcast by the
unknown access point (critical alarm)
•
Known MAC, with an unknown SSID - a rogue may be spoofing a MAC
address (critical alarm)
•
Inactive Wireless AP with valid SSID (critical alarm)
•
Inactive Wireless AP with unknown SSID (critical alarm)
•
Known Wireless AP with an unknown SSID (major alarm)
•
In ad-hoc mode (major alarm)
Note: In the current release, there is no capability to initiate a DoS attack on
the detected rogue access point. Containment of a detected rogue requires
an inspection of the geographical location of its Scan Group area, where its
RF activity has been found.
446
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_mitigator.fm
Working with the Mitigator
Working with Mitigator scan results
10.5 Working with Mitigator scan results
When viewing the Mitigator scan results, you can delete individual or all of the
access points from the scan results. You can also add access points from the
scan results to the Friendly AP list.
To view Mitigator scan results:
1. From the main menu, click Mitigator. The Mitigator screen is displayed.
2. Click the Rogue Detection tab.
3. To modify the page’s refresh rate, type a time (in seconds) in the Refresh
every __ seconds box.
4. Click Apply. The new refresh rate is applied.
5. To view the Rogue Summary report, click Rogue Summary. The Rogue
Summary report is displayed in a pop-up window.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
447
hwc_mitigator.fm
Working with the Mitigator
Working with Mitigator scan results
6. To clear all detected rogue devices from the list, click Clear Detected
Rogues.
Note: To avoid the Mitigator's database becoming too large, Siemens
recommends that you either delete Rogue APs or add them to the Friendly APs
list, rather than leaving them in the Rogue list.
To add an AP from the Mitigator scan results to the list of friendly APs:
1. From the main menu, click Mitigator. The Mitigator screen is displayed.
2. Click the Rogue Detection tab.
3. To add a Wireless AP to the Friendly APs list, click Add to Friendly List. The
AP is removed from this list and is displayed in the Friendly AP Definitions
section of the Friendly AP’s tab.
To delete an AP from the Mitigator scan results:
1. From the main menu, click Mitigator. The Mitigator screen is displayed.
2. Click the Rogue Detection tab.
3. To delete a specific AP from the Mitigator scan results, click the
corresponding Delete button. The AP is removed from the list.
4. To clear all rogue access points from the Mitigator scan results, click Clear
Detected Rogues. All APs are removed from the list.
448
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_mitigator.fm
Working with the Mitigator
Working with friendly APs
10.6 Working with friendly APs
To view the friendly APs:
1. From the main menu, click Mitigator. The Mitigator screen is displayed.
2. Click the Friendly APs tab.
To add friendly APs manually:
1. From the main menu, click Mitigator. The Mitigator screen is displayed.
2. Click the Friendly APs tab.
3. To add friendly access points manually to the Friendly AP Definitions list,
type the following:
•
MAC Address – Specifies the MAC address for the friendly AP
•
SSID – Specifies the SSID for the friendly AP
•
Channel – Specifies the current operating channel for the friendly AP
•
Description – Specifies a brief description for the friendly AP
4. Click Add. The new access point is displayed in the list above.
To delete a friendly AP:
1. From the main menu, click Mitigator. The Mitigator screen is displayed.
2. Click the Friendly APs tab.
3. In the Friendly AP Definitions list, click the access point you want to delete.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
449
hwc_mitigator.fm
Working with the Mitigator
Maintaining the Mitigator list of APs
4. Click Delete. The selected access point is removed from the Friendly AP
Definitions list.
5. To save your changes, click Save.
To modify a friendly AP:
1. From the main menu, click Mitigator. The Mitigator screen is displayed.
2. Click the Friendly APs tab.
3. In the Friendly AP Definitions list, click the access point you want to modify.
4. Modify the access point by making the appropriate changes.
5. To save your changes, click Save.
10.7 Maintaining the Mitigator list of APs
To maintain the Wireless APs:
1. From the main menu, click Mitigator. The Mitigator screen is displayed.
2. Click the AP Maintenance tab. Inactive APs and known third-party APs are
displayed.
3. Select the applicable APs.
450
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_mitigator.fm
Working with the Mitigator
Viewing the Scanner Status report
4. To delete the selected APs, click Delete marked APs.
Note: The selected APs are deleted from the Mitigator database, not from the
HiPath Wireless Controller database. You can delete the APs from the HiPath
Wireless Controller database after you delete them from the Wireless AP
Configuration Access Approval screen of the corresponding RF Data
Collector Engine. You can also delete the selected third-party APs if they are
removed from the corresponding VNS in the RF Collector Engine, or if that
VNS has been deleted from the VNS list.
10.8 Viewing the Scanner Status report
When the Mitigator is enabled, you can view a report on the connection status of
the RF Data Collector Engines with the Analysis Engine.
To view the Mitigator scanner engine status display:
1. From the main menu, click Mitigator. The Mitigator screen is displayed.
2. Click the Reports: Scanner Status. The Scanner Status report is displayed.
The boxes display the IP address of the Data Collector engine. The status of the
Data Collector engine is indicated by one of the following colors:
•
Green – The Analysis Engine has connection with the Data Collector on that
HiPath Wireless Controller.
•
Yellow – The Analysis Engine has connected to the communication system
of the other controller, but has not synchronized with the Data Collector.
Ensure that the Data Collector is running on the remote controller.
•
Red – The Analysis Engine is aware of the Data Collector and attempting
connection.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
451
hwc_mitigator.fm
Working with the Mitigator
Viewing the Scanner Status report
If no box is displayed, the Analysis Engine is not attempting to connect with that
Data Collector Engine.
Note: If the box is displayed red and remains red, ensure your IP address is
correctly set up to point to an active controller. If the box remains yellow, ensure
the Data Collector is running on the remote controller.
452
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_reports.fm
Working with reports and displays
Available reports and displays
11 Working with reports and displays
This chapter describes the various reports and displays available in the HiPath
Wireless Controller, Access Points and Convergence Software system.
11.1 Available reports and displays
The following displays are available in the HiPath Wireless Controller, Access
Points and Convergence Software system:
•
Active Wireless APs
•
Active Clients by Wireless AP
•
Active Clients by VNS
•
All Active Clients
•
Active Wireless Load Groups
•
Policy Filter Statistics
•
Topology Filter Statistics
•
Topology Statistics
•
RADIUS Statistics
•
Wireless Controller Port Statistics
•
Wireless AP Availability
•
Wired Ethernet Statistics by Wireless AP
•
Wireless Statistics by Wireless AP
•
Admission Control Statistics by Wireless AP
•
Client Location in Mobility Zone
•
Mobility Tunnel Matrix
•
WDS VNS Wireless AP Statistics
•
External Connections Statistics
•
Remoteable VNS Information
•
System Information
•
Manufacturing Information
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
453
hwc_reports.fm
Working with reports and displays
Viewing reports and displays
Note: The Client Location in Mobility Zone and Mobility Tunnel Matrix
displays only appear if you have enabled the mobility manager function for the
controller. Otherwise, the Agent Mobility Tunnel Matrix display is listed.
11.2 Viewing reports and displays
To view reports and displays:
1. From the main menu, click Reports & Displays. The HiPath Reports &
Displays screen is displayed.
Note: The Client Location in Mobility Zone and Mobility Tunnel Matrix
displays only appear if you have enabled the mobility manager function for
the controller.
2. In the List of Displays, click the display you want to view.
454
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_reports.fm
Working with reports and displays
Viewing the Wireless AP availability display
Note: Statistics are expressed in respect to the AP. Therefore, Packets Sent
indicates the packets the AP has sent to a client and Packets Rec’d indicates
the packets the AP has received from a client.
11.3 Viewing the Wireless AP availability display
In session availability, the Wireless Availability report displays the state of both
the tunnels — active tunnel and backup tunnel — on both the primary and
secondary HiPath Wireless Controllers.
The report uses the Color Legend to indicate the tunnel state:
•
Green – Wireless AP has established an active tunnel.
•
Blue – Wireless AP has established a backup tunnel.
•
Red – Wireless AP is not connected.
In the report, each Wireless AP is represented by a box.
•
The label, Foreign or Local, indicates whether the Wireless AP is local or
foreign on the HiPath Wireless Controller.
•
The color in the upper pane of the box represents the state of the tunnel that
is established to the current HiPath Wireless Controller.
Note: The current HiPath Wireless Controller is the one on which the
Wireless AP Availability report is viewed.
•
The color in the lower pane of the box represents the state of the tunnel that
is established with the other HiPath Wireless Controller.
For the ease of understanding, take the example of the following scenario:
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
455
hwc_reports.fm
Working with reports and displays
Viewing statistics for Wireless APs
•
HWC1 and HWC2 are paired in session availability
•
A Wireless AP has established an active tunnel to HWC1.
•
The same Wireless AP has established a backup tunnel to HWC2.
If you open the Wireless AP Availability report on HWC2, the report will appear
as follows:
In the above example, the circled Wireless AP has established a backup tunnel
to the foreign (secondary) HiPath Wireless Controller, and an active tunnel to the
local (Primary) HiPath Wireless Controller.
11.4 Viewing statistics for Wireless APs
Several displays are snapshots of activity at that point in time on a selected
Wireless AP:
•
Wired Ethernet Statistics by Wireless AP
•
Wireless Statistics by Wireless AP
•
Active Clients by Wireless AP
•
WDS VNS Wireless AP Statistics
•
Admission Control Statistics by Wireless AP
The statistics displayed are those defined in the 802.11 MIB, in the IEEE 802.11
standard.
The following Wireless AP displays allow you to search for clients, either by user
name, MAC address, or IP address that are associated to the Wireless APs.
456
•
Active Clients by Wireless AP
•
Active Clients by VNS
•
Admission Control Statistics by Wireless AP
•
All Active Clients
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_reports.fm
Working with reports and displays
Viewing statistics for Wireless APs
You can also use the Select All and Deselect All buttons for selecting the
Wireless AP on those displays.
To view wired Ethernet statistics by Wireless AP:
1. From the main menu, click Reports & Displays. The HiPath Reports &
Displays screen is displayed.
2. Click the Wired Ethernet Statistics by Wireless AP display option. The
Wired Ethernet Statistics by Wireless APs display opens in a new browser
window.
3. In the Wired Ethernet Statistics by Wireless APs display, click a registered
Wireless AP to display its information.
To view Wireless Statistics by Wireless AP:
1. From the main menu, click Reports & Displays. The HiPath Reports &
Displays screen is displayed.
2. Click the Wireless Statistics by Wireless AP display option. The Wireless
Statistics by Wireless APs display opens in a new browser window.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
457
hwc_reports.fm
Working with reports and displays
Viewing statistics for Wireless APs
3. In the Wireless Statistics by Wireless APs display, click a registered
Wireless AP to display its information.
4. Click the appropriate tab to display information for each Radio on the
Wireless AP.
5. To view information on the associated clients, click View Clients. The
Associated Clients display opens in a new browser window.
To view Active Clients by Wireless AP statistics:
1. From the main menu, click Reports & Displays. The HiPath Reports &
Displays screen is displayed.
2. Click the Active Clients by Wireless APs display option. The Active Clients
by Wireless APs display opens in a new browser window.
458
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_reports.fm
Working with reports and displays
Viewing statistics for Wireless APs
•
Statistics are expressed in respect to the AP. Therefore, Packets Sent
indicates the packets the AP has sent to a client and Packets Rec’d
indicates the packets the AP has received from a client.
•
The green check mark icon in the first column indicates that the client is
authenticated.
•
Time Conn is the time that a client has been on the system, not just on
an AP. If the client roams from one AP to another, the session stays,
therefore Time Conn does not reset.
•
A client is displayed as soon as the client connects (or after a refresh of
the screen). The client disappears as soon as it times out.
•
The RSS (received signal strength) of a client is the average of the
transmitted and received RSS on hardware platforms where both values
are available.
To view WDS VNS Wireless AP Statistics:
1. From the main menu, click Reports & Displays. The HiPath Reports &
Displays screen is displayed.
2. Click the WDS Wireless AP Statistics display option. The WDS VNS
Wireless AP Statistics display opens in a new browser window.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
459
hwc_reports.fm
Working with reports and displays
Viewing statistics for Wireless APs
Note: The Rx RSSI value on the WDS VNS Wireless AP Statistics display
represents the received signal strength (in dBm).
To view Admission Control Statistics by Wireless AP:
1. From the main menu, click Reports & Displays. The HiPath Reports &
Displays screen is displayed.
2. Click the Admission Control Statistics by Wireless AP display option. The
Admission Control Statistics by Wireless AP display opens in a new
browser window.
460
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_reports.fm
Working with reports and displays
Viewing load balance group statistics
3. In the Admission Control Statistics by Wireless AP display, click a
registered Wireless AP to display its information:
4. The Admission Control Statistics by Wireless AP lists the TSPEC statistics
associated with this Wireless AP:
•
AC – Access class where TSPEC is applied,
•
Direction – Uplink, Downlink or Bidirectional,
•
MDR – Mean Data Rate
•
NMS – Nominal Packet Size
•
SBA – Surplus Bandwidth (ratio)
The following statistics are of measured traffic:
•
Rate – Rate in 30 second intervals (uplink and downlink)
•
Violation – Number of bits in excess in the last 30 seconds (uplink and
downlink)
11.5 Viewing load balance group statistics
The Active Wireless Load Groups report lists all load groups, and for the
selected load group, all active AP radios.
To view the Active Wireless Load Groups report:
1. From the main menu, click Reports & Displays. The HiPath Reports &
Displays screen is displayed.
2. Click the Active Wireless Load Groups report. The Active Wireless Load
Groups report opens in a new browser window.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
461
hwc_reports.fm
Working with reports and displays
Viewing load balance group statistics
The statistics reported for each load balance group are:
•
Radios — Number of radio members
•
Clients — Total number of clients for all radio members
•
Average Load — Average load for the group
The reported average load may not be correct in a failover situation. If some
APs in the load balance group fail over the foreign controller, those APs will
report to the foreign controller. The member APs will continue to use the
member count for the whole group, but the member count displayed on the
controller will be for only those APs that are reporting. Since the member
count reported on the controller is not the complete set, the average will not
be consistent with what the APs are using for the state determination.
The statistics reported for each member of the load balance group are:
462
•
AP — AP name
•
Radio — Radio number
•
Load — Load value (number of clients currently associated with the AP)
•
State — Load state
•
Probes Declined
•
Auth/Assoc Requests Declined
•
Rebalance Event — Clients removed because of an over-loaded state
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_reports.fm
Working with reports and displays
Viewing load balance group statistics
The report identifies SIAPP sub-groupings and provide separate group statistics
for each sub-group.
When the load group includes sub-groups, Average Load, in red, is the average
of the entire group. The average for each sub-group is also reported. The subgroup average is reported in red when group membership changes and not all
members have been updated with the new member count.
Load balance group statistics are reported on the foreign controller when APs fail
over with load groups from a different controller indicated with an “(F)” following
the load group name.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
463
hwc_reports.fm
Working with reports and displays
Viewing the System Information and Manufacturing Information displays
11.6 Viewing the System Information and Manufacturing Information
displays
System Information – Displays system information including memory usage and
CPU and board temperatures.
Manufacturing Information – Displays manufacturing information including the
card serial number and CPU type and frequency.
To view system information:
1. From the main menu, click Reports & Displays. The HiPath Reports &
Displays screen is displayed.
2. Click the System Information display option. The System Information
display opens in a new browser window.
To view manufacturing information:
1. From the main menu, click Reports & Displays. The HiPath Reports &
Displays screen is displayed.
2. Click the Manufacturing Information display option. The Manufacturing
Information display opens in a new browser window.
464
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_reports.fm
Working with reports and displays
Viewing displays for the mobility manager
Note: In the latest models of the HiPath Wireless Controller C2400, the
IXP2800 Network Processor in the NPE Card has been replaced by the new
IXP2805 Network Processor. Consequently, the Manufacturing Information
in all such latest models displays CPU Type as 2805.
11.7 Viewing displays for the mobility manager
When a HiPath Wireless Controller has been configured as a mobility manager,
two additional displays appear as options on the HiPath Reports & Displays
screen:
•
Client Location in Mobility Zone – Displays the active wireless clients and
their status
•
Mobility Tunnel Matrix – Displays a cross-connection view of the state of
inter-controller tunnels, as well as relative loading for user distribution across
the mobility domain
Note: The Client Location in Mobility Zone and Mobility Tunnel Matrix
displays only appear if the mobility manager function has been enabled for the
controller. Otherwise, the Agent Mobility Tunnel Matrix display is listed.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
465
hwc_reports.fm
Working with reports and displays
Viewing displays for the mobility manager
To view mobility manager displays:
1. From the main menu, click Reports & Displays. The HiPath Reports &
Displays screen is displayed.
2. Click the appropriate mobility manager display:
•
Client Location in Mobility Zone
•
Mobility Tunnel Matrix
The colored status indicates the following:
•
Green – The mobility manager is in communication with an agent and the
data tunnel has been successfully established.
•
Yellow – The mobility manager is in communication with an agent but the
data tunnel is not yet successfully established.
•
Red – The mobility manager is not in communication with an agent and there
is no data tunnel.
Client Location in Mobility Zone
You can do the following:
466
•
Sort this display by home or foreign controller
•
Search for a client by MAC address, user name, or IP address, and typing the
search criteria in the box
•
Define the refresh rates for this display
•
Export this information as an xml file
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_reports.fm
Working with reports and displays
Viewing reports
Mobility Tunnel Matrix
•
Provides connectivity matrix of mobility state
•
Provides a view of:
•
Tunnel state
•
If a tunnel between controllers is reported down, it is highlighted in red
•
If only a control tunnel is present, it is highlighted in yellow
•
If data and control tunnels are fully established, it is highlighted in green
•
Tunnel Uptime
•
Number of clients roamed (Mobility loading)
•
Local controller loading
•
Mobility membership list
A HiPath Wireless Controller is only removed from the mobility matrix if it is
explicitly removed by the administrator from the Mobility permission list. If a
particular link between controllers, or the controller is down, the corresponding
matrix connections are identified in red color to identify the link.
The Active Clients by VNS report for the controller on which the user is home
(home controller) will display the known user characteristics (IP, statistics, etc.).
On the foreign controller, the Clients by VNS report does not show users that have
roamed from other controllers, since the users remain associated with the home
controller's VNS.
The Active Clients by AP report on each controller will show both the loading of
local and foreign users (users roamed from other controllers) that are taking
resources on the AP.
Note: Although you can set the screen refresh period less than 30 seconds, the
screen will not be refreshed quicker than 30 seconds. The screen will be
refreshed according to the value you set only if you set the value above 30
seconds.
11.8 Viewing reports
The following reports are available in the HiPath Wireless Controller, Access
Points and Convergence Software system:
•
Forwarding Table (routes defined on the Routing Protocols screens)
•
OSPF Neighbor (if OSPF is enabled on the Routing Protocols screens)
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
467
hwc_reports.fm
Working with reports and displays
Viewing reports
•
OSPF Linkstate (if OSPF is enabled on the Routing Protocols screens)
•
AP Inventory (a consolidated summary of Wireless AP setup)
To view reports:
1. From the main menu, click Reports & Displays. The HiPath Reports &
Displays screen is displayed.
2. In the Reports list, click the report you want to view.
Note: The AP Inventory report opens in a new browser window. All other
reports appear in the current browser window.
The following is an example of a Forwarding Table report:
Note: If you open only automatically refreshed reports, the Web management
session timer will not be updated or reset. Your session will eventually time out.
The following is an example of the Wireless AP Inventory report:
468
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_reports.fm
Working with reports and displays
Viewing reports
Table 38 lists the column names and abbreviations found in the AP Inventory
report:
Column Name
Description
Port
Ethernet port and associated IP address of the interface on
the HiPath Wireless Controller through which the Wireless
AP communicates.
HW
Hardware version of the Wireless AP.
SW
Software version executing on theWireless AP.
Country
Country in which the AP is deployed
Antennas
Antennas used
Telnet/SSH
Telnet or SSH access (enabled or disabled)
LBS
Location based service (enabled or disabled)
BD
Broadcast disassociation (enabled or disabled).
Persistence
Enabled or disabled
P/To
Poll timeout. If polling is enabled, a numeric value.
P/I
Poll interval. If polling is enabled, a numeric value.
Wired MAC
The physical address of the Wireless AP's wired Ethernet
interface.
Description
As defined on the AP Properties screen.
Rdo
Radios: 1 or 2.
Ra
802.11a radio. The data entry for an Wireless AP indicates
whether the a radio is on or off.
Table 38
AP Inventory report columns
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
469
hwc_reports.fm
Working with reports and displays
Viewing reports
Column Name
Description
Rb
802.11b protocol enabled. Possible values are on or off.
Rg
802.11g protocol enabled. Possible values are on or off.
Rn
802.11n protocol enabled. Possible values are on or off.
DP
DTIM period
BP
Beacon Period
RT
RTS Threshold
FT
Fragmentation Threshold
Req Ch
Channel served by the corresponding radio.
Ch / Tx
Channel Tx
Aj
Tx power level, in decibels
TxMn
Minimum Tx power, in decibels
TxMx
Maximum Tx power, in decibels
Dom
RF domain
MnBR
Minimum Basic Rate (For more information, see the
Wireless AP radio configuration tabs.)
MxBR
Maximum Basic Rate
MxOR
Maximum Operational Rate
RxDV
Receive Diversity
TxDV
Tx Diversity
Pmb
Preamble (long, short)
PM
Protection Mode
PR
Protection Rate
PT
Protection Type
VNS Name: MAC
Also called BSSID, this is the MAC address of a (virtual)
wireless interface on which the Wireless AP serves a BSS/
VNS. There could be 8 per radio.
11n Channel Width
20MHz, 40MHz, or auto
11n Guard Interval
If 11n Channel Width is 40MHz, long or short
11n Channel Bonding
Enabled only if 11n Channel Width is 40MHz
11n Protection Mode
Protects high throughput transmissions on primary channels
from non-11n APs and clients. Enabled or disabled.
Failure Maintn.
Maintain MU sessions on Wireless AP when the Wireless
AP loses the connection to the HiPath Wireless Controller.
Assn
Assignment (address assignment method)
IP Address
Wireless AP's IP address if statically configured (same as
the Static Values radio button on the AP Static
Configuration screen).
Netmask
If the Wireless AP's IP address is configured statically, the
net mask that is statically configured for the Wireless AP.
Table 38
470
AP Inventory report columns (Continuation)
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_reports.fm
Working with reports and displays
Call Detail Records (CDRs)
Column Name
Description
Gateway
If the Wireless AP's IP address is configured statically, the
IP address of the gateway router that the Wireless AP will
use.
TLS
802.1x EAP-TLS authentication configuration
PEAP
802.1x PEAP authentication configuration
HWC Search List
The list of IP addresses that the Wireless AP is configured
to try to connect to in the event that the current connection
to the HiPath Wireless Controller is lost.
Table 38
AP Inventory report columns (Continuation)
To export and save a report in XML:
1. On the report screen, click Export. A Windows File Download dialog is
displayed.
2. Click Save. A Windows Save As dialog is displayed.
Note: If your default XML viewer is Internet Explorer or Netscape, clicking
Open will open the exported data to your display screen. You must right-click
to go back to the export display. The XML data file will not be saved to your
local drive.
3. Browse to the location where you want to save the exported XML data file,
and in the File name box enter an appropriate name for the file.
4. Click Save. The XML data file is saved in the specified location.
11.9 Call Detail Records (CDRs)
You can configure the HiPath Wireless Controller to generate Call Detail Records
(CDRs), which contain usage information about each wireless session per VNS.
For more information on how to configure the HiPath Wireless Controller to
generate CDRs, refer to Section 6.9.3.2, “Defining accounting methods for a
WLAN Service”, on page 348.
CDRs are located in a CDR directory on the HiPath Wireless Controller. To
access the CDR file, you must first back up the file on the local drive, and then
upload it to a remote server. After the CDR file is uploaded to a remote server,
you can work with the file to view CDRs or import the records to a reporting tool.
You can back up and upload the file on the remote server either via the HiPath
Wireless Assistant (GUI) or CLI.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
471
hwc_reports.fm
Working with reports and displays
Call Detail Records (CDRs)
11.9.1 CDR files naming convention
CDRs are written to a file on the HiPath Wireless Controller. The filename is
based on the creation time of the CDR file with the following format:
YYYYMMDDhhmmss.
•
YYYY — Four digit year
•
MM — Two digit month, padded with a leading zero if the month number is
less than 10
•
DD — Two digit day of the month, padded with a leading zero if the day
number is less than 10
•
hh — Two digit hour, padded with a leading zero if the hour number is less
than 10
•
mm — Two digit minute, padded with a leading zero if the minute number is
less than 10
•
ss — Two digit second, padded with a leading zero if the second number is
less than 10
•
 — File extension, either .work or .dat
11.9.2 CDR file types
Two types of CDR files exist in the CDR directory on the HiPath Wireless
Controller C2400:
•
.work — The active file that is being updated by the accounting system. The
file is closed and renamed with the .dat extension when it attains its maximum
size (16 MB) or it has been open for the maximum allowed duration (12
hours). You can back up and copy the .work file from the HiPath Wireless
Controller to a remote server.
•
.dat — The inactive file that contains the archived account records. You can
back up and copy the .dat file from the HiPath Wireless Controller to a remote
server.
Note: The CDR directory on the HiPath Wireless Controller only has two files —
a .work file and a .dat file. When the .work file attains its maximum size of 16 MB,
or it has been open for 12 hours, it is saved as a .dat file. This new .dat file
overwrites the existing .dat file. If you want to copy the existing .dat file, you must
do so before it is overwritten by the new .dat file.
472
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_reports.fm
Working with reports and displays
Call Detail Records (CDRs)
11.9.3 CDR file format
A CDR file contains a sequence of CDR records. The file is a standard ASCII text
file. Records are separated by a sequence of dashes followed by a line break.
The individual fields of a record are reported one per line, in “field=value’ format.
The following table describes the records that are displayed in a CDR file.
Note: Most of the CDR records are typical RADIUS server attributes. For more
information, refer to the user manual of your RADIUS server.
CDR Records
Description
Acct-Session-ID
A unique CDR ID
User-Name
The name of the user, who was authenticated.
Filter-ID
The name of the filter list for the user.
Acct-Interim-Interval
The number of seconds between interim accounting
updates.
Session-Timeout
The maximum number of seconds of service to be
provided to the user before termination of the session.
Class
This field is copied from the Access-Accept message sent
by the RADIUS server during authentication.
Acct-Status-Type
Indicates whether this Accounting-Request marks the
beginning of the user service (Start) or the end (Stop).
Acct-Delay-Time
Indicates how many seconds the client tried to
authenticate send this record for, and can be subtracted
from the time of arrival on the server to find the
approximate time of the event generating this AccountingRequest.
Acct-Authentic
Indicates how the user was authenticated, whether by
RADIUS (AAA), Local (Internal CP) or Remote (External
CP). The field displays one of the following values:
• 1 – AAA authentication
• 2 – Internal CP authentication
• 3 – External CP authentication
Framed-IP-Address
Indicates the address to be configured for the user
Connect-Info
This field is sent from the NAS to indicate the nature of the
users’ connection — 802.11b for Radio b/g or 802.11a for
radio a.
NAS-Port-Type
Indicates RADIUS NAS Port Type is Wireless 802.11
Called-Station-ID
The Wireless AP’s MAC address.
Calling-Station-ID
The client’s MAC address.
Siemens-AP-Serial
The Wireless AP’s serial number.
Siemens-AP-Name
The Wireless AP’s name.
Table 39
CDR Records and their description
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
473
hwc_reports.fm
Working with reports and displays
Call Detail Records (CDRs)
CDR Records
Description
Siemens-VNS-Name
The VNS name on which the session took place.
Siemens-SSID
The SSID name on which the session took place.
Acct-Session-Time
The number of seconds the user has received the service.
Acct-Output-Packets
The number of packets that were sent to the port in the
course of delivering this service to a framed user.
Acct-Input-Packets
The number of packets that have been received from the
port over the course of this service being provided to a
Framed User.
Acct-Output-Octets
The number of octets that were sent to the port in the
course of delivering the service.
Acct-Input-Octets
The number of octets that were received from the port
over the course of the service.
Acct-Terminate-Cause
Indicates how the session was terminated. The field
displays one of the following values:
• 1 – User Request
4 – Idle Timeout
• 5 – Session Timeout
• 6 – Admin Reset
• 11 – NAS Reboot
• 16 – Callback
• 17 – User Error
Authenticated_time
Indicates the time at which the client was authenticated.
The time is in the following format: Date hh:mm:ss. For
example, April 21 2008 14:50:24
Disassociation_time
Indicates the time at which the client was disassociated
from the Wireless AP. The time is in the following format:
Date hh:mm:ss. For example, April 21 2008 14:57:20.
Table 39
CDR Records and their description (Continuation)
11.9.4 Viewing CDRs
The following is a high-level overview of how to view CDRs:
1. Back up the CDR files on the local drive of the HiPath Wireless Controller.
2. Copy the CDR files from the HiPath Wireless Controller to the remote server.
3. Unzip the file.
4. Download the CDR files from the remote server to view CDRs.
Note: You cannot access the CDR files directly from the CDR directory.
474
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_reports.fm
Working with reports and displays
Call Detail Records (CDRs)
When you back up CDRs, both the .work and .dat files are zipped into a single
.zip file. This .zip file is uploaded on the remote server. You can unzip this file from
the remote server to extract the .work and .dat files.
You can back up and upload the files on the remote server either via the HiPath
Wireless Assistant (GUI) or CLI.
This section describes how to back up and copy the CDR files to a remote server
via the HiPath Wireless Assistant (GUI). For more information on how to copy the
CDR file to the remote server via CLI, refer to the HiPath Wireless Controller,
Access Points and Convergence Software CLI Reference Guide.
To back up and copy the CDR files to a remote server:
1. From the main menu, click Wireless Controller Configuration. The
Wireless Controller Configuration screen is displayed.
2. In the left pane, click Software Maintenance. The Software Maintenance
screen is displayed.
3. Click the Backup tab.
4. From the Select what to backup drop-down menu, click CDRs only, and
then click Backup Now. The following window displays the backup status.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
475
hwc_reports.fm
Working with reports and displays
Call Detail Records (CDRs)
5. To close the window, click Close. The backed up file is displayed in the
Available Backups box.
Note: The .work and .dat files are zipped into a single file.
6. To upload a backup, in the Upload Backup section, do the following:
•
Protocol – Select the file transfer protocol you want to use to upload the
backup file, SCP or FTP.
•
Server – Type the IP address of the server where the backup will be
stored.
•
User ID – Type the user ID to log in to the server.
•
Password – The password to log in to the server.
•
Confirm – The password to confirm the password.
•
Directory – The directory in which you want to upload the CDR file.
•
Filename – Type the zipped CDR file name.
Note: After you back up CDRs, the zipped CDR file name is selected by
default in the Filename box.
7. In the Upload Backup section, click Upload. The .zip file is uploaded on to
the server.
8. Unzip the file. The two CDR files — .work and .dat — are visible on the
server.
9. To view CDRs, download the files.
476
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_reports.fm
Working with reports and displays
Call Detail Records (CDRs)
Figure 28
Sample .dat file
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
477
hwc_reports.fm
Working with reports and displays
Call Detail Records (CDRs)
478
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_ongoing.fm
Performing system administration
Performing Wireless AP client management
12 Performing system administration
This chapter describes system administration processes, including:
•
Performing Wireless AP client management
•
Defining HiPath Wireless Assistant administrators and login groups
•
Configuring Web session timeouts
12.1 Performing Wireless AP client management
There are times when for business, service, or security reasons you want to cut
the connection with a particular wireless device. You can view all the associated
wireless devices, by MAC address, on a selected Wireless AP and do the
following:
•
Disassociate a selected wireless device from its Wireless AP.
•
Add a selected wireless device's MAC address to a blacklist of wireless
clients that will not be allowed to associate with the Wireless AP.
•
Backup and restore the HiPath Wireless Controller database. For more
information, see the HiPath Wireless Controller, Access Points and
Convergence Software Maintenance Guide.
12.1.1 Disassociating a client
In addition to the following procedure below, you can also disassociate wireless
users directly from the Active Clients by VNS screen. For more information, see
Chapter 11, “Working with reports and displays”.
To disassociate a wireless device client:
1. From the main menu, click Wireless AP Configuration. The Wireless AP
Configuration screen is displayed.
2. In the left pane, click Client Management. The Disassociate tab is
displayed.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
479
hwc_ongoing.fm
Performing system administration
Performing Wireless AP client management
3. In the Select AP list, click the AP that is connected to the client that you want
to disassociate.
4. In the Select Client(s) list, select the checkbox next to the client you want to
disassociate.
Note: You can search for a client by MAC Address, IP Address or User ID, by
selecting the search parameters from the drop-down lists and typing a search
string in the Search box and clicking Search. You can also use the Select All
or Clear All buttons to help you select multiple clients.
5. Click Disassociate. The client's session terminates immediately.
12.1.2 Blacklisting a client
The Blacklist tab displays the current list of MAC addresses that are not allowed
to associate. A client is added to the blacklist by selecting it from a list of
associated APs or by typing its MAC address.
To blacklist a wireless device client:
1. From the main menu, click Wireless AP Configuration. The Wireless AP
Configuration screen is displayed.
2. In the left pane, click Client Management. The Disassociate tab is
displayed.
480
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_ongoing.fm
Performing system administration
Performing Wireless AP client management
3. In the Select AP list, click the AP that is connected to the client that you want
to blacklist.
4. In the Select Client(s) list, select the checkbox next to the client you want to
blacklist, if applicable.
Note: You can search for a client by MAC Address, IP Address or User ID, by
selecting the search parameters from the drop-down lists and typing a search
string in the Search box and clicking Search. You can also use the Select All
or Clear All buttons to help you select multiple clients.
5. Click Add to Blacklist. The selected wireless client's MAC address is added
to the blacklist.
To blacklist a wireless device client using its MAC address:
1. From the main menu, click Wireless AP Configuration. The Wireless AP
Configuration screen is displayed.
2. In the left pane, click Client Management. The Disassociate tab is
displayed.
3. Click the Blacklist tab.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
481
hwc_ongoing.fm
Performing system administration
Performing Wireless AP client management
4. To add a new MAC address to the blacklist, in the MAC Address box type the
client’s MAC address.
5. Click Add. The client is displayed in the MAC Addresses list.
Note: You can use the Select All or Clear All buttons to help you select
multiple clients.
6. To save your changes, click Save.
To clear an address from the blacklist:
1. From the main menu, click Wireless AP Configuration. The Wireless AP
Configuration screen is displayed.
2. In the left pane, click Client Management. The Disassociate tab is
displayed.
3. Click the Blacklist tab.
4. To clear an address from the blacklist, select the corresponding checkbox in
the MAC Addresses list.
5. Click Remove Selected. The selected client is removed from the list.
Note: You can use the Select All or Clear All buttons to help you select
multiple clients.
6. To save your changes, click Save.
482
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
To import a list of MAC addresses for the blacklist:
1. From the main menu, click Wireless AP Configuration. The Wireless AP
Configuration screen is displayed.
2. In the left pane, click Client Management. The Disassociate tab is
displayed.
3. Click the Blacklist tab.
4. Click Browse and navigate to the file of MAC addresses you want to import
and add to the blacklist.
5. Click the file, and then click Import. The list of MAC addresses is imported.
To export a list of MAC addresses for the blacklist:
1. From the main menu, click Wireless AP Configuration. The Wireless AP
Configuration screen is displayed.
2. In the left pane, click Client Management. The Disassociate tab is
displayed.
3. Click the Blacklist tab.
4. Click Export. The saved blacklist file is exported.
5. To export the current blacklist, use the browser’s save option to save the file
as a text (.txt) file. It is recommend that a descriptive file name is used.
12.2 Defining HiPath Wireless Assistant administrators and login groups
You can define the login user names and passwords for administrators that have
access to the HiPath Wireless Assistant. You can also assign them to a login
group — as full administrators, read-only administrators, or as GuestPortal
managers. For each user added, you can define and modify a user ID and
password.
•
Full administrators – Users assigned to this login group have full
administrator access rights on the HiPath Wireless Controller. Full
administrators can manage all aspects of the HiPath Wireless Controller,
including GuestPortal user accounts.
•
Read-only administrators – Users assigned to this login group have readonly access rights on the HiPath Wireless Controller, including the
GuestPortal user accounts.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
483
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
•
GuestPortal managers – Users assigned to this login group can only
manage GuestPortal user accounts. Any user who logs on to the HiPath
Wireless Controller and is assigned to this group can only access the
GuestPortal Guest Administration page of the HiPath Wireless Assistant.
Note: When adding or modifying a user, note the following password character
constraints:
• Allowed characters include A-Z a-z 0-9 ~!@#$%^&*()_+|-=\{}[];<>?,.
• Characters not allowed include / ` ' " : and space is not valid.
To add a HiPath Wireless Controller administrator to a login group:
1. From the main menu, click Wireless Controller Configuration. The
Wireless Controller Configuration screen is displayed.
2. In the left pane, click Login Management. The Local Authentication tab is
displayed.
3. In the Group drop-down list, click one of the following:
•
Full Administrator – Users assigned to this login group have full
administrator access rights on the HiPath Wireless Controller.
Full administrators can manage GuestPortal user accounts.
•
Read-only Administrator – Users assigned to this login group have
read-only access rights on the HiPath Wireless Controller.
Read-only administrators have read access to the GuestPortal user
accounts.
484
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
•
GuestPortal Manager – Users assigned to this login group can only
manage GuestPortal user accounts. Any user who logs on to the HiPath
Wireless Controller and is assigned to this group can only access the
GuestPortal Guest Administration page of the HiPath Wireless
Assistant. For more information, see Section 12.2.1, “Working with
GuestPortal Guest administration”, on page 485.
4. In the User ID box, type the user ID for the new user. A user ID can only be
used once, in only one category.
5. In the Password box, type the password for the new user.
6. In the Confirm Password, re-type the password.
7. Click Add User. The new user is added to the appropriate login group list.
To modify a HiPath Wireless Controller administrator’s password:
1. From the main menu, click Wireless Controller Configuration. The
Wireless Controller Configuration screen is displayed.
2. In the left pane, click Login Management. The Local Authentication tab is
displayed.
3. Click the user whose password you want to modify.
4. In the Password box, type the new password for the user.
5. In the Confirm Password, re-type the new password.
6. To change the password, click Change Password.
To remove a HiPath Wireless Controller administrator:
1. From the main menu, click Wireless Controller Configuration. The
Wireless Controller Configuration screen is displayed.
2. In the left pane, click Login Management. The Local Authentication tab is
displayed.
3. Click the user you want to remove.
4. Click Remove user. The user is removed from the list.
12.2.1 Working with GuestPortal Guest
administration
A GuestPortal provides wireless device users with temporary guest network
services. A GuestPortal is serviced by a GuestPortal-dedicated VNS. The
GuestPortal-dedicated VNS is configured by an administrator with full
administrator access rights. For more information, see Section 6.5, “Working with
a GuestPortal VNS”, on page 307.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
485
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
A GuestPortal administrator is assigned to the GuestPortal Manager login group
and can only create and manage guest user accounts — a GuestPortal
administrator cannot access any other area of the HiPath Wireless Assistant. For
more information, see Section 12.2, “Defining HiPath Wireless Assistant
administrators and login groups”, on page 483.
From the GuestPortal Guest Administration page of the HiPath Wireless
Assistant, you can add, edit, configure, and import and export guest accounts.
12.2.1.1 Adding new guest accounts
To add a new guest account:
1. Do one of the following:
•
If you have GuestPortal Manager rights, log onto the HiPath Wireless
Controller.
•
If you have full administrator rights:
a) From the main menu, click Virtual Network Configuration. The
Virtual Network Configuration screen is displayed.
b) In the left pane, expand the WLAN Services pane, click the dedicated
WLAN Service that provides the temporary guest network services.
The WLAN Services configuration window for that service displays.
c) Click the Auth & Acct tab, and then click Configure. The Settings
screen is displayed.
d) In the GuestPortal section, click Manage Guest Users.
The GuestPortal Guest Administration screen is displayed.
Note: You have 3 minutes to add new guest user accounts. If that time
expires, close the GuestPortal Guest Administration screen and click
Manage Guest Users again. You can also increase the Start date time
to be within 3 minutes of the current network time.
486
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
2. In the Account Management section, click Add Guest Account. The Add
Guest User screen is displayed.
3. To enable the new guest account, select the Enabled checkbox. For more
information, see Section 12.2.1.2, “Enabling or disabling guest accounts”, on
page 488.
4. In the Credentials section, do the following:
•
User Name – Type a user name for the person who will use this guest
account.
•
User ID – Type a user ID for the person who will use this guest account.
The default user ID can be edited.
•
Password – Type a password for the person who will use this guest
account. The default password can be edited.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
487
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
Toggle between Mask/Unmask to hide or see the password.
•
Description – Type a brief description for the new guest account.
5. In the Account Settings section, do the following:
•
Start date – Specify the start date and time for the new guest account.
•
Account lifetime – Specify the account lifetime, in days, for the new
guest account. The default 0 value does not limit the account lifetime.
6. In the Session Settings section, do the following:
•
Session lifetime – Specify a session lifetime, in hours, for the new guest
account. The default 0 value does not limit a session lifetime. The session
lifetime is the allowed cumulative total in hours spent on the network
during the account lifetime.
•
Start Time – Specify a start time for the session for the new guest
account.
•
End Time – Specify an end time for the session for the new guest
account.
7. To save your changes, click OK.
12.2.1.2 Enabling or disabling guest accounts
A guest account must be enabled in order for a wireless device user to use the
guest account to obtain guest network services.
When a guest account is disabled, it remains in the database. A disabled guest
account cannot provide access to the network.
To enable or disable guest accounts:
1. Do one of the following:
•
If you have GuestPortal Manager rights, log onto the HiPath Wireless
Controller.
•
If you have full administrator rights:
a) From the main menu, click Virtual Network Configuration. The
Virtual Network Configuration screen is displayed.
b) In the left pane, expand the WLAN Services pane, click the dedicated
WLAN Service that provides the temporary guest network services.
The WLAN Services configuration window for that service displays.
c) Click the Auth & Acct tab, and then click Configure. The Settings
screen is displayed.
d) In the GuestPortal section, click Manage Guest Users.
488
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
The GuestPortal Guest Administration screen is displayed.
2. In the guest account list, select the checkbox next to the user name of the
guest account that you want to enable or disable.
3. In the Account Enable/Disable section, click Enable Selected Accounts or
Disable Selected Accounts accordingly. A dialog is displayed requesting
you to confirm your selection.
4. Click Ok. A confirmation message is displayed in the GuestPortal Guest
Administration screen footer.
12.2.1.3 Editing guest accounts
An already existing guest account can be edited.
To edit a guest account:
1. Do one of the following:
•
If you have GuestPortal Manager rights, log onto the HiPath Wireless
Controller.
•
If you have full administrator rights:
a) From the main menu, click Virtual Network Configuration. The
Virtual Network Configuration screen is displayed.
b) In the left pane, expand the WLAN Services pane, click the dedicated
WLAN Service that provides the temporary guest network services.
The WLAN Services configuration window for that service displays.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
489
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
c) Click the Auth & Acct tab, and then click Configure. The Settings
screen is displayed.
d) In the GuestPortal section, click Manage Guest Users.
The GuestPortal Guest Administration screen is displayed.
2. In the guest account list, select the checkbox next to the user name of the
guest account that you want to edit.
3. In the Account Management section, click Edit Selected Accounts. The
Edit Guest User screen is displayed.
4. Edit the guest account accordingly. For more information on guest account
properties, see Section 12.2.1.1, “Adding new guest accounts”, on page 486.
5. To save your changes, click OK. A confirmation message is displayed in the
GuestPortal Guest Administration screen footer.
490
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
12.2.1.4 Removing guest accounts
An already existing guest account can be removed from the database.
To remove a guest account:
1. Do one of the following:
•
If you have GuestPortal Manager rights, log onto the HiPath Wireless
Controller.
•
If you have full administrator rights:
a) From the main menu, click Virtual Network Configuration. The
Virtual Network Configuration screen is displayed.
b) In the left pane, expand the WLAN Services pane, click the dedicated
WLAN Service that provides the temporary guest network services.
The WLAN Services configuration window for that service displays.
c) Click the Auth & Acct tab, and then click Configure. The Settings
screen is displayed.
d) In the GuestPortal section, click Manage Guest Users.
The GuestPortal Guest Administration screen is displayed.
2. In the guest account list, select the checkbox next to the user name of the
guest account that you want to remove.
3. In the Account Management section, click Remove Selected Accounts. A
dialog is displayed requesting you to confirm your removal.
4. Click OK. A confirmation message is displayed in the GuestPortal Guest
Administration screen footer.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
491
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
12.2.1.5 Importing and exporting a guest file
To help administrators manage large numbers of guest accounts, you can import
and export .csv (comma separated value) guest files for the HiPath Wireless
Controller.
The following describes the column values of the .csv guest file.
Column
Value
User ID
User name
Password
Description
Account activation date
Account lifetime, measured in days
Session lifetime, measured in hours
Is the account enabled (1) or disabled (0)
Time of day, start time
Time of day, duration
Total time of the session lifetime that has been
used, measured in minutes
Is the guest user account synchronized on a
secondary HiPath Wireless Controller in an
availability pair, yes (1) no (0)
Table 40
Guest account import and export .csv file values
To export a guest file
1. Do one of the following:
•
If you have GuestPortal Manager rights, log onto the HiPath Wireless
Controller.
•
If you have full administrator rights:
a) From the main menu, click Virtual Network Configuration. The
Virtual Network Configuration screen is displayed.
b) In the left pane, expand the WLAN Services pane, click the dedicated
WLAN Service that provides the temporary guest network services.
The WLAN Services configuration window for that service displays.
c) Click the Auth & Acct tab, and then click Configure. The Settings
screen is displayed.
d) In the GuestPortal section, click Manage Guest Users.
The GuestPortal Guest Administration screen is displayed.
492
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
2. In the File Management section, click Export Guest File. A File Download
dialog is displayed.
3. Click Save. The Save As dialog is displayed.
4. Name the guest file, and then navigate to the location where you want to save
the file. By default, the exported guest file is named exportguest.csv.
5. Click Save. The File Download dialog is displayed as the file is exported.
6. Click Close. A confirmation message is displayed in the GuestPortal Guest
Administration screen footer.
To import a guest file
1. Do one of the following:
•
If you have GuestPortal Manager rights, log onto the HiPath Wireless
Controller.
•
If you have full administrator rights:
a) From the main menu, click Virtual Network Configuration. The
Virtual Network Configuration screen is displayed.
b) In the left pane, expand the WLAN Services pane, click the dedicated
WLAN Service that provides the temporary guest network services.
The WLAN Services configuration window for that service displays.
c) Click the Auth & Acct tab, and then click Configure. The Settings
screen is displayed.
d) In the GuestPortal section, click Manage Guest Users.
The GuestPortal Guest Administration screen is displayed.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
493
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
2. In the File Management section, click Import Guest File. The Import Guest
File dialog is displayed.
3. Click Browse to navigate to the location of the .csv guest file that you want to
import, and then click Open.
4. Click Import. The file is imported and a confirmation message is displayed in
the Import Guest File dialog.
5. Click Close.
12.2.1.6 Viewing and printing a GuestPortal account ticket
You can view and print a GuestPortal account ticket from the GuestPortal Guest
Administration screen. A GuestPortal account ticket is a print-ready form that
displays the guest account information, system requirements, and instructions on
how to log on to the guest account.
The HiPath Wireless Controller is shipped with a default template for the
GuestPortal account ticket. The template is an html page that is augmented with
system placeholders that display information about the user.
You can also upload a custom GuestPortal ticket template for the HiPath Wireless
Controller. To upload a custom GuestPortal ticket template you need full
administrator access rights on the HiPath Wireless Controller. The filename of a
custom GuestPortal ticket template must be .html. For more information, see
Section 12.2.1.7, “Working with the GuestPortal ticket page”, on page 496.
494
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
To view print a GuestPortal account ticket:
1. Do one of the following:
•
If you have GuestPortal Manager rights, log onto the HiPath Wireless
Controller.
•
If you have full administrator rights:
a) From the main menu, click Virtual Network Configuration. The
Virtual Network Configuration screen is displayed.
b) In the left pane, expand the WLAN Services pane, click the dedicated
WLAN Service that provides the temporary guest network services.
The WLAN Services configuration window for that service displays.
c) Click the Auth & Acct tab, and then click Configure. The Settings
screen is displayed.
d) In the GuestPortal section, click Manage Guest Users.
The GuestPortal Guest Administration screen is displayed.
2. In the guest account list, select the checkbox next to the user name whose
guest account ticket you want to print a ticket, and then click Print Ticket for
Selected Account. The GuestPortal ticket is displayed.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
495
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
3. Click Print. The Print dialog is displayed.
4. Click Print.
Note: The default GuestPortal ticket page uses placeholder tags. For more
information, see Appendix E, “Default GuestPortal source code”
12.2.1.7 Working with the GuestPortal ticket page
Working with the GuestPortal ticket page can include activating a GuestPortal
ticket page, uploading a customized GuestPortal ticket page to the HiPath
Wireless Controller, and deleting a customized GuestPortal ticket page.
Note: The default GuestPortal ticket page cannot be deleted.
To work with the GuestPortal account ticket page, you need full administrator
rights. You can work with the guest account ticket page from the Settings screen.
A guest account ticket is a print-ready form that displays the guest account
information, system requirements, and instructions on how to log on to the guest
account.
496
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_ongoing.fm
Performing system administration
Defining HiPath Wireless Assistant administrators and login groups
Working with a custom GuestPortal ticket page
A customized GuestPortal ticket page can be uploaded to the HiPath Wireless
Controller. When designing your customized GuestPortal ticket page, be sure to
use the guest account information placeholder tags that are depicted in the
default GuestPortal ticket page. For more information, see Appendix E, “Default
GuestPortal source code”.
To activate a GuestPortal ticket page:
1. From the main menu, click Virtual Network Configuration. The Virtual
Network Configuration screen is displayed.
2. In the left pane, expand the WLAN Services pane, click the dedicated WLAN
Service that provides the temporary guest network services. The WLAN
Services configuration window for that service displays.
3. Click the Auth & Acct tab, and then click Configure. The Settings screen is
displayed.
4. In the GuestPortal section, click Configure Ticket Page. The Ticket
Settings dialog is displayed.
5. In the Active Template list, click the GuestPortal ticket page you want to
activate, and then click Apply.
This list includes all GuestPortal ticket pages that have been uploaded to the
HiPath Wireless Controller.
To upload a custom GuestPortal ticket page:
1. On the Ticket Settings dialog, click Browse. The Choose file dialog is
displayed.
2. Navigate to the .html GuestPortal ticket page file that you want to upload to
the HiPath Wireless Controller, and then click Open. The file name is
displayed in the Upload Template box.
3. Click Apply. The file is uploaded to the HiPath Wireless Controller.
The Active Template list includes all GuestPortal ticket pages that have been
uploaded to the HiPath Wireless Controller.
To delete a custom GuestPortal ticket page:
1. On the Ticket Settings dialog, in the Active Template list, click the
GuestPortal ticket page you want to delete, and then click Delete. A dialog
prompts you to confirm you want to delete the GuestPortal ticket page.
2. To delete the file, click OK, and then click Apply.,
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
497
hwc_ongoing.fm
Performing system administration
Configuring Web session timeouts
12.3 Configuring Web session timeouts
You can configure the time period to allow Web sessions to remain inactive before
timing out.
To configure Web session timeouts:
1. From the main menu, click Wireless Controller Configuration. The
Wireless Controller Configuration screen is displayed.
2. In the left pane, click Web Settings The Wireless Controller Web
Management Settings screen is displayed.
3. In the Web Session Timeout box, type the time period to allow the Web
session to remain inactive before it times out. This can be entered as
hour:minutes, or as minutes. The range is 1 minute to 168 hours.
4. In the GuestPortal Manager Web Session Timeout box, type the time
period to allow the GuestPortal Web session to remain inactive before it times
out. This can be entered as hour:minutes, or as minutes. The range is 1
minute to 168 hours.
5. Select the Show WLAN names on the Wireless AP SSID list checkbox to
allow the names of the WLAN services to appear in the SSID list for Wireless
APs.
6. To save your settings, click Save.
Note: Screens that auto-refresh will time-out unless a manual action takes
place prior to the end of the timeout period.
498
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_glossary.fm
Glossary
Networking terms and abbreviations
13 Glossary
13.1 Networking terms and abbreviations
Term
Explanation
AAA
Authentication, Authorization and Accounting. A system in IP-based networking to control
what computer resources users have access to and to keep track of the activity of users over
a network.
Access Point (AP)
A wireless LAN transceiver or ‘base station’ that can connect a wired LAN to one or many
wireless devices.
Ad-hoc mode
An 802.11 networking framework in which devices or stations communicate directly with each
other, without the use of an access point (AP). (Compare Infrastructure Mode)
AES
Advanced Encryption Standard (AES) is an algorithm for encryption that works at multiple
network layers simultaneously. As a block cipher, AES encrypts data in fixed-size blocks of
128 bits. AES was created by the National Institute of Standards and Technology (NIST). AES
is a privacy transform for IPSec and Internet Key Exchange (IKE). AES has a variable key
length - the algorithm can specify a 128-bit key (the default), a 192-bit key, or a 256-bit key.
For the WPA2/802.11i implementation of AES, a 128 bit key length is used. AES encryption
includes 4 stages that make up one round. Each round is then iterated 10, 12 or 14 times
depending upon the bit-key size. For the WPA2/802.11i implementation of AES, each round
is iterated 10 times.
AES-CCMP
AES uses the Counter-Mode/CBC-MAC Protocol (CCMP). CCM is a new mode of operation
for a block cipher that enables a single key to be used for both encryption and authentication.
The two underlying modes employed in CCM include Counter mode (CTR) that achieves data
encryption and Cipher Block Chaining Message Authentication Code (CBC-MAC) to provide
data integrity.
ARP
Address Resolution Protocol. A protocol used to obtain the physical addresses (such as MAC
addresses) of hardware units in a network environment. A host obtains such a physical
address by broadcasting an ARP request, which contains the IP address of the target
hardware unit. If the request finds a unit with that IP address, the unit replies with its physical
hardware address.
Association
A connection between a wireless device and an Access Point.
asynchronous
Asynchronous transmission mode (ATM). A start/stop transmission in which each character is
preceded by a start signal and followed by one or more stop signals. A variable time interval
can exist between characters. ATM is the preferred technology for the transfer of images.
BSS
Basic Service Set. A wireless topology consisting of one Access Point connected to a wired
network and a set of wireless devices. Also called an infrastructure network. See also IBSS.
Captive Portal
A browser-based authentication mechanism that forces unauthenticated users to a Web page.
Sometimes called a ‘reverse firewall’.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
499
hwc_glossary.fm
Glossary
Networking terms and abbreviations
Term
Explanation
CDR
Call Data (Detail) Record
In Internet telephony, a call detail record is a data record that contains information related to
a telephone call, such as the origination and destination addresses of the call, the time the call
started and ended, the duration of the call, the time of day the call was made and any toll
charges that were added through the network or charges for operator services, among other
details of the call.
In essence, call accounting is a database application that processes call data from your switch
(PBX, iPBX, or key system) via a CDR (call detail record) or SMDR (station message detail
record) port. The call data record details your system's incoming and outgoing calls by
thresholds, including time of call, duration of call, dialing extension, and number dialed. Call
data is stored in a PC database
CHAP
Challenge-Handshake Authentication Protocol. One of the two main authentication protocols
used to verify a user's name and password for PPP Internet connections. CHAP is more
secure than PAP because it performs a three-way handshake during the initial link
establishment between the home and remote machines. It can also repeat the authentication
anytime after the link has been established.
CLI
Command Line Interface.
Collision
Two Ethernet packets attempting to use the medium simultaneously. Ethernet is a shared
media, so there are rules for sending packets of data to avoid conflicts and protect data
integrity. When two nodes at different locations attempt to send data at the same time, a
collision will result. Segmenting the network with bridges or switches is one way of reducing
collisions in an overcrowded network.
Datagram
A datagram is ”a self-contained, independent entity of data carrying sufficient information to
be routed from the source to the destination computer without reliance on earlier exchanges
between this source and destination computer and the transporting network.” (RFC1594). The
term has been generally replaced by the term packet. Datagrams or packets are the message
units that the Internet Protocol deals with and that the Internet transports.
dBm
An abbreviation for the power ratio in decibels (dB) of the measured power
referenced to one milliwatt.
Decapsulation
See tunnelling.
Device Server
A specialized, network-based hardware device designed to perform a single or specialized set
of server functions. Print servers, terminal servers, remote access servers and network time
servers are examples of device servers.
DHCP
Dynamic Host Configuration Protocol. A protocol for assigning dynamic IP addresses to
devices on a network. With dynamic addressing, a device can have a different IP address
every time it connects to the network. In some systems, the device's IP address can even
change while it is still connected. DHCP also supports a mix of static and dynamic IP
addresses.
DHCP consists of two components: a protocol for delivering host-specific configuration
parameters from a DHCP server to a host and a mechanism for allocation of network
addresses to hosts. (IETF RFC1531.)
Option 78 specifies the location of one or more SLP Directory Agents. Option 79 specifies the
list of scopes that a SLP Agent is configured to use.(RFC2610 - DHCP Options for Service
Location Protocol)
500
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_glossary.fm
Glossary
Networking terms and abbreviations
Term
Explanation
Directory Agent (DA)
A method of organizing and locating the resources (such as printers, disk drives, databases,
e-mail directories, and schedulers) in a network. Using SLP, networking applications can
discover the existence, location and configuration of networked devices.
With Service Location Protocol, client applications are 'User Agents' and services are
advertised by 'Service Agents'. The User Agent issues a multicast 'Service Request' (SrvRqst)
on behalf of the client application, specifying the services required. The User Agent will
receive a Service Reply (SrvRply) specifying the location of all services in the network which
satisfy the request.
For larger networks, a third entity, called a 'Directory Agent', receives registrations from all
available Service Agents. A User Agent sends a unicast request for services to a Directory
Agent (if there is one) rather than to a Service Agent.
(SLP version 2, RFC2608, updating RFC2165)
Diversity antenna and
receiver
The AP has two antennae. Receive diversity refers to the ability of the AP to provide better
service to a device by receiving from the user on which ever of the two antennae is receiving
the cleanest signal. Transmit diversity refers to the ability of the AP to use its two antenna to
transmit on a specific antenna only, or on a alternate antennae. The antennae are called
diversity antennae because of this capability of the pair.
DNS
Domain Name Server
DSSS
Direct-Sequence Spread Spectrum. A transmission technology used in Local Area Wireless
Network (LAWN) transmissions where a data signal at the sending station is combined with a
higher data rate bit sequence, or chipping code, that divides the user data according to a
spreading ratio. The chipping code is a redundant bit pattern for each bit that is transmitted,
which increases the signal's resistance to interference. If one or more bits in the pattern are
damaged during transmission, the original data can be recovered due to the redundancy of
the transmission. (Compare FHSS)
DTIM
DTIM delivery traffic indication message (in 802.11 standard)
Dynamic WEP
The IEEE introduced the concept of user-based authentication using per-user encryption keys
to solve the scalability issues that surrounded static WEP. This resulted in the 802.1x
standard, which makes use of the IETF's Extensible Authentication Protocol (EAP), which was
originally designed for user authentication in dial-up networks. The 802.1x standard
supplemented the EAP protocol with a mechanism to send an encryption key to a Wireless
AP. These encryption keys are used as dynamic WEP keys, allowing traffic to each individual
user to be encrypted using a separate key.
EAP-TLS
EAP-TTLS
EAP-TLS Extensible Authentication Protocol - Transport Layer Security. A general protocol for
authentication that also supports multiple authentication methods, such as token cards,
Kerberos, one-time passwords, certificates, public key authentication and smart cards. IEEE
802.1x specifies how EAP should be encapsulated in LAN frames.
In wireless communications using EAP, a user requests connection to a WLAN through an
access point, which then requests the identity of the user and transmits that identity to an
authentication server such as RADIUS. The server asks the access point for proof of identity,
which the access point gets from the user and then sends back to the server to complete the
authentication.
EAP-TLS provides for certificate-based and mutual authentication of the client and the
network. It relies on client-side and server-side certificates to perform authentication and can
be used to dynamically generate user-based and session-based WEP keys.
EAP-TTLS (Tunneled Transport Layer Security) is an extension of EAP-TLS to provide
certificate-based, mutual authentication of the client and network through an encrypted tunnel,
as well as to generate dynamic, per-user, per-session WEP keys. Unlike EAP-TLS, EAPTTLS requires only server-side certificates.
(See also PEAP)
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
501
hwc_glossary.fm
Glossary
Networking terms and abbreviations
Term
Explanation
ELA (OPSEC)
Event Logging API (Application Program Interface) for OPSEC, a module in Check Point used
to enable third-party applications to log events into the Check Point VPN-1/FireWall-1
management system.
Encapsulation
See tunnelling.
ESS
Extended Service Set (ESS). Several Basic Service Sets (BSSs) can be joined together to
form one logical WLAN segment, referred to as an extended service set (ESS). The SSID is
used to identify the ESS. (See BSS and SSID.)
FHSS
Frequency-Hopping Spread Spectrum. A transmission technology used in Local Area
Wireless Network (LAWN) transmissions where the data signal is modulated with a
narrowband carrier signal that ‘hops’ in a random but predictable sequence from frequency to
frequency as a function of time over a wide band of frequencies. This technique reduces
interference. If synchronized properly, a single logical channel is maintained. (Compare
DSSS)
Fit, thin and fat APs
A thin AP architecture uses two components: an access point that is essentially a strippeddown radio and a centralized management controller that handles the other WLAN system
functions. Wired network switches are also required.
A fit AP, a variation of the thin AP, handles the RF and encryption, while the central
management controller, aware of the wireless users' identities and locations, handles secure
roaming, quality of service, and user authentication. The central management controller also
handles AP configuration and management.
A fat (or thick) AP architecture concentrates all the WLAN intelligence in the access point. The
AP handles the radio frequency (RF) communication, as well as authenticating users,
encrypting communications, secure roaming, WLAN management, and in some cases,
network routing.
FQDN
Fully Qualified Domain Name. A ‘friendly’ designation of a computer, of the general form
computer.[subnetwork.].organization.domain. The FQDN names must be translated into an IP
address in order for the resource to be found on a network, usually performed by a Domain
Name Server.
FTM
Forwarding Table Manager
FTP
File Transfer Protocol
Gateway
In the wireless world, an access point with additional software capabilities such as providing
NAT and DHCP. Gateways may also provide VPN support, roaming, firewalls, various levels
of security, etc.
Gigabit Ethernet
The high data rate of the Ethernet standard, supporting data rates of 1 gigabit (1,000
megabits) per second.
GUI
Graphical User Interface
Heartbeat message
A heartbeat message is a UDP data packet used to monitor a data connection, polling to see
if the connection is still alive.
In general terms, a heartbeat is a signal emitted at regular intervals by software to
demonstrate that it is still alive. In networking, a heartbeat is the signal emitted by a Level 2
Ethernet transceiver at the end of every packet to show that the collision-detection circuit is
still connected.
Host
(1) A computer (usually containing data) that is accessed by a user working on a remote
terminal, connected by modems and telephone lines.
(2) A computer that is connected to a TCP/IP network, including the Internet. Each host has
a unique IP address.
502
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_glossary.fm
Glossary
Networking terms and abbreviations
Term
Explanation
HTTP
Hypertext Transfer Protocol is the set of rules for transferring files (text, graphic images,
sound, video, and other multimedia files) on the World Wide Web. A Web browser makes use
of HTTP. HTTP is an application protocol that runs on top of the TCP/IP suite of protocols.
(RFC2616: Hypertext Transfer Protocol -- HTTP/1.1)
HTTPS
Hypertext Transfer Protocol over Secure Socket Layer, or HTTP over SSL, is a Web protocol
that encrypts and decrypts user page requests as well as the pages that are returned by the
Web server. HTTPS uses Secure Socket Layer (SSL) as a sublayer under its regular HTTP
application layering. (HTTPS uses port 443 instead of HTTP port 80 in its interactions with the
lower layer, TCP/IP.) SSL uses a 40-bit key size for the RC4 stream encryption algorithm,
which is considered an adequate degree of encryption for commercial exchange.
IBSS
Independent Basic Service Set. See BSS. An IBSS is the 802.11 term for an adhoc network.
See adhoc network.
ICMP
Internet Control Message Protocol, an extension to the Internet Protocol (IP) defined by
RFC792. ICMP supports packets containing error, control, and informational messages. The
PING command, for example, uses ICMP to test an Internet connection.
ICV
ICV (Integrity Check Value) is a 4-byte code appended in standard WEP to the 802.11
message. Enhanced WPA inserts an 8-byte MIC just before the ICV. (See WPA and MIC)
IE
Internet Explorer.
IEEE
Institute of Electrical and Electronics Engineers, a technical professional association, involved
in standards activities.
IETF
Internet Engineering Task Force, the main standards organization for the Internet.
Infrastructure Mode
An 802.11 networking framework in which devices communicate with each other by first going
through an Access Point (AP). In infrastructure mode, wireless devices can communicate with
each other or can communicate with a wired network. (See ad-hoc mode and BSS.)
Internet or IP telephony
IP or Internet telephony are communications, such as voice, facsimile, voice-messaging
applications, that are transported over the Internet, rather than the public switched telephone
network (PSTN). IP telephony is the two-way transmission of audio over a packet-switched IP
network (TCP/IP network).
An Internet telephone call has two steps: (1) converting the analog voice signal to digital
format, (2) translating the signal into Internet protocol (IP) packets for transmission over the
Internet. At the receiving end, the steps are reversed. Over the public Internet, voice quality
varies considerably. Protocols that support Quality of Service (QoS) are being implemented
to improve this.
IP
Internet Protocol is the method or protocol by which data is sent from one computer to another
on the Internet. Each computer (host) on the Internet has at least one IP address that uniquely
identifies it. Internet Protocol specifies the format of packets, also called datagrams, and the
addressing scheme. Most networks combine IP with a higher-level protocol called
Transmission Control Protocol (TCP), which establishes a virtual connection between a
destination and a source.
IPC
Interprocess Communication. A capability supported by some operating systems that allows
one process to communicate with another process. The processes can be running on the
same computer or on different computers connected through a network.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
503
hwc_glossary.fm
Glossary
Networking terms and abbreviations
Term
Explanation
IPsec
IPsec-ESP
IPsec-AH
Internet Protocol security (IPSec)
Internet Protocol security Encapsulating Security Payload (IPsec-ESP). The encapsulating
security payload (ESP) encapsulates its data, enabling it to protect data that follows in the
datagram.Internet Protocol security Authentication Header (IPsec-AH). AH protects the parts
of the IP datagram that can be predicted by the sender as it will be received by the
receiver.IPsec is a set of protocols developed by the IETF to support secure exchange of
packets at the IP layer. IPsec has been deployed widely to implement Virtual Private Networks
(VPNs). IPsec supports two encryption modes: Transport and Tunnel. Transport mode
encrypts only the data portion (payload) of each packet, but leaves the header untouched. The
more secure Tunnel mode encrypts both the header and the payload. On the receiving side,
an IPSec-compliant device decrypts each packet. For IPsec to work, the sending and
receiving devices must share a public key. This is accomplished through a protocol known as
Internet Security Association and Key Management Protocol/Oakley (ISAKMP/Oakley), which
allows the receiver to obtain a public key and authenticate the sender using digital certificates.
isochronous
Isochronous data is data (such as voice or video) that requires a constant transmission rate,
where data must be delivered within certain time constraints. For example, multimedia
streams require an isochronous transport mechanism to ensure that data is delivered as fast
as it is displayed and to ensure that the audio is synchronized with the video. Compare:
asynchronous processes in which data streams can be broken by random intervals, and
synchronous processes, in which data streams can be delivered only at specific intervals.
ISP
Internet Service Provider.
IV
IV (Initialization Vector), part of the standard WEP encryption mechanism that concatenates
a shared secret key with a randomly generated 24-bit initialization vector. WPA with TKIP uses
48-bit IVs, an enhancement that significantly increases the difficulty in cracking the encryption.
(See WPA and TKIP)
LAN
Local Area Network.
License installation
LSA
Link State Advertisements received by the currently running OSPF process. The LSAs
describe the local state of a router or network, including the state of the router's interfaces and
adjacencies. See also OSPF.
MAC
Media Access Control layer. One of two sublayers that make up the Data Link Layer of the
OSI model. The MAC layer is responsible for moving data packets to and from one Network
Interface Card (NIC) to another across a shared channel.
MAC address
Media Access Control address. A hardware address that uniquely identifies each node of a
network.
MIB
Management Information Base is a formal description of a set of network objects that can be
managed using the Simple Network Management Protocol (SNMP). The format of the MIB is
defined as part of the SNMP. A MIB is a collection of definitions defining the properties of a
managed object within a device. Every managed device keeps a database of values for each
of the definitions written in the MIB. Definition of the MIB conforms to RFC1155 (Structure of
Management Information).
MIC
Message Integrity Check or Code (MIC), also called ‘Michael’, is part of WPA and TKIP. The
MIC is an additional 8-byte code inserted before the standard 4-byte integrity check value
(ICV) that is appended in by standard WEP to the 802.11 message. This greatly increases the
difficulty in carrying out forgery attacks.
Both integrity check mechanisms are calculated by the receiver and compared against the
values sent by the sender in the frame. If the values match, there is assurance that the
message has not been tampered with. (See WPA, TKIP and ICV).
504
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_glossary.fm
Glossary
Networking terms and abbreviations
Term
Explanation
MTU
Maximum Transmission Unit. The largest packet size, measured in bytes, that a network
interface is configured to accept. Any messages larger than the MTU are divided into smaller
packets before being sent.
MU
Mobile Unit, a wireless device such as a PC laptop.
multicast, broadcast, unicast
Multicast: transmitting a single message to a select group of recipients. Broadcast: sending a
message to everyone connected to a network. Unicast: communication over a network
between a single sender and a single receiver.
NAS
Network Access Server, a server responsible for passing information to designated RADIUS
servers and then acting on the response returned. A NAS-Identifier is a RADIUS attribute
identifying the NAS server. (RFC2138)
NAT
Network Address Translator. A network capability that enables a group of computers to
dynamically share a single incoming IP address. NAT takes the single incoming IP address
and creates new IP address for each client computer on the network.
Netmask
In administering Internet sites, a netmask is a string of 0's and 1's that mask or screen out the
network part of an IP address, so that only the host computer part of the address remains. A
frequently-used netmask is 255.255.255.0, used for a Class C subnet (one with up to 255 host
computers). The “.0” in the “255.255.255.0” netmask allows the specific host computer
address to be visible.
NIC
Network Interface Card. An expansion board in a computer that connects the computer to a
network.
NMS
Network Management System. The system responsible for managing a network or a portion
of a network. The NMS talks to network management agents, which reside in the managed
nodes.
NTP
Network Time Protocol, an Internet standard protocol (built on top of TCP/IP) that assures
accurate synchronization to the millisecond of computer clock times in a network of
computers. Based on UTC, NTP synchronizes client workstation clocks to the U.S. Naval
Observatory Master Clocks in Washington, DC and Colorado Springs CO. Running as a
continuous background client program on a computer, NTP sends periodic time requests to
servers, obtaining server time stamps and using them to adjust the client's clock. (RFC1305)
OFDM
Orthogonal frequency division multiplexing, a method of digital modulation in which a signal is
split into several narrowband channels at different frequencies. OFDM is similar to
conventional frequency division multiplexing (FDM). The difference lies in the way in which the
signals are modulated and demodulated. Priority is given to minimizing the interference, or
crosstalk, among the channels and symbols comprising the data stream. Less importance is
placed on perfecting individual channels.
OFDM is used in European digital audio broadcast services. It is also used in wireless local
area networks.
OID
Object Identifier.
OPSEC
OPSEC (Open Platform for Security) is a security alliance program created by Check Point to
enable an open industry-wide framework for interoperability of security products and
applications. Products carrying the ‘Secured by Check Point’ seal have been tested to
guarantee integration and interoperability.
OS
Operating system.
OSI
Open System Interconnection. An ISO standard for worldwide communications that defines a
networking framework for implementing protocols in seven layers. Control is passed from one
layer to the next, starting at the application layer in one station, down through the presentation,
session, transport, network, data link layer to the physical layer at the bottom, over the channel
to the next station and back up the hierarchy.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
505
hwc_glossary.fm
Glossary
Networking terms and abbreviations
Term
Explanation
OSI Layer 2
At the Data Link layer (OSI Layer 2), data packets are encoded and decoded into bits. The
data link layer has two sublayers:
• the Logical Link Control (LLC) layer controls frame synchronization, flow control and error
checking
• The Media Access Control (MAC) layer controls how a computer on the network gains
access to the data and permission to transmit it.
OSI Layer 3
The Network layer (OSI Layer 3) provides switching and routing technologies, creating logical
paths, known as virtual circuits, for transmitting data from node to node. Routing and
forwarding are functions of this layer, as well as addressing, internetworking, error handling,
congestion control and packet sequencing.
OSPF
Open Shortest Path First, an interior gateway routing protocol developed for IP networks
based on the shortest path first or link-state algorithm. Routers use link-state algorithms to
send routing information to all nodes in an internetwork by calculating the shortest path to
each node based on a topography of the Internet constructed by each node. Each router
sends that portion of the routing table (keeps track of routes to particular network destinations)
that describes the state of its own links, and it also sends the complete routing structure
(topography). Using OSPF, a host that obtains a change to a routing table or detects a change
in the network immediately multicasts the information to all other hosts in the network so that
all will have the same routing table information. The host using OSPF sends only the part that
has changed, and only when a change has taken place. (RFC2328)
OUI
Organizationally Unique Identifier (used in MAC addressing).
Packet
The unit of data that is routed between an origin and a destination on the Internet or any other
packet-switched network. When any file is sent from one place to another on the Internet, the
Transmission Control Protocol (TCP) layer of TCP/IP divides the file into packets. Each packet
is separately numbered and includes the Internet address of the destination. The individual
packets for a given file may travel different routes through the Internet. When they have all
arrived, they are reassembled into the original file (by the TCP layer at the receiving end).
PAP
Password Authentication Protocol is the most basic form of authentication, in which a user's
name and password are transmitted over a network and compared to a table of namepassword pairs. Typically, the passwords stored in the table are encrypted. (See CHAP).
PDU
Protocol Data Unit. A data object exchanged by protocol machines (such as management
stations, SMUX peers, and SNMP agents) and consisting of both protocol control information
and user data. PDU is sometimes used as a synonym for “packet''.
PEAP
PEAP (Protected Extensible Authentication Protocol) is an IETF draft standard to authenticate
wireless LAN clients without requiring them to have certificates. In PEAP authentication, first
the user authenticates the authentication server, then the authentication server authenticates
the user. If the first phase is successful, the user is then authenticated over the SSL tunnel
created in phase one using EAP-Generic Token Card (EAP-GTC) or Microsoft Challenged
Handshake Protocol Version 2 (MSCHAP V2). (See also EAP-TLS).
PHP server
Hypertext Preprocessor
PKI
Public Key Infrastructure
PoE
Power over Ethernet. The Power over Ethernet standard (802.3af) defines how power can be
provided to network devices over existing Ethernet connection, eliminating the need for
additional external power supplies.
POST
Power On Self Test, a diagnostic testing sequence performed by a computer to determine if
its hardware elements are present and powered on. If so, the computer begins its boot
sequence.
506
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_glossary.fm
Glossary
Networking terms and abbreviations
Term
Explanation
push-to-talk (PTT)
The push-to-talk (PTT) is feature on wireless telephones that allows them to operate like a
walkie-talkie in a group, instead of standard telephone operation. The PTT feature requires
that the network be configured to allow multicast traffic.
A PTT call is initiated by selecting a channel and pressing the ‘talk’ key on the wireless
telephone. All wireless telephones on the same network that are monitoring the channel will
hear the transmission. On a PTT call you hold the button to talk and release it to listen.
QoS
Quality of Service. A term for a number of techniques that intelligently match the needs of
specific applications to the network resources available, using such technologies as Frame
Relay, Asynchronous Transfer Mode (ATM), Ethernet and 802.1 networks, SONET, and
IP-routed networks. QoS features provide better network service by supporting dedicated
bandwidth, improving loss characteristics, avoiding and managing network congestion,
shaping network traffic, setting traffic priorities across the network.
Quality-of-Service (QoS): A set of service requirements to be met by the network while
transporting a flow. (RFC2386)
RADIUS
Remote Authentication Dial-In User Service. An authentication and accounting system that
checks User Name and Password and authorizes access to a network. The RADIUS
specification is maintained by a working group of the IETF (RFC2865 RADIUS, RFC2866
RADIUS Accounting, RFC2868 RADIUS Attributes for Tunnel Protocol Support).
RF
Radio Frequency, a frequency in the electromagnetic spectrum associated with radio wave
propagation. When an RF current is supplied to an antenna, an electromagnetic field is
created that can propagate through space. These frequencies in the electromagnetic
spectrum range from Ultra-low frequency (ULF) -- 0-3 Hz to Extremely high frequency (EHF)
-- 30GHz - 300 GHz. The middle ranges are: Low frequency (LF) -- 30 kHz - 300 kHz, Medium
frequency (MF) -- 300 kHz - 3 MHz, High frequency (HF) -- 3MHz - 30 MHz, Very high
frequency (VHF) -- 30 MHz - 300 MHz, Ultra-high frequency (UHF)-- 300MHz - 3 GHz.
RFC
Request for Comments, a series of notes about the Internet, submitted to the Internet
Engineering Task Force (IETF) and designated by an RFC number, that may evolve into an
Internet standard. The RFCs are catalogued and maintained on the IETF RFC website:
www.ietf.org/rfc.html.
Roaming
In 802.11, roaming occurs when a wireless device (a station) moves from one Access Point
to another (or BSS to another) in the same Extended Service Set (ESS) -identified by its SSID.
RP-SMA
Reverse Polarity-Subminiature version A, a type of connector used with wireless antennas
RSN
Robust Security Network. A new standard within IEEE 802.11 to provide security and privacy
mechanisms. The RSN (and related TSN) both specify IEEE 802.1x authentication with
Extensible Authentication Protocol (EAP).
RSSI
RSSI received signal strength indication (in 802.11 standard)
RTS / CTS
RTS request to send, CTS clear to send (in 802.11 standard)
Segment
In Ethernet networks, a section of a network that is bounded by bridges, routers or switches.
Dividing a LAN segment into multiple smaller segments is one of the most common ways of
increasing available bandwidth on the LAN.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
507
hwc_glossary.fm
Glossary
Networking terms and abbreviations
Term
Explanation
SLP
Service Location Protocol. A method of organizing and locating the resources (such as
printers, disk drives, databases, e-mail directories, and schedulers) in a network. Using SLP,
networking applications can discover the existence, location and configuration of networked
devices.
With Service Location Protocol, client applications are 'User Agents' and services are
advertised by 'Service Agents'. The User Agent issues a multicast 'Service Request' (SrvRqst)
on behalf of the client application, specifying the services required. The User Agent will
receive a Service Reply (SrvRply) specifying the location of all services in the network which
satisfy the request.
For larger networks, a third entity, called a 'Directory Agent', receives registrations from all
available Service Agents. A User Agent sends a unicast request for services to a Directory
Agent (if there is one) rather than to a Service Agent.
(SLP version 2, RFC2608, updating RFC2165)
SMI
Structure of Management Information. A hierarchical tree structure for information that
underlies Management Information Bases (MIBs), and is used by the SNMP protocol. Defined
in RFC1155 and RFC1442 (SNMPv2).
SMT (802.11)
Station ManagemenT. The object class in the 802.11 MIB that provides the necessary support
at the station to manage the processes in the station such that the station may work
cooperatively as a part of an IEEE 802.11 network. The four branches of the 802.11 MIB are:
• dot11smt - objects related to station management and local configuration
• dot11mac - objects that report/configure on the status of various MAC parameters
• dot11res - Objects that describe available resources
• dot11phy - Objects that report on various physical items.
SNMP
Simple Network Management Protocol. A set of protocols for managing complex networks.
SNMP works by sending messages, called protocol data units (PDUs), to different parts of a
network. SNMP-compliant devices, called agents, store data about themselves in
Management Information Bases (MIBs) and return this data to the SNMP requesters.
SNMP includes a limited set of management commands and responses. The management
system issues Get, GetNext and Set messages to retrieve single or multiple object variables
or to establish the value of a single variable. The managed agent sends a Response message
to complete the Get, GetNext or Set.
SNMP trap
An event notification sent by the SNMP managed agent to the management system to identify
the occurrence of conditions (such as a threshold that exceeds a predetermined value).
SSH
Secure Shell, sometimes known as Secure Socket Shell, is a Unix-based command interface
and protocol for securely getting access to a remote computer. SSH is a suite of three utilities
- slogin, ssh, and scp - secure versions of the earlier UNIX utilities, rlogin, rsh, and rcp. With
SSH commands, both ends of the client/server connection are authenticated using a digital
certificate, and passwords are protected by being encrypted.
SSID
Service Set Identifier. A 32-character unique identifier attached to the header of packets sent
over a Wireless LAN that acts as a password when a wireless device tries to connect to the
Basic Service Set (BSS). Several BSSs can be joined together to form one logical WLAN
segment, referred to as an extended service set (ESS). The SSID is used to identify the ESS.
In 802.11 networks, each Access Point advertises its presence several times per second by
broadcasting beacon frames that carry the ESS name (SSID). Stations discover APs by
listening for beacons, or by sending probe frames to search for an AP with a desired SSID.
When the station locates an appropriately-named Access Point, it sends an associate request
frame containing the desired SSID. The AP replies with an associate response frame, also
containing the SSID.
Some APs can be configured to send a zero-length broadcast SSID in beacon frames instead
of sending their actual SSID. The AP must return its actual SSID in the probe response.
508
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_glossary.fm
Glossary
Networking terms and abbreviations
Term
Explanation
SSL
Secure Sockets Layer. A protocol developed by Netscape for transmitting private documents
via the Internet. SSL works by using a public key to encrypt data that's transferred over the
SSL connection. URLs that require an SSL connection start with https: instead of http.
SSL uses a program layer located between the Internet's Hypertext Transfer Protocol (HTTP)
and Transport Control Protocol (TCP) layers. The ‘sockets’ part of the term refers to the
sockets method of passing data back and forth between a client and a server program in a
network or between program layers in the same computer. SSL uses the public-and-private
key encryption system from RSA, which also includes the use of a digital certificate.
SSL has recently been succeeded by Transport Layer Security (TLS), which is based on SSL.
Subnet mask
(See netmask)
Subnets
Portions of networks that share the same common address format. A subnet in a TCP/IP
network uses the same first three sets of numbers (such as 198.63.45.xxx), leaving the fourth
set to identify devices on the subnet. A subnet can be used to increase the bandwidth on the
network by breaking the network up into segments.
SVP
SpectraLink Voice Protocol, a protocol developed by SpectraLink to be implemented on
access points to facilitate voice prioritization over an 802.11 wireless LAN that will carry voice
packets from SpectraLink wireless telephones.
Switch
In networks, a device that filters and forwards packets between LAN segments. Switches
operate at the data link layer (layer 2) and sometimes the network layer (layer 3) of the OSI
Reference Model and therefore support any packet protocol. LANs that use switches to join
segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet
LANs.
syslog
A protocol used for the transmission of event notification messages across networks,
originally developed on the University of California Berkeley Software Distribution (BSD) TCP/
IP system implementations, and now embedded in many other operating systems and
networked devices. A device generates a messages, a relay receives and forwards the
messages, and a collector (a syslog server) receives the messages without relaying them.
Syslog uses the user datagram protocol (UDP) as its underlying transport layer mechanism.
The UDP port that has been assigned to syslog is 514. (RFC3164)
TCP / IP
Transmission Control Protocol. TCP, together with IP (Internet Protocol), is the basic
communication language or protocol of the Internet. Transmission Control Protocol manages
the assembling of a message or file into smaller packets that are transmitted over the Internet
and received by a TCP layer that reassembles the packets into the original message. Internet
Protocol handles the address part of each packet so that it gets to the right destination.
TCP/IP uses the client/server model of communication in which a computer user (a client)
requests and is provided a service (such as sending a Web page) by another computer (a
server) in the network.
TFTP
Trivial File Transfer Protocol. An Internet software utility for transferring files that is simpler to
use than the File Transfer Protocol (FTP) but less capable. It is used where user
authentication and directory visibility are not required. TFTP uses the User Datagram Protocol
(UDP) rather than the Transmission Control Protocol (TCP). TFTP is described formally in
Request for Comments (RFC) 1350.
TKIP
Temporal Key Integrity Protocol (TKIP) is an enhancement to the WEP encryption technique
that uses a set of algorithms that rotates the session keys. TKIPs’ enhanced encryption
includes a per-packet key mixing function, a message integrity check (MIC), an extended
initialization vector (IV) with sequencing rules, and a re-keying mechanism. The encryption
keys are changed (rekeyed) automatically and authenticated between devices after the rekey
interval (either a specified period of time, or after a specified number of packets has been
transmitted).
TLS
Transport Layer Security. (See EAP, Extensible Authentication Protocol)
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
509
hwc_glossary.fm
Glossary
Networking terms and abbreviations
Term
Explanation
ToS / DSCP
ToS (Type of Service) / DSCP (Diffserv Codepoint). The ToS/DSCP box contained in the IP
header of a frame is used by applications to indicate the priority and Quality of Service (QoS)
for each frame. The level of service is determined by a set of service parameters which
provide a three way trade-off between low-delay, high-reliability, and high-throughput. The use
of service parameters may increase the cost of service.
TSN
Transition Security Network. A subset of Robust Security Network (RSN), which provides an
enhanced security solution for legacy hardware. The Wi-Fi Alliance has adopted a solution
called Wireless Protected Access (WPA), based on TSN. RSN and TSN both specify IEEE
802.1x authentication with Extensible Authentication Protocol (EAP).
Tunnelling
Tunnelling (or encapsulation) is a technology that enables one network to send its data via
another network's connections. Tunnelling works by encapsulating packets of a network
protocol within packets carried by the second network. The receiving device then
decapsulates the packets and forwards them in their original format.
UDP
User Datagram Protocol. A connectionless protocol that, like TCP, runs on top of IP networks.
Unlike TCP/IP, UDP/IP provides very few error recovery services, offering instead a direct way
to send and receive packets over an IP network. It is used primarily for broadcasting
messages over a network.
U-NII
Unlicensed National Information Infrastructure. Designated to provide short-range, highspeed wireless networking communication at low cost, U-NII consists of three frequency
bands of 100 MHz each in the 5 GHz band: 5.15-5.25GHz (for indoor use only), 5.25-5.35 GHz
and 5.725-5.825GHz. The three frequency bands were set aside by the FCC in 1997 initially
to help schools connect to the Internet without the need for hard wiring. U-NII devices do not
require licensing.
URL
Uniform Resource Locator. the unique global address of resources or files on the World Wide
Web. The URL contains the name of the protocol to be used to access the file resource, the
IP address or the domain name of the computer where the resource is located, and a
pathname -- a hierarchical description that specifies the location of a file in that computer.
VLAN
Virtual Local Area Network. A network of computers that behave as if they are connected to
the same wire when they may be physically located on different segments of a LAN. VLANs
are configured through software rather than hardware, which makes them extremely flexible.
When a computer is physically moved to another location, it can stay on the same VLAN
without any hardware reconfiguration.
The standard is defined in IEEE 802.1Q - Virtual LANs, which states that 'IEEE 802 Local Area
Networks (LANs) of all types may be connected together with Media Access Control (MAC)
Bridges, as specified in ISO/IEC 15802-3. This standard defines the operation of Virtual LAN
(VLAN) Bridges that permit the definition, operation and administration of Virtual LAN
topologies within a Bridged LAN infrastructure.”
VNS
Virtual Network Services (VNS). A Siemens specific technique that provides a means of
mapping wireless networks to a wired topology.
VoIP
Voice Over Internet Protocol. An internet telephony technique. With VoIP, a voice
transmission is cut into multiple packets, takes the most efficient path along the Internet and
is reassembled when it reaches the destination.
VPN
Virtual Private Network. A private network that is constructed by using public wires to connect
nodes. These systems use encryption and other security mechanisms to ensure that only
authorized users can access the network and that the data cannot be intercepted.
VSA
Vendor Specific Attribute, an attribute for a RADIUS server defined by the
manufacturer.(compared to the RADIUS attributes defined in the original RADIUS protocol
RFC2865). A VSA attribute is defined in order that it can be returned from the RADIUS server
in the Access Granted packet to the Radius Client.
510
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_glossary.fm
Glossary
Networking terms and abbreviations
Term
Explanation
Walled Garden
A restricted subset of network content that wireless devices can access.
WEP
Wired Equivalent Privacy. A security protocol for wireless local area networks (WLANs)
defined in the 802.11b standard. WEP aims to provide security by encrypting data over radio
waves so that it is protected as it is transmitted from one end point to another.
Wi-Fi
Wireless fidelity. A term referring to any type of 802.11 network, whether 802.11b, 802.11a,
dual-band, etc. Used in reference to the Wi-Fi Alliance, a nonprofit international association
formed in 1999 to certify interoperability of wireless Local Area Network products based on
IEEE 802.11 specification.
WINS
Windows Internet Naming Service. A system that determines the IP address associated with
a particular network computer, called name resolution. WINS supports network client and
server computers running Windows and can provide name resolution for other computers with
special arrangements. WINS supports dynamic addressing (DHCP) by maintaining a
distributed database that is automatically updated with the names of computers currently
available and the IP address assigned to each one.
DNS is an alternative system for name resolution suitable for network computers with fixed IP
addresses.
WLAN
Wireless Local Area Network.
WMM
Wi-Fi Multimedia (WMM), a Wi-Fi Alliance certified standard that provides multimedia
enhancements for Wi-Fi networks that improve the user experience for audio, video, and voice
applications. This standard is compliant with the IEEE 802.11e Quality of Service (QoS)
extensions for 802.11 networks. WMM provides prioritized media access by shortening the
time between transmitting packets for higher priority traffic. WMM is based on the Enhanced
Distributed Channel Access (EDCA) method.
WPA
Wireless Protected Access, or Wi-Fi Protected Access is a security solution adopted by the
Wi-Fi Alliance that adds authentication to WEPs’ basic encryption. For authentication, WPA
specifies IEEE 802.1x authentication with Extensible Authentication Protocol (EAP). For
encryption, WPA uses the Temporal Key Integrity Protocol (TKIP) mechanism, which shares
a starting key between devices, and then changes their encryption key for every packet.
Certificate Authentication (CA) can also be used. Also part of the encryption mechanism are
802.1x for dynamic key distribution and Message Integrity Check (MIC) a.k.a. Michael.
WPA requires that all computers and devices have WPA software.
WPA-PSK
Wi-Fi Protected Access with Pre-Shared Key, a special mode of WPA for users without an
enterprise authentication server. Instead, for authentication, a Pre-Shared Key is used. The
PSK is a shared secret (passphrase) that must be entered in both the Wireless AP or router
and the WPA clients.
This preshared key should be a random sequence of characters at least 20 characters long
or hexadecimal digits (numbers 0-9 and letters A-F) at least 24 hexadecimal digits long. After
the initial shared secret, the Temporal Key Integrity Protocol (TKIP) handles the encryption
and automatic rekeying.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
511
hwc_glossary.fm
Glossary
Controller, Access Points and Convergence Software terms and abbreviations
13.2 Controller, Access Points and Convergence Software terms and
abbreviations
Term
Explanation
CTP
CAPWAP Tunnelling Protocol (CTP). The Wireless AP uses a UDP (User Datagram
Protocol) based tunnelling protocol called CAPWAP Tunnelling Protocol (CTP) to
encapsulate the 802.11 packets and forward them to the HiPath Wireless Controller.
The CTP protocol defines a mechanism for the control and provisioning of Wireless APs
(CAPWAP) through centralized access controllers. In addition, it provides a mechanism
providing the option to tunnel the mobile client data between the access point and the access
controller.
DRM (dynamic radio/RF
management)
Dynamic Radio Management (DRM) functionality of the HiPath Wireless Controller is used
to help establish the optimum radio configuration for your Wireless APs. DRM is enabled by
default. The HiPath Wireless Controller’s DRM:
• Adjusts power levels to balance coverage if another Wireless AP, which is assigned to the
same SSID and is on the same channel, is added to or leaves the network.
• Allows wireless clients to be moved to another Wireless AP if the load is too high.
• Scans automatically for a channel, using a channel selection algorithm.
• Avoids other WLANs by reducing transmit power whenever other Wireless APs with the
same channel, but different SSIDs are detected.
The DRM feature is comprised of two functions:
• Auto Channel Selection (ACS) – ACS provides an easy way to optimize channel
arrangement based on the current situation in the field. ACS provides an optimal solution
only if it is triggered on all Wireless APs in a deployment. Triggering ACS on a single
Wireless AP or on a subset of Wireless APs provides a useful but suboptimal solution.
Also, ACS only relies on the information observed at the time it is triggered. Once a
Wireless AP has selected a channel, it will remain operating on that channel until the user
changes the channel or triggers ACS.
• Auto Tx Power Control (ATPC) – ATPC guarantees your LAN a stable RF environment by
automatically adapting transmission power signals according to the coverage provided by
the Wireless APs. ATPC can be either enabled or disabled.
HiPath Wireless Controller
The HiPath Wireless Controller is a rack-mountable network device designed to be
integrated into an existing wired Local Area Network (LAN). It provides centralized control
over all access points (both Wireless APs and third-party access points) and manages the
network assignment of wireless device clients associating through access points.
Langley
Langley is a Controller, Access Points and Convergence Software term for the inter-process
messaging infrastructure on the HiPath Wireless Controller.
Mitigator
The Mitigator is a mechanism that assists in the detection of rogue access points. The feature
has three components: (1) a radio frequency (RF) scanning task that runs on the Wireless
AP, (2) an application called the Data Collector on the HiPath Wireless Controller that
receives and manages the RF scan messages sent by the Wireless AP, (3) an Analysis
Engine on the HiPath Wireless Controller that processes the scan data.
Mobility manager (and mobility The technique in Controller, Access Points and Convergence Software by which multiple
agent)
HiPath Wireless Controllers on a network can discover each other and exchange information
about a client session. This enables a wireless device user to roam seamlessly between
different Wireless APs on different HiPath Wireless Controllers, to provide mobility to the
wireless device user.
One HiPath Wireless Controller on the network must be designated as the mobility manager.
All other HiPath Wireless Controllers are designated as mobility agents. Relying on SLP, the
mobility manager registers with the Directory Agent and the mobility agents discover the
location of the mobility manager.
512
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_glossary.fm
Glossary
Controller, Access Points and Convergence Software terms and abbreviations
Term
Explanation
Data Collector
The Data Collector is an application on the HiPath Wireless Controller that receives and
manages the Radio Frequency (RF) scan messages sent by the Wireless AP. This
application is part of the Mitigator technique, working in conjunction with the scanner
mechanism and the Analysis Engine to assist in detecting rogue access points.
Virtual Network Services
(VNS)
The Virtual Network Services (VNS) technique is Siemens's means of mapping wireless
networks to the topology of an existing wired network. When you set up Virtual Network
Services (VNS) on the HiPath Wireless Controller, you are defining subnets for groups of
wireless users. This VNS definition creates a virtual IP subnet where the HiPath Wireless
Controller acts as a default gateway for wireless devices. This technique enables policies
and authentication to be applied to the groups of wireless users on a VNS, as well as the
collecting of accounting information. When a VNS is set up on the HiPath Wireless Controller,
one or more Wireless APs (by radio) are associated with it. A range of IP addresses is set
aside for the HiPath Wireless Controller's DHCP server to assign to wireless devices.
Wireless AP
The Wireless AP is a wireless LAN thin access point (IEEE 802.11) provided with unique
software that allows it to communicate only with a HiPath Wireless Controller. (A thin access
point handles the radio frequency (RF) communication but relies on a controller to handle
WLAN elements such as authentication.) The Wireless AP also provides local processing
such as encryption. The Wireless AP is a dual-band access point, with 802.11a/b/g/n radios.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
513
hwc_glossary.fm
Glossary
Controller, Access Points and Convergence Software terms and abbreviations
514
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixa.fm
HiPath Wireless Controller’s physical description
HiPath Wireless Controller C5110
A HiPath Wireless Controller’s physical description
This appendix describes the physical description and LEDs, SSD codes and their
description of the following models of the HiPath Wireless Controller:
•
HiPath Wireless Controller C5110
•
HiPath Wireless Controller C4110
•
HiPath Wireless Controller C2400
•
HiPath Wireless Controller C20
•
HiPath Wireless Controller C20N
•
HiPath Wireless Controller CRBT8210/8110
A.1 HiPath Wireless Controller C5110
A.1.1 Front panel
Figure 29 depicts the front panel features of the HiPath Wireless Controller
C5110. The following table describes the features by callout.
Figure 29
HiPath Wireless Controller C5110 front panel
Call out Feature
Function
Power-on button
Controls the DC power supply output to the system.
NMI button
Not used in the current release.
USB connectors
(2)
Connects USB 2.0-compliant devices to the system. For
more information, see the Note following Figure 29.
Video connector
Not used in the current release.
LCD buttons
Controls the LCD display. Two navigation buttons allow
you to scroll left and right through the display. The select
button controls whether the LCD backlight is on or off.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
515
hwc_appendixa.fm
HiPath Wireless Controller’s physical description
HiPath Wireless Controller C5110
Call out Feature
Function
Provides system ID, status information and system error
messages. The LCD display lights during normal system
operation. Both the systems management software and
the identification buttons located on the front and back of
the system can cause the LCD to flash blue to identify a
particular system. The LCD display lights amber when
the system needs attention due to a problem with power
supplies, fans, system temperature or hard drives.
LCD display
When the controller is performing a software upgrade
and configuration, the LCD panel will display the word
“Upgrade.”
Note: If the system is connected to AC power and an
error has been detected, the LCD displays amber lights
regardless of whether the system has been powered on.
Slot for DVD drive Not used in the current release.
System
Identification
button
The identification buttons on the front and back panels
can be used to locate a particular system within a rack.
When one of the buttons is pushed, the blue system
status indicator on the front and back blinks until one of
the buttons is pushed again.
Hard drive
One 3.5 inch SATA 250 GB drive.
Note: The HiPath Wireless Controller C5110 is equipped with four USB
connectors — two on each front and back panel. However, the controller is
capable of supporting only one USB device at a time, regardless of what USB
connector the device is connected to. If you connect a second USB device while
the first is already connected, the system will return an error.
516
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixa.fm
HiPath Wireless Controller’s physical description
HiPath Wireless Controller C5110
A.1.2 Back panel
Figure 30 depicts the back panel features of the HiPath Wireless Controller
C5110.
Figure 30
HiPath Wireless Controller C5110 back panel
Callout Feature
Function
Serial port
connector
Console Port – Used to get into Rescue mode.
NIC2 connector
Data port, 10 GbE SR-XFP single port NIC - esa1
Video connector
Not used in the current release
USB connectors (2)
Connects USB 2.0-compliant devices to the system.
10 GbE SR-XFP
single port NIC
connector
Data port - esa2
1 GbE RJ45
connector
Management port - Admin
1 GbE RJ45
connector
Data port – esa0
Not used
Not used in the current release.
System status
indicator connector
Not used in the current release.
10
System status
indicator
The blue-colored system status indicator blinks to
indicate the location of a particular system within a rack.
The indicator continues to blink until one of the system
identification buttons is pushed again.
11
System
identification button
The identification buttons on the front and back panels
can be used to locate a particular system within a rack.
When one of these buttons is pushed, the blue system
status indicator on the front and back blinks until one of
the buttons is pushed again.
12
AC Power supply 1
(PS1)
AC Power Supply 1 and 2 combine to make a redundant
power supply.
13
AC Power supply 2
(PS2)
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
517
hwc_appendixa.fm
HiPath Wireless Controller’s physical description
HiPath Wireless Controller C4110
A.2 HiPath Wireless Controller C4110
For information on HiPath Wireless Controller C4110 hardware, see the HiPath
Wireless Controller C4110 Quick Reference at
http://www.enterasys.com/support/manuals.
A.3 HiPath Wireless Controller C2400
A.3.1 Front panel
The HiPath Wireless Controller C2400 is composed of the following three cards:
•
Media/Persistent Storage Card
•
Network Processor Card
•
Host HiPath Wireless Controller Card
Figure 31 depicts the front panel features of the HiPath Wireless Controller
C2400.
LED
lights
Reset
switch
Figure 31
Data
ports
Network
Processor card
Compact
Flash slot
Media/Persistent
storage card
Management
Console Console
Diagnostic RJ45 port
port
switch
adapter
Host Controller
card
HiPath Wireless Controller C2400 front panel
The HiPath Wireless Controller C2400 has five LED lights and two switches on
its front panel.
518
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixa.fm
HiPath Wireless Controller’s physical description
HiPath Wireless Controller C2400
ERROR
LED
ACT
LED
Seven Segment Display
Figure 32
Reset
switch
RUN
LED
WARNING
LED
LCT switch
INT
LED
HiPath Wireless Controller’s C2400 LED lights and switches
The description of the LED states and switches is provided below:
•
Reset Switch – Reboots the system.
•
RUN LED – Indicates the CPU’s initialization has completed and the system
is ready to provide application level services.
•
ACT LED – Indicates the system’s software is in active running state.
•
WARNING/ERROR LEDs – Indicate a problem in the running state of the
system.
•
When any of the alarm LEDs is lit, the seven segment display provides
the corresponding code point for the error indication. When the system is
fully active and running, the console displays the letter A as seen in
Figure 32.
•
LCT Switch – The LCT button is used during the manufacturing process and
is inactive otherwise.
•
INT LED – Not used in the current release.
A.3.2 LED states and Seven Segment Display (SSD)
codes
Table 41 lists LED states and SSD codes during firmware initialization. Table 42
lists LED states and SSD codes during application initialization. Table 43 lists LED
states and SSD codes during warning conditions. Table 44 lists LED states and
SSD codes during error conditions.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
519
hwc_appendixa.fm
HiPath Wireless Controller’s physical description
HiPath Wireless Controller C2400
Active
LED
Warning
LED
SSD
Code
Condition
Green
The processor has started and the firmware
has taken control.
Green
The Host Controller Card has failed to
download Bootloader from Flash.
Green
The system is checking firmware consistency.
Green
The system is formatting memory.
Green
The system is initializing load device.
Note: If the SSD code is stuck at 6 for more
than a minute, it implies that the Network
Processor Card is installed in wrong slot.
Green
The system is loading subsystem.
Green
The system is starting the operation system.
The system is active.
Table 41
Error
LED
LED states and SSD codes during firmware initialization
Note: Although the Active LED will be lit Green during the firmware initialization,
this LED state is irrelevant to the SSD display or the condition. Ignore the LED
state during the firmware initialization.
Active
LED
Warning
LED
SSD
Code
Condition
Green
Application initialization started.
Green
System configuration in progress.
Green
Preparing Forwarding Engine initialization.
Green
Initializing Forwarding Engine.
Green
Completing application initialization.
Green
Application initialization complete. System
active.
Green
System halted. Administrator requested
halting of system.
Table 42
520
LED states and SSD codes during application initialization
Active
LED
Warning
LED
Green
Green
Table 43
Error
LED
Error
LED
SSD
Code
Condition
Yellow
High temperature reached.
Yellow
Fan unit failure. Rotation counter indicates
zero speed for one of the lateral trays. May be
the result of fan tray removal.
LED states and SSD codes during warning conditions
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixa.fm
HiPath Wireless Controller’s physical description
HiPath Wireless Controller C2400
Active
LED
Warning
LED
Green
SSD
Code
Condition
Yellow
Power supply failure. Failed to detect one of
the power supplies. May be the result of the
removal of one of the power supplies.
Green
Yellow
FDD low sector count (40 backup sectors
remaining).
Green
Yellow
FDD extremely low sector count (20 backup
sectors remaining).
Table 43
Active
LED
Error
LED
LED states and SSD codes during warning conditions
Error
LED
SSD
Code
Condition
Green
Red
Failed to identify FDD. Possibly due to removal
of FDD card.
Green
Red
Failed to initialize NPE card.
Green
Red
Critical threshold reached (95C for NPE). The
system will reboot.
Green
Red
Full fan assembly failure (both trays). The
system will reboot.
Green
Red
Application initialization failure. Startup
manager failed to initialize all the components
of the system. The system will reboot.
Green
Red
Lost connectivity with ethernet interface.
Possible failure of NPE card. The system will
reboot.
Green
Red
MF 1000 card failure. Backup sectors
exhausted.
Green
Red
NP 4000 card initialization failure. Firmware
self test (BIST) has detected failure in one or
more components (memory, bus,
interconnects).
Table 44
Warning
LED
LED states and SSD codes during error conditions
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
521
hwc_appendixa.fm
HiPath Wireless Controller’s physical description
HiPath Wireless Controller C20
A.3.3 Back panel
Figure 33 depicts the back panel features of the HiPath Wireless Controller
C2400.
Redundant power supplies
Power switches
Figure 33
HiPath Wireless Controller C2400 back panel
A.4 HiPath Wireless Controller C20
A.4.1 Front panel
Figure 34 depicts the front panel features of the HiPath Wireless Controller C20
LAN ports
Hot Swap lever
Figure 34
Management
USB server
Reset button
USB control
LEDs
Power switch
HiPath Wireless Controller C20 front panel
Note: The hot swap lever is not enabled in the current release. Pulling the hot
swap lever will not affect the normal operation if the HiPath Wireless Controller
C20 is already running. However, if you attempt to reboot the HiPath Wireless
Controller C20 with the hot swap lever pulled out, the controller will fail to reboot.
If you pull the hot swap lever while the HiPath Wireless Controller C20 is in
operation, the Hot Swap LED will light up.
522
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixa.fm
HiPath Wireless Controller’s physical description
HiPath Wireless Controller C20
The HiPath Wireless Controller C20 has four lights on its front panel.
Activity LED
Status LED
HDD Activity LED
Hot Swap LED
Figure 35
HiPath Wireless Controller C20 LED lights
The functional definitions of the HiPath Wireless Controller C20 LEDs are
provided below:
•
ACTIVITY LED – Indicates the CPU activity, including the amount of traffic
carried to and from the Wireless APs.
•
STATUS LED – Indicates the normal state of the HiPath Wireless Controller
as seen by the system’s software. This LED covers all stages of the HiPath
Wireless Controller, ranging from restarting to shutting-down. As long as the
HiPath Wireless Controller is running normally, this LED will remain lit.
Note: When the system configuration is in progress, the Activity and Status
LEDs are set to Amber and blink on a two-second interval.
•
HDD Activity LED – Reports Hard Drive Device (HDD) activity.
•
Hot Swap LED – Indicates that the hot swap lever on the HiPath Wireless
Controller is pulled out.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
523
hwc_appendixa.fm
HiPath Wireless Controller’s physical description
HiPath Wireless Controller C20
A.4.2 LED states
The description of the HiPath Wireless Controller C20 LED status and activity
states is provided below.
Status LED
Activity LED
Condition
Blinking Amber
Green
Power up (BIOS, POST)
Blinking Amber (2 Blinking Amber (2 System configuration in progress
second rate)
second rate)
Off
Green
System booting (failed to boot)
Off
Green
Start up manager: task started
Solid Green
Blinking Green
Start up manager: task completes startup – all
components active
Solid Amber
Blinking Green
A component fails to start or needs restarting.
(startup manager task retrying that component)
Green
Blinking Red
Possible hardware failure (no more retries)
Solid Red
Off
A component fails (no more retries)
Blinking Red
Off
System about to reset by watchdog
Solid Red
Solid Red
System shutdown / halt (requires a manual
reboot)
Table 45
HiPath Wireless Controller C20 LED states and their description
•
LED 3 – HDD Activity LED – Orange/Amber
•
HDD Activity LED is off when HDD is not in use
•
HDD Activity LED is on when HDD is in use
•
LED 4 – Hot Swap LED – Blue
•
Solid Blue when the hot swap button is pulled out
A.4.3 Back panel
Figure 36 depicts the back panel features of the HiPath Wireless Controller C20.
Power Supply
Figure 36
524
HiPath Wireless Controller C20 back panel
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixa.fm
HiPath Wireless Controller’s physical description
HiPath Wireless Controller C20N
A.5 HiPath Wireless Controller C20N
For information on HiPath Wireless Controller C20N hardware, see the HiPath
Wireless Controller Module for Enterasys Matrix ® N-Series, Hardware
Installation Guide, at
http://www.enterasys.com/support/manuals.
A.6 HiPath Wireless Controller CRBT8210/8110
A.6.1 Front panel
Figure 37 depicts the front panel features of the HiPath Wireless Controller
CRBT8210/8110. Table 46 describes the control button functions and Table 47
describes the LED status.
A. Hard drive D. Status/Power
activity LED
LED
G. Power button
B. NIC 2
activity LED
E. Reset button
H. NIC2 connector (10/100/1000 Mbit)
CRBT8110
NIC2 RJ-45 connector (10/100/1000 BaseT) CRBT8210
C. NIC 1
activity LED
F. Console port
connector
I. NIC1 connector (10/100/1000 Mbit)
NIC1 RJ-45 connector (10/100/1000 BaseT) CRBT8210
Figure 37
HiPath Wireless Controller CRBT8210/8110 front panel
Button
Function
Power
Toggles the system power on/off.
Reset
Performs a soft system reboot.
Table 46
Control button functions
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
525
hwc_appendixa.fm
HiPath Wireless Controller’s physical description
HiPath Wireless Controller CRBT8210/8110
LED
Function
NIC1 activity
NIC2 activity
• A continuous amber light indicates a link between the system and
the network to which it is connected.
• A blinking amber light indicates network activity.
Status/Power
• A continuous blue light indicates that the system has power
applied to it.
• No light indicates that the system does not have power applied to
it.
Hard drive
disk status
• A continuous blue light indicates a hard drive disk fault.
• A blinking blue light indicates hard drive activity.
Table 47
LED indicator status
A.6.2 Back panel
Figure 38 depicts the back panel features of the HiPath Wireless Controller
CRBT8110.
A. USB connectors
C. Power supply
B. Video connector
D. Power connector
Figure 38
HiPath Wireless Controller CRBT8110 back panel
Note: The HiPath Wireless Controller CRBT8110 is equipped with two USB
connectors on the back panel. However, the controller is capable of supporting
only one USB device at a time, regardless of what USB connector the device is
connected to. If you connect a second USB device while the first is already
connected, the system will return an error.
526
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixa.fm
HiPath Wireless Controller’s physical description
HiPath Wireless Controller CRBT8210/8110
Figure 39 depicts the back panel features of the HiPath Wireless Controller
CRBT8210.
A. Power supply
Figure 39
B. Power connector
HiPath Wireless Controller CRBT8210 back panel
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
527
hwc_appendixa.fm
HiPath Wireless Controller’s physical description
HiPath Wireless Controller CRBT8210/8110
528
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixb.fm
Regulatory information
B Regulatory information
Warning: Warnings identify essential information. Ignoring a warning can lead to
problems with the application.
This appendix provides regulatory information for the HiPath Wireless Controller
C20N/C20/C2400/C4110/C5110 and the HiPath Wireless AP models:
•
AP 2610/2620 (AP26XX series)
•
AP 3605/3610/3620 (AP36XX series)
Note: Throughout this appendix, the term ‘Wireless AP’ refers to both AP models
(AP26XX series and AP36XX series). Specific AP models are only identified in
this appendix where it is necessary to do so.
Note: For technical specifications and certification information for the HiPath
Wireless Outdoor AP, models AP 2650/2660, see the HiPath Wireless Outdoor
AP Installation Guide.
Configuration of the Wireless AP frequencies and power output are controlled by
the regional software license and proper selection of the country during initial
installation and set-up. Customers are only allowed to select the proper country
from their licensed regulatory domain related to that customer’s geographic
location, thus allowing the proper set-up of access points in accordance with local
laws and regulations. The Wireless AP must not be operated until properly
configured with the correct country setting or it may be in violation of the local laws
and regulations.
Warning: Changes or modifications made to the HiPath Wireless Controller or
the Wireless APs which are not expressly approved by Siemens could void the
user's authority to operate the equipment.
Only authorized Siemens service personnel are permitted to service the system.
Procedures that should be performed only by Siemens personnel are clearly
identified in this guide.
Note: The HiPath Wireless Controllers and the Wireless APs are in compliance
with the European Directive 2002/95/EC on the restriction of the use of certain
hazardous substances (RoHS) in electrical and electronic equipment.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
529
hwc_appendixb.fm
Regulatory information
HiPath Wireless Controller C20N/C20/C2400/C4110/C5110
B.1 HiPath Wireless Controller C20N/C20/C2400/C4110/C5110
Conformance standards and directives
Safety
•
UL 60950-1 (U.S)
•
CSA C22.2 No.60950-01-03 (Canada)
•
2006/95/EC Low Voltage Directive (LVD)
•
EN 60950-1 (Europe)
•
IEC 60950-1 with applicable National Differences
•
AS/NZS 60950.1 (Australia/New Zealand)
EMC (Emissions / Immunity)
•
FCC Part 15, Subpart B, Class A (North America)
•
ICES-003, Class A (Canadian Emissions)
•
2004/108/EC EMC Directive
•
EN 55022: Class A (European Emissions)
•
ENEN 55024: includes EN 61000-4-2,3,4,5,6,11 (European Immunity)
•
EN 61000-3-2: (Harmonics)
•
EN 61000-3-3: (Flicker)
•
IEC/CISPR 22: Class A (International Emissions)
•
IEC/CISPR 24: includes IEC/EN 61000-4-2,3,4,5,6,11 (International
Immunity)
•
Australia/New Zealand AS/NZS 3548 via EU standards (ACMA)
RoHS
•
530
European Directive 2002/95/EC
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixb.fm
Regulatory information
HiPath Wireless Controller C20N/C20/C2400/C4110/C5110
B.1.1 Rack mounting your system
Refer to the following guidelines when setting up your HiPath Wireless
Controllers and Wireless APs.
Elevated operating ambient
If installed in a closed or multi-unit rack assembly, the operating ambient
temperature of the rack environment may be greater than room ambient.
Therefore, consideration should be given to installing the equipment in an
environment compatible with the maximum ambient temperature (Tma) specified
by the manufacturer.
Reduced air flow
Installation of the equipment in a rack should be such that the amount of air flow
required for safe operation of the equipment is not compromised.
Mechanical loading
Mounting of the equipment in the rack should be such that a hazardous condition
is not achieved due to uneven mechanical loading.
Circuit overloading
Consideration should be given to the connection of the equipment to the supply
circuit and the effect that overloading of the circuits might have on over current
protection and supply wiring. Appropriate consideration of equipment nameplate
ratings should be used when addressing this concern.
Reliable earthing
Reliable earthing of rack-mounted equipment should be maintained. Particular
attention should be given to supply connections other than direct connections to
the branch circuit (e.g. use of power strips).
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
531
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
B.2 Wireless APs 26XX and 36XX
This device is suitable for use in environmental air space in accordance with
Section 300.22.C of the National Electrical Code, and Sections 2-128, 12-010(3)
and 12-100 of the Canadian Electrical Code, Part 1, C22.1.
B.2.1 Wi-Fi certification
The AP26XX is Wi-Fi certified for operation in accordance with
IEEE 802.11a/b/g. The AP2610/20 Wireless APs with internal and external
antennas are designed and intended to be used indoors.
The AP36XX is Wi-Fi certified for operation in accordance with
IEEE 802.11a/b/g/n. The AP36XX Wireless APs with internal and external
antennas are designed and intended to be used indoors.
Wireless AP model
Wi-Fi certification ID
AP2605
WFA7482
AP2610
WFA7432
AP2620
WFA7387
AP2650
WFA7386
AP2660
WFA7431
AP3605
WFA9173
AP3610
WFA6025
AP3620
WFA5917
Table 48
Wireless AP Wi-Fi certification ID
Note: Operation in the European Community and rest of the world may be
dependant on securing local licenses, certifications, and regulatory approvals.
B.2.2 AP2620 external antenna AP
Approved external antennas
The AP2620 external antenna APs can also be used with optional certified
external antennas:
532
•
The external antennas on the AP2620 must be identical.
•
Any unused antenna ports must be terminated when an external antenna is
used with the AP2620.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
Antenna diversity
There are some limitations for using different antennas and Tx/Rx diversity:
•
If Alternate antenna diversity is used for Tx or Rx, then the same antenna
model must be used as left and right antennas. In addition, if cables are used
to connect external antennas, the cables must be of the same length and
similar attenuation. If these rules are not respected, antenna diversity will not
function properly and there will be degradation in the link budget in both
directions.
•
You can choose to install only one antenna provided that both Tx and Rx
diversity are configured to use that antenna and only that antenna. You can
choose to install one antenna for 11b/g band and one antenna for 11a band,
provided that the antenna diversity is configured appropriately on both radios.
Sensor support
Changing the antenna on sensors is not supported (at this stage) for the following
reasons:
•
The sensor factors the antenna gain and pattern in its calculations and
therefore it needs to know the antenna type and gain.
•
The sensor operating in mitigation mode becomes a transmitter and must
obey the same CTLs as the normal AP software.
•
Neither the sensor nor the HiPath Wireless Manager HiGuard support
configuring the antenna.
B.2.3 AP3620 external antenna AP
Approved external antennas
The AP3620 external antenna APs can also be used with optional certified
external antennas:
•
Any unused antenna ports must be terminated when an external antenna is
used with the AP3620.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
533
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
B.2.4 United States
B.2.4.1 FCC Declaration of Conformity Statement
This device complies with Part 15 of the FCC Rules. Operation is subject to the
following two conditions:
•
This device may not cause harmful interference.
•
This device must accept any interference received, including interference that
may cause undesired operation.
This equipment has been tested and found to comply with the limits for a Class B
digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to
provide reasonable protection against harmful interference when the equipment
is operated in a residential and business environment. This equipment generates,
uses, and radiates radio frequency energy, and if not installed and used in
accordance with instructions, may cause harmful interference. However, there is
no guarantee that interference will not occur. If this equipment does cause
harmful interference, which can be determined by turning the equipment off and
on, the user is encouraged to try to correct the interference by one or more of the
following measures:
534
•
Reorient or relocate the receiving antenna.
•
Increase the separation between the equipment or devices.
•
Connect the equipment to an outlet other than the receiver's.
•
Consult a dealer or an experienced radio/TV technician for suggestions.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
B.2.4.2 USA conformance standards
This equipment meets the following conformance standards:
Safety
•
UL 60950-1
•
UL 2043 Plenum Rated as part of UL 60950-1. Suitable for use in
environmental air space in accordance with Section 300.22.C of the National
Electrical Code.
EMC
•
FCC CFR 47 Part 15, Class B
Radio transceiver
•
CFR 47 Part 15.247, Subpart C
•
CFR 47 Part 15.407, Subpart E
Other
•
IEEE 802.11a (5 GHz)
•
IEEE 802.11b/g (2.4 GHz)
•
IEEE 802.11n (AP36XX)
•
IEEE 802.3af (PoE)
Warning: The Wireless APs must be installed and used in strict accordance with
the manufacturer's instructions as described in this guide and related
documentation for the device to which the Wireless AP is connected. Any other
installation or use of the product violates FCC Part 15 regulations.
Operation of the Wireless AP is restricted for indoor use only, specifically in the
UNII 5.15 - 5.25 GHz band in accordance with 47 CFR 15.407(e).
This Part 15 radio device operates on a non-interference basis with other devices
operating at the same frequency when using antennas provided or other Siemens
certified antennas. Any changes or modification to the product not expressly
approved by Siemens could void the user's authority to operate this device.
For the product available in the USA market, only channels 1 to 11 can be
operated. Selection of other channels in the 2.4 GHz band is not possible.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
535
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
B.2.4.3 FCC RF Radiation Exposure Statement
The Wireless AP complies with FCC RF radiated exposure limits set forth for an
uncontrolled environment. End users must follow the specific operating
instructions for satisfying RF exposure compliance. This device has been tested
and has demonstrated compliance when simultaneously operated in the 2.4 GHz
and 5 GHz frequency ranges. This device must not be co-located or operated in
conjunction with any other antenna or transmitter.
Caution: The radiated output power of the Wireless AP is below the FCC radio
frequency exposure limits as specified in “Guidelines for Human Exposure to
Radio Frequency Electromagnetic Fields” (OET Bullet 65, Supplement C). This
equipment should be installed and operated with a minimum distance of 25 cm
between the radiator and your body or other co-located operating antennas.
When using the WS-AO-5D23009 antenna, the minimum separation distance
should be increased to 71cm. When using the WS-AIO-2S18018 antenna, the
minimum separation distance should be increased to 34cm.
B.2.4.4 External antennas
The AP2620/AP3620 external antenna APs can also be used with certified
external antennas. However, to comply with the local laws and regulations, an
approval may be required by the local regulatory authorities.
For a list of approved external antennas, see Section B.2.8, “AP2620/AP3620
approved external antennas”.
RF safety distance
The antennas used for this transmitter must be installed to provide a separation
distance of at least 25 cm from all persons and must not be co-located or
operating in conjunction with another antenna or transmitter.
When using the WS-AO-5D23009 antenna, the minimum separation distance
should be increased to 71cm. When using the WS-AIO-2S18018 antenna, the
minimum separation distance should be increased to 34cm.
536
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
B.2.5 Canada
B.2.5.1 Industry Canada Compliance Statement
This digital apparatus does not exceed the Class B limits for radio noise
emissions from digital apparatus as set out in the interference-causing equipment
standard entitled “Digital Apparatus,” ICES-003 of Industry Canada.
Cet appareil numerique respecte les limites de bruits radioelectriques applicables
aux appareils numeriques de Classe B prescrites dans la norme sur le materiel
brouilleur: "Appareils Numeriques," NMB-003 edictee par le Industrie Canada.
This device complies with Part 15 of the FCC Rules and Canadian Standard RSS210. Operation is subject to the following conditions:
•
This device may not cause harmful interference.
•
This device must accept any interference received, including interference that
may cause undesired operation.
•
This Class B digital apparatus complies with Canadian ICES-003.
•
Operation in the 5150-5250 MHz band is only for indoor usage to reduce
potential for harmful interference to co-channel mobile satellite systems.
•
Please note that high power radars are allocated as primary users (meaning
they have priority) and can cause interference in the 5250-5350 MHz and
5470-5725 MHz bands of LE-LAN devices.
•
For the product available in the Canadian market, only channels 1 to 11 can
be operated. Selection of other channels in the 2.4 GHz band is not possible.
B.2.5.2 Canada conformance standards
This equipment meets the following conformance standards:
Safety
•
C22.2 No.60950-1-03
•
UL 2043 Plenum Rated as part of UL 60950-1. Suitable for use in
environmental air space in accordance with Sections 2-128, 12-010(3) and
12-100 of the Canadian Electrical Code, Part 1, C22.1
EMC
•
ICES-003, Class B
Radio transceiver
•
RSS-210 (2.4 GHz and 5GHz)
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
537
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
Other
•
IEEE 802.11a (5 GHz)
•
IEEE 802.11b/g (2.4 GHz)
•
IEEE 802.11n (AP36XX)
•
IEEE 802.3af (PoE)
B.2.5.3 External antennas
The AP2620/AP3620 external antenna APs can also be used with certified
external antennas. However, to comply with the local laws and regulations, an
approval may be required by the local regulatory authorities.
For a list of approved external antennas, see Section B.2.8, “AP2620/AP3620
approved external antennas”.
RF safety distance
The antennas used for this transmitter must be installed to provide a separation
distance of at least 25 cm from all persons and must not be co-located or
operating in conjunction with another antenna or transmitter.
When using the WS-AO-5D23009 antenna, the minimum separation distance
should be increased to 71cm. When using the WS-AIO-2S18018 antenna, the
minimum separation distance should be increased to 34cm.
538
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
B.2.6 European community
The Wireless APs are designed for use in the European Union and other
countries with similar regulatory restrictions where the end user or installer is
allowed to configure the Wireless AP for operation by entry of a country code
relative to a specific country. Upon connection to the controller, the software will
prompt the user to select a country code. After the country code is selected, the
controller will set up the Wireless AP with the proper frequencies and power
outputs for that country code.
Although outdoor use may be allowed and may be restricted to certain
frequencies and/or may require a license for operation, the Wireless AP is
intended for indoor use and must be installed in a proper indoor location. Use the
installation utility provided with the controller software to ensure proper set-up in
accordance with all European spectrum usage rules. Contact local Authority for
procedure to follow and regulatory information. For more details on legal
combinations of frequencies, power levels and antennas, contact Siemens.
Declaration of Conformity with R&TTE Directive of the European Union 1999/5/
EC
The following symbol indicates compliance with the Essential Requirements of
the R&TTE Directive of the European Union (1999/5/EC).
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
539
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
B.2.6.1 Declaration of Conformity in Languages of the
European Community
English
Hereby, Siemens, declares that this Radio LAN device is in compliance
with the essential requirements and other relevant provisions of Directive
1999/5/EC.
Finnish
Valmistaja Siemens vakuuttaa täten että Radio LAN device tyyppinen laite
on direktiivin 1999/5/EY oleellisten vaatimusten ja sitä koskevien direktiivin
muiden ehtojen mukainen.
Dutch
Hierbij verklaart Siemens dat het toestel Radio LAN device in
overeenstemming is met de essentiële eisen en de andere relevante
bepalingen van richtlijn 1999/5/EG.
Bij deze verklaart Siemens dat deze Radio LAN device voldoet aan de
essentiële eisen en aan de overige relevante bepalingen van Richtlijn
1999/5/EC.
French
Par la présente Siemens déclare que l'appareil Radio LAN device est
conforme aux exigences essentielles et aux autres dispositions pertinentes
de la directive 1999/5/CE.
Par la présente, Siemens déclare que ce Radio LAN device est conforme
aux exigences essentielles et aux autres dispositions de la directive 1999/
5/CE qui lui sont applicables.
540
Swedish
Härmed intygar Siemens att denna Radio LAN device står I
överensstämmelse med de väsentliga egenskapskrav och övriga relevanta
bestämmelser som framgår av direktiv 1999/5/EG.
Danish
Undertegnede Siemens erklærer herved, at følgende udstyr Radio LAN
device overholder de væsentlige krav og øvrige relevante krav i direktiv
1999/5/EF.
German
Hiermit erklärt Siemens die Übereinstimmung des "WLAN Wireless
Controller bzw. Access Points" mit den grundlegenden Anforderungen und
den anderen relevanten Festlegungen der Richtlinie 1999/5/EG.
Greek
ΜΕ ΤΗΝ ΠΑΡΟΥΣΑ Siemens ∆ΗΛΩΝΕΙ ΟΤΙ Radio LAN device
ΣΥΜΜΟΡΦΩΝΕΤΑΙ ΠΡΟΣ ΤΙΣ ΟΥΣΙΩ∆ΕΙΣ ΑΠΑΙΤΗΣΕΙΣ ΚΑΙ ΤΙΣ ΛΟΙΠΕΣ
ΣΧΕΤΙΚΕΣ ∆ΙΑΤΑΞΕΙΣ ΤΗΣ Ο∆ΗΓΙΑΣ 1999/5/ΕΚ.
Icelandic
Siemens lysir her med yfir að thessi bunadur, Radio LAN device, uppfyllir
allar grunnkrofur, sem gerdar eru i R&TTE tilskipun ESB nr 1999/5/EC.
Italian
Con la presente Siemens dichiara che questo Radio LAN device è
conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite
dalla direttiva 1999/5/CE.
Spanish
Por medio de la presente Siemens declara que el Radio LAN device
cumple con los requisitos esenciales y cualesquiera otras disposiciones
aplicables o exigibles de la Directiva 1999/5/CE.
Portuguese
Siemens declara que este Radio LAN device está conforme com os
requisitos essenciais e outras disposições da Directiva 1999/5/CE.
Malti
Hawnhekk, Siemens, jiddikjara li dan Radio LAN device jikkonforma malhtigijiet essenzjali u ma provvedimenti ohrajn relevanti li hemm fidDirrettiva 1999/5/EC.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
New Member States requirements of Declaration of Conformity
Estonian
Käesolevaga kinnitab Siemens seadme Radio LAN device vastavust
direktiivi 1999/5/EÜ põhinõuetele ja nimetatud direktiivist tulenevatele
teistele asjakohastele sätetele.
Hungary
Alulírott, Siemens nyilatkozom, hogy a Radio LAN device megfelel a
vonatkozó alapvetõ követelményeknek és az 1999/5/EC irányelv egyéb
elõírásainak.
Slovak
Siemens týmto vyhlasuje, že Radio LAN device spĺňa základné
požiadavky a všetky príslušné ustanovenia Smernice 1999/5/ES.
Czech
Siemens tímto prohlašuje, že tento Radio LAN device je ve shodě se
základními požadavky a dalšími příslušnými ustanoveními směrnice 1999/
5/ES."
Slovenian
Šiuo Siemens deklaruoja, kad šis Radio LAN device atitinka esminius
reikalavimus ir kitas 1999/5/EB Direktyvos nuostatas.
Latvian
Ar šo Siemens deklarē, ka Radio LAN device atbilst Direktīvas 1999/5/EK
būtiskajām prasībām un citiem ar to saistītajiem noteikumiem
Lithuanian
Siemens deklaruoja, kad Radio LAN device atitinka 1999/5/EC Direktyvos
esminius reikalavimus ir kitas nuostatas".
Polish
Niniejszym, Siemens, deklaruję, że Radio LAN device spełnia wymagania
zasadnicze oraz stosowne postanowienia zawarte Dyrektywie 1999/5/EC.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
541
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
B.2.6.2 European conformance standards
This equipment meets the following conformance standards:
Safety
•
2006/95/EC Low Voltage Directive (LVD)
•
IEC/EN 60950-1 + National Deviations
EMC (Emissions / Immunity)
•
2004/108/EC EMC Directive
•
EN 55011/CISPR 11, Class B, Group 1 ISM
•
EN 55022/CISPR 22, Class B
•
EN 55024/CISPR 24, includes IEC/EN 61000-4-2,3,4,5,6,11
•
EN 61000-3-2 and -3-3 (Harmonics and Flicker)
•
EN 60601-1-2 (EMC immunity for medical equipment)
•
EN 50385 (EMF)
•
ETSI/EN 301 489-1 & -17
Radio transceiver
•
R&TTE Directive 1999/5/EC
•
ETSI/EN 300 328 (2.4 GHz)
•
ETSI/EN 301 893 (5 GHz)
Other
•
IEEE 802.11a (5 GHz)
•
IEEE 802.11b/g (2.4 GHz)
•
IEEE 802.11n (AP36XX)
•
IEEE 802.3af (PoE)
RoHS
•
542
European Directive 2002/95/EC
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
B.2.6.3 External antennas
The AP2620/AP3620 external antenna APs can also be used with certified
external antennas. However, to comply with the local laws and regulations, an
approval may be required by the local regulatory authorities.
For a list of approved external antennas, see Section B.2.8, “AP2620/AP3620
approved external antennas”.
RF safety distance
The antennas used for this transmitter must be installed to provide a separation
distance of at least 25 cm from all persons and must not be co-located or
operating in conjunction with another antenna or transmitter.
When using the WS-AO-5D23009 antenna, the minimum separation distance
should be increased to 71cm. When using the WS-AIO-2S18018 antenna, the
minimum separation distance should be increased to 34cm.
B.2.6.4 Conditions of use in the European community
The Wireless APs with internal and external antennas are designed and intended
to be used indoors. Some EU countries allow outdoor operation with limitations
and restrictions, which are described in this section. It is the responsibility of the
end user to ensure operation in accordance with these rules, frequencies, and
transmitter power output. The Wireless AP must not be operated until properly
configured for the customer’s geographic location.
Caution: The user or installer is responsible to ensure that the Wireless AP is
operated according to channel limitations, indoor / outdoor restrictions, license
requirements, and within power level limits for the current country of operation. A
configuration utility has been provided with the HiPath Wireless Controller to
allow the end user to check the configuration and make necessary configuration
changes to ensure proper operation in accordance with the spectrum usage rules
for compliance with the European R&TTE directive 1999/5/EC.
The Wireless APs with internal and external antennas are designed to be
operated only indoors within all countries of the European Community. Some
countries require limited channels of operation. These restrictions are described
in this section.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
543
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
Caution: The Wireless AP is completely configured and managed by the HiPath
Wireless Controller connected to the network. Please follow the instructions in
this user guide to properly configure the Wireless AP.
• The Wireless APs require the end user or installer to ensure that they have a
valid license prior to operating the Wireless AP. The license contains the region
and the region exposes the country codes which allow for proper configuration in
conformance with European National spectrum usage laws
• There is a default group of settings that each Wireless AP receives when it
connects to the controller. There is the ability to change these settings. The user
or installer is responsible to ensure that each Wireless AP is properly configured.
• The software within the controller will automatically limit the allowable channels
and output power determined by the selected country code. Selecting the
incorrect country of operation or identifying the proper antenna used, may result
in illegal operation and may cause harmful interference to other systems.
• This device employs a radar detection feature required for European
Community operation in the 5 GHz band. This feature is automatically enabled
when the country of operation is correctly configured for any European
Community country. The presence of nearby radar operation may result in
temporary interruption of operation of this device. The radar detection feature will
automatically restart operation on a channel free of radar.
• The 5 GHz Turbo Mode feature is not enabled for use on the Wireless APs.
• The 5150- 5350 MHz band, channels 36, 40, 44, 48, 52, 56, 60, or 64, are
restricted to indoor use only.
• The external antenna APs must only use antennas that are certified by Siemens.
• The 2.4 GHz band, channels 1 - 13, may be used for indoor or outdoor use but
there may be some channel restrictions.
• In Greece and Italy, the end user must apply for a license from the national
spectrum authority to operate outdoors.
• In France, outdoor operation is not permitted in the 2.4 GHz band.
544
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
B.2.6.5 European spectrum usage rules
The AP configured with approved internal or external antennas can be used for
indoor and outdoor transmissions throughout the European community as
displayed in Table 49. Some restrictions apply in Belgium, France, Greece, and
Italy.
Country
5.15-5.25 (GHz)
Channels:
36,40,44,48
5.25-5.35 (GHz)
Channels:
52,56,60,64
5.47-5.725 (GHz)
Channels:
100,104,108,112,116,
132,136,140
2.4-2.4835 (GHz)
Channels: 1 to 13
(Except Where Noted)
Austria
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Belgium
Indoor only
Indoor only
Indoor or outdoor *
Indoor or outdoor
Bulgaria
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Denmark
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Croatia
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Cyprus
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Czech Rep.
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Estonia
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Finland
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
France
Indoor only
Indoor only
Indoor or outdoor
Indoor only
Germany
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Greece
Indoor only
Indoor only
Indoor
(Outdoor w/License)
Indoor
(Outdoor w/license)
Hungary
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Iceland
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Ireland
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Italy
Indoor only
Indoor only
Indoor or outdoor
Indoor
(Outdoor w/license)
Latvia
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Liechtenstein
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Lithuania
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Luxembourg
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Netherlands
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Malta
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Norway
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Poland
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Portugal
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Romania
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Slovak Rep.
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Slovenia
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Table 49
European spectrum usage rules
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
545
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
Country
5.15-5.25 (GHz)
Channels:
36,40,44,48
5.25-5.35 (GHz)
Channels:
52,56,60,64
5.47-5.725 (GHz)
Channels:
100,104,108,112,116,
132,136,140
2.4-2.4835 (GHz)
Channels: 1 to 13
(Except Where Noted)
Spain
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Sweden
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Switzerland
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Turkey
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
U.K
Indoor only
Indoor only
Indoor or outdoor
Indoor or outdoor
Table 49
European spectrum usage rules (Continuation)
Note: * Belgium requires notifying the spectrum agency if deploying > 300 meter
wireless links in outdoor public areas.
B.2.7 Certifications of other countries
The Wireless APs have been certified for use in various other countries. When
the Wireless AP is connected to the Siemens HiPath Wireless Controller, the user
is prompted to select a country code. Once the correct country code is selected,
the controller automatically sets up the Wireless AP with the proper frequencies
and power outputs for that country code.
Note: It is the responsibility of the end user to select the proper country code for
the country the device will be operated within or run the risk violating local laws
and regulations.
Approved external antennas
The external antenna Wireless APs can also be used with certified external
antennas. However, to comply with the local laws and regulations, an approval
may be required by the local regulatory authorities.
For a list of approved external antennas, see Section B.2.8, “AP2620/AP3620
approved external antennas”.
Other country specific compliance standards, approvals and declarations
546
•
IEC 60950-1 CB Scheme + National Deviations
•
AS/NZS 60950.1 (Safety)
•
AS/NZS 3548 (Emissions via EU standards – ACMA)
•
AS/NZS 4288 (Radio via EU standards)
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
•
EN 300 328 (2.4 GHz)
•
EN 301 893 (5 GHz)
•
EN 301 489-1 & -17 (RLAN)
•
IEEE 802.11a (5 GHz)
•
IEEE 802.11b/g (2.4 GHz)
•
IEEE 802.11n (AP36XX)
•
IEEE 802.3af (PoE)
B.2.8 AP2620/AP3620 approved external antennas
The AP2620/AP3620 external antenna APs can be used with certified external
antennas. However, to comply with the local laws and regulations, an approval
may be required by the local regulatory authorities. The following optional
antennas have been tested and approved for use with the external antenna
models.
Model
Application
Shape
Gain (dBi)
Frequency
(MHz)
Connector Type
WS-ANT01
outdoor
omni
2400-2500
5150-5900
RPSMA
WS-AO-DS05360
outdoor
omni
2400-2500
5150-5350
Reverse Polarity
Type-N
WS-AIO-5S12060
indoor
panel
12
2400-2500
4900-5990
Reverse Polarity
Type-N
WS-AI-2S03360
indoor
omni
3.5
2400-2500
RPSMA
WS-AI-DS06360
indoor
omni
2300-2700
4900-6000
RPSMA
WS-AIO-DS05120
indoor/outdoor
panel
2400-2500
Reverse Polarity
Type-N
WS-AIO-2S07060
indoor/outdoor
panel
7.5
2300-2600
4900-6000
Reverse Polarity
Type-N
WS-AIO-5S17017
indoor/outdoor
panel
17
5470-5850
Reverse Polarity
Type-N
WS-AIO-2514090
indoor/outdoor
panel
14
2400-2485
Reverse Polarity
Type-N
WS-AIO-5S15090
indoor/outdoor
panel
15
4900-6000
Reverse Polarity
Type-N
WS-AIO-2S18018
indoor/outdoor
panel
18
2300-2500
Reverse Polarity
Type-N
Table 50
List of FCC/IC/ETSI approved antennas — AP2620
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
547
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
Model
Application
Shape
Gain (dBi)
Frequency
(MHz)
Connector Type
WS-ANT02
indoor
omni
2400-2500
5150-5900
RPSMA
WS-AO-DS05360
outdoor
omni
2400-2500
5150-5350
Reverse Polarity
Type-N
WS-AO-D16060
outdoor
60 degree sector
directional, 2 inputs
16
5150-5875
Reverse Polarity
Type-N
WS-AO-5D23009
outdoor
panel, 2 inputs
23
5150-5875
Reverse Polarity
Type-N
WS-AI-DT04360
indoor
omni, 3 inputs
2400-2500
4900-5990
RPSMA, 3ea.
WS-AI-DT05120
indoor
120 degree sector
directional, 3 inputs
2300-2700
4900-6100
RPSMA
Table 51
List of FCC/IC/ETSI approved antennas — AP3620
RF safety distance
The antennas used for this transmitter must be installed to provide a separation
distance of at least 25 cm from all persons and must not be co-located or
operating in conjunction with another antenna or transmitter.
When using the WS-AO-5D23009 antenna, the minimum separation distance
should be increased to 71cm. When using the WS-AIO-2S18018 antenna, the
minimum separation distance should be increased to 34cm.
B.2.9 Certified 3rd party antennas
Table 52 lists the 3rd party antennas that are supported for AP2620, AP260-1,
AP3620 and AP3620-1 models for ETSI and FCC. These antennas are supported
only for existing customers prior to V7.11.
AP
Regulatory Manufacturer Part Number
Type
Usage
Frequency Gain
Connector
Indoor
2.4
N-F
2620 FCC/IC
Cushcraft
SR2405135D
Sector, 135 Deg
Single Feed
2620 FCC/IC
Cushcraft
S24493DS
Omni, Dual Feed Indoor
2.4, 5
Reverse
TNCx2
2620 FCC/IC
Cushcraft
SL24513P
Omni, Single
Feed
Indoor
2.4, 5
SMA-F
2620 FCC/IC
Cushcraft
S24497P
60 Deg Sector,
Single Feed
Indoor
2.4, 5
Reverse
TNC
2620 FCC/IC
Hyperlink
HG2458CU
Omni, Single
Feed
Indoor
2.4, 5
N-F
Table 52
548
Certified 3rd party antennas for use with AP2620, AP260-1, AP3620 and AP3620-1 models
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
AP
Regulatory Manufacturer Part Number
Type
Usage
Connector
2.4
5.2
SMA, TNC,
2620 FCC/IC
Maxrad
MDO24005PT
2620 ETSI
Huber and
Suhner
SOA 2454/360/7/20/DF Omni
Outdoor 2.4, 5
6&8
N-F
2620 ETSI
Huber and
Suhner
SWA 2459/360/4/45/V
Omni
Outdoor 2.4, 5
N-F/SMA-F
2620 ETSI
Huber and
Suhner
SPA 2456/75/9/0/DF
Plannar
Outdoor 2.4, 5
SMA-F/
TNC-F/
QN-F
2620 ETSI
Huber and
Suhner
SOA 2400/360/4/0/DS
Omni
Outdoor 2.4, 5
3.5
N-F/TNC-F
2620 ETSI
Huber and
Suhner
SWA 0859/360/4/10/V
Omni
Outdoor 2.4, 5
N-F/TNC-F
2620 ETSI
Huber and
Suhner
SPA 2400/80/9/0/DS
Plannar
Outdoor 2.4
8.5
SMA-F/
TNC-F/
QMA-F
2620 ETSI
Huber and
Suhner
SPA 2400/40/14/0/DS
Plannar
Outdoor 2.4
13.5
N-F/TNC-F
3620 FCC/IC
Cushcraft
SR249120D
120 Deg, Sector, Indoor
Single Feed
2.4, 5
RPSMA
3620 FCC/IC
Cushcraft
S24493TS
Omni, Triple
Feed
Indoor
2.4, 5
RPSMA 3
ea.
3620 FCC/IC
Cushcraft
SL24513WP
Omni
Indoor
2.4, 5
RPSMA
3620 FCC/IC
Cushcraft
S24497P
60 Deg Sector,
Single Feed
Indoor
2.4, 5
7&8
RPSMA
3620 FCC/IC
Hyperlink
HG2458CU
Omni
Indoor
2.4, 5
N-F
3620 FCC/IC
Maxrad
MDO24005PT
Omni, Dual Feed Indoor
2.4
5.2
RPSMA
3620 ETSI
Huber and
Suhner
SOA 2454/360/7/20/DF Omni
Outdoor 2.4, 5
6&8
N-F
3620 ETSI
Huber and
Suhner
SWA 2459/360/4/45/V
Omni
Outdoor 2.4, 5
N-F/SMA-F
3620 ETSI
Huber and
Suhner
SPA 2456/75/9/0/DF
Plannar
Outdoor 2.4, 5
SMA-F/
TNC-F/
QN-F
3620 ETSI
Huber and
Suhner
SOA 2400/360/4/0/DS
Omni
Outdoor 2.4, 5
3.5
N-F/TNC-F
3620 ETSI
Huber and
Suhner
SWA 0859/360/4/10/V
Omni
Outdoor 2.4, 5
N-F/TNC-F
3620 ETSI
Huber and
Suhner
SPA 2400/80/9/0/DS
Plannar
Outdoor 2.4
8.5
SMA-F/
TNC-F/
QMA-F
3620 ETSI
Huber and
Suhner
SPA 2400/40/14/0/DS
Plannar
Outdoor 2.4
13.5
N-F/TNC-F
Table 52
Omni, Dual Feed Indoor
Frequency Gain
Certified 3rd party antennas for use with AP2620, AP260-1, AP3620 and AP3620-1 models
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
549
hwc_appendixb.fm
Regulatory information
Wireless APs 26XX and 36XX
550
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixc.fm
optiPoint WL2 Configuration
optiPoint WL2 wireless telephone configuration
C optiPoint WL2 Configuration
This appendix describes the recommended configuration for the optiPoint WL2
wireless telephone with the HiPath Wireless LAN Solution. In addition,
corresponding configurations should be made on the PBX, if applicable.
Update your optiPoint WL2 wireless telephone software to the latest available
firmware. The following information in this appendix refers to an optiPoint WL2
telephone running firmware version 50.002.43.00079.
Note: You can also use the VNS wizard to configure the HiPath Wireless
Controller for use with optiPoint wireless telephones. For more information, see
Section 6.4.2, “Creating a voice VNS using the VNS wizard”, on page 284.
C.1 optiPoint WL2 wireless telephone configuration
To configure audio settings:
1. Launch your Web browser, and in the browser address bar type the optiPoint
WL2’s IP address. The optiPoint WL2 professional Handset screen is
displayed.
2. In the optiPoint WL2 professional menu, click Admin. The Network: Profile
Selection screen is displayed.
3. In the left pane, click Audio Settings. The Audio Settings screen is
displayed.
4. Configure the following audio settings:
•
In the Codec drop-down list, click G.711 preferred (normal quality).
The alternative G729 codec would only provide a small increase in
capacity at the expense of a significant increase in sensitivity to lost
packets and degradation of quality.
•
In the RTP Packet Size drop-down list, click 20ms.
The 10ms setting would not improve voice quality, but it would
significantly decrease the per-AP voice capacity. The 30ms setting would
worsen the impact of lost packets while roaming.
•
Clear the Silence Suppression checkbox. The Silence Suppression
option should be disabled.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
551
hwc_appendixc.fm
optiPoint WL2 Configuration
optiPoint WL2 wireless telephone configuration
To configure Quality of Service protocol settings:
1. In the left pane, click Quality of Service. The Quality of Service: Protocol
Settings screen is displayed.
2. Configure the following Quality of Service settings:
•
In the DSCP Class for Voice drop-down list, click Expedited
Forwarding to ensure maximum voice priority.
•
In the DSCP Class for Signalling drop-down list, click Assured
Forwarding 3.
Under normal conditions Assured Forwarding 3 ensures a more reliable
delivery for Signaling than for Voice (more retries) at the expense of a
potential higher delay.
•
552
In the VLAN Settings section, select None.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixc.fm
optiPoint WL2 Configuration
optiPoint WL2 wireless telephone configuration
To configure WLAN settings:
1. In the left pane, click Network. The Network: Profile Selection screen is
displayed.
2. In the List of Profiles, click Edit for the profile you want to configure. The
Network: Profile Name screen is displayed.
3. In the left pane, click WLAN. The Network: WLAN for profile screen is
displayed.
4. Configure the following WLAN settings:
•
In the Output Power (in%) drop-down list, click 100.
Use the maximum 100% unless there is a reason to reduce it.
•
In the Transmission Rate drop-down, click Auto.
Note: When the Transmission Rate is set to a value, it does not force the
phone to only use that particular PHY transmission rate. Instead, it forces the
phone to only use PHY rates that are smaller or equal to the set rate.
•
In the Fragmentation Threshold box, ensure that the default value 2346
is used.
•
In the RTS/CTS Threshold box, ensure that the default value 2347 is
used.
•
In the Roaming Threshold box, type a roaming threshold between the
range of -75 dBm to -65 dBm, depending on the parameters of the
deployment.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
553
hwc_appendixc.fm
optiPoint WL2 Configuration
optiPoint WL2 wireless telephone configuration
A larger value, for example -65 dBm will cause the phone to scan for
alternate Wireless APs more often, which will result in more wireless
traffic and slightly decreased battery life. A smaller value, for example -75
dBm will cause the phone to roam too late, causing voice interruptions
during roaming.
•
In the Preamble Type section, select Short. The short preamble provides
for higher voice capacity.
If legacy pre-11b devices are present in the coverage area or you are
unsure if legacy pre-11b devices are present in the coverage area, select
Long.
To configure WLAN security settings:
1. In the left pane, click Network. The Network: Profile Selection screen is
displayed.
2. In the left pane, click WLAN Security. The Network: WLAN Security for
profile screen is displayed.
3. Configure the following WLAN security settings:
•
554
Click WPA-PSK.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixc.fm
optiPoint WL2 Configuration
HiPath Wireless Controller configuration
C.2 HiPath Wireless Controller configuration
The easiest way to configure a voice VNS is to use the VNS Creation Wizard.
Refer to Section 6.4.2, “Creating a voice VNS using the VNS wizard”, on page
284.
The following settings must be configured on the HiPath Wireless Controller.
•
A dedicated VNS must be used for WL2 phones. No other non-voice clients
should be allowed in this VNS.
•
The VNS must be a non-RADIUS VNS.
To configure a WL2 Voice Topology:
1. In the Layer 3 area, from the DHCP drop-down list, select Local Server, then
click Configure.
2. Select the Enable DLS DHCP Option checkbox.
3. In the DLS Address box, type the IP address or the DNS name of the DLS.
In the accompanying box, type the DLS port number. The default is 18443.
For more information about configuring a Topology, see Section 6.8, “Configuring
a Topology”, on page 319.
To configure a WL2 WLAN Service:
1. Click the Privacy tab.
2. Configure the following privacy settings:
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
555
hwc_appendixc.fm
optiPoint WL2 Configuration
HiPath Wireless Controller configuration
•
The privacy settings on the HiPath Wireless Controller must match those
on the optiPoint WL2 phone.
•
If the optiPoint WL2 phone is configured to use WPA-PSK, select the
WPA-PSK option for the VNS.
3. Click the QoS tab.
4. Configure the following QoS policy settings:
•
For good voice quality and battery life, select WMM.
•
If the VNS is shared with legacy devices that require priority but do not
support WMM, select Legacy.
•
If applicable, select 802.11e or Enable U-APSD. (The next release of the
optiPoint WL2 may require .11e support).
Note: The Turbo Voice and Use Global Admission Control for Voice (VO)
options should be cleared. These options should not be used in the same
VNS as the optiPoint WL2. These features are not currently supported on the
optiPoint WL2.
•
The Priority Override option (configured on the Advanced dialog) should
normally be cleared. If the phone and PBX are configured properly, the
default DSCP classification should work well. If you are unsure, sniff the
packets over the air and check that the voice packets are sent with priority
6 or 7 in both UL and DL directions.
For more information about configuring a WLAN Service, see Section 6.9,
“Configuring WLAN Services”, on page 331.
To configure Wireless AP radio properties:
1. From the main menu, click Wireless AP Configuration. The HiPath
Wireless AP screen is displayed.
2. Click the applicable radio tab, In the Radio Mode drop-down list, click g.
Note: Enable 11b only if 11b devices are used on the same VNS as the
optiPoint WL2 phone.
3. Click the Advanced button.
4. Configure the following radio settings:
556
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixc.fm
optiPoint WL2 Configuration
HiPath Wireless Controller configuration
•
In the DTIM Period box, type 5.
Note: A DTIM Period value of 1 may produce better results if significant
RF interference exists in your environment. Use a DTIM Period value of
5 unless you notice a significant improvement when using a value of 1.
•
In the Beacon Period box, type 100 (ms).
•
In the RTS/CTS Threshold box, ensure that the default value 2346 is
used.
•
In the Frag. Threshold box, ensure that the default value 2346 is used.
•
In the Rx Diversity drop-down list, click Best.
•
In the Tx Diversity drop-down list, click Alternate.
Note: If you experience variable or unstable signals, in the Tx Diversity
drop-down list, click Left.
•
In the Min Basic Rate drop-down list, click 1Mbps if .11b is enabled.
Note: Use a Min Basic Rate of 6Mbps if you are using only optiPoint
WL2 phones on the VNS, as this will increase the number of concurrent
calls per AP. Use a Min Basic Rate of 2Mbps or 1Mbps if your site has
sparse RF coverage.
•
In the Max Basic Rate drop-down list, click the default maximum possible
basic rate. For example, click 12 Mbps if you are using 6 Mbps as the Min
Basic Rate. Otherwise, click 24 Mbps.
•
In the Max Operational Rate drop-down list, click the default maximum
rate. For example, 54 Mbps.
•
In the Preamble drop-down list, click Short. The short preamble provides
for higher voice capacity.
If legacy pre-11b devices are present in the coverage area or you are
unsure if legacy pre-11b devices are present in the coverage area, click
Long.
•
In the Total # of Tries for Background BK drop-down list, click adaptive
(multi-rate).
•
In the Total # of Tries for Best Effort BE drop-down list, click adaptive
(multi-rate).
•
In the Total # of Tries for Video VI drop-down list, click adaptive
(multi-rate).
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
557
hwc_appendixc.fm
optiPoint WL2 Configuration
HiPath Wireless Controller configuration
•
In the Total # of Tries for Voice VO drop-down list, click adaptive
(multi-rate).
•
In the Total # of Tries for Turbo Voice TVO drop-down list, click
adaptive (multi-rate).
Note: At a minimum, use adaptive (multi-rate) for Total # of Tries for Best
Effort BE and Total # of Tries for Voice VO since this will significantly
improve voice quality.
•
In the Protection Mode drop-down list, click Auto.
•
In the Protection Rate drop-down list, click 11 Mbps.
•
In the Protection Type drop-down list, click CTS. The CTS protection
mode allows for higher voice capacity.
If legacy pre-11b devices are present in the coverage area or you are
unsure if legacy pre-11b devices are present in the coverage area, click
RTS CTS. RTS CTS mode provides more robust protection.
558
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixd.fm
SpectraLink Wireless Telephones
Network Topology
D SpectraLink Wireless Telephones
The HiPath Wireless LAN Solution, consisting of the HiPath Wireless Controller,
Wireless APs, and the HiPath Wireless Convergence Software, seamlessly
integrates with SpectraLink Wireless Telephones to serve mobile voice and data
requirements. The standards-based architecture of HiPath Wireless LAN
provides an exceptional infrastructure for voice quality and handset-reliability to
the SpectraLink telephones.
D.1 Network Topology
The following image depicts a typical network topology for SpectraLink
telephones.
Figure 40
SpectraLink Network Topology
Note: The network topology depicted in Figure 40 is a dedicated network for
SpectraLink Telephones. Other topologies are supported and can be used as
required.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
559
hwc_appendixd.fm
SpectraLink Wireless Telephones
Configuring HiPath Wireless Controller for SpectraLink telephones
Note: For a successful deployment, all network elements in the SpectraLink
network should be provisioned to prioritize voice data.
D.2 Configuring HiPath Wireless Controller for SpectraLink telephones
This section describes how to configure the HiPath Wireless Controller and
Wireless APs for use with SpectraLink Wireless telephones.
You have to configure the following features in the HiPath Wireless Controller to
set it up for SpectraLink telephones:
•
Radio properties
•
SSID
•
Filters
•
Multicast configuration
•
Security
•
Quality of Service (QoS)
The configuration process for SpectraLink telephones applies identically to
HiPath Wireless APs, HiPath Wireless Outdoor APs and HiPath Wireless 802.11n
APs, unless specified otherwise.
Note: You can also use the VNS wizard to configure the HiPath Wireless
Controller for use with SpectraLink Wireless telephones. For more information,
see Section 6.4.2, “Creating a voice VNS using the VNS wizard”, on page 284.
D.2.1 Setting up SSID
To set up the SSID:
1. From the main menu, click Virtual Network Configuration. The Virtual
Network Configuration screen is displayed.
2. In the left pane, expand the New pane and click Add VNS (subnet).
3. Type a name that will identify the new VNS in the VNS Name box.
4. In the Default Policies area, select an existing Non-Authenticated and
Authenticated policy, or create a new one by clicking the New button. The
Policy configuration window is displayed.
560
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixd.fm
SpectraLink Wireless Telephones
Configuring HiPath Wireless Controller for SpectraLink telephones
5. From the Topology area, select an existing topology from the Assigned
Topology drop-down list. or create a new one by clicking the New button.
Note: Siemens recommends that you choose Bridge Traffic Locally at
HWC Topology Mode for SpectraLink network deployment.
6. In the Layer 3 area, from the DHCP Option drop-down menu, you can select
either the Local DHCP Server or Use DHCP Relay, depending upon your
network topology. Click the Configure button.
7. In the Gateway box, type the network gateway address.
8. In the Mask box, type the appropriate values.
9. In the Address Range boxes (from and to), type the IP address range.
10. To save your changes, click Save.
D.2.2 Configuring filters
To configure the filters:
1. From the main menu, click Virtual Network Configuration. The Virtual
Network Configuration screen is displayed.
2. In the left pane, expand the Policies pane and select the policy to configure.
3. On the Policy Configuration screen, click the Filter Rules tab. The filtering
rule for the Default filter is displayed in the centre pane.
4. Click the Add button, then type the IP address of SVP server in IP/Subnet
and port boxes.
5. From the Protocol drop-down menu, select UDP.
6. Click OK. The new filtering rule for the SVP server is displayed in the centre
pane.
7. Click Up. The filtering rule for the SVP server moves up, before the filter rule
for Default filter.
8. Click Add again, then type the IP address of SpectraLink Gateway in IP/
Subnet and port boxes, and then repeat steps 5 to 7.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
561
hwc_appendixd.fm
SpectraLink Wireless Telephones
Configuring HiPath Wireless Controller for SpectraLink telephones
9. Add the filtering rules for the IP addresses of all network elements as
explained in steps 5 to 7.
Note: You must ensure that all the filtering rules, including the ones for SVP/
Gateway and other network elements, are moved up, before the filtering rule
for the Default filter.
10. Select the Allow option of the Default filter.
11. To save your changes, click Save.
Note: You must complete the remaining configuration as explained in the
subsequent sections, and then check if the deployment is working properly. If
the deployment is working properly, you should deselect Allow option of the
Default filter to secure the network
The secure setup in context of the network topology illustrated in Figure 40
on page 559 will be as follows:
• Allow 192.168.121.* UDP
• Allow 192.168.110.* UDP
• Allow 192.168.123.* UDP
• Disallow *.*.*.* N/A T
562
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixd.fm
SpectraLink Wireless Telephones
Configuring HiPath Wireless Controller for SpectraLink telephones
D.2.3 Setting up multicast configuration
Note: Before you set up multicast configuration, you must specify the physical
port for routing multicast traffic on the Wireless Controller configuration
screen.
To set up multicast configuration:
1. From the main menu, click Virtual Network Configuration. The Virtual
Network Configuration screen is displayed.
2. In the left pane, expand the Topologies pane and select the desired topology.
3. Select the Multicast Filters tab, then select the Enable Multicast Support
checkbox.
4. From the Defined groups drop-down list, select Spectralink SVP
(224.0.1.116) and then click Add.
5. Select the Wireless Replication checkbox.
6. To save your changes, click Save.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
563
hwc_appendixd.fm
SpectraLink Wireless Telephones
Configuring HiPath Wireless Controller for SpectraLink telephones
D.2.4 Setting up Security
To set up the security:
1. From the main menu, click Virtual Network Configuration. The Virtual
Network Configuration screen is displayed.
2. In the left pane, expand the WLAN Services pane, then select the desired
WLAN Service.
3. Click the Privacy tab.
4. Select the WPA-PSK option.
5. Select the WPA v.2 option.
6. Under WPA v.2 section, select AES only from the Encryption drop-down
menu.
Note: The SpectraLink telephones must also be configured for WPA v.2
security.
7. Enter the appropriate pass phrase in the Pre-shared key field.
8. To save your changes, click Save.
D.2.5 Setting up Quality of Service (QoS)
To set up Quality of Service (QoS):
1. From the main menu, click Virtual Network Configuration. The Virtual
Network Configuration screen is displayed.
2. In the left pane, expand the WLAN Services pane, then select the desired
WLAN Service.
3. Click the QoS tab.
4. Under the Wireless QoS section, select the following:
564
•
Legacy
•
Turbo Voice
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixd.fm
SpectraLink Wireless Telephones
Configuring HiPath Wireless Controller for SpectraLink telephones
Note: If you are using HiPath Wireless APs and HiPath Wireless Outdoor
APs, you must ensure that Turbo Voice QoS is selected to achieve best voice
quality with the SpectraLink telephones.
Turbo Voice QoS does not have any effect on HiPath Wireless 802.11n APs
as these APs provide best voice quality regardless of whether Turbo Voice
QoS is selected or not.
Note: To achieve “higher call capacity”, you must ensure that WMM QoS is
deselected.
Note: The HiPath Wireless 802.11n APs support only the WMM QoS. If you
are using 802.11n APs, and you want to achieve “higher call capacity”, you
must ensure that WMM QoS is deselected.
The Turbo Voice QoS does not have any effect on the 802.11n APs
regardless of whether it is selected or not.
5. Click the Advanced button.
6. Under the Priority Processing section, select Priority Override.
7. Retain the default value in Service Class drop-down menu.
8. Retain the default value in DSCP marking drop-down menu.
9. To save your changes, click Save.
D.2.6 Setting up Radio Properties
To set up the radio for Voice Wireless LAN in HiPath Wireless AP (Models
2610/2620):
1. From the main menu, click Wireless AP Configuration. The Wireless AP
Configuration screen is displayed.
2. From the list of Wireless APs, select the Wireless AP that is being used for
the Voice WLAN.
3. On the Wireless AP Configuration screen, select the tab for the radio that
is being used for Voice WLAN.
4. Click the Advanced button.
5. Under Base Settings, set the DTIM Period to 3.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
565
hwc_appendixd.fm
SpectraLink Wireless Telephones
Configuring HiPath Wireless Controller for SpectraLink telephones
6. Under Basic Radio Settings, set the following parameters:
•
Tx Diversity: Set the Tx Diversity to either Left or Right.
•
Total # of retries for Voice VO: Set the Total # of retries for Voice VO
to adaptive (multi-rate).
Note: Siemens recommends that you set Tx Diversity to Left.
7. Retain the default values for all other parameters.
8. To save your changes, click Save.
To set up the radio for Voice Wireless LAN in HiPath Wireless 802.11n APs
(Models AP3610/3620):
1. From the main menu, click Wireless AP Configuration. The Wireless AP
Configuration screen is displayed.
2. From the list of Wireless APs, select the Wireless 802.11n AP that is being
used for the Voice WLAN.
3. On the Wireless AP Configuration screen, select the tab for the radio that
is being used for the Voice WLAN.
4. Click the Advanced button.
5. Under Base Settings, set the DTIM Period to 3.
6. Retain the default values for all other parameters.
7. To save your changes, click Save.
566
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixe.fm
Default GuestPortal source code
Ticket page
E Default GuestPortal source code
E.1 Ticket page
E.1.1 Placeholders used in the default GuestPortal
ticket page
Placeholder tag
Description
!GuestName
Guest Name
!GuestComment
Guest Comment
!TimeOfDayStart
Time-of-day start
!TimeOfDayDuration
Time-of-day session duration
!SessionLifeTime
Maximum session time
!UserID
User ID for the guest
!Password
Password for the guest
!SSID
SSID to connect to
!AccountActivationTime
Account available time
!AccountLifeTime
Account life time
Table 53
Default GuestPortal ticket page template placeholders
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
567
hwc_appendixe.fm
Default GuestPortal source code
Ticket page
E.1.2 Default GuestPortal ticket page source code
Note: The GuestPortal account information placeholders used in the html code
are preceded by the ! character.








GuestPortal



568
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
hwc_appendixe.fm
Default GuestPortal source code
Ticket page


Guest Name:
!GuestName


User ID:
!UserID


Password:
!Password


Account Start:
!AccountActivationTime


Duration:
!AccountLifeTime


Valid Daily Login Time:
!TimeOfDayStart -!TimeOfDayDuration


Comment:
!GuestComment



System Requirements:



A laptop with WLAN
capabilities (801.11a/b/g). This functionality can be either
embedded into your device or via a PCMCIA card.
Web browser software. You
can use any standard Internet browser (ie, Internet Explorer,
Netscape, etc).




Instructions:



Enable your wireless device
to connect to the '!SSID' SSID.
9034530-04, September 2010
HiPath Wireless Controller, Access Points and Convergence Software V7.31, User Guide
569
hwc_appendixe.fm
Default GuestPortal source code
GuestPortal sample header page
Once connected, launch your
Internet browser and you will be redirected to the Guest Access
webpage.
Enter the user ID and
password supplied above. By logging into the network, you are
accepting the terms and conditions below.
You're connected!