User’s Guide
Chapter 7 – Reference Manual
Employees Traffic
Visitor Traffic
Internal Servers
LAN
WLAN
Employe
WAN
P-560
Internet Router
Visitor
Figure 146 – User Access
Step 1
Configure your RADIUS server to use the "Billing-Class-of-Service" attribute as
defined in the WISPr vendor specific attribute set (see appendix: Vendor Specific
Attributes). If this BCoS attribute is set to the value "visitor_access" during the
authentication response, the AC will allow routing between the WLAN port and the
LAN port for this specific user.
Step 2
Use the system | access | NAV menu and enable visitor access function on ixp0
(LAN).
Such a user (visitor) will have employee access rights and access to servers running in the LAN (see
Figure 146 – User Access, employee traffic). In other words, the P-560 controls the client’s access to
the LAN via RADIUS attributes specifically addressing which clients are allowed to connect to the
LAN.
Visitor access on selected interface can only function with enabled
authentication. RADIUS server should authenticate the user, in order to control
user’s access to LAN.
If authentication is on enabled (visitor access enabled) user only receives the access to the Internet
independently from his/her access rights.
System | Access | SNMP
SNMP is the standard protocol that regulates network management over the Internet. With enabled
SNMP service Hotspot-in-a-Box can act as SNMP agent. To communicate with SNMP manager you
must set up the same SNMP communities and identifiers on both ends: manager and agent. For more
information about SNMP see Chapter 6 – SNMP Management.
Use the system | access | SNMP menu to enable/disable SNMP service or change current SNMP
configuration on your P560 controller.
Gemtek Systems
Page 101
User’s Guide
Chapter 7 – Reference Manual
Figure 147 – SNMP Settings
SNMP Table:
SNMP Service – enable or disable SNMP service on AC [enabled/disabled]. By default SNMP service
is enabled. With service enabled the AC acts as the SNMP agent.
If enabled, then device can be configured via SNMP:
SNMP Name – An administratively assigned name for this managed node [0-99 any string]. By
convention, this is the node’s fully qualified domain name.
SNMP Location – The physical location of this node (e.g., `telephone closet, 3rd floor') [0-99 any
string].
SNMP Contact – The textual identification of the contact person for this managed node, together with
information on how to contact this person [0-99 any string].
SNMP Read-Only Community – Community name is used in SNMP version 1 and version 2c. Readonly (public) community allows reading values, but denies any attempt to change values [1-32 all
ASCII printable characters, no spaces].
SNMP Read-Write Community – Community name is used in SNMP version 1 and version 2c.
Read-write (private) community allows to read and (where possible) change values [1-32 all ASCII
printable characters, no spaces].
Default Trap Community Name – The default SNMP community name used for traps without
specified communities. The default community by most systems is "public". The community string
must match the community string used by the SNMP network management system (NMS) 1-32 all
ASCII printable characters, no spaces].
Authentication Failure Taps Generation – select [enable/disable] getting the authentication failure
traps from your AC.
Gemtek Systems
Page 102
User’s Guide
Chapter 7 – Reference Manual
SNMP Users Table:
SNMP Users table is only used for SNMP v3.
SNMP Users – Users are used in SNMP version 3. They have the same access rights as
communities, but instead of a single community name there are user name and password. Strong
encryption is supported in SNMPv3.
User Name – enter user name for read-only (RO) or read-write (RW) SNMP access [1-32 all ASCII
printable characters, no spaces].
Password – enter password for read-only (RO) or read-write (RW) SNMP access [8-32 all ASCII
characters, no spaces].
SNMP Proxies Table:
SNMP Proxies – SNMP proxy configuration specifies that any incoming SNMP requests can be send
to another host. SNMP proxy can be configured in such a way that can proxy only specified SNMP
request under specific OID (OID local). Click the new button to create SNMP proxy:
Figure 148 – Add SNMP Proxies
Context Name – enter the context name for SNMP proxy rule between client and AC. Context name
only works with SNMP v3. If a "context name" is specified, it assigns the proxy rule to a particular
context name within the local agent [1-32 all ASCII printable characters, no spaces]:
P-560
WAN
Administrator
SNMP v3
with Context Name
LAN
SNMP v1/v2c
Figure 149 – SNMP and Content Name
This is the proper way to query multiple SNMP agents through a single proxy. Assign each remote
agent to a different context name. Then you can use "snmpwalk -n contextname1" to walk one
remote proxied agent and "snmpwalk -n contextname2" to walk another, assuming you are using
SNMPv3 to talk to the proxy (snmpv1 and snmpv2c context mappings aren’t currently supported but
might be in the future) (see the Figure 149 – SNMP and Content Name).
Type – select SNMP version for SNMP proxy rule between AP and AC [v1/v2c].
Community Name – enter community name for communicating with the host (see Figure 149 –
SNMP and Content Name, the host is AP in this case) [1-32 all ASCII printable characters, no
spaces].
Gemtek Systems
Page 103
User’s Guide
Chapter 7 – Reference Manual
IP Address – specify the host address (AP in our case) to which any incoming requests should be resent [dots and digits].
OID Local – enter Object Identifier (OID) of MIB tree if you want to proxy only the specified SNMP
requests under the specific OID in the MIB tree. That part is specified by OID local tree [optional,
number and dots].
OID Target – Optionally, you can relocate the "OID local” tree to the new location at the "OID target"
If no OID is specified all SNMP request to the controller will be redirected to a
specific host.
SNMP Trap Table:
You can configure your SNMP agent to send SNMP Traps (and/or inform notifications) under the
defined host (SNMP manager) and community name (optional).
Type – select trap message type [v1/v2/inform].
Host – enter SNMP manager IP address [dots and digits].
Community Name – specify the community name at a SNMP trap message. This community will be
used in trap messages to authenticate the SNMP manager. If not defined, the default trap community
name will be used (specified in the SNMP table) [1-32 all ASCII printable characters, no spaces].
Port – enter the port number the trap messages should be send through [number].
System | Status
Use the system | status menu to check the P-560 current status:
Device statistics (including device name, model, firmware version, status, logged administrators,
general uptime, memory, load, connected clients)
Figure 150 – Device Statistics
Device Name – full device name and model.
Firmware Version – the current version of the firmware.
Device Status – current device status: running/warning.
Gemtek Systems
Page 104
User’s Guide
Chapter 7 – Reference Manual
Currently Connected Administrators – logged administrators list in format: [administrator name, IP
address, and idling time in hours/minutes/seconds].
Uptime – indicates the time, expressed in days, hours and minutes since the system was last
rebooted [days/hours/minutes/seconds].
Software Runtime – indicates the time, expressed in days, hours and minutes since the software
reboot. The system itself can restart the software without rebooting the device
[days/hours/minutes/seconds].
Total Memory – total operational memory of your P-560 [kB].
Free Memory – indicates the memory currently available in the controller [kB].
Average Load – indicates the average load of the P-560 processor in the period of the last 1minute,
5 minutes and 15 minutes (a larger value means a larger average load on the processor).
Minimum load – 0.0
Normal load – should not exceed 1.0 (including)
Processor is busy – more than 1.00.
Connected Clients Number – total number of current connected clients on WAN interface. Click on
the settings and get detailed connected clients list (clients page under the connection | user):
Figure 151 – Connected Clients Detailed List
Connected Clients Input Bytes – current connected clients’ total Input bytes [K, KB, MB, GB].
Connected Clients Output Bytes – current connected clients’ total Output bytes [K, KB, MB, GB].
WAN interface (ixp1) (including the IP address, netmask, gateway, MAC address of the WAN
interface, DNS servers, RX/TX statistics)
Figure 152 – WAN Interface Statistics
RX – indicates data volume received on the WAN interface since reboot.
TX – indicates data volume transmitted to the WAN interface since reboot.
Wireless LAN interface (eth0) (including the IP address, netmask, MAC address of the WLAN
interface, RX/TX statistics)
Gemtek Systems
Page 105
User’s Guide
Chapter 7 – Reference Manual
Figure 153 – LAN Interface Statistics
RX – indicates data volume received on the WLAN interface since reboot.
TX – indicates data volume transmitted to the WLAN interface since reboot.
LAN interface (ixp0) (including the IP address, netmask, MAC address of the LAN interface,
RX/TX statistics)
RX – indicates data volume received on the WLAN interface since reboot.
TX – indicates data volume transmitted to the WLAN interface since reboot.
Services (all services list with its status: enabled/disabled)
Services are displayed as a link to the respective menu where status can be
configured.
Refresh – click the button to refresh device status statistics.
Gemtek Systems
Page 106
User’s Guide
Chapter 7 – Reference Manual
System | Reset
Check the Factory defaults values in the Appendix section: B) Factory Defaults
for the Access Controller.
If you need to reboot your device or reset to factory defaults select the system | reset menu:
Figure 154 – Reset and Reboot
Reset – reset device to factory default values.
Keep in mind that resetting the device is an irreversible process.
Please note that even the administrator password will be set back to the factory
default.
Reboot – reboot device with the last saved configuration.
Gemtek Systems
Page 107
User’s Guide
Chapter 7 – Reference Manual
System | Update
Check for new product updates at the Gemtek Systems website:
http://www.gemtek-systems.com
To update your device firmware, use only the original firmware image and under system | update
menu click the upload button:
Figure 155 – Firmware Update
Specify the full path to the new firmware image and click the upload button:
Figure 156 – New Firmware Upload
Firmware Image – enter the firmware image using the full path.
Browse – click the button to specify the new image location.
Upload – upload with new firmware.
Cancel – cancel the upload process.
New firmware image is uploaded into the controller. Now you need to upload this new firmware into
the controller’s FLASH memory, click the flash button:
Figure 157 – Flash New Image
Flash – flash new image, reboots the system.
Do not switch off and do not disconnect the P-560 from the power supply during the
firmware update process because the device could be damaged.
Firmware auto-update:
Auto-update function allows update device firmware automatically. This function will help for large
enterprises, having hundreds of AC's, to keep them up to date.
Gemtek Systems
Page 108
User’s Guide
Chapter 7 – Reference Manual
Figure 158 – Firmware Auto-update Configuration
Status - defines if auto-update is enabled or disabled. Default value disabled.
Update URL - defines where firmware should be downloaded from. It points directly to firmware
update file. URL should be accessible without any user authentication. URL can use HTTP, HTTPS
and FTP protocols. Default value - empty string.
Update interval – time interval between each update in hours [1-9999]. Time is counted from last
device boot-on. Default value is 48 hours.
Delay – delays update process by given amount of hours. This should prevent from getting hundreds
requests for firmware download at the same time [0-24]. Default value is 0.
Save - save new firmware auto-update settings.
On boot auto-update feature checks for available updates on specified server at
given URL. If there is different version - device downloads, installs firmware update
and reboots. If firmware version matches current version on device - no update
takes place.
Gemtek Systems
Page 109
User’s Guide
Chapter 7 – Reference Manual
Connection
Use the connection menu to view the connected user’s statistics, set outgoing mail server or observe
the connected station availability.
Figure 159 – Connection Menu
Connection | Users
The users menu is for viewing the connected users’ statistics. Also ability to logout user from the
system is implemented here:
Figure 160 – Users’ Statistics
The users’ statistics parameters are as follows:
No – number of the user’s session connection.
User – username of the connected client.
Interface – name of interface, through which client is connected [eth0/ixp0].
User IP – IP address, from which the user’s connection is established. Address is presented in digits
and dots notation.
Session Time - session duration since the user login.
Idle Time - amount of user inactivity time [hours: minutes: seconds].
Details – click on user details to get more information about the client:
Figure 161 – User’s Details
User – the username of the connected client.
Gemtek Systems
Page 110
User’s Guide
Chapter 7 – Reference Manual
Interface – name of interface, through which client is connected.
User IP – IP address, from which the user’s connection is established. Address is presented in digits
and dots notation.
MAC Address – hardware address of the network device from which the user is connected.
Authentication mode – authentication method which user uses to connect.
WISP – WISP domain name where the user belongs.
Session ID – the unique user’s session ID number. This can be used for troubleshooting purposes.
Session Time – session time duration since user login [hours: minutes: seconds/unlimited].
Remaining Time – remaining user’s session time [hours: minutes: seconds/unlimited]. Session time
for user is defined in the RADIUS server.
Idle Time - amount of user inactivity time [hours: minutes: seconds].
Input Bytes - amount of data in bytes, which the user network device has received [Bytes].
Output Bytes - amount of data in bytes, transmitted by the user network device [Bytes].
Remaining input/output/total bytes – user session remaining input/output bytes. WISP Operator
can define the user session in bytes. Remaining bytes is received from RADIUS [Bytes/unlimited].
Bandwidth downstream/upstream – user upstream and downstream bandwidth [in bps].
Back – returns to connected client’s statistics list.
Logout User – click this button to explicitly logout user from the network.
Refresh – click the button to refresh users’ statistics.
Gemtek Systems
Page 111
User’s Guide
Chapter 7 – Reference Manual
Connection | E-mail Redirection
The outgoing mail (SMTP) server redirection is performed using the e-mail redirection menu. By
default such redirection settings is displayed:
Figure 162 – E-mail Redirection Settings
Click the edit button to specify your outgoing mail server settings.
Figure 163 – Edit E-mail Redirection
Status – enable/disable e-mail redirection function.
Host – SMTP server address where to redirect the outgoing clients e-mails [enter host name or host
IP address].
Port – port number [number, by default: 25].
Save – save new e-mail redirection settings.
Connection | Station Supervision
The station supervision function is used to monitor the connected host station availability. This
monitoring is performed with ping. If the specified number of ping failures is reached (failure count),
the user is logged out from the AC.
Figure 164 – Station Supervision
To adjust the ping interval/failure count, click the Edit button.
Figure 165 – Edit Station Supervision
Interval – define interval of sending ping to host [in seconds].
Failure Count – failure count value after which the user is logged out from the system.
Save – save station supervision settings.
Cancel – cancel changes.
Gemtek Systems
Page 112
User’s Guide
Appendix
Appendix
A) Access Controller Specification
Technical Data
Wireless
Standard
IEEE 802.11g (OFDM), IEEE 802.11b (DSSS), 2.4GHz ISM band, Wi-Fi
compliant
Data Rate
802.11g: 54, 48, 36, 24, 18, 12, 9, 6 Mbps, 802.11b: 11Mbps, 5.5Mbps, 2,
1Mbps (auto fall back)
Client Stations
Max. 250 simultaneous client stations (depending on SW license Bronze,
Silver, Gold)
Typical range
50 meters in indoor environments, up to 300m outdoors
Transmit Power
Max. 17 dBm (EIRP)
Antennas
Two 2dBi dipole antennas with space diversity, SMA connectors.
Encryption
WPA, TKIP, WEP64, WEP128
WDS
Wireless Distribution System for up to 7 APs
Network and Hotspot Access Control
IP Router with NAT/PAT, firewall filters
AAA RADIUS client and proxy server
with EAP support
Universal address translation and web
proxy support (any client configuration
is accepted)
VPN client (PPTP, GRE)
WPA support
VPN pass-through
E-mail redirection
Hotspot access controller with web browser logon (UAM) and 802.1x/EAP support, Smart Client
support, MAC authentication, WISPr compliant
(Wi-Fi alliance)
Universal access method (web browser log-on)
with XML support and walled garden (free web
sites)
WISPr compatible log-on via web browser,
SSL/TLS support UAT
IEEE 802.1x authenticator with EAP-SIM, MD-5,
TLS, TTLS, PEAP
DHCP server, DHCP relay gateway, DHCP client
Layer 2 user isolation
Bandwidth management via RADIUS
Interface
WAN
10/100Mb Ethernet, auto sensing, RJ-45
LAN
Four 10/100Mb Ethernet port switched, auto sensing, RJ-45, 802.1q
VLAN support
WLAN
Two SMA antenna connectors
Management
Interfaces
HTTPs, Telnet, SNMP (MIB II, Ethernet MIB, bridge MIB, private MIB),
Terminal
Software Update
Remote software update via HTTPs
Reset
Remote reset / Manufacturing reset
Physical Specification
Dimension
Gemtek Systems
195 mm x 160 mm x 27 mm
Page 113
User’s Guide
Weight
Appendix
Environment Specification
Operating
Temperature
Humidity
0 to 55°C
10 % to 95%, non-condensing
Power Supply
External
100-230V AC, 50/60Hz
LEDs
8 LEDs
Power, Online, WAN link, WLAN link, 4x LAN-link
Warranty
2 years
Package Contents
P560 Hotspot-in-a-Box
Two Ethernet patch cables
Two detachable antenna’s SMA
connector type
CD-ROM with software and
documentation
Mounting Kit including tool to remove AP from
wall mounting
External power supply, 100-230 V, 50/60 Hz
Power cord for EU
Printed warranty note, release note
Related Products
Controllers:
G-6000/G-4000/G-4100 Public Access Controller
Access Points:
P-520 54Mb Operator
Client Adapters:
T-316 11Mb Ethernet Client (2.4 GHz)
Gemtek Systems
P-360 11Mb Hotspot-in-a-Box
P-380 11MB Outdoor Router
Page 114
User’s Guide
Appendix
B) Factory Defaults for the Access Controller
Network Interface Configuration Settings
Configuration | Interface Configuration
Interface
Eth0
Status
Enabled
Type
LAN
IP Address
192.168.4.1
Netmask
255.255.255.0
Gateway
Ixp1
Interface
Ixp1
Status
Enabled
Type
WAN
IP Address
192.168.2.66
Netmask
255.255.255.0
Gateway
192.168.2.1
Interface
Ixp0
Status
Enabled
Type
LAN
IP Address
192.168.3.1
Netmask
255.255.255.0
Gateway
Ixp1
Configuration | VLAN
No VLAN entries are defined on system.
Configuration | Route
No routes are defined on system.
Configuration | Port Forwarding
No port forwards defined.
Configuration | Management Subnet
Interface
Eth0
Status
Disabled
IP Address
0.0.0.0
Netmask
0.0.0.0
Remote Network
0.0.0.0
Remote Netmask
0.0.0.0
Interface
Ixp0
Status
Disabled
IP Address
0.0.0.0
Netmask
0.0.0.0
Remote Network
0.0.0.0
Remote Netmask
0.0.0.0
Gemtek Systems
Page 115
User’s Guide
Appendix
DNS
Hostname
None
Domain
None
Type
Primary
IP Address
0.0.0.0
Type
Secondary
IP Address
0.0.0.0
DHCP
Status
DHCP Server
Interface
Eth0
IP Address from
192.168.4.2
IP Address to
192.168.4.254
WINS Address
0.0.0.0
Status
DHCP Server
Interface
Ixp0
IP Address from
192.168.3.2
IP Address to
192.168.3.254
WINS Address
0.0.0.0
RADIUS Settings
RADIUS Retries
RADIUS Timeout
NAS Server ID
User Session Timeout
18000
User Accounting Update
600
User Accounting Update Retry
60
User Idle Timeout
900
Location ISO Country Code
US
Location E.164 Country Code
Location E.164 Area Code
408
Location Network
Gemtek_Systems
Hotspot Operator Name
Gemtek_Systems
Location
Terminal_Worldwide
Bandwidth Up
128 Kbits
Bandwidth Down
128 Kbits
RADIUS Servers
Name
DEFAULT (default)
Type
Authentication
IP Address
0.0.0.0
Port
1812
Secret
password (case sensitive)
Type
Accounting
IP Address
0.0.0.0
Gemtek Systems
Page 116
User’s Guide
Appendix
Port
1813
Secret
secret (case sensitive)
Reverse Accounting
disabled
Strip WISP
enabled
UAM authentication method
PAP
WISP
No WISP defined on system.
Accounting Backup
Description
Backup via syslog
Status
Disabled
Host
0.0.0.0
Description
Backup to local file
Status
Disabled
Host
Tunnels | PPPoE/PPTP/GRE
PPPoE/PPTP/GRE services are disabled.
Tunnels | PPTP Client for VPN
No PPTP client for VPN entries defined on system.
Tunnels | GRE Client for VPN
GRE Status
Disabled
GRE Remote Host
0.0.0.0
GRE Interface IP
0.0.0.0
GRE Interface Netmask
0.0.0.0
GRE Route
0.0.0.0/24
Wireless | Basic
Primary SSID
P560
Wireless Network Mode
Mixed/G (WiFi)
Regulatory Domain
Manual
Default Channel
11
Wireless | Advanced
Layer 2 Isolation
Disabled
SSID Broadcasting
Enabled
Fragmentation Threshold
2346
RTS Threshold
2347
Output Power
10
Antenna Gain
Wireless | Security
WEP/WPA
Disabled
Wireless | ACL
ACL Service
Disabled
Default ACL Policy
Allow
Gemtek Systems
Page 117
User’s Guide
Appendix
Wireless | WDS
No WDS links are specified.
User Interface Configuration Settings
Pages
Page
Welcome
Use
Internal
Status
Enabled
Location
Welcome.xsl
Page
Login
Use
Internal
Status
Page
Logout
Use
Internal
Status
Location
Logout.xsl
Page
Help
Use
Internal
Status
Location
Images/help.html
Page
Unauthorized
Use
Internal
Status
Location
Images/unauthorized.html
Caching
Description
Enabled
Headers
Description
Content-Type
Status
Disabled
Description
Content-Language
Status
Disabled
Remote Authentication
Remote Authentication
Disabled
Shared Secret
None
Administrator
Username
admin (case sensitive)
Start Page
Start Page URL
http://www.gemtek-systems.com
Walled Garden
Gemtek Systems
Page 118
User’s Guide
Appendix
No free site (or walled garden) URL is specified.
Web Proxy
Web Proxy
Enabled
Port
3128, 8080
System Configuration Settings
Configuration | Syslog
Remote Log Status
Disabled
Host
0.0.0.0
Level
Debug
Configuration | Trace System
History Size
100
Level
Debug
Configuration | Clock
Date Time
No further known parameter.
Configuration | NTP
NTP Service
Disabled
Host
0.0.0.0
Configuration | Certificate
By default Gemtek System certificate is uploaded in the system with following certificate information:
Issuer Organization Name Gemtek Systems
Subject Organization Name Gemtek Systems
Validity Not Before Oct 7 7:46:53 2002 GMT
Validity Not After Mar 12 7:46:53 2019 GMT
Configuration | Save and Restore
No further known parameters.
Configuration | Pronto
Gold Pronto Status
Disabled
HNS server URL
0.0.0.0:9989
Heartbeat interval
Disabled
Remote host
0.0.0.0
Remote port
7788
Access | Access Control
Default Access Status
Deny
Network Address
All
SNMP Service
Allow
Network Address
All
Access | Telnet
Telnet Status
Gemtek Systems
Disabled
Page 119
User’s Guide
Appendix
Access | AAA
UAM
Enabled
EAP802.1x
Disabled
MAC
Disabled
Use Password
RADIUS secret
Password
password (case sensitive)
Access | UAT
Interface
Eth0
UAT Status
Disabled
IP Address
0.0.0.0
Netmask
0.0.0.0
Interface
Ixp0
UAT Status
Disabled
IP Address
0.0.0.0
Netmask
0.0.0.0
Access | Isolation
Bindmac
Disabled
Isolation
Disabled
Access | NAV
Interface
Eth0
IP Address
192.168.3.1
NAT
Enabled
Authentication
Enabled
Visitor Access
Disabled
Interface
Ixp0
IP Address
192.168.2.4.1
NAT
Enabled
Authentication
Enabled
Visitor Access
Disabled
Access | SNMP
SNMP Service
Enabled
Name
Name
Location
Location
Contact
Contact information
Public Community Name
Public
Private Community Name
Private
Default Trap Community Name
Private
Authentication Failure Traps Generation
Disabled
Type
RO User
User Name
public (case sensitive)
Password
password (case sensitive)
Type
RW User
Gemtek Systems
Page 120
User’s Guide
Appendix
User Name
private (case sensitive)
Password
password (case sensitive)
There are no SNMP proxies on system.
There are no SNMP traps on system.
Update
Status
Disabled
Update URL
None
Update interval
48
Delay
Connection Settings
E-mail Redirection
Status
Disabled
Host
0.0.0.0
Port
25
Station Supervision
Interval
20
Failure count
Gemtek Systems
Page 121
User’s Guide
Appendix
C) Regulatory Domain/Channels
Channels
Identifiers
Frequency in
MHz
France
China
Japan
2412
•
•
•
—
•
•
•
2417
•
•
•
—
•
•
•
2422
•
•
•
—
•
•
•
2427
•
•
•
—
•
•
•
2432
•
•
•
—
•
•
•
2437
•
•
•
—
•
•
•
2442
•
•
•
—
•
•
•
2447
•
•
•
—
•
•
•
2452
•
•
•
—
•
•
•
10
2457
•
•
•
•
•
•
•
11
2462
•
•
•
•
•
•
•
12
2467
—
•
—
•
•
•
•
13
2472
—
•
—
•
•
•
•
14
2484
—
—
—
—
—
•
•
30dBm
20dBm
20dBm
20dBm
20dBm
Maximum Power Levels
USA,
Canada
(FCC)
European
Union
(CE/ETSI)
WORLD
(CE/FCC)
20dBm
Manual
20dBm
Mexico is included in the Americas regulatory domain; however, channels 1
through 8 are for indoor use only while channels 9 through 11 can be used indoors
and outdoors. Users are responsible for ensuring that the channel set configuration
complies with the regulatory standards of Mexico.
Gemtek Systems
Page 122
User’s Guide
Appendix
D) CLI Commands and Parameters
Network Commands
network
configuration
Network Interfaces configuration.
dhcp
Dynamic Host Configuration Protocol services configuration.
dns
DNS Server settings.
radius
Configuration set for changing RADIUS Server settings.
tunnels
Tunnels configuration commands.
network configuration
interface
Network Interfaces configuration.
portforward
Port forwarding setup.
routes
Static IP routing settings.
subnet
Management subnet configuration.
vlans
VLANs configuration.
network configuration interface
Standard UNIX interface name. This name cannot be changed.
-s
The interface status. Possible values are enabled and disabled.
-a
Interface IP address in digits and dots notation, e.g. 192.168.2.27.
-m
Interface subnet mask e.g. 255.255.255.0.
-g
Interface gateway in digits and dots notation or name of other
interface.
-d
The status of dhcp client for the interface. May have values
enabled and disabled. Can be used with WAN interface only.
-q
Masquerade status for interface: enabled or disabled.
-u
Authentication status on interface: enabled and disabled.
-v
Visitor access for interface: values enabled and disabled.
network configuration portforward
Action to take upon Port Forwarding entry: A(dd), E(dit), D(elete).
Port Forwarding entry id. Needed with actions E(dit) and D(elete).
-s
PortForwarding rule status: enabled or disabled.
-p
Rule protocol.
-a
Source ip address.
-l
Source port.
-d
Destination ip address.
-r
Destination port.
network configuration routes
Action to take upon the route. May have values A(dd), E(dit),
D(elete).
Route id. Needed only with actions E and D.
Route status. May have values active or inactive.
Gemtek Systems
Page 123
User’s Guide
Appendix
Interface name.
Target ip address.
Target netmask.
Gateway for the target address.
network configuration subnet
Interface name on which the management subnet is configured.
-s
Interface ip address for management subnet.
-a
Interface ip address for management subnet.
-m
Interface netmask for management subnet.
-n
Network from which users are allowed to access management
subnet.
-t
Netmask of network from which users are allowed to access
management subnet.
network configuration vlans
Action to take upon VLAN interface: A(dd), E(dit), D(elete).
Vlan interface id. Needed only when adding VLAN interface.
Name of interface on which VLAN interface exists. Needed only
when adding VLAN interface.
Name of VLAN interface. Needed only when editing or deleting
VLAN interface.
network dhcp
Interface name for DHCP server instance.
-s
Status of DHCP server for interface. May be server, relay or
disabled.
-f
Start of IP address range supported for DHCP service. Needed
only with server status.
-t
End of IP address range supported for DHCP service. Needed
only with server status.
-w
WINS Address (Windows Internet Naming Service Address) if it is
available on the network. Needed only with server status.
-l
DHCP Server lease time. Needed only with server status.
-d
DHCP domain name. Needed only with server status.
-c
Circuit ID - a unique NAS identifier. MAC address will be used by
default. Needed only with relay status.
-n
List of up to two DNS servers IP addresses.
network dns
DNS Server type. May be primary or secondary.
DNS Server IP address in digits and dots notation, e.g.
192.168.2.27.
Network Radius Commands
network radius
accounting_log
For sending RADIUS accounting via syslog.
proxy
RADIUS Proxy configuration.
servers
Up to 32 different RADIUS servers' configuration.
Gemtek Systems
Page 124
User’s Guide
Appendix
settings
General RADIUS settings configuration.
wisp
WISP information and setup.
network accounting_log
-l
Local accounting log status. Possible values are enabled or
disabled.
-r
Remote accounting log status. Possible values are enabled or
disabled.
-a
The host IP address where to send the accounting information.
network radius servers
accounting
Accounting RADIUS servers' configuration.
authentication
Authentication RADIUS servers' configuration.
backup
Accounting information backup servers configuration.
network radius servers accounting
RADIUS server id.
-a
RADIUS server IP address used for Radius accounting.
-p
RADIUS server port used for Radius accounting.
-s
Shared secret key for accounting (must be the same on RADIUS
server and RADIUS client).
network radius servers authentication
Action to take uppon radius server. May have values A(dd), E(dit),
D(elete).
RADIUS server id.
-n
RADIUS server name.
-a
RADIUS server IP address.
-p
RADIUS server port.
-s
Shared secret key (must be the same on RADIUS server and
RADIUS client).
-d
Sets the server as default. Possible values: yes. Note: there can
be only one default Radius server.
-r
Reverse accounting. May have values enabled or disabled.
-w
Strip WISP name before sending to RADIUS. May have values
enabled or disabled.
-u
UAM authentication method for RADIUS server. May have values
pap, chap, mschap1 and mschap2.
network radius servers backup
RADIUS server id.
-b
If RADIUS Backup Server feature is on. May have values enabled
or disabled.
-a
Backup RADIUS server IP address used for Radius accounting.
-p
Backup RADIUS server port used for Radius accounting.
-s
Shared secret key for backup server(must be the same on
RADIUS server and RADIUS client).
network radius settings
-r
Gemtek Systems
Retry count of sending RADIUS packets before giving up.
Page 125
User’s Guide
Appendix
-t
Maximal amount of time before retrying RADIUS packets (in
seconds).
-n
NAS Server identification string.
-o
Amount of time from user side (no network carrier) before closing
the connection (in seconds).
-a
Period after which server should update accounting information
(in seconds).
-c
Retry time period in which server should try to update accounting
information before giving up (in seconds).
-i
Amount of user inactivity time, before automatically disconnecting
user from the network (in seconds).
-u
Default Radius user upload bandwidth.
-d
Default Radius user download bandwidth.
network radius wisp
A(dd), D(elete)
WISP Id. Usable only with D action.
WISP name. Usable only with A action.
WISP Radius server id (from Radius authentication server list).
Usable only with A action.
Interface name to which the WISP should be bound or none.
Usable only with A action.
Network Tunnels Commands
network tunnels
gre
GRE client setup.
ppp
PPTP, PPPoE and GRE setup.
pptp4vpn
PPTP for VPN setup.
network tunnels gre
-s
Gre status: enabled or disabled. When enabling, gre tunnel will be
created.
-r
Remote host ip.
-d
GRE device ip
-m
GRE device netmask. e.g. 255.255.255.0
-n
Gre route. e.g. 192.168.6.0/24.
network tunnels ppp
-s
Status: disabled/PPTP/PPPoE/GRE.
-n
PPPoE/PPTP username.
-p
PPPoE/PPTP password.
-e :
PPPoE/PPTP encryption status: enabled or disabled.
-a
PPTP server ip address/GRE remote address.
-i
GRE interface address.
-m
GRE interface netmask.
network tunnels pptp4vpn
Gemtek Systems
A(dd), D(elete) or E(dit) entry.
Page 126
User’s Guide
Appendix
-c
PPTP channel. Used only with A and E actions.
-s
PPTP server ip address. Used only with A and E actions.
-u
PPTP username. Used only with A and E actions.
-p
PPTP password. Used only with A and E actions.
-e
PPTP encryption status: enabled or disabled. Used only with A
and E actions.
-a
PPTP remote network address. Used only with A and E actions.
-m
PPTP remote network netmask. Used only with A and E actions.
Wireless Commands
wireless
acl
Static ACL configuration.
advanced
Advanced wireless settings
basic
Basic wireless settings.
security
Wireless security configuration.
wds
Wireless Distribution System (WDS) configuration.
wireless acl
-s
Static ACL status: enabled or disabled.
-d
Default ACL policy: allow or deny.
-aa
Add MAC address to 'allow' list.
-ad
Add MAC address to 'deny' list.
-ra
Remove MAC address from 'allow' list.
-rd
Remove MAC address from 'deny' list.
wireless advanced
-i
Layer 2 isolation: enabled or disabled.
-s
Fragmentation threshold: 256-2346.
-r
RTS threshold: 0-2347.
-p
Wireless card output power in dBm.
-a
Print valid output power range for current regulatory domain.
-g
Wireless card antenna gain in dBi.
wireless basic
-s
SSID name.
-d
Regulatory domain name.
-l
Print available regulatory domains.
-m
Wireless network mode: B-only, B(WiFi), Mixed(WiFi), Mixed,
Mixed/G (WiFi), G(WiFi).
-c
Channel selection.
-a
Print available channels for current regulatory domain
wireless security
-s
Wireless security mode: disabled, wep64, wep128, wpakey.
-k
Pre-shared key.
Gemtek Systems
Page 127
User’s Guide
Appendix
wireless wds
-a
Add WDS MAC address.
-r
Remove WDS MAC address.
User Commands
user
administrator
Administrator login and password change.
connected
Connected users list.
start_page
Definition of first URL after user login.
walled_garden
Free Web sites list.
webproxy
Web proxy configuration.
user administrator
Enter for wizard
Follow the wizard and complete administrator settings changes.
user connected
D(etail) user statistics for or L(ogout) user with specified ip.
User ip address.
user start_page
The web page to which the user is redirected after login.
user walled_garden
host
Configures free web sites that are not displayed to users.
url
Configure free web sites that are displayed to users.
user walled_garden host
Action to take on free web site. May have values A(add), E(edit),
D(delete).
Walled Garden entry id. Used only with E(dit) and D(elete)
actions.
-h
Host address.
-p
Network port, which is used to reach the host.
-t
Used protocol type. May have values tcp or udp.
-m
Host subnet mask e.g. 255.255.255.255.
user walled_garden url
Action to take on free web site. May have values A(add), E(edit),
D(delete).
Walled Garden entry id. Used only with E(dit) and D(elete)
actions.
-u
URL address used for link.
-s
URL description visible for user.
user webproxy
-s
Web proxy status: enabled or disabled.
-a [... []]
Add list of Web proxy ports.
-d [... []]
Delete list of Web proxy ports.
Gemtek Systems
Page 128
User’s Guide
Appendix
System Commands
system
access
System access configuration.
configuration
System configuration.
system access
aaa
Multimode settings.
control
Allow or deny management access depending on user network
address.
isolation
Isolation setup.
snmp
Configuration of SNMP service.
telnet
Enabling or disabling of telnet protocol.
uat
Universal Address Translation of all IP and proxy settings.
system configuration
clock
Manual setting of internal device clock
ntp
Configuration of Network time Protocol service.
syslog
For sending system and debug messages via syslog protocol.
trace
Displays the last logged messages.
System Access Commands
system access aaa
-m
Either disabled or space separated list of modes. Modes may be:
uam, 802.1x, mac.
-u
Mac authentication mode password usage: 'radius' - use radius
shared secret key, 'user' - use of user-defined password.
-p
User defined mac authentication password.
system access control
Action to take upon management access entry: A(dd), E(dit),
D(elete) or default.
Management access entry id. Needed only when editing or
deleting entry.
-s
Services for which the policy should be set: ssh, snmp, telnet or
all.
-a
'all' or network ip address and bitmask to (dis)allow service to.
-p
Management access policy: allow or deny(default is deny).
system access isolation
-b
Mac binding status: enabled or disabled.
-i
Isolation status: enabled or disabled.
system access snmp
proxies
SNMP proxies settings.
settings
SNMP service settings.
traps
SNMP traps settings.
users
SNMP users settings.
Gemtek Systems
Page 129
User’s Guide
Appendix
system access snmp proxies
Action to take upon SNMP proxy entry: A(dd), E(dit) or D(elete).
Entry id. Needed only with Edit and Delete actions.
-t
Proxy type. May have values v1, v2c. Can be used only when
adding or editing proxy.
-a
Proxy ip address.
-c
Proxy community name.
-l
Proxy local OID.
-r
Proxy target OID.
system access snmp settings
-s
Status of SNMP service.
-n
System name.
-l
Location of the device.
-c
Contact information.
-b
Public name of SNMP service.
-r :
Private name of SNMP service.
system access snmp traps
Action to take upon SNMP trap entry: A(dd), E(dit) or D(elete)
Entry id. Needed only with Edit and Delete actions.
-c
SNMP community string.
-a
SNMP trap host address.
-p
SNMP trap port.
-t
SNMP trap type: v1, v2 or inform.
system access snmp users
User id.
-n
SNMP user name.
-p
SNMP user password.
system access telnet
Change telnet service status: enabled or disabled.
system access uat
Active LAN interface.
-s
UAT status on interface.
-a
Network of UAT address pool.
-m
Netmask of UAT address pool.
System Configuration Commands
system configuration
clock
Manual setting of internal device clock.
ntp
Configuration of Network time Protocol service.
syslog
For sending system and debug messages via syslog protocol.
trace
Displays the last logged messages.
Gemtek Systems
Page 130
User’s Guide
Appendix
system configuration clock
New date values in YYYY.MM.DD format.
Source Exif Data:
File Type : PDF
File Type Extension : pdf
MIME Type : application/pdf
PDF Version : 1.4
Linearized : No
Encryption : Standard V1.2 (40-bit)
User Access : Print, Copy, Fill forms, Extract, Assemble, Print high-res
Modify Date : 2004:07:14 13:48:00+08:00
Create Date : 2004:07:14 13:44:49+08:00
Title :
Author : rasa unguraityte
Creator : Acrobat PDFMaker 5.0 for Word
Producer : Acrobat Distiller 5.0 (Windows)
Page Count : 51
Mod Date : 2004:07:14 13:48:00+08:00
Creation Date : 2004:07:14 13:44:49+08:00
Metadata Date : 2004:07:14 13:48:00+08:00
Has XFA : No
