Maipu Communication Technology MP1800 Multi-Operation Access Router User Manual

Download:
Mirror Download [FCC.gov]
Document ID	1305480
Application ID	cyQhJo4oDLlunf/p8x5D5Q==
Document Description	Users manual
Short Term Confidential	No
Permanent Confidential	No
Supercede	No
Document Type	User Manual
Display Format	Adobe Acrobat PDF - pdf
Filesize	41.5kB (518762 bits)
Date Submitted	2010-07-02 00:00:00
Date Available	2010-07-02 00:00:00
Creation Date	2010-06-23 09:08:15
Producing Software	Acrobat Distiller 7.0 (Windows)
Document Lastmod	2010-07-02 08:39:37
Document Title	Microsoft Word - User Manual.doc
Document Creator	PScript5.dll Version 5.2
Document Author:	ace

MP1800 SERIES Multi-Operation
Access Router
Maipu Communication Technology Co., Ltd
No. 16, Jiuxing Avenue
Hi-Tech Park
Chengdu, Sichuan Province
P. R. China
610041
Tel: (86) 28-85148850, 85148041
Fax: (86) 28-85146848, 85148139
URL: http:// www.maipu.com
Mail: overseas@maipu.com
Maipu Confidential & Proprietary Information
Page 1 of 37
All rights reserved. Printed in the People’s Republic of China.
No part of this document may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any
language or computer language, in any form or by any means, electronic, mechanical, magnetic, optical, chemical, manual
or otherwise without the prior written consent of Maipu Communication Technology Co., Ltd.
Maipu makes no representations or warranties with respect to this document contents and specifically disclaims any implied
warranties of merchantability or fitness for any specific purpose. Further, Maipu reserves the right to revise this document
and to make changes from time to time in its content without being obligated to notify any person of such revisions or
changes.
Maipu values and appreciates comments you may have concerning our products or this document. Please address comments
to:
Maipu Communication Technology Co., Ltd
No. 16, JiuXing Avenue, Hi-Tech Park
Chengdu, Sichuan Province
P. R. China
610041
Tel: (86) 28-85148850, 85148041
Fax: (86) 28-85146848, 85148139
URL: http:// www.maipu.com
Mail: overseas@maipu.com
All other products or services mentioned herein may be registered trademarks, trademarks, or service marks of their
respective manufacturers, companies, or organizations.
NOTE1:
Changes or modifications not expressly approved by the party responsible for compliance could
void the user's authority to operate the equipment.
NOTE2:
This equipment has been tested and found to comply with the limits for a Class B digital
device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable
protection against harmful interference in a residential installation. This equipment generates, uses
and can radiate radio frequency energy and, if not installed and used in accordance with the
instructions, may cause harmful interference to radio communications. However, there is no
guarantee that interference will not occur in a particular installation. If this equipment does cause
harmful interference to radio or television reception, which can be determined by turning the
equipment off and on, the user is encouraged to try to correct the interference by one or more of the
following measures:
-- Reorient or relocate the receiving antenna.
-- Increase the separation between the equipment and receiver.
-- Connect the equipment into an outlet on a circuit different from that to which the receiver is
connected.
-- Consult the dealer or an experienced radio/TV technician for help.
Maipu Confidential & Proprietary Information
Page 2 of 37
Contents
WLAN Configuration...................................................................................4
Introduction to WLAN..............................................................................................4
Wireless Interface Parameter Configuration...............................................................5
Introduction ............................................................................................................................5
Basic Commands.....................................................................................................................5
Application Instance ..............................................................................................................13
Monitoring and Debugging.....................................................................................................13
Virtual AP Parameter Configuration ........................................................................ 15
Overview ..............................................................................................................................15
Basic Commands...................................................................................................................15
Application Instance ..............................................................................................................22
Monitoring and Debugging.....................................................................................................23
Wireless Security Profile Configuration .................................................................... 30
Overview ..............................................................................................................................30
Basic Commands...................................................................................................................30
Application Instance ..............................................................................................................33
Monitoring and Debugging.....................................................................................................34
WLAN Typical Configuration................................................................................... 35
Software & Hardware Version ................................................................ 37
Maipu Confidential & Proprietary Information
Page 3 of 37
MP1800 series Multi-Operation Access Router Datasheet
WLAN Configuration
Main contents:
Introduction to WLAN
Wireless interface parameter configuration
Virtual AP parameter configuration
Wireless security profile configuration
WLAN typical configuration
Introduction to WLAN
WLAN (Wireless Local Area Networks) is developed from the earliest
802.11 standard to the later 802.11b/g, which makes WLAN bandwidth be
improved
greatly.
802.11i
standard
ensures
the
WLAN
security;
802.11f/r/s standard makes the WLAN removable and deployable.
WLAN consists of Independent BSS, Infrastructure BSS and ESS. This
chapter describes the configuration and debugging of the access point in
Infrastructure BSS. The virtual AP mentioned in the following text refers to
multiple access points on the same wireless interface and they have the
same physical parameters, but the protocol parameters in the security
policy can be different.
Maipu Confidential & Proprietary Information
Page 4 of 37
MP1800 series Multi-Operation Access Router Datasheet
Wireless Interface Parameter
Configuration
Main contents:
Introduction to wireless interface parameter
Basic commands of wireless interface parameter
Application instance of wireless interface parameter
Monitoring and debugging of wireless interface parameter
Introduction
Wireless interface has some configurable parameters, including antenna,
channel,
power,
mode,
rate,
re-transmission
times,
country
code,
preamble length, SLOT length, beacon period and so on. The parameters
of all virtual APs are the same.
Basic Commands
Command
antenna {rx | tx} {left | right | diversity}
beacon {period | dtim-period} time
channel number
channel auto
channel auto time
packet {long | short} retry 1-15
power {100 | 50 | 25 | 12 | min}
Description
Select antenna. The
receiving and sending
antennas can be selected
separately. You can select
fixed or auto.
The beacon period and
DTIM period
Select channel
Set the times of retransmitting packets
Set the power; set according
to the percentage of the
maximum power
preamble {short | long}
Set long and short preamble
radioMode {11b | 11g | mixed}
Set wireless mode
radioSpeed {basic-x.x | x.x}
Set the wireless rate
rts {retry | threshold} count
Set the RTS threshold and
re-transmission times
Maipu Confidential & Proprietary Information
Configuration
Mode
config-ifdot11radio0
config-ifdot11radio0
config-ifdot11radio0
config-ifdot11radio0
config-ifdot11radio0
config-ifdot11radio0
config-ifdot11radio0
config-ifdot11radio0
config-ifdot11radio0
Page 5 of 37
MP1800 series Multi-Operation Access Router Datasheet
slot {short | long}
Set the slot length of the
conflict window
shutdown
Close the wireless interface
worldwide countrycode code
Set the country code
config-ifdot11radio0
config-ifdot11radio0
config-ifdot11radio0
Note
The command description with * means that the command has the
configuration instance to describe.
„
antenna
The antenna has two antennas. You can select one or auto.
antenna {rx | tx} {left | right | diversity}
no antenna {rx | tx}
Syntax
rx left
Description
Select the left antenna for receiving
rx right
Select the right antenna for receiving
rx diversity
The receiving selects the antenna according to the
signal intensity automatically.
tx left
Select the left antenna for sending
tx right
Select the right antenna for sending
tx diversity
The receiving selects the antenna according to the
signal intensity automatically.
Default status: By default, select antenna automatically for sending and
receiving.
Note
The receiving antenna on MP1800 SERIES router can take effect only
when being set as auto.
„
beacon
The command is used to set the beacon period and DTIM period.
beacon {period | dtim-period} time
no beacon {period | dtim-period}
Syntax
Maipu Confidential & Proprietary Information
Description
Page 6 of 37
MP1800 series Multi-Operation Access Router Datasheet
Set the period of sending the beacon packets and the
unit is 1024us
Set the period of sending buffered broadcast packets
and the unit is beacon periods
period 100-3000
dtim-period 1-30
Default status: The default beacon period is 300 and the period of
sending the buffer packets is 6.
„
channel
You can select the fixed channel or set to search the idle channels
automatically.
channel number
channel auto
channel auto time
no channel
Syntax
Description
Set the specified channel. The channel is the wireless
center channel. In fact, after expanding, it may occupy
the center channel left two and right two channels.
Therefore, the enter channels without overlapping are 1,
6, and 11. In fact, the configurable channel range is
related with the set country code.
1-14
auto
Automatically detect the idle channel for one time.
Automatically detect the idle channels with the configured
minutes as the period. The auto detection affects the
normal communication, so the period cannot be set too
small.
auto 1-6000
Default status: By default, automatically detect the idle channel for one
time.
„
packet
The command is used to set the times of re-transmitting the packets.
packet {long | short} retry 1-15
no packet {long | short} retry
Syntax
short retry count
long retry count
Maipu Confidential & Proprietary Information
Description
Set the times of re-transmitting the packet with the
length smaller than RTS threshold
Set the times of re-transmitting the packet with the
length larger than RTS threshold
Page 7 of 37
MP1800 series Multi-Operation Access Router Datasheet
Default status: By default, the re-transmission times is 10.
„
power
The command is used to set the percentage of the maximum wireless
power.
power {100 | 50 | 25 | 12 | min}
no power
Syntax
Description
Set the
power
Set the
power
Set the
power
Set the
power
100
50
25
12
min
wireless sending power as 100% of the maximum
wireless sending power as 50% of the maximum
wireless sending power as 25% of the maximum
wireless sending power as 12% of the maximum
Set the wireless sending power as the minimum power
Default status: By default, the wireless sending power is 100% of the
maximum power.
„
preamble
The command is used to set the length of the preamble.
preamble {short | long}
no preamble
Syntax
Description
short
Set the preamble as the short preamble
long
Set the preamble as the long preamble
Default status: By default, it is the short preamble.
„
radioMode
The command is used to set the wireless mode.
radioMode {11b | 11g | mixed}
Maipu Confidential & Proprietary Information
Page 8 of 37
MP1800 series Multi-Operation Access Router Datasheet
no radioMode
Syntax
Description
11b
Set the wireless mode as 802.11b
11g
Set the wireless mode as 802.11g
mixed
Set the wireless mode as 802.11b/g mixed
Default status: By default, the wireless mode is 802.11b/g mixed.
Note
Set the wireless mode to affect the rate configuration. When being set as
802.11b, the rate can only be set as 1.0, 2.0, 5.5, 11.0; when being set
as 802.11g, the rate can only be set as 6.0, 9.0, 12.0, 18.0, 24.0, 36.0,
48.0, and 54.0; when being set as mixed, you can set all rates.
„
radioSpeed
You can select multiple wireless rates. Meanwhile, you need to specify
whether each rate is the basic rate (the basic rate is the rate that all
associated stations must support).
radioSpeed {basic-x.x | x.x}
no radioSpeed
Syntax
Description
basic-x.x …
Set the wireless basic rate
x.x …
Set the wireless extended rate
Default status: All 802.11b/g rates: basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0
18.0 24.0 36.0 48.0 54.0.
Note
1.
The wireless rate means the rate that must be supported when the
wires access node is associated with the stations. At least one basic
rate must be set.
2.
You can set multiple rates, such as radioSpeed basic-1.0 basic-2.0
48.0 54.0.
3.
During the actual running, the program selects from the rate setting
range according to the signal.
Maipu Confidential & Proprietary Information
Page 9 of 37
MP1800 series Multi-Operation Access Router Datasheet
4.
The no format of the command selects the appropriate rate according
to the current wireless mode.
„
rts
The command is used to set the RTS threshold and retransmission times.
rts {retry | threshold} count
no rts {retry | threshold}
Syntax
Description
threshold 256-2346
Set the packet size threshold of using the RTS/CTS
mechanism. When the unicast packet is larger than the
threshold, use RTS/CTS to interact.
retry 1-15
Set the re-transmission times of RTS
Default status: By default, the RTS threshold is 2346 bytes and the RTS
re-transmission times is 10.
„
shutdown
The command is used to disable the wireless interface.
shutdown
no shutdown
Default status: By default, the wireless interface is enabled.
„
slot
The command is used to set the length of the conflicting window slot.
slot {short | long}
no slot
Syntax
Description
short
Set the conflicting window as short slot, that is, 9us.
long
Set the conflicting window as long slot, that is, 20us.
Default status: By default, it is the short slot.
Maipu Confidential & Proprietary Information
Page 10 of 37
MP1800 series Multi-Operation Access Router Datasheet
„
worldwide
The command is used to set the country code of the wireless interface.
Each country may have different limitation for wireless signal.
worldwide countrycode code
no worldwide countrycode
Syntax
Description
Use two capital letters to express the ISO country code.
For example, CN is for China and US is for America.
code
Default status: CN
Note
1.
The setting of the country code affects the available wireless channel
and the maximum sending power.
2.
The configurable country codes:
Country code Country name
AR
ARGENTINA
AT
AUSTRIA
AU
AUSTRALIA
BE
BELGIUM
BG
BULGARIA
BR
BRAZIL
CA
CANADA
CH
SWITZERLAND
CL
CHILE
CN
CHINA (Default)
CO
COLOMBIA
CY
CYPRUS
CZ
CZECH REPUBLIC
DE
GERMANY
DK
DENMARK
EE
ESTONIA
ES
SPAIN
FI
FINLAND
FR
FRANCE
GB
UNITED KINGDOM
GR
GREECE
HK
HONGKONG
Maipu Confidential & Proprietary Information
Page 11 of 37
MP1800 series Multi-Operation Access Router Datasheet
HR
HU
ID
IE
IL
IN
IS
IT
JP
KR
LI
LT
LU
LV
MA
MT
MX
MY
NL
NO
NZ
PE
PH
PL
PT
RO
RU
SA
SE
SG
SI
SK
TH
TR
TW
US
UY
ZA
CROATIA
HUNGARY
INDONESIA
IRELAND
ISRAEL
INDIA
ICELAND
ITALY
JAPAN
KOREA
LIECHTENSTEIN
LITHUANIA
LUXEMBOURG
LATVIA
MOROCCO
MALTA
MEXICO
MALAYSIA
NETHERLANDS
NORWAY
NEW ZEALAND
PERU
PHILIPPINES
POLAND
PORTUGAL
ROMANIA
RUSSIAN FEDERATION
SAUDI ARABIA
SWEDEN
SINGAPORE
SLOVENIA
SLOVAKIA
THAILAND
TURKEY
TAIWAN,PROVINCE OF CHINA
UNITED STATES
URUGUAY
SOUTH AFRICA
Maipu Confidential & Proprietary Information
Page 12 of 37
MP1800 series Multi-Operation Access Router Datasheet
Application Instance
Application Instance 1
WLAN application network topology
Illustration
One router with the WLAN module and one PC with the wireless adapter
are interconnected.
ROUTER configuration:
Command
router(config)#interface dot11radio0
router(config-if-dot11radio0)#beacon period 100
router(config-if-dot11radio0)#channel auto
router(config-if-dot11radio0)#radioSpeed basic-1.0 basic-2.0
54.0
router(config-if-dot11radio0)# worldwide countrycode CN
router(config-if-dot11radio0)#exit
Description
Enter the wireless interface
mode
Configure beacon period as
100ms
Configure selecting channel
automatically
Configure the basic rate and
extended rate
Configure the country code as
CN
Exit the wireless interface
mode
Monitoring and Debugging
Monitoring Command
Command
show dot11radio unit
Maipu Confidential & Proprietary Information
Description
Display the running parameter and status of the wireless
interface
Page 13 of 37
MP1800 series Multi-Operation Access Router Datasheet
Monitoring Command Instance
router#show dot11radio 0
Displayed result:
dot11radio 0:
LinkStatus
: Up
Mac Address
: 0001.7a12.3456
Current SSIDs
:2
MAX SSIDs : 4
*************************************************************************
SSID(network name) LinkStatus
VLAN
Stations Privilege
maipu
Up
No
CPE
Up
No
*************************************************************************
Country Code
: 156
Allowed Channels
Auto Channel
RadioMode
: 11b/g mixed
: 1 2 3 4 5 6 7 8 9 10 11 12 13
: Yes
Auto ReChannel
: Disable
Current Channel
: 4 [AUTO]
Recv Antenna
: diversity
Allowed Rates
: [1] 2 5.5 6 9 11 12 18 24 36 48 54
Broadcast rate
:1
Beacon Period
: 300
Dtim Period
:6
RTS Threshold
: 2346
RTS Retry
: 10
Fragment Input
: 1026
Power
: 100%
Transmit Antenna : diversity
Need Protection : No
Short Time Slot : Yes
Short Preamble
: No
Packet Short Retry: 10
Packet Long Retry : 10
Fragment Output : 139
Bytes Input
: 90704
Bytes Output
: 24162
Frame Input
: 3104
Frame Output
: 139
Multicast Input
: 2923
Multicast Output : 136
Duplicates Rcvd
:0
Decrypt Failed
MIC Failed
FCS Failed
:5
:0
Exceeded Retries : 0
Data Retries
RTS Retries
:0
:0
: 138
Associate Request : 1
Associate Success : 1
Associate Response: 1
Diassociate
:0
Description and analysis:
The above information includes three parts:
Maipu Confidential & Proprietary Information
Page 14 of 37
MP1800 series Multi-Operation Access Router Datasheet
1.
The current wireless interface status, including the Link status of the
wireless interface, the information about all virtual APs under the
wireless interface and so on;
2.
The running parameters of the current wireless interface;
3.
The statistics information of the current wireless interface;
Virtual AP Parameter
Configuration
Main contents:
Overview
Basic commands of virtual AP parameters
Application instance of virtual AP parameters
Monitoring and debugging of virtual AP parameters
Overview
Virtual AP refers to the multiple virtual logical wireless access point (AP)
on the same wireless interface. The parameters of the virtual APs can be
different and can be bound to different security policies.
Basic Commands
Command
ssid name
clientlimit 1-56
encapsulation
rfc1042}
{802.1h
fragment 256-2346
Maipu Confidential & Proprietary Information
Description
Enter the virtual AP
configuration mode or
create a new virtual AP
Set
the
maximum
number of the access
clients of the virtual AP
Select
the
LLC
encapsulation format
Set the fragment
threshold
Configuration Mode
config-if-dot11radio0
config-dot11radio0-ssid-xxx
config-dot11radio0-ssid-xxx
config-dot11radio0-ssid-xxx
config-dot11radio0-ssid-xxx
Page 15 of 37
MP1800 series Multi-Operation Access Router Datasheet
idle-timeout 0-60
maclist 2001-3000
regroup time 1-30
security name
shutdown
ssidIe {enable | disable}
vlan 1-4094
privilege {enable | disable}
station isolate {enable | disable}
interface dot11radio0.x
encapsulation dot1q 1-4094
Set the idle timeout
Bind the access list of
the MAC address
Re-calculate the period
of the multicast key
Bind the security
profile
Disable the virtual AP
Enable and disable the
SSID advertisement of
virtual AP
Configure the vlan ID
of the virtual AP
Configure the privilege
attribute of the virtual
AP
Configure whether the
AP isolates the station
Create one the
wireless sub interface
and enter the
configuration mode of
the wireless sub
interface
Encapsulate the
wireless sub interface
with the VLAN ID
config-dot11radio0-ssid-xxx
config-dot11radio0-ssid-xxx
config-dot11radio0-ssid-xxx
config-dot11radio0-ssid-xxx
config-dot11radio0-ssid-xxx
config-dot11radio0-ssid-xxx
config-dot11radio0-ssid-xxx
config-dot11radio0-ssid-xxx
config-dot11radio0-ssid-xxx
config
config-if
config-if-dot11radio0.x
Note
The command description with * means that the command has the
configuration instance to describe.
„
ssid
The command is used to create a new virtual AP or enter the existing
virtual AP, with ssid as ID.
ssid name
no ssid name
Syntax
Description
ssid name
If virtual AP identified by name does not exist, first
create a new virtual AP and enter the virtual AP
configuration mode, that is, the ssid configuration mode
no ssid name
Delete the virtual AP identified by name
Default status: none
Note
At most four virtual APs can be configured.
Maipu Confidential & Proprietary Information
Page 16 of 37
MP1800 series Multi-Operation Access Router Datasheet
„
clientlimit
The command is used to limit the maximum number of the stations of the
virtual AP.
clientlimit 1-56
no clientlimit
Syntax
1-56
Description
The maximum number of the access stations of the
virtual AP
Default status: By default, up to 14 access stations are permitted.
Note
1.
Each virtual AP can be configured with up to 56 access stations, but
the total number of the associated stations of all virtual APs of one
wireless interface cannot exceed 56. Therefore, the total number of
the stations of all virtual APs exceeds 56, the system prints the
prompt information.
2.
The encrypted policy affects the maximum number of the associated
stations of the wireless interface. If the encrypted policy is TKIP, one
station occupies two resources. Therefore, the wireless interface can
associates with 56 stations at most. If all associated stations use TKIP,
the maximum number of the stations that can be associated with the
wireless interface changes to 28.
„
encapsulation
The command is used to set the OUI encapsulation format of the link layer
LLC/SNAP.
encapsulation {802.1h | rfc1042}
no encapsulation
Syntax
Description
rfc1042
Encapsulate LLC/SNAP (aa-aa-03-00-00-00) by RFC1042
802.1h
Encapsulate LLC/SNAP (aa-aa-03-00-00-f8) by 802.1H.
Default status: Encapsulate by rfc1042.
Maipu Confidential & Proprietary Information
Page 17 of 37
MP1800 series Multi-Operation Access Router Datasheet
Note
1.
The command is invalid for the IPX and AppleTalk protocol packets.
The IPX and AppleTalk packets are encapsulated by 802.1h.
2.
The
command
does
not
affect
the
de-encapsulating
of
the
encapsulated packet and the device processes according to IEEE
802.1H-1997 standard.
„
fragment
The command is used to set the fragment threshold. The packet that
exceeds the threshold is fragmented.
fragment 256-2346
no fragment
Syntax
256-2346
Description
Set the bytes of the packet fragment
Default status: The threshold of the packet fragment is 2346 bytes.
„
idle-timeout
The command is used to set the idle timeout of the station.
idle-timeout 0-60
no idle-timeout
Syntax
0-60
Description
0 means no timeout forever. The remaining means 160-minute timeout.
Default status: By default, the timeout is 5 minutes.
„
maclist
The command is used to bind the MAC access list.
maclist 2001-3000
no maclist
Maipu Confidential & Proprietary Information
Page 18 of 37
MP1800 series Multi-Operation Access Router Datasheet
Syntax
2001-3000
Description
Bind the created MAC access list, which is used for the
basic authentication of 802.11.
Default status: By default, no MAC access list is bound.
„
regroup
The command is used to set re-calculating the multicast key period.
regroup time 1-30
no regroup time
Syntax
1-30
Description
Set re-calculating the period of the multicast key, in the
unit of minute.
Default status: By default, do not re-calculate the multicast key.
Note
The setting is valid only when the security policy is WPA1 or WPA2.
„
security
The command is used to bind the configured security profile.
security name
no security
Syntax
name
Description
Bind the configured security profile. Check the contents
of the security profile during binding. If there is
conflicting project, the system prompts error.
Default status: No security profile is bound.
„
shutdown
The command is used to disable the virtual AP.
shutdown
Maipu Confidential & Proprietary Information
Page 19 of 37
MP1800 series Multi-Operation Access Router Datasheet
no shutdown
Default status: Enable the virtual AP.
„
ssidIe
The command is used to set whether to broadcast SSID of the virtual AP.
ssidIe {enable | disable}
no ssidIe
Syntax
Description
enable
Broadcast the SSID of the virtual AP.
disable
Do not broadcast SSID of the virtual AP.
Default status: Broadcast the SSID of the virtual AP.
„
vlan
The command is used to set the VLAN ID of the virtual AP.
vlan 1-4094
no vlan
Syntax
1-4094
Description
Set the VLAN of the virtual AP. The vlan number
corresponds to the VLAN number of the wireless sub
interface, so the wireless packets of the virtual AP can
be submitted to the IP protocol stack.
Default status: no vlan attribute
Note
Modifying the configuration results in the disconnection of all stations.
„
privilege
The command is used to set the privilege attribute of the virtual AP.
privilege {enable | disable}
Maipu Confidential & Proprietary Information
Page 20 of 37
MP1800 series Multi-Operation Access Router Datasheet
no privilege
Syntax
Description
enable
Set the virtual AP as the privilege virtual AP. Once the
attribute is set, only the privilege user on the web
interface can view and configure the virtual AP.
disable
Set the virtual AP as the common virtual AP and all
users can view and configure.
Default status: No privilege attribute
„
station isolate
The command is used to set the privilege attribute of the virtual AP.
station isolate {enable | disable}
no station isolate
Syntax
Description
enable
Set the virtual AP to isolate all associated stations. All
stations cannot communicate with each other, but they
can only communicate with the wireless sub interface.
disable
Set the virtual AP not to isolate stations. All stations in
the virtual AP can communicate with each other and the
wireless sub interface.
Default status: Do not isolate the stations.
„
interface dot11radio0.x
The command is used to create the wireless sub interface or enter the
wireless sub interface configuration mode.
interface dot11radio0.x
Default status: No sub interface
Note
1.
Wireless sub interface is the channel of the virtual AP connecting the
DS system. You can configure the IP address, NAT, ACL, route
protocol and bridge group on the wireless sub interface.
Maipu Confidential & Proprietary Information
Page 21 of 37
MP1800 series Multi-Operation Access Router Datasheet
2.
The wireless main interface can only be configured with the wireless
parameters and SSID, but cannot be configured with the IP address or
run the IP protocol stack. It can only serve as one console interface.
„
encapsulation dot1q
The command is used to configure the VLAN number of the wireless sub
interface.
encapsulation dot1q 1-4094
Syntax
1-4094
Description
Set the VLAN number of the wireless sub interface. The
vlan number corresponds to the VLAN number of the
wireless sub interface, so the wireless packets of the virtual
AP can be submitted to the IP protocol stack.
Default status: No vlan attribute
Application Instance
Application Instance 1
Refer to Figure 1-1.
Router configuration:
Command
router(config)#interface dot11radio0
router(config-if-dot11radio0)#ssid test
router(config-if-dot11radio0-ssid-test)#clientlimit 10
router(config-if-dot11radio0-ssid-test)#fragment
2000
router(config-if-dot11radio0-ssid-test)#idle-timeout
60
router(config-if-dot11radio0-ssid-test)#security wpa
router(config-if-dot11radio0-ssid-test)#vlan 1
router(config-if-dot11radio0-ssid-test)#exit
Maipu Confidential & Proprietary Information
Description
Enter the wireless interface mode
Enter the virtual AP configuration
mode
Configure the limitation for the clients
of the virtual AP
Configure the fragment threshold of
the virtual AP
Configure the client idle timeout of the
virtual AP
Bind the security profile of the virtual
AP
Configure the VLAN attribute of the
virtual AP
Exit the virtual AP configuration mode
Page 22 of 37
MP1800 series Multi-Operation Access Router Datasheet
Monitoring and Debugging
Monitoring Commands
For example:
Command
Description
Display the running parameters and
status of the virtual AP
Display the running status of the access
station
show dot11radio unit ssid name
show dot11radio unit ssid name station mac-
address
Monitoring Command Instance
router# show dot11radio 0 ssid maipu
Displayed result:
SSID [maipu]:
LinkStatus
: Up
Mac Address
: 0201.7a12.3456
Current Stations : 1
MAX Stations
: 14
*****************************************************************************
MAC Address
IP Address
Authenticated Associated WPA1/2-PSK EAP-802.1X
00b0.8c51.0327 192.168.119.40
Yes
Yes
*****************************************************************************
Vlan
:1
Security Profile :
Hidden SSID
: No
Encapsulation
: RFC1042
Fragment Threshold : 2346
Fragment Input
: 437
RegroupTime
:0
MacList
Privilege
: No
Fragment Output : 100
Bytes Input
: 60351
Bytes Output
: 18539
Frame Input
: 437
Frame Output
: 100
Multicast Input
: 255
Multicast Output : 96
Duplicates Rcvd
:0
Exceeded Retries : 0
Decrypt Failed
MIC Failed
:0
:0
Associate Request : 1
Associate Success : 1
Data Retries
RTS Retries
:0
:0
Associate Response: 1
Diassociate
:0
Description and analysis:
Maipu Confidential & Proprietary Information
Page 23 of 37
MP1800 series Multi-Operation Access Router Datasheet
The above information includes three parts:
1.
The current virtual AP status, including the Link status of the virtual
AP, the information about all associated stations of the virtual AP;
2.
The running parameters of the current virtual AP;
3.
The statistics information of the current virtual AP;
router#show dot11radio 0 ssid maipu station 00b0.8c51.0327
Displayed result:
Station [00b0.8c51.0327]:
MAC Address
: 00b0.8c51.0327
SSID
: maipu
SecPol
:-
IP Address
Vlan
: 192.168.119.40
:1
Authenticated
: Yes
AuthPol:
:-
Associated
: Yes
CiphPol:
:-
AID
:1
Supported Rates
: [1] 2 5.5 6 9 11 12 18 24 36 48 54
Receive Rate
: 54
Signal Strength
: -70dBm
Signal Quality
: 41%
Power-save
: Off
Last Activity
Fragment Input
: 71
Fragment Output : 1
Transmit Rate
: 54
Connected For
: 490 seconds
Activity Timeout : 120 seconds
: 26 seconds ago
Bytes Input
: 4704
Bytes Output
: 360
Frame Input
: 71
Frame Output
:1
Duplicates Rcvd
Decrypt Failed
MIC Failed
:0
Exceeded Retries : 0
:0
:0
Data Retries
RTS Retries
:0
:0
Description and analysis:
The above information includes two parts:
1.
The running parameters of the associated station
2.
The statistics information of the associated station
Maipu Confidential & Proprietary Information
Page 24 of 37
MP1800 series Multi-Operation Access Router Datasheet
Debugging Commands
Command
debug
dot11radio
pro
assoc
debug dot11radio pro auth
debug dot11radio pro data
debug
dot11radio
pro
datanull
debug
dot11radio
pro
deauth
debug
dot11radio
pro
disassoc
debug
dot11radio
pro
dperx
debug
dot11radio
pro
dpetx
debug dot11radio pro pm
debug
probe
debug
pspoll
debug
ratectrl
debug
reassoc
dot11radio
pro
dot11radio
pro
dot11radio
pro
dot11radio
pro
debug dot11radio pro scan
debug dot11radio rsn
Description
Debug the association of the station
Debug the basic authentication of the station
Debug all packets received and sent by the wireless interface
Debug the datanull packets received by the wireless interface
Debug the de-authentication of the station
Debug the dis-association of the station
Debug the packets received by the wireless interface
Debug the packets sent by the wireless interface
Debug the converting of the mode of saving energy of the
station
Debug the detection frames received by the wireless
interface and the response
Debug the pspoll frame received by the wireless interface
Debug the rate adjusting of the wireless interface
Debug the re-association of the station
Debug the process of the wireless interface of detecting the
idle channel automatically
Debug the process of the wireless interface expanding
security
Debugging Command Instance
For environment, refer to Figure 1.1.
1.
A complete process of connecting the station
The following debugging switches need to be enabled:
debug dot11radio pro auth
debug dot11radio pro assoc
debug dot11radio rsn
Information and analysis:
00:03:53: DOT11->AUTH: from 00:b0:8c:51:03:27 to 02:e0:4c:fb:76:a7
The authentication packet is sent from the station 00:b0:8c:51:03:27 to
the virtual AP 02:e0:4c:fb:76:a7
00:03:53: DOT11->Update Sta:00:b0:8c:51:03:27 Start
Maipu Confidential & Proprietary Information
Page 25 of 37
MP1800 series Multi-Operation Access Router Datasheet
Update the status of the station 00:b0:8c:51:03:27.
00:03:53: DOT11->Sta:00:b0:8c:51:03:27 is already here
Find that the station 00:b0:8c:51:03:27 already exists.
00:03:53: DOT11->Update Sta:00:b0:8c:51:03:27 End
00:03:53: DOT11->Auth Recv Start
Start to process the authentication packet.
00:03:53: DOT11->OPEN-SYSTEM-SEQ-1
The authentication mode opensystem, the first frame (reques)
00:03:53: DOT11->Auth Send Start
00:03:53: DOT11->Sta:00:b0:8c:51:03:27
Send the authentication response packet.
00:03:53: DOT11->Auth Send End
00:03:53: DOT11->Open-System Authentication success!
Pass the opensystem basic authentication.
00:03:53: DOT11->Auth Recv End
00:03:53: DOT11->ASSOC: from 00:b0:8c:51:03:27 to 02:e0:4c:fb:76:a7
Receive the association packet sent from the station 00:b0:8c:51:03:27 to
virtual AP 02:e0:4c:fb:76:a7.
00:03:53: DOT11->Assoc Recv Start
00:03:53: DOT11->Asso Rsp Send Start
00:03:53: DOT11->Sta:00:b0:8c:51:03:27
Send the association response packet to the station 00:b0:8c:51:03:27.
00:03:53: DOT11->Asso Rsp Send End
00:03:53: DOT11->Association success
The association succeeds.
00:03:53: DOT11->Sta's negAuthPol is PSK
The authentication mode of the station is PSK.
Maipu Confidential & Proprietary Information
Page 26 of 37
MP1800 series Multi-Operation Access Router Datasheet
00:03:53: DOT11->Send uniCast MSG A to 00:b0:8c:51:03:27
Start to perform the RSN authentication and send the first packet to the
station.
00:03:53: DOT11->Received uniCast MSG B from 00:b0:8c:51:03:27
Receive the second response packet RSN of the station.
00:03:53: DOT11->Key data added!
00:03:53: DOT11->Send uniCast MSG C/RSN to 00:b0:8c:51:03:27
Send the RNS third packet to the station.
00:03:53: DOT11->Received uniCast MSG D from 00:b0:8c:51:03:27
Receive the RSN fourth response packet of the station.
2.
The debugging of power saving mode
The following debugging switches need to be enabled:
debug dot11radio pro pm
debug dot11radio pro pspoll
debug dot11radio pro datanull
The process of AP buffering the packers of the station in the power
saving mode and TIM advertising:
ROUTER#ping 192.168.119.40
The station is already in the power saving mode, so it is necessary to send
packets from the AP to the station actively, buffer them and use the TIM
advertising:
Press key (ctrl + shift + 6) interrupt it.
Sending 5, 76-byte ICMP Echos to 192.168.119.40 , timeout is 2 seconds:
00:11:57: DOT11->Enqueue to Sta's PM Queue
Maipu Confidential & Proprietary Information
Page 27 of 37
MP1800 series Multi-Operation Access Router Datasheet
The station is in the power saving state, so the packets sent to the station
is buffered in the PM queue.
00:11:57: DOT11->enough space in Sta's PM Queue
The PM buffer queue still has space.
00:11:57: DOT11->Started to SET AID 5. Byte = 0, bit = 5 (oldStart = 0, oldStop=1)
Set the fields from AID 5 to TIM of the station, so as to inform the station
that there are packets for it via beacon.
00:11:57: DOT11->Bit 5 set in byte 0 (newStart=0 newStop = 1)
00:11:58: DOT11->PSPOLL: from 00:b0:8c:51:03:27 to 02:e0:4c:fb:76:a7
After receiving the beacon advertisement, the station sends the pspoll
packets to require receiving the buffered data.
00:11:58: DOT11->PsPoll Recv Start
00:11:58: DOT11->PmFlush Start:ONE,SEND
Send one packet in the PM buffer queue at once.
00:11:58: DOT11->Sta:00:b0:8c:51:03:27
The destination station is 00:b0:8c:51:03:27.
00:11:58: DOT11->Packet Send Start
00:11:58: DOT11->Send to Driver Start
00:11:58: DOT11->Send to Driver End
00:11:58: DOT11->Packet Send End
Sending packets is complete.
00:11:58: DOT11->No More Packets In Queue
The PM buffer queue of the station is empty.
00:11:58: DOT11->Started to CLEAR AID 5. Byte = 0, bit = 5 (oldStart = 0, oldStop=1)
Clear up the AID 5 of the TIM field and inform the station that there is no
buffered packet.
00:11:58: DOT11->Byte 0 after clear Bit 5 is zero(oldStart=0 oldStop=1)
00:11:58: DOT11->Bit 5 clear in byte 0 (newStart=0 newStop=1)
Maipu Confidential & Proprietary Information
Page 28 of 37
MP1800 series Multi-Operation Access Router Datasheet
The process of converting the power saving state of the station:
00:31:30: DOT11->DATA-NULL: from 00:b0:8c:51:03:27 to 02:e0:4c:fb:76:a7
Receive the datanull packet from the station.
00:31:30: DOT11->DataNull Recv Start
00:31:30: DOT11->PM from FALSE to TRUE
The PM information in the datanull packet means that the station changes
from the normal state to the power saving state.
00:31:51: DOT11->DataNull Recv End
Here, the station pings the wireless sub interface actively, so the
station actively changes to the normal state for communicating.
00:31:48: DOT11->PM from TRUE to FALSE
Receive the ping packet from the station and the PM field in the packet
means that the status changes to normal.
00:31:48: DOT11->PmFlush Start:ALL,SEND
The power saving state of the station changes to normal, so it is necessary
to send all buffered packets to the station.
00:31:48: DOT11->Sta:00:b0:8c:51:03:27
00:31:48: DOT11->No packets in queue
The buffer queue is already empty.
00:31:48: DOT11->Started to CLEAR AID 5. Byte = 0, bit = 5 (oldStart = 0, oldStop=1)
00:31:48: DOT11->Bit 5 already cleared in byte 0 (oldStart=0 oldStop=1)
There are no buffered packets of the station, so modify the AID of the TIM
field.
00:31:51: DOT11->DATA-NULL: from 00:b0:8c:51:03:27 to 02:e0:4c:fb:76:a7
Receive the datanull packets from the station (because there is no
communication for a period of time, the station enters the power saving
state.)
Maipu Confidential & Proprietary Information
Page 29 of 37
MP1800 series Multi-Operation Access Router Datasheet
00:31:51: DOT11->DataNull Recv Start
00:31:51: DOT11->PM from FALSE to TRUE
The PM information in the datanull packet means that the station changes
from the normal state to the power saving state.
00:31:51: DOT11->DataNull Recv End
Wireless Security Profile
Configuration
Main contents:
Overview
Basic commands of wireless security profile
Application instance of wireless security profile
Monitoring and debugging of wireless security profile
Overview
Wireless security profile means to configure the authentication, encryption
and password of the wireless security to one profile and then bind the
profile to any virtual AP. One virtual AP can only be bound to one security
profile, but multiple virtual APs can be bound to one security profile. After
the security profile is bound to the virtual AP, it cannot be modified, but
should be un-bound first.
Basic Commands
Command
ssid-security-profile name
Maipu Confidential & Proprietary Information
Description
Configuration Mode
Create one wireless
config
security profile and
config-dot11radio0-ssidenter the security
xxx
profile
config-ssid-secprofile-xxx
configuration mode
Page 30 of 37
MP1800 series Multi-Operation Access Router Datasheet
authpol
{opensystem|sharekey|psk|802.1x}
ciphpol {none | wep40 | wep104 |
aes | tkip}
secpol {none | wep | wpa1 | wpa2}
Set
the
authentication
policy
Set the encryption
policy
Set the security
policy
config-ssid-secprofile-xxx
config-ssid-secprofile-xxx
config-ssid-secprofile-xxx
Note
The command description with * means that the command has the
configuration instance to describe.
„
ssid-security-profile
The command is used to create one new security profile or enter the
configuration mode of the existing security profile.
ssid-security-profile name
no ssid-security-profile name
Syntax
ssid-security-profile name
no ssid-security-profile
name
Description
Create one new security profile or enter the configuration
mode of the existing security profile
Delete the existing security profile
Default status: none
„
authpol
The command is used to set the authentication policy.
authpol {opensystem|sharekey|psk|802.1x}
Syntax
opensystem
sharekey
psk ascii string
psk hex hex-string
802.1x default
802.1x name
Maipu Confidential & Proprietary Information
Description
Set the 802.11 basic authentication as open; no extended
authentication mode
Set the 802.11 basic authentication as share; no extended
authentication mode
Set the 802.11 basic authentication as open and the
extended authentication mode is PSK; set the key with a
length of 8-63 bytes.
Set the 802.11 basic authentication as open and the
extended authentication mode is PSK; set the hex number of
the key with a length of 64 characters (that is, 32-byte hex
number)
Set the 802.11 basic authentication as open and the
extended authentication mode is 802.1x; set the 802.1x
authentication server list name (by default, it is default).
Page 31 of 37
MP1800 series Multi-Operation Access Router Datasheet
Default status: opensystem
„
ciphpol
The command is used to set the encryption policy.
ciphpol {none | wep40 | wep104 | aes | tkip}
Syntax
Description
none
Set no encryption policy
wep40 key-slot 1-4 key hex hex-string
Set the encryption policy as wep, use the 40-bit
key and set the hex number of the key index
and key, with a length of 10 characters (that is,
5-byte hex number)
Set the encryption policy as wep, use the 40-bit
key and set the ascii character string of the key
index and key, with a length of 5 characters
(that is, 5-byte hex number)
Set the encryption policy as wep, use the 104-bit
key and set the hex number of the key index
and key, with a length of 26 characters (that is,
13-byte hex number)
Set the encryption policy as wep, use the 104-bit
key and set the ascii character string of the key
index and key, with a length of 13 characters
(that is, 13-byte hex number)
Set the encryption policy as TKIP (only WPA1
and WPA2 can set the encryption policy)
Set the encryption policy as AES (that is, CCMP;
only WPA1 and WPA2 can set the encryption
policy)
wep40 key-slot 1-4 key ascii string
wep104 key-slot 1-4 key hex hex-string
wep104 key-slot 1-4 key ascii string
tkip
aes
Default status: none
Note
Encryption policy affects the maximum number of the associated stations
of the wireless interface. If the encryption policy is TKIP, one station
occupies
two
resources.
Therefore,
the
wireless
interface
can
be
associated with 56 stations at most. If all associated stations use TKIP, the
maximum number of the associated stations of the wireless interface
changes to 28.
„
secpol
The command is used to set the security policy.
secpol {none | wep | wpa1 | wpa2}
Maipu Confidential & Proprietary Information
Page 32 of 37
MP1800 series Multi-Operation Access Router Datasheet
Syntax
Description
none
Set non security policy
wep
Set the security policy as WEP
wpa1
Set the security policy as WPA1
wpa2
Set the security policy as WPA2
Default status: none
Application Instance
Application Instance 1
There are the following typical wireless security profiles:
„
WEP
The configuration of the security profile:
Syntax
Description
secpol wep
Set the security policy as wep
authpol {opensystem | sharekey}
Set the authentication policy as
opensystem or sharekey
Set the encryption policy as wep40 or
wep104
ciphpol {wep40 | wep104} key-slot 1-4 key
{ascii | hex} string
„
WPA1-PSK
The configuration of the security profile:
Syntax
Description
secpol wpa1
Set the security policy as wpa1
authpol psk {ascii | hex} string
Set the authentication policy as PSK and
set the key value
Set the encryption policy as TKIP or AES
ciphpol {tkip | aes}
„
WPA1-EAP
The configuration of the security profile:
Syntax
Maipu Confidential & Proprietary Information
Description
Page 33 of 37
MP1800 series Multi-Operation Access Router Datasheet
secpol wpa1
Set the security policy as wpa1
authpol 802.1x name
Set the authentication policy as 802.1x
and set the authentication server list
name
Set the encryption policy as TKIP or AES
ciphpol {tkip | aes}
„
WPA2-PSK
The configuration of the security profile:
Syntax
Description
secpol wpa2
Set the security policy as wpa2
authpol psk {ascii | hex} string
Set the authentication policy as PSK and
set the key value
Set the encryption policy as TKIP or AES
ciphpol {tkip | aes}
„
WPA2-EAP
The configuration of the security profile:
Syntax
Description
secpol wpa2
Set the security policy as wpa2
authpol 802.1x name
Set the authentication policy as 802.1x
and set the authentication server list
name
Set the encryption policy as TKIP or AES
ciphpol {tkip | aes}
Monitoring and Debugging
Monitoring Command
Command
show ssid-security-profile name
Description
Display the contents of the security
profile
Monitoring Command Instance
router# show ssid-security-profile wpa2
Displayed result:
ssid-security-profile wpa2
secpol wpa2
Maipu Confidential & Proprietary Information
Page 34 of 37
MP1800 series Multi-Operation Access Router Datasheet
authpol psk ascii abcdefgh
ciphpol aes
Description and analysis:
The displayed result includes the security policy, authentication policy and
encryption of the security profile.
WLAN Typical Configuration
Command
Description
router#configure terminal
Enter global configuration
mode
router(config)#ssid-security-profile wpa2
Create the security profile
wpa2 and enter the security
profile configuration mode
router(config-ssid-secprofile-wpa2)#secpol wpa2
Set the security policy as
wpa2
router(config-ssid-secprofile-wpa2)#authpol psk ascii
12345678
Set the authentication policy
as psk and configure the key
value
router(config-ssid-secprofile-wpa2)#ciphpol aes
Set the encryption policy as
aes
router(config-ssid-secprofile-wpa2)#exit
Return to the global
configuration mode
router(config)#int dot11radio 0
Enter the wireless interface
configuration mode
router(config-if-dot11radio0)#ssid test
Create one virtual AP, whose
SSID is test, and enter the
SSID configuration mode
router(config-dot11radio0-ssid-test)#security wpa2
Bind the security profile
wpa2 to the virtual AP
router(config-dot11radio0-ssid-test)#vlan 1
Set the VLAN ID of the
virtual AP as 1,
corresponding to the later
wireless sub interface
router(config-dot11radio0-ssid-test)#exit
Return to the wireless
interface configuration mode
router(config-if-dot11radio0)#int dot11radio 0.1
Create the wireless sub
interface dot11radio0.1 and
enter the wireless sub
interface configuration mode
router(config-if-dot11radio0.1)#encapsulation dot1q 1
Configure the VLAN ID of
the wireless sub interface as
1, corresponding to the
Page 35 of 37
Maipu Confidential & Proprietary Information
MP1800 series Multi-Operation Access Router Datasheet
VLAN ID of the previous
virtual AP
router(config-if-dot11radio0.1)#ip address 192.168.1.1
255.255.255.0
Configure the IP address of
the wireless sub interface
router(config-if-dot11radio0.1)#exit
Return to the global
configuration mode; up to
now, the WLAN
configuration is complete,
but WLAN should cooperate
with DHCP to complete the
access function, so the
following describe the DHCP
configuration.
router(config)#ip dhcp pool wlan
Create the DHCP pool
named wlan
router(dhcp-config)#range 192.168.1.100 192.168.1.200
255.255.255.0
Configure the distributable
IP address pool of DHCP
router(dhcp-config)#default-router 192.168.1.1
Configure the default
gateway distributed by
DHCP
router(dhcp-config)#dns-server 61.139.2.69
Configure the DNS server
distributed by DHCP
Maipu Confidential & Proprietary Information
Page 36 of 37
MP1800 series Multi-Operation Access Router Datasheet
Software & Hardware Version
Hardware version: MP1800 SERIES H020
Software version: rp8-i-6.1.XX(RL09-70).bin
Maipu Confidential & Proprietary Information
Page 37 of 37

---

Source Exif Data:

File Type                       : PDF
File Type Extension             : pdf
MIME Type                       : application/pdf
PDF Version                     : 1.6
Linearized                      : Yes
Encryption                      : Standard V2.3 (128-bit)
User Access                     : Print, Extract, Print high-res
XMP Toolkit                     : Adobe XMP Core 4.0-c316 44.253921, Sun Oct 01 2006 17:14:39
Producer                        : Acrobat Distiller 7.0 (Windows)
Creator Tool                    : PScript5.dll Version 5.2
Modify Date                     : 2010:07:02 08:39:37-07:00
Create Date                     : 2010:06:23 09:08:15+08:00
Metadata Date                   : 2010:07:02 08:39:37-07:00
Format                          : application/pdf
Title                           : Microsoft Word - User Manual.doc
Creator                         : ace
Document ID                     : uuid:fe2a33b2-92df-424e-b4dc-e9fa40e4224b
Instance ID                     : uuid:3d453303-63eb-4028-9a78-4ca3e6978c01
Page Count                      : 37
Author                          : ace

EXIF Metadata provided by EXIF.tools