Sercomm AP221AI 11n Dual Band Wireless Access Point User Manual AP221AI User s Guide 20130424

Sercomm Corporation 11n Dual Band Wireless Access Point AP221AI User s Guide 20130424

User Manual

        11n Dual Band  Wireless Access Point                User's Guide
 i TABLE OF CONTENTS CHAPTER 1 INTRODUCTION ............................................................................................. 1 Features of your Wireless Access Point ........................................................................... 1 Package Contents .............................................................................................................. 3 Physical Details .................................................................................................................. 4 CHAPTER 2 INSTALLATION ............................................................................................... 7 Requirements ..................................................................................................................... 7 Procedure ........................................................................................................................... 7 CHAPTER 3 .............................................................................................................................. 9 ACCESS POINT SETUP.......................................................................................................... 9 Overview ............................................................................................................................ 9 Setup using a Web Browser .............................................................................................. 9 System - Basic Settings Screen ....................................................................................... 11 System - Time Settings Screen ....................................................................................... 12 System - SNMP Settings ................................................................................................. 13 System - Log Settings ...................................................................................................... 16 Wireless - Basic Settings Screen ..................................................................................... 19 Wireless - Virtual APs Screen ........................................................................................ 21 Wireless - Radius Settings .............................................................................................. 37 Wireless - Access Control ............................................................................................... 39 Wireless - QoS Settings ................................................................................................... 41 Wireless - Advanced Settings ......................................................................................... 42 Network - Device Mode Screen ...................................................................................... 51 Network - IP Settings Screen .......................................................................................... 52 Network - VLAN Settings Screen .................................................................................. 54 Network - IGMP Settings Screen ................................................................................... 56 Network - STP Screen ..................................................................................................... 57 Network - Bridge Parameters Screen ............................................................................ 58 CHAPTER 4 PC AND SERVER CONFIGURATION ....................................................... 59 Overview .......................................................................................................................... 59 Using WEP ....................................................................................................................... 59 Using WPA-PSK/WPA2-PSK ........................................................................................ 60 Using WPA-Enterprise ................................................................................................... 61 802.1x Server Setup (Windows 2000 Server) ................................................................ 62 Using 802.1x Mode (without WPA) ............................................................................... 72 CHAPTER 5 OPERATION AND STATUS ......................................................................... 73 Status Screen .................................................................................................................... 73 CHAPTER 6 ACCESS POINT MANAGEMENT ............................................................... 86 Overview .......................................................................................................................... 86 AP Type ............................................................................................................................ 86 Management Screen ........................................................................................................ 87 Auto Config ...................................................................................................................... 90 Config File ........................................................................................................................ 91 Ping Test ........................................................................................................................... 93 Auto Reboot ..................................................................................................................... 94 Firmware Upgrade .......................................................................................................... 95 CHAPTER 7 ACCESS POINT MODE ................................................................................ 96 Overview .......................................................................................................................... 96 Management Connections .............................................................................................. 96 Home Screen .................................................................................................................... 97 Device Mode Screen ........................................................................................................ 98
 ii Status Screen .................................................................................................................... 99 APPENDIX A SPECIFICATIONS ..................................................................................... 101 Wireless Access Point .................................................................................................... 101 APPENDIX B TROUBLESHOOTING .............................................................................. 104 Overview ........................................................................................................................ 104 General Problems .......................................................................................................... 104 APPENDIX C ABOUT WIRELESS LANS ........................................................................ 106 Overview ........................................................................................................................ 106 Wireless LAN Terminology .......................................................................................... 106 APPENDIX D COMMAND LINE INTERFACE .............................................................. 109 Overview ........................................................................................................................ 109 Command Reference ..................................................................................................... 109                P/N:  Copyright  2013. All Rights Reserved. Document Version: 1.0 All trademarks and trade names are the properties of their respective owners.
 1 Chapter 1 Introduction This Chapter provides an overview of the Wireless Access Point's features and capabilities. Congratulations on the purchase of your new Wireless Access Point. The Wireless Access Point links your Wireless Stations to your wired LAN. With the Wireless Access Point, you can select either 2.4 GHz or 5 GHz radio bands, which provides the flexibility to manage a graceful transition from networks. The Wireless stations and devices on the wired LAN are then on the same network, and can communicate with each other without regard for whether they are connected to the network via a Wireless or wired connection.  Figure 1: Wireless Access Point  Features of your Wireless Access Point The Wireless Access Point incorporates many advanced features, carefully designed to provide sophisticated functions while being easy to use.  Standards Compliant.  The Wireless Access Point complies with the IEEE802.11g and IEEE802.11n draft 2.0 specifications for Wireless LANs.  Supports 11n Wireless Stations.  The 802.11n Draft standard provides for backward compatibility with the 802.11b standard, so 802.11n, 802.11a, 802.11b and 802.11g  Wireless stations can be used simultaneously. The Wireless Access Point supports both the 2.4GHz and 5.0GHz (802.11a) bands.  DHCP Client Support.  Dynamic Host Configuration Protocol provides a dynamic IP address to PCs and other devices upon request. The Wireless Access Point can act as a DHCP Client, and obtain an IP address and related information from your existing DHPC Server. 1
Wireless Access Point User Guide 2  Upgradeable Firmware.  Firmware is stored in a flash memory and can be upgraded easily, using only your Web Browser.  PoE Support.  You can use PoE (Power over Ethernet) to provide power to the Wireless Access Point, so only a single cable connection is required. Security Features  Virtual APs.  For maximum flexibility, wireless security settings are stored in Virtual AP. Up to 16 Virtual APs can be defined and used as any time.  Multiple BSSIDs.  Because each Virtual AP has it own SSID and beacon, and up to 16 Virtual APs can be active simultaneously, multiple SSIDs are supported. Different clients can connect to the Wireless Access Point using different SSIDs, with different security settings.  Virtual APs Isolation.  If desired, PCs and devices connecting to different Virtual APs can be isolated from each other.  VLAN Support.  The 802.1Q VLAN standard is supported, allowing traffic from differ-ent sources to be segmented. Combined with the multiple SSID feature, this provides a powerful tool to control access to your LAN.  WEP support.  Support for WEP (Wired Equivalent Privacy) is included. The 64 Bit, 128 Bit and 152 Bit keys are supported.  WPA support.  Support for WPA is included. WPA is more secure than WEP, and should be used if possible. Both TKIP and AES encryption methods are supported.  802.1x Support.  Support for 802.1x mode is included, providing for the industrial-strength wireless security of 802.1x authentication and authorization.  Radius Client Support.  The Wireless Access Point can login to your existing Radius Server (as a Radius client).  Radius MAC Authentication.  You can centralize the checking of Wireless Station MAC addresses by using a Radius Server.  Rogue AP Detection.  The Wireless Access Point can detect unauthorized (Rouge) Access Points on your LAN.  Access Control.  The Access Control feature can check the MAC address of Wireless clients to ensure that only trusted Wireless Stations can use the Wireless Access Point to gain access to your LAN.  Password - protected Configuration.  Optional password protection is provided to prevent unauthorized users from modifying the configuration data and settings. Advanced Features  Command Line Interface.  If desired, the command line interface (CLI) can be used for configuration. This provides the possibility of creating scripts to perform common config-uration changes.  Auto Configuration.  The Wireless Access Point can perform self-configuration by copying the configuration data from another Access Point. This feature is enabled by de-fault.  Auto Update.  The Wireless Access Point can automatically update its firmware, by downloading and installing new firmware from your FTP server.  Radius Accounting Support.  If you have a Radius Server, you can use it to provide accounting data on Wireless clients.   Syslog Support.  If you have a Syslog Server, the Wireless Access Point can send its log data to your Syslog Server.
Introduction 3  SNMP Support.  SNMP (Simple Network Management Protocol) is supported, allowing you to use a SNMP program to manage the Wireless Access Point. When stores the con-figuration, will not affect the operation of SNMP and CLI.  VPN Pass – through. Do not affect related application operation (such as ICMP, FTP, HTTP, Etc.) when in IP network, and support VPN Pass - through function.  Package Contents The following items should be included:  Wireless Access Point   Power Adapter   Two 5G Detachable Antennas  Two 2.4G Detachable Antennas  Quick Start Guide   CD-ROM containing the on-line manual If any of the above items are damaged or missing, please contact your dealer immediately.
Wireless Access Point User Guide 4 Physical Details  Front Panel LEDs  Figure 2: Front Panel Antenna Ports (Left Side)  Attach the 5G antennas here. Status On - Error condition. Off - Normal operation. Blinking - During start up, and when the Firmware is being upgraded. Power On - Normal operation. Off  - No power Ethernet On - Corresponding LAN (hub) port is active. Off - No active connection on the corresponding LAN (hub) port. Flashing - Data is being transmitted or received via the corresponding LAN (hub) port. 2.4 GHz  On - Wireless connection is available in 2.4GHz mode. Off - Wireless connection is not available in 2.4GHz mode. Flashing - Data is being transmitted or received via the Wireless access point. Data includes "network traffic" as well as user data. 5 GHz  On - Wireless connection is available in 5GHz mode. Off - Wireless connection is not available in 5GHz mode. Flashing - Data is being transmitted or received via the Wireless access point. Data includes "network traffic" as well as user data. Antenna Ports (Right Side)  Attach the 2.4G antennas here.
Introduction 5 Rear Panel  Figure 3: Rear Panel Reset Button  This button has two (2) functions:  Reboot.  When pressed and released, the Wireless Access Point will reboot (restart).  Reset to Factory Defaults.  This button can also be used to clear ALL data and restore ALL settings to the factory default values. To Clear All Data and restore the factory default values: 1. Hold the Reset Button until the Status (Red) LED blinks TWICE, usually more than 5 seconds. 2. Release the Reset Button.  The factory default configuration has now been restored, and the Access Point is ready for use. Console port  This port allows root access to the router via a dumb terminal interface. LAN/PoE  Use a standard LAN cable (RJ45 connectors) to connect this port to a 10/100/1000BaseT hub/switch on your LAN. Power port  Connect the supplied power adapter (12V) here.
Wireless Access Point User Guide 6 Wall Mount Template The following image illustrates the mounting slots on the bottom of the device.   Figure 4: Wall Mount
 7 Chapter 2 Installation This Chapter covers the physical installation of the Wireless Access Point. Requirements Requirements:  TCP/IP network  Ethernet cable with RJ-45 connectors  Installed Wireless network adapter for each PC that will be wirelessly connected to the network. Procedure 1. Select a suitable location for the installation of your Wireless Access Point. To maximize reliability and performance, follow these guidelines:  Use an elevated location, such as wall mounted or on the top of a cubicle.  Place the Wireless Access Point near the center of your wireless coverage area.  If possible, ensure there are no thick walls or metal shielding between the Wireless Access Point and Wireless stations. Under ideal conditions, the Wireless Access Point has a range of around 150 meters (450 feet). The range is reduced, and transmission speed is lower, if there are any obstructions between Wireless devices.  Figure 5: Installation Diagram 2
Wireless Access Point User Guide 8 2. Use a standard LAN cable to connect the "LAN" port on the Wireless Access Point to a 10/100/1000BaseT hub/switch on your LAN. 3. Connect the supplied power adapter to the Wireless Access Point and a convenient power outlet, and power up.  4. Check the LEDs:  The Status LED should flash, then turn OFF.  The Power and Ethernet LEDs should be ON. For more information, refer to Front Panel LEDs in Chapter 1.   Using PoE (Power over Ethernet) The Wireless Access Point supports PoE (Power over Ethernet). To use PoE: 1. Do not connect the supplied power adapter to the Wireless Access Point. 2. Connect one end of a standard (category 5) LAN cable to the Ethernet port on the Wire-less Access Point. 3. Connect the other end of the LAN cable to the powered Ethernet port on a suitable PoE Adapter.  4. Connect the unpowered Ethernet port on the PoE adapter to your Hub or switch. 5. Connect the power supply to the PoE adapter and power up. 6. Check the LEDs on the Wireless Access Point to see it is drawing power via the Ethernet connection.   Figure 6: Using PoE (Power over Ethernet)
 9 Chapter 3 Access Point Setup This Chapter provides details of the Setup process for Basic Operation of your Wireless Access Point. Overview This chapter describes the setup procedure to make the Wireless Access Point a valid device on your LAN, and to function as an Access Point for your Wireless Stations. Wireless Stations may also require configuration. For details, see Chapter 4 - PC and Server Configuration.  The Wireless Access Point can be configured using your Web Browser.  Setup using a Web Browser Your Browser must support JavaScript. The configuration program has been tested on the following browsers:  Chrome   Firefox  Internet Explorer 7 or later Setup Procedure Before commencing, install the Wireless Access Point in your LAN, as described previously. 1. Check the Wireless Access Point to determine its Host Name. This is shown on a label on the base or rear, and is in the following format: APxxxxxx Where xxxxxx is the last 6 Hex characters (0 ~ 9, and A ~ F) of the MAC address. 2. Use a PC which is already connected to your LAN, either by a wired connection or anoth-er Access Point.   Until the Wireless Access Point is configured, establishing a Wireless connection to it may be not possible.  If your LAN contains a Router or Routers, ensure the PC used for configuration is on the same LAN segment as the Wireless Access Point. 3. Start your Web browser. 4. In the Address box, enter "HTTP://" and the IP Address of the 11N Wireless Access Point, as in this example, which uses the Wireless Access Point's default IP Address:  HTTP://192.168.0.228 5. You should then see a login prompt, which will ask for a User Name and Password.  Enter admin for the User Name, and password for the Password. These are the default values. The password can and should be changed. Always enter the 3
Wireless Access Point User Guide 10 current user name and password, as set on the Administration-Management-Account screen.  Figure 7:  Password Dialog 6. You will then see the Status screen, which displays the current settings and status. No data input is possible on this screen. See Chapter 5 for details of the Status screen. 7. From the menu, check the following screens, and configure as necessary for your  environment. Details of these screens and settings are described in the following sections of this chapter. 8. Use the Apply and Logout buttons on the menu to apply your changes and exit the  Wireless Access Point. Setup is now complete. Wireless stations must now be set to match the Wireless Access Point. See Chapter 4 for details.  If you can't connect: It is likely that your PC’s IP address is incompatible with the Wireless Access Point’s IP address. This can happen if your LAN does not have a DHCP Server. The default IP address of the Wireless Access Point is 192.168.0.228, with a Network Mask of 255.255.255.0. If your PC’s IP address is not compatible with this, you must change your PC’s IP address to an unused value in the range 192.168.0.1 ~ 192.168.0.254, with a Network Mask of 255.255.255.0. See Appendix C - Windows TCP/IP for details for this procedure.
Access Point Setup 11 System - Basic Settings Screen Click Basic Settings on the System menu to view a screen like the following.  Figure 8: Basic Settings Screen Data - Basic Settings Screen Basic Settings Access Point Name  It displays the default host name of the device. Enter a suitable name for this Access Point if required. Description  If desired, you can enter a description for the Access Point. Country/Domain  The country or domain which is matching your current location.
Wireless Access Point User Guide 12 System - Time Settings Screen  Figure 9: Time Settings Screen Data - Time Settings Screen TimeZone Time Settings  Select either Manually or Automatically  Manually  Date - Select the date to match your location.  Time - Enter the correct time.  Automatically  Current Time - It displays the current date and time.  Time Zone - Choose the Time Zone for your location from the drop-down list. If your location is currently using Day-light Saving, enable the Automatically adjust for daylight saving changes checkbox. You must UNCHECK this checkbox when Daylight Saving Time finishes.  Use Defined NTP Server - If you prefer to use a particular NTP server as the primary server, check this checkbox and enter the Server's IP address in the fields provided. If this setting is not enabled, the default NTP Server is used.  NTP Server Name/IP Address - Enter the server name or IP address of the NTP.  NTP Server Port - Enter the port for the NTP server.
Access Point Setup 13 System - SNMP Settings SNMP (Simple Network Management Protocol) is only useful if you have a SNMP program on your PC. To reach this screen, select SNMP in the System section of the menu. Basic Screen  Figure 10: Basic Screen Data - Basic Screen Basic SNMP v1/v2/v3  Use this to enable or disable SNMP as required. Contact  The identification of the contact person. Device Name  Enter the desired name for the device. Location  The physical location of this node. Read Only  community  Data can be read, but not changed. Read/Write  Community  Data can be read and changed.
Wireless Access Point User Guide 14 SNMPv3  Figure 11: SNMPv3 Screen Data - SNMPv3 Screen SNMPv3 User Name  Enter the user name for SNMPv3. Authentication Protocol  Select the authentication protocol used by SNMPv3. Authentication Key  Enter the authentication key required by SNMPv3. Privacy Protocol  Select the private protocol as required. Privacy Key  Enter the private key here.
Access Point Setup 15 SNMP Trap  Figure 12: SNMP Trap Screen Data - SNMP Trap Screen SNMP Trap Server 1  Enter the IP address of the server 1. Server 2  Enter the IP address of the server 2 in case the server 1 is not  available. Server Port  Enter the port number for the server. Trap Periods  Enter the desired hours (1 ~ 65535). Trap Threshold Rate of CPU Utilization  When Rate of CPU Utilization reaches the threshold, then one SNMP trap will be sent out. Rate of Memory Utilization  When Rate of Memory Utilization reaches the threshold, then one SNMP trap will be sent out.
Wireless Access Point User Guide 16 System - Log Settings  If you have a Syslog Server on your LAN, this screen allows you to configure the Access Point to send log data to your Syslog Server.  Figure 13: Syslog Settings Screen Data - Syslog Settings Screen Syslog Mode  Select the desired Option:   Disabled - Syslog server is not used.   Broadcast - Syslog data is broadcast. Use this option if different PCs act as the Syslog server at different times.   Unicast - Select this if the same PC is always used as the Syslog server. If selected, you must enter the server ad-dress in the field provided. Server Name/IP Address  Enter the name or IP address of your Syslog Server. Syslog Port  Enter the port for the Syslog Server.
Access Point Setup 17 Mail Alerts  Figure 14: Mail Alerts Screen Data - Mail Alerts Screen Email Alerts Email Alerts  If enabled, an E-mail will be sent. If enabled, the e-mail address information (below) must be provided. Log Queue Length  Enter the desired length of the log queue. The default is 20 entries. Log Time Threshold  Enter the preferred value between 60 and 600, which deter-mine how often the log will be emailed to you. Normally, this can be left at the default value. The default is 600 seconds. SMTP Mail Server  Enter the domain name or IP address of the SMTP (Simple Mail Transport Protocol) server you use for sending e-mails. Email Address for Alert Logs  Enter the e-mail address the log is to be sent to. E-mail Log Now  Press this button to let the log to be e-mailed immediately.
Wireless Access Point User Guide 18 Log Types  Figure 15: Log Types Screen Data - Log Types Screen Log Types Log Types  Use these checkboxes to determine which events are included in the log. Checking all options will increase the size of the log, so it is good practice to disable any events which are not really required.   Unauthorized Login Attempt - If checked, the unau-thorized users who attempted to login to the Access Point are logged.   Authorized Login - If checked, this will log the author-ized login TO this Access Point.   Unauthorized Wireless Attempt - If checked, the unauthorized wireless attempted will be login to the  Access Point are logged.  Authorized Wireless Connection - If checked, this will log the authorized wireless connection to this Access Point.  System Error Messages - If checked, the system error message will be logged.   Web Access and Configuration Changes - If checked, the changes of configuration will be logged.  Firewall Log - If checked, the firewall message will be logged.
Access Point Setup 19 Wireless - Basic Settings Screen The settings on this screen must match the settings used by Wireless Stations. WLAN   Figure 16: WLAN Settings Screen Data - WLAN Settings Screen Operation Wireless Radio   Select the either Radio 1 or Radio 2 for the wireless feature. Radio Function  Enable this to use the wireless feature.
Wireless Access Point User Guide 20 Wireless Mode  For 5G, select the desired option:   802.11a Only (5G) - only 802.11a connections are allowed. If you only have 802.11a, selecting this option may provide a perfor-mance improvement over using the default setting.  802.11n Only (5G) - only 802.11n connections are allowed. If you only have 802.11n, selecting this option may provide a per-formance improvement over using the default setting.  802.11a and 802.11n (5G) - this will allow connections by both 802.11a and 802.11n wireless stations. For 2.4G, select the desired option:   802.11b only (2.4G) - if selected, only 802.11b connections are allowed. 802.11g wireless stations will only be able to connect if they are fully backward-compatible with the 802.11b standard.   802.11g only (2.4G) - only 802.11g connections are allowed. If you only have 802.11g, selecting this option may provide a per-formance improvement over using the default setting.  802.11n only (2.4G) - only 802.11n connections are allowed. If you only have 802.11n, selecting this option may provide a per-formance improvement over using the default setting.  802.11b and 802.11g (2.4G) - this will allow connections by both 802.11b and 802.11g wireless stations.  802.11n and 802.11g (2.4G) - this will allow connections by both 802.11n and 802.11g wireless stations.  Mixed 802.11n/802.11b/802.11g (2.4G) - this is the default, and will allow connections by 802.11n, 802.11b and 802.11g wireless stations. Auto Channel Scan  If "Enable" is selected, the Access Point will select the best available Channel.  Channel /Frequency  If you experience interference (shown by lost connections and/or slow data transfers) you may need to experiment with manually setting different channels to see which one is better. Transmit Data Rate  Select the desired rate from the drop-down list as required. 11N Transmit Data Rate  Select the desired rate for 802.11N from the list. Basic Rate  It is the rate that the WAP device will advertise to the network for setting up communication with other access points and client stations on the network.  Support Rate  This indicates the rates that the WAP device supports. Multiple rates can be selected. The WAP device will automatically choose the most efficient rate based on error rates and distance of client stations. 11N MCS  Select the MCS index below. The WAP device supports MCS indexes from 0 to 15, which allows a maximum transmission rate of 300 Mbps. Auto Power  Select the desired option. The default is Disable. Output Power  Select the desired power output. Can support -1dB~-15dB, step 1dB. Higher levels will give a greater range, but are also more likely to
Access Point Setup 21 cause interference with other devices. Channel  Bandwidth  Select the desired bandwidth from the list. Extension  Sub-Channel  Select Above or Below Primary Channel from the list.  Operation Mode   Figure 17: Operation Mode Data - Operation Mode Settings Screen Operation Wireless Radio   Select the either Radio 1 or Radio 2 for the wireless feature. Operation Mode  Select the desired option from the list:  AP: Choose this to make the device act as a normal AP.  AP+WDS: Select this mode and make configurations in Vitrual APs pages. In WDS mode, you can choose which interface to be worked as a root AP or WDS client. Select only one interface to be worked as a root AP for the device is recommended. A root AP is the "Master" for a group of Bridge-mode APs. The other Bridge-mode APs must be set to Point-to-Point Bridge mode (WDS Client) with the AP's MAC address.    Wireless - Virtual APs Screen Clicking the Virtual APs link on the Wireless menu will result in a screen like the following.
Wireless Access Point User Guide 22  Figure 18: Virtual APs Settings  Data - Virtual APs Settings Screen  VAPs Wireless Radio   Select the either Radio 1 or Radio 2 for the wireless feature. VAP List  All available VAPs are listed. Up to 16 VAPs/Radios can be supported. For each VAP, the following data is displayed:  * If displayed before the name of the VAP, this indicates the VAP is currently enabled. If not displayed, the VAP is currently disabled.  VAP Name  The current VAP name is displayed.   [SSID]  The current SSID associated with this VAP.   Security System  The current security system (e.g. WPA-PSK) is dis-played. Enable Button  Enable the selected VAP. Configure Button  Change the settings for the selected VAP. Disable Button  Disable the selected VAP. Isolation Isolation among VAPs   Select the desired option from the list. If this option is enabled, wireless clients using different VAPs (different SSIDs) are isolated from each other, so they will NOT be able to communi-cate with each other. They will still be able to communicate with other clients using the same profile, unless the "Wireless
Access Point Setup 23 Separation" setting on the "Advanced" screen has been enabled.
Wireless Access Point User Guide 24 Virtual AP Screen This screen is displayed when you select a VAP on the Virtual AP Settings screen, and click the Configure button.  Figure 19: Virtual VAP Screen Data - Virtual VAP Screen Basic Settings VAP Name  Enter a suitable name for this VAP. SSID  Enter the desired SSID. Each VAP must have a unique SSID. Broadcast SSID  If Disabled, no SSID is broadcast.  If enabled, the SSID will then be broadcast to all Wireless Stations. Stations which have no SSID (or a "null" value) can then adopt the correct SSID for connections to this Access Point. Isolation within VAP  If enabled, then each Wireless station using the Access Point is invisible to other Wireless stations. In most business stations, this setting should be Disabled. Max Station  Number  Enter the number between 0 and 64. VAP Rate Limit Max Downstream Rate  Enter the maximum downstream rate for the VAP. "0" means no limit.
Access Point Setup 25 Max Upstream Rate  Enter the maximum upstream rate for the VAP. "0" means no limit. Station Rate Limit Max Downstream Rate  Enter the maximum downstream rate for each wireless station. "0" means no limit. Max Upstream Rate  Enter the maximum upstream rate for each wireless station. "0" means no limit. Security Security System  Choose the security method from the drop-down list. Refer to the following section for more details.  Security Settings Select the desired option, and then enter the settings for the selected method. The available options are:  None - No security is used. Anyone using the correct SSID can connect to your network.   WEP - The 802.11b standard. Data is encrypted before transmission, but the encryption system is not very strong.   WPA-PSK - Like WEP, data is encrypted before transmission. WPA is more secure than WEP, and should be used if possible. The PSK (Pre-shared Key) must be entered on each Wireless station. The 256Bit encryption key is derived from the PSK, and changes fre-quently.   WPA2-PSK - This is a further development of WPA-PSK, and offers even greater securi-ty, using the AES (Advanced Encryption Standard) method of encryption.  WPA-PSK and WPA2-PSK - This method, sometimes called "Mixed Mode", allows clients to use EITHER WPA-PSK (with TKIP) OR WPA2-PSK (with AES).  WPA with Radius - This version of WPA requires a Radius Server on your LAN to provide the client authentication according to the 802.1x standard. Data transmissions are encrypted using the WPA standard.  If this option is selected:   This Access Point must have a "client login" on the Radius Server.   Each user must have a "user login" on the Radius Server.   Each user's wireless client must support 802.1x and provide the login data when  required.   All data transmission is encrypted using the WPA standard. Keys are automatically generated, so no key input is required.   WPA2 with Radius - This version of WPA2 requires a Radius Server on your LAN to provide the client authentication according to the 802.1x standard. Data transmissions are encrypted using the WPA2 standard.   If this option is selected:   This Access Point must have a "client login" on the Radius Server.    Each user must authenticate on the Radius Server. This is usually done using digital certificates.    Each user's wireless client must support 802.1x and provide the Radius authentication data when required.
Wireless Access Point User Guide 26  All data transmission is encrypted using the WPA2 standard. Keys are automatically generated, so no key input is required.  WPA and WPA2 with Radius - EITHER WPA or WPA2 require a Radius Server on your LAN to provide the client authentication according to the 802.1x standard. Data transmissions are encrypted using EITHER WPA or WPA2 standard. If this option is selected:   This Access Point must have a "client login" on the Radius Server.    Each user must authenticate on the Radius Server. This is usually done using digital certificates.    Each user's wireless client must support 802.1x and provide the Radius authentication data when required.  All data transmission is encrypted using EITHER WPA or WPA2 standard. Keys are automatically generated, so no key input is required.  802.1x - This uses the 802.1x standard for client authentication, and WEP for data  encryption.  If this option is selected:   This Access Point must have a "client login" on the Radius Server.   Each user must have a "user login" on the Radius Server.   Each user's wireless client must support 802.1x and provide the login data when re-quired.   All data transmission is encrypted using the WEP standard. You only have to select the WEP key size; the WEP key is automatically generated.
Access Point Setup 27 Security Settings - None  Figure 20: Wireless Security - None No security is used. Anyone using the correct SSID can connect to your network.
Wireless Access Point User Guide 28 Security Settings - WEP This is the 802.11b standard. Data is encrypted before transmission, but the encryption system is not very strong.  Figure 21: WEP Screen Data - WEP Screen  WEP Data Encryption  Select the desired option, and ensure your Wireless stations have the same setting:  64 Bit Encryption - Keys are 10 Hex (5 ASCII) characters.  128 Bit Encryption - Keys are 26 Hex (13 ASCII) characters.  152 Bit Encryption - Keys are 32 Hex (16 ASCII) characters.
Access Point Setup 29 Authentication   Normally, you can leave this at “Automatic”, so that Wireless Stations can use either method ("Open System" or "Shared Key".). If you wish to use a particular method, select the appropriate value - "Open System" or "Shared Key". All Wireless stations must then be set to use the same method. Key Input  Select "Hex" or "ASCII" depending on your input method. (All keys are converted to Hex, ASCII input is only for convenience.) Key Value  Enter the key values you wish to use. The default key, selected by the radio button, is required. The other keys are optional. Other stations must have matching key values. Passphrase  Use this to generate a key or keys, instead of entering them directly. Enter a word or group of printable characters in the Passphrase box and click the "Generate Key" button to automatically configure the WEP Key(s).
Wireless Access Point User Guide 30 Security Settings - WPA-PSK Like WEP, data is encrypted before transmission. WPA is more secure than WEP, and should be used if possible. The PSK (Pre-shared Key) must be entered on each Wireless station. The 256Bit encryption key is derived from the PSK, and changes frequently.  Figure 22: WPA-PSK Screen Data - WPA-PSK Screen  WPA-PSK Network Key  Enter the key value. Data is encrypted using a 256Bit key derived from this key. Other Wireless Stations must use the same key. Encryption  The encryption method is TKIP. Wireless Stations must also use TKIP.
Access Point Setup 31 Security Settings - WPA2-PSK This is a further development of WPA-PSK, and offers even greater security, using the AES (Advanced Encryption Standard) method of encryption.  Figure 23: WPA2-PSK Screen Data - WPA2-PSK Screen  WPA2-PSK Network Key  Enter the key value. Data is encrypted using a 256Bit key derived from this key. Other Wireless Stations must use the same key. Encryption  The encryption method is AES. Wireless Stations must also use AES.
Wireless Access Point User Guide 32 Security Settings - WPA-PSK and WPA2-PSK This method, sometimes called "Mixed Mode", allows clients to use EITHER WPA-PSK (with TKIP) OR WPA2-PSK (with AES).  Figure 24: WPA-PSK and WPA2-PSK Screen Data - WPA-PSK and WPA2-PSK Screen  WPA-PSK and WPA2-PSK Network Key  Enter the key value. Data is encrypted using this key. Other Wireless Stations must use the same key. Encryption  Select the desired encryption method from the list.
Access Point Setup 33 Security Settings - WPA with Radius This version of WPA requires a Radius Server on your LAN to provide the client authentica-tion according to the 802.1x standard. Data transmissions are encrypted using the WPA standard.  Figure 25: WPA with Radius Screen Data - WPA with Radius Screen  WPA with Radius WPA Encryption  The encryption method is TKIP. Wireless Stations must also use TKIP.
Wireless Access Point User Guide 34 Security Settings - WPA2 with Radius This version of WPA2 requires a Radius Server on your LAN to provide the client authentica-tion according to the 802.1x standard. Data transmissions are encrypted using the WPA2 standard.  Figure 26: WPA2 with Radius Screen Data - WPA2 with Radius Screen  WPA2 with Radius WPA Encryption  The encryption method is AES. Wireless Stations must also use AES.
Access Point Setup 35 Security Settings - WPA and WPA2 with Radius EITHER WPA or WPA2 require a Radius Server on your LAN to provide the client authenti-cation according to the 802.1x standard. Data transmissions are encrypted using EITHER WPA or WPA2 standard.  Figure 27: WPA and WPA2 with Radius Screen Data - WPA and WPA2 with Radius Screen  WPA and WPA2 with Radius WPA Encryption  Select the desired encryption method from the list.
Wireless Access Point User Guide 36 Security Settings - 802.1x This uses the 802.1x standard for client authentication, and WEP for data encryption. If this option is selected:  This Access Point must have a "client login" on the Radius Server.   Each user must have a "user login" on the Radius Server. Normally, a Certificate is used to authenticate each user. See Chapter4 for details of user configuration.  Each user's wireless client must support 802.1x.  All data transmission is encrypted using the WEP standard. You only have to select the WEP key size; the WEP key is automatically generated.  Figure 28: 802.1x Screen Data - 802.1x Screen  802.1x Dynamic WEP Key Size  Select the desired option:   64 Bit - Keys are 10 Hex (5 ASCII) characters.  128 Bit - Keys are 26 Hex (13 ASCII) characters.  152 Bit - Keys are 32 Hex (16 ASCII) characters.
Access Point Setup 37 Wireless - Radius Settings Clicking the Radius link on the Wireless menu will result in a screen like the following.  Figure 29: Authentication Server Settings  Data - Authentication Server Screen  Authentication Server Primary IP Address  Enter the name or IP address of the Radius Server on your network. Port Number  Enter the port number used for connections to the Radius Server. Shared Secret  Enter the key value to match the Radius Server. Secondary IP Address  The Secondary Authentication Server will be used when the Primary Authentication Server is not available.
Wireless Access Point User Guide 38 Accounting Server  Figure 30: Accounting Server Screen Data - Accounting Server Screen Accounting Server Primary IP Address  Enter the IP address in the following fields if you want this Access Point to send accounting data to the Radius Server.  Port Number  The port used by your Radius Server must be entered in the field. Shared Secret  Enter the key value to match the Radius Server. Secondary IP Address  The Secondary Accounting Server will be used when the Primary Accounting Server is not available.
Access Point Setup 39 Wireless - Access Control This feature can be used to block access to your LAN by unknown or untrusted wireless stations. Click Access Control on the Wireless menu to view a screen like the following.  Figure 31: Access Control Screen Data - Access Control Screen Wireless Radio   Select the either Radio 1 or Radio 2 for the wireless feature. Enable Access Control  Enable or Disable the Access Control feature as required. Control Method  Select the desired option, as required  Local Database- The device will use the local MAC address table for Access Control.  RADIUS Server- The Access Point will use the MAC address table located on the external Radius server on the LAN for Access Control. Warning ! Ensure your own PC is in the "Trusted Wireless Stations" list before enabling this feature.
Wireless Access Point User Guide 40 Control Type  There are three options:  Open  Allow Following MAC Addresses to Connect to Wireless network - It's only used for Access Control with Local  Database. If selected, then clients with MAC Addresses in Local Database can connect to the wireless network.  Deny Following MAC Addresses to Connect to Wireless  network - It's only used for Access Control with Local Data-base. If selected, then clients with MAC Addresses in Local Database cannot connect to the wireless network. Wireless Stations MAC Address List All Wireless Stations defined in Local Database are listed here. Use the "Delete" button to delete the items from the list. Available  Wireless Stations  All Wireless Stations connecting to the device are listed here. You can choose some stations from the list and click "Add" button to add them into Local Database.
Access Point Setup 41 Wireless - QoS Settings  QoS Screen Clicking the QoS link on the Wireless menu will result in a screen like the following.  Figure 32: QoS Screen  Data - QoS Screen  Parameters Enable Upstream QoS  Enable or Disable upstream QoS of Ethernet Port. The QoS includes four outbound priority queues. The packets from high priority queue will be processed first. Upstream Bandwidth  Specify the maximum upstream bandwidth of the AP. Wireless Radio  Select the desired radio to configure the queue mappings. Queue Mapping  Define the mapping for the queues.
Wireless Access Point User Guide 42 Wireless - Advanced Settings  Parameters Screen Clicking the Parameters link on the Wireless menu will result in a screen like the following.  Figure 33: Parameters Screen Data - Parameters Screen  Parameters Wireless Radio   Select the either Radio 1 or Radio 2 for the wireless feature. Fragmentation Length  Enter the preferred setting between 256 and 2346. Normally, this can be left at the default value. Beacon Interval  Enter the preferred setting between 20 and 1000. Normally, this can be left at the default value. DTIM Interval  Enter the preferred setting between 1 and 255. Normally, this can be left at the default value. RTS/CTS Threshold  Enter the preferred setting between 1 and 2347. Normally, this can be left at the default value. Guard Interval  Select the guard interval manually for Wireless-N connections. The two options are Short (400ns) and Long (800ns). Preamble Type   Select the desired option. The default is "Long". The "Short" setting takes less time when used in a good environment.
Access Point Setup 43 802.11b Protection Mode  The Protection system is intended to prevent older 802.11b devices from interfering with 802.11g transmissions. (Older 802.11b devices may not be able to detect that the 802.11g transmission is in progress.)  Station Idle Time  This indicates the time (seconds) of the station whose node will be deleted from AP if there is no traffic for the link. TX/RX Chainmask  Select the desired TX/RX chainmask. Enable A-MPDU  Enable this setting if you wish to use this feature. Enable Worldwide Mode   Enable this setting if you want to use this mode, and your Wireless stations also support this mode. Enable WMM (Wi-Fi Multimedia) Support  Check this to enable WMM (Wi-Fi Multimedia) support in the Access Point. If WMM is also supported by your wireless clients, voice and multimedia traffic will be given a higher priority than other traffic. Enable WMM Power-Save  Enable or Disable WMM Power-Save feature. Enable Link Integrity  If enabled, the device can detect the plugging or unplugging of the Ethernet cable and start/stop the related services  correspondingly.
Wireless Access Point User Guide 44 User Control Screen Click User Control on the Wireless menu to view a screen like the following:  Figure 34: User Control Screen Data - User Control Screen User Control Wireless Radio   Select the either Radio 1 or Radio 2 for the wireless feature. User Control Mode  Select the method of controlling the Wireless Stations. It can be one of following options:  Disable - This function is disabled.   Users - In this mode, number of Wireless Stations that can connect this device is limited to the specified value.   Flux - In this mode, if total throughput of the device reaches the specified value, the Wireless Stations will refuse to connect the  device. Max Station Number  Enter the maximum number (1~256) of wireless stations connecting to the device. Max  Throughput  Enter the desired number between 1 and 100 for the maximum  throughput.
Access Point Setup 45 Auto Frequency Screen  Figure 35: Auto Frequency Screen Data - Auto Frequency Screen Auto Frequency Wireless Radio   Select the either Radio 1 or Radio 2 for the wireless feature. Auto Frequency Mode  If enabled, the device can adjust its wireless channel at a specified interval. Auto Frequency Adjust Interval  Specify the interval at which the device will scan and adjust its  wireless channel.
Wireless Access Point User Guide 46 Load Balance Screen  Figure 36: Load Balance Screen Data - Load Balance Screen  Load Balance Load Balance Mode  Enable or disable this function. Load Balance Group  Specify the group name. The feature will only work with the Access Points that are in same group. User Number Interval  Specify the User Number Interval. When user number  difference of Access Points reaches the interval, the new client will connect to the Access Point with fewer users. Data Flux Interval  Specify the Data Flux Interval here. When data flux difference of Access Points reach the interval, the new client will connect to the Access Point with fewer data flow. CPU Usage Interval  Specify the CPU Usage Interval. When CPU usage difference of Access Points reaches the interval, the new client will  connect to the Access Point with fewer users.
Access Point Setup 47 WMM Screen  Figure 37: WMM Screen Data - WMM Screen  WMM Wireless Radio  Select the desired radio option from the list. WMM Support  Check this to enable WMM (Wi-Fi Multimedia) support. This feature is also supported by your wireless clients, whose voice and multimedia traffic will be given a higher priority than other traffic. WMM Power Save Support  Enable or disable WMM Power-Save feature WMM EDCA Parameters  (When the Number of Spatial Streams≥ 2,Can support static and dynamic Spatial Multiplexing Power Saving. ACM  ACM (Admission Control Mandatory) is used to restrict  stations from using a specific AC. AIFSN  Specify the AIFSN (Arbitration Interframe Space) of the AC here. The idle duration increases as the AIFSN value increases. CWmin/CWmax  CWmin (Minimum Contention Windows) and CWmax (Maxi-mum Contention Windows) determine the  average backoff slots, which increases as the two values in-crease. CWMax value must be greater than or equal to CWMin.
Wireless Access Point User Guide 48 TXOPlimit  Transmission opportunity limit (TXOPLimit) indicates the maximum time, which a user can use a channel after a  successful contention. The greater the TXOPLimit is, the longer the user can use the channel. The value 0 indicates that the user can send only one packet each time when it uses the channel.   Band Select Screen  Figure 38: Band Select Screen Data - Band Select Screen  Band Select Band Select Function  When 2.4G radio and 5G radio are both enabled, and both have the same SSIDs, this function will force dual band (2.4G & 5G) clients to connect with 5G channel.
Access Point Setup 49 Rate Limitation Screen  Figure 39: Rate limitation Screen Data - Rate limitation Screen  Rate limitation Rate Limitation  If this feature is enabled, it will be disconnected when one wireless client's link rate is lower than the specified lowest rate in a specified duration. Lowest Rate  Select the lowest rate from the list. Rate Duration  Choose the desired duration from the drop-down list.
Wireless Access Point User Guide 50 Interference Detection Screen  Figure 40: Interference Detection Screen Data - Interference Detection Screen  Interference Detection Co-channel  Interference  Check it to enable the detecting interference of APs with same channels. Adjacent-channel Interference  Check it to enable the detecting interference of APs with adja-cent channels. Detecting Interval  Specify the interval for detecting. Log by Syslog  Enable it if you want to use this function. Send SNMP Trap  Send the results of interference by SNMP trap if enabled.
Access Point Setup 51 Network - Device Mode Screen  Figure 41: Device Mode Screen Data - Device Mode Screen Device Mode   If bridge mode is selected, then the device will act as an Access Point. If router mode is selected, then the device will act as a router.
Wireless Access Point User Guide 52 Network - IP Settings Screen  Figure 42: IP Settings Screen Data - IP Settings Screen IP Settings IP Settings   Select the desired option from the drop-down list.  Static - Select it if you want to configure one static IP Address for the Access Point. You need input following settings:  IP Address: The IP Address of this device.   Subnet Mask: The Network Mask associated with the IP  |Address above.   Default Gateway: The IP Address of your Gateway or Router.   Primary DNS: Specify a primary DNS here. It's necessary for functions like NTP Client, E-Mail alert and so on.   Secondary DNS: Specify a secondary DNS here. It's optional.  DHCP Client - Select it if you want the device to obtain an IP address automatically.  PPPoE Client - This is the most common login method, widely used with DSL modems.   Username - The user name (or account name) provided by your ISP.  Password - Enter the password for the login name above.  Timeout - Enter the desired value in seconds for the timeout period.  Retry - Enter the retry times for the PPPoE connection.  Auth-Type - Choose the desired option from the list.  MTU - Enter the number between 128 and 1492 for MTU.
Access Point Setup 53 AC IP Address  Enter the IP address for the AC. It's necessary when the IP Settings is "Static". AC DNS Name 1  Enter the primary DNS name for the AC. AC DNS Name 2  Enter the secondary DNS name for the AC. It is optional.
Wireless Access Point User Guide 54 Network - VLAN Settings Screen   Figure 43: VLAN Settings Screen Data - VLAN Settings Screen VLAN Settings Enable 802.1Q VLAN  This option is only useful if the hubs/switches on your LAN support the VLAN standard. Native VLAN  Enter the value for Native VLAN.
Access Point Setup 55 Management VLAN  Define the VLAN ID used for management. Wireless Radio  Select the desired option from the list. VLAN Table  802.1p setting: Enter the values for VLAN ID, Default Priority, WMM VO Priority, WMM VI Priority, WMM BE Priority, WMM BK Priority in the table.
Wireless Access Point User Guide 56 Network - IGMP Settings Screen  Figure 44: IGMP Settings Screen Data - IGMP Settings Screen IGMP Settings IGMP Snooping  This option is only useful if the hubs/switches on your LAN support the VLAN standard.
Access Point Setup 57 Network - STP Screen  Figure 45: STP Screen Data - STP Screen STP Enable Spanning Tree Protocol  Enable this if you want to use this feature.
Wireless Access Point User Guide 58 Network - Bridge Parameters Screen  Figure 46: Bridge Parameters Screen Data - Bridge Parameters Screen Bridge Parameters Ageing Time  This value indicates the ageing time on the bridge. If it is timeout, this station will be removed from the bridge table.
 59 Chapter 4 PC and Server Configuration This Chapter details the PC Configuration required for each PC on the local LAN. Overview All Wireless Stations need to have settings which match the Wireless Access Point. These settings depend on the mode in which the Access Point is being used.  If using WEP or WPA-PSK, it is only necessary to ensure that each Wireless station's settings match those of the Wireless Access Point, as described below.  For 802.1x modes, configuration is much more complex. The Radius Server must be configured correctly, and setup of each Wireless station is also more complex.  Using WEP For each of the following items, each Wireless Station must have the same settings as the Wireless Access Point.   Mode   On each PC, the mode must be set to Infrastructure. SSID (ESSID)  This must match the value used on the Wireless Access Point.  The default value is wireless Note! The SSID is case sensitive. Wireless Security  Each Wireless station must be set to use WEP data encryption.  The Key size (64 bit, 128 bit, 152 bit) must be set to match the Access Point.  The keys values on the PC must match the key values on the Access Point. Note:  On some systems, the key sizes may be shown as 40bit, 104bit, and 128bit instead of 64 bit, 128 bit and 152bit. This difference arises be-cause the key input by the user is 24 bits less than the key size used for encryption.   4
Wireless Access Point User Guide 60 Using WPA-PSK/WPA2-PSK For each of the following items, each Wireless Station must have the same settings as the Wireless Access Point.   Mode   On each PC, the mode must be set to Infrastructure. SSID (ESSID)  This must match the value used on the Wireless Access Point.  The default value is wireless Note! The SSID is case sensitive. Wireless Security  On each client, Wireless security must be set to WPA-PSK.  The Pre-shared Key entered on the Access Point must also be entered on each Wireless client.  The Encryption method (e.g. TKIP, AES) must be set to match the Access Point.
PC and Server Configuration 61 Using WPA-Enterprise This is the most secure and most complex system. WPA-Enterprise mode provides greater security and centralized management, but it is more complex to configure. Wireless Station Configuration For each of the following items, each Wireless Station must have the same settings as the Wireless Access Point.   Mode   On each PC, the mode must be set to Infrastructure. SSID (ESSID)  This must match the value used on the Wireless Access Point. The default value is wireless Note! The SSID is case sensitive. 802.1x  Authentication Each client must obtain a Certificate which is used for authentication for the Radius Server. 802.1x  Encryption  Typically, EAP-TLS is used. This is a dynamic key system, so keys do NOT have to be entered on each Wireless station. However, you can also use a static WEP key (EAP-MD5); the Wireless Access Point supports both methods simultaneously.  Radius Server Configuration If using WPA-Enterprise mode, the Radius Server on your network must be configured as follow:  It must provide and accept Certificates for user authentication.  There must be a Client Login for the Wireless Access Point itself.  The Wireless Access Point will use its Default Name as its Client Login name. (How-ever, your Radius server may ignore this and use the IP address instead.)  The Shared Key, set on the Security Screen of the Access Point, must match the Shared Secret value on the Radius Server.  Encryption settings must be correct.
Wireless Access Point User Guide 62 802.1x Server Setup (Windows 2000 Server) This section describes using Microsoft Internet Authentication Server as the Radius Server, since it is the most common Radius Server available that supports the EAP-TLS authentication method.  The following services on the Windows 2000 Domain Controller (PDC) are also required:  dhcpd   dns   rras  webserver (IIS)   Radius Server (Internet Authentication Service)   Certificate Authority   Windows 2000 Domain Controller Setup 1. Run dcpromo.exe from the command prompt.  2. Follow all of the default prompts, ensure that DNS is installed and enabled during installa-tion.  Services Installation 1. Select the Control Panel - Add/Remove Programs.  2. Click Add/Remove Windows Components from the left side.  3. Ensure that the following components are activated (selected):   Certificate Services.  After enabling this, you will see a warning that the computer cannot be renamed and joined after installing certificate services. Select Yes to select certificate services and continue  World Wide Web Server. Select World Wide Web Server on the Internet Information Services (IIS) component.  From the Networking Services category, select Dynamic Host Configuration Protocol (DHCP), and Internet Authentication Service (DNS should already be selected and in-stalled).
PC and Server Configuration 63  Figure 47: Components Screen 4. Click Next. 5. Select the Enterprise root CA, and click Next.  Figure 48: Certification Screen 6. Enter the information for the Certificate Authority, and click Next.
Wireless Access Point User Guide 64  Figure 49: CA Screen 7. Click Next if you don't want to change the CA's configuration data.  8. Installation will warn you that Internet Information Services are running, and must be stopped before continuing. Click Ok, then Finish.  DHCP server configuration 1. Click on the Start - Programs - Administrative Tools - DHCP  2. Right-click on the server entry as shown, and select New Scope.   Figure 50: DHCP Screen 3. Click Next when the New Scope Wizard Begins.  4. Enter the name and description for the scope, click Next.  5. Define the IP address range. Change the subnet mask if necessary. Click Next.
PC and Server Configuration 65  Figure 51: IP Address Screen 6. Add exclusions in the address fields if required. If no exclusions are required, leave it blank. Click Next.  7. Change the Lease Duration time if preferred. Click Next. 8. Select Yes, I want to configure these options now, and click Next.  9. Enter the router address for the current subnet. The router address may be left blank if there is no router. Click Next.  10. For the Parent domain, enter the domain you specified for the domain controller setup, and enter the server's address for the IP address. Click Next.  Figure 52: DNS Screen 11. If you don't want a WINS server, just click Next.  12. Select Yes, I want to activate this scope now. Click Next, then Finish.  13. Right-click on the server, and select Authorize. It may take a few minutes to complete.
Wireless Access Point User Guide 66 Certificate Authority Setup 1. Select Start - Programs - Administrative Tools - Certification Authority.  2. Right-click Policy Settings, and select New - Certificate to Issue.   Figure 53: Certificate Authority Screen 3. Select Authenticated Session and Smartcard Logon (select more than one by holding down the Ctrl key). Click OK.  Figure 54: Template Screen 4. Select Start - Programs - Administrative Tools - Active Directory Users and Computers. 5. Right-click on your active directory domain, and select Properties.
PC and Server Configuration 67  Figure 55: Active Directory Screen 6. Select the Group Policy tab, choose Default Domain Policy then click Edit.  Figure 56: Group Policy Tab 7. Select Computer Configuration - Windows Settings - Security Settings - Public Key Policies, right-click Automatic Certificate Request Settings - New - Automatic Certificate Request.
Wireless Access Point User Guide 68  Figure 57: Group Policy Screen 8. When the Certificate Request Wizard appears, click Next.  9. Select Computer, then click Next.  Figure 58: Certificate Template Screen 10. Ensure that your certificate authority is checked, then click Next.  11. Review the policy change information and click Finish.  12. Click Start - Run, type cmd and press enter.  Enter secedit /refreshpolicy machine_policy This command may take a few minutes to take effect.
PC and Server Configuration 69 Internet Authentication Service (Radius) Setup 1. Select Start - Programs - Administrative Tools - Internet Authentication Service  2. Right-click on Clients, and select New Client.   Figure 59: Service Screen 3. Enter a name for the access point, click Next.  4. Enter the address or name of the Wireless Access Point, and set the shared secret, as entered on the Security Settings of the Wireless Access Point.  5. Click Finish.  6. Right-click on Remote Access Policies, select New Remote Access Policy.  7. Assuming you are using EAP-TLS, name the policy eap-tls, and click Next.  8. Click Add...  If you don't want to set any restrictions and a condition is required, select Day-And-Time-Restrictions, and click Add...   Figure 60: Attribute Screen 9. Click Permitted, then OK. Select Next.  10. Select Grant remote access permission. Click Next.
Wireless Access Point User Guide 70 11. Click Edit Profile... and select the Authentication tab. Enable Extensible Authentication Protocol, and select Smart Card or other Certificate. Deselect other authentication meth-ods listed. Click OK.   Figure 61: Authentication Screen 12. Select No if you don't want to view the help for EAP. Click Finish.
PC and Server Configuration 71 Remote Access Login for Users 1. Select Start - Programs - Administrative Tools- Active Directory Users and Computers.  2. Double click on the user who you want to enable. 3. Select the Dial-in tab, and enable Allow access. Click OK.   Figure 62: Dial-in Screen
Wireless Access Point User Guide 72 Using 802.1x Mode (without WPA) This is very similar to using WPA-Enterprise. The only difference is that on your client, you must NOT enable the setting The key is provid-ed for me automatically. Instead, you must enter the WEP key manually, ensuring it matches the WEP key used on the Access Point.  Figure 63: Properties Screen Note:  On some systems, the "64 bit" WEP key is shown as "40 bit" and the "128 bit" WEP key is shown as "104 bit". This difference arises because the key input by the user is 24 bits less than the key size used for encryption.
 73 Chapter 5 Operation and Status This Chapter details the operation of the Wireless Access Point and the status screens. Status Screen Use the Status link on the main menu to view this screen.  Figure 64: Device Info Screen Data - Device Info Screen Access Point  Hardware Version  The version of the hardware currently used. Firmware Version  The version of the firmware currently installed. Bootloader Version  The version of the bootloader currently used. Serial Number  The serial number of the device.  AP Type  The current AP type is displayed. Device Mode  The current Device mode is displayed Running Firmware  The currently running firmware is displayed.   5
Wireless Access Point User Guide 74 System Status This screen is displayed when the System Status button is clicked.  Figure 65: System Status Screen Data - System Status Screen Access Point Name  The current name will be displayed. MAC Address  The MAC (physical) address of the Wireless Access Point. Country/Domain  The region or domain, as selected on the System screen.  System Up Time  This indicates how long the system has been running since the last restart or reboot.
Operation and Status 75 Network Status This screen is displayed when the Network Status button is clicked.  Figure 66: IP Settings Screen Data - IP Settings Screen TCP/IP  IP Type  The current IP type is displayed. IP Address  The IP Address of the Wireless Access Point. Subnet Mask  The Network Mask (Subnet Mask) for the IP Address above. Gateway  Enter the Gateway for the LAN segment to which the Wireless Access Point is attached (the same value as the PCs on that LAN segment). Primary DNS  Enter the IP Address of the DNS (Domain Name Servers) here. These DNS will be used only if the primary DNS is unavailable. Secondary DNS  The Secondary DNS will be used only if the primary DNS is unavailable.
Wireless Access Point User Guide 76 Ethernet This screen is displayed when the Ethernet button is clicked.  Figure 67 Ethernet Screen Data - Ethernet Screen Ethernet  Ethernet Status  The current Ethernet status is displayed.
Operation and Status 77 VLAN This screen is displayed when the VLAN button is clicked.  Figure 68: VLAN Screen Data - VLAN Screen VLAN VLAN  The current VLAN status is displayed. Management VLAN ID  It displays the VLAN ID of Management VLAN.
Wireless Access Point User Guide 78 Wireless Status Basic Screen  Figure 69: Basic Screen Data - Basic Screen Basic AP Mode  The current Access Point mode is displayed. Channel/Frequency   The Channel currently in use is displayed. Wireless Mode  The current mode (e.g. 802.11g) is displayed. WMM Support  "Enabled" or "Disabled" is displayed for the WMM status. WMM Power Save Support  "Enabled" or "Disabled" is displayed for the WMM Power Save status.
Operation and Status 79 Virtual AP Status Screen  Figure 70: Virtual AP Status Screen Data - Virtual AP Status Screen Virtual AP Status Wireless Radio  Select the desired band (2.4 GHz or 5 GHz) used by this profile. Name  The name you gave to this profile; if you didn't change the name, the default name is used. BSSID  The BSSID assigned to this profile. SSID  The SSID assigned to this profile. SSID Broadcast  Indicates whether or not the SSID is broadcast. Security  The security method used by this profile. Status  Indicates whether or not this profile is enabled or currently used. Clients  The number of wireless stations currently using accessing this Access Point using this profile. If the profile is disabled, this will always be zero.
Wireless Access Point User Guide 80 Wireless Stations Screen  Figure 71: Wireless Stations Screen Data - Wireless Station Screen Station List Wireless Radio  Select the desired band (2.4 GHz or 5 GHz) used by this profile. Station ID  The ID of each Wireless Station is displayed. If the ID is not known, "unknown" will be displayed. MAC Address  The MAC (physical) address of each Wireless Station is displayed. SSID  This displays the SSID used by the Wireless station. Because the Wireless Access Point supports multiple SSIDs, different PCs could connect using different SSIDs. RSSI  It displays the RSSI (received signal strength indicator) of received radio signal Status  This indicates the current status of each Wireless Station. OutPkts  Number of valid Data packets transmitted to Wireless Stations InPkts  Number of valid Data packets received from Wireless Stations. OutOctets  Number of octests transmitted to Wireless Stations InOctets  This indicates the current status of each Wireless Station. Refresh Button  Update the data on screen.
Operation and Status 81 WDS Status Screen  Figure 72: WDS Status Screen Data - WDS Status Screen Wireless Radio  Select the desired band (2.4 GHz or 5 GHz) used by this profile. Root AP Status  The following table shows the current status of the root AP. WDS Client Status  The following table shows the current status of the WDS Client.
Wireless Access Point User Guide 82 Log Screen  Figure 73: Log Screen Data - Log Screen Data Current Time  The system date and time is displayed. Log  The Log shows details of the connections to the Wireless Access Point. Buttons Refresh  Update the data on screen. Save File  Save the log to a file on your pc. Clear Log  This will delete all data currently in the Log. This will make it easier to read new messages.
Operation and Status 83 Statistics Screen Ethernet Screen  Figure 74: Ethernet Screen Data - Ethernet Screen Ethernet Packets Received  The number of packets received by the Access Point. Packets Sent  The number of packets sent by the Access Point. Bytes Received  The number of bytes received by the Access Point. Bytes Sent  The number of bytes sent by the Access Point. Error Packets Received  The number of error packets received. Drop Received Packets  The number of drop packets received.
Wireless Access Point User Guide 84 Wireless Screen  Figure 75: Wireless Screen Data - Wireless Screen VAP1~VAP16 Wireless Radio  Select the desired band (2.4 GHz or 5 GHz) used by this profile.
Operation and Status 85 Packets Received  The number of packets received by the Access Point. Packets Sent  The number of packets sent by the Access Point. Bytes Received  The number of bytes received by the Access Point. Bytes Sent  The number of bytes sent by the Access Point. Error Packets Received  The number of error packets received. Drop Received Packets  The number of drop packets.
 86 Chapter 6 Access Point Management This Chapter explains when and how to use the Wireless Access Point's  "Administration" Features. Overview This Chapter covers the following features, available on the Wireless Access Point’s  Administration menu.  AP Type  Management  Auto Config  Config File  Ping Test  Auto Reboot  Firmware Upgrade  AP Type  Figure 76: AP Type Screen Data - AP Type Screen Account AP Type  Select the AP type as required.  6
Access Point Management 87 Management Screen  Account Screen The Account screen allows you to assign or modify the names and passwords for the  administrator and maintainer. It is recommended that this be changed, using this screen.  Figure 77: Account Screen Data - Account Screen Account Admin User Name  Enter the login name for the Administrator. The  administrator has the maintenance and operation for all the functions. Change Admin Password  If you wish to change the Admin password, check this field and enter the new login password in the fields below. New Password  Enter the desired login password. Re-enter to Confirm  Re-enter the desired login password. Maintainer  Maintainer Name  Enter the login name for the maintainer. This account can only be allowed to use some functions (such as Firmware Upgrade, Auto Reboot, Config file, AP Type, Device Mode and Wire-less). Change Maintainer’s Password  If you wish to change the password, check this field and enter the new login password in the fields below. New Password  Enter the desired login password.
Wireless Access Point User Guide 88 Re-enter to Confirm  Re-enter the desired login password.  Method Screen  Figure 78: Method Screen Data - Method Screen Method Enable Wireless Web Access  Enable this to allow wireless client access the device. Enable HTTP  Enable this to allow admin connections via HTTP. If enabled, you must provide a port number in the field below. Either HTTP or HTTPS must be enabled. HTTP Port Number  Enter the port number to be used for HTTP connections to this device. The default value is 80. Enable HTTPS  Enable this to allow admin connections via HTTPS (secure HTTP). If enabled, you must provide a port number in the field below. Either HTTP or HTTPS must be enabled. HTTPS Port Number  Enter the port number to be used for HTTPS connections to this device. The default value is 443. Enable Management via SSH  If desired, you can enable this option. If enabled, you will able to connect to this AP using a SSH client.
Access Point Management 89 Control Screen This feature can be used to block access to your LAN by unknown or untrusted wireless stations.   Figure 79: Control Screen  Data - Control Screen Turn IP  Management Control On Select the desired option, as required  Enable or Disable the Management Control feature.  Select either Allow following IP addresses to Manage the Device or Deny following IP addresses to Manage the Device.  Enter the physical IP address and Subnet Mask of each Wireless station.
Wireless Access Point User Guide 90 Auto Config  To reach this screen, select Auto Config in the Administration section of the menu.  Figure 80: Auto Config Screen Data - Auto Config Screen Auto Config Auto Config  If enabled, this AP will perform Auto Configuration.  FTP Server   Enter the address for the FTP server. User Name  Enter the login name for the FTP server. Password  Enter the login password for the FTP server. Config File  Enter the full path of the firmware in the FTP server. Interval  If enabled, the device will check the config file in the time  interval. Enter the desired time in the field.
Access Point Management 91 Config File  This screen allows you to Backup (download) the configuration file, and to restore (upload) a previously-saved configuration file. You can also set the Wireless Access Point back to its factory default settings. To reach this screen, select Config File in the Management section of the menu.  Figure 81: Config File Screen Data - Config File Screen Backup Back up a copy of the current settings to a file Once you have the Access Point working properly, you should back up the settings to a file on your computer. You can later restore the Access Point's settings from this file, if necessary. To create a backup file of the current settings:   Click Back up.   If you don't have your browser set up to save downloaded files automatically, locate where you want to save the file, rename it if you like, and click Save.  Restore Restore saved settings from a file   To restore settings from a backup file:  1. Click Browse.  2. Locate and select the previously saved backup file.  3. Click Restore.
Wireless Access Point User Guide 92 Defaults Revert to factory default settings  To erase the current settings and restore the original factory default settings, click Restore to Defaults button.  Note!   This will terminate the current connection. The Access Point will be unavailable until it has restarted.   By default, the Access Point will act as a DHCP client, and automatically obtain an IP address. You will need to deter-mine its new IP address in order to re-connect.
Access Point Management 93 Ping Test This screen allows you to perform a "Ping". These activities can be useful in solving network problems.  Figure 82: Ping Test Screen Data - Ping Test Screen Ping Ping Test Mode  Select the desired option from the drop-down list. Ping IP Address  Enter the IP address you wish to ping. The IP address can be on your LAN, or on the Internet. Note that if the address is on the Internet, and no connection currently exists, you could get a "Timeout" error. In that case, wait a few seconds and try again.
Wireless Access Point User Guide 94 Auto Reboot If you have a Syslog Server on your LAN, this screen allows you to configure the Access Point to send log data to your Syslog Server.  Figure 83: Auto Reboot Screen Data - Auto Reboot Screen Auto Reboot Mode  Select the desired Option:   Disable - Auto Reboot feature is not used.   Enable - Auto Reboot feature is in use.  Reboot Interval  Enter the desired time for reboot interval.
Access Point Management 95 Firmware Upgrade The firmware (software) in the Wireless Access Point can be upgraded using your Web Browser.  You must first download the upgrade file, and then select Upgrade Firmware in the  Management section of the menu. You will see a screen like the following.  Figure 84: Firmware Upgrade Screen To perform the Firmware Upgrade: 1. Click the Browse button and navigate to the location of the upgrade file. 2. Select the upgrade file. Its name will appear in the Firmware File field. 3. Click the Upgrade button to commence the firmware upgrade.   The Wireless Access Point is unavailable during the upgrade process, and must restart when the up-grade is completed. Any connections to or through the Wireless Access Point will be lost.
 96 Chapter 7 Access Point Mode This Chapter explains configuration and operation when in "Access Point". Overview There are two modes available on the Device Mode screen.  Router - In this mode, this device can provide shared Internet Access to all your LAN users. Also, by default, it acts a DHCP Server, providing an IP address and related infor-mation to all Wireless and LAN users.   Bridge - The device links your Wireless Stations to your wired LAN. The Wireless stations and devices on the wired LAN are then on the same network, and can communi-cate with each other without regard for whether they are connected to the network via a Wireless or wired connection. This Chapter describes operation while in Access Point Mode. Management Connections  You need to have a DHCP Server on your LAN to provide IP addresses to the Wireless clients using this Access Point.  This AP must be a valid device on your LAN, to allow management connections. You must assign a (fixed) IP address which is within the address range used on your LAN, but not within the address range used by your DHCP server. When you connect in future, just connect normally, using the IP address you assigned. 1. Start your WEB browser. 2. In the Address box, enter "HTTP://" and the current IP Address of the Wireless ADSL Modem, as in this example, which uses the Wireless ADSL Modem's default IP Address: HTTP://192.168.0.228 3. When prompted for the User name and Password, enter admin for the user name, and the current password, as set on the password screen. (The password is the same regardless of the mode.)   7
Access Point Mode 97 Home Screen If in Access Point mode, the home screen will look like the example below.  Figure 85: Home Screen - Bridge Mode Note that the menu has changed, many of the options in Router mode are the same as Bridge mode. The screens available are:  Device Mode - change back to Router mode, if desired.  System - this screen and related sub-screens are the same as in Router mode.  Wireless - this screen and related sub-screens are the same as in Router mode.  Administration - this screen and related sub-screens are the same as in Router mode.  Status - displays current settings and status. See the following section for details.  The following section only describes the screens that are different than those in Router mode.
Wireless Access Point User Guide 98 Device Mode Screen This screen is used to change back to Router mode, if desired.  Figure 86: Device Mode Screen Data - Device Mode Screen Device Mode  Select the desired device mode for the router:   Router - In this mode, this device can provide shared Internet Access to all your LAN users. Also, by default, it acts a DHCP Server, providing an IP address and related information to all Wireless and LAN users.   Bridge - The device links your Wireless Stations to your wired LAN. The Wireless stations and devices on the wired LAN are then on the same network, and can communicate with each other without regard for whether they are connected to the network via a Wireless or wired connection. After changing the mode, this device will restart, which will take a few seconds. The menu will also change, depending on the mode you are in.
Access Point Mode 99 Status Screen In Access Point mode, the Status screen looks like the example below.  Figure 87: Device Info Screen - Bridge Mode Data - Device Info Screen (Bridge Mode) Device Info Hardware Version  The version of the hardware currently used. Firmware Version  The version of the firmware currently installed. Bootloader Version  The version of the bootloader currently used. Serial Number  The serial number of the device.  AP Type  The current AP type is displayed. Device Mode  The current device mode is displayed. Running Firmware  The currently running firmware is displayed.
Wireless Access Point User Guide 100 VLAN Screen In Access Point mode, the VLAN screen looks like the example below.  Figure 88: VLAN Screen  Data - VLAN Screen  VLAN VLAN(802.1Q)  It displays the status (Enabled or disabled) of VLAN. Management VLAN ID  It displays the VLAN ID of Management VLAN.
 101 Appendix A Specifications Wireless Access Point  Hardware Specifications LAN port  1 x RJ45 auto-sensing 10/100/1000BASE-TX Ethernet with 802.3af+ PoE. Can support Full Duplex and Half Duplex transfer function. Antennae  4 external omni antennas Operating Temperature  -10 C to 50 C Operating Humidity  10% - 90% non-condensing Power Adapter  12V/1A External  Console Port  1 x RJ45-base Console   Wireless Interface Standards  IEEE 802.11a/b/g/n  2.4GHz/5GHz  Radio Chains  2x2 Spatial Streams  2 Channelization  20MHz and/or 40MHz Frequency Band  2.4 – 2.484 GHz and 5.15 – 5.85 GHz Operating Channels  US/Canada: 1-11 Europe/China/Japan: 1-13 5GHz channels: 36, 40, 44, 48, 52, 56, 60, 64, 100, 104, 108, 112, 116, 120, 124, 128, 132, 136, 140, 149, 153, 157, 161, 165 BSSID  Up to 16 per Radios (32 total) Power Save  Supported Wireless Security  WEP, WPA-PSK, WPA-TKIP, WPA2 AES, 802.11i RF Power  20dBm at max Receive Sensitivity  -91dBm @802.11b -89dBm @802.11a/g -83dBm @802.11n Performance  160Mbps per band A
Wireless Access Point User Guide 102 Connectivity  Up to 128 clients per band (256 total)
Appendix A - Specifications 103 FCC Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interfer-ence by one or more of the following measures: -Reorient or relocate the receiving antenna. -Increase the separation between the equipment and receiver. -Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. -Consult the dealer or an experienced radio/TV technician for help.  You are cautioned that changes or modifications not expressly approved by the party responsible for compliance could void your authority to operate the equipment.  This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: This device may not cause harmful interference. This device must accept any interference received, including interference that may cause undesired operation.
Wireless Access Point User Guide 104 FCC RF Radiation Exposure Statement  1. This Transmitter must not be co-located or operating in conjunction with any other antenna or transmitter.  2. This equipment complies with FCC RF radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with a minimum distance of 20 cen-timeters between the radiator and your body.
 105 Appendix B Troubleshooting  Overview This chapter covers some common problems that may be encountered while using the Wireless Access Point and some possible solutions to them. If you follow the suggested steps and the Wireless Access Point still does not function properly, contact your dealer for further advice. General Problems Problem 1:  Can't connect to the Wireless Access Point to configure it. Solution 1:  Check the following:  The Wireless Access Point is properly installed, LAN connections are OK, and it is powered ON. Check the LEDs for port status.  Ensure that your PC and the Wireless Access Point are on the same network segment. (If you don't have a router, this must be the case.)   If your PC is set to "Obtain an IP Address automatically" (DHCP client), restart it.  You can use the following method to determine the IP address of the Wireless Access Point, and then try to connect using the IP address, in-stead of the name. To Find the Access Point's IP Address 1. Open a MS-DOS Prompt or Command Prompt Window. 2. Use the Ping command to “ping” the Wireless Access Point. Enter ping followed by the Default Name of the Wireless Access Point. e.g.     ping SC003318 3. Check the output of the ping command to determine the IP address of the Wireless Access Point, as shown below.  Figure 89: Ping If your PC uses a Fixed (Static) IP address, ensure that it is using an IP Address which is compatible with the Wireless Access Point. (If no DHCP Server is found, the Wireless Access Point will default to an IP Address and Mask of 192.168.0.228 and 255.255.255.0.) On Windows PCs, you can use Control Panel-Network to check the Properties for the TCP/IP protocol.  B
Wireless Access Point User Guide 106 Problem 2:  My PC can't connect to the LAN via the Wireless Access Point. Solution 2  Check the following:  The SSID and WEP settings on the PC match the settings on the Wire-less Access Point.  On the PC, the wireless mode is set to "Infrastructure"  If using the Access Control feature, the PC's name and address is in the Trusted Stations list.  If using 802.1x mode, ensure the PC's 802.1x software is configured correctly. See Chapter 4 for details of setup for the Windows XP 802.1x client. If using a different client, refer to the vendor's documentation.
 107 Appendix C About Wireless LANs Overview Wireless networks have their own terms and jargon. It is necessary to understand many of these terms in order to configure and operate a Wireless LAN. Wireless LAN Terminology  Modes Wireless LANs can work in either of two (2) modes:  Ad-hoc  Infrastructure Ad-hoc Mode Ad-hoc mode does not require an Access Point or a wired (Ethernet) LAN. Wireless Sta-tions (e.g. notebook PCs with wireless cards) communicate directly with each other. Infrastructure Mode In Infrastructure Mode, one or more Access Points are used to connect Wireless Stations (e.g. Notebook PCs with wireless cards) to a wired (Ethernet) LAN. The Wireless Stations can then access all LAN resources.  Access Points can only function in "Infrastructure" mode, and can communicate only with Wireless Stations which are set to "Infrastructure" mode.  SSID/ESSID BSS/SSID A group of Wireless Stations and a single Access Point, all using the same ID (SSID), form a Basic Service Set (BSS). Using the same SSID is essential. Devices with different SSIDs are unable to communi-cate with each other. However, some Access Points allow connections from Wireless Stations which have their SSID set to “any” or whose SSID is blank (null). ESS/ESSID A group of Wireless Stations, and multiple Access Points, all using the same ID (ESSID), form an Extended Service Set (ESS). C
Wireless Access Point User Guide 108 Different Access Points within an ESS can use different Channels. To reduce interference, it is recommended that adjacent Access Points SHOULD use different channels.  As Wireless Stations are physically moved through the area covered by an ESS, they will automatically change to the Access Point which has the least interference or best perfor-mance. This capability is called Roaming. (Access Points do not have or require Roaming capabilities.) Channels The Wireless Channel sets the radio frequency used for communication.   Access Points use a fixed Channel. You can select the Channel used. This allows you to choose a Channel which provides the least interference and best performance. For 802.11g, 13 channels are available in the USA and Canada, but 11channels are available in North America if using 802.11b.  If using multiple Access Points, it is better if adjacent Access Points use different Chan-nels to reduce interference. The recommended Channel spacing between adjacent Access Points is 5 Channels (e.g. use Channels 1 and 6, or 6 and 11).  In "Infrastructure" mode, Wireless Stations normally scan all Channels, looking for an Access Point. If more than one Access Point can be used, the one with the strongest signal is used. (This can only happen within an ESS.)  If using "Ad-hoc" mode (no Access Point), all Wireless stations should be set to use the same Channel. However, most Wireless stations will still scan all Channels to see if there is an existing "Ad-hoc" group they can join. WEP WEP (Wired Equivalent Privacy) is a standard for encrypting data before it is transmitted. This is desirable because it is impossible to prevent snoopers from receiving any data which is transmitted by your Wireless Stations. But if the data is encrypted, then it is meaningless unless the receiver can decrypt it. If WEP is used, the Wireless Stations and the Wireless Access Point must have the same settings. WPA-PSK Like WEP, data is encrypted before transmission. WPA is more secure than WEP, and should be used if possible. The PSK (Pre-shared Key) must be entered on each Wireless station. The 256Bit encryption key is derived from the PSK, and changes frequently. WPA2-PSK This is a further development of WPA-PSK, and offers even greater security, using the AES (Advanced Encryption Standard) method of encryption. WPA-Enterprise This version of WPA requires a Radius Server on your LAN to provide the client authentica-tion according to the 802.1x standard. Data transmissions are encrypted using the WPA standard.
Appendix C - About Wireless LANs 109 If this option is used:   The Access Point must have a "client login" on the Radius Server.   Each user must have a "user login" on the Radius Server.   Each user's wireless client must support 802.1x and provide the login data when required.  All data transmission is encrypted using the WPA standard. Keys are automatically generated, so no key input is required. 802.1x This uses the 802.1x standard for client authentication, and WEP for data encryption. If possi-ble, you should use WPA-Enterprise instead, because WPA encryption is much stronger than WEP encryption.  If this option is used:   The Access Point must have a "client login" on the Radius Server.   Each user must have a "user login" on the Radius Server.   Each user's wireless client must support 802.1x and provide the login data when required.   All data transmission is encrypted using the WEP standard. You only have to select the WEP key size; the WEP key is automatically generated.
 110 Appendix D Command Line Interface Overview If desired, the Command Line Interface (CLI) can be used for configuration. This creates the possibility of creating scripts to perform common configuration changes. The CLI requires a Telnet connection to the Wireless Access Point. Using the CLI - Telnet 1. Start your Telnet client, and establish a connection to the Access Point. e.g. Telnet 192.168.0.228 2. You will be prompted for the user name and password. Enter the same login name and password as used for the HTTP (Web) interface. The default values are admin for the User Name, and password for the Password. 3. Once connected, you can use any of the commands listed in the following Command Reference. Command Reference The following commands are available.  config vap  Config Virtual AP X  ?                                    Display CLI Command List  help                      Display CLI Command List  get 11nampdu                  Set 11n A-MPDU Aggregation Mode  get 11namsdu                  Set 11n A-MSDU Aggregation Mode  get 11nguardinterval       Set 11n Guard Interval Mode  get 11nsubchannel           Set 11n Extension Sub-Channel  get 11nradioband             Set 11n Radio Band  get 802.11d                  Display 802.11d Mode  get acctserver                  Display Accounting Server  get acctport                    Display Accounting Port  get acctsecret                   Display Accounting Secret  get acl                           Display Access Control Status  get active                         Display VAP Active (up) Mode  get aging                          Display Idle Timeout Interval  get authentication            Display Authentication Type of WEP D
Appendix D - Command Line Interface 111  get beaconinterval           Display Beacon Interval  get channel                      Display Radio Channel  get country                      Display Country/Domain  get defaultkey                  Display Default Key Index  get description                 Display Access Point Description  get dhcp                           Display DHCP Mode  get dhcpserverendip        Display DHCP Server End IP Address  get dhcpserverstartip       Display DHCP Server start IP Address  get dnsserver                 Display IP Address of DNS Server  get dot1xdynkeyupdate  Display 802.1x Dynamic Key Update Mode  get dot1xdynkeylife  Display 802.1x Dynamic Key Life Time (in Minutes)  get dot1xkeytype             Display 802.1x Distribute Key Method  get fragthreshold             Display Fragment Threshold  get gateway                     Display Gateway IP Address  get gtkupdate                   Display Group Key Update Mode  get gtkupdateinterval       Display Group Key Update Interval (in Seconds)  get http                            Display HTTP Mode  get httpport                      Display HTTP Port Number  get https                           Display HTTPS Mode  get httpsport                    Display HTTPS Port Number  get ipaddr                        Display IP Address  get ipmask                       Display IP Subnet Mask  get isolation                     Display Isolate All Virtual APs State  get key                             Display WEP Key Value  get keylength                   Display WEP Key Length  get lltd                    Display LLTD Mode  get md5supplicant           Display 802.1x MD5 Supplicant Mode  get md5suppname           Display 802.1x Supplicant MD5 Name  get md5supppassword     Display 802.1x Supplicant MD5 Password  get md5supptype             Display 802.1x MD5 Supplicant Type  get nativevlanid               Display Native VLAN ID  get ntp                    Display NTP Server IP Address  get operationmode           Display Operation Mode  get password                   Display Login Password
Wireless Access Point User Guide 112  get psk  Display Pre-shared Key  get radiusserver  Display RADIUS Server IP Address  get radiusport                  Display RADIUS Port Number  get radiussecret                Display RADIUS Shared Secret  get remoteptmp               Display PTMP's Remote MAC Address List  get remoteptp                  Display PTP's Remote MAC Address  get roguedetect                Display Rogue AP Detection Mode  get rogueinteval               Display Interval of Every Rogue AP Detection  get roguelegal                  Display Legal AP List of Legal AP  get roguetrap                   Display Rogue AP Detection Send SNMP Trap Mode  get roguetype                   Display Rogue AP Definition  get rtsthreshold                Display RTS/CTS Threshold  get security                      Display Wireless Security Mode  get shortpreamble            Display Short Preamble Usage  get snmpreadcommu-nity                    Display SNMP Read Community  get snmpwritecommu-nity                  Display SNMP Write Community  get snmpmode                 Display SNMP Mode  get snmpmanagemode     Display SNMP Manager Mode  get snmptrapmode           Display SNMP Trap Mode  get snmptrapversion  Display SNMP Trap Version  get snmpv3username  Display SNMP v3 User Name  get snmpv3authproto  Display SNMP v3 Authentication Protocol  get snmpv3authkey  Display SNMP v3 Authentication Key  get snmpv3privproto  Display SNMP v3 Private Protocol  get snmpv3privkey  Display SNMP v3 Private Key  get ssid                            Display Service Set ID  get ssidbroadcast             Display SSID Broadcast Mode  get stp                          Display STP Mode  get strictgtkupdate           Display Group Key Update Strict Status  get syslog                        Display Syslog Mode  get syslogport  Display Syslog Port  get syslogserver               Display Unicast Syslog Server Address  get syslogseverity            Display Syslog Severity Level
Appendix D - Command Line Interface 113  get systemname               Display Access Point System Name  get telnet                          Display Telnet Mode  get time                            Display Current System Time  get timezone  Display Time Zone Setting  get uptime                        Display Access Point Up Time  get username                   Display Login User Name  get vapname                    Display Virtual AP Name  get version                       Display Firmware Version  get vlan                            Display VLAN Operational State  get vlanid                         Display the VLAN ID  get wirelessmode             Display Wireless LAN Mode  get wirelessseparate         Display Wireless Separate Mode  get wmm                          Display WMM Mode  get wmmnoack                Display WMM No Acknowledgement status  set 11nampdu                  Set 11n A-MPDU Aggregation Mode  set 11namsdu                   Set 11n A-MSDU Aggregation Mode  set 11nguardinterval        Set 11n Guard Interval Mode  set 11nsubchannel           Set 11n Extension Sub-Channel  set 11nradioband             Set 11n Radio Band  set 802.11d                      Set 802.11d Mode  set acctserver                   Set Accounting Server  set acctport                   Set Accounting Port  set acctsecret                   Set Accounting Secret  set acl                              Set Access Control  set active                          Set Active (up) Mode  set aging                          Set Idle Timeout Interval  set authentication            Set Authentication Type of WEP  set beaconinterval            Set Beacon Interval  set channel                       Set Radio Channel  set country                       Set Country/Domain  set defaultkey                  Set Default Key Index  set description                 Set Access Point Description  set dhcp                           Set DHCP Mode  set dhcpserverendip         Set DHCP Server End IP Address  set dhcpserverstartip        Set DHCP Server start IP Address
Wireless Access Point User Guide 114  set dnsserver  Set DNS Server IP Address  set dot1xdynkeyupdate  Set 802.1x Dynamic Key Update Mode  set dot1xdynkeylife         Set 802.1x Dynamic Key Life Time (in Minutes)  set dot1xkeytype             Set 802.1x Distribute Key Method  set fragthreshold              Set Fragment Threshold  set gateway                      Set Gateway IP Address  set groupkeyupdate         Set Group Key Update Mode  set groupkeyupdatein-terval           Set Group Key Update Interval (in Minutes)  set http                             Set HTTP Mode  set httpport                      Set HTTP Port Number  set https                           Set HTTPS Enable/Disable  set httpsport                     Set HTTPS Port Number  set ipaddr                         Set IP Address  set ipmask                        Set IP Subnet Mask  set isolation                     Set Isolate All Virtual APs State  set key                             Set WEP Key Value  set keylength                   Set WEP Key Length  set lltd                          Set LLTD Mode  set md5supplicant            Set 802.1x MD5 Supplicant Mode  set md5suppname            Set 802.1x Supplicant MD5 Name  set md5supppassword  Set 802.1x Supplicant MD5 Password  set md5supptype  Set 802.1x MD5 Supplicant Type  set nativevlanid  Set Native VLAN ID  set ntp  Set NTP Server IP Address  set operationmode           Set operation Mode  set password                    Modify Login Password  set psk                            Modify Pre-shared Key  set radiusserver                Set RADIUS IP Address  set radiusport                   Set RADIUS Port Number  set radiussecret                Set RADIUS Shared Secret  set remoteptmp                Set PTMP's Remote MAC Address List  set remoteptp                 Set Remote PTP MAC Address  set roguedetect                Set Rogue AP Detection Mode  set rogueinteval               Set Interval of Rogue AP Detection (Range: 3 ~ 99)
Appendix D - Command Line Interface 115  set roguelegal                  Add/Delete Legal AP MAC/OUI  set roguesnmp                 Set Rogue AP Detection SNMP Trap Mode  set roguetype                   Set Rogue AP Definition  set rtsthreshold                Set RTS/CTS Threshold  set security                      Set Wireless Security Mode  set shortpreamble  Set Short Preamble  set snmpreadcommu-nity                    Set SNMP Read Community  set snmpwritecommu-nity                    Set SNMP Write Community  set snmpmode                  Set SNMP Mode  set snmpmanagemode     Set SNMP Manager Mode  set snmptrapmode           Set SNMP Trap Mode  set snmptrapversion        Set SNMP Trap Version  set snmpv3username       Set SNMP v3 User Name  set snmpv3authproto  Set SNMP v3 Authentication Protocol  set snmpv3authkey  Set SNMP v3 Authentication Key  set snmpv3privproto  Set SNMP v3 Private Protocol  set snmpv3privkey  Set SNMP v3 Private Key  set ssid  Set Service Set ID  set ssidsuppress  Set SSID Broadcast Mode  set stp  Set STP Mode  set strictgtkupdate           Set Group Key Update Strict Status  set syslog                         Set Syslog Mode  set syslogport  Set Syslog Port  set syslogserver               Set Unicast Syslog Server Address  set syslogseverity            Set Syslog Severity Level  set systemname               Set Access Point System Name  set telnet  Set Telnet Mode  set timezone  Set Time Zone Setting  set username                    Modify Login User Name  set vlan                            Set VLAN Operational State  set vlanid  Set the VLAN Tag  set wirelessmode             Set Wireless LAN Mode  set wirelessseparate         Set Wireless Separate Mode
Wireless Access Point User Guide 116  set wmm                          Set WMM Mode  set wmmnoack                 Set WMM No Acknowledge  factoryrestore  Restore to Default Factory Settings  apply  To make the changes take effect  exit  Quit the telnet

Navigation menu