Teletronics TT900 TT Bridge Router User Manual IP3K Rev TT900
Teletronics International Inc TT Bridge Router IP3K Rev TT900
Contents
- 1. Professional installation User Manual
- 2. User Manual
Professional installation User Manual
1
TT™900
User Manual
802.11b/g 200mW
2
Table of Contents
Disclaimers ………………………….………….….…….……….….………........3
Introduction ……………………………………………………………………….4
Product Features ………………………………………………………………...5
Product Specifications ………………………………………………………….5
Installation ………………………………………………………………..………10
Configuring windows for IP Networking ……………………………………11
Web Configuration Interface ………………………………………………….13
Client Bridge Mode …………………….………….…….………………………13
Access Point Mode …………………………………………………………...…30
Appendix A: Warranty Policy ……………………………………………...…..50
Appendix B: RMA Policy …………………………………………………...…..51
Appendix C: Regulatory Information ……………………………………...…52
Appendix D: Contact Information ………………………………………...…..54
Appendix E: WDS Explained ……………………………………………...…..55
Appendix F: TT900 Upgrade FAQ …….…………………...…...……………..57
Appendix G: Antenna Diversity ……………………………………………....59
Appendix H: Troubleshooting ………………………………………………...60
Appendix I: Key Requirement Chart.…………………..……………………..61
Appendix J: Glossary ……………………………………..……………………62
3
Disclaimers
No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as
translation, transformation or adaptation) without written permission from the copyright owner.
All other trademarks and registered trademarks are the property of their respective owners.
Statement of Conditions
We may make improvements or changes in the product described in this documentation at any time. The information
regarding the product in this manual is subject to change without notice.
We assume no responsibility for errors contained herein or for direct, indirect, special, incidental or consequential damages
with the furnishing, performance or use of this manual or equipment supplied with it, even if the suppliers have been advised
about the possibility of such damages.
Electronic Emission Notices
This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions:
(1)This device may not cause harmful interference.
(2)This device must accept any interference received, including interference that may cause undesired operation.
FCC INFORMATION
The Federal Communication Commission Radio Frequency Interference Statement includes the following paragraph:
The equipment has been tested and found to comply with the limits for a Class B Digital Device, pursuant to part 15 of the
FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential
installation. This equipment usage generates radio frequency energy and, if not installed and used in accordance with the
instructions, may cause harmful interference to radio communication. However, there is no grantee that interference will not
occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can
be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of
the following measures:
• Reorient or relocate the receiving antenna.
• Increase the separation between the equipment and receiver.
• Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
• Consult the dealer or an experienced radio/TV technician for help.
The equipment is for home or office use.
IMPORTANT NOTE
FCC RF Radiation Exposure Statement: This equipment complies with FCC RF radiation exposure limits set forth for an
uncontrolled environment. This equipment should be installed and operated with a minimum distance of 20cm between the
antenna and your body and must not be co-located or operating in conjunction with any other antenna or transmitter.
Caution: Changes or modifications not expressly approved by the party responsible for compliance could
void the user's authority to operate the equipment.
4
Introduction
The TT900 is Teletronics’s answer to the ever growing demand for higher bandwidth and security in a wireless network
environment. It is based on a brand new redesigned platform that not only offers faster performance and capacity but
also supports all current pre IEEE 802.11i wireless security standards. The TT900 is housed in a weather-proof NEMA
4 enclosure, supports high power 802.11 b/g radio, industrial grade construction, multiple antenna options, surge
protection on the radio and PoE (Power Over Ethernet) adaptor, and RoHS compliance.
TT5800 Product Photos
TT900 PCB
IEEE 802.11a miniPCI Card
TT900 Enclosure (Die Cast Aluminum NEMA 4 Box)
5
Product Features
• Compact size for small enterprise or system integrate service market
• Compliant with IEEE 802.11b/g specifications
• Supports 64/128-bit WEP, WPA and IEEE802.1x
• Intelligent firmware upgrade via Web browser
• Built-in Web-based utility for easy configuration from any Web browser
• Support POE (IEEE 802.3af) function
• Supports wireless bridging and MAC address filtering
• Provide 10/100M, auto sensing MDI/MDI-X Ethernet port
• EzManager Support
Product Specifications
Main Chips
• CPU: Ubicom IP3023
• Radio: Supports 802.11b/g Atheros AR5414
Mechanical
• Chassis Dimension (W x D x L): 7.5” x 2.75”x 9”
Board Specifications
Specification Description
Network Standard IEEE 802.11 b/g, IEEE 802.3, IEEE802.3x
Ethernet 10/100BaseT Ethernet, Auto MDI/MDI-X
Network Architecture Infrastructure; Ad-Hoc
MAC CSMA/CA
Status Indicators POWER, Wireless LAN(RF),Ethernet LAN, Receives Signal
Strength(RSS)
Push Button Reset to Default Button
6
Radio Specifications
• IEEE 802.11b/g 2.4 GHz mini-PCI card
Specification Description
Chipset MAC/BB Processor Atheros AR5414
Power Consumption IEEE 802.11b TX: ~1100 mA RX: ~600 mA
IEEE 802.11g TX: ~1100 mA RX: ~600 mA
Antenna Connector
SMA connector
Output Power
IEEE 802.11b:
• 23dBm (± 1.5dB) @ 1Mbps
• 22dBm (± 1.5dB) @ 2Mbps
• 21dBm (± 1.5dB) @ 5.5Mbps
• 20dBm (± 1.5dB) @ 11Mbps
IEEE 802.11g:
• 23dBm (±1.5dB) @ 54Mbps
• 22dBm (±1.5dB) @ 48Mbps
• 21dBm (±1.5dB) @ 36Mbps
• 20dBm (±1.5dB) @ 1~24 Mbps
Receiver Sensitivity
IEEE 802.11b/g
Sensitivity @ 8% Packet Error Rate
• 54Mbps:-72dBm
• 6Mbps:-92dBm
Modulation
IEEE 802.11b (DSSS)
• 5.5/11 Mbps (CCK)
• 2 Mbps (DQPSK)
• 1 Mbps (DBPSK)
IEEE 802.11g (OFDM/DSSS)
• 48/54 Mbps (QAM-64)
• 24/36 Mbps (QAM-16)
• 12/18 Mbps (QPSK)
• 6/9 Mbps (BPSK)
• 5.5/11Mbps (CCK)
• 2Mbps (DQPSK)
• 1Mbps (DBPSK)
Operating Frequency
• USA(FCC): 902 MHz ~ 928 MHz
7
LED Definition (Optional)
Item Specification
ON (Red) Power on
Power Off No power
On (Yellow) Connected
Off Not connected
RF(WLAN)
Blinking(Green) Connected and transmitting
On (Green) Connected
Off Not connected
LAN
Blinking(Green) Connected and transmitting
Blinking left to
right Not connected (Scanning for AP)
Received Signal Strength
Indicator (RSSI)
On Connected, indicating Received Signal
Strength.
Software Specification
Item Specification
Bridge Features
• Universal Bridging
• MAC Address Cloning
• RTS Threshold/Fragmentation Threshold
• Infrastructure or Ad-Hoc Mode
• Non-IP Traffic Bridging
Security Features
• 64-Bit/128-Bit WEP Encryption
• WPA Personal Using TKIP or AES
• WPA Enterprise Using TKIP or AES
• 802.1x Authenticator
• Cisco LEAP Support
• MAC Address Filter
Management Features
• Web Access (Username/Password Protected)
• Static IP
• Automatic Device Discovery & Configuration
• SNMP v1, DHCP and PPPoE (Ethernet or Wireless)
• Firmware Upgrade via Web Browser
• Transmit Power Adjustment
External AC Power Adapter
Item Specification
Input Voltage 110-240VAC
Line Frequency 50/60Hz
Power Output to M/B 48VDC, 1A
8
Environmental
Item Specification
Operating Temperature -20 C to 70 C (-4 F to 158 F),
10 to 90% (non-condensing)
Storage Temperature -25 C to 80 C (-13 F to 176 F),
10 to 90% (non-condensing)
Standards / Regulatory Compliance
• CE, FCC
Product Kit Part Listing
1. TT900 802.11b/g PCBA (1)
2. IEEE 802.11b/g mini-PCI radio card (1)
3. Power over Ethernet Injector (1)
4. 48VDC Power Adapter (1)
5. Ethernet Cable (2)
6. Waterproof RJ-45 Connector (1)
7. Mounting Hardware (1)
8. User Manual
Note: If any item listed above is damaged or missing, please contact your dealer immediately.
System Requirements
• Any desktop or laptop with an Ethernet interface
• TCP/IP protocol suite installed
• Standard CAT5 Ethernet cables with RJ45 connectors
• Internet Explorer 5.0 or later / Firefox 1.0 or higher
Note:
Professional must install this device.
End-user cannot set the functionality by hardware or software from one to another directly.
End-user can adjust output power through a drop down menu, but cannot adjust the output power over the
applicati on.
The EUT will be settled output power not greater than the application by Manufacturer.
Installation of this device should be accomplished only by a qualified wireless LAN system installer who is:
• Knowledgeable of the use. Installation and configuration procedures and associated networking components.
• Knowledgeable of each system component’s equipment User and Installation Guide.
• Knowledgeable of the installation procedures, safety, and code requirements for the site’s antenna, antenna
mast, antenna cabling, and installation. TELETRONICS highly recommends that the antenna installation be
performed by a qualified antenna installation professional.
The intended use is generally not for the general public. It is generally for industry/commercial use.
The device cannot be sold retail, to the general public or by mall order. It must be sold to dealers or have strict
marketing control.
The intended use is generally not for the general public. It is generally for industry/commercial use.
9
Installation
Preparation for Installation
Always double check for any missing parts from the kit you received before deployment.
The next step is to set up the computer Ethernet interface for configuring the TT900. Since the default IP Address of
the unit is on the 192.168.10.x IP range in both Client Bridge and AP mode you will need to set the Ethernet interface
within the same IP range, where x will have to be a free IP address number from 1-254.
Check the following section - “Hardware Installation” and the next chapter - “Configuring Windows for IP Networking” to
obtain complete details.
Hardware Installation
Follow the procedure below to install your TT900 device:
1. Select a suitable place on the network to install the TT900. For best wireless reception and performance the
external antenna should be positioned within Line of Sight from the AP with proper alignment.
2. Connect the TT900 to the ODU side of the PoE Injector, via a straight Ethernet cable (Cat-5), and then connect
the NET side of the PoE Injector to either a computer or an Ethernet Switch. Note: The TT900 now fully supports
the MDI/MDI-X standard and no longer requires the use of a cross over cable to connect directly with a computer.
3. Connect the 48VDC power adapter to the power jack on the PoE injector to power on the TT900.
4. Check the LEDs on the TT900 to confirm if the status is okay. At this point the Power (PWR) LED indicator
should be red and Ethernet (LAN) LED should be green. The RF light should light up once the unit is associated
wirelessly with another wireless device. However at this point the unit is still in factory default setting so do not be
alarmed that the WLAN light doesn’t light up.
5. Now the hardware installation is complete and you may proceed to the next chapter –“Configuring Windows for
IP Networking” for instructions on setting up network configurations.
* The installation of the equipment should allow at least 20 centimeter between the equipment and persons to be in
compliance with FCC RF exposure guidelines.
10
Configuring Windows for IP Networking
To establish a communication link between your PC and TT900, you will need to set up a static IP address for your
computer first. This section helps you configure the network settings for your operating system. Please follow the
procedures below to complete the settings:
Windows XP
1. Click Start on the taskbar and from the Control Panel choose Network Connections. Right-click the Local
Area Connection icon and then choose Properties from the menu. You should see the Local Area Connection
Properties dialog box shown below.
2. Select the Internet Protocol (TCP/IP) for your network card, and then click Properties.
3. In the opened dialog box, choose Use the following IP address
4. Under the General tab, choose Use the following IP address, and then specify an IP address. For example,
type in 192.168.10.X in the IP Address (where X is any free IP number from 1-254, excluding 241) area and
255.255.255.0 in the Subnet Mask area.
11
5. Click OK to finish configuration.
12
Web Configuration Interface
Client Bridge Mode
Default IP Address in Client Bridge Mode: 192.168.10.241
To access the web control interface please open up a browser window and type in the factory default IP address in the
URL.
Press Enter on your keyboard and a login prompt window similar to the one shown below will appear.
There is no default User name or Password. Leave User name and Password field blank and click OK.
Note: You may set a new password by clicking the Admin tab after you enter the Web Configuration page.
13
Information
Under the main web interface home page you will see the following configuration menu pages: Information, APs,
Wireless, Security, Admin and Advanced. Detailed information for each section is provided below:
Access Points (APs)
The APs section displays available hotspots in the area along with the MAC address, SSID, Channel, Wireless mode,
signal strength and transmission rate for each access point.
14
Wireless
15
Wireless On/Off
This is the on/off switch of the radio card.
Wireless Mode
Infrastructure: An 802.11 networking framework in which devices communicate with each other by first going through
an Access Point (AP).
Ad-hoc: An 802.11 networking framework in which devices or stations communicate directly with each other, without
the use of an access point (AP). Use this mode if there is no wireless infrastructure or where services are not required.
Wireless Network Name (SSID)
Network Name is also known as SSID, which stands for Service Set Identifier. Any client in Infrastructure mode has to
indicate the SSID of an Access Point to access a service such as internet access through the Access point.
Access Point Identifier (BSSID)
The Basic Service Set Identifier is the unique identifier (MAC address) of an access point in a Basic Service Set (BSS)
network. The subscriber unit is forced to associate with this particular unit if there are multiple access points in the
network.
Transmission rate (Mbits/s)
This option indicates the transmission rate of the bridge. Specify the rate according to the speed of your wireless
network from the list. Most of the time the default setting, Best (automatic), should be selected for best performance.
The setting can be adjusted manually if the link quality and signal strength are unusually low or high to get the best
performance.
802.11 Mode
Wireless mode allows the user to select whether this subscriber unit will connect to an 802.11b only network, an
802.11g only network or both b/g networks. For b or g only wireless devices on the network,
selecting 802.11b or 802.11g only mode will provide better performance than mixed mode. For TT900 the options of
802.11b, 802.11g only or mixed 802.11g and 802.11b are available.
RF Transmit Power
This section controls the power output for the mini-PCI radio card. The valid input range for this section is in the range
of 0-23 in dBm units or (1mw – 200mw). The default value is 20 dBm or 100mW.
Super Mode (Disabled)
Super Mode is only supported if both the client and the AP are using compatible Atheros radio chipsets
• Disabled
• Super A/G without Turbo
• Super A/G with Static Turbo
• Super A/G with Dynamic Turbo (AR enabled)
16
Country and Region
This option selects the country and region of operation. Every device should be configured to use the proper regional
settings which comply with and do NOT violate the radio regulatory laws at the installed location.
Channel
Channels are important to understand because they affect the overall capacity of your Wireless LAN. A channel
represents a narrow band of radio frequency. A radio frequency modulates within a band of frequencies; as a result
there is a limited amount of bandwidth within any given range to carry data. It is important that the frequencies do not
overlap or else the throughput would be significantly reduced as the network sorts and reassembles the data packets
sent over the air.
For the TT900: 902-928 GHz frequency range, there are only1 channel out of 2 channels available that do not overlap
with one another.
• Channel 1 = 913 MHz
• Channel 2 = 918 MHz
802.11b/g Wireless Channel Frequency Range: 2.4 GHz – 2.497 GHz
2.4 GHz – 2.497 GHz frequency range, there are only 3 channels out of the 11 available that do not overlap with one
another. To avoid interference within a network with multiple APs, set each AP to use one of the 3 channels (e.g.
Channel 1) and then the other AP to be one of the other 2 channels (i.e. Channel 6 or Channel 11) within the range of
the wireless radio. This simple method will reduce interference and improve network reliability.
802.11b/g Non-overlapping Channel Frequency Ranges
• Channel 1 = 2.401 GHz – 2.423 GHz
• Channel 6 = 2.426 GHz – 2.448 GHz
• Channel 11 = 2.451 GHz – 2.473 GHz
Americas: Wireless Channels 1 – 11
Asia: Wireless Channels 1 – 14
Europe: Wireless Channels 1 – 13
802.11a Wireless Channel Frequency Range: 5.15 GHz – 5.35 GHz, 5.725 – 5.825
802.11a is an extension to 802.11 that applies to wireless LANs and provides up to 54 Mbps in the 5GHz band.
802.11a uses an orthogonal frequency division multiplexing encoding scheme rather than FHSS or DSSS. Unlike that
of 802.11b/g, 802.11a standard separates its channels into 3-100MHz segments in the US.
The lower and middle band accommodates 8 channels in a total bandwidth of 200 MHz and the upper band
accommodates 4 channels in a 100 MHz bandwidth. The frequency channel center frequencies are spaced 20 MHz
apart. The outermost channels of the lower and middle bands are centered 30 MHz from the outer edges. In the upper
band the outermost channel centers are 20 MHz from the outer edges.
In addition to the frequency and channel allocations, transmit power is a key parameter regulated in the 5 GHz U-NII
band. Three transmit power levels are specified: 40 mW, 200 mW and 800 mW. The upper band defines RF transmit
power levels suitable for bridging applications while the lower band specifies a transmit power level suitable for short-
range indoor home and small office environments.
802.11a Non-overlapping Channel Frequency Ranges
Lower Band (5.15 - 5.25 GHz) – Maximum Output Power 40mW
• Channel 36 = 5.15 – 5.18
• Channel 40 = 5.18 – 5.20
• Channel 44 = 5.20 – 5.22
17
• Channel 48 = 5.22 – 5.25
Middle Band (5.25 - 5.35 GHz) – Maximum Output Power 200mW
• Channel 52 = 5.25 – 5.28
• Channel 56 = 5.28 – 5.30
• Channel 60 = 5.30 – 5.32
• Channel 64 = 5.32 – 5.35
Upper Band (5.725 - 5.825 GHz) – Maximum Output Power 800mW
• Channel 149 = 5.725 – 5.745
• Channel 153 = 5.745 – 5.765
• Channel 157 = 5.765 – 5.785
• Channel 161 = 5.785 – 5.805
• Channel 165 = 5.805 – 5.825
Special Atheros Turbo Mode Channels
*Use this setting only when both side of the wireless connection is using the Atheros chipset. The radio will combine 2
free channels for the wireless transmission to double the bandwidth.
• Channel 42 = 5.210
• Channel 50 = 5.250
• Channel 58 = 5.290
• Channel 152 = 5.760
• Channel 160 = 5.800
18
Security
19
WPA Configuration
Short for Wi-Fi Protected Access, WPA is a Wi-Fi standard that was designed to improve upon the security features of
WEP. WPA has the following improvements over WEP:
• Improved data encryption through temporal key integrity protocol (TKIP). TKIP scrambles the keys using a
hashing algorithm. By adding an integrity-checking feature, TKIP ensures that keys have not been tampered
with.
• User authentication through the Extensible Authentication Protocol (EAP). WEP regulates access to a wireless
network based on a computer’s hardware-specific MAC address, which is relatively simple to be sniffed out
and stolen. EAP is built on a more secure public-key encryption system to ensure that only authorized network
users can access the network.
WPA Enable
This option enables the WPA Authenticator. Note that any client that does not support the WPA standard will not be
able to handshake / authenticate with a WPA enabled device.
WPA Mode
• WPA
o Designed to secure present and future versions of IEEE 802.11 devices, WPA is a subset of the IEEE
802.11i specification. WPA addresses all known vulnerabilities in WEP. WPA also provides user
authentication, since WEP lacks any means of authentication. WPA replaces WEP with a strong new
encryption technology called Temporal Key Integrity Protocol (TKIP) with Message Integrity Check
(MIC). It also provides a scheme of mutual authentication using IEEE 802.1X/Extensible
Authentication Protocol (EAP) authentication or pre-shared key (PSK) technology. WPA was designed
and has been scrutinized by well-known cryptographers. It can be implemented immediately and
inexpensively as a software or firmware upgrade to most existing Wi-Fi CERTIFIED™ access points
and client devices with minimal degradation in network performance. WPA offers standards-based, Wi-
Fi CERTIFIED security. It assures users that the Wi-Fi CERTIFIED devices they buy will be cross-
vendor compatible. When properly installed, WPA provides a high level of assurance to enterprises,
small businesses and home users that data will remain protected and that only authorized users may
access their networks. For enterprises that have already deployed IEEE 802.1X authentication, WPA
offers the advantage of leveraging existing authentication databases and infrastructure.
• WPA2
o WPA2 is the second generation of WPA security; providing enterprise and consumer Wi-Fi® users with
a high level of assurance that only authorized users can access their wireless networks. Launched in
September 2004 by the Wi-Fi Alliance, WPA2 is the certified interoperable version of the full IEEE
802.11i specification which was ratified in June 2004. Like WPA, WPA2 supports IEEE 802.1X/EAP
authentication or PSK technology. It also includes a new advanced encryption mechanism using the
Counter-Mode/CBC-MAC Protocol (CCMP) called the Advanced Encryption Standard (AES). AES
satisfies U.S. government security requirements. It has been adopted as an official government
standard by the U.S. Department of Commerce and the National Institute of Standards and
Technology (NIST). Organizations that require the AES encryption available in WPA2 should be aware
that upgrading to it may require new hardware. Section II of this document offers a roadmap for
organizations planning to upgrade to WPA2. Considerations for its deployment are outlined in Section
III.
20
Cipher Type
• TKIP
o Temporal Key Integrity Protocol is an upgrade to the WEP known as WEP 1.1 that fixes known
security problems in WEP’s implementation of the RC4 stream cipher. TKIP scrambles the keys using
a hashing algorithm and by adding an integrity-checking feature, ensures that the keys haven’t been
tampered with.
• AES
o Advanced Encryption Standard (Rijndael Cypher) is the U.S. government's next-generation
cryptography algorithm, which will replace DES and 3DES. AES works at multiple network layers
simultaneously. AES Supports 128, 192 and 256 bit keys. Unlike the older standard, AES and 802.11i
(WEP version 2) are based on 32bit processing.
• TKIP and AES
o If clients support both the TKIP and AES standards then this would be the strongest cipher type to use
that combines both TKIP and AES security.
PSK
PSK stands for Pre-Shared-Key and serves as a password. User may key in 8 to 63 characters string to set the
password and activate 802.1x Authentication. Note that the same password must be used at both ends of the
communication link (access point and client end).
WEP Configuration
Short for Wired Equivalent Privacy, a security protocol for wireless local area networks (WLANs) defined in the 802.11b
standard. WEP is designed to provide the same level of security as that of a wired LAN.
Enable WEP
To enable the WEP Authenticator
Default WEP key to use
• WEP Key 1-4
Select the key to be used as the default key. Data transmissions are always encrypted using the default key. The other
keys can only be used to decrypt received data.
Authentication
• Open - Open system authentication involves a two-step authentication transaction sequence. The first step in
the sequence is the identity assertion and request for authentication. The second step in the sequence is the
authentication result. If it is “successful”, the station shall be mutually authenticated. Open system
authentication does not provide authentication. It provides identification using the wireless adapter's MAC
address. Open system authentication is used when no authentication is required. It is the default
authentication algorithm.
Open system authentication uses the following process:
1. The authentication-initiating wireless client sends an IEEE 802.11 authentication management frame that contains
its identity.
2. The receiving wireless AP checks the initiating station's identity and sends back an authentication verification
frame.
3. With some wireless APs, you can configure the MAC addresses of allowed wireless clients. However, configuring
21
the MAC address does not provide sufficient security because the MAC address of a wireless client can be
spoofed.
• Shared Key - Shared key authentication supports authentication of stations as either a member of those who
know a shared secret key or a member of those who do not. Shared key authentication is not secure and is
not recommended for use. It verifies that an authentication-initiating station has knowledge of a shared secret.
This is similar to pre-shared key authentication for Internet Protocol security (IPSec). The 802.11 standard
currently assumes that the shared secret is delivered to the participating wireless clients by means of a more
secure channel that is independent of IEEE 802.11. In practice, a user manually types this secret for the
wireless AP and the wireless client.
Shared key authentication uses the following process:
1. The authentication-initiating wireless client sends a frame consisting of an identity assertion and a request
for authentication.
2. The authenticating wireless node responds to the authentication-initiating wireless node with challenge
text.
3. The authentication-initiating wireless node replies to the authenticating wireless node with the challenge
text that is encrypted using WEP and an encryption key that is derived from the shared key authentication
secret.
4. The authentication result is positive if the authenticating wireless node determines that the decrypted
challenge text matches the challenge text originally sent in the second frame. The authenticating wireless
node sends the authentication result.
5. Because the shared key authentication secret must be manually distributed and typed, this method of
authentication does not scale appropriately in large infrastructure network mode, such as corporate
campuses.
WEP key lengths
64 bit (10 Hex Digit)
WEP Key type Example
64-bit WEP with 5 characters
Key1= 2e3f4
Key2= 5y7js
Key3= 24fg7
Key4= 98jui
64-bit WEP with 10 hexadecimal digits
('0-9', 'A-F')
Key1= 123456789A
Key2= 23456789AB
Key3= 3456789ABC
Key4= 456789ABCD
128 bit (26 Hex Digit)
WEP Key type Example
128-bit WEP with 13 characters
Key1= 2e3f4w345ytre
Key2= 5y7jse8r4i038
Key3= 24fg70okx3fr7
Key4= 98jui2wss35u4
128-bit WEP with 26 hexadecimal digits
('0-9', 'A-F')
Key1= 112233445566778899AABBCDEF
Key2= 2233445566778899AABBCCDDEE
Key3= 3344556677889900AABBCCDDFF
Key4= 44556677889900AABBCCDDEEFF
22
Admin
Device Name
This is the name that the bridge will use to identify itself to external configuration and IP address programs. This is not
the same as the SSID. It is okay to leave this blank if you are not using these programs.
SNMP Setting
SNMP enable
Option to enable or disable SNMP support.
Community
The SNMP Read-only Community string is like a user id or password that allows access to a router's or other device's
statistics or management information. InterMapper sends the community string along with all SNMP requests. If the
community string is correct, the device responds with the requested information. If the community string is incorrect,
the device simply discards the request and does not respond.
23
Factory default setting for the read-only community string is set to "public". It is standard practice to change all the
community strings so that outsiders cannot see information about the internal network. (In addition, the administrator
may also employ firewalls to block any SNMP traffic to ports 161 and 162 on the internal network.)
Change this value to have InterMapper use the new string when querying SNMP devices.
IP Settings
IP Address Mode
• Static
o Manually setup an IP address for this device.
• DHCP
o Set up the bridge as a DHCP client which will pick up an IP address from a DHCP server.
Default IP address
The default Client Bridge Mode IP address: 192.168.10.241
Default subnet mask
The factory subnet default value is 255.255.255.0
Default gateway
The factory gateway default address is 192.168.10.1
24
Security
This section is used to set up the administrative login name and password.
User name
This is the user name that you must type when logging into the web interface.
Administrator Password
This is the password that you must type when logging into the web interface. You must enter the same
password into both boxes for confirmation.
Syslog
Syslog Enabled
Option to enable or disable Syslog support.
Syslog Daemon Server
The Syslog server IP address input box.
Ping Watchdog Utility
Ping Watchdog Utility Enabled
If enabled, the Ping Watchdog utility tracks the TCP/IP link between this device and another remote destination at the
other end of the wireless link. When the remote destination is unreachable (loss of connection) the Ping Watchdog
Utility will reboot the unit in an attempt to re-establish the connection. When the TT is up for 2 minutes, the ping
watchdog utility will start to ping the remote network device every 20 seconds, if there is no icmp response for 3 times
in a row then the ping watchdog will kick off the reboot action.
Destination IP address of the Ping Watchdog Utility
This is the IP address of the remote destination.
25
Device Control
This section has functions that will allow the TT900 to Reboot and Reset the system configuration to factory defaults.
Firmware Upgrade
This section allows the TT900 firmware to be upgraded or changed directly from the web interface. Click on the
Browse button to select a file from the host machine.
Register
The TT900 has implemented a hardware modification authorization process to prevent use by fraudulent hardware
from other manufacturers. This will require any hardware change on the radio card used on the TT900 to input a serial
code generated based on each unique MAC address. Please contact Teletronics Support to a pickup a valid serial
number to deactivate the pre-registration protection after a radio card swap. If the unit is not registered some features
such as SSID and Wireless Channel selection will be disabled.
26
Advanced
27
Cloning
Cloning Mode
• WLAN Card
o If set to "WLAN Card", the MAC Address of the WLAN Card will be used. When multiple Ethernet
devices are connected to the Bridge, the MAC Address of the Bridge will not change.
• Ethernet Client
o If set to "Ethernet Client", the MAC Address from the first Ethernet client that transmits data through
the Bridge will be used. This means the client MAC address will become the alias address to the
Bridge.
Advanced Wireless
Fragmentation threshold
Fragmentation Threshold is the maximum length of the frame beyond which payload must be broken up (fragmented)
into two or more frames. Collisions occur more often for long frames because sending them occupies the channel for a
longer period of time, increasing the chance that another station will transmit and cause collision. Reducing
Fragmentation Threshold results in shorter frames that "busy" the channel for shorter periods, reducing packet error
rate and resulting retransmissions. However, shorter frames also increase overhead, degrading maximum possible
throughput, so adjusting this parameter means striking a good balance between error rate and throughput.
RTS threshold
RTS Threshold is the frame size above which an RTS/CTS handshake will be performed before attempting to transmit.
RTS/CTS asks for permission to transmit to reduce collisions but adds considerable overhead. Disabling RTS/CTS can
reduce overhead and latency in WLANs where all stations are close together but can increase collisions and degrade
performance in WLANs where stations are far apart and unable to sense each other to avoid collisions (aka Hidden
Nodes). If you are experiencing excessive collisions you can try turning RTS/CTS on or (if already on) reduce
RTS/CTS Threshold on the affected stations.
Burst time
Maximum burst time is a feature based on the PRISM Nitro; a new WLAN software solution that more than triples
802.11g throughput in a mixed-mode environment and offers up to 50 percent greater throughput performance in
802.11g-only networks. PRISM Nitro is fully IEEE 802.11 compliant and uses prioritization algorithms and enhanced
protection mechanisms to significantly increase wireless networking performance.
The recommended value for the maximum burst time for 11b or the mixed 11b/g environment is 650. The 11g only
mode uses the value 1400.
Beacon Period
In wireless networking, a beacon is a packet sent by a connected device to inform other devices of its presence and
readiness. When a wirelessly networked device sends a beacon, it includes with it a beacon interval which specifies
the period of time before it will send the beacon again. The interval tells receiving devices on the network how long
they can wait in low-power mode before waking up to handle the beacon. Network managers can adjust the beacon
interval, usually measured in milliseconds (ms) or its equivalent, kilo microseconds (Kμsec).
28
802.11d
802.11d is a wireless network communications specification for use in countries where systems using other standards
in the 802.11 family are not allowed to operate. The 802.11d specification is well suited for systems that want to
provide global Roaming.
ACK Timeout
When a packet is sent out from 802.11 Station A it will wait for an 'ACKnowledgement frame' from 802.11 Station B.
Station A will only wait for a certain amount of time (ACK timeout) or ACK window. If the ACK is NOT received within
that timeout period then the packet will be re-transmitted from Station A resulting in reduced throughput. When sending
LOTS of packets as in 802.11g and 802.11a the constant re-transmission could cost severe performance degradation
due to the ACK frame not making it back to 802.11 Station A in time. This will have a dramatic impact on the throughput
of the link regardless of the quantity of signal strength and good receiver sensitivity.
Antenna Selection
* Please refer to Appendix G on page 58 for further information.
29
Access Point Mode
Default IP Address in Access Point Mode: 192.168.10.240
To access the web control interface please open up a browser window and type in the factory default IP address in the
URL.
Press Enter on your keyboard and a login prompt window similar to the one shown below will appear.
There is no default User name or Password. Leave User Name and Password field blank and then click OK.
Note: You may set a new password by clicking the Admin tab after you enter the Web Configuration page
30
Information
Under the main web interface home page you will see the following configuration menu pages:
Information, Stations, Wireless, WDS, Security, Access, Admin, Advanced. Detailed information on each section
is provided below.
Stations
The Stations section will display all the associated clients along with the MAC address and basic RF related
information on the Mode, Rate, Signal and StationIdleTime for each associated client.
31
Wireless
32
Wireless On/Off
Enable or disable the wireless port.
Wireless Network Name (SSID)
Network Name is also known as SSID, which stands for Service Set Identifier. This is where you’re going to setup the
Service Set Identifier name for this AP. Remember that the SSID is cap sensitive just like the password.
Visibility Status
This controls the SSID broadcasting function. If enabled, the SSID will be broadcasted to all wireless clients in the
area. If disabled, wireless clients will not be able to pickup the SSID but must explicitly know the SSID of the unit in
order to associate. The recommended practice is to set the visibility status to invisible after setting up the wireless
network.
Transmission rate (Mbits/s)
This option indicates the transmission rate of the bridge. Specify the rate according to the speed of your wireless
network from the list. Most of the time the default setting, Best (automatic), should be selected for best performance.
The setting can be adjusted manually if the link quality and signal strength are unusually low or high to get the best
performance.
802.11 Mode
Wireless mode allows the user to select whether this Access Point will connect to an 802.11b only network, an 802.11g
only network, an 802.11a only network or both b/g networks. For b or g only wireless devices on the network, selecting
802.11b or 802.11g only mode will provide better performance than mixed mode. For TT900 the options of 802.11b,
802.11g only or Mixed 802.11g and 802.11b are available.
Adaptive Radio Selection
When using dynamic turbo mode with a compatible Atheros radio chipset, this option allows the Access point to switch
to non-turbo mode when non-turbo traffic is detected and vice versa.
Super Mode (Disabled)
Super Mode is only supported if both the client and the AP are using compatible Atheros radio chipsets.
• Disabled
• Super A/G without Turbo
• Super A/G with Static Turbo
• Super A/G with Dynamic Turbo (AR enabled)
Auto Channel Select
Check this box to enable the Access Point to automatically select the best channel at start up. This may take up to 20
seconds and during this period no clients will be able to associate.
RF Transmit Power
This section controls the power output for the mini-PCI radio card. The valid input range for this section is in the range
of 0-30 in dBm units. The default value is 23 dBm or 200mW.
33
Channel
Channels are important to understand because they affect the overall capacity of your Wireless LAN. A channel
represents a narrow band of radio frequency. A radio frequency modulates within a band of frequencies; as a result
there is a limited amount of bandwidth within any given range to carry data. It is important that the frequencies do not
overlap or else the throughput would be significantly reduced as the network sorts and reassembles the data packets
sent over the air.
For the TT900: 902-928 GHz frequency range, there are only1 channel out of 2 channels available that do not overlap
with one another.
• Channel 1 = 913 MHz
• Channel 2 = 918 MHz
802.11b/g Wireless Channel Frequency Range: 2.4 GHz – 2.497 GHz
2.4 GHz – 2.497 GHz frequency range, there are only 3 channels out of the 11 available that do not overlap with one
another. To avoid interference within a network with multiple APs, set each AP to use one of the 3 channels (e.g.
Channel 1) and then the other AP to be one of the other 2 channels (i.e. Channel 6 or Channel 11) within the range of
the wireless radio. This simple method will reduce interference and improve network reliability.
802.11b/g Non-overlapping Channel Frequency Ranges
• Channel 1 = 2.401 GHz – 2.423 GHz
• Channel 6 = 2.426 GHz – 2.448 GHz
• Channel 11 = 2.451 GHz – 2.473 GHz
Americas: Wireless Channels 1 – 11
Asia: Wireless Channels 1 – 14
Europe: Wireless Channels 1 – 13
802.11a Wireless Channel Frequency Range: 5.15 GHz – 5.35 GHz, 5.725 – 5.825
802.11a is an extension to 802.11 that applies to wireless LANs and provides up to 54 Mbps in the 5GHz band.
802.11a uses an orthogonal frequency division multiplexing encoding scheme rather than FHSS or DSSS. Unlike that
of 802.11b/g, 802.11a standard separates its channels into 3-100MHz segments in the US.
The lower and middle band accommodates 8 channels in a total bandwidth of 200 MHz and the upper band
accommodates 4 channels in a 100 MHz bandwidth. The frequency channel center frequencies are spaced 20 MHz
apart. The outermost channels of the lower and middle bands are centered 30 MHz from the outer edges. In the upper
band the outermost channel centers are 20 MHz from the outer edges.
In addition to the frequency and channel allocations, transmit power is a key parameter regulated in the 5 GHz U-NII
band. Three transmit power levels are specified: 40 mW, 200 mW and 800 mW. The upper band defines RF transmit
power levels suitable for bridging applications while the lower band specifies a transmit power level suitable for short-
range indoor home and small office environments.
802.11a Non-overlapping Channel Frequency Ranges
Lower Band (5.15 - 5.25 GHz) – Maximum Output Power 40mW
• Channel 36 = 5.15 – 5.18
• Channel 40 = 5.18 – 5.20
• Channel 44 = 5.20 – 5.22
• Channel 48 = 5.22 – 5.25
Middle Band (5.25 - 5.35 GHz) – Maximum Output Power 200mW
• Channel 52 = 5.25 – 5.28
• Channel 56 = 5.28 – 5.30
34
• Channel 60 = 5.30 – 5.32
• Channel 64 = 5.32 – 5.35
Upper Band (5.725 - 5.825 GHz) – Maximum Output Power 800mW
• Channel 149 = 5.725 – 5.745
• Channel 153 = 5.745 – 5.765
• Channel 157 = 5.765 – 5.785
• Channel 161 = 5.785 – 5.805
• Channel 165 = 5.805 – 5.825
Special Atheros Turbo Mode Channels
*Use this setting only when both side of the wireless connection is using the Atheros chipset. The radio will combine 2
free channels for the wireless transmission to double the bandwidth.
• Channel 42 = 5.210
• Channel 50 = 5.250
• Channel 58 = 5.290
• Channel 152 = 5.760
• Channel 160 = 5.800
35
WDS (Wireless Distribution System)
Enable WDS
The Wireless Distribution System (Repeater) functionality enables this AP to support wireless traffic to other WDS relay
Access Points. In other words it is like bridging between the 2 access points in order to extend the reach of the
wireless network beyond that of a single AP. By enabling the WDS feature the coverage area of the wireless network is
thus extended for authenticated client devices that can roam from this Access Point to another. WDS can extend the
reach of your network into areas where cabling might be difficult. The TT900 in Access Point mode can support up to 6
other Access Points for WDS communication.
Enter the MAC Address of other Access Points in the area that you want to add to the WDS. The MAC Address of this
Access Point should be also be added to other access points in the same WDS network to enable intra-AP
communication.
* Please Consult Appendix E on page 54 for further information.
36
Security
37
WPA Configuration
Short for Wi-Fi Protected Access, WPA is a Wi-Fi standard that was designed to improve upon the security features of
WEP. WPA has the following improvements over WEP:
• Improved data encryption through temporal key integrity protocol (TKIP). TKIP scrambles the keys using a
hashing algorithm. By adding an integrity-checking feature, TKIP ensures that keys have not been tampered
with.
• User authentication through the Extensible Authentication Protocol (EAP). WEP regulates access to a wireless
network based on a computer’s hardware-specific MAC address, which is relatively simple to be sniffed out
and stolen. EAP is built on a more secure public-key encryption system to ensure that only authorized network
users can access the network.
WPA Enable
This option enables the WPA Authenticator. Note that any client that does not support the WPA standard will not be
able to handshake / authenticate with a WPA enabled device.
WPA Mode
• WPA
o Designed to secure present and future versions of IEEE 802.11 devices, WPA is a subset of the IEEE
802.11i specification. WPA addresses all known vulnerabilities in WEP. WPA also provides user
authentication, since WEP lacks any means of authentication. WPA replaces WEP with a strong new
encryption technology called Temporal Key Integrity Protocol (TKIP) with Message Integrity Check
(MIC). It also provides a scheme of mutual authentication using IEEE 802.1X/Extensible
Authentication Protocol (EAP) authentication or pre-shared key (PSK) technology. WPA was designed
and has been scrutinized by well-known cryptographers. It can be implemented immediately and
inexpensively as a software or firmware upgrade to most existing Wi-Fi CERTIFIED™ access points
and client devices with minimal degradation in network performance. WPA offers standards-based, Wi-
Fi CERTIFIED security. It assures users that the Wi-Fi CERTIFIED devices they buy will be cross-
vendor compatible. When properly installed, WPA provides a high level of assurance to enterprises,
small businesses and home users that data will remain protected and that only authorized users may
access their networks. For enterprises that have already deployed IEEE 802.1X authentication, WPA
offers the advantage of leveraging existing authentication databases and infrastructure.
• WPA2
o WPA2 is the second generation of WPA security; providing enterprise and consumer Wi-Fi® users with
a high level of assurance that only authorized users can access their wireless networks. Launched in
September 2004 by the Wi-Fi Alliance, WPA2 is the certified interoperable version of the full IEEE
802.11i specification which was ratified in June 2004. Like WPA, WPA2 supports IEEE 802.1X/EAP
authentication or PSK technology. It also includes a new advanced encryption mechanism using the
Counter-Mode/CBC-MAC Protocol (CCMP) called the Advanced Encryption Standard (AES). AES
satisfies U.S. government security requirements. It has been adopted as an official government
standard by the U.S. Department of Commerce and the National Institute of Standards and
Technology (NIST). Organizations that require the AES encryption available in WPA2 should be aware
that upgrading to it may require new hardware. Section II of this document offers a roadmap for
organizations planning to upgrade to WPA2. Considerations for its deployment are outlined in Section
III.
38
Cipher Type
• TKIP
o Temporal Key Integrity Protocol is an upgrade to the WEP known as WEP 1.1 that fixes known
security problems in WEP’s implementation of the RC4 stream cipher. TKIP scrambles the keys using
a hashing algorithm and by adding an integrity-checking feature, ensures that the keys haven’t been
tampered with.
• AES
o Advanced Encryption Standard (Rijndael Cypher) is the U.S. government's next-generation
cryptography algorithm, which will replace DES and 3DES. AES works at multiple network layers
simultaneously. AES Supports 128, 192 and 256 bit keys. Unlike the older standard, AES and 802.11i
(WEP version 2) are based on 32bit processing.
• TKIP and AES
o If clients support both the TKIP and AES standards then this would be the strongest cipher type to use
that combines both TKIP and AES security.
PSK
PSK stands for Pre-Shared-Key and serves as a password. User may key in 8 to 63 characters string to set the
password and activate 802.1x Authentication. Note that the same password must be used at both ends of the
communication link (access point and client end).
WPA Group Key Update Interval
The Group Key (Group Transient Key) is a shared key among all Supplicants connected to the same AP, and is used to
secure multicast/broadcast traffic. It is not used for normal unicast traffic. A pair wise Transient Key secures the unicast
traffic. Group Key renewal controls how often the Group Transient Key is changed. The Group Key renewal does not
control the update period for the pair wise Transient Key. The pair wise Transient Key is changed each time the
Supplicant authenticates or re-authenticates.
802.1X Configuration
Remote RADIUS server configuration settings. There are two sections to setup 2 RADIUS servers for the TT900 to
connect to. At any given time the TT900 will connect to one RADIUS server for authentication and will use the other
one as a backup if that option is configured.
802.1X enabled
Option that enables or disables remote RADIUS authentication.
Authentication timeout (mins)
The default value is 60(minutes). When the time expires, the device will re-authenticate with RADIUS server.
RADIUS server IP address
Enter the RADIUS server IP address.
RADIUS server port number
Port used for RADIUS, the port number must be the same as the RADIUS server‘s, normally the port is 1812.
39
RADIUS server shared secret
When registered with a RADIUS server, a password will be assigned. This would be the RADIUS server shared secret.
MAC Address Authentication
Use client MAC address for authentication with RAIDUS server.
WEP Configuration
Short for Wired Equivalent Privacy, a security protocol for wireless local area networks (WLANs) defined in the 802.11b
standard. WEP is designed to provide the same level of security as that of a wired LAN.
Enable WEP
To enable the WEP Authenticator
Default WEP key to use
• WEP Key 1-4
Select the key to be used as the default key. Data transmissions are always encrypted using the default key. The other
keys can only be used to decrypt received data.
Authentication
• Open - Open system authentication involves a two-step authentication transaction sequence. The first step in
the sequence is the identity assertion and request for authentication. The second step in the sequence is the
authentication result. If it is “successful”, the station shall be mutually authenticated. Open system
authentication does not provide authentication. It provides identification using the wireless adapter's MAC
address. Open system authentication is used when no authentication is required. It is the default
authentication algorithm.
Open system authentication uses the following process:
1. The authentication-initiating wireless client sends an IEEE 802.11 authentication management frame that contains
its identity.
2. The receiving wireless AP checks the initiating station's identity and sends back an authentication verification
frame.
3. With some wireless APs, you can configure the MAC addresses of allowed wireless clients. However, configuring
the MAC address does not provide sufficient security because the MAC address of a wireless client can be
spoofed.
• Shared Key - Shared key authentication supports authentication of stations as either a member of those who
know a shared secret key or a member of those who do not. Shared key authentication is not secure and is
not recommended for use. It verifies that an authentication-initiating station has knowledge of a shared secret.
This is similar to pre-shared key authentication for Internet Protocol security (IPSec). The 802.11 standard
currently assumes that the shared secret is delivered to the participating wireless clients by means of a more
secure channel that is independent of IEEE 802.11. In practice, a user manually types this secret for the
wireless AP and the wireless client.
40
Shared key authentication uses the following process:
6. The authentication-initiating wireless client sends a frame consisting of an identity assertion and a request
for authentication.
7. The authenticating wireless node responds to the authentication-initiating wireless node with challenge
text.
8. The authentication-initiating wireless node replies to the authenticating wireless node with the challenge
text that is encrypted using WEP and an encryption key that is derived from the shared key authentication
secret.
9. The authentication result is positive if the authenticating wireless node determines that the decrypted
challenge text matches the challenge text originally sent in the second frame. The authenticating wireless
node sends the authentication result.
10. Because the shared key authentication secret must be manually distributed and typed, this method of
authentication does not scale appropriately in large infrastructure network mode, such as corporate
campuses.
WEP key lengths
64 bit (10 Hex Digit)
WEP Key type Example
64-bit WEP with 5 characters
Key1= 2e3f4
Key2= 5y7js
Key3= 24fg7
Key4= 98jui
64-bit WEP with 10 hexadecimal digits
('0-9', 'A-F')
Key1= 123456789A
Key2= 23456789AB
Key3= 3456789ABC
Key4= 456789ABCD
128 bit (26 Hex Digit)
WEP Key type Example
128-bit WEP with 13 characters
Key1= 2e3f4w345ytre
Key2= 5y7jse8r4i038
Key3= 24fg70okx3fr7
Key4= 98jui2wss35u4
128-bit WEP with 26 hexadecimal digits
('0-9', 'A-F')
Key1= 112233445566778899AABBCDEF
Key2= 2233445566778899AABBCCDDEE
Key3= 3344556677889900AABBCCDDFF
Key4= 44556677889900AABBCCDDEEFF
41
Access
Access Control
Enable access control
If enabled, this feature allows you to associate up to 64 different units/devices by MAC addresses. Any MAC
addresses not programmed into the list will be prohibited from associating with this unit.
42
Admin
43
Device Name
Device Name
This is the name that the Access Point will use to identify itself to external configuration and IP address programs. This
is not the same as the SSID. It is okay to leave this blank if you are not using these programs.
SNMP Setting
SNMP enabled
Option to enable or disable SNMP support
Community
The SNMP Read-only Community string is like a user id or password that allows access to a router's or other device's
statistics. InterMapper sends the community string along with all SNMP requests. If the community string is correct, the
device responds with the requested information. If the community string is incorrect, the device simply discards the
request and does not respond.
Factory default setting for the read-only community string is set to "public". It is standard practice to change all the
community strings so that outsiders cannot access/read information about the internal network. (In addition, the
administrator may also employ firewalls to block any SNMP traffic to ports 161 and 162 on the internal network.)
Change this value to have InterMapper use the new string when querying SNMP devices.
IP Settings
IP Address Mode
• Static
o Manually setup a static IP address for this device.
• DHCP
o Set up the access point as a DHCP client which will pick up an IP from a DHCP server.
Default IP address
The default Access Point Mode IP address: 192.168.10.240
Default subnet mask
The factory subnet default value is 255.255.255.0
Default gateway
The factory gateway default address is 192.168.10.1
Security
This section is used to set up the administrative login name and password.
User name
This is the user name that you must type when logging into the web interface.
44
Administrator Password
This is the password that you must type when logging into the web interface. You must enter the same password into
both boxes for confirmation.
Syslog
Syslog Enabled
Option to enable or disable Syslog support.
Syslog Daemon Server
The Syslog server IP address input box.
Ping Watchdog Utility
Ping Watchdog Utility Enabled
If enabled, the Ping Watchdog utility tracks the TCP/IP link between this device and another remote destination at the
other end of the wireless link. When the remote destination is unreachable (loss of connection) the Ping Watchdog
Utility will reboot the unit in an attempt to re-establish the connection.
Destination IP address of the Ping Watchdog Utility
This is the IP address of the remote destination.
45
Intra-BSS traffic blocking
This option blocks clients in the same BSS from communicating with each other. (Layer 2 Isolation)
Device Control
This section has functions that will allow the TT900 to Reboot and Reset the system configuration to factory defaults.
Firmware Upgrade
This section allows the TT900 firmware to be upgraded or changed directly from the web interface. Click on the
Browse button to select a file from the host machine.
Register
The TT900 has implemented a hardware modification authorization process to prevent use by fraudulent hardware
from other manufacturers. This will require any hardware change on the radio card used on the TT900 to input a serial
code generated based on each unique MAC address. Please contact Teletronics Support to a pickup a valid serial
number to deactivate the pre-registration protection after a radio card swap. If the unit is not registered some features
such as SSID and Wireless Channel selection will be disabled.
46
Advanced
Advanced Wireless
Fragmentation threshold
Fragmentation Threshold is the maximum length of the frame beyond which payload must be broken up (fragmented)
into two or more frames. Collisions occur more often for long frames because sending them occupies the channel for a
longer period of time, increasing the chance that another station will transmit and cause collision. Reducing
Fragmentation Threshold results in shorter frames that "busy" the channel for shorter periods, reducing packet error
rate and resulting retransmissions. However, shorter frames also increase overhead, degrading maximum possible
throughput, so adjusting this parameter means striking a good balance between error rate and throughput.
RTS threshold
RTS Threshold is the frame size above which an RTS/CTS handshake will be performed before attempting to transmit.
RTS/CTS asks for permission to transmit to reduce collisions but adds considerable overhead. Disabling RTS/CTS can
reduce overhead and latency in WLANs where all stations are close together but can increase collisions and degrade
performance in WLANs where stations are far apart and unable to sense each other to avoid collisions (aka Hidden
Nodes). If you are experiencing excessive collisions you can try turning RTS/CTS on or (if already on) reduce
RTS/CTS Threshold on the affected stations.
47
Burst time
Maximum burst time is a feature based on the PRISM Nitro; a new WLAN software solution that more than triples
802.11g throughput in a mixed-mode environment and offers up to 50 percent greater throughput performance in
802.11g-only networks. PRISM Nitro is fully IEEE 802.11 compliant and uses prioritization algorithms and enhanced
protection mechanisms to significantly increase wireless networking performance.The recommended value for the
maximum burst time for 11b or the mixed 11b/g environment is 650. The 11g only mode uses the value 1400.
Beacon Period
In wireless networking, a beacon is a packet sent by a connected device to inform other devices of its presence and
readiness. When a wirelessly networked device sends a beacon, it includes with it a beacon interval which specifies
the period of time before it will send the beacon again. The interval tells receiving devices on the network how long
they can wait in low-power mode before waking up to handle the beacon. Network managers can adjust the beacon
interval, usually measured in milliseconds (ms) or its equivalent, kilo microseconds (Kμsec).
DTIM interval
A Delivery Traffic Indication Message (DTIM) is a signal sent as part of a beacon by an access point to a client device
in sleep mode, alerting the device to a packet awaiting delivery. A DTIM interval, also known as a Data Beacon Rate, is
the frequency at which an access point's beacon will include a DTIM. This frequency is usually measured in
milliseconds (ms) or its equivalent, kilo microseconds (Kμsec).
802.11d
802.11d is a wireless network communications specification for use in countries where systems using other standards
in the 802.11 family are not allowed to operate. The 802.11d specification is well suited for systems that want to
provide global roaming.
ACK Timeout
48
When a packet is sent out from 802.11 Station A it will then wait for an 'ACKnowledgement frame' from 802.11 Station
B. Station A will only wait for a certain amount of time (ACK timeout) or ACK window. If the ACK is NOT received within
that timeout period then the packet will be re-transmitted from Station A resulting in reduced throughput. When sending
lots of packets as in 802.11g and 802.11a the constant re-transmission could cost severe performance degradation
due to the ACK frame not making it back to 802.11 Station A in time. This will have a dramatic impact on the throughput
of the link regardless of signal strength or good receiver sensitivity.
Antenna Selection
* Please refer to Appendix G on page 58 for further information.
49
Appendix A: Warranty Policy
Limited Warranty
All Teletronics’ products are warranted to the original purchaser to be free from defects in materials and workmanship
under normal installation, use, and service for a period of one (1) year from the date of purchase.
Under this warranty, Teletronics International Inc. shall repair or replace (at its discretion) during the warranty period,
any part that proves to be defective in material of workmanship under normal installation, use and service, provided the
product is returned to Teletronics International Inc. or to one of its distributors with transportation charges prepaid.
Returned products must include a copy of the purchase receipt. In the absence of a purchase receipt, the warranty
period shall be one (1) year from the date of manufacture.
This warranty shall be voided if the product is damaged as a result of defacement, misuse, abuse, neglect, accident,
destruction or alteration of the serial number, improper electrical voltages or currents, repair, alteration or maintenance
by any person or party other than a Teletronics International, Inc. employee or authorized service facility, or any use in
violation of instructions furnished by Teletronics International, Inc.
This warranty is also rendered invalid if this product is removed from the country in which it was purchased, if it is used
in a country in which it is not registered for use, or if it is used in a country for which it was not designed. Due to
variations in communications laws, this product may be illegal for use in some countries. Teletronics International, Inc.
assumes no responsibility for damages or penalties incurred resulting from the use of this product in a manner or
location other than that for which it is intended.
IN NO EVENT SHALL TELETRONICS INTERNATIONAL, INC. BE LIABLE FOR ANY SPECIAL, INCIDENTAL OR
CONSEQUENTIAL DAMAGES FOR BREACH OF THIS OR ANY OTHER WARRANTY, EXPRESSED OR IMPLIED,
WHATSOEVER.
Some states do not allow the exclusion or limitation of special, incidental or consequential damages, so the above
exclusion or limitation may not apply to you.
This warranty gives you specific legal rights, and you may also have other rights that vary from state to state.
50
Appendix B: RMA Policy
Product Return Policy
It is important to us that all Teletronics’ products are bought with full confidence. If you are not 100% satisfied with any
product purchased from Teletronics you may receive a prompt replacement or refund subject to the terms and
conditions outlined below.
IMPORTANT: Before returning any item for credit or under warranty repair, you must obtain a Return Merchandise
Authorization (RMA) number by filling out the RMA form. Products will not be accepted without an RMA number. All
products being shipped to Teletronics for repair / refund / exchange must be freight prepaid (customer pays for
shipping). For all under warranty repair/replacement, Teletronics standard warranty applies.
30-Day full refund or credit policy:
1. Product was purchased from Teletronics no more than 30 day prior to the return request.
2. All shipping charges associated with returned items are non-refundable.
3. Products are returned in their original condition along with any associated packaging, accessories, mounting
hardware and manuals. Any discrepancy could result in a delay or partial forfeiture of your credit.
Unfortunately Teletronics cannot issue credits for:
1. Products not purchased from Teletronics directly. If you purchased from a reseller or distributor you must contact
them directly for return instructions.
2. Damaged items as a result of misuse, neglect or improper environmental conditions.
3. Products purchased directly from Teletronics more than 30 days prior to a product return request.
To return any product under 1 year warranty for repair/replacement, follow the RMA procedure.
51
Appendix C: Regulatory Information
Statement of Conditions
We may make improvements or changes in the product described in this documentation at any time. The information
regarding the product in this manual are subject to change without notice.
We assume no responsibility for errors contained herein or for direct, indirect, special, incidental, or consequential
damages with the furnishing, performance or use of this manual or equipment supplied with it, even if the suppliers
have been advised of the possibility of such damages.
Electronic Emission Notices
This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions:
(1) This device may not cause harmful interference.
(2) This device must accept any interference received, including interference that may cause undesired operation.
FCC Information
The Federal Communication Commission Radio Frequency Interference Statement includes the following paragraph:
The equipment has been tested and found to comply with the limits for a Class B Digital Device, pursuant to part 15 of
the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential
installation. This equipment generates, uses and can radiate radio frequency energy and if not installed and used in
accordance with instructions, may cause harmful interference to radio communication. However, there is no guarantee
that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or
television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to
overcome the interference by one or more of the following measures:
- Reorient or relocate the receiving antenna.
- Increase the separation between the equipment and receiver.
- Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
- Consult the dealer or an experienced radio/TV technician for help.
- The equipment is for home or office use.
Important Note
FCC RF Radiation Exposure Statement: This equipment complies with FCC RF radiation exposure limits set forth for
an uncontrolled environment. This equipment should be installed and operated with a minimum distance of 20cm
between the antenna and your body and must not be co-located or operated in conjunction with any other antenna or
transmitter.
Caution: Changes or modifications not expressly approved by the party responsible for compliance could void the
user's authority to operate the equipment.
R&TTE Compliance Statement
This equipment complies with all the requirements of the Directive 1999/5/EC of the European Parliament and the
Council of 9 March 1999 on radio equipment and telecommunication terminal equipment (R&TTE)and the mutual
recognition of their conformity. The R&TTE Directive repeals and replaces in the directive 98/13/EEC. As of April 8,
2000.
European Union CE Marking and Compliance Notices
Products intended for sale within the European Union are marked, which indicates compliance with the applicable
directives identified below. This equipment also carries the Class 2 identifier.
52
With the Conformité Européene (CE) and European standards and amendments, we declare that the equipment
described in this document is in conformance with the essential requirements of the European Council Directives,
standards and other normative documents listed below:
73/23/EEC Safety of the User (article 3.1.a)
89/336/EEC Electromagnetic Compatibility (article 3.1.b)
1999/5/EC (R&TTE) Radio and Telecommunications Terminal Equipment Directive.
EN 60950 2000 Safety of Information Technology Equipment, Including Electrical Business Equipment.
EN 300 328 V1.4.1(2003) Electromagnetic compatibility and Radio spectrum Matters (ERM); Wideband Transmission
systems;Data transmission equipment operating in the 2,4 GHz ISM band and using spread spectrum modulation
techniques;Harmonized EN covering essential requirements under article 3.2 of the R&TTE Directive.
EN 301 489-1, V1.4.1(2002); EN 301 489-17, V1.2.1(2002) – Electromagnetic compatibility and radio spectrum
matters (ERM); electromagnetic compatibility (EMC) standard for radio equipment and services: Part 1: Common
technical requirements; Part 17: Part 17: Specific conditions for 2,4 GHz wideband transmission systems and5 GHz
high performance RLAN equipment
Warning: According to ERC/REC 70-30 appendix 3 National Restrictions, annex 3 Band A “RLANs and HIPERLANs.”
See list of 802.11b/g restrictions for specific countries under the heading “European Economic Area Restrictions” as
below.
English
This product follows the provisions of the European Directive 1999/5/EC.
Danish
Dette produkt er i overensstemmelse med det europæiske direktiv 1999/5/EF
Dutch
Dit product is in navolging van de bepalingen van Europees Directief 1999/5/EC.
Finnish
Tämä tuote noudattaa EU-direktiivin 1999/5/EY määräyksiä.
French
Ce produit est conforme aux exigences de la Directive Européenne 1999/5/CE.
53
Appendix D: Contact Information
Need to contact Teletronics?
Visit us online for information on the latest products and updates to your existing products at:
http://www.teletronics.com
Can't find information about a product you want to buy on the web? Do you want to know more about networking with
Teletronics products?
Give us a call at: 301-309-8500 or fax your request to: 301-309-8551
For technical support issues you can e-mail us at: support@teletronics.com
If any Teletronics product proves defective during its warranty period, you can email the Teletronics Return
Merchandise Authorization department to obtain a Return Authorization Number at: rma@teletronics.com
(Details on Warranty and RMA issues can be found in Appendix A and B)
54
Appendix E: WDS Explained
One of the requirements for a WDS network is that the operational frequency channel on all the APs must be the
same. This is one of the reasons why there is a huge bandwidth penalty when setting up a wireless network in WDS
mode.
How to properly configure your APs in a WDS network will foremost depend on the locations of your wireless hotspots.
Please take a look at the following two WDS topology examples:
WDS in a Star Configuration:
This is the mode to use if you’re expanding the hotspots in the area around your master AP that is connected to the
WAN. What you’ll need to do is enable WDS and ACL on all the APs. Then input each of the MAC addresses of Slave
A,B,C into the Master AP under both the WDS and ACL section. For the Slave APs A,B,C you’ll input only the MAC
address of the Master AP into the WDS and ACL list to limit them to direct their traffic through the Master AP only.
55
WDS in Chain Configuration:
In this configuration setup example you’ll be expanding your wireless network coverage that will span an area in
length.
• AP A will have only AP B’s MAC address in its WDS and ACL configuration setting.
• AP B will have AP A and C’s MAC address in its WDS and ACL configuration setting.
• AP C will have AP B and D’s MAC address in its WDS and ACL configuration setting.
• AP D will have only AP C’s MAC address in its WDS and ACL configuration setting.
56
Appendix F: TT900 Upgrade FAQ
How to upgrade?
The TT900 could be upgraded either through the web interface or from EZ-Manager. Please check Web Configuration
Interface and Installation sections of this manual for detailed instructions.
Do I need an Activation Key after flashing with a newer firmware, 3.7.x or higher?
No. All the TT900 units shipped from Teletronics are already activated. Since Firmware 3.1.7X and 3.7.X or higher,
Teletronics has now removed the necessary step to provide an activation key to change from SU to AP and vice versa
in our TT900 product line. For example, if you have a TT900 in SU mode with 3.6.0 firmware, the activation key is not
required if you upgrade to either 3.7.0 (SU mode) or 3.7.1 (AP mode), or later.
Do I need an Activation Key after flashing with an older firmware, 3.6.x or lower?
You might need an activation key for older firmware. Please check the upgrade guide released with the older firmware.
Do I need an Activation Key after swapping out with another radio card?
Yes, if the radio card is swapped out with another card an activation key will still be required. This rule will apply to all
radio cards swapped out with a different MAC address from the original card.
Which firmware to upgrade?
Currently there are two PCB Hardware revisions V3.0 and V5.0.0, both have 4MB Flash on the board. However the old
firmware 3.1.x released for our first batch back in year 2005 utilized 2MB flash only, while the firmware 3.2.x (or above)
utilized the whole 4MB flash.
The firmware revision 3.1.X and 3.2.X (or above) are not interchangeable due to the different flash size utilization. If
you received boards by default with firmware 3.1.X then you have the 2M version. If you received boards by default
with firmware 3.2.X or above then you have the 4M version. If you were to upgrade a 4M unit with a 2M firmware the
unit will show no change after the flashing process.
For each release, we publish 2 series of firmware, one for 2M version and one for 4M version. Function and
performance wise, there’s no difference between these two. So the customer with 2M version will continue to enjoy the
latest feature upgrades and bug fixes. For instance, 3.1.70 is the 2M version, while the counterpart 4M version is 3.7.0.
What does the prefixed Alphabet mean from version 3.9.x or later?
You probably notice the new version name changed to Cx.x.x since C3.9.0 and C3.9.1. The prefix “C” means the
firmware is to be upgraded on hardware revisions V3.0 and V5.0.0. In the future, we’ll use prefix “D” for our next
hardware revision to distinguish between hardware revisions.
Important: Activation Key might be needed when upgrading to a higher firmware version. Check the key requirement
chart below and get the activation key first before proceeding with the firmware upgrade.
Do I need an Activation Key for new firmware?
Please check the key requirement chart.
How to get the activation key?
Please use our online help desk to submit a key request ticket. You may need to include the following information:
1. Purchase Number
2. Purchase Date
3. Serial No
4. MAC Address
5. Current Firmware version
6. Firmware version to be upgraded
Or you may send all activation key requests to: keyrequest@teletronics.com. All you have to provide in the email will
be the model of the unit and the MAC address.
Is there a fee for the activation key?
Right now, we don’t charge our customer for firmware upgrade, or switching between AP and SU/Bridge mode.
57
Will upgrade keep my previous configuration?
Although the upgrade might keep your previous configuration, we suggest customer to reset the unit to factory default
located in “admin” section and configure it again.