IWP-2000-68 User`s Manual
Contents
1. subtree Sub Tree the OID value For example 1 3 6 1 2 1 ndex V Ne Include Sub Tree z 1 mit o include 1 3 6 1 2 1 M 2 generice nclude v 1 3 6 1 4 1 5205 3 Oooo e Include D4 Include w 5 nclude O16 include v ae Include O8 nclude v 09 S nclude v OO 10 OC Include v DT Include w O12 Include wi oO 13 nclude w DO 14 nclude O15 Include vi D 16 Include v al izi hclude w Figure 3 10 35 Access 226 The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any v1 v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View tabl2. Enable Contact Contact me Location I am_here V1NV2C Index Access Right Community 1 Deny be 2 Deny 3 Deny ki 4 Deny Wi 5 Deny x V3 Index User ID Security Level soti Auth Passphrase dize Priv Passphrase Bade i AuthPriv w mp5 DES unused w 2 AuthPriv v MD5 DES unused ai AuthPriv mos DES unused v a AuthPriv mD5 DES v unused Hm E AuthPriv vi MDS x s unused Figure 3 2 27 29 3 2 5 2 VACM Setting User can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points e When processing retrieval request messages from the SNMP manager e When processing modification request messages from the SNMP manager e When notification messages must be sent to the SNMP manager The following tokens for VACM access security that user can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options User can use this token to give SNMPv3 security privileges to SNMPvi and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network
3. i BF BRI 13 BLA RR ERK Figure 3 2 29 gt Access The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any v1 v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table 31 d v Security Model Security Level Write l y 1 generic v any vi NoAuthNoPriv generic y generic generic 2 genericusm usm vi AuthPriv k all x all bal all v 3 generic v any vi NoAuthNoPriv v all j all v al
4. Disable Disable 0 1 v 2 Disable x 3 v 4 Oo genericra 3 NoAuthNoPriv O1 genericro f 3 E NoAuthNoPriv 2 genericro v f i NoAuthNoPriv w o3 genericro Y a l A NoAuthNoPriv D4 genericro Yi NoAuthNoPriv Figure 3 5 34 gt Trap Items Enable Disable which trap items to send Trap Items Cold Start ODisable Enable Warm Start ODisable Q Enable Link Up ODisable Enable Link Down ODisable Enable Auth Fail ODisable Q Enable Log In ODisable Enable Figure 3 5 35 3 5 7 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Ping IP Count 3 Disable Enable Figure 3 5 36 3 5 8 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 5 37 105 3 6 VLAN AP Mode To set this device as a VLAN AP Each AP bridge SSID has its own VLAN ID the setting and functions as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System time Reboot V LAN e LAN settings V WIRELESS e WIFI athO Setting WIFI athi Setting WIFI ath2 Setting WIFI ath3 Setting WIFI ath4 Setting WIFI ath5 Setting WIF
5. Disable Do genericro l i NoAuthNoPriv 01 geneticro l NoAuthNoPriv 02 genericro i i NoAuthNoPriv 3 genericro j B p NoAuthNoPriv vl D4 genericro NoAuthNoPriv w Figure 3 9 42 Trap Items Enable Disable which trap items to send Cold Start ODisable Enable Warm Start ODisable Enable Link Up ODisable Enable Link Down ODisable Enable Auth Fail ODisable Enable Log In ODisable Enable Figure 3 9 43 3 9 8 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Command Ping Ping IP Count 3 Disable Enable Figure 3 9 44 3 9 9 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 9 45 202 3 10 AODV_AP Mode To set this device as a MESH device the setting and functions as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Concrol WIFI Status Log System time Reboot V WAN e WAN Settings e Bandwidth Management V LAN e EthO settings e AP WLAN Settings e MESH WLAN Settings V MESH e AODV ADMIN V WIRELESS e WIFI AP Setting e WIFI MESH Setting V FILTER e IP Filtering e MAC Filtering V SNMP e Basic Setting e VACM Settin
6. Figure 3 7 26 3 7 5 SNMP The IWP 2000 68 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 7 5 1 Basic Setting SNMP Agent Check the lt Enable gt check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants Lantech Wireless View to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location It is used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s SNMP community settings on this screen Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the name of community for the SNMP manager SNMP Community provides a simple protection by using the community name to control the access to the SNMP The 142 community name can be thought of as a password If user don t have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community v3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and
7. MAC address table Item MAC address Ex 22 22 22 22 22 22 MAC address 1 Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 l Delete MAC address 14 Delete MAC address 15 Delete Figure 3 10 32 3 10 7 SNMP The IWP 2000 68 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 10 7 1 Basic Setting SNMP Agent Check the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants Lantech Wireless View to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location It is used to define the location of the host on which the SNMP agent is running 223 V1 V2C User can change user s SNMP community settings on this screen Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the name of community for the
8. 82 SNMP Trap Trap Active GDisable Enable vl v2c Trap Version 192 1168 Mk 121 4162 public Disable w Disable w 0 1 2 Disable 3 4 Disable Do genericro v NoAuthNoPriv DI genericro NoAuthNoPriv 2 genericro NoAuthNoPriv 03 genericro NoAuthNoPri w O4 genericro NoAuthNoPriv v Figure 3 4 40 gt Trap Items Enable Disable which trap items to send Trap Items Cold Start ODisable Enable Warm Start ODisable Enable Link Up O Disable Enable Link Down ODisable Enable Auth Fail ODisable Enable Log In ODisable Enable Figure 3 4 41 3 4 7 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Command Ping Ping IP Count 3 Disable Enable Figure 3 4 42 3 4 8 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 4 43 83 3 5 CB CB Route Mode CB CB Route mode is to set this device as a router device with two CBs Station mode For example one CB connects to an Internet Provider s AP for WAN connection another CB connects to the intranet s AP The setting and functions list as
9. Dual WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 4 1 3 4 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 4 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a v z A Z or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese Model OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To set this device asa router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID AP_WDS_BRG To set this device as a WDS device with AP function AP4_WDS_BRG To set this device as WDS device with AP function and support up to 4 SSID 59 Administrator Settings Device Name Name IWP 20
10. Model Select OLSR_AP AODV_AP O AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP AP_WDS_BRG AP4 WDS BRG Password Settings Current Password li Password 3 12 Characters Re type Password idle Time Out 30 1 999 minutes Enable C If enabled only the following PC can manage this AP IP Address i Threshold 15 5 25 Mb sec Figure 3 3 2 gt Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout 35 Remote Management User can enable disable the management of the Access Point from a remote host Just tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by Lantech Wireless View Lantech Wireless View will monitor the WIFI loading when the loading is over this value Lantech Wireless View will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 3 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 3
11. generic v any NoAuthNoPriv vo all Figure 3 3 37 all vi all v 3 3 5 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system gt SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address amp Port The IP and Port of a device to receive traps Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoPriv AuthPriv 56 SNMP Trap Trap Active GDisable O Enable vl v2c Trap 0 Version 1 192 168 Ji 21 4162 public 1 Disable 2 Disable 3 Disable 4 Disable v3 Trap Index jo genericro 3 4 a NoAuthNoPriv 01 genericro e r E NoAuthNoPriv 2 genericra i y 4 NoAuthNoPriv v o3 genericro v LM E W NoAuthNoPriv w D4 genericro NoAuthNoPriv w Figure 3 3 38 Trap Items Enable Disable which trap items to send Trap Items Co
12. 1 L Subnet Mask 255 255 255 0 Gateway Address 192 168 J 254 STP RSTP Disable wi Bridge Priority 15 STP 0 65535 RSTP 0 15 Hello Time 2 1 10 second Forwarding Delay 15 4 30 second Max Age 20 K6 40 second Cost 18 0 2 10 8 Priority 1 Port eth0 Port eth1 Port ath3 Port ath4 Port ath5 Port ath6 Port ath7 PtoP auto v Edge no v STP 0 255 RSTP 0 15 Cost 19 0 2 10 8 Priority 1 STP 0 255 RSTP 0 15 PtoP auto vi Edge no w Cost 2300000 0 2 10 8 Priority 5 PtoP auto vi Edge no vw Cost 2400000 0 2 1048 Priority 6 PtoP auto Edge no v Cost 2500000 0 2 10 8 Priority 7 PtoP auto v Edge no y Cost 2600000 _ 0 2 10 8 Priority8 PtoP auto vi e no vw Cost 2700000 0 2 10 8 Priority 9 PtoP auto vi Edge no v Figure 3 3 20 43 STP 0 255 RSTP 0 15 STP 0 255 RSTP 0 15 STP 0 255 RSTP 0 15 STP 0 255 RSTP 0 15 STP 0 255 RSTP 0 15 En 3 3 3 Wireless User can set the wireless related setting here Dual WLAN Device Wireless l You can set the wireless releated setting here Rogue 4p Scan WIFI ath3 Setting WIFI ath4 Setting WIFI ath5 Setting WIFI ath6 Setting WIFI ath7 Setting Figure 3 3 21 3 3 3 1 Rogue AP Scan Rogue Enable Check the radio box in front of Enable to enable the Rogue AP detection and Press Add or Del button to apply Allow AP
13. 3 6 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control LAN Port of eth1 AP WIFI 1 Status AP WIFI 2 Status 111 Current Firmware Version IWP 2000 68 v0 1 8 Device Name IWP 2000 68 System Model VLAN AP System Time Wed Nov 3 01 09 12 2010 eth0 PoE Disabled IP Address 192 168 1 1 Mask 255 255 255 0 MODE 802 11 a COUNTRY North_America_Area ssiD A2_AP4 Security Disabled Figure 3 6 11 3 6 1 5 Power Control Status In this page user can enable the ethO port to provide PoE power and data forwarding function Power Control Status PoE Power Control etho port OEnable Disable Figure 3 6 12 112 3 6 1 6 WIFI Status In this page user could see the WIFI information of this device such as Interface information Security information Associated AP Station WIFI Status EE Ea E WIFI Interfaces ath0 ath4 IEEE 802 11bg ESSID A1 APO Nickname Mode Master Frequency 2 452 GHz Access Point 00 40 C7 FB 00 F8 Bit Rate 0 kb s Tx Power 16 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 0 70 Signal level 96 dBm Noise level 96 dBm Rx invalid nwid 979 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Mode Disable Associated AP Station End of Status Figure 3 6 13 3 6 1 7 Log In
14. Apr 13 00 00 00 IWP 2000 68 user info Tue Apr 13 00 00 00 UTC 2010 Apr 13 00 00 05 IwWP 2000 68 user info Terminated Apr 13 00 00 03 IWP 2000 68 user info Killed Apr 13 00 00 03 IwWP 2000 68 user info Terminated Apr 13 00 00 00 IWP 2000 688 tuser info kernel brO port 1 ethl transitioning to FORWARDING s Apr 13 00 00 00 IWP 2000 68 user info kernel brO port 2 ethO transitioning to FORWARDING s Apr 13 00 00 00 IWP 2000 68 user info kernel brO port 3 ath0O transitioning to FORWARDING s Apr 13 00 00 00 IWP 2000 688 user info kernel brO port 4 ath4 transitioning to FORWARDING s Apr 13 00 00 00 IWP 2000 68 user info kernel brO port 1 ethl transitioning to LEARNING sta Apr 13 00 00 00 IwP 2000 68 user info kernel brO port 2 eth0 transitioning to LEARNING sta Apr 13 00 00 00 IwP 2000 68 user info kernel brO port 3 ath0 transitioning to LEARNING sta lt gt Figure 3 2 15 v 3 2 1 9 System time gt Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is synchronize with an Internet Time Server gt Manual Setting User can manually enter the Year Month Day and Hour Minute Second gt Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Time Update for Every User can set time update interval by enter the d
15. Disable CWmin 15 v CWMax 1023 v AIFS 7 1 255 STA Tx Background Pann a i TXOP 1 1 255 x32ms ACM OEnable Disable CWmin 7 v CWMax 7 y AIFS 1 1 255 STA Tx Video f ED TXOP 47 1 255 x32ms ACM OEnable Disable CWmin 7 CWMax 15 vw AIFS 1 1 255 STA Tx Voice ko TXOP 94 1 255 x32ms ACM OEnable Disable Figure 3 2 25 3 2 4 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 2 4 1 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario gt General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those interfaces PCs with MAC address in the MAC address table can access this AP Reject All PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table 27 MAC address filtering Filtering type Disable MAC address table Item MAC address Ex 22 22 22 22 22 22 M
16. Firmware Update Current Firmware information Version WWP 2000 68 vO 1 4 Date 2010 04 13 Using TFTP NEXT Using WEB Using FTP Figure 3 8 3 Using TFTP On any computer in the network oracompute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal be
17. 000 00 0 0 0 6 0 0 0 5 000 000 00 This table displays the topology information that mesh system has gathered from LQ TC messages It states which nodes in the network report links to which other nodes and what quality does these links have This table has the following columns Destination IP The node to which the source node reports the link LQ link quality The quality of the link as determined by the source node For the source node this is the Link Quality For the destination node this is the Neighbor Link Quality ILQ inverse link quality The quality of the link as determined by the destination node For the source node this is the Neighbor Link Quality For the destination node this is the Link Quality ETX The ETX value for this link calculated by ETX 1 ILQ x LQ Dual WLAN Device Ay Local IP Remote IP finkQuality lost total NLQ ETX 192 168 2 4 192 168 2 3 125 a 10 0 00 0 00 192 168 2 4 192 168 2 5 125 0 10 0 67 1 20 Local IP SYM MPR MPRS Willingness 2 Hop Neighbors 192 168 2 3 YES YES YES 7 192 168 2 5 192 168 2 5 YES YES YES 7 192 168 2 3 Destination IP Last Hop IP LQ ILQ EXT 192 168 2 4 192 168 2 3 0 24 0 00 0 00 192 168 2 4 0 24 0 83 495 192 168 2 3 192 168 2 5 0 24 0 24 16 92 192 168 24 0 24 0 83 495 Figure 3 9 25 3 9 5 Wireless User can set the wireless related setting here 189 Dual WLAN Device Wireless You can set the wireless releated setting here WIFI AP Setting WIFI
18. Apr 13 00 15 04 MvP 2000 68 Apr 13 00 15 04 MyP 2000 68 Apr 13 00 15 01 MvP 2000 68 Apr 13 00 15 01 MvP 2000 68 Apr 13 00 15 01 IWP 2000 68 Apr 13 00 14 04 MP 2000 68 Apr 13 00 14 04 IWP 2000 68 Apr 13 00 14 04 IWP 2000 68 Apr 13 00 14 01 IWP 2000 68 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avani daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avani daemon 2838 daemon info avahi daemon 2638 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avani daemon 2838 Figure 3 4 3 4 1 8 System time Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is synchronize with an Internet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute Second Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Registering new address record for New relevant interface ath3 IPv4 fo Joining mDNS multicast group on int Withdrawing address record for 192 Leaving mDNS multicast group on int Interface ath3
19. Enable Disable which trap items to send 32 Trap Items Cold Start ODisable Enable Warm Start ODisable Enable Link Up ODisable Enable Link Down O Disable Enable Auth Fail O Disable Enable Login Disable Enable Figure 3 2 32 3 2 6 Tools gt Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Ping IP Count 3 Q Disable Enable Figure 3 2 33 3 2 7 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 2 34 3 3 AP CB Bridge Mode AP CB Bridge mode is to set this device as an AP and Client Bridge device the setting and functions as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control Bridge Status WIFI Status Log System time Reboot V LAN e Bridge LAN settings V WIRELESS Rogue AP Scan WIFI ath3 Setting WIFI ath4 Setting WIFI ath5 Setting WIFI ath6 Setting WIFI ath7 Setting V FILTER e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 3 3 1 System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control Bridge Status WIFI Status Log System Time and Reboot screen as shown in Figure 3 3 1 Dual WLAN Device System Setting This page includes all the basic con
20. Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFIP FTP TFTP or FTP Server IP L L Firmware Filename in server configs tar FTP Username FTP Password Figure 3 9 10 3 9 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control WAN Port OLSR Status eht0O LAN Port MESH WIFI Status AP WIFI 2 Status 179 Current Firmware Version IWP 2000 63 v0 1 8 Device Name IwP 2000 68 System Model OLSR AP System Time Wed Nov 3 00 57 39 2010 eth0 PoE Disabled IP Address 192 168 1 1 MAC Address 00 40 cf 00 00 22 Mask 255 255 255 0 Gateway NA DHCP Disabled OLSR Actived IP Address 192 168 0 1 MAC Address 00 40 cf00 00 33 Mask 255 255 255 0 DHCP Disabled MODE 802 11 a COUNTRY North_America_Area IP Address 192 168 2 1 MAC Address 00 26 48 00 0e df Mask 255 255 255 0 DHCP Disabled ssiD Al_APO Security Disabled MODE 802 11 a COUNTRY North_America_Area IP Address 192 168 24 1 MAC Address 00 40 c7 fb 00 f8 Mask 255 255 255 0 DHCP Disabled SSID A2_AP4 Security Disabled Figure 3 9 11 3 9 1 5 Power Control In this page user can enable the ethO port to provide PoE power and data forwarding function Power Control Status PoE Power Control etho port OEnable Disable Figure 3 9 12 180 3 9 1 6 WIFI Statu
21. Second 91 Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Time Update for Every User can set time update interval by enter the days hours and minutes Time Setting Saig by W Eh aten il ane Seye Current System Time Tue Apr 13 00 44 23 UTC 2010 Manual Setting Year Month Day 2010 4 13 C ear 1900 2037 Hour Minute Second loo jo0 s 00 Hours from GMT 8 Y Hours Server IP 140 142 16 34 Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every o days 0 31 0 hours 0 23 10 _ minites 0 59 Figure 3 5 16 3 5 1 9 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the lt Reboot gt button and click on lt OK gt on pop up screen to confirm user s decision Reboot Access Point After you change the setting or in the event that the Access Point stops responding correctly or or in some way stops functioning you can perform a Reboot To perform the Reboot click on the Reboot button below You will be asked to confirm your decision Figure 3 5 17 3 5 2 WAN Configuration 3 5 2 1 WAN Settings This function is to establish a
22. Static option the IP address should be entered in Network IP Parameters and DHCP option the IP address will be assigned from other DHCP server Network IP Parameters User can change the network settings of this device from LAN Configuration it is including IP address Subnet mask and Gateway address Bridge STP Setting User can also set the Bridge STP setting in this page STP RSTP Disable the bridge STP or set the bridge mode as STP or RSTP mode Bridge Priority Set the priority value of the bridge The priority value is a number between O and 65535 The bridge with the 21 lowest priority will be elected root bridge Hello Time Set the bridge s bridge hello time value seconds Forwarding Delay Set the bridge s bridge forward delay value seconds Max Age Set the bridge s maximum message age value seconds Port Cost Set the port cost of the port Port Priority Set the port priority of the port interface It is used in the designated port and root port selection algorithms Pto P If a bridge port is operating in full duplex mode than the port is functioning as point to point The available options are auto true or false By default it is set to auto Edge If a port is operating in half duplex mode and is not connected to any further bridges participating in STP or RSTP then the port is an edge port The available options are yes or no By default it is set to no LAN Setting IP Au
23. The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table Security Model Security Level _ Read Write Notify generic v any NoAuthNoPriv generic w generic generic genericusm Y usm AuthPriv vi all all v all generic v any NoAuthNoPriv all v v v Nj all j all bi generic v any M NoAuthNoPriv all all M jall v v v generic v any NoAuthNoPriv all Figure 3 2 29 all all 3 6 5 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system gt SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address 8 Port The IP and Port of a device to receive traps 124 Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoP
24. User will see the screen shown in Figure 3 4 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of the firmware Firmware Update Current Firmware information Version IWP 2000 68 w0 1 4 Date 2010 04 13 Using TFTP NEXT Using WEB NEXT Using FTP Figure 3 4 3 Using TFTP On any computer in the network oracompute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user nam
25. WPA2 WPAZ is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal WPA MODE WPA amp WPA2 Share Key 123456789 we 8 63 characters WPA Encryption Auto vi Group Key Update Interval 600 80 65535 Figure 3 2 23 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here SSID Security Mode Authentication WPA enterprise Y WPA MODE a Share Key 8 63 characters WPA Encryption Group Key Update Interval 600 30 65535 802 1x Primary Radius Server AuthenticatoinServer 192 168 1 1 lso isi Shared Secret secret Backup Radius Server Optional Authenticatoin Server L L L El Shared Secret Figure 3 2 24 25 Qos WMM Enable disable W
26. and DHCP option the IP address will be assigned from other DHCP server Network IP Parameters 42 User can change the network settings of this device from LAN Configuration it is including IP address Subnet mask and Gateway address Bridge STP Setting User can also set the Bridge STP setting in this page STP RSTP Disable the bridge STP or set the bridge mode as STP or RSTP mode Bridge Priority Set the priority value of the bridge The priority value is a number between O and 65535 The bridge with the lowest priority will be elected root bridge Hello Time Set the bridge s bridge hello time value seconds Forwarding Delay Set the bridge s bridge forward delay value seconds Max Age Set the bridge s maximum message age value seconds Port Cost Set the port cost of the port Port Priority Set the port priority of the port interface It is used in the designated port and root port selection algorithms Pto P If a bridge port is operating in full duplex mode than the port is functioning as point to point The available options are auto true or false By default it is set to auto Edge If a port is operating in half duplex mode and is not connected to any further bridges participating in STP or RSTP then the port is an edge port The available options are yes or no By default it is set to no LAN Setting En IP Authentication GStatic DHCP Network IP Parameters IP Address 192 168
27. bridge forward delay value seconds 135 Max Age Set the bridge s maximum message age value seconds Port Cost Set the port cost of the port Port Priority Set the port priority of the port interface It is used in the designated port and root port selection algorithms Pto P If a bridge port is operating in full duplex mode than the port is functioning as point to point The available options are auto true or false By default it is set to auto Edge If a port is operating in half duplex mode and is not connected to any further bridges participating in STP or RSTP then the port is an edge port The available options are yes or no By default it is set to no LAN Setting IP Authentication Static ODHCP IP Address 192 f168 1 Subnet Mask 255 255 255 0 Gateway Address 192 1168 JE 254 STP RSTP Disable v Bridge Priority 15 STP 0 65535 RSTP 0 15 Hello Time 2 1 10 second Forwarding Delay 15 4 30 second Max Age 20 6 40 second C 18 0 2 108 Priority 1 STP 0 255 RSTP 0 15 Port eth0 ost K Priority K PtoP auto w Edge no vi f9 2 10 iority 1 0 0 Port eth1 Cost 0 2 10 8 Priority STP 0 255 RSTP 0 15 PtoP auto v Edge no vi Cost 2000000 0 2 10 8 Priority 10 STP 0 255 RSTP 0 15 Port wdsj0 ee A ai K PtoP auto v Edge no vi 3 2100000 0 2 10 jority 11 0 0 Port wdsj1 Cost 0 2 10 8 SEES STP 0 255 RSTP 0 15 PtoP auto vi E
28. pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK 49 broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal w WPA MODE WPA amp WPA2 Share Key 123456789 fB 63 characters WPA Encryption Auto v i Group Key Update Interval 600 30 65535 Figure 3 3 30 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here SSID Security Mode Authentication WEA enterprise v WPA MODE Share Key WPA Encryption 8 63 characters Group Key Update Interval 600 30 65535 802 1x Primary Radius Server AuthenticatoinServer 192 168 L 1 80 1 1812 Shared Secret secret Backup Radius Server Optional Authenticatoin Server LI Shared Secret gt Q Figure 3 3 31 oS WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters CWmin Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 127 255 511 1023 2047
29. 0 00 adminp2pmac AUTO edge yes ath3 Port rma 2 port id 8003 state forwarding designated root 8000 002648000edf path cost 100 designated bridge 8000 002648000edf message age timer 42 61 designated port 8003 forward delay timer 39 01 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8004 state forwarding designated root 8000 002648000edf path cost 100 designated bridge 8000 002648000edf message age timer 7373 88 designated port 8004 forward delay timer 7372 92 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes CA port no mac addr is local ageing timer 1 00 13 a9 2a be 78 no 0 04 3 00 26 48 00 0e df yes 0 00 4 00 40 c7 b 00 8 yes 0 00 1 00 40 cf 00 00 22 yes 0 00 2 00 40 cf 00 00 33 yes 0 00 End of Status Figure 3 3 13 3 3 1 7 WIFI Status In this page user can click WIFI Interfaces to see each WIFI s information of this device such as Interface information Security information Associated AP Station The Figure 3 3 14 shows the ath3 CB interface is waiting for connecting to an AP WIFI Status WIFI Interfaces ath3 ath4 Interface ath3 Waiting for Connecting End of Status Figure 3 3 14 40 The Figure 3 3 15shows that the ath3 CB model has connected to an AP and display the relevant information WIFI Status WIFI Interfaces ath3 ath4 IEEE 802 11bg ESSID DW 1000 1 Nickname Mode Managed Frequency 2 417 GHz Access Point 00 40 C7 EF 00
30. 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WM
31. 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmin must be lower than the value for CWmax CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High t
32. 100 Radio of Radio of Radio off s90 Al_AP3 Seomty Disabled MODE 02 11 a COUNTRY North_America_Area CHANNEL Auto om i FRAG n RTS 23 BEACON 100 DISTANCE 100 sso A2 AP4 Seorty Disabled Radio of i g OF Figure 3 3 11 i 3 3 1 5 Power Control Status In this page user can enable the ethO port to provide PoE power and data forwarding function Power Control Status PoE Power Control etho port OEnable Disable Figure 3 3 12 3 3 1 6 Bridge Status In this page user could see the bridge interfaces information of this device such as interface information STP status mac address information etc Bridge Status Bridge bro Bridge STP State off bridge id 8000 002648000edf designated root 8000 002648000edf root port 0 path cost 0 max age 20 00 bridge max age 20 00 hello time 2 00 bridge hello time 2 00 forward delay 15 00 bridge forward delay 15 00 ageing time 300 00 hello timer 0 00 ten timer 0 00 port id 8001 state forwarding designated root 8000 002648000edf path cost 19 designated bridge 8000 002648000edf message age timer 7373 86 designated port 8001 forward delay timer 7372 91 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes KRI on nn port id 8002 state forwarding designated root 8000 002648000edf path cost 100 designated bridge 8000 002648000edf message age timer 7373 87 designated port 8002 forward delay timer 7372 92 designated cost 0 hold timer
33. 2 Isolation Disable Enable Key 1 eeeee WEP Key Setting Key 2 eeeee Key 3 eeceee Key 4 eeece Figure 3 10 29 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key that user would like to use for this AP 221 SSID Security Mode Authentication wep iy WEP Encryption Open ORestricted lO le O Select Key KEY 1 KEY 2 O KEY 3 KEY 4 Figure 3 10 30 3 10 6 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 10 6 1 IP Filtering User can block certain client PCs from accessing this AP based on its IP address If en
34. 28 Bit Rate 36 Mb s Tx Power 16 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 69 70 Signal level 24 dBm Noise level 93 dBm Rx invalid nwid 26463 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Mode Disable Associated AP Station MAC Address 00 40 C7 EF 00 28 Figure 3 3 15 End of Status The Figure 3 3 16 shows ath4 AP model information a a E E G WIFI Interfaces ath3 ath4 Interface Information IEEE 802 11bg ESSID A2_AP4 Nickname Mode Master Frequency 2 412 GHz Access Point 00 26 48 00 0E C2 Bit Rate 0 kb s Tx Power 17 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 0 70 Signal level 96 dBm Noise level 96 dBm Rx invalid nwid 2229 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Information Security Mode Disable Associated AP Station End of Status Figure 3 3 16 3 3 1 8 Log In this page user could see the system logs record of this device IWP 2000 68 user info kernel brO port IWP 2000 68 user info kernel br0 port IWP 2000 68 user info kernel brO port IwP 2000 68 user info kernel br0 port IWP 2000 68 user info kernel br0 port IWP 2000 68 user info kernel brO port ath3 enabled lWP 2000 88 user inf
35. AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location It is used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s SNMP community settings on this screen Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the name of community for the SNMP manager SNMP Community provides a simple protection by using the community name to control the access to the SNMP The community name can be thought of as a password If user don t have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community v3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A
36. AS ken ANE a 158 3 8 4 FIN TEL N kk eki kk io e n e A DS n A n 168 38 9 IN w l AE EN AE en DE e OL DE EE EE EE EE 168 3 8 0 TOONS ii ks kilt ie st n a l kr a K S 173 3 8 7 Log OUR kis zttis w w titit l e tt a ak e a a ei a aa e a at a a a a a a a a ka a W Ye 173 3 9 OLSR AP MOQE iii krik k aske pea ki kek ken a eka degi k va f sa andedan dai 174 3 9 1 SY SEE NNA ai ki a a ano a a NE a CA a a a ak a A A A e DE 175 3 9 2 WAN Configuration tik knn nn nn anan nannan anana nannan aa nan anana naanannannnnn 182 3 9 3 LAN Configuration sssssssss z s22uuuuuuuunnnnnnnnnnnnnnnnnn 184 3 9 4 MESH isi ata ka ke e a ka a a a YO iaaa adana Ek 185 3 9 5 Wireless vie k de e aaae e kaa t gan a we take ase ta sos kva sasa tase to ee adadda 189 2926 FI FOT N fis vans kon a kk a a e a a a a n a a A i ariana iaai 196 359549 N MP eka ved t Cree err errr er rre rrr ap ke ae ka A AN m e kk a 197 BOB TOONS paiia AEE aaaea naaa aani 202 3 9 9 L g OUE iv eki w ya a a a ke a a A EL a a a l 202 O AODV AP MOCG vii iv ekite eee ets asasen a see kea tis ee san ee ate s k as sTaS KAN MES AE 203 3210 1 SYStOM eki ki kk ki km ko e kk e e a a a B a A 203 3 10 2 WAN Configuration t ek kannan nn nannan nannan nannan ae nan antan nnaannannnnn 211 3 10 3 LAN Configuration sissies takes in ason kt asasin sansi nas kaka AN n 213 3 10 4 MESH l tat aa aa l ena n aa n aaa aa aa n aa ak a ak ak a a a ak a a a a a a a a a 214 3 10 5 WITClGSS asisite
37. Community The community name that is used Group Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is vi or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings Community to Security for V1 V2c Security Name Community Imypriv 127 0 0 1 public f Group Name Security Name M1 generic Iv mypriv vi 2 genericusm usm generic v iv mypriv LS IS ES LS 3 4 ij vi fi x mypriv 5 ei mypriv Figure 3 2 28 30 gt View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset View Name The name of view Include Assign include or exclude in this record for certain subtree Sub Tree the OID value For example 1 3 6 1 2 1 View Name Include Sub Tree 1 3 6 1 2 1 1 3 6 1 4 1 5205 mib2 nclude generic nclud
38. IPv4 no longer relev Registering new address record for New relevant interface ath3 IPv4 fo Joining mDNS multicast group on int Withdrawing address record for 192 Leaving mDNS multicast group on int Interface ath3 IPv4 no longer relev Registering new address record for New relevant interface ath3 IPv4 fo Joining mDNS multicast group on int Withdrawing address record for 192 16 v Time Update for Every User can set time update interval by enter the days hours and minutes Time Setting Select Setting Type Setting by Current System Time Manual Setting Year Month Day Hour Minute Second Using Internet Time Server Manual Setting Synchronize with an Internet Time Server Tue Apr 13 00 19 48 UTC 2010 00 oo joo 2010 4 41 13 Year 1900 2037 Hours from GMT Server IP Server IP for Reference Time Update for Every 3 4 1 9 Reboot 8 Hours 140 142 16 34 140 142 16 34 or 129 132 221 0 days 0 31 0 hours 0 23 10 minites 0 59 Figure 3 4 17 User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the lt Reboot gt button and click on lt OK gt on pop up screen to confirm user s decision 66 Reboot Access Point After you change the setting or in the event that the Acces
39. MESH Setting Figure 3 9 26 3 9 5 1 WIFI AP Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that you want to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the ope ating ace EiS Sa for this device Radio Power On Wireless Mode 802 11 b g SSID A2_AP4 SSID Hide OOn of Country Asia Pacific vi Channel Auto Figure 3 9 27 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can tr
40. MESH WLAN Settings User can configure the IP address for MESH athO interface in here The IP address for MESH athO must be in the same subnet with other MESH device s athO interface and must be in different subnet with WAN AP WLAN IP address Network IP Parameters IP Address The IP address of the AP on the MESH network Subnet Mask The subnet mask of the IP address LAN Setting Network IP Parameters IP Address 192 168 2 1 Subnet Mask 255 255 255 0 Figure 3 9 21 3 9 4 MESH This page will show the mesh information The options available here are OLSR CONFIG OLSR ADMIN OLSR ROUTES and OLSR LINKS 3 9 4 1 OLSR CONFIG In this page user can see all the MESH configuration information Variables In here the table shows Pollrate TC redundancy MPR coverage LQ level LQ winsize FISHEYE and Willingness information Interface atho In here the table shows IP MASK BCAST MTU and STATUS information 185 MESH Configuration Pollrate 0 500000 TC redundancy 2 MPR coverage 5 LQ levet 2 LQ winsize 10 FISHEYE Enable Willingness 7 IP 192 168 2 1 MASK 255 255 255 0 BCAST 192 168 2 255 MTU 1500 STATUS UP Figure 3 9 22 3 9 4 2 OLSR ADMIN In this page user can set the MESH related settings that shows in OLSR CONFIG Change basic settings Pollrate 0 0 m n This option sets the interval in seconds which the mesh scheduler should be poll for events every 0 2 seconds if the pollr
41. On AP WMM Enable O Disable MAX Associated Station 132 1 2007 AP Tx Best Effort CWmin 2047 v CWMax 4095 AIFS 2 1 255 Burst 0 0 AP Tx Background CWmin 15 vy CWMax 1023 AIFS 7 1 255 Burst 0 0 AP Tx Video CWmin 7 v CWMax 7 w AIFS 11 1 255 Burst 15 AP Tx Voice Cwmin 7 w CWMax 15 w AIFS 1 1 255 Burst 3 0 CWmin 7 v CWMax 1023 v AIFS 2 1 255 STA Tx Best Effort pen TXOP 64 1 255 x32ms ACM Enable Disable CWmin 15 v CWMax 1023 v AIFS 7 1 255 STA Tx Background g si TXOP 1 1 255 x32ms ACM OEnable Disable CWmin 7 v CWMax 7 y AIFS 1 1 255 STA Tx Video T Ma i TXOP 47 1 255 x32ms ACM OEnable Disable CWmin 7 CWMax 15 AIFS 1 1 255 STA Tx Voice E TXOP 94 1 255 x32ms ACM Enable Disable Figure 3 8 26 3 8 3 2 WIFI ath4 ath7 Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the coun
42. RTS CTS Threshold 2346 1 2346 Tx Power Auto Rate 54 Mbits V Fixed Layer 2 Isolation Disable Enable Key 1 eeeee WEP Key Setting Key 2 e0000 Key 3 eeece Key 4 00000 Figure 3 2 21 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption 24 Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP Li WEP Encryption Open ORestricted KEY KEY 2 O KEY 3 KEY 4 Figure 3 2 22 Select Key WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp
43. Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key you would like to use for this AP SSID Security Mode Authentication WEP vi WEP Encryption G Open ORestricted G A A WE kay KEY 1 O KEY O KEY 3 KEY 4 Figure 3 8 29 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPA2 is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK 165 broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal WPA MODE WPA amp WPA2 Share Key 123456789 8 63 characters WPA Encryption Auto y Group Key Update Interval 600 30 65535 Figure 3 8 30 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication
44. SNMP manager SNMP Community provides a simple protection by using the community name to control the access to the SNMP The community name can be thought of as a password If user don t have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community v3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an
45. SNMP community settings on this page Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the name of community for the SNMP manager SNMP Community provides a simple protection by using the community name to control the access to the SNMP The 120 community name can be thought of as a password If user don t have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community v3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decryptin
46. The allowable AP list The AP in the list is a legal AP for CB to connect Check the box and press the Del button to remove it Rogue AP The nearby AP list not include the allowed APs Check the box and press the Add button to add it as a legal AP Re Scan Press lt WIFIx gt button to Re scan the APs nearby which are scanned by wifi card x x 1 or 2 Rogue Scan Rogue Enable Rogue Enable Enable C Disable Allow AP Del MAC Addr SSID Rogue AP Add MAC Addr SSID Re Scan Figure 3 3 22 3 3 3 2 WIFI ath3 Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use 44 The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network In station mode CB this SSID must be same as the AP that user wish to connect User can either type in the SSID by themself or simply press the lt Scan gt button and select the AP form the popup list then click lt submit gt MAC Cloning This feature controls the MAC Address of the Wiress Bridge seen by other devices wired or wireless If set to Ethernet Client the MAC Address from the first Ethernet client that transmits data through the Wireless Bridge will be used When multiple Ethernet devices are connected to the Wireless Bridge it may not be obvious which MAC Address will be use
47. This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the operating frequency cnanne for this device Radio Power On w Wireless Mode 802 11 b g SSID A1 APO SSID Hide OOn SOF Country North_America_Area Y Channel 9 be Figure 3 7 19 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max
48. To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here SSID Security Mode Authentication WPA enterprise v WPA MODE E Share Key 123456789 8 63 characters WPA Encryption Auto Group Key Update Interval 600 30 65535 802 1x Primary Radius Server AuthenticatoinServer 192 1168 L1 80 1812 SharedSecret secret Backup Radius Server Optional Authenticatoin Server L L L a Shared Secret Figure 3 8 31 Qos WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters CWmin Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmin must be lower than the value for CWmax CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting 166 AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the
49. Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the 118 wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory QoS Setting On AP WMM Enable O Disable MAX Associated Station 32 1 2007 AP Tx Best Effort CWmin 2047 w CWMax 4095
50. User can also backup restore the configuration of this device remotely Click on NEXT button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 2 9 Enter the necessary setting in next page then click on Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFTP OFIP TFTP or FTP Server IP L L L Firmware Filename in server configs tar FTP Username FTP Password Backup To Sener Figure 3 2 10 3 2 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control Bridge LAN port AP WIFI 1 Status AP WIFI 2 Status Current Firmware Version IWP 2000 68 10 1 8 Device Name lwP 2000 68 System Model AP Bridge System Time Wed Nov 3 00 43 52 2010 Power Control tata etno PoE Disabled Bridge LAN Pot IP Address 192 168 1 1 MAC Address 00 26 48 00 0edf Mask 255 255 255 0 SAP WIELY Status MODE 02 11 a COUNTRY North_America_Area CHANNEL Auto OTM 1 FRAG RTS BEACON Figure 3 2 11 3 2 1 5 Power Control Status In this page user can enable the PoE power forwarding function for ethO Power Control Status PoE Power Control etho port OEnable Disable 18 Figure 3 2 12 3 2 1 6 Bridge Status In this page user could see the bridge interfaces information of this de
51. WEP WEP Encryption Open ORestricted Select Key KEY 1 KEY 2 O KEY 3 KEY 4 F igure 3 8 23 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPAZ is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal k WPA MODE WPA amp WPA2 Share Key 123456789 8 63 characters WPA Encryption Auto Group Key Update Interval 600 30 65535 Figure 3 8 24 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed i
52. Wireless Mode Select which wireless mode that you want to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the TER Lasers for this device Radio Power On vi Wireless Mode 802 11 b g SSID JA1 APO SSID Hide Oon G Off Country Norih America Area v Channel 9 Figure 3 10 22 gt Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Thres
53. Year Month Day 2010 y 4 13 Year1900 2037 Hour Minute Second joo oo o0 Hours from GMT 8 Hours Server IP 140 142 16 34 Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every 0 days 0 31 hours 0 23 10 minites 0 59 F Figure 3 9 15 3 9 1 9 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the lt Reboot gt button and click on lt OK gt on pop up screen to confirm user s decision Reboot Access Point After you change the setting or in the event that the Access Point stops responding correctly or in some way stops functioning you can perform a Reboot To perform the Reboot click on the Reboot button below ott wi te tk to confirm your decision Figure 3 9 16 3 9 2 WAN Configuration 3 9 2 1 WAN Settings This function is to establish a connection with user s WAN network and also assign the IP to the host behind this AP Network IP Parameters User can change the network settings of this interface from WAN configuration it is including IP address Subnet mask Gateway address and enable disable the DHCP server Function DHCP Server Parameters Primary Secondary DNS Address The domain name servers option specifies a list of Domain Name System name servers avail
54. access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opport
55. and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table Sec urity Model Security Level B Write Notify generic v any M NoAuthNoPriv generic generic generic genericusm Y usm AuthPriv v all all v all v v v v all v all v v vv 1 2 3 generic v any v NoAuthNoPriv vl all 4 gener v N Priv w al vi lal 5 generic v any M NoAuthNoPriv all generic v any NoAuthNoPriv all Figure 3 4 39 all vi all v 3 4 6 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system gt SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address 8 Port The IP and Port of a device to receive traps Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoPriv AuthPriv
56. as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPAZ is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP 97 SSID Security Mode Authentication WPA personal vi WPA MODE wa w Share Key 123456789 8 63 characters WPA Encryption Auto Figure 3 5 26 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter their account and password to pass the authentication SSID Security Mode Authentication WPA enterprise v WPA MODE a Share Key 123456789 8 63 characters WPA Encryption Auto 802 1x Account F3000 Password F300 Figure 3 5 27 Please Note In wifi station model the security setting must be same as the AP that user wish to connect 3 5 5 Filtering The MAC address filter section can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC addr
57. bon de kaa k da bo ia f k a aaa bi 215 3 10 6 Filtering wire aaa aa a a a a a a Yo A EN A a m A a a 222 3107 SNMP oct is ee feet ee a aka kane eee S n ew ke e ONA n e e iuni naii n e AN innn 223 3 10 88 TOONS k t ki danse nas sav Asistans taa kase Ras Rt Nan ks saaa nee Ak AAS AS 228 S21 O29 Log OUE ekate kan aaa n a aa aa aa n fa a ke a e a a a a a a a a e ba 228 Revision History Release Date Revision 1 0 12 31 2010 A1 Caution Circuit devices are sensitive to static electricity which can damage their delicate electronics Dry weather conditions or walking across a carpeted floor may cause you to acquire a static electrical charge To protect your device always e Touch the metal chassis of your computer to ground the static electrical charge before you pick up the circuit device e Pick up the device by holding it on the left and right edges only e The Web UI s Main Menu links are used to navigate to other menus and display configuration parameters and statistics with suggestive value 1024x768 e If you need using outdoor device connects to this device with cable then you need to add an arrester on the cable between outdoor device and this device vi About this user s manual In this user s manual it will not only tell you how to install and connect your network system but configure and monitor the IWP 2000 68 through the built in web UI step by step Many explanations in details of ha
58. connection with user s WAN network select the IP Allocation Mode that ISP is used Interface ath3 Setting IP Authentication Indicate how the IP address of this device will be assigned There are two options available here Static option the IP address should be entered in Network IP Parameters and DHCP option the IP address will be assigned from other DHCP server Network IP Parameters User can change the network settings of this device from WAN Configuration it is including IP address Subnet mask and Gateway address 92 WAN Setting IP Authentication Static DHCP Network IP Parameters IP Address j192 168 23 1 Subnet Mask 255s le lw lp Gateway Address 192 168 23 254 Figure 3 5 18 3 5 2 2 Bandwidth Management This function allows user to set the limitation of total upload download bandwidth on WAN interface and also can set the limitation of upload download bandwidth for each user or a group of users by IP address gt Bandwidth Management Bandwidth Management Enable bandwidth limitation function Upload Bandwidth The total upload bandwidth in Mbps Download Bandwidth The total download bandwidth in Mbps gt Bandwidth Limitation Action To set the action type of bandwidth limitation The options available here are disable upload download and upload download Start IP Address To set the start IP of bandwidth limitation End IP Address To set the end IP of ban
59. cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time
60. download bandwidth in Mbps gt Bandwidth Limitation Action To set the action type of bandwidth limitation The options available here are disable upload download and upload download Start IP Address To set the start IP of bandwidth limitation End IP Address To set the end IP of bandwidth limitation Bandwidth Limitation To set the bandwidth in Kbps of bandwidth limitation 67 User can press lt Add gt button to add IP address to the Bandwidth Limitation list User can tick the check box and press lt Del gt button to delete the IP address from the Bandwidth Limitation list Bandwidth Management Bandwidth Management Bandwidth Management O Enable Disable Upload Bandwidth 54 Mbps Download Bandwidth 54 Mbps Action Start IP Address End IP Address Bandwidth Limitation Kbps 1 O Up Download 192 168 i Action Start IP Address End IP Address Bandwidth Limitation Kbps Up Download 0 0 0 0 0 0 0 0 200 Figure 3 4 20 3 4 3 LAN Configuration User can change the local network settings of this device from LAN Configuration for ethO eth1 and ath4 ath7 which include the IP address Subnet mask and DHCP server related settings Network IP Parameters User can change the network settings of this interface from LAN configuration it is including IP address Subnet mask and enable disable the DHCP server Function DHCP Server Parameters Primary Secondary DNS Address The domain name serv
61. eh bende piers en decision Figure 3 8 17 3 8 2 LAN Configuration Interface brO Setting IP Authentication Indicate how the IP address of this device will be assigned There are two options available here Static option the IP address should be entered in Network IP Parameters and DHCP option the IP address will be assigned from other DHCP server Network IP Parameters User can change the network settings of this device from LAN Configuration it is including IP address Subnet mask and Gateway address Bridge STP Setting User can also set the Bridge STP setting in this page STP RSTP Disable the bridge STP or set the bridge mode as STP or RSTP mode Bridge Priority Set the priority value of the bridge The priority value is a number between O and 65535 The bridge with the lowest priority will be elected root bridge Hello Time Set the bridge s bridge hello time value seconds Forwarding Delay Set the bridge s bridge forward delay value seconds 157 Max Age Set the bridge s maximum message age value seconds Port Cost Set the port cost of the port Port Priority Set the port priority of the port interface It is used in the designated port and root port selection algorithms P to P If a bridge port is operating in full duplex mode than the port is functioning as point to point The available options are auto true or false By default it is set to auto Edge If a port is operati
62. following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System time Reboot V WAN e WAN Settings e Bandwidth Management V LAN e ethO Settings e ethi Settings e Station ath7 Settings V WIRELESS e Rogue AP Scan e WIFI ath3 Setting e WIFI ath7 Setting V FILTER e IP Filtering e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 84 3 5 1 System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System time and Reboot screen as shown in Figure 3 5 1 Dual WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 5 1 3 5 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 5 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a v z A Z or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditi
63. kak ni n ka aka k n kaka k n aa kai kaki kane 67 3 4 3 LAN Configuration ri a a a aa a a e a e a a a a a aa a kl ak a 68 3 4 4 Wireless iii aki ede ks esas seki a seki a dadou aeaio AnA CAA kek SE ASA SS Ske SUR AE SA EY YA 69 34 5 FI CE NNNO kikit nt tt a kf a a a ae a a a a n n a a l A 77 34O SNMP e A ER EY EP EE PEN EE EE EP EE DOE EE 78 Bue TOOlS iin EE EE EN EE EE EE ED L 83 3 4 8 LOGO UP Peezisikyaiee tikal we it a a a e a e a a a e a l e a a n a e e a ka A a 83 3 5 CB CB Rout MOG ki ea ke kane atan tee tk eske ad s ake aksan kt Aa E NY a Ra kan AAA n 84 e Ord SYSCEMN ui a a a ata a a a n a EN a a e e n NY a n a YN a a a a EY a n n e a A 85 3 5 2 WAN Configuration lt kk nannan nannan nn nn kann nannan aaa nana eka naanaannnnannnnnn 92 3 5 3 LAN Configuration kaki pokakana r aa kikit k ata sians tat na sasa knn A AaS kk Nan 93 Sr 014 Wireless s ke kk sacra at tt aa ae ia a a a a e a a a a a a a a A n kb A A 94 3 5 5 FUtering edike deta kenn oun a n aaa ik ae AAA ou ka kn aka ae ae kaa SAD AS NA DAN 98 3 5 6 SNMP e otan oua a ao oo e a n m a e a a m ER 100 3 5 7 TOONS s sis aa ke an a e a a A a a A a ka a a a a A a a 105 3 5 8 Log OUE lkiik tt ik a wane a a e a A EE a A 105 3 6 VLAN AP Mode isi ik ae aa iienaa as ami akne so a k ke pan n ia kane mainai 106 3 6 1 System kizin eee in teras sesi Ona e SAN a ao ANDAN AS ATE pea AYE aa SA a AR 106 3 6 2 LAN CONfIQUFACIO M kis vi seke avan do iss vas tek sak fek a s
64. ki ieee kn a ko e ew e A ID a 11 3 2 1 SYSTOIN 4 al ai ka a aie a a a a a a a a a Vana acu n a an SE a e ak a a a NE a A PE a ka A 12 3 2 2 LAN Configuration ee ae kk kk kas n anana saka SASA nn ES RE kan RA SARA AN kaki 21 3 2 3 WILCICSS Yes seae s dwe sw ad y d awa Pos k l e kase oke dekad aaua i nin 23 3 2 4 FIICEEFIN Oki kk n a a ko a a a e a a a A a n a a ao A a A a a a a a A 27 3 2 5 SNMP vii tidi kaa s tie aka an atik doi aide ake n Ak ke R N ake AA DS Ga Die AA 28 FEZIO TOONS ii ki ai ia w tf a a n a a a l a e a ao a BO m m e RE 33 DA OU OUE iii s k eee s kise Ye ee Ane ae Yen ane YE Ne BS AS ane AS Sak RSS ea SIS tin 33 3 3 AP CB Bridge MOOG isk ei ioies vas in ioaoasieiesoasieitanas ie leson sis does n fwan ayan ii 33 Sick OY SEEN ikid a A a a a ka Jo a a Oo a A A a a RE Pm 34 3 3 2 LAN Configuration avk eee ke ate n kase s kant asa aa kaa kn kas a Noe kaa ak ak 42 3 3 3 Wireless a ietinevedsWanatacalavel it a a a kan an m e e a e a ka a n e a a a e D DA 44 3 34 Filtering PE EE en n PLE EP RET EP Deno 52 353 5 SNMP ciivietedssnsstuudiesstandacstsunssewadouasuubawisausaawiouseataudsswedetsauutaucees 52 3 3 6 TOQ S roaa wat wa a a a a aaa iaai iaia a 57 3 3 7 Log kn idivanciveddvacseadivedidecdvecivacivecivactedansecivecdveciunadenddveds 57 3 4 AP CB Route Mode vite aie anko k n e n AD 58 3 4 1 System crcccssicccacacacecattavecsactcwesaacnewsesacecetecasesaesansaanesnouaeesaneate 59 3 4 2 WAN Configuration k k kaka k ak
65. management and WIFI Loading Warning Threshold gt Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a z A Z Li Li or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese Model Select OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To set this device as a router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID AP_WDS_BRG To set this device as a WDS device with AP function AP4_WDS_BRG To set this device as WDS device with AP function and support up to 4 SSID Administrator Settings Device Name Name WWP 2000 68 0 9 A Z tak z ont n Language English OLSR_AP AODV_AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP AP_WDS_BRG AP4 WDS BRG Password Settings Current Password Password 3 12 Characters Re type Password Idle Time Out 30 1 999 minutes Enable C If enabled only the following PC can manage this AP I
66. must be lower than the value for CWmax CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 218 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time se
67. o3 oa L O5 Group Name Io vou M2 genericusm usm Mi als vi O4 o vl w os aa View Community mypriv 5 generic mypriv SSIS Ex Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset Include Assign include or exclude in this record for certain subtree Sub Tree the OID value For example 1 3 6 1 2 1 Include View Name q M1 mib2 Include M2 generic Include w os L nie A 04 include i oO Include O6 Include ve Cig Include os Include W O93 Include v a ZE aj Include 12 Include ake Include Y O 14 Include D 15 include w 16 Include we ai A Include wi Figure 3 8 36 Sub Tree 1 3 6 1 2 1 1 3 6 1 4 1 5205 171 gt Access The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any v1 v2c and usm Sec
68. of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the Reboot button and click on lt OK gt on pop up screen to confirm user s decision Reboot Access Point After you change the setting or in the event that the Access Point stops responding correctly or in some way stops functioning ee To perform the Reboot click on the Reboot button below You will be asked to confirm your Figure 3 7 17 3 7 2 LAN Configuration Interface brO Setting IP Authentication Indicate how the IP address of this device will be assigned There are two options available here Static option the IP address should be entered in Network IP Parameters and DHCP option the IP address will be assigned from other DHCP server Network IP Parameters User can change the network settings of this device from LAN Configuration it is including IP address Subnet mask and Gateway address Bridge STP Setting User can also set the Bridge STP setting in this page STP RSTP Disable the bridge STP or set the bridge mode as STP or RSTP mode Bridge Priority Set the priority value of the bridge The priority value is a number between O and 65535 The bridge with the lowest priority will be elected root bridge Hello Time Set the bridge s bridge hello time value seconds Forwarding Delay Set the bridge s
69. of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on Browse button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 5 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 5 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings 87 Configuration Tools Restore Factory Default Configuration Cer Local Backup Settings Restore settings
70. or 4095 The value for CWmin must be lower than the value for CWmax CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throu
71. process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 6 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 2 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings Configuration Backup Restore Server Type Select OTFTP FTP TFTP or FTP Server IP L L Firmware Filename in server configs tar FTP Username FTP Password Backup To Server Restore From Server Figure 3 6 4 Restore Factory Default Configuration To reset configuration settings to the factory default values just click on NEXT button beside Restore Factory Default Configuration Restore Factory Default Configura
72. processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that user can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options User can use this token to give SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network Community The community name that is used Group 170 Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is vi or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings Community to Security for ViIV2c Index Security Name IP Source Mi mypriv 127 0 0 1 D2
73. rekeying the GTK broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal vi WPA MODE WPA amp WPA2 v Share Key 123456789 8 63 characters WPA Encryption Auto v Group Key Update Interval 600 30 65535 Figure 3 7 23 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here SSID Security Mode Authentication WPA enterprise w WPAMODE JWPA Share Key WPA Encryption Group Key Update Interval 802 1x Primary Radius Server Authenticatoin Server 192 168 h 80 1812 Shared Secret secret Backup Radius Server Optional Authenticatoin Server I L 8 63 characters 600 g0 65525 Shared Secret Figure 3 7 24 Qos WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters 139 CWmin Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmin must be lower than the value for CWmax CWmax Maximum Contention Window The Valid values for
74. secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account and assign access rights by VACM 169 SNMP Basic Settings SNMP Agent Enable System Information Contact IContact me Location ll am here V1IV2C IndexAccess Right Community 1 2 3 4 5 Deny x Deny S Deny S Deny vi Deny Security Level pui Auth Passphrase Enay Priv Passphrase oe Type Protocol Right AuthPriv v mp5 x DES unused sv AuthPriv MD5 v DES unused w AuthPriv vi MD5 vi DES w unused v AuthPriv MD5 x DES unused AuthPriv v mo5 v DES v unused Figure 3 8 34 3 8 5 2 VACM Setting User can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen
75. subtree Sub Tree the OID value For example 1 3 6 1 2 1 View Name Include M1 mib2 Include 1 3 6 1 2 1 2 generic Include w 1 3 6 1 4 1 5205 o3 i Include D4 Include MIS Include DO 6 Include im Include w o8 Include O93 Include v D 10 Include w FINN Include 12 Include D 13 Include O14 Include Y O15 Include 16 Include w O17 Include W r Figure 3 9 40 Access 200 The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any v1 v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from Vi
76. the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal w WPA MODE WPA amp WPA2 Share Key 123456789 8 63 characters WPA Encryption Auto v Group Key Update Interval 600 80 65535 Figure 3 9 30 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here SSID Security Mode Authentication WPA MODE WPA Share Key 23456789 8 63 characters WPA Encryption Group Key Update Interval 60 30 65535 Primary Radius Server Authenticatoin Server 192 1168 1 lso 1812 Shared Secret secret Backup Radius Server Optional AuthenticatoinServer L L Shared Secret Figure 3 9 31 Qos WMM Enable disable WMM support 192 MAX Associated Station Maximum number of stations allowed in station table Common Parameters CWmin Minimum Contention Window The valid values for CWmin are
77. the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the 26 wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory QoS Setting On AP WMM Enable O Disable MAX Associated Station 32 1 2007 AP Tx Best Effort CWmin 2047 w CWMax 4095 v AIFS 2 1 255 Burst 0 0 AP Tx Background CWmin 15_ v CWMax 1023 w AIFS 7 1 255 Burst 0 0 AP Tx Video CWmin 7 w CWMax 7 vw AIFS 1 1 255 Burst 1 5 AP Tx Voice CWmin 7 v CWMax 15 Y AIFS 1 1 255 Burst 3 0 CWmin 7 CWMax 1023 AIFS 2 1 255 STA Tx Best Effort fo 3 SA TXOP 64 1 255 x32ms ACM O Enable
78. two ways One is manual setting the other one is Synchronize with an Internet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute Second Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Time Update for Every User can set time update interval by enter the days hours and minutes 113 Time Setting Select Setting Type Manual Setting Sey OO Yi on wih aa ineme Time Server Current System Time Tue Apr 13 00 13 59 UTC 2010 Year Month Day 2010 4 13 Year 1900 2037 Hour Minute Second oo jo0 s o0 Hours from GMT 8 Hours Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every o days O 31 0 kbours 0 23 10 minites 0 59 Figure 3 6 15 3 6 1 9 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the lt Reboot gt button and click on lt OK gt on pop up screen to confirm user s decision Reboot Access Point Reboot Figure 3 6 16 3 6 2 LAN Configuration Network IP Parameters User can change the network settings of this device from LAN Configuration it is inclu
79. user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just click tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by Lantech Wireless View Lantech Wireless View will monitor the WIFI loading when the loading is over this value Lantech Wireless View will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 5 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 5 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of firmware Firmware Update Current Firmware information Version IWP 2000 68 v0 1 4 Date 2010 04 13 Using TFTP Using WEB NEXT Using FTP NEXT Figure 3 5 3 Using TFTP On any computer in the network or a compute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end
80. v AIFS 2 1 255 Burst 0 0 AP Tx Background CWmin 15_ v CWMax 1023 w AIFS 7 1 255 Burst 0 0 AP Tx Video CWmin 7 w CWMax 7 vw AIFS 1 1 255 Burst 1 5 AP Tx Voice CWmin 7 v CWMax 15 Y AIFS 1 1 255 Burst 3 0 CWmin 7 CWMax 1023 AIFS 2 1 255 STA Tx Best Effort fo 3 SA TXOP 64 1 255 x32ms ACM O Enable Disable CWmin 15 v CWMax 1023 v AIFS 7 1 255 STA Tx Background Pann a i TXOP 1 1 255 x32ms ACM OEnable Disable CWmin 7 v CWMax 7 y AIFS 1 1 255 STA Tx Video f ED TXOP 47 1 255 x392ms ACM OEnable Disable CWmin 7 CWMax 15 AIFS 1 1 255 STA Tx Voice ae TXOP 94 1 255 x32ms ACM OEnable Disable Figure 3 6 24 3 6 4 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 6 4 1 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario gt General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those
81. value Lantech Wireless View will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 10 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 10 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of firmware 205 Firmware Update Current Firmware information Version IWP 2000 68 W0 1 4 Date 2010 04 13 Using TFTP Using WEB NEXT Using FTP Figure 3 10 3 Using TFTP On any computer in the network or a compute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn o
82. value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each 137 other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie 0 9 a f User can set maximum 4 keys but only one key will functional at one time Advanced Setting Auto Ni Peer Node Distance e Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTSICTS Threshold 346 1 2346 Tx Power Auto vi Rate 54 v Mbits Fi Fixed Layer 2 Isolation Disable Enable Key 1 eeece WEP Key Setting Key 2 eeeee Figure 3 7 20 WDS MAC Address Setting MAC Address In WDS function user should enter the MAC address that indicates which AP to connect to WDS MAC Address Setting MAC Address 1 Po MAC Address 2 Delete MAC Address 3 MAC Address 4 j Figure 3 7 21 gt SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Di
83. 0 15 PtoP auto v Edge no v Port ath6 Cost 2600000 0 2 10 8 Priority 8 STP 0 255 RSTP 0 15 PtoP auto w e no v Port ath7 Cost 2700000 le 2 10 8 Priority 9 STP 0 255 RSTP 0 15 PtoP auto v Edge no v Figure 3 8 18 3 8 3 Wireless User can set the wireless related setting here 158 Dual WLAN Device Wireless You can set the wireless releated setting here WIFI athO Setting WIFI ath4 Setting Figure 3 8 19 3 8 3 1 WIFI athO Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all points in the network It is case sensitive and maximum length is 32 Country This setting configures the access point s country code which identifies the country of operation and sets the authorized radio channels Channel Set the operating frequency channe for user s AP Radio Power On E Wireless Mode 802 11 b g SSID A1 APO Scan SSID Hide OOn SOF Country North America Area Y Channel 9 yj Figure 3 8 20 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout
84. 0 07 IWP 2000 68 user info Terminated Apr 13 00 00 07 MP 2000 68 daemon info avahi daemon 2838 Registering new address record for Apr 13 00 00 07 MP 2000 68 daemon info avahi daemon 2838 New relevant interface ethl IPv fo Apr 13 00 00 07 IWP 2000 68 daemon info avahi daemon 2838 Joining mDNS multicast group on int Apr 13 00 00 07 IWP 2000 68 daemon info avahi daemon 2838 Registering new address record for Apr 13 00 00 07 IWNP 2000 68 daemon info avahi daemon 2838 New relevant interface eth0O IPv4 fo Apr 13 00 00 07 IWP 2000 68 daemon info avahi daemon 2838 Joining mDNS multicast group on int Apr 13 00 00 07 IWP 2000 68 daemon info avahi daemon 2838 Interface ethO IPv4 no longer relev Yo Figure 3 9 14 3 9 1 8 System time Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is Synchronize with an Internet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute Second Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Time Update for Every User can set time update interval by enter the days hours and minutes 181 Time Setting Select Setting Type TER Manual Setting Synchronize with an Internet Time Server Current System Time Tue Apr 13 00 44 23 UTC 2010 Manual Setting
85. 00 68 0 9 A Z a z ont n Language Select Language English vw OLSRAP AODV_AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP AP WDS BRG AP4 WDS BRG Password Settings Current Password Password 3 12 Characters Re type Password idle Time Out 30 1 999 minutes Enable C Ifenabled only the following PC can manage this AP IP Address Threshold 15 5 25 Mb sec Figure 3 4 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by Lantech Wireless View Lantech Wireless View will monitor the WIFI loading when the loading is over this value Lantech Wireless View will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 4 1 2 Firmware Update By selecting the item of Firmware under System
86. 000 1 Nickname Mode Managed Frequency 2 417 GHz Access Point 00 40 C7 EF 00 28 Bit Rate 36 Mb s Tx Power 16 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 69 70 Signal level 24 dBm Noise level 93 dBm Rx invalid nwid 26463 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Mode Disable Associated AP Station MAC Address 00 40 C7 EF 00 28 Figure 3 4 14 End of Status The Figure 3 4 15 shows ath4 AP model information a an g E G WIFI Interfaces ath3 ath4 Interface Information IEEE 802 11bg ESSID A2 AP4 Nickname Mode Master Frequency 2 412 GHz Access Point 00 26 48 00 0E C2 Bit Rate 0 kb s Tx Power 17 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 0 70 Signal level 96 dBm Noise level 96 dBm Rx invalid nwid 2229 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Mode Disable Associated AP Station End of Status Figure 3 4 15 65 3 4 1 7 Log In this page user could see the system logs record of this device Logs System Logs Apr 13 00 16 04 MVP 2000 68 Apr 13 00 16 04 MvP 2000 68 Apr 13 00 16 04 MP 2000 68 Apr 13 00 16 01 MvP 2000 68 Apr 13 00 16 01 MVP 2000 68 Apr 13 00 16 01 MVP 2000 68 Apr 13 00 15 04 MVP 2000 68
87. 04 designated port 8003 forward delay timer 2743 08 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8004 state forwarding designated root 8000 000000000020 path cost 100 designated bridge 8000 000000000020 message age timer 2744 04 designated port 8004 forward delay timer 2743 08 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port no mac addr is local ageing timer 2 00 00 00 00 00 20 yes 0 00 1 00 00 00 00 00 21 yes 0 00 1 00 13 a9 2a be 78 no 0 05 3 00 26 48 00 0e c2 yes 0 00 4 00 40 c7 fb 00 8 yes 0 00 End of Status Figure 3 8 13 3 8 1 7 WIFI Status In this page user could see the WIFI information of this device such as Interface information Security information Associated AP Station 155 WIFI Status WIFI Interfaces Sai ath4 TEEE 802 11bg ESSID A1 APO Nickname Mode Master Frequency 2 452 GHz Access Point 00 40 C7 FB 00F8 Bit Rate 0 kb s Tx Power 16 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 0 70 Signal level 97 dBm Noise level 97 dBm Rx invalid nwid 1615 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Information Security Associated AP Station End of Status Figure 3 8 14 3 8 1 8 Log In this page user could see the system logs record of this device Logs System Logs Apr 13 00 02 01 MVP 2000 6
88. 1 and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network Community The community name that is used Group Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting 199 Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is vi or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings Community to Security for VIV2c Security Name Source Community mypriv 127 0 0 1 public Group Name Security Model Security Name Mi generic v E mypriv v M2 genericusm usm generic Ki lie i vi S mypriv B O4 1 voy mypriv w Fl voy mypriv vi Figure 3 9 39 View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset View Name The name of view Include Assign include or exclude in this record for certain
89. 10 1 8 System time gt Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is Synchronize with an Internet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute Second Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Time Update for Every User can set time update interval by enter the days hours and minutes 210 Time Setting Select Setting Type Setting by 9 Manual Setting Synchronize with an Internet Time Server Current System Time Tue Apr 13 00 44 23 UTC 2010 Manual Setting Year Month Day 2010 y 4 13 CYear 1900 2037 Hour Minute Second joo oo o0 Hours from GMT 8 Hours Server IP 140 142 16 34 Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every 0 days 0 31 0 hours 0 23 10___ minites 0 59 Figure 3 10 15 3 10 1 9 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the lt Reboot gt button and click on lt OK gt on pop up screen to confirm user s decision Reboot Access Point After you change the setting or in the event that t
90. 1615 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Mode Disable Associated AP Station End of Status Figure 3 10 13 3 10 1 7 Log In this page user could see the system logs record of this device Logs System Logs a Apr 13 00 02 02 IWP 2000 68 cron notice crond 2844 USER root pid 3488 cmd web server www htm Apr 13 00 01 09 IWP 2000 68 auth notice root 192 168 1 10 login Apr 13 00 00 00 IWP 2000 68 user info web server flash setup sh web server flash setup sh Apr 13 00 00 00 IWP 2000 68 user info RINETLINK answers No such file or directory Apr 13 00 00 00 IWP 2000 68 user info RINETLINK answers No such file or directory Apr 13 00 00 00 IWP 2000 68 user info date 041300002010 00 Apr 13 00 00 00 IWP 2000 68 user info Tue Apr 13 00 00 00 UTC 2010 Apr 13 00 00 06 MP 2000 68 user info Terminated Apr 13 00 00 03 IWP 2000 68 daemon notice aodvd main In wait on reboot for 2000 milliseconds Apr 13 00 00 03 IWP 2000 68 daemon notice aodvd aodv_socket_init Receive buffer size set to 2 Apr 13 00 00 03 IWP 2000 68 daemon notice aodvd aodv_socket_init RAW send socket buffer size Apr 13 00 00 03 IWP 2000 68 user info DEBUG 0 Apr 13 00 00 03 IWP 2000 68 user info DEBUG Apr 13 00 00 03 IWP 2000 68 user info Killed Apr 13 00 00 03 IWP 2000 68 user info Terminated Apr 13 00 00 00 IWP 2000 68 user info date 041300002010 00 lt gt Figure 3 10 14 3
91. 2 1 and Wall Mount kit to mount the IWP 2000 68 as shown in Figure 2 2 I TTF 9806 Q Figure 2 1 Figure 2 2 2 4 System Requirements Installation of the IWP 2000 68 Outdoor Wireless unit requires the following 1 A PC with 10 100 1000 Ethernet port and web browser e g Internet Explore or Firefox 2 RJ 45 Ethernet cable connected to the Ethernet network 3 An AC power outlet 100 240V 50 60Hz supplies the power 2 4 1 PoE Injector The IWP 2000 68 is equipped with a PoE Injector module The PoE Injector delivers both data and power to IWP 2000 68 via Ethernet cable and gives the following benefits to improve the performance vs installation cost ratio This works great in areas where you may not have power like house roof This also allows you to place the IWP 2000 68 unit closer to the antenna to make installation easier more thus reducing signal loss over antenna cabling Ethernet signal travels well over CAT 5 cable but 2 4GHz 5GHz signal doesn t do as well over antenna cabling Ethernet cabling is much cheaper than Antenna cabling 2 4 2 Preparing Installation Before installing IWP 2000 68 for outdoor application or hard to reach location we recommend configure and test all the devices first For configuring the IWP 2000 68 please follow the quick steps below to power up the IWP 2000 68 Refer to Figure 2 3 for steps 1 through 4 IWP 2000 68 1 Figure 2 3 Step1 Connect the
92. 25 3 7 4 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 7 4 1 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario gt General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those interfaces PCs with MAC address in the MAC address table can access this AP Reject All PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table 141 MAC address filtering Filtering type Disable MAC address table Item MAC address Ex 22 22 22 22 22 22 MAC address 1 _Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 _Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 Delete i MAC address 14 Delete MAC address 15 Delete
93. 255 255 255 0 DHCP Server v DHCP Server Parmeters Primary DNS Address 168 95 E fi Secondary DNS Address l J IP Pool Starting Address A F 100 IP Pool Ending Address gt 200 Lease Time Halfhour v Figure 3 9 19 3 9 3 2 AP WLAN Settings User can change the local network settings from LAN Configuration for ath4 interface which include the IP address Subnet mask Gateway and DHCP server related settings Network IP Parameters User can change the network settings of this interface from LAN configuration it is including IP address Subnet mask Gateway address and enable disable the DHCP server Function DHCP Server Parameters Primary DNS Address The domain name servers option specifies a primary Domain Name System servers available to the client Secondary DNS Address In same case user can specifies a secondary Domain Name System servers available to the client IP Pool Starting Ending Address The range of IP addresses which can be assigned to the client 184 Lease Time How long does the IP address can be leased by DHCP server LAN Setting Network IP Parameters IP Address 192 168 24 A 1 Subnet Mask 255 255 255 10 DHCP Server v DHCP Server Parmeters Primary DNS Address 1668 38 St E Secondary DNS Address a IP Pool Starting Address J 100 IP Pool Ending Address i J 200 Lease Time Halfhour Figure 3 9 20 3 9 3 3
94. 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of firmware Firmware Update Current Firmware information Version IWP 2000 68 w0 1 4 Date 2010 04 13 Using TFTP NEXT Using WEB NEXT Using FTP Figure 3 3 3 Using TFTP On any computer in the network oracompute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP server utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn off the Access Point while firmware is upgrading 36 Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY g
95. 32ms ACM OEnable Disable Figure 3 3 32 51 3 3 4 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 3 4 1 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario gt General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those interfaces PCs with MAC address in the MAC address table can access this AP Reject All PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table MAC address filtering Filtering type Disable v MAC address table Item MAC address Ex 22 22 22 22 22 22 MAC address 1 Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 Delete MAC
96. 36 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8002 state forwarding designated root 8000 002648000edf path cost 100 designated bridge 8000 002648000edf message age timer 2813 32 designated port 8002 forward delay timer 2812 37 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes EDIT pen konn id 8003 state forwarding designated root 8000 002648000edf path cost 100 designated bridge 8000 002648000edf message age timer 2813 34 designated port 8003 forward delay timer 2812 38 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8004 state forwarding designated root 8000 002648000edf path cost 100 designated bridge 8000 002648000edf message age timer 2813 34 designated port 8004 forward delay timer 2812 38 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port no mac addr is local ageing timer 1 00 13 a9 2a be 78 no 0 09 3 00 26 48 00 0e df yes 0 00 4 00 40 C7 f0 00 f8 yes 0 00 1 00 40 cf 00 00 22 yes 0 00 2 00 40 cf 00 00 33 yes 0 00 End of Statu w Figure 3 7 13 3 7 1 7 WIFI Status In this page user could see the WIFI information of this device such as Interface information Security information Associated AP Station 133 WIFI Status WIFI Interfaces ath0 ath4 atho auu IEEE 202 118 ESSID A1 APO Nickname Mode Master Frequency 2 452 GHz Access Point 00 26 48 00 0E C2 Bit Rate 0 kb s Tx Power 18 dBm Sensit
97. 55 STA Tx Video 7 ki TXOP 47 1 255 x32ms ACM OEnable Disable e CWmin 7 w CWMax 15 v AIFS 1 1 255 STA Tx Voice gt i A TXOP 94 1 255 x32ms ACM OEnable Disable Figure 3 9 32 3 9 5 2 WIFI MESH Setting General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that you want to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the operating frequency channel for this device Radio Power On vi Wireless Mode 802 11 b g SSID A1 APO SSID Hide On Of Country Asia Pacific w Channel 9 v Figure 3 9 33 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Bea
98. 8 cron notice crond 2844 USER root pid 3454 cmd web server www htm Apr 13 00 00 14 MyP 2000 68 auth notice root 192 168 1 10 login Apr 13 00 00 00 IWP 2000 68 user info web server flash setup sh web server flash setup sh Apr 13 00 00 00 IWP 2000 68 user info date 041300002010 00 Apr 13 00 00 00 IWP 2000 68 user info Tue Apr 13 00 00 00 UTC 2010 Apr 13 00 00 05 IWP 2000 68 user info Terminated Apr 13 00 00 03 IWP 2000 68 user info Killed Apr 13 00 00 03 IWP 2000 68 user info Terminated Apr 13 00 00 00 IWP 2000 68 user info kernel brO port 1 eth1 transitioning to FORWARDING s Apr 13 00 00 00 MVP 2000 68 user info kernel brO port 2 ethO transitioning to FORWARDING s Apr 13 00 00 00 IWP 2000 68 user info kernel brO port 3 ath0O transitioning to FORWARDING s Apr 13 00 00 00 IWP 2000 68 user info kernel brO port 4 ath4 transitioning to FORWARDING s Apr 13 00 00 00 MVP 2000 68 user info kernel brO port 1 ethi transitioning to LEARNING sta Apr 13 00 00 00 IWP 20Q00 68 user info kernel brO port 2 eth0O transitioning to LEARNING sta Apr 13 00 00 00 IWP 2000 68 user info kernel brO port 3 ath0 transitioning to LEARNING sta Apr 13 00 00 00 IWP 2000 68 user info kernel brO port 4 ath4 transitioning to LEARNING sta lt gt E Figure 3 8 15 v 3 8 1 9 System time Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is Synchronize with an I
99. AC address 1 Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 _Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 _Delete MAC address 14 Delete MAC address 15 Delete Figure 3 2 26 3 2 5 SNMP The IWP 2000 68 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 2 5 1 Basic Setting SNMP Agent Check the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants Lantech Wireless View to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location It is used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s SNMP community settings on this page Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the name of community for the SNMP manager SNMP Community provides a simple protection by using the community name to control the access to the SNMP The comm
100. Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 8 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a v z A Z or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese gt Model OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To set this device as a router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID AP_WDS_BRG To set this device as a WDS device with AP function AP4_WDS_BRG To set this device as WDS device with AP function and support up to 4 SSID 149 Administrator Settings Device Name Name WP 2000 68 0 9 AZ az or n Language Select Language English vw O OLSRAP AODV_AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP AP WDS BRG 8 A
101. CB functions VLAN AP To set this device as a VLAN device Each AP can has it s own VLAN ID AP_WDS_BRG To set this device as a WDS device AP4_WDS_BRG To set this device as WDS and AP device 204 Administrator Settings Device Name Nene IWP 2000 68 0 9 AZ a z onn Language Select Language English Model Select OLSRAP AODV_AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP QO AP_WDS_BRG AP4 WDS BRG Password Settings Current Password Password 3 12 Characters Re type Password Idle Time Out 999 1 999 minutes Remote Management Enable C Henabled only the following PC can manage this AP IP Address Figure 3 1 0 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just click on lt Enable gt button and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by Lantech Wireless View Lantech Wireless View will monitor the WIFI loading when the loading is over this
102. D assigned by the manufacturer of the network adapter 3 4 5 1 IP Filtering User can block certain client PCs from accessing this AP based on its IP address If enabled user should also configure the IP Filtering Address This option is only available in router and MESH modes IP Filtering Enable Disable IP Filtering IP Address Enter the Network IP Address and press lt Apply gt to filter IP Filtering Disable O Enable Category IP Address Delete IP Address 1 iY IP Address 2 IP Address 3 IP Address 4 IP Address 5 IP Address 7 O i i Oo Oo o i i S e o e e Z S e e e e 2 je oO oO o D Oo oO oO D J IP Address 6 i IP Address 8 IP Address 9 O Q g IP Address 10 o o pa IP Address 11 O ka pa IP Address 12 O o a IP Address 13 o ka R o ka R IP Address 14 IP Address 15 O o R Figure 3 4 34 3 4 5 2 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario gt General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those interfaces PCs with MAC address in the MAC address table ca
103. ESH Admin Setting The MESH is Enabled TCredundancy I2 Pollrate 0 50 MPRcoverage 5 Willingness a LQlevel ko LQwinsize 10 Fisheye Enable Disable HNA Entry Enable Disable Security Disable w Security Key Figure 3 9 23 3 9 4 3 OLSR ROUTES OLSR routes in kernel Destination Gateway Metric ETX Interface Type 192 168 2 15 192 168 2 15 1 3 25 athOd HOST 0 0 0 0 0 0 0 0 192 168 2 15 1 3 25 athOd HNA Destination The node that packet is sent to Gateway The route packets via which gateway Metric The distance to the target usually counted in hops ETX the ETX value for this link calculated by ETX 1 ILQ x LQ Interface the device interface the packets go through Type HOST means that it s belong to node s routing tables HNA means that node can connect to internet via this routing path 187 Dual WLAN Device MESH ROUTES Destination Gateway Metric ETX Interface Type 192 163 2 3 192 168 2 3 1 3 24 ath HOST 192 168 2 5 192 163 2 3 P 20 15 ath HOST 192 168 4 0 192 168 2 3 1 3 24 athl HNA 192 168 6 0 192 168 2 3 vi 20 15 athl HNA Figure 3 9 24 3 9 4 4 OLSR LINKS gt LINKS Local IP Remote IP LQ lost total NLQ ETX 192 168 0 2 192 168 0 1 1 000 0 100 1 000 1 00 This table contains the links to our neighbors It contains the following columns Local IP The IP address of the interface that have contacted to the neighbor Remote IP The IP address of the neighbor LinkQuality T
104. I Interfaces to see each WIFI information of this device such as Interface information Security information Associated AP Station The Figure 3 5 13 shows the ath3 ath7 CB interface is waiting for connecting to an AP WIFI Status WIFI Interfaces ath3 ath7 Interface ath3 Waiting for Connecting Figure 3 5 13 The Figure 3 5 14 shows that the ath3 ath7 CB model has connected to an AP and display the relevant information WIFI Status Sa es WIFI Interfaces ath3 ath7 IEEE 802 11bg ESSID OW 1000 1 Nickname Mode Managed Frequency 2 417 GHz Access Point 00 40 C7 EF 00 28 Bit Rate 36 Mb s Tx Power 16 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 69 70 Signal level 24 dBm Noise level 93 dBm Rx invalid nwid 26463 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Mode Disable MAC Address 00 40 C7 EF 00 28 Figure 3 5 14 3 5 1 7 Log In this page user could see the system logs record of this device Logs System Logs A Apr 13 00 05 11 MP 2000 68 daemon info avahi daemon 2838 Registering new address record for Apr 13 00 05 11 IWP 2000 68 daemon info avahi daemon 2838 New relevant interface ath7 IPv fo Apr 13 00 05 11 MVP 2000 68 daemon info avahi daemon 2838 Joining mDNS multicast group on int Apr 13 00 05 08 MVP 2000 68 daemon info avahi daemon 2838 Withdra
105. I ath6 Setting WIFI ath7 Setting V FILTER e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 3 6 1 System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System time and Reboot screen as shown in Figure 3 6 1 106 Dual WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 6 1 3 6 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 6 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a v z A w Z or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese gt Model OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To set this device as a ro
106. IFS 1 1 255 STA Tx Voice TXOP 94 1 255 x32ms ACM OEnable Disable Figure 3 10 27 3 10 5 2 WIFI MESH Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that you want to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the operating dezi for this device Radio Power On Wireless Mode 802 11 b g SSID A1 APO SSID Hide COn or Country Asia Pacific Channel 9 Figure 3 10 28 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment T
107. Lantech IWP 2000 68 802 11a b g Dual Radio Outdoor Multi Function Wireless Access Point User s Manual IWP 2000 68 User s Manual Release 1 0 Table of Contents Caution isi ai kt a e a a a a a a a ok SE n a a a a a FD a m a u dada vi Te AMEPOGUCHION aan a ites at a nine ak an ileal eles cathe shells soles 2 1 1 Overview Of IWP 2000 68 cccccceenseeseeeesceeeeseeseeeseeeeeneeeesenseenanes 2 1 2 Specification svi i ive ak kan kek asa e kk ken n kane a k AA k ae ka SA a ADA ee ad RWA ke AAA a 3 1 3 Package ontentS 5 wit kite ea wk oi kk a e e a a e n ak n a a a a a e S A AD 5 Zo LANS CAAT ONI ba at of ka a A n a a ka ons a si Ey a a a A a a a aN 6 2 1 Full View of IWP 2000 68 e nan annan annan aaa aanaaaansaasssaanssannsannnnnnnono 6 2 2 Full View of POE Injector L kte nt nna annan nannan aaanaaaanaannasannasnansannnnnnnnnn 7 2 3 Mount Kit for IWP 2000 68 t tt kk kann n an nn nan nannan nannan anne nana taannnaaannnnnnnn 7 2 4 System REQUIFEMENUSs e ek sik ai nan ak kako sa ns nie sine sin aks kase aan sante sand ini aakn 8 2 41 POE TNJ CEON iii kite aa a a a aa a a a n a a aa n a a a e ka staan 8 2 4 2 Preparing Installation kt et knn nn nan nn knn nn nannan annan nana nannan anannnnannnnn 9 3 Operation of Web based Management eeetteatraaeerrraraaseanonnnoonn 10 3 1 Basic COnfiqgquratiON aie k aka wan va kak a a a a a a a a kk a A 10 3 2 AP Bridge Mode 4e se ice ie dc ida aids eae
108. Ler Remote Backup Settings Restore settings Figure 3 5 4 gt Restore Factory Default Configuration To reset configuration settings to the factory default values just click on lt NEXT gt button beside Restore Factory Default Configuration Restore Factory Default Configuration NEXT Figure 3 5 5 Then click on Restore button on next page now the system will reset to factory default value Restore Factory Default Restore Figure 3 5 6 Local Backup Settings Restore settings To backup or restore the configuration for this device Click on lt NEXT gt button beside Local Backup settings Restore settings Local Backup Settings Restore settings NEXT Figure 3 5 7 Click on Backup Settings button on next page to save the settings of this device to a file named configs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process Backup Settings Backup Settings Restore Settings Figure 3 5 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on NEXT button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 5 9 Enter the necessary setting in next page then click on Backup
109. M Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory QoS Setting On AP WMM Enable Disable MAX Associated Station 132 1 2007 AP Tx Best Effort CWmin 2047 w CWMax 4095 7 AIFS 2 1 255 Burst 0 0 AP Tx Background CWmin 15 v CWMax 1023 vy AIFS 7 1 255 Burst 0 0 AP Tx Video CWmin 7 v CWMax 7 AIFS 1 1 255 Burst 1 5 AP Tx Voice CWmin 7 CWMax 15 v AFS 1 1 255 Burst 3 0 See Cwmin 7 v CWMax 1023 AIFS 2 1 255 TXOP 64 1 255 x32ms ACM OEnable Disable STA Ta Background CWmin 15 CWMax 1023 _ AIFS 7 a 255 TXOP 1 1 255 x32ms ACM OEnable Disable CWmin 7 CWMax 7 AIFS 1 1 255 STATxVid loa TXOP 47 1 255 x32ms ACM OEnable Disable CWmin 7 v CWMax 15 AIFS 1 1 255 TXOP 94 1 255 x32ms ACM OEnable Disable Figure 3 4 33 STA Tx Voice 76 3 4 5 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique I
110. MM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters CWmin Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmin must be lower than the value for CWmax CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate The parameters will be used by WMM clients for frames transmitted to
111. P Address Threshold 15 5 25 Mb sec Figure 3 2 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by Lantech Wireless View Lantech Wireless View will monitor the WIFI loading when the loading is over this value Lantech Wireless View will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 2 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 2 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of the firmware Firmware Update Current Firmware information Version IWWP 2000 68 v0 1 4 Date 2010 04 13 Using TFTP Using WEB NEXT Using FTP Figure 3 2 3 Using TFTP On any computer in the ne
112. P4 WDS BRG Password Settings Current Password Password 3 12 Characters Re type Password Idle Time Out 999 1 999 minutes Remote Management Enable C Wenabled only the following PC can manage this AP IP Address Figure 3 8 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by Lantech Wireless View Lantech Wireless View will monitor the WIFI loading when the loading is over this value Lantech Wireless View will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 8 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 8 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of firmware 150
113. PA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Authentication WPA personal WPA MODE WPA vi Share Key 123456789 8 63 characters WPA Encryption Auto Figure 3 4 26 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter their account and password to pass the authentication SSID Security Mode Authentication WPA enterprise WPA MODE av Share Key 1234567 8 63 characters WPA Encryption Auto Yi Account F3000 Password F3000 Figure 3 4 27 Please Note In wifi station model the security setting must be same as the AP that user wish to connect 3 4 4 3 WIFI ath4 7 Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide
114. Restore settings To backup or restore the configuration for this device Click on lt NEXT gt button beside Local Backup settings Restore settings Ler Local Backup Settings Restore settings Figure 3 10 7 Click on lt Backup Settings gt button on next page to save the settings of this device to a file named configs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process Backup Settings Backup Settings Restore Settings Figure 3 10 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on NEXT button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 10 9 Enter the necessary setting in next page then click on Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFIP FTP TFTP or FTP Server IP LI LI LI Firmware Filename in server configs tar FTP Username FTP Password Figure 3 10 10 3 10 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control WAN Port AODV Status ethO LAN Port MESH WIFI Status AP WIFI 2
115. S e WIFI athO Setting e WIFI ath4 Setting V FILTER e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 3 7 1 System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control Bridge Status WIFI Status Log System time and Reboot screen as shown in Figure 3 7 1 126 Dual WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 7 1 3 7 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 7 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a v z A w Z or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese Model OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To set th
116. Setting WIFI ath4 Setting WIFI ath5 Setting WIFI ath6 Settina WIFI ath Setting 3 2 3 1 Dual WLAN Device Wireless You can set the wireless releated setting here Figure 3 2 19 WIFI athO 7 Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the danm kamion for this device Radio Power On w Wireless Mode 802 11 b g SSID A1_APO SSID Hide OOn Off Country North America Area v Channel 9 M Figure 3 2 20 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Deli
117. Settings gt button to start the restore settings process 152 Backup Settings Backup Settings Restore Settings Figure 3 8 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on lt NEXT gt button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 8 9 Enter the necessary setting in next page then click on Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFIP FTP TFTP or FTP Server IP L L L Firmware Filename in server configs tar FTP Username FTP Password Backup To Server Restore From Server Figure 3 8 10 3 8 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control Bridge LAN port AP WIFI 1 Status AP WIFI 2 Status 153 Current Firmware Version IWP 2000 68 vy0 1 8 Device Name IwP 2000 68 System Model AP WDS BRG Wed Nov 3 03 24 06 2010 192 168 1 1 MAC Address 00 26 48 00 0e df 255 255 255 0 802 11 a COUNTRY North_America_Area CHANNEL Auto DTIM 1 FRAG 2346 RTS 2346 BEACON 100 DISTANCE A1 APO Security off Radio off off 802 11 a COUNTRY North_America_Area CHANNEL DTIM 1 FRAG 2346 RTS 2346 BEACON 100 DIST SSID A2_AP4 Secu
118. Status 208 Status Current Firmware Version IWP 2000 68 0 1 8 Device Name IWP 2000 68 System Model AODV AP System Time Wed Nov 3 01 16 31 2010 eth0 PoE Disabled IP Address 192 168 1 1 MAC Address 00 40 cf00 00 22 Mask 255 255 255 0 Gateway NA AODV Actived IP Address 192 168 0 1 MAC Address 00 40 c 00 00 33 Mask 255 255 255 0 MODE 802 11 a COUNTRY North_America_Area IP Address 192 168 2 1 MAC Address 00 26 48 00 0e df Mask 255 255 255 0 SSID A1 APO Security Disabled MODE 802 11 a COUNTRY North_America_Area IP Address 192 168 24 1 MAC Address 00 40 c7 f6 00 f8 Mask 255 255 255 0 SSID A2_AP4 Security Disabled Figure 3 10 11 3 10 1 5 Power Control In this page user can enable the ethO port to provide PoE power and data forwarding function Power Control Status PoE Power Control etho port OEnable Disable Figure 3 10 12 209 3 10 1 6 WIFI Status In this page user could see the WIFI information of this device such as Interface information Security information Associated AP Station WIFI Status ath0 WIFI Interfaces ath4 Interface Information IEEE 802 11bg ESSID A1 APO Nickname Mode Master Frequency 2 452 GHz Access Point 00 40 C7 FB 00 F8 Bit Rate 0 kb s Tx Power 16 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 0 70 Signal level 97 dBm Noise level 97 dBm Rx invalid nwid
119. To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFIP FTP TFTP or FTP Server IP LI LI L Firmware Filename in server configs tar FTP Username FTP Password Figure 3 5 10 3 5 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control ethO LAN Port ehti LAN Port Station WIFI 1 Status and Station WIFI 2 Status 89 Current Firmware Version IWP 2000 68 v0 1 8 Device Name IWP 2000 68 System Model CB CB ROUTE System Time Wed Nov 3 00 13 14 2010 eth0 PoE Disabled IP Address 192 168 23 1 Mask 255 255 255 0 Gateway NA DHCP Disabled IP Address 192 168 0 1 MAC Address 00 40 c 00 00 33 Mask 255 255 255 0 DHCP Disabled IP Address 192 168 1 1 MAC Address 00 40 cf 00 00 22 Mask 255 255 255 0 IP Address 192 168 23 1 MAC Address 00 26 48 00 0e df Mask 255 255 255 0 DHCP Disabled ssio AL AP3 Security Disabled MODE 802 11 a IP Address 192 168 27 1 MAC Address 00 40 c7 fb 00 f8 Mask 255 255 255 0 DHCP Disabled ssiD A2 AP7 Security Disabled Figure 3 5 1 1 3 5 1 5 Power Control Status In this page user can enable the ethO port to provide PoE power and data forwarding function Power Control Status PoE Power Control etho port OEnable Disable Figure 3 5 12 90 3 5 1 6 WIFI Status In this page user can click WIF
120. _ Restore From Sener __ Figure 3 7 10 3 7 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control Bridge LAN port AP WIFI 1 Status AP WIFI 2 Status 131 Status Current Firmware Version IWP 2000 68 v0 1 8 Device Name IWP 2000 68 System Model AP WDS BRG System Time Wed Nov 3 00 40 55 2010 eth0 PoE Disabled IP Address 192 168 1 1 MAC Address 00 26 48 00 0e df Mask 255 255 255 0 MODE 802 11 a COUNTRY North_America_Area Figure 3 7 11 3 7 1 5 Power Control Status In this page user can enable the ethO port to provide PoE power and data forwarding function Power Control Status PoE Power Control etho port OEnable Disable Figure 3 7 12 132 3 7 1 6 Bridge Status In this page user could see the bridge interfaces information of this device such as interface information STP ststus mac address information etc Bridge Status Bridge brO Bridge STP State off bridge id 8000 002648000edf designated root 8000 002648000edf root port 0 path cost 0 max age 20 00 bridge max age 20 00 hello time 2 00 bridge hello time 2 00 forward delay 15 00 bridge forward delay 15 00 ageing time 300 00 hello timer 0 00 ten timer 0 00 port id 8001 state forwarding designated root 8000 002648000edf path cost 19 designated bridge 8000 002648000edf message age timer 2813 31 designated port 8001 forward delay timer 2812
121. able to the client IP Pool Starting Ending Address The IP Address range which will be assigned Lease Time How long does the IP address can be leased by DHCP server 182 WAN Setting Network IP Parameters IP Address 192 168 E DL Subnet Mask 255 255 255 10 Gateway Address 192 168 254 DHCP Server Enable wi Primary DNS Address 168 95 H 1 Secondary DNS Address e IP Pool Starting Address z a 3 j 100 IP Pool Ending Address a 5 200 Lease Time Halfhour v Figure 3 9 17 3 9 2 2 Bandwidth Management This function allows user to set the limitation of total upload download bandwidth on WAN interface and also can set the limitation of upload download bandwidth for each user or a group of users by IP address gt Bandwidth Management Bandwidth Management Enable bandwidth limitation function Upload Bandwidth The total upload bandwidth in Mbps Download Bandwidth The total download bandwidth in Mbps Bandwidth Limitation Action To set the action type of bandwidth limitation The options available here are disable upload download and upload download Start IP Address To set the start IP of bandwidth limitation End IP Address To set the end IP of bandwidth limitation Bandwidth Limitation To set the bandwidth in Kbps of bandwidth limitation User can press lt Add gt button to add IP address to the Bandwidth Limitation list User can tick th
122. abled user should also configure the IP Filtering Address This option is only available in router and MESH modes IP Filtering Enable Disable IP Filtering IP Address Enter the Network IP Address and press lt Apply gt to filter IP Filtering IP Filtering Disable O Enable Category IP Address Delete IP Address 1 a IP Address 2 IP Address 3 IP Address 4 L IP Address 5 IP Address 6 Po Delete IP Address 7 IP Address 8 Delete IP Address 9 Delete IP Address 10 Delete IP Address 11 Delete IP Address 12 Delete IP Address 13 Delete IP Address 14 Delete IP Address 15 Delete Figure 3 10 31 3 10 7 2 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario 222 gt General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those interfaces PCs with MAC address in the MAC address table can access this AP Reject Only PCs interfaces with MAC addresses in the following MAC address table are included in the filtering list In other words all PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table MAC address filtering Filtering type Disable
123. access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the name of community for the SNMP manager 78 SNMP Community provides a simple protection by using the community name to control the access to the SNMP The community name can be thought of as a password If user don t have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community gt V3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access righ
124. ad download bandwidth for each user ora group of users by IP address Bandwidth Management Bandwidth Management Enable bandwidth limitation function Upload Bandwidth The total upload bandwidth in Mbps Download Bandwidth The total download bandwidth in Mbps Bandwidth Limitation Action To set the action type of bandwidth limitation The options available here are disable upload download and upload download Start IP Address To set the start IP of bandwidth limitation End IP Address To set the end IP of bandwidth limitation Bandwidth Limitation To set the bandwidth in Kbps of bandwidth limitation User can press Add button to add IP address to the Bandwidth Limitation list User can tick the check box and press Del button to delete the IP address from the Bandwidth Limitation list Bandwidth Management Bandwidth Management Bandwidth Management Enable Disable Upload Bandwidth 54 Mbps Download Bandwidth 54 Mbps Action Start IP Address End IP Address Bandwidth Limitation Kbps 1 CF Up Download 192 168 1 2 2 168 1 30 3000 Action Start IP Address End IP Address Bandwidth Limitation Kbps Up Download x 0 0 0 0 0 0 0 0 200 Figure 3 10 17 212 3 10 3 LAN Configuration 3 10 3 1 EthO Settings Network IP Parameters User can change the network settings of this interface from LAN configuration it is including IP address S
125. address 14 Delete MAC address 15 Delete Figure 3 2 32 3 3 5 SNMP The IWP 2000 68 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 3 5 1 Basic Setting SNMP Agent Check the lt Enable gt check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants 52 Lantech Wireless View to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location It is used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s SNMP community settings on this page Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the name of community for the SNMP manager SNMP Community provides a simple protection by using the community name to control the access to the SNMP The community name can be thought of as a password If user don t have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community v3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a comb
126. adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a 115 number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values
127. ame of community for the SNMP manager SNMP Community provides a simple protection by using the community name to control the access to the SNMP The 100 community name can be thought of as a password If user don t have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community gt V3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access ri
128. an usm account and assign access rights by VACM 198 SNMP Basic Settings SNMP Agent Enable System Information Contact IContact me Location ll am here V1IV2C IndexAccess Right Community 1 2 3 4 5 Deny b Deny S Deny vi Deny vi Deny vi Auth Privacy Access Protocol Right DES v unused unused unused unused unused Security Level Type Auth Passphrase Priv Passphrase AuthPriv v AuthPriv v AuthPriv v MD5 v lt AuthPriv AuthPriv 4 lt lt lt THEM SH FINE o m a i j MD5 DES Figure 3 9 38 3 9 7 2 VACM Setting You can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that you can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options You can use this token to give SNMPv3 security privileges to SNMPv
129. and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold 159 Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie 0 9 a f User can set m
130. ansmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold 190 RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie 0 9 avf User can set maximum 4 keys but only one key will functional at one time Advanced Setting Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto v Rate 54 Y Mbits v Fixed Layer 2 Isolation Disable Enable Key 1 eeeee WEP Key Sett
131. ared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal v WPA MODE WPA amp WPA2 Share Key 123456789 e 63 characters WPA Encryption Auto vi we Group Key Update Interval 600 30 65535 Figure 3 10 25 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here SSID Security Mode Authentication WPA enterprise hs WPA MODE WPA Share Key Li 7 3456789 _ WPA Encryption Auto Group Key Update Interval 600 30 65535 802 1x Primary Radius Server AuthenticatoinServer 192 168 L1 80 1812 SharedSecret secret Backup Radius Server Optional Authenticatoin Server L m Shared Secret Figure 3 10 26 Qos WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters CWmin Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmin
132. ate is set to 0 2 The default value is 0 5 TC redundancy 0 1 2 This value controls the TC redundancy used by the local node in TC message generation If set to 0 the advertised link set of the node is limited to the MPR selectors If set to 1 the advertised link set of the node is the union of its MPR set and its MPR selector set If set to 2 the advertised link set of the node is the full symmetric neighbor set of the node The default value is O MPR coverage 1 n This value decides how many MPRs a node should attempt to select for every two hop neighbor The default value is 5 LQ level 1 2 This setting decides the Link Quality scheme to use If set to O the link quality is not regarded and mesh system runs in OLSR mode RFC3626 If set to 1 the link quality is used when calculating MPRs If set to 2 the route will also be calculated based on distributed link quality information This option should therefore only be set to 1 or 2 if such a setting is used by all other nodes in the network The default value is to 2 Please note that if LQ level is set to 1 or 2 the mesh will not compatible with RFC3626 LQ winsize 1 n The total number of packets received up to now This value starts at 0 immediately after a link has come alive and then counts each packet It is capped at the link quality window size The default value is 100 Willingness 0 7 Nodes participating in an OLSR routed network will announce thei
133. authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANS defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP B WEP Encryption Open ORestricted KEY KEY 2 O Select Key KEY 3 KEY 4 Figure 3 10 24 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPAZ is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the 217 length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre sh
134. aximum 4 keys but only one key will functional at one time Advanced Setting Auto v PeerNode Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto Rate 54 Mbit s Fixed Layer 2 Isolation Disable Enable Key 1 eeeee WEP Key Setting Key 2 eeeee Key 3 CLIT Key 4 esooo Figure 3 8 21 WDS MAC Address Setting MAC Address In WDS function user should enter the MAC address that indicates which AP to connect to WDS MAC Address Setting MAC Address 1 Delete MAC Address 2 Delete MAC Address 3 Delete MAC Address 4 Delete Figure 3 8 22 Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are 160 transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key you would like to use for this AP Authentication
135. ays hours and minutes 20 Time Setting Select Setting Type Setting by 9 Manual Setting Synchronize with an Internet Time Server Current System Time Tue Apr 13 00 44 23 UTC 2010 Manual Setting Year Month Day 2010 4 vi 13 vi CYear 1900 2037 Hour Minute Second 100 00 00 Hours from GMT 8 v Hours Server IP 140 142 16 34 Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every 0 _ days 0 31 0 hours 0 23 10 minites 0 59 Figure 3 2 16 3 2 1 10 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the lt Reboot gt button and click on lt OK gt on pop up screen to confirm user s decision Reboot Access Point After you change the setting or in the event that the Access Point stops responding correctly or in some way stops functioning you can perform a Reboot To perform the Reboot click on the Reboot button below Yoi eat ba anid k Conii yon decision Reboot NOTE Some of the ANTI VIRUS shield programes may block the following WEB page Please wait for a while then reconnect this device Figure 3 2 17 3 2 2 LAN Configuration Interface brO Setting IP Authentication Indicate how the IP address of this device will be assigned There are two options available here
136. be set on all RREQ s Active Hellos Send HELLOs or not when forwarding data Unidir Hack Detect and avoid unidirectional links Hello Interval The time interval of sending HELLO packet Expanding Ring Rearch Expanding ring search for RREQs On or Off Local Repaire Enable local repair repair routing table Net Diameter Net diameter it measures the maximum possible number of hops between two nodes in the network Node Travesal Time It is a conservative estimate of the average one hop traversal time for packets and should include queuing delays interrupt processing times and transfer times Active Route Timeout It is the lifetime of an active route The unit is msec Select the mobility of nodes on aodv network Static active_route_timeout will set as 15000 Dynamic active_route_timeout 3000 Manual user can enter the value manually Advance Setting Timeout Buffer Its purpose is to provide a buffer for the timeout so that if the RREP is delayed due to congestion a timeout is less likely to occur while the RREP is still en route back to the source Wait On Reboot Wait on reboot delay then begin to run rec tx packages 3 10 5 Wireless User can set the wireless related setting here WIFI AP Setting WIFI MESH Settir ng Dual WLAN Device Wireless You can set the wireless releated setting here Figure 3 10 21 3 10 5 1 WIFI AP Setting General Radio Power Turn this interface on or off 215
137. ble MAC address table Item MAC address Ex 22 22 22 22 22 22 MAC address 1 _Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 L Delete MAC address 14 Delete MAC address 15 Delete Figure 3 9 37 3 9 7 SNMP The IWP 2000 68 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 9 7 1 Basic Setting SNMP Agent Check the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants Lantech Wireless View to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location It is used to define the location of the host on which the SNMP agent is running 197 V1 V2C User can change user s SNMP community settings on this page Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the name of community for th
138. choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANS defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP vi WEP Encryption G Open ORestricted G A select Key key OKEY O KEY 3 KEY 4 Figure 3 3 29 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPA2 is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the
139. con intervals between Delivery Traffic Indication Message DTIM Enter a 194 number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie O 9 avf User can set maximum 4 keys but only one key will functional at one time Advanced Setting Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Thre
140. d If set to WDS it will include 4 MAC address while transmit the data through Wireless Bridge It is only available on bridge mode in station interface If the AP to associate does not support 4 WAY HANDSHAKE the Ethernet client should be selected Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the ke
141. d Start ODisable Enable Warm Start ODisable Enable Link Up O Disable Enable Link Down ODisable Enable Auth Fail ODisable Enable Log In ODisable Q Enable Figure 3 7 32 3 7 6 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Ping IP Count 3 Disable Enable Figure 3 7 33 3 7 7 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 7 34 147 3 8 AP4 WDS Bridge Mode To set this device as a WDS device the setting and functions as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control Bridge Status WIFI Status Log System time Reboot V LAN e Bridge LAN settings V WIRELESS e WIFI athO Setting WIFI ath4 Setting WIFI ath5 Setting WIFI ath6 Setting WIFI ath7 Setting V FILTER e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 3 8 1 System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control Bridge status WIFI Status Log System time and Reboot screen as shown in Figure 3 8 1 148 Dual WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 8 1 3 8 1 1
142. d are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table Security Model Security Level Write Notify generic v any NoAuthNoPriv generic generic generic genericusm Y usm AuthPriv v all all v all generic v any NoAuthNoPriv all v v a v all v all b generic lany w NoAuthNoPriv v all fai vi au w v generic v any NoAuthNoPriv all Figure 3 5 33 all vi all v 3 5 6 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system gt SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address amp Port The IP and Port of a device to receive traps Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoPriv AuthPriv 104 SNMP Trap Trap Active GDisable Enable vl v2c Trap Index Version IP Address Port Community Version 1 192 1168 ME M21 4162 public Disable
143. dard 1 2 Specification Data Rates 802 11b 1 2 5 5 11Mbps 802 11g 6 9 12 18 24 36 48 54 Mbps 802 11a 6 9 12 18 24 36 48 54 Mbps Standards IEEE802 11 a b g IEEE802 1x IEEE802 3 IEEE802 3u lI EEE802 3af Power Active Ethernet Power over Ethernet 48 VDC 1A Requirements External Power Unit Auto sensing 100 240 VAC 50 60 Hz Regulation FCC CE by request IP68 Certifications Hard Ware Information CPU Intel IXP 425 533MHz network processor Interface 1 RJ 45 Ethernet Port for POE input 1 RJ 45 Ethernet Port for POE power forwarding Flash 16MB RF Information Output power 802 11a 22dBm 6Mbps 1 5 2dBm 19 5dBm 36Mbps 20dBm 48Mbps 18dBm 54Mbps 802 11b 24 5dBmQ11Mbps 802 11g 24 5dBm 6 24Mbps 22 5dBm 36Mbps 21 5dBm 48Mbps 21dBm 54Mbps Sensitivity 802 11a 91dBm 6Mbps 72dBm 54Mbps Typical 802 11b 97dBm 1Mbps 88dBm 11Mbps 802 11g 91dBm 6Mbps 74dBm 54Mbps Networking Information Topology Ad Hoc Infrastructure Operation Model OLSR_AP AODV_AP AP Bridge AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP AP_WDS_BRG AP4_WDS_BRG 3 SSID Interface Security STP RSTP Qos Bandwidth limitation Multiple SSID Two 10 100Mbps RJ 45 LAN Ports e IEEE802 1x RADIUS Client TTLS PEAP Support in AP Mode e IEE802 1x Supplicant TTLS PEAP support in Client Bridge Mode e WPA WiFi Protected Access e WPA2 802 11i e WEP 64 128 bits e IP address filtering e MAC ad
144. default username and password are both admin For the first time to use please enter the default username and password then click the lt LOGIN gt button The login process now is completed To optimize the display effect we recommend user use Microsoft IE 7 or above FireFox 3 or above and have the resolution 1024x768 Web Access Procedures Now user can use web browser to configure IWP 2000 68 The following procedure explains how to configure each item Stepi Open your web browser and enter the IP Address 192 168 1 1 as default Wireless Access Point SETUP MENU Windows CO le 192 168 1 1 v Step2 Press lt ENTER gt key and the IWP 2000 68 Login screen will appear as shown in Figure 3 1 Wireless Access Point SETUP MENU Windows Internet Explorer GO E htty 192 168 1 1 YE fa fel 9 Google Jek File Edit View Favorites Tools Help k e Wireless Access Point SET f lap pv Ov Dual WLAN Device d Username Password Figure 3 1 Step3 Enter admin in the Username and Password fields and click lt LOGIN gt to enter the web configuration page as shown in Figure 3 2 This page includes all basic configurations for the Access Point The items are list in left hand side of the menu WLAN Device system System Setting This page includes all the basic configuration tools for the Access Point The options are in
145. dge no vi 2200000 210 iority 12 0 Port wdsj2 Cost o 2 10 8 Priority STP 0 255 RSTP 0 15 PtoP auto v Edge no vi 2300000 0 2 10 jority 13 STP 0 0 Port wdsi3 Cost 0 2 10 8 Priority STP 0 255 RSTP 0 15 PtoP auto v Edge no vi a 2400000 2710 jority 14 O DE Port wdsi4 Cost 2400000 _ 0 2 10 8 Priority STP 0 255 RSTP 0 15 PtoP auto v Edge no x Cost 2500000 0 2 1058 Priority 15 STP 0 255 RSTP 0 15 Port wdsj5 Sa 7 K ony K PtoP auto v Edge no vi 2600000 o 2 jority 15 STP0 255 0 Port wdsi6 Cost Q0 2 10 8 Priority STP 0 255 RSTP 0 15 PtoP auto Y Edge no vi 2700000 2 10 jority 15 0 0 Port wdsj7 Cost 0 2 10 8 Priority STP 0 255 RSTP 0 15 PtoP auto v Edge no vi Figure 3 7 18 3 7 3 Wireless User can set the wireless related setting here Dual WLAN Device Wireless You can set the wireless releated setting here WIFI athO Setting WIFI ath4 Setting Figure 3 7 19 136 3 7 3 1 WIFI athO and ath4 Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide
146. ding IP address Subnet mask and Gateway address LAN Setting En Network IP Parameters IP Address 192 168 fi fi Subnet Mask 255s __ l255__ 255s_ 0 Gateway Address fie2 168 Jo ja Figure 3 6 17 3 6 3 Wireless User can configure the wireless related settings in this page 114 Dual WLAN Device Wireless You can set the wireless releated setting here Figure 3 6 18 3 6 3 1 WIFI athO 7 Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g VLAN ID It is only available in VLAN_AP model It is the VLAN tag value SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the operating irequency channe for this device Radio Power On Wireless Mode 802 11 b g VLAN ID 10 LAN ID 1 4094 SSID A1_AP0 SSID Hide OOn Of Channel 9 v Figure 3 6 19 Advanced Settings Peer Node Distance Set the distance between this device and it s
147. dress filtering e Layer2 Isolation e VLAN tunneling Support e Hide SSID e Rogue AP Scan STP RSTP WMM Traffic shaping by IP address in MESH and ROUTE mode Management Features IP Auto configuration SNMP LLDP NTP Remote Configuration Firmware Upgrade Max Client Network management Environmental Temperature Range Humidity non condensing DHCP client server V1 V2c V3 Link Layer Discovery Protocol Support NTP client Web based configuration HTTP HTTPS Upgrade firmware via WEB TFTP and FTP 32 users simultaneously per radio Lantech Wireless View e Operating 30 C to 80 C e Storage 40 C to 80 C 5 95 Typical 1 3 Package Contents Make sure that you have following items 1 1x IWP 2000 68 Outdoor Wireless Access Point unit 2 1x Power Cord 3 1x 100 240VAC 50 60Hz AC to 48V 1A Power Supply 4 1x Grounding wire 1 8m 5 1 x RJ 45 CAT 5 Cross over Ethernet cable 1 8m 6 1x RJ 45 CAT 5 Ethernet cable 30m 7 2 x Seals for cable 8 1x User manual CD 9 2 x 7dBi dual band Omni Antenna 10 2 x Pole mount kit and Screws pack 11 2 x Wall mount kit 1 Main Unit 2 Power Cord 3 48V 1A PoE 4 1 8m Grounding Injector wire gt 5 1 8m cable 6 30m cable 7 Seals for cable 8 User manual CD Vie 3 FA ea x l j GS j A A q i f j 9 Antenna 10 Pole mount kit and screws pack 11 Wall mount Kit ar OO E g g Please notify your sales represe
148. dwidth limitation Bandwidth Limitation To set the bandwidth in Kbps of bandwidth limitation User can press lt Add gt button to add IP address to the Bandwidth Limitation list User can tick the check box and press lt Del gt button to delete the IP address from the Bandwidth Limitation list Bandwidth Management Bandwidth Management Bandwidth Management O Enable Disable Upload Bandwidth 54 Mbps Download Bandwidth s4 Mbps Action Start IP Address End IP Address Bandwidth Limitation Kbps 1 O Up Download 301 Action Start IP Address End IP Address Bandwidth Limitation Kbps Up Download vi 0 0 0 0 00 00 200 Figure 3 5 19 3 5 3 LAN Configuration User can change the local network settings of this device from LAN Configuration for ethO and ethi which include the IP address Subnet mask Gateway and DHCP server related settings Network IP Parameters 93 User can change the network settings of this interface from LAN configuration it is including IP address Subnet mask and enable disable the DHCP server Function DHCP Server Parameters Primary Secondary DNS Address The domain name servers option specifies a list of Domain Name System name servers available to the client IP Pool Starting Ending Address The IP Address range which will be assigned Lease Time How long does the IP address can be leased by DHCP server LAN Setting Network IP Para
149. e Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table Security Model Security Level read Write Notify generic Mi any NoAuthNoPriv generic generic generic genericusm m usm AuthPriv vi all all generic b any NoAuthNoPriv all all Z Kale alk 2 alGl aa v v generic any NoAuthNoPriv v all al v v generic ma any NoAuthNoPriv all Figure 3 10 36 all 3 10 7 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address amp Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address amp Port The IP and Port of a device to receive traps Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoPriv AuthPriv 227 SNMP Trap Trap Active Disable Enable vl v2c Trap Index 0 Versio
150. e SNMP manager SNMP Community provides a simple protection by using the community name to control the access to the SNMP The community name can be thought of as a password If user don t have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community v3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be
151. e SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network Community The community name that is used Group Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting 102 Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is vi or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings Community to Security for V1 V2c Index Security Name IP Source Community Mi mypriv 127 0 0 1 public Group Name Security Model Security Name M1 generic vu A my priv v M2 genericusm usm Yi generic v MA o Mi mypriv x O4 vi S mypriv v D 5 i vi w mypriv v Figure 3 5 31 View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset Include Assign include or exclude
152. e and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 4 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 4 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings 61 Configuration Tools Restore Factory Default Configuration Ler Local Backup Settings Restore settings Ler Remote Backup Settings Restore settings Ler Figure 3 4 4 gt Restore Factory Default Configuration To reset configuration settings to the factory default values just click on lt NEXT gt button beside Restore Factory Default Configuration Restore Factory Default Configuration NEXT Figure 3 4 5 Then click on Restore button on next page now the system will reset to factory default value Restore Factory Default Figure 3 4 6 Local Backup Settings Restore settings To backup or restore the configuration for this device Click on lt NEXT gt button beside Local Backup settings Restore settings Local Backup Settings Restore settings NEXT Figure 3 4 7 Click on Backup Settings button on next page to save the se
153. e box and press the lt Add gt button to add it as a legal AP Re Scan Press lt WIFIx gt button to Re scan the APs nearby which are scanned by wifi card x x 1 or 2 Rogue Scan Rogue Enable Rogue Enable Enable O Disable Allow AP Del MAC Addr SSID Add MAC Addr SSID Re Scan weit Figure 3 5 23 3 5 4 2 WIFI ath3 and ath7 Settings gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in 95 user s wireless network In station mode CB this SSID must be same as the AP that user wish to connect User can either type in the SSID by themself or simply press the lt Scan gt button and select the AP form the popup list then click lt submit gt MAC Cloning This feature controls the MAC Address of the Wireless Bridge seen by other devices wired or wireless If set to Ethernet Client the MAC Address from the first Ethernet client that transmits data through the Wireless Bridge will be used When multiple Ethernet devices are connected to the Wireless Bridge it may not be obvious which MAC Address will be used If set to WDS it will include 4 MAC address while transmit the data through Wireless Bridge It is only available on bridge mode in station interface If the AP to associate does not su
154. e check box and press lt Del gt button to delete the IP address from the Bandwidth Limitation list Bandwidth Management Bandwidth Management Bandwidth Management O Enable Disable Upload Bandwidth 54 Mbps Download Bandwidth 54 Mbps Bandwidth Limitation List Action Start IP Address End IP Address Bandwidth Limitation Kbps 1 O UpDownload 192 168 1 2 68 1 3000 Add Bandwidth Limitation Action Start IP Address End IP Address Bandwidth Limitation Kbps Up Download v 0 0 0 0 0 0 0 0 200 Figure 3 9 18 183 3 9 3 LAN Configuration The Access Point must have an IP address for the wireless local area network User can also enable DHCP service to assign IP address to the wireless clients Please Note The DHCP service for MESH network is inhibited 3 9 3 1 EthO Settings Network IP Parameters User can change the network settings of this interface from LAN configuration it is including IP address Subnet mask and enable disable the DHCP server Function DHCP Server Parameters Primary Secondary DNS Address The domain name servers option specifies a list of Domain Name System name servers available to the client IP Pool Starting Ending Address The IP Address range which will be assigned Lease Time How long does the IP address can be leased by DHCP server LAN Setting Network IP Parameters IP Address 192 168 o 1 Subnet Mask
155. e on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the operating frequency channel for this device 47 Radio Power On vi Wireless Mode 802 11 b g SSID JA1 APO SSID Hide Oon Gof Country North America Area v Channel o9 Mi Figure 3 3 27 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragmen
156. ecurity Level Type Auth Passphrase AuthPriv v AuthPriv v AuthPriv v MD5 v lt AuthPriv AuthPriv 4 lt lt lt THEM SH FINE o m a i j MD5 DES Figure 3 7 27 3 7 5 2 VACM Setting User can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that user can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options User can use this token to give SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network Community The community name that is used Group Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting 144 Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given t
157. encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account and assign access rights by VACM 143 SNMP Basic Settings SNMP Agent Enable System Information Contact IContact me Location ll am here V1IV2C IndexAccess Right Community 1 2 3 4 5 Deny b Deny S Deny vi Deny vi Deny vi Auth Privacy Access Protocol Y Passphrase Right DES v unused unused unused unused unused S
158. ers option specifies a list of Domain Name System name servers available to the client IP Pool Starting Ending Address The IP Address range which will be assigned Lease Time How long does the IP address can be leased by DHCP server 68 Dual WLAN Device LAN Setting Network IP Parameters E antes wa n IP Address 192 168 a 1 Mi Subnet Mask 255 kes ks o DHCP Server a DHCP Server Parmeter Primary DNS Address 168 195 t 1 i Secondary DNS Address p IP Pool Starting Address A ie 100 IP Pool Ending Address L nul ui 200 I Lease Time Half hour WI Figure 3 4 21 3 4 4 Wireless User can set the wireless related setting here Dual WLAN Device Wireless You can set the wireless releated setting here Rogue p Scan WIFI ath3 Setting WIFI ath4 Setting WIFI ath5 Setting WIFI ath6 Setting WIFI ath Setting Figure 3 4 22 3 4 4 1 Rogue AP Scan Rogue Enable Check the radio box in front of lt Enable gt to enable the Rogue AP detection and Press lt Add gt or lt Del gt button to apply Allow AP The allowable AP list The AP in the list is a legal AP for CB to connect Check the box and press the lt Del gt button to remove it Rogue AP The nearby AP list not include the allowed APs Check the box and press the lt Add gt button to add it as a legal AP Re Scan 69 Press lt WIFIx gt button to Re scan the APs nearby which are scanned by wif
159. ese doi si Dse dos aW an dw 114 3 6 3 Wireless w vesi aa karann ai a a a n a a ko A A a ao a m a a 114 36 4 FII ESE NO 5 wads iia en een este e ee ede e ake e ke A n Ek 119 3 6 5 SNMP eki bik aw kitan et a a a tk n e a m a a a n OK D 120 T A TOONS a iii ake aaake eee Se kane ke Ee a SASA See SSS E OEA D ke AS Ra SAR T 125 3 6 7 Log OUE ctonsticsevtececdiotcasetsuicscsstuiccustawteioutawcsdnatieteadontsaqustens 125 AP WDS Bridge MOQE a eka dak es aaa na kane aaos anan kasse nee ae e sake anana 126 3 7 1 SYSUEM a kikit deske ke it See ke YAYA A siidi 126 3 7 2 LAN Configuration eee tee eee ken ke n ki a kaa a a a bk a a a n 135 3 7 3 Wireless konsekan an feets ee nieee kon kite e as pagan sen kaa ko NS Kek Rada A RAS AAS 136 3 7 4 A pi 1 lal p e FERPA YE AAA PEP PP YE MP RE ME A Fe niian MEN EE ME EP A NP M 141 3 7 95 SNMP iii aka a a a e a n n a a n A a a e n a a a a S a a a a a a a 142 37 sO TOONIS sicidicisicncidisiciiadivicndadividtdadiviendadivadidadivivrsedivcctdediviendediws 147 3 7 7 Log QUE ki ii cana a e n e a a ens NE OS a nates ue a NE No a n kk a a P a So a a e a 147 3 8 AP4 WDS Bridge Mode tt kk nn nn nannan nn nan nannan anana anne anan enaannnnannnnnnnn 148 3 8 1 System k ia ti ki w e a it w a a ka a kl n ak a a a a a a a a kk a a a e EN 148 3 8 2 LAN CONnfigUFACTON ki ive kita kaa ao a a m n a a a m a a a a an a a a a n a a 157 3 8 3 Wireless vii aki seksi kias ks ksa t seta sn ak etksaga seed ate it age as etik de daE
160. ess is a unique ID assigned by the manufacturer of the network adapter 3 5 5 1 IP Filtering User can block certain client PCs from accessing this AP based on its IP address If enabled user should also configure the IP Filtering Address This option is only available in router and MESH modes IP Filtering Enable Disable IP Filtering IP Address Enter the Network IP Address and press lt Apply gt to filter 98 IP Filtering IP Filtering Disable Enable Category IP Address Delete IP Address 1 IP Address 2 es Delete IP Address 3 Don IP Address 4 IP Address 5 IP Address 6 o IP Address 7 Po IP Address 8 je IP Address 9 Delete IP Address 10 Delete IP Address 11 Delete IP Address 12 Delete IP Address 13 Delete IP Address 14 e IP Address 15 Figure 3 5 28 3 5 5 2 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those interfaces PCs with MAC address in the MAC address table can access this AP Reject All PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table 99 MAC address filter
161. eude w Figure 3 3 36 Access 55 The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any v1 v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table Sec urity Model Security Level B Write Notify generic v any M NoAuthNoPriv generic generic generic genericusm Y usm AuthPriv v all all v all v v v v all v all v v vv 1 2 3 generic v any NoAuthNoPriv vl all 4 gener E N Priv w al vi lal 5 generic v any NoAuthNoPriv all
162. ew table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table Security Model Security Level read Write Notify generic Mi any NoAuthNoPriv generic generic generic genericusm m usm AuthPriv vi all all generic b any NoAuthNoPriv all all Z Kale alk 2 alGl aa vv v generic ke any Ke NoAuthNoPriv all all v v generic ma any NoAuthNoPriv all Figure 3 9 41 all 3 9 7 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address amp Port The IP and Port of a device to receive traps Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoPriv AuthPriv 201 SNMP Trap Trap Active GDisable O Enable vl v2c Trap Version Version 1 192 1 168 1 121 4162 public 0 1 Disable 2 Disable 3 i 4 Disable v br
163. ff the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 10 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 10 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings Configuration Tools Restore Factory Default Configuration Lec Lec Lec Local Backup Settings Restore settings Remote Backup Settings Restore settings Figure 3 10 4 Restore Factory Default Configuration To reset configuration settings to the factory default values just click on NEXT button beside Restore Factory Default Configuration Restore Factory Default Configuration NEXT J Figure 3 10 5 Then click on lt Restore gt button on next page now the system will reset to factory default value Restore Factory Default Figure 3 10 6 Local Backup Settings
164. figuration tools for the Access Point The options are in the menu screen to the left Figure 3 3 1 3 3 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 3 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a v z A w Z or i i 34 Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese Model Select OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To set this device as a router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID AP_WDS_BRG To set this device as a WDS device with AP function AP4_WDS_BRG To set this device as WDS device with AP function and support up to 4 SSID Administrator Settings Name IWP 2000 88 0 9 A Z a zi ont n Language Select Language English v
165. g e Trap Setting V Tools e Tools V Log Out 3 10 1 System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General 203 Status Power Control WIFI Status Log System Time and Reboot screen as shown in Figure 3 10 1 Dual WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 10 1 3 10 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 10 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a v z A w Z or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese Model OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 2 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client bridge device AP CB ROUTE To set this device as a router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual
166. g messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account and assign access rights by VACM 121 SNMP Basic Settings SNMP Agent Enable System Information Contact IContact me Location I am_here V1NV2C Index Access Right Community 1 2 3 4 5 Deny be Deny Deny Deny Deny Security Level ath Auth Passphrase Ay Priv Passphrase ac Type Protocol Right AuthPriv v mps vi DES v unused AuthPriv MDS vi DES w unused AuthPriv v mp5 x DES v unused AuthPriv MDS DES unused AuthPriv y mp5 x DES unused Figure 3 6 26 3 6 5 2 VACM Setting User can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that user can use Community to Security for V1 V2c Map t
167. ghput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory QoS Setting On AP WMM Enable ODisable MAX Associated Station 32 1 2007 AP Tx Best Effort CWmin 2047 w CWMax 4095 w AIFS 2 1 255 Burst 0 0 AP Tx Background CwWmin 15 w CWMax 1023 w AIFS 7 1 255 Burst 0 0 AP Tx Video Cwmin 7 w CWMax 7 v AFS 1 1 255 Burst 1 5 AP Tx Voice CWmin 7 w CWMax 15 v AFS 1 1 255 Burst 3 0 E CWmin 7 w CWMax 1023 w AIFS 2 1 255 TXOP 64 1 255 x32ms ACM O Enable Disable aos CWmin 15 w CWMax 1023 v AIFS 7 1 255 TXOP 1 1 255 x32ms ACM OEnable Disable aes CWmin 7 CWMax 7 w AIFS 11 1 255 TXOP 47 1 255 x32ms ACM OEnable Disable CWmin 7 w CWMax 15 AIFS 1 1 255 STA Tx Voice TXOP 94 1 255 x
168. ghts usm This account will be an usm account and assign access rights by VACM 101 SNMP Basic Settings SNMP Agent Enable System Information Contact IContact me Location ll am here V1IV2C IndexAccess Right Community 1 2 3 4 5 Deny b Deny S Deny vi Deny vi Deny vi Auth Privacy Access Protocol Y Passphrase Right DES v unused unused unused unused unused Security Level Type Auth Passphrase AuthPriv v AuthPriv v AuthPriv v MD5 v lt AuthPriv AuthPriv 4 lt lt lt THEM SH FINE o m a i j MD5 DES Figure 3 5 30 3 5 6 2 VACM Setting User can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that user can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options User can use this token to giv
169. havior and do not turn off the Access Point while the firmware is upgrading 3 8 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 8 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings Configuration Tools Restore Factory Default Configuration NET Local Backup Settings Restore settings es Remote Backup Settings Restore settings en Figure 3 8 4 Restore Factory Default Configuration To reset configuration settings to the factory default values just click on NEXT button beside Restore Factory Default Configuration Restore Factory Default Configuration er Figure 3 8 5 Then click on lt Restore gt button on next page now the system will reset to factory default value Restore Factory Default Restore Figure 3 8 6 gt Local Backup Settings Restore settings To backup or restore the configuration for this device Click on lt NEXT gt button beside Local Backup settings Restore settings Local Backup Settings Restore settings er Figure 3 8 7 Click on lt Backup Settings gt button on next page to save the settings of this device to a file named configs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore
170. he Access Point stops responding correctly or in some way stops functioning you can perform a Reboot To perform the Reboot click on the Reboot button below oft sneer ho decision Figure 3 10 15 3 10 2 WAN Configuration 3 10 2 1 WAN Settings This function is to establish a connection with user s WAN network and also assign the IP to the host behind this AP Network IP Parameters User can change the network settings of this interface from WAN configuration it is including IP address Subnet mask Gateway address and enable disable the DHCP server Function DHCP Server Parameters Primary Secondary DNS Address The domain name servers option specifies a list of Domain Name System name servers available to the client IP Pool Starting Ending Address The IP Address range which will be assigned Lease Time How long does the IP address can be leased by DHCP server 211 WAN Setting Network IP Parameters IP Address 192 vi 1 E Subnet Mask 255 255 0 Gateway Address 19 168 Ag 254 DHCP Server Enable v DHCP Server Parmeters Primary DNS Address 168 95 1 1 Secondary DNS Address IP Pool Starting Address z 168 100 IP Pool Ending Address 2 168 z 200 Lease Time Haifhour Figure 3 10 16 3 10 2 2 Bandwidth Management This function allows user to set the limitation of total upload download bandwidth on WAN interface and also can set the limitation of uplo
171. he community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options User can use this token to give SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network Community The community name that is used Group Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting 122 Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is vi or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings Community to Security for V1 V2c Index Security Name IP Source Community Mi mypriv 127 0 0 1 public Group Name Security Model Security Name M1 generic n B mypriv v M2 genericusm usm Yi generic v 03 Mi mypriv z O4 n S mypriv v D 5 vi w mypriv v Figure 3 6 27 View Create a view for user to
172. he quality of the link determined at our end lost The number of lost packets among the n packets most recently sent by our neighbor via this link n is the link quality window size total the total number of packets received up to now This value starts at 0 immediately after a link has come to alive and then counts each packet It is capped at the link quality window size NLQ this is our neighbor s view of the link quality Previously we have called this the Neighbor Link Quality This value is extracted from LQ HELLO messages received from our neighbors ETX This is the ETX for this link i e 1 NLQ x LQ NEIGHBORS IP address SYM MPR MPRS will 2 Hop Neighbors 10 0 0 6 YES YES YES 7 10 0 0 7 This table contains a list of all our neighbors It is closely related to the link table in that we are connected to a neighbor via one or more links The table has the following columns IP address The main IP address of the neighbor SYM This states whether the link to this neighbor is considered symmetric by link detection mechanism MPR multi point relay This indicates whether we have selected this neighbor to act as an MPR for us MPRS multi point relay selector This indicates whether the neighbor node has selected us to act as an MPR for it 188 will The neighbor s willingness 2 Hop Neighbors The IP address of 2 hops neighbors Topology entries Source_IP Dest_IP LQ ILQ ETX 0 0 0 6 92 168 0 2 000
173. hold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 216 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie 0 9 a f User can set maximum 4 keys but only one key will functional at one time Advanced Setting Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto v Rate 54 vi mbits M Fixed Layer 2 Isolation Disable Enable Key 1 eeeee WEP Key Setting Key 2 eeeee _ Key 3 esse Key 4 esooo Figure 3 10 23 SSID Security Mode Authentication User can choose which
174. hreshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value 220 between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie 0 9 a f User can set maximum 4 keys but only one key will functional at one time Advanced Setting Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto Rate 54 Mbits V Fixed Layer
175. hreshold value is used by Lantech Wireless View Lantech Wireless View will monitor the WIFI loading when the loading is over this value Lantech Wireless View will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 6 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 6 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of firmware 108 Firmware Update Current Firmware information Version IWP 2000 68 w0 1 4 Date 2010 04 13 Using TFTP NEXT Using WEB NEXT Using FTP NEXT Figure 3 6 3 Using TFTP On any computer in the network oracompute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on Browse button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade
176. hroughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the 193 interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory QoS Setting On AP WMM Enable O Disable MAX Associated Station 132 1 2007 AP Tx Best Effort Cwmin 2047 w CWMax 4095 AIFS 2 1 255 Burst 0 0 AP Tx Background CWmin 15 CWMax 1023 AIFS 7 1 255 Burst 0 0 AP Tx Video CWmin 7 v CWMax 7 Y AIFS 1 1 255 Burst 1 5 AP Tx Voice CWmin 7 v CWMax 15 y AIFS 1 1 255 Burst 30 CWmin 7 w CWMax 1023 v AIFS 2 1 255 STA Tx Best Effort d TXOP 64 1 255 x32ms ACM OEnable Disable CWmin 15 w CWMax 1023 w AIFS 7 1 255 STA Tx Background r a TXOP 1 1 255 x32ms ACM O Enable Disable CWmin 7 v CWMax 7 y AIFS 1 1 2
177. i card x x 1 or 2 Rogue Scan Rogue Enable Rogue Enable Enable O Disable Allow AP Del MAC Addr SSID 1 Rogue AP Add MAC Addr SSID Re Scan Figure 3 4 23 3 4 4 2 WIFI ath3 Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network In station mode CB this SSID must be same as the AP that user wish to connect User can either type in the SSID by themself or simply press the lt Scan gt button and select the AP form the popup list then click lt submit gt MAC Cloning This feature controls the MAC Address of the Wireless Bridge seen by other devices wired or wireless If set to Ethernet Client the MAC Address from the first Ethernet client that transmits data through the Wireless Bridge will be used When multiple Ethernet devices are connected to the Wireless Bridge it may not be obvious which MAC Address will be used If set to WDS it will include 4 MAC address while transmit the data through Wireless Bridge It is only available on bridge mode in station interface If the AP to associate does not support 4 WAY HANDSHAKE the Ethernet client should be selected Peer Node Distance Set the distance between this device and it s adjacent If select
178. ice to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie 0 9 a f User can set maximum 4 keys but only one key will functional at one time 164 Advanced Setting Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto Rate 54 Mbits Fixed Layer 2 Isolation Disable Enable Key 1 00000 WEP Key Setting Key 2 eeeee Key 3 eeceee Key 4 eeeece Figure 3 8 28 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANS defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the
179. ie 0 9 a z Or use HEX to set the key value in hexadecimal ie 0 9 a f User can set maximum 4 keys but only one key will functional at one time Advanced Setting Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto v Rate 54 Mbits V Fixed Layer 2 Isolation Disable Enable Key 1 eeeee WEP Key Setting Key 2 eeeee Key 3 eecece Key 4 esooo Figure 3 6 20 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption 116 Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP WEP Encryption Open ORestricted O O Select Key KEY 1 KEY 2 O KEY 3 O KEY 4 Figure 3 6 21 WPA Personal The me
180. iew the MIB tree Index Index of View Tick the checkbox to enable the recordset Include Assign include or exclude in this record for certain subtree Sub Tree the OID value For example 1 3 6 1 2 1 View Name Include Sub Tree 1 mib2 Include w 1 3 6 1 2 1 M2 generic o Include 136 141 5205 os include Bl pen D4 Include O45 Include o6 O Include v F Include w L8 Include_ 9 Include v 10 Include w O11 Include Du Include y 13 Include w O 14 ki l tl Include x ja ONS on Include 16 Include FWI e Include w Figure 3 4 38 Access 81 The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any v1 v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2
181. in this record for certain subtree Sub Tree the OID value For example 1 3 6 1 2 1 Include Mi mib2 Include 1 3 6 1 2 1 M2 generic Include 1 3 6 1 4 1 5205 o3 ij n Include e D4 Include O54 Include w aoo Include i oO Include vi 08 L Include w o9 i Include v O 10 Include a menn Include wi a enn Include vi 13 Include w O 14 iii l Include FESSES O O Include vi 16 Include Ou Include vi i Figure 3 5 32 Access 103 The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any v1 v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this fiel
182. ination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account and assign access rights by VACM 53 SNMP Basic Settings SNMP Agent Enable System Information 1 2 3 4 5 Contact Contact me Location l am here V1 V2C IndexAccess Right Community Den wi Deny Wi Deny wy Deny Mi y Deny Pri L Acces Security Level Auth Passphrase Vvacy Pr
183. ing Filtering type Disable MAC address table Item MAC address Ex 22 22 22 22 22 22 MAC address 1 _Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 _Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 Delete i MAC address 14 Delete MAC address 15 Delete Figure 3 5 29 3 5 6 SNMP The IWP 2000 68 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 5 6 1 Basic Setting SNMP Agent Check the lt Enable gt check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants Lantech Wireless View to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location It is used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s SNMP community settings on this page Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the n
184. ing on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie 0 9 a z Or use HEX to set the key value in hexadecimal ie 0 9 a f User can set maximum 4 keys but only one key will functional at one time 73 Advanced Setting Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto Rate 54 Mbits Fixed Layer 2 Isolation Disable Enable Key 1 00000 WEP Key Setting Key 2 eoeee Key 3 eeeee Key 4 eeece Figure 3 4 29 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANS defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as
185. ing Key 2 eeeee Key 3 eeece Key 4 eeece Figure 3 9 28 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key you would like to use for this AP 191 SSID Security Mode AE wep WEE Encryption GOpen ORestricted lO O O Select Key KEY 1 KEY 2 O KEY 3 KEY 4 Figure 3 9 29 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPAZ is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here
186. interfaces PCs with MAC address in the MAC address table can access this AP Reject all PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table 119 MAC address filtering Filtering type Disable MAC address table Item MAC address Ex 22 22 22 22 22 22 MAC address 1 Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 Delete MAC address 14 Delete MAC address 15 Delete Figure 3 6 25 3 6 5 SNMP The IWP 2000 68 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 6 5 1 Basic Setting SNMP Agent Check the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants Lantech Wireless View to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location It is used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s
187. ion NEXT Figure 3 7 5 Then click on Restore button on next page now the system will reset to factory default value Restore Factory Default Figure 3 7 6 Local Backup Settings Restore settings To backup or restore the configuration for this device Click on lt NEXT gt button beside Local Backup settings Restore settings Local Backup Settings Restore settings NEXT Figure 3 7 7 Click on Backup Settings button on next page to save the settings of this device to a file named configs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process 130 Backup Settings Backup Settings Restore Settings Figure 3 7 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on lt NEXT gt button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 7 9 Enter the necessary setting in next page then click on Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFIP OFTP TFTP or FTP Server IP LI LI L Firmware Filename in server configs tar FTP Username FTP Password __Backup To Sener
188. is device as a router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID AP_WDS_BRG To set this device as a WDS device with AP function AP4_WDS_BRG To set this device as WDS device with AP function and support up to 4 SSID 127 Administrator Settings Device Name Name IWP 2000 68 0 9 AZ aiz on Language Select Language English v Model Select OLSR_AP AODV_AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP AP_WDS_BRG AP4_WDS_BRG Password Settings Current Password Password 3 12 Characters Re type Password Idle Time Out 999 1 999 minutes Remote Management Enable C Ifenabled only the following PC can manage this AP IP Address WIFI Loading Warning Threshold Threshold 15 5 25 Mb sec Figure 3 7 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just tick the lt Enable gt check box and enter an IP address of the remote host Then only the h
189. is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is vi or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings Community to Security for V1 V2c Index Security Name IP Source Community Mi mypriv 127 0 0 1 public mm 5 Group Name Security Model Security Name M1 generic vu A my priv v M2 genericusm usm Yi generic v MA o Mi mypriv z O4 vi S mypriv v FS i vu wi mypriv v Figure 3 3 35 View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset Include Assign include or exclude in this record for certain subtree Sub Tree the OID value For example 1 3 6 1 2 1 View Name Include Sub Tree M1 mib2 o Include 1 3 6 1 2 1 o3 i Include mi L4 lo oi Include O54 O Include As o o o Include w Cie Include vi ak o o Include Os Include v 10 Include ae Include _ x 13 Include ow oo Include O15 Include vi 16 cuse wi a n
190. it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP vi WEP Encryption GOpen ORestricted 5 A select Key key OKEY O KEY 3 KEY 4 Figure 3 4 30 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPAZ is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK 74 broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal B WPA MODE WPA amp WPA2 Share Key 123456789 fB 63 characters WPA Encryption Auto i Group Key Update Inte
191. iv Passphrase egere Type Protocol Right AuthPriv w MD5 DES unused v AuthPriv Mp5 DES unused AuihPriv v MD5 DES unused w AuthPriv v MD5 x DES vw unused AuthPriv v mp5 w DES v unused v Figure 3 2 34 3 3 5 2 VACM Setting User can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that user can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options User can use this token to give SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network Community The community name that is used Group Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting 54 Index Index of Group Tick the checkbox to enable the recordset Group Name A group name
192. ivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power off Management Link Quality 0 70 Signal level 96 dBm Noise level 96 dBm Rx invalid nwid 223 Rx invalid crypt 0 Rx invalid frag 0 T 0 Invalid misc 0 Missed beacon 0 retries ty Info tion Security Mode Disable No wifi Associated Figure 3 7 14 End of Status 3 7 1 8 Log In this page user could see the system logs record of this device ogs System Logs r gt Apr 13 00 02 01 MvP 2000 68 Apr 13 00 00 48 IWP 2000 68 Apr 13 00 00 00 IWP 2000 68 Apr 13 00 00 00 IWP 2000 68 Apr 13 00 00 00 IWP 2000 68 Apr 13 00 00 05 IWP 2000 68 Apr 13 00 00 03 MVP 2000 68 Apr 13 00 00 03 IWP 2000 68 cron notice crond 2844 USER root pid 3462 cmd web server www htm auth notice root 192 168 1 10 login user info web server flash setup sh web server flash setup sh user info 041300002010 00 user info Tue Apr 13 00 00 00 UTC 2010 user info Terminated user info Killed user info Terminated date Apr 13 00 00 00 IWP 2000 68 user info kernel brO port 1 ethl transitioning to FORWARDING s Apr 13 00 00 00 IWP 2000 68 user info kernel brO port 2 eth0O transitioning to FORWARDING s Apr 13 00 00 00 IWP 2000 68 user info kernel brO port 3 ath0O transitioning to FORWARDING s Apr 13 00 00 00 IWP 2000 68 user info kernel brO port 4 ath4 transitioning to FORWARDING s Apr 13 00 00 00 IWP 2000 68 user info kernel brO
193. l Mi 4 generic Y any w NoAuthNoPriv v au Mw la E 5 generic v any vi NoAuthNoPriv all bal all v all v Figure 3 2 30 3 2 5 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system gt SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address amp Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address amp Port The IP and Port of a device to receive traps Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoPriv AuthPriv Trap Active Disable O Enable vl v2c Trap Version 1 w 92 168 ji 21 j162 public Disable l i H 0 1 2 Disable x a 4 Disable v B a B H F Disable Oo genericro v B M A ll al NoAuthNoPriv Yi 01 genericro LI E H NoAuthNoPriv m2 genericro w L HM MOU NoAuthNoPriv 3 genericro NoAuthNoPriv v 4 genericra L L l lf i NoAuthNaPriv v Figure 3 2 31 gt Trap Items
194. ld Start ODisable Enable Warm Start ODisable Enable Link Up ODisable Enable Link Down ODisable Enable Auth Fail ODisable Enable Log In ODisable Enable Figure 3 3 39 3 3 6 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Ping IP Count 3 Disable Enable Figure 3 3 40 3 3 7 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 3 41 3 4 AP CB Route Mode AP CB Route mode is to set this device as a router device with AP and CB functions The setting and functions as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System time Reboot V WAN e WAN Setting e Bandwidth Management V LAN e EthO Settings e Ethi Settings e AP ath4 Setting e AP ath5 Setting e AP ath6 Setting e AP ath7 Setting V WIRELESS e Rogue AP Scan e WIFI ath3 Setting e WIFI ath4 Setting e WIFI ath5 Setting e WIFI ath6 Setting e WIFI ath7 Setting V FILTER e IP Filtering e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 58 3 4 1 System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System Time and Reboot screen as shown in Figure 3 4 1
195. let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset Include Assign include or exclude in this record for certain subtree Sub Tree the OID value For example 1 3 6 1 2 1 View Name Include Sub Tree 1 mib2 Include w 1 3 6 1 2 1 M2 generic o Include 136 141 5205 os include Bl pen D4 Include O45 Include o6 O Include v F Include w L8 Include_ 9 Include v 10 Include w O11 Include Du Include y 13 Include w O 14 ki l tl Include x ja ONS on Include 16 Include FWI e Include w Figure 3 2 28 Access 123 The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any v1 v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter
196. lick on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 7 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 7 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings Configuration Tools Restore Factory Default Configuration Ler Local Backup Settings Restore settings Ler Remote Backup Settings Restore settings Ler Figure 3 7 4 gt Restore Factory Default Configuration To reset configuration settings to the factory default values just click on lt NEXT gt button beside Restore Factory Default Configuration Restore Factory Default Configurat
197. lient Lease Time How long does the IP address can be leased by DHCP server 213 LAN Setting IP Address 192 168 24 1 Subnet Mask 255 1255 255 Bo DHCP Server v DHCP Server Parmeters Primary DNS Address 168 95 a1 1 Secondary DNS Address IP Pool Starting Address A A 100 IP Pool Ending Address 3 200 Lease Time Half hour v Figure 3 10 19 3 10 3 3 MESH WLAN Settings User can configure the IP address for MESH ath0O interface in here The IP address for MESH athO must be in the same subnet with other MESH device s athO interface and must be in different subnet with WAN AP WLAN IP address Network IP Parameters IP Address The IP address of the AP on the MESH network Subnet Mask The subnet mask of the IP address LAN Setting IP Address 192 1168 2 1 Subnet Mask 255 255 255 o Figure 3 10 20 3 10 4 MESH This page will show the mesh information The option available here is AODV ADMIN 3 10 4 1 AODV ADMIN This page allows user to set AODV Admin settings gt AODV Parameters Setting 214 Active Internet It will provide interfaces to provide internet When set on the ethi will be the interface to internet The default gateway is set within WAN setting page When set off the default gateway will set on the AODV interface athO RREQ Gratuitous Force the gratuitous flag to
198. manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to 70 specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie 0 9 a f User can set maximum 4 keys but only one key will functional at one time Radio Power On Wireless Mode 80241a ssiD ALABB ooo MAC Cloning WDS S Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Pe
199. me Setting 3 Manual Setti Setting by saree an Internet Time Server Current System Time Wed Nov 3 02 27 13 2010 Manual Setting Year Month Day 2010 11 v s 3 Year 1970 2037 Hour Minute Second joo o0 oo Hours from GMT 8 v Hours Server IP 140 142 1624 Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every o days 0 31 0 hours 0 23 10 minites 0 59 Figure 3 3 18 3 3 1 10 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the lt Reboot gt button and click on lt OK gt on pop up screen to confirm user s decision Reboot Access Point After you the setting or in the event that the Access Point or in some way stops functioning change ops responding correctly you can perform a Reboot To perform the Reboot cick on tho FORS betion bokou You will be asked to confirm your decision fa NOTE Some of the ANTI VIRUS shield programes may block the following WEB page Please wait for a while then reconnect this device Figure 3 3 19 3 3 2 LAN Configuration Interface brO Setting IP Authentication Indicate how the IP address of this device will be assigned There are two options available here Static option the IP address should be entered in Network IP Parameters
200. meters IP Address 192 168 l0 D Subnet Mask 1255 255 B55 b DHCP Server Enable v DHCP Server Parmeters Primary DNS Address 168 95 A S Secondary DNS Address 2 2 IP Pool Starting Address 2 re fo 100 IP Pool Ending Address af 200 Lease Time Halfhour v Figure 3 5 20 In Lan configuration user can also configure the IP of Station ath7 Settings IP Authentication Indicate how the IP address of this device will be assigned There are two options available here Static option the IP address should be entered in Network IP Parameters and DHCP option the IP address will be assigned from other DHCP server LAN Setting IP Authentication Static DHCP Network IP Parameters IP Address 192 168 127 1 Subnet Mask 255 255 255 fo Figure 3 5 21 3 5 4 Wireless User can configure the wireless related settings in this page 94 Dual WLAN Device Wireless You can set the wireless releated setting here Rogue Ap Scan WIFI ath3 Setting WIFI ath7 Setting Toots Figure 3 5 22 3 5 4 1 Rogue AP Scan gt Rogue Enable Check the radio box in front of lt Enable gt to enable the Rogue AP detection and Press lt Add gt or lt Del gt button to apply gt Allow AP The allowable AP list The AP in the list is a legal AP for CB to connect Check the box and press the lt Del gt button to remove it Rogue AP The nearby AP list not include the allowed APs Check th
201. n 1 192 fe lf ai 162 public 1 Disable 2 Disable 3 Disable 4 Disable v3 Trap Index User IP Address Port Security Level Oo genericro A 4 NoAuthNoPriv Di genericro A NoAuthNoPriv v 2 genericro j K a J NoAuthNoPriv v 3 genericro Y l l NoAuthNoPriv v o4 genericro NoAuthNoPriv v Figure 3 10 37 gt Trap Items Enable Disable which trap items to send Trap Items Cold Start ODisable Q Enable Warm Start O Disable Enable Link Up ODisable Enable Link Down ODisable Enable Auth Fail ODisable Enable Log In ODisable Enable Figure 3 10 38 3 10 8 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Ping BE Count 3 Disable Enable Figure 3 10 39 3 10 9 Log Out User can manually logout by click on Log Out Log Out Figure 3 10 40 228 Caution The Part 15 radio device operates on a non interference basis with other devices operating at this frequency when using A integrated antennas Any changes or modification to the product not expressly approved by Original Manufacture could void the user s authority to operate this device 229
202. n access this AP Reject All PCs interfaces can access this AP except those 77 interfaces PCs with MAC address in the MAC address table MAC address filtering Filtering type Disable MAC address table Item MAC address Ex 22 22 22 22 22 22 MAC address 1 Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 Delete MAC address 14 Delete MAC address 15 Delete Figure 3 4 35 3 4 6 SNMP The IWP 2000 68 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 4 6 1 Basic Setting SNMP Agent Check the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants Lantech Wireless View to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location It is used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s SNMP community settings on this page Access Right Select an
203. n user s network user can also enter the necessary information here 161 SSID Security Mode Authentication WPA enterprise Y WPA MODE WPA is Share Key 8 63 characters WPA Encryption Auto Group Key Update Interval 600 30 65535 Primary Radius Server AuthenticatoinServer 192 168 1 L 80 3 1812 Shared Secret secret Backup Radius Server Optional Authenticatoin Server L L E Shared Secret Figure 3 8 25 Qos WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters CWmin Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CW min must be lower than the value for CW max CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priori
204. nclude v E O15 Include 16 Include 017 Include W Figure 3 7 29 gt Access 145 The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any v1 v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table Sec urity Model Security Level B Write Notify generic v any M NoAuthNoPriv generic generic generic genericusm Y usm AuthPriv v all all v all v v v v all v all v v vv 1 2 3 generic v any v NoAuthNoPriv vl all 4 gener v N Priv w al vi lal 5 generic v any M NoAuthN
205. ncryption Auto 8 63 characters Group Key Update Interval 802 1x Primary Radius Server Authenticatoin Server 192 Lhes 600 Backup Radius Server Opti onal Authenticatoin Server LI L Figure 3 6 23 117 30 65535 Shared Secret secret Shared Secret Qos WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters CWmin Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmin must be lower than the value for CWmax CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP
206. nfigs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process Backup Settings Backup Settings Restore Settings Figure 3 3 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on lt NEXT gt button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 3 9 Enter the necessary setting in next page then click on Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFIP OFIP TFTP or FTP Server IP l i LI LI Firmware Filename in server configs tar FTP Username FTP Password Figure 3 3 10 3 3 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control Bridge LAN port Station WIFI 1 Status AP WIFI 2 Status 38 5 Current Firmware Version NWP 2000 68 v0 1 8 Desce Name hWP 2000 68 System Model AP CB Bridge System Time Wed Nov 3 01 53 45 2010 tho PoE Disabled IP Address 192 168 1 1 MAC Address 002643 00 0edf Mask 255 255 255 0 MODE 211 a COUNTRY North_America_Area Omm 1 FRAG 246 RTS 246 BEACON 100 DISTANCE
207. ng in half duplex mode and is not connected to any further bridges participating in STP or RSTP then the port is an edge port The available options are yes or no By default it is set to no LAN Setting IP Authentication Static DHCP IP Address 192 jes sit Au Subnet Mask 255 255 255 0 Gateway Address 192 168 1 254 Bridge STP Setting STP RSTP Disable v Bridge Priority A5 STP0 65535 RSTP 0 15 Hello Time 2 a 10 second Forwarding Delay 15 K4 30 second Max Age 20 K6 40 second Cost 18 O 2 10 8 Priority 1 STP 0 255 RSTP 0 15 Port eth0 Spm PtoP auto v Edge no v Port eth1 Cost 19 0 2 1098 Priority 1 STP 0 255 RSTP 0 15 Pio P auto MA Edge no Ii Cost 2000000 0 2 10 8 jority 10 STP 0 255 RSTP 0 15 Port wdsj0 ost 2000000 i Priority 1 a PtoP auto v e no v a 2100000 0 2 jority 11 0 0 Port wdsjt Cost 0 2 10 8 Priority STP 0 255 RSTP 0 15 PtoP auto v Edge no v Port wdsj2 Cost 2200000 0 2 1018 Priority 12 STP0 255 RSTP 0 15 PtoP auto v Edge no vi Cost 2300000 0 2 1018 Priority 13 STP 0 255 RSTP 0 15 Port wdsj3 F PtoP auto v Edge no vw Port ath4 Cost 2400000 Q 2 10 8 Priority 6 STP 0 255 RSTP 0 15 PtoP auto Edge no w Port ath5 Cost 2500000 ko 2 10 8 Priority 7 STP 0 255 RSTP
208. nsitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory 219 QoS Setting On AP WMM Enable O Disable MAX Associated Station 132 1 2007 AP Tx Best Effort CWmin 2047 v CWMax 4095 v AIFS 2 1 255 Burst 0 0 AP Tx Background CWmin 15 v CWMax 1023 v AIFS 7 1 255 Burst 0 0 AP Tx Video CWmin 7 CWMax 7 AIFS 1 255 Burst 1 5 AP Tx Voice CWmin 7 Si CwMax 15 Y AIFS 1 1 255 Burst 3 0 CWmin 7 CWMax 1023 v AIFS 2 1 255 STA Tx Best Effort 5 7 A TXOP 64 1 255 x32ms ACM OEnable Disable Cwmin 15 v CWMax 1023 w AIFS 7 1 255 STA Tx Background Po a AA TXOP 1 1 255 x32ms ACM OEnable Disable CWmin 7 v CWMax 7 Y AIFS 1 1 255 STA Tx Video c se i TXOP 47 1 255 x32ms ACM O Enable Disable CWmin 7 v CWMax 15 w A
209. ntative immediately if any of the aforementioned items is missing or damaged 2 Installation 2 1 Full View of IWP 2000 68 Interface on the IWP 2000 68 Unit eth1 For connecting the RJ 45 CAT 5 Ethernet cable to receiving the power and for user to configure the Access Point etho0 For connecting and provide power to other device such as IPCAM By default it is disabled Please note the voltage supply by ethO is 48V and maximum output power watt is the outcome of AP s power usage deduct from total input power For example with standard power adaptor the total input power is 48V x 1A 48W The AP use about 6W when it s full load Therefore the maximum power that ethO can support is about 42W N type antenna connector for connecting N type antennas Antenna 1 ath0 3 Antenna 2 ath4 7 2 2 Full View of POE Injector Interface on the Inline Power Injector Data Input Port Bi for connecting cross over Ethernet Cable to PC or straight Ethernet cable to Hub Switch or Router AC Input Port 4 100 240V AC Power input Power amp Data Output Port BI for connecting an Ethernet Cable to the AP POE picture1 POE picture2 Power and Data Interface location on the PoE denoted by numbers 3 5 2 3 Mount Kit for IWP 2000 68 The IWP 2000 68 can be mounted on a pole or wall user can use the Pole Mount kit to mount the IWP 2000 68 as shown in Figure
210. nternet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute Second Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Time Update for Every User can set time update interval by enter the days hours and minutes 156 Time Setting Select Setting Type Setting by 9 Manual Setting Synchronize with an Internet Time Server Current System Time Tue Apr 13 00 44 23 UTC 2010 Manual Setting Year Month Day 2010 4 vi 13 vi CYear 1900 2037 Hour Minute Second 100 00 00 Hours from GMT 8 v Hours Server IP 140 142 16 34 Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every 0 _ days 0 31 0 hours 0 23 10 minites 0 59 Figure 3 8 16 3 8 1 10 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the lt Reboot gt button and click on lt OK gt On pop up screen to confirm user s decision Reboot Access Point After you change the setting or in the event that the Access Point stops responding correctly or in some way stops functioning you can perform a Reboot To perform the Reboot click on the Reboot button below
211. o a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is vi or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings Community to Security for V1 V2c Index Security Name IP Source Community Mi mypriv 127 0 0 1 public mm 5 Group Name Security Model Security Name M1 generic n B mypriv v M2 genericusm usm Yi generic v 03 Mi mypriv z O4 n S mypriv v az vi w mypriv v Figure 3 7 28 View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset Include Assign include or exclude in this record for certain subtree Sub Tree the OID value For example 1 3 6 1 2 1 View Name Include Mi mib2 Include w 136421 M2 generic Include 1 3 6 1 4 1 5205 DO3 pwo Include Se O14 Include w DO 5 Include wi O 6 Include w a Include L8 Include S Oe Include 10 Include O 11 er Include w a enn Include Wi FIS Include w awo E I
212. o kernel brO port ath3 transitioning to DISCARDING s 3 ath3 enabled 3 3 3 3 3 3 IWP 2000 68 user info kernel brO port 3 ath3 transitioning to DISABLED rol 3 3 3 3 3 3 3 3 ath3 transitioning to FORWARDING s ath3 transitioning to LEARNING sta ath3 transitioning to DESIGNATED r ach3 transitioning to RSTP mode IWP 2000 68 user info kernel br port ath3 disabled IWP 2000 68 user info kernel brO port ath3 enabled IWP 2000 68 user info kernel brO port ath3 enabled IWP 2000 68 user info kernel br0 port ath3 transitioning to FORWARDING s lwP 2000 88 user info kernel brO port avh3 transitioning to LEARNING sta IWP 2000 68 user info kernel br0 port ath3 transitioning to DESIGNATED r IWP 2000 68 user info kernel brO port ath3 transitioning to RSTP mode IWP 2000 88 user info kernel br port ath3 enabled Figure 3 3 17 3 3 1 9 System time gt Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is synchronize with an Internet Time Server Manual Setting 41 User can manually enter the Year Month Day and Hour Minute Second Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address Time Update for Every User can set time update interval by enter the days hours and minutes Ti
213. oPriv all generic v any NoAuthNoPriv all Figure 3 7 30 all vi all v 3 7 5 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system gt SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address 8 Port The IP and Port of a device to receive traps Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoPriv AuthPriv 146 SNMP Trap Trap Active Disable Enable vl v2c Trap Version 192 1168 Mk 121 4162 public Disable w Disable w 0 1 2 Disable 3 4 Disable Do genericro v NoAuthNoPriv DI genericro NoAuthNoPriv 2 genericro NoAuthNoPriv 03 genericro NoAuthNoPri w O4 genericro NoAuthNoPriv v Figure 3 7 31 gt Trap Items Enable Disable which trap items to send Trap Items Col
214. of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network Community The community name that is used Group Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting 225 Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is vi or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings Community to Security for VIV2c Security Name Source Community M1 mypriv li 127 0 0 1 public E ial 2 Ti 3 4 5 Group Name Security Model Security Name Mi generic v E mypriv v M2 genericusm usm v generic vi O03 i vi a mypriv B O4 i 1 voy mypriv wi Fl Moy mypriv vi Figure 3 10 34 View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset View Name The name of view Include Assign include or exclude in this record for certain
215. ollowing V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System time Reboot V WAN e WAN Settings e Bandwidth Management V LAN e EthO settings e AP WLAN Settings e MESH WLAN Settings V MESH e OLSR CONFIG e OLSR ADMIN e OLSR ROUTES e OLSR LINKS V WIRELESS e WIFI AP Setting e WIFI MESH Setting V FILTER e IP Filtering e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 174 3 9 1 System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System Time and Reboot screen as shown in Figure 3 9 1 Se D Dual WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 9 1 3 9 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 9 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold gt Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a z A Z ay ae Language Select This function allows user to select a language for the UI the option
216. on Wireless Mode 802113 vi SSID A1 AP3 Scan MAC Cloning WDS v Auto b Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 4 1 255 Fragmentation Threshold 2346 256 2346 RTSICTS Threshold 2346 1 2346 Tx Power Auto W Key 1 eseese WEP Key Setting Key 2 osese Figure 3 5 24 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANS defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP vi WEP Encryption GOpen ORestricted O L Sesect Kay KEY 1 KEY 2 O KEY 3 KEY 4 Figure 3 5 25 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to
217. onal Chinese Model OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To setthis device asa router device with AP and CB functions CB CB ROUTE To set this device asa router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID AP WDS BRG To set this device as a WDS device with AP function AP4 WDS BRG To set this device as WDS device with AP function and support up to 4 SSID 85 Administrator Settings Device Name Name MP 2000 68 0 9 A Z raz on nw Language Select Language English v Model Select OLSR_AP AODV_AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP DAP WDS BRG AP4 WDS BRG Password Settings Current Password Password 3 12 Characters Re type Password Idle Time Out 999 1 999 minutes Remote Management Enable CO Ifenabled only the following PC can manage this AP IP Address WIFI Loading Warning Threshold Threshold 15 5 25 Mbisec Figure 3 5 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before
218. ost with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by Lantech Wireless View Lantech Wireless View will monitor the WIFI loading when the loading is over this value Lantech Wireless View will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 7 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 7 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of firmware 128 Firmware Update Current Firmware information Version IWWP 2000 68 v0 1 4 Date 2010 04 13 Using TFTP Using WEB NEXT Using FTP Figure 3 7 3 Using TFTP On any computer in the network oracompute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then c
219. ote Backup Settings Restore settings Figure 3 9 4 Restore Factory Default Configuration To reset configuration settings to the factory default values just click on NEXT button beside Restore Factory Default Configuration Restore Factory Default Configuration NEXT Figure 3 9 5 Then click on Restore button on next page now the system will reset to factory default value Restore Factory Default Figure 3 9 6 Local Backup Settings Restore settings To backup or restore the configuration for this device Click on lt NEXT gt button beside Local Backup settings Restore settings Local Backup Settings Restore settings er Figure 3 9 7 Click on lt Backup Settings gt button on next page to save the settings of this device to a file named configs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process 178 Backup Settings Backup Settings Restore Settings Figure 3 9 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on NEXT button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 9 9 Enter the necessary setting in next page then click on Backup To Server gt or
220. p2pmac AUTO edge yes port no mac addr is local ageing timer 2 00 00 00 00 00 20 yes 0 00 1 00 00 00 00 00 21 yes 0 00 1 00 13 a9 2a be 78 no 0 05 3 00 26 48 00 0e c2 yes 0 00 4 00 40 c7 fb 00 f8 yes 0 00 End of Status Figure 3 2 13 3 2 1 7 WIFI Status In this page user could see the WIFI information of this device such as Interface information Security information Associated AP Station 19 WIFI Status WIFI Interfaces ath0 ath4 IEEE ESSID A1 APO Nickname 802 11g Mode Master Frequency 2 452 GHz Access Point 00 26 48 00 0E C2 Bit Rate 0 kb s Tx Power 18 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power off Management Link Quality 0 70 Signal level 96 dBm Noise level 96 dBm Rx invalid nwid 223 Rx invalid crypt 0 Rx invalid frag 0 Ta Taste 0 Invalid misc 0 Missed beacon 0 retries Security Mode Disable No wifi Associated Figure 3 2 14 End of Status 3 2 1 8 Log In this page user could see the system logs record of this device Logs System Logs Apr 13 00 25 06 IWP 2000 68 auth notice root 192 168 1 10 login Apr 13 00 10 10 IWP 2000 68 auth notice root 192 168 1 10 login Apr 13 00 02 01 IWP 2000 68 cron notice crond 2844 USER root pid 3393 cmd web server www htm Apr 13 00 00 00 IWP 2000 688 user info web server flash setup sh web server flash setup sh Apr 13 00 00 00 IWP 2000 68 user info date 041300002010 00
221. port 1 ethl transitioning to LEARNING sta Apr 13 00 00 00 IWP 2000 68 user info kernel brO port 2 eth0 transitioning to LEARNING sta Apr 13 00 00 00 IWP 2000 68 user info kernel brO port 3 ath0O transitioning to LEARNING sta Apr 13 00 00 00 MVP 2000 68 user info kernel brO port 4 ath4 transitioning to LEARNING sta Ma lt gt Figure 3 7 15 3 7 1 9 System time gt Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is Synchronize with an Internet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute Second Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Time Update for Every User can set time update interval by enter the days hours and minutes 134 Time Setting Select Setting Type Setting by Manual Setting Synchronize with an Internet Time Server Current System Time Tue Apr 13 00 44 23 UTC 2010 Manual Setting Year Month Day 2010 yla 13 Year 1900 2037 Hour Minute Second joo fo joo Hours from GMT 8 Y Hours Server IP 140 142 16 34 Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every 0 days 0 31 0 hours 0 23 10 minites 0 59 Figure 3 7 16 3 7 1 10 Reboot User can perform reboot function in case
222. power cord into the Power Input Port of the POE Injector and the AC plug into a power outlet A Green LED near the DATA IN port and labeled Power will light up Step2 Connect the cross over Ethernet cable from DATA IN Port to the Ethernet port on a PC Step3 Connect another Ethernet cable to the ethi on IWP 2000 68 Hand tightens the Seals for cable after you connect the connector Step4 Connect the remaining end of the CAT 5 cable into the labeled POWER 8 DATA OUT port on PoE injector a Red LED near the POWER amp DATA OUT port and labeled ACTIVE will light up This is the power side of the PoE that will power up the IWP 2000 68 When the IWP 2000 68 receives power over the Ethernet cable the IWP 2000 68 will start it s boot up sequence User can configure the IWP 2000 68 via HTML browser such as Microsoft Internet Explorer or FireFox from a remote host or PC 9 3 Operation of Web based Management 3 1 Basic Configuration This chapter instructs user how to configure and manage the IWP 2000 68 through the web user interface The default values of the AP are listed in the table below IP Address 192 168 1 1 Subnet Mask 255 255 255 0 Gateway Address 192 168 1 254 Username admin Password admin Table 3 1 Open your web browser and enter the default IP http 192 168 1 1 in the address bar it will show the following screen see Fig 3 1 and ask user enter the username and password The
223. pport 4 WAY HANDSHAKE the Ethernet client should be selected Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie 0 9 avf User can set maximum 4 keys but only one key will functional at one time 96 peg Se Radio Power
224. r to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPAZ is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP 46 SSID Security Mode Authentication WPA personal vi WPA MODE wa w Share Key 123456789 8 63 characters WPA Encryption Auto Figure 3 3 25 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter their account and password to pass the authentication SSID Security Mode Authentication WPA enterprise v WPA MODE a Share Key 123456789 8 63 characters WPA Encryption Auto 802 1x Account F3000 Password F3000 Figure 3 3 26 Please Note In wifi station model the security setting must be same as the AP that user wish to connect 3 3 3 3 WIFI ath4 7 Setting gt General Radio Power Turn this interfac
225. r willingness to act as relays for control traffic for their neighbors This option specifies a fixed willingness value to be announced by the local node 4 is a neutral option here while O specifies that this node will never act as a relay and 7 specifies that this node will always act as such a relay If this option is not set in the configuration file then mesh system will try to retrieve information about the system power and dynamically update willingness according to this info The default value is 7 186 Fisheye Enable Disable To increase stability in a mesh TC messages should be sent quite frequently However the network would then suffer from the resulting overhead The idea is to frequently send TC messages to adjacent nodes i e nodes that are likely to be involved in routing loops without flooding the whole mesh with each sent TC message The default value is Enable Enable local HNA entry HNA entry Enable Disable Hosts in an OLSR routed network can announce connectivity to external networks using HNA messages This function is used to set the IPv4 networks to be announced by this host Security The function uses this shared secret key for signature generation and verification Security Enable Disable To enable or disable the security function Security Key 0123456789abcdef For nodes to participate in the OLSR routing domain they need to use the key used by the other nodes The key is 128 bits M
226. rdware and software functions are shown as well as the examples of the operation for web based interface Overview of this user s manual m Chapter 1 Introduction describes the features of IWP 2000 68 H Chapter 2 Installation m Chapter 3 Operation of Web based Management 1 Introduction 1 1 Overview of IWP 2000 68 The IWP 2000 68 is a 802 11a b g Dual Radio Outdoor Multi Function Wireless Access Point with Power over Ethernet PoE supported The IWP 2000 68 also operates as multi function wireless system that includes MESH Point to Point Point to Multipoint Bridge Access Point Wireless Client and Repeater The dual radio of IWP 2000 68 can be functioned dual band and maintain each radio up to 54Mbps data rate simultaneously on both directions Key Features in the Device e Dual Radio Two high power IEEE 802 11 a b g radio for backhaul and local access e Multi operating modes support OLSR_AP AODV_AP AP Bridge AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP AP_WDS_BRG AP4_WDS_BRG e Bandwidth limitation Traffic shaping by IP in MESH and ROUTE model up to 30 list e Power over Ethernet e PoE Power Forwarding e Mac filtering e IP filtering e QOS WMM Enhance performance and density e LLDP Link Layer Discovery Protocol e Up to 8 SSID support e Supports WEP 64 128 WPA WPA2 encryption e Support SNMP V1 V2c V3 e Support STP RSTP e Support Lightening Protection e IP68 Industrial stan
227. recordset User The usm User ID IP Address amp Port The IP and Port of a device to receive traps Auth Level Assign security level in this record The Options are 172 NoAuthNoPriv AuthNoPriv authPriv Trap Active Disable O Enable vl v2c Trap Version 1 Disable 0 192 168 1 21 1162 public 1 2 Disable 3 4 MEIE Disable Disable ZIR oo genericro NoAuthNoPriv O1 genericro NoAuthNoPriv 02 genericro w NoAuthNoPriv v 03 genericro Y NoAuthNoPriv v D4 genericro NoAuthNoPriv v Figure 3 8 38 gt Trap Items Enable Disable which trap items to send Trap Items Cold Start O Disable Enable Warm Start Disable Q Enable Link Up ODisable Q Enable Link Down ODisable Enable Auth Fail ODisable Enable Log In ODisable Enable Figure 3 8 39 3 8 6 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Ping IP Count 3 Disable Enable Figure 3 8 40 3 8 7 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 8 41 173 3 9 OLSR_AP Mode To set this device as a MESH device the setting and functions as f
228. riod 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto vi Key 1 esse WEP Key Setting Key 2 esseo Key 3 eeeee Key 4 essee P gt SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP vi WEP Encryption GOpen ORestricted Select Key KEY 1 KEY O KEY 3 KEY 4 Figure 3 4 25 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is 71 granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPAZ is far superior to W
229. rity Disabled off off Radio of Figure 3 8 11 3 8 1 5 Power Control In this page user can enable the ethO port to provide PoE power and data forwarding function Power Control Status PoE Power Control etho port OEnable Disable Figure 3 8 12 154 3 8 1 6 Bridge Status In this page user could see the bridge interfaces information of this device such as interface information STP status mac address information etc Bridge Status Bridge bro Bridge STP State off Bridge br0 Information bridge id 8000 000000000020 designated root 8000 000000000020 root port 0 path cost 0 max age 20 00 bridge max age 20 00 hello time 2 00 bridge hello time 2 00 forward delay 15 00 bridge forward delay 15 00 ageing time 300 00 hello timer 0 00 ten timer 0 00 port id 8001 state forwarding designated root 8000 000000000020 path cost 19 designated bridge 8000 000000000020 message age timer 2744 02 designated port 8001 forward delay timer 2743 07 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8002 state forwarding designated root 8000 000000000020 path cost 100 designated bridge 8000 000000000020 message age timer 2744 03 designated port 8002 forward delay timer 2743 08 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8003 state forwarding designated root 8000 000000000020 path cost 100 designated bridge 8000 000000000020 message age timer 2744
230. riv AuthPriv SNMP Trap Trap Active Disable O Enable vl v2c Trap Version 192 168 gi H21 4162 public M Disable 0 1 2 Disable 3 4 Disable Lo genericro v NoAuthNoPriv 01 genericro W l NoAuthNoPriv W 02 genericro w i NoAuthNoPriv W 03 genericro MA i NoAuthNoPriv v 04 genericro v NoAuthNoPriv Figure 3 6 30 Trap Items Enable Disable which trap items to send Trap Items Cold Start ODisable Enable Warm Start ODisable Q Enable Link Up Disable Enable Link Down ODisable Enable Auth Fail ODisable Q Enable Log In ODisable Enable Figure 3 6 31 3 6 6 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Command Ping Ping IP Count 3 Disable Enable Figure 3 6 32 3 6 7 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 6 33 125 3 7 AP_WDS_ Bridge Mode To set this device as a WDS device the setting and functions as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control Bridge Status WIFI Status Log System time Reboot V LAN e Bridge LAN settings V WIRELES
231. rtain client PCs from accessing this AP based on its IP address If enabled user should also configure the IP Filtering Address This option is only available in router and MESH modes IP Filtering Enable Disable IP Filtering IP Address Enter the Network IP Address and press lt Apply gt to filter IP Filtering IP Filtering Disable O Enable Category IP Address Delete IP Address 1 Delete IP Address 2 Delete IP Address 3 Delete IP Address 4 Delete IP Address 5 Delete IP Address 6 Po Delete IP Address 7 Delete IP Address 8 Delete IP Address 9 Delete IP Address 10 Delete IP Address 11 Delete IP Address 12 Delete IP Address 13 Delete IP Address 14 Delete IP Address 15 Delete Figure 3 9 36 196 3 9 6 2 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario gt General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those interfaces PCs with MAC address in the MAC address table can access this AP Reject All PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table MAC address filtering Filtering type Disa
232. rval 600 30 65535 Figure 3 4 31 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here SSID Security Mode Authentication WPA MODE Share Key WPA Encryption Group Key Update Interval 802 1x Primary Radius Server WEA enterprise v 8 63 characters 30 65535 AuthenticatoinServer 192 168 Backup Radius Server Optional 2 1812 Shared Secret secret Authenticatoin Server Shared Secret gt Q Figure 3 4 32 oS WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters Cwmin Minimum Contention Window The valid values for Cwmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for Cwmin must be lower than the value for Cwmax Cwmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for Cwmax must be higher than the value for Cwmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to
233. s In this page user could see the WIFI information of this device such as Interface information Security information Associated AP Station WIFI Status ath0 WIFI Interfaces ath4 Interface Information IEEE 802 11bg ESSID A1 APO Nickname Mode Master Frequency 2 452 GHz Access Point 00 40 C7 FB 00 F8 Bit Rate 0 kb s Tx Power 16 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 0 70 Signal level 97 dBm Noise level 97 dBm Rx invalid nwid 1615 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Mode Disable Associated AP Station End of Status Figure 3 9 13 3 9 1 7 Log In this page user could see the system logs record of this device Logs System Logs 2 Apr 13 00 02 01 IWP 2000 68 cron notice crond 2844 USER root pid 3525 cmd web server www htm Apr 13 00 00 32 MVP 2000 68 auth notice root 192 168 1 10 login Apr 13 00 00 25 MVP 2000 68 auth notice root 192 168 1 10 login Apr 13 00 00 00 IWP 2000 68 user info web server flash setup sh web server flash setup sh Apr 13 00 00 00 IWP 2000 68 user info RINETLINK answers No such file or directory Apr 13 00 00 00 IWP 2000 68 user info RINETLINK answers No such file or directory Apr 13 00 00 00 INP 2000 68 user info date 041300002010 00 Apr 13 00 00 00 IWNP 2000 68 user info Tue Apr 13 00 00 00 UTC 2010 Apr 13 00 0
234. s Point stops responding correctly or in some way stops functioning you can perform a Reboot To perform the Reboot click on the Reboot button below You will be asked to confirm your Secisi Figure 3 4 18 3 4 2 WAN Configuration 3 4 2 1 WAN Settings This function is to establish a connection with user s WAN network select the IP Allocation Mode that ISP is used Interface ath3 Setting IP Authentication Indicate how the IP address of this device will be assigned There are two options available here Static option the IP address should be entered in Network IP Parameters and DHCP option the IP address will be assigned from other DHCP server Network IP Parameters User can change the network settings of this device from WAN Configuration it is including IP address Subnet mask and Gateway ele SE WAN Settin ennan Seting n IP Authentication Static DHCP Network IP Parameters IP Address 192 168 123 E Subnet Mask 255 255 1255 0 Gateway Address 192 168 123 254 Figure 3 4 19 3 4 2 2 Bandwidth Management This function allows user to set the limitation of total upload download bandwidth on WAN interface and also can set the limitation of upload download bandwidth for each user or a group of users by IP address gt Bandwidth Management Bandwidth Management Enable bandwidth limitation function Upload Bandwidth The total upload bandwidth in Mbps Download Bandwidth The total
235. s available are English Simplified Chinese and Traditional Chinese Model OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To setthis device asa router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID AP WDS BRG To set this device as a WDS device with AP function AP4 WDS BRG To set this device as WDS device with AP function and support up to 4 SSID 175 Administrator Settings Device Name Name IWP 2000 68 0 9 A Z a z ont n Language English vw OLSRAP OAODV AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE OVLAN AP AP_WDS_BRG AP4 WDS BRG Password Settings Current Password Password 3 12 Characters Re type Password idle Time Out 30 1 999 minutes Enable C if enabled only the following PC can manage this AP IP Address Threshold 15 5 25 Mb sec Figure 3 9 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds nex
236. sable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key you would like to use for this AP SSID Security Mode Authentication WEP w WEP Encryption Open ORestricted KEY 1 KEY 2 O KEY 3 KEY 4 Figure 3 7 22 Select Key 138 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPAZ is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for
237. sabled L th0 LAN Port IP Address 192 168 0 1 MAC Address 00 40 c 00 00 33 Mask 255 255 255 0 DHCP Disabled tht LAN Port IP Address 192 168 1 1 Mask 255 255 255 0 DHCP Disabled DISTANCE 100 8 i Off Radio off KI e e IP Address 192 168 23 1 MAC Address 00 26 48 00 0e df Mask 255 255 255 0 DHCP Disabled ssiD AL AP3 Security Disabled MODE 802 11 a COUNTRY North_America_Area CHANNEL Auto OTIM 1 FRAG 2346 RTS 2346 BEACON 100 a i 192 168 24 1 MAC Address 00 40 c7 fb 00 f3 Mask 255 255 255 0 DHCP Disabled SsID A2 AP4 Security Disabled i off i off i off Figure 3 4 11 3 4 1 5 Power Control Status In this page user can enable the ethO port to provide PoE power and data forwarding function Power Control Status PoE Power Control eth0 port OEnable Disable Figure 3 4 12 3 4 1 6 WIFI Status In this page user can click WIFI Interfaces to see each WIFI information of this device such as Interface information Security information Associated AP Station The Figure 3 4 13 shows the ath3 CB interface is waiting for connecting to an AP WIFI Status WIFI Interfaces ath3 ath4 Interface ath3 Waiting for Connecting End of Status Figure 3 4 13 The Figure 3 4 14 shows that the ath3 CB model has connected to an AP and display the relevant information a a E c w WIFI Interfaces ath3 ath4 Interface Information IEEE 802 11bg ESSID DW 1
238. sed on its MAC address Use Filtering type to define the filtering scenario gt General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those interfaces PCs with MAC address in the MAC address table can access this AP Reject All PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table MAC address filtering Filtering type Disable MAC address table Item MAC address Ex 22 22 22 22 22 22 MAC address 1 Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 l Delete MAC address 12 Delete MAC address 13 Delete MAC address 14 Delete MAC address 15 Delete Figure 3 8 33 3 8 5 SNMP The IWP 2000 68 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 8 5 1 Basic Setting SNMP Agent Check the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery 168 Protocol function This function will be used if user wants Lantech Wireless View to remote management the
239. sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory 140 QoS Setting On AP WMM Enable O Disable MAX Associated Station 32 1 2007 AP Tx Best Effort CWmin 2047 w CWMax 4095 AIFS 2 1 255 Burst 0 0 AP Tx Background CWmin 15 w CWMax 1023 AIFS 7 1 255 Burst 0 0 AP Tx Video CWmin 7 v CWMax 7 Y AIFS 1 1 255 Burst 1 5 AP Tx Voice CWmin 7 v CWMax 15 Y AIFS 1 1 255 Burst 3 0 Cwmin 7 w CWMax 1023 AIFS 2 1 255 STA Tx Best Effort Ti 5 e j TXOP 64 1 255 x32ms ACM O Enable Disable CWmin 15 CWMax 1023 v AIFS 7 1 255 STA Tx Background sy L pani TXOP 1 1 255 x32ms ACM OEnable Disable CWmin 7 v CWMax 7 y AIFS 1 1 255 STA Tx Video 7 y TXOP 47 1 255 x32ms ACM O Enable Disable CWmin 7 v CWMax 15 v AIFS 1 1 255 STA Tx Voice 3 i TXOP 94 1 255 x32ms ACM O Enable Disable Figure 3 7
240. shold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto Rate 54 Mbits V Fixed Layer 2 Isolation Disable Enable Key 1 eeeee WEP Key Setting Key 2 e0000 Key 3 eeeee Key 4 00000 Figure 3 9 34 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are two options for authentication Disable WEP WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption 195 Select Key Check the radio box in front of the key you would like to use for this AP SSID Security Mode Authentication WEP vi WEP Encryption GOpen ORestricted OKEYA A OKEY R O KEY 3 KEY 4 Figure 3 9 35 Select Key 3 9 6 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 9 6 1 IP Filtering User can block ce
241. show in Figure 3 2 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings Configuration Tools Restore Factory Default Configuration NE Local Backup Settings Restore settings ET Remote Backup Settings Restore settings ET Figure 3 2 4 Restore Factory Default Configuration To reset configuration settings to the factory default values just click on NEXT button beside Restore Factory Default Configuration Restore Factory Default Configuration NEXT Figure 3 2 5 Then click on Restore button on next page now the system will reset to factory default value Restore Factory Default Figure 3 2 6 Local Backup Settings Restore settings To backup or restore the configuration for this device click on lt NEXT gt button beside Local Backup settings Restore settings Local Backup Settings Restore settings NEXT J Figure 3 2 7 Click on lt Backup Settings gt button on next page to save the settings of this device to a file named configs tar on user s PC To restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process 16 Backup Settings Backup Settings Restore Settings Figure 3 2 8 Remote Backup Settings Restore settings
242. ss this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 9 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 9 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings Configuration Tools Restore Factory Default Configuration Leer Local Backup Settings Restore settings vex J er Rem
243. t button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 3 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 3 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings Configuration Tools Restore Factory Default Configuration Local Backup Settings Restore settings Bang Remote Backup Settings Restore settings Figure 3 3 4 gt Restore Factory Default Configuration To reset configuration settings to the factory default values just click on lt NEXT gt button beside Restore Factory Default Configuration Restore Factory Default Configuration NEXT Figure 3 3 5 Then click on Restore button on next page now the system will reset to factory default value Restore Factory Default Figure 3 3 6 Local Backup Settings Restore settings To backup or restore the configuration for this device click on NEXT button beside Local Backup settings Restore settings Local Backup Settings Restore settings NET J Figure 3 3 7 37 Click on lt Backup Settings gt button on next page to save the settings of this device to a file named co
244. t Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie 0 9 a z Or use HEX to set the key value in hexadecimal ie 0 9 avf User can set maximum 4 keys but only one key will functional at one time 48 Advanced Setting Auto vi Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto Rate 54 _ Mbit s Fixed Layer 2 Isolation Disable Enable Key 1 00000 WEP Key Setting Key 2 eeeee Key 3 eeeee Key 4 esooo Figure 3 3 28 SSID Security Mode Authentication User can
245. t action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by Lantech Wireless View Lantech Wireless View will monitor the WIFI loading when the loading is over this value Lantech Wireless View will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 9 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 9 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of firmware 176 Firmware Update Current Firmware information Version IWP 2000 68 w0 1 4 Date 2010 04 13 Using TFTP NEXT Using WEB NEXT Using FTP Figure 3 9 3 Using TFTP On any computer in the network oracompute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade proce
246. t for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account and assign access rights by VACM 79 SNMP Basic Settings SNMP Agent Enable System Information Contact IContact me Location ll am here V1IV2C IndexAccess Right Community 1 2 3 4 5 Deny b Deny S Deny vi Deny vi Deny vi Security Level auth Auth Passphrase ey Priv Passphrase ae Type Protocol Right AuthPriv v mp5 x DES unused sv AuthPriv v MD5 7 DES w unused AuthPriv w mp5 v DES v unused w AuthPriv v MDS5 DES unused w AuthPriv v mo5 v DES v unused Figure 3 4 36 3 4 6 2 VACM Setting User can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that user can use Community to Security for V1 V2c Map the community name COMMUNITY in
247. the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized 72 radio channels Channel Set the operating frequency channel for this device Radio Power On v Wireless Mode 802 11 b g v SSID ALAPO SSID Hide Oon Off Country North America Art ea v Channel 9 Sa Figure 3 4 28 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depend
248. the menu screen to the left Figure 3 2 3 2 AP Bridge Mode The default operating model for IWP 2000 68 is AP Bridge this model is to set the device as a normal AP The functions and settings are list as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control Bridge Status WIFI Status Log System time Reboot V LAN e Bridge LAN settings V WIRELESS e WIFI athO Setting WIFI athi Setting WIFI ath2 Setting WIFI ath3 Setting WIFI ath4 Setting WIFI ath5 Setting WIFI ath6 Setting WIFI ath7 Setting V FILTER e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 3 2 1 System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control Bridge Status WIFI Status Log System Time and Reboot screen as shown in Figure 3 2 1 Administrator Firmware Configuration Tools General Status Power Control Bridge Status Log System Time Reboot 3 2 WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 2 1 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 2 2 These settings allow user to configure the device Name language model password remote
249. thentication Static ODHCP Network IP Parameters IP Address 192 168 1 1 Subnet Mask 255 255 255 Mo Gateway Address 192 168 1 254 STP RSTP RSTP w Bridge Priority 15 STP 0 65535 RSTP 0 15 Hello Time 2 1 10 second Forwarding Delay 15 4 30 second Max Age 20 6 40 second Cost 18 0 2 10 8 Priority 1 STP 0 Port ethO 255 RSTP 0 15 PtoP auto A Edge no vw Cost 19 0 2 10 8 Priority 1 STP 0 Port eth1 255 RSTP 0 15 PtoP auto v Edge no w Cost 2000000 0 2 10 8 Priority 2 STP 0 Port athO 255 RSTP 0 15 aia PtoP auto v Edge no v Cost 2100000 0 2 10 8 Priority 3 STP 0 Port ath1 255 RSTP 0 15 PtoP auto v Edge no w Cost 2200000 0 2 1048 Priority4 STP 0 Port ath2 255 RSTP 0 15 PtoP auto v Edge no vw Cost 2300000 0 2 10 8 Priority 5 STP 0 Port ath3 255 RSTP 0 15 S PtoP auo v Edge no w Cost 2400000 0 2 10 8 Priority 6 STP 0 Port ath4 255 RSTP 0 15 PtoP auto v Edge no vw Cost 2500000 0 2 10 8 Priority 7 STP 0 Port ath5 255 RSTP 0 15 PtoP auto Y Edge no v Cost 2600000 0 2 10 8 Priority 8 STP 0 Port ath6 255 RSTP 0 15 PtoP auto v Edge no Cost 2700000 0 2 10 8 Priority 9 STP 0 Port ath7 255 RSTP 0 15 PtoP auto Edge no v Figure 3 2 18 22 3 2 3 Wireless User can configure the wireless related settings in this page WIFI athO Setting WIFI ath1 Setting WIFI af ng WIFI ath3
250. this page user could see the system logs record of this device Logs System Logs Apr 13 00 02 01 MVP 2000 68 cron notice crond 2844 USER root pid 3531 cmd web server www htm Apr 13 00 02 00 IWP 2000 68 auth notice root 192 168 1 10 login Apr 13 00 01 47 MP 2000 68 auth notice root 192 168 1 10 login Apr 13 00 00 00 WP 2000 68 user info web server flash setup sh web server flash setup sh Apr 13 00 00 00 MVP 2000 68 user info date 041300002010 00 Apr 13 00 00 00 IWP 2000 68 user info Tue Apr 13 00 00 00 UTC 2010 Apr 13 00 00 05 IWP 2000 68 user info Terminated Apr 13 00 00 03 IWP 2000 68 user info Killed Apr 13 00 00 03 MVP 2000 68 user info Terminated Apr 13 00 00 00 IWP 2000 68 user info kernel br port 1 eth1i 24 transitioning to FORWARDIN Apr 13 00 00 00 MVP 2000 68 user info kernel br port 3 ath4 transitioning to FORWARDING s Apr 13 00 00 00 IWP 2000 68 user info kernel bri0Q port 1 eth1 10 transitioning to FORWARDI Apr 13 00 00 00 IWP 2000 68 user info kernel bri0 port 3 ath0 transitioning to FORWARDING Apr 13 00 00 00 IWP 2000 68 user info kernel br port 1 ethi 24 transitioning to LEARNING Apr 13 00 00 00 IWP 2000 68 user info kernel br4 port 2 eth0 24 transitioning to DISABLED Apr 13 00 00 00 IWP 2000 68 user info kernel br4 port 3 ath4 transitioning to LEARNING sta Yo Figure 3 6 14 3 6 1 8 System time Select Setting Type Setting by User can set system time in
251. thod of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPA2 is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal vi WPA MODE WPA amp WPA2 Share Key 123456789 8 63 characters WPA Encryption Auto Group Key Update Interval 600 30 65535 Figure 3 6 22 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here SSID Security Mode Authentication WPA MODE Share Key WPA E
252. tion NEXT Figure 3 6 5 Then click on lt Restore gt button on next page now the system will reset to factory default value Restore Factory Default Figure 3 6 6 Local Backup Settings Restore settings To backup or restore the configuration for this device Click on lt NEXT gt button beside Local Backup settings Restore settings Local Backup Settings Restore settings NEXT J Figure 3 6 7 Click on lt Backup Settings gt button on next page to save the settings of this device to a file named configs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process 110 Backup Settings Backup Settings Restore Settings Figure 3 6 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on NEXT button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 6 9 Enter the necessary setting in next page then click on Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFIP FTP TFTP or FTP Server IP LI LI LI Firmware Filename in server configs tar FTP Username FTP Password Figure 3 6 10
253. to a security name The Community to Security token takes NAME SOURCE and COMMUNITY options User can use this token to give SNMPv3 security privileges to SNMPvi and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network Community The community name that is used Group Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting 80 Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is vi or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings Community to Security for V1 V2c Index Security Name IP Source Community Mi mypriv 127 0 0 1 public Group Name Security Model Security Name M1 generic n B mypriv v M2 genericusm usm Yi generic v 03 Mi mypriv z O4 n S mypriv v D 5 vi w mypriv v Figure 3 4 37 View Create a view for user to let the groups have rights to v
254. try of operation and sets the authorized radio channels Channel Set the operating frequency channel for this device 163 Radio Power On w Wireless Mode 802 11 b g v SSID A1 APO SSID Hide On Off Country North America Area v Channel a M Figure 3 8 27 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the dev
255. ttings of this device to a file named configs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process Backup Settings Backup Settings Restore Settings Figure 3 4 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on lt NEXT gt button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 4 9 Enter the necessary setting in next page then click on Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFTP FTP TFTP or FTP Server IP LI L LI Firmware Filename in server configs tar FTP Username FTP Password Figure 3 4 10 3 4 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control Status WAN Port ethO LAN Port eth1i LAN Port Station WIFI 1 Status AP WIFI 2 Status 63 Current Firmware Version IWWP 2000 68 v0 1 8 Device Name IvwP 2000 68 System Model AP CB ROUTE System Time Wed Nov 3 00 17 44 2010 eth0 PoE Disabled IP Address 192 168 23 1 MAC Address 00 26 48 000e df Mask 255 255 255 0 Gateway NA DHCP Di
256. twork or a compute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP server utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 2 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will
257. ty High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate The parameters will be used by WMM clients for frames 162 transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory QoS Setting
258. ubnet mask and enable disable the DHCP server Function DHCP Server Parameters Primary Secondary DNS Address The domain name servers option specifies a list of Domain Name System name servers available to the client IP Pool Starting Ending Address The IP Address range which will be assigned Lease Time How long does the IP address can be leased by DHCP server LAN Setting Interface et Seting Network IP Parameters IP Address 192 168 p la Subnet Mask B255 j255 255 so DHCP Server ET DHCP Server Parmeters Primary DNS Address 168 95 LA 1 Secondary DNS Address A A IP Pool Starting Address 100 IP Pool Ending Address e 200 Lease Time Haifhour Figure 3 10 18 3 10 3 2 AP WLAN Settings User can change the local network settings from LAN Configuration for ath4 interface which include the IP address Subnet mask and DHCP server related settings Network IP Parameters User can change the network settings of this interface from LAN configuration it is including IP address Subnet mask Gateway address and enable disable the DHCP server Function DHCP Server Parameters Primary DNS Address The domain name servers option specifies a primary Domain Name System servers available to the client Secondary DNS Address In same case user can specifies a secondary Domain Name System servers available to the client IP Pool Starting Ending Address The range of IP addresses which can be assigned to the c
259. unity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory QoS Setting On AP WMM Enable O Disable MAX Associated Station 32 1 2007 AP Tx Best Effort CWmin 2047 v CWMax 4095 v AIFS 2 1 255 Burst 10 0 AP Tx Background CWmin 15 v CWMax 1023 v AIFS 7 1 255 Burst 10 0 AP Tx Video CWmin 7 v CWMax 7 v AIFS 1 1 255 Burst 1 5 AP Tx Voice CWmin 7 vy CWMax 15 v AIFS 1 1 255 Burst 3 0 CWmin 7 v CWMax 1023 v AIFS 2 1 255 STA Tx Best Effort X TXOP 64 1 255 x32ms ACM OEnable Disable CWmin 15 x CWMax 1023 v AIFS 7 1 255 STA Tx Background TXOP 1 1 1 255x32ms ACM O Enable Disable eae CWmin 7 w CWMax 7_ AIFS 1 1 255 TXOP 47 1 255 x32ms ACM OEnable Disable Cwmin 7 w CWMax 15_ AIFS 1 1 255 STA Tx Voice TXOP 94 1 255 x32ms ACM OEnable Disable 167 Figure 3 8 32 3 8 4 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 8 4 1 MAC Filtering User can block certain clients from accessing this AP ba
260. unity name can be thought of as a password If user don t 28 have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community V3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account and assign access rights by VACM SNMP Basic Settings SNMP Agent
261. urity level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table Security Model Security Level ead 3 Write Notify i generic v any NoAuthNoPriv generic generic generic genericusm Y usm AuthPriv v all v all all all all 1 2 v v 3 generic v any NoAuthNoPriv all v v v 4 generic v any NoAuthNoPriv v all vi all v all v 5 v v a generic v any NoAuthNoPriv all all all Figure 3 8 37 3 8 5 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address amp Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable
262. usm account and assign access rights by VACM 224 SNMP Basic Settings SNMP Agent Enable System Information Contact IContact me Location ll am here V1IV2C IndexAccess Right Community 1 2 3 4 5 Deny b Deny S Deny vi Deny vi Deny vi Security Level auth Auth Passphrase ey Priv Passphrase ae Type Protocol Right AuthPriv v mp5 x DES unused sv AuthPriv v MD5 7 DES w unused AuthPriv w mp5 v DES v unused w AuthPriv vi MD5 DES unused w AuthPriv v MD5 x DES v unused Figure 3 10 33 3 10 8 2 VACM Setting You can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that you can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options You can use this token to give SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communities Index Index
263. uter device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID AP_WDS_BRG To set this device as a WDS device with AP function AP4_WDS_BRG To set this device as WDS device with AP function and support up to 4 SSID 107 Administrator Settings Device Name Name IWP 2000 68 0 9 A Z amz ont n Language English vw OLSRAP AODV_AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP AP_WDS_BRG AP4 WDS BRG Password Settings Current Password Password 3 12 Characters Re type Password idle Time Out 30 1 999 minutes Enable C if enabled only the following PC can manage this AP IP Address Threshold 15 6 25 Mbisec Figure 3 6 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The t
264. very Traffic Indication Message DTIM Enter a 23 number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie 0 9 avf User can set maximum 4 keys but only one key will functional at one time Advanced Setting Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346
265. vice such as interface information STP status mac address information etc Bridge Status R Bridge brO Bridge STP State off bridge id 8000 000000000020 designated root 8000 000000000020 root port 0 path cost 0 max age 20 00 bridge max age 20 00 hello time 2 00 bridge hello time 2 00 forward delay 15 00 bridge forward delay 15 00 ageing time 300 00 hello timer 0 00 ten timer 0 00 port id 8001 state forwarding designated root 8000 000000000020 path cost 19 designated bridge 8000 000000000020 message age timer 2744 02 designated port 8001 forward delay timer 2743 07 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8002 state forwarding designated root 8000 000000000020 path cost 100 designated bridge 8000 000000000020 message age timer 2744 03 designated port 8002 forward delay timer 2743 08 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8003 state forwarding designated root 8000 000000000020 path cost 100 designated bridge 8000 000000000020 message age timer 2744 04 designated port 8003 forward delay timer 2743 08 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8004 state forwarding designated root 8000 000000000020 path cost 100 designated bridge 8000 000000000020 message age timer 2744 04 designated port 8004 forward delay timer 2743 08 designated cost 0 hold timer 0 00 admin
266. wing address record for 192 Apr 13 00 05 08 IWP 2000 68 daemon info avahi daemon 2838 Leaving mDNS multicast group on int Apr 13 00 05 08 MVP 2000 68 daemon info avahi daemon 2838 Interface ath7 IPv4 no longer relev Apr 13 00 05 05 IWP 2000 68 daemon info avahi daemon 2838 Registering new address record for Apr 13 00 05 05 MP 2000 68 daemon info avahi daemon 2838 New relevant interface ath3 IPv4 fo Apr 13 00 05 05 IWP 2000 688 daemon info avahi daemon 2838 Joining mDNS multicast group on int Apr 13 00 05 02 MVP 2000 68 daemon info avahi daemon 2838 Withdrawing address record for 192 Apr 13 00 05 02 MP 2000 68 daemon info avahi daemon 2838 Leaving mDNS multicast group on int Apr 13 00 05 02 IWP 2000 68 daemon info avahi daemon 2838 Interface ath3 IPv4 no longer relev Apr 13 00 04 11 IWP 2000 68 daemon info avahi daemon 2838 Registering new address record for Apr 13 00 04 11 MVP 2000 68 daemon info avahi daemon 2838 New relevant interface ath7 IPv4 fo Apr 13 00 04 11 IWP 2000 8 daemon info avahi daemon 2838 Joining mDNS multicast group on int J Apr 13 00 04 08 MvP 2000 68 lt daemon info avahi daemon 2838 Withdrawing address record for 192 gt Figure 3 5 15 3 5 1 8 System time gt Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is Synchronize with an Internet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute
267. y values ie O 9 a z Or use HEX to set the key value in hexadecimal ie 0 9 avf User can set maximum 4 keys but only one key will functional at one time 45 peg Se Radio Power on Wireless Mode 802113 vi SSID A1 AP3 Scan MAC Cloning WDS v Auto b Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 4 1 255 Fragmentation Threshold 2346 256 2346 RTSICTS Threshold 2346 1 2346 Tx Power Auto W Key 1 seese WEP Key Setting Key 2 osese Figure 3 3 23 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANS defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP vi WEP Encryption GOpen ORestricted O L Sesect Kay KEY 1 KEY 2 O KEY 3 KEY 4 Figure 3 3 24 WPA Personal The method of authentication is simila
Download Pdf Manuals
Related Search