Home

Configuring TCP/IP Settings

1. Fig 7 IEEE 802 11g communication settings Go to the IEEE 802 11 Communication section to configure IEEE 802 11g related communication settings including Regulatory domain Channel number and Network name SSID The number of available RF channels depends on local regulations therefore you have to choose an appropriate regulatory domain to comply with local regulations The SSID of a wireless client com puter and the SSID of the AP must be identical for them to communicate with each other When you are finished click Save at the bottom of this page and then you are brought back to the start page 12 2 4 5 Step 4 Reviewing and Applying Settings Bridge AP Settings and Info Model BIOS Firmvware Version Operational Mode MAC Address System Up Time Chriminisec TCP IP Settings Wireless Settings The settings have been changed Click Restart to restart the Bridge AP for the settings to take effect AP Ady APXS 2510 v1 3 3 6 5 4602 Access Point 00 09 92 00 C2 EB 0 22 13 LAWN Interface IP address Subnet mask Default gateway RF type Regulatory domain Channel number Network name SSID Lata rate Transmit power Security made AP functionality SSID broadcasts 197 168 165 5 2I ee 197 168 168 1 Mixed Pee GEES 6 wireless Ato High Open system Enabled Enabled Wireless client isolation Disabled Fig 8 Settings changes are highlighted in red
2. 1 Select Enabled from the Functionality drop down list 2 Set the Access control type to inclusive 3 3 Specify the MAC address of a wireless client to be denied access and then click Add 4 Repeat Steps 3 for other wireless clients To delete an entry in the access control table SG Click Delete next to the entry NOTE The size of the access control table is 64 TFTF server IP address 192 168 0 125 MAC ACL file name MacAcl tut Download Fig 50 MAC ACL download settings Instead of manually entering MAC addresses to the access control table one by one you can prepare a text file that contains all the MAC addresses and put it on a TFTP server and then command the AP to download the MAC ACL Access Control List file from the TFTP server Fig 51 shows the con tents of a sample ACL file 86 11 22 33 44 56 86 11 22 33 44 66 Fig 51 Sample MAC ACL file To download a MAC ACL file from a TFTP server 1 Specify the IP address of the TFTP server in the TFTP server IP address text box 2 Specify the name of the MAC ACL file on the TFTP server in the MAC ACL file name text box 3 Click Download 3 5 3 IEEE 802 1x RADIUS IEEE 802 1x Port Based Network Access Control is a new standard for solving some security issues associated with IEEE 802 11 such as lack of user based authentication and dynamic encryption key distribution With IEEE 802 1x and the help of a RADIUS Remote Authenticatio
3. 25 3 3 3 5 Resetting Configuration to Factory Detauits ccc eeeeeeeeeeeeeee 27 3 4 Configuring TCP IP Related Settings ccccccccccceccceeeceeeeceseeseeeseeeeseeseeesaeeesaees 27 SA Ee 9 ico e a E 2 et DACP Si EE 28 E e MR ET 28 3422 Sate DHCP Wap ONG S enoei a E 28 3 5 Configuring IEEE 802 11g Related Gettngs cc cccceccccseceeeceseeeeeeeeseeesaeeesaees 29 Seo EE eebe 29 SE ie De Le 29 se di MIA PCS IY A A A E E 29 3 5 1 3 ASSOCIATION Control EE 30 3 0 124 AP Load Balancing DE 30 3 5 1 5 Wireless Distribution Gvstem 30 S e EE 34 OL le w Te 35 3 5 2 2 MAC Address Based Access Control 37 29r Ek RADIUS pee eee ieee ee eee er een ere er eee ee ee eee 38 3 6 Configuring Advanced SettingS ssrt a e Ee ES ES 40 Oly e EE 40 Je oad Peat gt Type EE ee ee Eet 40 EE E Ee Ce leie RE 41 36 ere GA RTR IP One o ME 41 OZ IMAI En CT EE 42 202 WERT EE 42 EE En e WE 42 26 297 Eeer Een 43 Appendix A Default Setting E 44 Appendix B Troubleshooting ME 45 B 1 Wireless Settings ele En ET 45 B 2 TCP IP Settings Problems EE 46 B 37 UNKNOWN WR Gel En EE 47 Appendix C Additional IMPOR ue EE 49 C 1 Firmware Upgrade Using Xmodem Upgrade nnnn0nnnnnnnnnnnnnennnnnennnnennrrnnrenrnnnnne 49 1 Introduction 1 1 Overview The IEEE 802 11g wireless access point AP enables IEEE 802 11g or IEEE 802 11b client com puters to access the resources on the Ethernet network There are 2
4. NR router 00 06 F4 00 9C Fa router 00 60 B3 6F 89 C9 Communication Security WD Antenna Aignment Fig 43 Link health monitoring Run Wireless Network Manager on a computer and locate the AP you want to manage Go to the WDS tab and then click Test The test results OK or Broken will be shown in the Link Status col umn of the WDS links table If external high gain directional antennas are used it s difficult to align the antennas when the dis tance between the bridges is long To adjust the alignments of a pair of bridges directional antennas 7 Connect each bridge to a computer via Ethernet 8 Configure the date rate of each bridge to the lowest value 1 Mbps H Fix the alignment of the antenna on one side 10 Adjust the alignment of the antenna on other side by using response time information obtained from PINGing run PING exe the fixed side computer 11 Fine tune the alignment of the antenna until you get a best response time 12 Increase the data rate of each bridge simultaneously until a maximal workable data rate is reached You may not be able to use the highest data rate 11 Mbps because of the distance and the gain of the antennas Fig 44 illustrates the idea 33 Adjust antenna alignment N WDS Link J Bridge 1 Bridge 2 emm PING ICMP Echo Request SEENEN E Sege Es ICMP Echo Reply Computer 1 Computer 2 Fig 44 Adjusting alignments of external directional antenn
5. Network name SSID wireless Data rate Auto Transmit power High Security mode Open System AP functionality Enabled SSID broadcasts Enabled Wireless client isolation Disabled e MAC address based access control Disabled e AP load balancing Disabled e Link integrity Disabled e Reference host 0 0 0 0 e Number of WDS links 0 DHCP Server Settings DHCP server is disabled TCP IP Settings Wireless Settings Fig 4 The Start page 2 4 2 Step 1 Selecting an Operational Mode AP Bridge This mode provides both Access Point and Static LAN to Lan Bridging functionality The static LAN to LAN bridging function is supported through Wireless Distribution System CWDS AP Client This mode is for Dynamic LAN to LAN Bridging The AP Client automatically establishes bridge links with APs from any vendors Fig 5 Operational modes settings Go to the General Operational Mode section select an operational mode and click Save at the bot tom of this page and then you are brought back to the start page The AP supports 2 operational modes AP Bridge This mode provides both Access Point and Static LAN to LAN Bridging functionality The static LAN to LAN bridging function is supported through Wireless Distribution System WDS AP Client This mode is for Dynamic LAN to LAN Bridging The AP Client automati cally establishes bridge links with APs from any vendors In either mode the AP forwards packets b
6. Configuring IEEE 802 11 Gettngs cece ceccceeeeeeeeeeeeeaeeesaees 12 2 4 5 Step 4 Reviewing and Applying Settings 00n00nnannonnnannnnnnennnnnnnnnnnnennnnne 13 29 PEDIC VIVO MNS EE 13 2 6 Setting up Client Computers 15 2 6 1 Configuring IEEE 802 11g Related Settings cc cceccceeeceeeeeeeeeaeeeeeees 15 2 6 2 Configuring TCP IP Related Settings ccccccccseccceeceeeeeceeeseeeeeeeeeseesaees 15 2 Confirming the Settings of the AP and Client Computers 16 2 1 Checking if the IEEE 802 11g Related Settings Work es 16 2 2 Checking if the TCP IP Related Settings Work annnnnnannnnnnnnnnnnnnnnnnnennnnne 16 3 Using Web Based Network Manager 17 e ENEE ee 17 Dies MENU TUCE EE 17 3 1 2 Save Save amp Restart and Cancel Commande 18 3 1 3 Home and Refresh Commande nnnn0nnannnannnnnnnnnnnnnnnnrnrenrnnirrrrsrrnrrenrrnnenne 19 3 2 Viewing E 19 3 2 1 Associated Wireless Cliente 19 3 2 2 Current DHCP WIAD eine EE 20 En Re EEN 20 SE ER in Li OVO E ZU 33 EECH AUONS EE 21 3 3 1 Specifying Operational Mode ccc cceccccccccececeeeceeeeseeeeseeesaeeeseeeseeesaueessees 21 33 2 Changing 1 AS SW EE 22 3 3 3 Managing Firmware 22 3 3 3 1 Upgrading Firmware by HIT 23 3 3 3 2 Backing up and Restoring Configuration Settings by HTTP 23 3 3 3 3 Upgrading Firmware by IEIR 24 3 3 3 4 Backing up and Restoring Configuration Settings by TFTP
7. HeperText Transfer Protocol based SNMP SNMP Simple Network Management Protocol MIB I MIB II IEEE 802 1d IEEE 802 1x and Private Enterprise MIB are supported E UPnP The AP responds to UPnP discovery messages so that a Windows XP user can lo cate the AP in My Network Places and use a Web browser to configure it m Telnet The user is enabled to manage the AP by Telnet m System log For system operational status monitoring Local log System events are logged to the on board RAM of the AP and can be viewed using a Web browser Remote log by SNMP trap Systems events are sent in the form of SNMP traps to a remote SNMP management server Power over Ethernet optional Supplying power to an AP over an Ethernet cable using PowerDsine http www powerdsine com technology IEEE 802 3af compliant in the future This feature facilitates large scale wireless LAN deployment Hardware Watchdog Timer If the firmware gets stuck in an invalid state the hardware watchdog timer will detect this situation and restart the AP This way the AP can provide con tinuous services 1 3 Feature Comparison ree eee Wireless client isolation HE AP load balancing LB Associationcontrol ll E PoE is optional 1 4 LED Definitions There are several LED indicators on the housing of the AP They are defined as follows ALV Alive Blinks when the AP is working normally RF IEEE 802 1 1g interfaces activity LAN Ethernet LAN
8. 128 Bits The Selected key setting specifies the key to be used as a send key for encrypting traffic from the AP side to the wireless client side All 4 WEP keys are used as receive keys to decrypt traffic from the wireless client side to the AP side NOTE Each field of a WEP key setting is a hex decimal number from 00 to FF For example when the security mode is Static WEP and the key length is 64 Bits you could set Key 1 to 00012E3 ADF 3 5 2 2 MAC Address Based Access Control Functionality Enabled Access control type inclusive exclusive MAC address format Q0 02 DD 30 03 1E MAC Address Delete oo0 So c2 01 96 40 Delete 00 09 92 01 02 55 Delete Fig 49 MAC address based access control settings With MAC Address Based Access Control you can specify the wireless client computers that are permitted or not permitted to associate with the AP When the table type is set to inclusive entries in the table are permitted to associate with the AP When the table type is set to exclusive entries in the table are not permitted to associate with the AP To deny wireless clients access to the wireless network 1 Select Enabled from the Functionality drop down list 2 Set the Access control type to exclusive 3 Specify the MAC address of a wireless client to be denied access and then click Add 4 Repeat Steps 3 for other wireless clients To grant wireless clients access to the wireless network
9. AP and the IP address of the client computer in the same IP sub net m If you cannot find any incorrect settings of the AP the default gateway may be really down or there are other communication problems on the network backbone The DNS server s of the client computer do not respond to ping from the client computer Solve the preceding problems first m If you cannot find any incorrect settings of the AP the default gateway of the AP may be really down or there are other communication problems on the network backbone B 3 Unknown Problems The AP has been set to obtain an IP address automatically by DHCP How can know its acquired IP address so that can manage it using a Web browser m Use the utility Wireless Router AP Browser WLBrwsr exe in the Utilities folder on the companion CD ROM disc This utility can discover nearby APs and show their MAC addresses and IP addresses In addition it can launch the default Web browser on your computer 47 El Wireless Routen AF Browser oe Eo x dapter Ma Discovered wireless routers 4Ps Refresh MAC Address LAN IP Address brouter O0 00 00 00 00 00 192 168 119 1 E_Brouter O0 60 65 6F 69 C6 192 168 168 1 advap O0 06 F 4 00 5E LA 192 168 0 1 router 00 60 3 6F 56 26 192 168 168 30 router 00 60 ZE AR EA 192 168 168 201 Description Select a wireless router AF and then click the Web Based Management button to manage it using a Web bro
10. Clicking Save amp Restart stores the settings changes to the memory of the AP and restarts the AP immediately for the settings changes to take effect Click ing Cancel discards any settings changes and brings you back to the start page If you click Save the start page will reflect the fact that the configuration settings have been changed by showing two buttons Restart and Cancel In addition changes are highlighted in red Clicking Cancel discards all the changes Clicking Restart restarts the AP for the settings changes to take ef fect 18 Model BIOS Firmvware Version Operational Mode MAC Address System Up Time Chriminisec TCP IP Settings Wireless Settings The settings have been changed Click Restart to restart the Bridge AP for the settings to take effect Bridge AP Settings and Info AP Ach APSMS 2510 v1 3 3 6 5 4602 Access Point O0 09 92 00 C2 E6 0 22 13 LAN Interface IP address Subnet mask Default gateway RF type Regulatory domain Channel number Network name SSID Data rate Transmit power Security mode AP functionality SSID broadcasts 94 168 169 83 e 192 168 168 1 Mixed Poo 6 wireless Auto High Open System Enabled Enabled Wireless client isolation Disabled Fig 14 Settings have been changed 3 1 3 Home and Refresh Commands Home Retresh Fig 15 Home and Refresh At the bottom of each status page that shows read
11. Configuration to Factory Defaults Configuration Reset Factory Defaults Reset Fig 30 Configuration reset Clicking the Reset button resets the device configuration to factory defaults WARNING Think twice before clicking the Reset button You ll lose all your current configuration settings 3 4 Configuring TCP IP Related Settings 3 4 1 Addressing Method of obtaining an IP address Set Manually D IP address 192 168 166 214 Subnet mask 255 255 255 0 Default gateway Donn Host name AF1 Domain DNS suttixi Fig 31 TCP IP settings The IP address of the AP can be manually set Set Manually or automatically assigned by a DHCP server on the LAN Obtain from a DHCP Server If you are manually setting the IP address Subnet mask and Default gateway settings set them appropriately so that they comply with your LAN environment In addition you can specify the Host name and Domain DNS suffix of the AP 27 3 4 2 DHCP Server 3 4 2 1 Basic Functionality Disabled gt Default gateway 9216801 OOO Subnet mask 255 255 255 0 Primary DNS server heen Secondary DNS server First allacatable IP address 192 168 0 2 Allocatable IP address ER count Fig 32 Basic DHCP server settings The AP can automatically assign IP addresses to client computers by DHCP In this section of the management page you can specify the Default gateway Subnet mask Primary DNS server and Seco
12. EAP MD5 authentication is used No data encryption IEEE 802 1x EAP with Static WEP EAP MD5 The IEEE 802 1x functionality is enabled and the user name password based EAP MD5 authentication is used Data encryption is achieved by static WEP IEEE 802 1x EAP with Dynamic WEP EAP TLS EAP TTLS PEAP The IEEE 802 1x functionality is enabled and dynamic WEP key distribution authentication EAP TLS EAP TTLS or PEAP is used Data encryption is achieved by dynamic WEP IEEE 802 1x EAP with Dynamic TKIP WPA This is a full WPA mode in which both the TKIP and IEEE 802 1x dynamic key exchange mechanisms are enabled The AP 1s highly se cured in this mode 36 In the above security modes a back end RADIUS Remote Authentication Dial In User Service server is needed if IEEE 802 1x functionality is enabled See Section 3 5 3 for more information about IEEE 802 1x and RADIUS According to the IEEE 802 11 standard WEP can be used for authentication and data encryption Normally Shared Key authentication is used if WEP data encryption is enabled In rare cases Open System authentication may be used when WEP data encryption is enabled The Authentication algo rithm setting is provided for better compatibility with wireless clients with various WLAN network adapters There are three options available including Open System Shared Key and Auto When WEP is enabled by a security mode the Key length can be specified to be 64 Bits or
13. Settings by TFTP Configuration Backup Restore Back Up Restore Fig 29 Configuration backup restore 25 To back up configuration of the AP by TFTP 1 Get a computer that will be used as a TFTP server and as a managing computer to trigger the backup process 2 Connect the computer and one of the LAN Ethernet switch port with a normal Ethernet cable 3 Configure the IP address of the computer so that the computer and the AP are in the same IP subnet 4 On the computer run the TFTP Server utility Select the Accept write requests check box and specify the folder to which the configuration settings of the AP will be saved 5 On the computer run a Web browser and click the General Firmware Tools hyperlink 6 Choose TFTP as the Firmware management protocol 7 Within the Configuration Backup Restore section specify the IP address of the computer which acts as a TFTP server If you don t know the IP address of the computer open a Com mand Prompt and type IpConfig then press the Enter key 8 Trigger the backup process by clicking Back Up The AP s configuration settings will be saved as AaBbCcDdEeFf hex by the TFTP server where AaBbCcDdEeFf is the AP s MAC ad dress For example if the AP s MAC address is 00 01 02 33 44 55 the configuration backup file will be 000102334455 hex NOTE Remember to select the Accept write requests check box of TFTP Server To restore configuration of t
14. System log settings System events can be logged to the on board RAM of the AP Local log or sent to a remote com puter on which an SNMP trap monitor program runs Remote log by SNMP trap See the next sub section for more information about SNMP trap settings The system events are divided into the following categories D General system and network connectivity status changes Built in AP wireless client association and WEP authentication status changes MIB II traps Cold Start Warm Start Link Up Link Down and SNMP Authentication Failure E RADIUS user authentication RADIUS user authentication status changes NOTE The SNMP Authentication Failure trap is issued when using an incorrect community string to manage the AP via SNMP and the SNMP MIB II OID snmpEnableAuthenTraps is enabled dis abled by default 42 3 6 2 3 SNMP Functionality Enabled zl Read only community FR Read write community Pee SNMP Trap Table IP Address Community Iw 192 168 0 2 E 0 0 0 0 RS Donn M 0 0 0 0 E ooo Fig 59 SNMP settings The SNMP Simple Network Management Protocol functionality can be disabled and you can spec ify the name used as a password of the read only and read write community In addition up to 5 SNMP trap targets can be set in the SNMP Trap Table To specify a trap target 1 Type the IP address of the target host 2 Type the Community for the host 3 Select the corresponding check box
15. an AP is connected to other peer APs or wireless bridges by WDS TIP Plan your wireless network and draw a diagram so that you know how a bridge is connected to other peer bridges by WDS See the following figure for an example network planning diagram 31 LAN Segment A LAN Segment 1 se Bridge 1 AN Segment 5 Bridge 4 ges Bridge 5 LAN Segment 4 Fig 41 Sample wireless bridge network topology WARNING Don t let your network topology consisting of wireless bridges Ethernet switches Ethernet links and WDS links contain loops If any loops exist packets will circle around the loops and network performance will be seriously degraded Ethernet Switch Hub Bridge 4 Ethernet link i WDS link Fig 42 Network topology containing a loop Bridge 2 TIP You can check whether the WDS links of the AP are functioning by using Wireless Network Manager 32 Network ER My Computer SFL Local Network 1 3 On this page you can specify the MAC address of the peer AP at the id Ba D Link DFE 5S30TH PCI Fa E et ae of each Wireless Distribution ENG WG link of the brouter 00 00 00 00 00 00 TE Brouter O0 60 B2 6F 39 C6 MAC Address Link tats Peer MAC address nhchang 00 60 B3 6F AB D9 A O0 06 FA 00 20 80 OK ETIE probridge 00 06 F4 00 2C 20 a0 06 F4 00 E8 4C NG probridge 00 06 F4 00 B8 4C l S Local Network And Edit Delete iit Ethemet LAN Interface Wireless LAN Interface
16. device with a crossover Ethernet cable for wireless connectivity to another access point 3 3 2 Changing Password Old password Mew User name New password New password again Fig 21 Password On this page you can change the user name and password for the right to modify the configuration of the bridge The new password must be typed twice for confirmation 3 3 3 Managing Firmware Firmware management protocol HTTP D Fig 22 Firmware management protocol setting Firmware management operations for the AP include firmware upgrade configuration backup con figuration restore and configuration reset Firmware upgrade configuration backup and configura tion restore can be achieved via HTTP or TFTP The HTTP based way is suggested because it s more user friendly However due to different behavior of different Web browser types and versions HTTP based firmware management operations may not work properly with some Web browsers If you cannot successfully perform HTTP based firmware management operations with your Web browser try the TFTP based way TIP You can use Upgrade Wizard of Wireless Network Manager to upgrade firmware See the on line help of Wireless Network Manager for more information 22 3 3 3 1 Upgrading Firmware by HTTP Firmware Upgrade Firmware file name Browse Upgrade Fig 23 Firmware upgrade by HTTP To upgrade firmware of the AP by HTTP 1 Click Browse and
17. different model variations Pro and Advanced which are classified in terms of features The Pro edition provides basic features while the Advanced edition provides more advanced features With the sleek Web based user interface a network administrator can easily and clearly manage the AP In Chapter 2 we describe the steps to install and configure a newly acquired AP Following the steps the AP can be quickly set up to work In Chapter 3 detailed explanation of each Web management page is given for the user to understand how to fine tune the settings of an AP to meet his or her spe cific needs 1 2 Features IEEE 802 11g Operational modes AP Bridge This mode provides both Access Point and Static LAN to LAN Bridg ing functionality The static LAN to LAN bridging function is supported through Wireless Distribution System WDS AP Client This mode is for Dynamic LAN to LAN Bridging The AP Client auto matically establishes bridge links with APs from any vendors RF type selection The RF type of the WLAN interface can be configured to work in IEEE 802 11b only IEEE 802 11g only or mixed mode 802 11g and 802 11b simultane ously 64 bit and 128 bit WEP Wired Equivalent Privacy For authentication and data encryption Enabling disabling SSID broadcasts When the AP is in AP Bridge mode the ad ministrator can enable or disable the SSID broadcasts functionality for security reasons When the SSID broadcasts functiona
18. for more information about deploying secure WLANs with IEEE 802 1x support 2 6 2 Configuring TCP IP Related Settings Use Windows Network Control Panel Applet to change the TCP IP settings of the client computers so that the IP addresses of the client computers and the IP address of the AP are in the same IP subnet If a client computer is originally set a static IP address you can either change its IP address to match the IP address of the AP or select an automatically obtain an IP address option if there is a DHCP server on the network 15 NOTE For some versions of Windows the computer needs to be restarted for the changes of TCP IP settings to take effect 2 Confirming the Settings of the AP and Client Computers After you have completed deploying the AP and setting up client computers you have to make sure the settings you have made are correct 2 1 Checking if the IEEE 802 11g Related Settings Work To check if a wireless client computer can associate with the AP 1 Launch the configuration monitoring utility provided by the vendor of the installed WLAN NIC 2 Check if the client computer is associated to an access point and the access point is the AP If the check fails see Appendix B 1 Wireless Settings Problems for troubleshooting 2 2 Checking if the TCP IP Related Settings Work To check if a client computer can access the Internet 1 Open a Windows Command Prompt window on the client
19. included in the package or a switch hub with 2 nor mal Ethernet cables NOTE One connector of the Ethernet cable must be plugged into the LAN CONFIG Ethernet jack of the AP for configuration 2 3 2 Changing the TCP IP Settings of the Managing Computer Use the Windows Network Control Panel Applet to change the TCP IP settings of the managing computer so that the IP address of the computer and the IP address of the AP are in the same IP sub net Set the IP address of the computer to 192 168 0 xxx the default IP address of an AP is 192 168 0 1 and the subnet mask to 255 255 255 0 NOTE For some versions of Windows the computer needs to be restarted for the changes of TCP IP settings to take effect TIP After you have connected the managing computer and the AP via Ethernet you can install Wireless Network Manager on the managing computer and use it to configure the AP without being concerned about the TCP IP settings of the managing computer Refer to the on line help of Wireless Network Manager for more information 2 4 Configuring the AP After the IP addressing issue is resolved launch a Web browser on the managing computer Then go to http 192 168 0 1 to access the Web based Network Manager start page TIP For maintenance configuration of an AP the AP can be reached by its host name using a Web browser For example if the AP is named AP you can use the URL http AP to access the Web based Networ
20. next to the IP address text box 43 Appendix A Default Settings TIP Press the Default SF Reset or Soft Reset switch on the housing of a powered on AP to reset the configuration settings to factory default values Default Value Global CC Password root IEEE 802 119 Le O Regulatory Domain FCC U S Channel Number 11 SSID Transmit Power MAC Address See the label on the accompanying PCMCIA card or the label on the housing of the AP WEP Key 2 00 00 00 00 00 MAC Address Based Access Disabled Control Access Control Table Type Association Control S O Exceeds LAN Interface S O IP Address 192 168 0 1 Subnet Mask __________ 255 255 255 0 _DefaultGateway 0 0 0 0 Management le O System Log Local Log SNMP write community Telnet _ Enabled 44 Appendix B Troubleshooting Check the following first Make sure that the power of the AP is on and the Ethernet cables are connected firmly to the RJ 45 jacks of the AP Make sure that the LED ALV of the AP is blinking to indicate the AP is working Make sure the types of the Ethernet cables are correct Recall that there are two types normal and crossover B 1 Wireless Settings Problems The wireless client computer cannot associate with an AP m Is the wireless client set in infrastructure mode Check the operating mode of the WLAN NIC m Is the SSID of the WLAN NIC identical to that of the prospective AP Check the
21. nication problems NOTE If two or more NICs are installed and operating on a client computer TCP IP may not work properly due to incorrect entries in the routing table Use the OS provided command line network tool route exe to add or delete entries from the routing table Or use Windows provided Device Manager to disable unnecessary NICs Solve the following problems in order The AP does not respond to ping from the client computer m Are two or more NICs installed on the client computer Use the OS provided command line network tool route exe to modify the contents of the routing table Use Windows provided Device Manager to disable unnecessary NICs m Is the underlying link Ethernet or IEEE 802 11g established Make sure the Ethernet link is OK 46 Make sure the wireless settings of the wireless client computer and of the AP match m Are the IP address of the client computer and the IP address of the AP in the same IP sub net Use WinIPCfg exe or PConfig exe to see the current IP address of the client com puter Make sure the IP address of the client computer and the IP address of the AP are in the same IP subnet TIP If you forget the current IP address of the AP use Wireless Router AP Browser to get the information see Appendix B 3 The default gateway of the client computer does not respond to ping from the client computer m Solve the preceding problem first m Are the IP address of the
22. only information there are two buttons Home and Refresh Clicking Home brings you back to the start page Clicking Refresh updates the shown status information 3 2 Viewing Status 3 2 1 Associated Wireless Clients Wireless Clients Status IP Address Name Tx Bytes Rx Bytes Last Activity Time Ooh Olm b s No MAC Address 1 00 90 4B 00 40 94 192 166 168 226 7521 1162 Fig 16 Status of associated wireless clients On this page the status information of each associated client including its MAC address IP address 19 user name if the client has been IEEE 802 1x authenticated number of bytes it has send number of bytes it has received and the time of its last activity is shown 3 2 2 Current DHCP Mappings DHCP Mapping Table MAC Address IP Address Type 00 90 48 00 B9 BD 192 168 168 214 Static OO BB DE AD BE EF 192 168 168 224 In use OO 90 48 00 40 94 192 168 165 220 Dynamic 40 01 43 1iD E 192 168 168 230 In Use Fig 17 Current DHCP mappings On this page all the current static or dynamic DHCP mappings are shown A DHCP mapping is a correspondence relationship between an IP address assigned by the DHCP server and a computer or device that obtains the IP address A computer or device that acts as a DHCP client is identified by its MAC address A static mapping indicates that the DHCP client always obtains the specified IP address from the DHCP server You can set static DHCP mappings in the S
23. the AP Client side to help you align the directional antennas Refer to Section 3 2 4 for more information Linking Quality Signal Strength Fig 11 Link monitor 2 6 Setting up Client Computers The TCP IP and IEEE 802 11g related settings of wireless client computers must match those of the AP 2 6 1 Configuring IEEE 802 11g Related Settings Before the TCP IP networking system of a wireless client computer can communicate with other hosts the underlying wireless link must be established between this wireless computer and an AP To establish a wireless link to an AP 1 Launch the configuration monitoring utility provided by the vendor of the installed WLAN NIC 2 Use the utility to make appropriate Operating Mode SSID and WEP settings NOTE A wireless client computer must be in infrastructure mode so that it can associate with an AP NOTE The SSID of the wireless client computer and the SSID of the AP must be identical Or in case the SSID broadcasts capability of the AP is enabled by default the SSID of the wireless client computer could be set to any NOTE Both the wireless client computer and the AP must have the same WEP settings for them to communicate with each other NOTE For better wireless security IEEE 802 1x capability of the AP must be enabled so that only authenticated wireless users can access the wireless network Refer to the IEEE 802 1x related white papers on the companion CD ROM
24. then select a correct firmware bn file The firmware file path will be shown in the Firmware file name text box 2 Click Upgrade to begin the upgrade process 3 3 3 2 Backing up and Restoring Configuration Settings by HTTP Configuration Backup Fig 24 Firmware backup by HTTP To back up configuration of the AP by HTTP 1 Click Back Up 2 You ll be prompted to open or save the configuration file Click Save 3 The configuration file is named by the AP s MAC address For example if the AP s MAC ad dress is 00 01 02 33 44 55 the configuration backup file should be 000102334455 hex Don t change the configuration file name in the Save As dialog box Select a folder in which the con figuration file is to be stored And then click Save NOTE The procedure may be a little different with different Web browsers Configuration Restore Configuration file name Browse Restore Fig 25 Configuration restore by HTTP To restore configuration of the AP by HTTP 1 Click Browse and then select a correct configuration hex file You have to make sure the file name is the AP s MAC address The firmware file path will be shown in the Firmware file name text box 2 Click Restore to upload the configuration file to the AP 23 3 3 3 3 Upgrading Firmware by TFTP TFTP server IP address 192 168 0 19 Max number of retries 30 D Timeout fio Ser Fig 26 TFTP server settings When
25. E EE EE EE EEEREEEEEE KEE EEN k ICMP Echo Reply Computer 1 Computer 2 Fig 9 Adjusting alignments of external directional antennas TIP When doing dynamic bridging configure Bridge 1 to be in AP Client mode and configure Bridge 2 to be in AP Bridge mode TIP If you are doing static bridging you can make use of the Antenna Alignment Assistance feature to help you align the directional antennas BE My Computer Communication Security WDS Antenna Alignment G el Local Network 1 Cn this page you can verity whether the antennas are properly aligned el Local Network 2 he by reading the link quality indicator e Intersil PRISM Wireless LA brouter 00 00 00 00 00 00 WDS Link 06 F40037 TE Bronter 00 60 B3 6F 99 Ce 00 06 F4 00 3C 24 x probridee 00 6 F4 00 3C 24 SR probridge 00 06 F4 00 3C 2D El Local Network Link quality it Ethemet LAN Interface Wireless LAN Interface o NR router 00 06 F4 00 56 4D router 00 60 B3 6F 89 Ca Fig 10 Antenna alignment assistance Instead of using PING exe you can run Wireless Network Manager on Computer 1 and go to the Antenna Alignment tab Click Start to begin monitoring the WDS link quality Adjust the alignment 14 of the antenna of Bridge 1 until the Link quality indicator shows a relatively maximal value Finally click Stop to stop monitoring WDS link quality TIP If you are doing dynamic bridging you can use the Link Monitor feature on
26. IWE3000 A USER S MANUAL IEEE 802 119 Wireless Access Point Bridge Pro Advanced User s Guide Version 1 0 Last Updated 05 07 2004 Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device pur suant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiated ra dio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is en couraged to try to correct the interference by one of the following measures e _Reorient or relocate the receiving antenna ge Increase the separation between the equipment and receiver e Connect the equipment into an outlet on a circuit different from that to which the receiver is con nected ge Consult the dealer or an experienced radio TV technician for help FCC Caution To assure continued compliance example use only shielded interface cables when connecting to computer or peripheral devices Any changes or modifications not expressly a
27. On the start page you can review all the settings you have made Changes are highlighted in red If they are OK click Restart to restart the AP for the new settings to take effect 2 5 Deploying the AP After the settings have been configured deploy the AP to the field application environment Connect the AP to an Ethernet LAN through an Ethernet switch hub If you are configuring a pair of the APs for a dynamic or static bridging application and external high gain directional antennas are used it s difficult to adjust alignments of the antennas when the pair of devices is distance away To adjust the alignments of a pair of bridges directional antennas 1 Connect each bridge to a computer via Ethernet 2 Configure the date rate of each bridge to the lowest value 1Mbps 13 3 Fix the alignment of the antenna on one side 4 Adjust the alignment of the antenna on other side by using response time information obtained from PINGing run PING exe the fixed side computer 5 Fine tune the alignment of the antenna until you get a best response time 6 Increase the data rate of each bridge simultaneously until a maximal workable data rate is reached You may not be able to use the highest data rate 54Mbps because of the distance and the gain of the antennas Fig 44 illustrates the idea Adjust antenna alignment t 2 WDS Link Bridge 1 PING ICMP Echo Request m cee EE KEE KEREN ENER ER RER KEE EE KEE E
28. R FASTENING SCREWS Fig 1 Mounting the AP on a wall 2 3 Preparing for Configuration For you to configure an AP a managing computer with a Web browser is needed For first time con figuration of an AP an Ethernet network interface card NIC should have been installed in the man aging computer For maintenance configuration of a deployed AP either a wireless computer or a wired computer can be employed as the managing computer NOTE If you are using the browser Opera to configure an AP click the menu item File click Preferences click File types and edit the MIME type text html to add a file extension sht so that Opera can work properly with the Web management pages of the AP Since the configuration management protocol is HTTP based you have to make sure that the IP ad dress of the managing computer and the IP address of the managed AP are in the same IP sub net the default IP address of an AP is 192 168 0 1 and the default subnet mask is 255 255 255 0 2 3 1 Connecting the Managing Computer and the AP To connect the Ethernet managing computer and the managed AP for first time configuration you have two choices as illustrated in Fig 2 Cross over Ethernet cable Normal Normal Ethernet Ethernet cable i cable e EEN SZ Tonga Ethernet Managed ging Hub Switch AP Computer Fig 2 Connecting a managing computer and an AP via Ethernet You can use either a cross over Ethernet cable
29. SSID setting of the WLAN NIC and of the AP m Is the WEP functionality of the prospective AP enabled Make appropriate WEP settings of the client computer to match those of the AP m Is the prospective AP within range of wireless communication Check the signal strength and link quality sensed by the WLAN NIC 45 B 2 TCP IP Settings Problems Correspondent Host Ch IEEE 802 11g l l Stage A State B Stage D Client AP Default Gateway DNS Server Computer of Client Computer of Client Computer Fig 60 Communication stages for a client to reach its correspondent host For a wireless client computer to communicate with a correspondent host on the Internet by the host s domain name e g http www wi fi com it first sends a DNS request to a DNS server on the Internet The DNS request travels first to the AP then the AP relays this request to the default gateway of the client computer Finally this request is forwarded by the gateway to the DNS server on the Internet The DNS reply issued by the DNS server is transmitted back to the client computer following a re verse path When the client computer receives the DNS reply it knows the IP address of the corre spondent host and sends further packets to this IP address As illustrated in Fig 60 the communication path could be broken at some of the stages The OS provided network diagnostic tool ping exe can be employed to find out TCP IP related commu
30. al operations Operational Mode Operational mode of the AP AP Bridge or AP Client m Password For gaining rights to change the settings of the AP m Firmware Tools For upgrading the firmware of the AP backing up and restoring con figuration and configuration reset settings of the AP TCP IP TCP IP related settings Addressing IP address settings for the AP to work with TCP IP DHCP Server Settings for the DHCP Dynamic Host Configuration Protocol server on the AP IEEE 802 11 IEEE 802 11g related settings Communication Basic settings for the IEEE 802 11g interface of the AP to work prop erly with wireless clients D Security Security settings for authenticating wireless users and encrypting wireless data E IEEE 802 1x RADIUS IEEE 802 1x Port Based Network Access Control and RADIUS Remote Authentication Dial In User Service settings for better wireless security Advanced Advanced settings of the AP Packet Filters Ethernet Type Filters IP Protocol Filters and TCP UDP Port Filters set tings E Management UPnP System Log and SNMP settings 3 1 2 Save Save amp Restart and Cancel Commands Fig 13 Save Save amp Restart and Cancel At the bottom of each page that contains settings you can configure there are up to three but tons Save Save amp Restart and Cancel Clicking Save stores the settings changes to the memory of the AP and brings you back to the start page
31. as TIP You can make use of the Antenna Alignment Assistance feature to help you align the directional antennas L ck Network Fie My Computer G el Local Network 1 Gn this page you can verify whether the antennas are properly aligned LR Local Network 2 he by reading the link quality indicator Intersil PRISM Wireless LA brouter 00 00 00 00 00 00 ane IE Browter O0 60 B3 6F 99 ca 9 gt Link 00 06 F4 00 3C 24 H probridge 00 06 F4 00 3 244 EM ER probrid ge 00 06 F4 00 2C 2D i SFL Local Network EB Ethemet LAN Interface Wireless LAN Interface Communication Security WDS Antenna Alignment Link quality ER router 00 06 F4 00 56 4D router 00 60 B3 6F 89 54 Fig 45 Antenna alignment assistance Instead of using PING exe you can run Wireless Network Manager on Computer 1 and go to the Antenna Alignment tab Click Start to begin monitoring the WDS link quality Adjust the alignment of the antenna of DRBAP as Bridge 1 until the Link quality indicator shows a relatively maximal value Finally click Stop to stop monitoring WDS link quality 3 9 2 Security IEEE 802 11g security settings include SSID broadcasts Wireless client isolation Security mode IEEE 802 11 Authentication algorithm WEP keys MAC Address Based Access Control 34 3 5 2 1 Basic SSID broadcasts Enabled Wireless client isolation Disabled Security mode Static WEP Authentication algorithm Auto Key leng
32. computer 2 Type ping advap where advap is a placeholder for the IP address of the AP Replace it with your real IP address for example 192 168 0 1 Then press Enter If the AP responds go to the next step else see Appendix B 2 TCP IP Settings Problems for troubleshooting 3 Type ping default gateway where default gateway is a placeholder for the IP address of the default gateway of the wireless client computer Then press Enter If the gateway responds go to the next step else see Appendix B 2 TCP IP Settings Prob lems for troubleshooting 4 Type ping Je dns server where Ist dns server is a placeholder for the IP address of the primary DNS server of the wireless client computer Then press Enter If this DNS server responds go to the next step else see Appendix B 2 TCP IP Settings Prob lems for troubleshooting 5 Type ping 2nd dns server where 2nd dns server is a placeholder for the IP address of the secondary DNS server of the wireless client computer Then press Enter If this DNS server responds the client should have no problem with TCP IP networking else see Appendix B 2 TCP IP Settings Problems for troubleshooting 16 3 Using Web Based Network Manager In this chapter wel explain each Web management page of the Web based Network Manager 3 1 Overview Web Based Network Management Restart You can click Restart to restart the AP Status H Gene
33. de AP functionality RF type Regulatory domain Channel number Network name SSID Data rate and Transmit power AP functionality Enabled RF type Mixed Regulatory domain FEC U S e Channel number Mi Network name SSID wireless Data rate Auto Transmit power High Fig 34 Basic IEEE 802 11g communication settings For specific needs such as configuring the AP as a wireless LAN to LAN bridge the AP functionality can be disabled so that no wireless client can associate with the AP The RF type of the WLAN interface can be configured to work in IEEE 802 11b only b Only IEEE 802 11g only g Only or mixed mode Mixed 802 11g and 802 11b simultaneously The number of available RF channels depends on local regulations therefore you have to choose an appropriate regulatory domain to comply with local regulations The SSID of a wireless client com puter and the SSID of the AP must be identical for them to communicate with each other If there is RF interference you may want to reduce the Data rate for more reliable wireless transmis sion In most cases leave the setting to Auto The transmit power of the RF module of the AP can be adjusted so that the RF coverage of the AP can be changed 3 5 1 2 Link Integrity Fig 35 Link integrity settings 29 When the Ethernet LAN interface is detected to be disconnected from the wired network all currently associated wireless clients are disass
34. ent computer PC or PDA with a WLAN network interface card NIC The AP Client mode is actually an STA WDS This type of wireless link is established between two IEEE 802 11 APs Wireless packets transmitted along the WDS link comply with the IEEE 802 11 WDS Wireless Distribution System format at the link layer The relationships among the operational modes and the wireless link types are shown in the following table Table 2 Operational modes vs wireless link types E AP Bridge AP Client 21 AP Bridge WDS AP Client STA AP To establish a static bridge link based on WDS the AP bridges at both end of the WDS link must be manually configured with each other s MAC addresses see Section 3 5 1 5 for more information To establish a dynamic bridge link between an AP and an AP Client both devices have to be configured with the same SSID and WEP settings The AP Client automatically scans for any AP that is using the matched SSID and establishes a bridge link with the scanned AP NOTE Although it s more convenient to use dynamic bridging it has a limitation the AP Client only can forward TCP IP packets between its wireless interface and Ethernet interface other type of traffic Such as IPX and AppleTalk is not forwarded TIP When the AP is configured to be in AP Client it can be used as an Ethernet to wireless network adapter For example a notebook computer equipped with an Ethernet adapter can be connected to this
35. etween its Ethernet interface and wireless interface for wired hosts on the Ethernet side and wireless host s on the wireless side There are 2 types of wireless links as specified by the IEEE 802 11 standard E STA AP This type of wireless link is established between an IEEE 802 11 Station STA and an IEEE 802 11 Access Point AP An STA is usually a client computer PC or PDA with a WLAN network interface card NIC The AP Client mode is actually an STA m WDS This type of wireless link is established between two IEEE 802 11 APs Wireless packets transmitted along the WDS link comply with the IEEE 802 11 WDS Wireless Distribution System format at the link layer The relationships among the operational modes and the wireless link types are shown in the following table 10 Table 1 Operational modes vs wireless link types E AP Bridge AP Client AP Bridge WDS STA AP AP Client STA AP NN To establish a static bridge link based on WDS the AP bridges at both end of the WDS link must be manually configured with each other s MAC addresses see Section 3 5 1 5 for more information To establish a dynamic bridge link between an AP and an AP Client both devices have to be configured with the same SSID and WEP settings The AP Client automatically scans for any AP that is using the matched SSID and establishes a bridge link with the scanned AP NOTE Although it s more convenient to use dynamic bridging it has a limitat
36. ey 8 Trigger the firmware upgrade process by clicking Upgrade 24 2 TFTP Server x hd Accept read requests IT Accept write requests Working folder Di t Project Projects TFTFAT ftpsivr Timeout fi see Max no of sessions ji sl Max no of retries 20 sl Mew GES Glos Sessions Event log Ceata Fig 28 TFTP Server NOTE After the dialog box of the TFTP server program appears be sure to specify the working folder within which the downloaded firmware files reside NOTE Make sure the Accept read requests check box of TFTP Server is selected NOTE The LAN IP address of the AP and the IP address of the TFTP server must be in the same IP subnet for TFTP to work NOTE Due to the unreliable nature of wireless media it s highly recommended that the TFTP server and the to be upgraded wireless AP be connected by Ethernet and on the same LAN so that the up grade process would be smooth NOTE After the firmware is upgraded be sure to delete the contents of the Web browser cache so that the Web management pages can be shown correctly NOTE A failed upgrade may corrupt the firmware and make the AP unstartable When this occurs call for technical support TIP If you want to remotely upgrade the firmware of a deployed AP from the Internet adjust the Timeout and Max no of retries settings of TFTP Server for remote TFTP upgrade to succeed 3 3 3 4 Backing up and Restoring Configuration
37. figuration processes for the filters are similar Functionality whether this filtering capability is enabled or disabled Policy for matched packets how a matched packet is processed discard or pass To enable a filtering rule select the check box to the left of the rule 3 6 1 1 Ethernet Type Filters Functionality Disabled zl Policy for matched packets Discard elie Number RARP EES ARP CJ Map Gd Novel PX Oli iPxeo23 d t Fig 54 Ethernet type filters settings The Ethernet type filed of the MAC Media Access Control header of a packet incoming from the WLAN or Ethernet interface is inspected for filtering In a rule specify the hex decimal Ethernet type number and give the rule a name 40 3 6 1 2 IP Protocol Filters Functionality Policy for matched packets Protocal Number Oxf Olio oxe ohi o Oxfe2 Disabled D Discard D Source Address Subnet Mask Destination Address Subnet Mask Fig 55 IP protocol filters settings The protocol source address and destination address fields of a packet incoming from the WLAN or Ethernet interface is inspected for filtering In a rule specify the hex decimal protocol number source IP address range Source IP Address AND Source Subnet Mask and destination IP address range Destination IP Address AND Destination Subnet Mask A source destination IP address range is determined by performing an AND operati
38. gh gain antennas for different purposes DHCP client The AP can automatically obtain an IP address from a DHCP server DHCP server The AP can automatically assign IP addresses to computers or other devices by DHCP Dynamic Host Configuration Protocol Static DHCP mappings The administrator can specify static IP address to MAC ad dress mappings so that the specified IP addresses are always assigned to the hosts with the specified MAC addresses E Showing current DHCP mappings Showing which IP address is assigned to which host identified by an MAC address Packet Filtering The AP provides Layer 2 Layer 3 and Layer 4 filtering capabilities Firmware Tools E Firmware upgrade The firmware of the AP can be upgraded in the following methods Xmodem based Upgrading firmware over RS232 TFTP based Upgrading firmware by TFTP Trivial File Transfer Protocol HITTP based Upgrading firmware by HTTP HeperText Transfer Protocol Configuration backup The configuration settings of the AP can be backed up to a file via TFTP or HTTP for later restoring Configuration reset Resetting the configuration settings to factory default values Management E Windows based Wireless Network Manager for configuring monitoring and diag nosing the local computer and neighboring APs The management protocol is MAC based E Web based Network Manager for configuring and monitoring the AP via a Web browser The management protocol is HTTP
39. he AP by TFTP 1 Get a computer that will be used as a TFTP server and as a managing computer to trigger the restoring process 2 Connect the computer and one of the LAN Ethernet switch port with a normal Ethernet cable 3 Configure the IP address of the computer so that the computer and the AP are in the same IP subnet 4 On the computer run the TFTP Server utility And specify the folder in which the configuration backup file resides A configuration backup file is named by the AP s MAC address For exam ple if the AP s MAC address is 00 01 02 33 44 55 the configuration backup file should be 000102334455 hex 5 On the computer run a Web browser and click the General Firmware Tools hyperlink 6 Choose TFTP as the Firmware management protocol 7 Within the Configuration Backup Restore section specify the IP address of the computer which acts as a TFTP server If you don t know the IP address of the computer open a Com mand Prompt and type IpConfig then press the Enter key 8 Trigger the restoring process by clicking Restore The AP will then download the configuration backup file from the TFTP server NOTE Make sure the file is a valid configuration backup file for the AP 26 TIP If you want to remotely back up or restore configuration from the Internet adjust the Timeout and Max no of retries settings of TFTP Server for remote TFTP configuration backup restore to suc ceed 3 3 3 5 Resetting
40. interface activity PWR Power 2 First Time Installation and Configuration 2 1 Selecting a Power Supply Method Optionally the AP can be powered by the supplied power adapter or PoE Power over Ethernet The AP automatically selects the suitable one depending on your decision To power the AP by the supplied power adapter 1 Plug the power adapter to an AC socket 2 Plug the connector of the power adapter to the power jack of the AP NOTE This product is intended to be power supplied by a Listed Power Unit marked Class 2 or LPS and output rated SV DC 1 A minimum or equivalent statement To power the AP by PoE 1 Plug one connector of an Ethernet cable to an available port of a PoE hub 2 Plug the other connector of the Ethernet cable to the LAN CONFIG port of the AP NOTE The PoE capability of the bridge is PowerDsine compatible Please visit the Web site of Pow erDsine for more information http www powerdsine com 2 2 Mounting the AP on a Wall The AP is wall mountable 1 Stick the supplied sticker for wall mounting 2 Useao6 5mm driller to drill a25mm deep hole at each of the cross marks 3 Plug in a supplied plastic conical anchor in each hole 4 Screw a supplied screw in each plastic conical anchor for a proper depth so that the wireless AP can be hung on the screws 5 Hang the wireless AP on the screws 55 ZA _S73 9 16mm HOLES FOR FASTENING SCREWS HOLES FO
41. ion the AP Client only can forward TCP IP packets between its wireless interface and Ethernet interface other type of traffic such as IPX and AppleTalk is not forwarded TIP When the AP is configured to be in AP Client it can be used as an Ethernet to wireless network adapter For example a notebook computer equipped with an Ethernet adapter can be connected to this device with a crossover Ethernet cable for wireless connectivity to another access point 2 4 3 Step 2 Configuring TCP IP Settings Method of obtaining an IP address Set Manually D IP address 192 168 168 214 Subnet mask 255 255 255 0 Default gateway Donn Host name AF1 Domain DNS suffix Fig 6 TCP IP settings Go to the TCP IP Addressing section to configure IP address settings The IP address can be manu ally set or automatically assigned by a DHCP server on the LAN If you are manually setting the IP address Subnet mask and Default gateway settings set them appropriately so that they comply with your LAN environment In addition you can specify the Host name and Domain DNS suffix of the AP When you are finished click Save at the bottom of this page and then you are brought back to the start page 11 2 4 4 Step 3 Configuring IEEE 802 11 Settings AP functionality Enabled RF type Mixed Regulatory domain FEC U S e Channel number Mi Network name SSID wireless Data rate Auto Transmit power High
42. irs of wireless bridges Link health monitoring This feature enables the administrator to see if the WDS links of the AP to other peer wireless bridges are working fine m Wireless client_isolation When the AP is in AP Bridge mode wireless to wireless traffic can be blocked so that the wireless clients cannot see each other This capability can be used in hotspots applications to prevent wireless hackers from attacking other wireless users computers m AP load balancing Several APs can form a load balancing group Within a group wireless client associations and traffic load can be shared among the APs This function 1s available when the AP is in AP Bridge mode Transmit power control Transmit power of the AP s RF module can be adjusted to change RF coverage of the AP E Link integrity When the AP is in AP Bridge mode and its Ethernet LAN interface is de tected to be disconnected from the wired network all currently associated wireless clients are disassociated by the AP and no wireless client can associate with it E Association control When the AP is in AP Bridge mode it can be configured to deny association requests when it has served too many wireless clients or traffic load is too heavy E Associated wireless clients status When the AP is in AP Bridge mode it can show the status of all wireless clients that are associated with the AP m Detachable antennas The factory mounted antennas can be replaced with hi
43. isolation option 35 WCI All APs in This Subnet All APs in This Subnet Switch Wireless Link Ethernet Link Fig 48 Behavior of the All APs on This Subnet wireless client isolation option As illustrated in Fig 47 when AP 1 and AP 2 are using the This AP Only option wireless traffic between STA 1 and STA 2 is blocked by AP 1 while wireless traffic between STA 2 and STA 3 which are associated with different APs is still allowed If the All APs in This Subnet option is used as shown in Fig 48 AP 1 and AP 2 communicates with each other via an inter AP protocol to share their STA association information to block wireless traffic among all the STAs There are up to 7 security modes depending on AP model variations Open System No authentication no data encryption Static WEP WEP Wired Equivalent Privacy keys must be manually configured Static TKIP WPA PSK Only TKIP Temporal Key Integrity Protocol mechanism of WPA Wi Fi Protected Access is enabled In this mode you have to specify the Pre shared key which will be used by the TKIP engine as a master key to generate keys that actually encrypt outgoing packets and decrypt incoming packets NOTE The number of characters of the Pre shared key setting must be at least 8 and can be up to 63 IEEE 802 1x EAP without Encryption EAP MD5 The IEEE 802 1x functionality is en abled and the user name password based
44. k Manager of the AP 2 4 1 Entering the User Name and Password Before the start page is shown you will be prompted to enter the user name and password to gain the right to access the Web based Network Manager For first time configuration use the default user name root and default password root respectively Enter Network Password KAES Please type your user name and password Site 192 168 0 1 Fealm System Setup User Name Password Save this password in your password list cence Fig 3 Entering the user name and password NOTE It is strongly recommended that the password be changed to other value for security reasons On the start page click the General Password link to change the value of the password see Section 3 3 1 for more information TIP Since the start page shows the current settings and status of the AP it can be saved or printed within the Web browser for future reference Web Based Network Management el Home You can click Restart to restart the AP Status A General fATCP IP AIEEE 802 11 Model AP Adv H Advanced BIOS Firmware Version APXS 2510 v1 3 3 6 5 4602 Operational Mode Access Point MAC Address 00 09 92 00 C2 EB System Up Time 9 Chr min sec 0 15 32 Bridge AP Settings and Info LAN Interface IP address 192 168 168 229 Subnet mask 255 255 2000 Default gateway 192 168 168 1 RF type Mixed Regulatory domain PCE US Channel number 11
45. less Client Wireless AP RADIUS User Server Database Uu Fig 52 IEEE 802 1x and RADIUS An access point supporting IEEE 802 1x can be configured to communicate with two RADIUS serv ers When the primary RADIUS server fails to respond the wireless access point will try to commu nicate with the secondary RADIUS server You can specify the length of timeout and the number of retries before communicating with the secondary RADIUS server after failing to communicate with the primary RADIUS server An IEEE 802 1x capable wireless access point and its RADIUS server s share a secret key so that they can authenticate each other In addition to its IP address a wireless access point can identify it self by an NAS Network Access Server identifier Each IEEE 802 1x capable wireless access point must have a unique NAS identifier 39 Primary RADIUS server 192 168 166 220 Secondary RADIUS server Authentication port he Accounting port Dez Timeout sec 5 Max number of retries E Shared key Identifier of this NAS Fig 53 IEEE 802 1x RADIUS settings TIP Refer to the IEEE 802 1x related white papers on the companion CD ROM for more information about deploying secure WLANs with IEEE 802 1x support 3 6 Configuring Advanced Settings 3 6 1 Packet Filters The AP provides layer 2 Ethernet Type Filters layer 3 IP Protocol Filters and layer 4 TCP UDP Port Filters filtering capabilities The con
46. lity is disabled a client computer cannot connect to the AP with an any network name SSID Service Set ID the correct SSID has to be specified on client computers MAC address based access control When the AP is in AP Bridge mode it can be configured to block unauthorized wireless client computers based on MAC Media Access Control addresses The ACL Access Control List can be downloaded from a TFTP server IEEE 802 1x RADIUS When the AP is in AP Bridge mode it can be configured to au thenticate wireless users and distribute encryption keys dynamically by IEEE 802 1x Port Based Network Access Control and RADIUS Remote Authentication Dial In User Service WPA Wi Fi Protected Access The AP supports the WPA standard proposed by the Wi Fi Alliance http www wi fi org Both WPA PSK Pre Shared Key mode and full WPA mode are supported WPA is composed of TKIP Temporal Key Integrity Protocol and IEEE 802 1x and serves as a successor to WEP for better WLAN security E Repeater When the AP is in AP Bridge mode it can communicate with other APs or wireless bridges via WDS Wireless Distribution System Therefore an AP can wirelessly forward packets from wireless clients to another AP and then the later AP forwards the packets to the Ethernet network Antenna alignment assistance The AP provides a WDS link quality indicator via Wireless Network Manager to facilitate alignment of directional antennas when deploying pa
47. n Dial In User Ser vice server and a user account database an enterprise or ISP Internet Service Provider can manage its mobile users access to its wireless LANs Before granted access to a wireless LAN supporting 38 IEEE 802 1x a user has to issue his or her user name and password or digital certificate to the backend RADIUS server by EAPOL Extensible Authentication Protocol Over LAN The RADIUS server can record accounting information such as when a user logs on to the wireless LAN and logs off from the wireless LAN for monitoring or billing purposes The IEEE 802 1x functionality of the access point is controlled by the security mode see Section 3 5 2 1 So far the wireless access point supports two authentication mechanisms EAP MD5 Message Digest version 5 EAP TLS Transport Layer Security If EAP MD5 is used the user has to give his or her user name and password for authentication If EAP TLS is used the wireless client computer automatically gives the user s digital certificate that is stored in the computer hard disk or a smart card for authentication And after a successful EAP TLS authentication a session key is auto matically generated for wireless packets encryption between the wireless client computer and its asso ciated wireless access point To sum up EAP MD5 supports only user authentication while EAP TLS supports user authentication as well as dynamic encryption key distribution IEEE 802 1x Compliant Wire
48. ndary DNS server settings that will be sent to a client at its request Additionally you can spec ify the first IP address that will be assigned to the clients and the number of allocateable IP addresses NOTE There should be only one DHCP server on the LAN otherwise DHCP would not work prop erly If there is already a DHCP server on the LAN disable the DHCP server functionality of the AP NOTE By default the DHCP server function is disabled 3 4 2 2 Static DHCP Mappings Desc MAC Address IP Address Bill o0 22 32 6 0 50 02 fi 92 166 0 203 a ss fe fa fe fe fe s le e CD CL Fig 33 Static DHCP mappings IP addresses of servers are often static so that clients could always locate the servers by the static IP addresses By Static DHCP Mappings you can ensure that a host will get the same IP address when it requests one from the DHCP server Therefore instead of configuring the IP address of an intranet server manually you can configure the server to obtain an IP address by DHCP and it is always as signed the same IP address 28 To always assign a static IP address to a specific DHCP client 1 Specify the MAC address of the DHCP client and the IP address to be assigned to it Then give a description for this mapping 2 Select the corresponding Enabled check box 3 9 Configuring IEEE 802 11g Related Settings 3 5 1 Communication 3 5 1 1 Basic Basic IEEE 802 11g related communication settings inclu
49. ociated by the AP and no wireless client can associate with the AP The detection mechanism is based on pinging the IP address specified in Reference host 3 5 1 3 Association Control Max number of clients i 64 led Block clients if traffic load exceeds Disabled Fig 36 Association control settings If the number of currently associated wireless clients exceeds the value specified in the Max number of clients setting no more wireless client can associate with the AP If traffic load of the AP exceeds the load specified in the Block clients if traffic load exceeds setting no more wireless client can as sociate with the AP 3 5 1 4 AP Load Balancing Functionality Enabled Group ID APLB_Group Policy by Number of Users Fig 37 AP load balancing settings Several APs can form a load balancing group if they are set with the same Group ID The load balancing policy can be by Number of Users or by Traffic Load If the by number of users policy is selected a new wireless user can only associate with an AP that has the smallest number of associated wireless users in the group On the other hand if the by traffic load policy 1s selected a new wireless user can only associate with an AP that has the less traffic load in the group 3 5 1 5 Wireless Distribution System Notebook Computer Fig 38 Wireless Distribution System 30 Traditionally access points are connected by Ethernet By Wireles
50. on on the source destination IP address field and the source destination subnet mask field For example if the source IP address field is 192 168 0 1 and the source subnet mask field is 255 255 255 0 the resultant source IP address range is 192 168 0 0 to 192 168 0 255 3 6 1 3 TCP UDP Port Filters Functionality Disabled Policy for matched packets Discard D Destination Port Protocol Application Name TCP sl HTTP Fig 56 TCP UDP port filters settings The destination port field the TCP or UDP header of a packet incoming from the WLAN or Ethernet interface is inspected for filtering In a rule specify the decimal Destination Port Protocol type TCP UDP and the name of the higher level protocol Application Name 41 3 6 2 Management 3 6 2 1 UPnP Functionality Enabled Device friendly name Wireless AP Fig 57 UPnP settings UPnP Universal Plug and Play enables a Windows XP user to automatically discover peripheral de vices by HTTP When the UPnP functionality is enabled you can see the AP in My Network Places of Windows XP The AP can be given a friend name that will be shown in My Network Places Dou ble clicking the icon in My Network Places that stands for the AP will launch the default Web browser for you to configure the AP 3 6 2 2 System Log MM Local log C Remote log by SNMP trap Event Types WM General lM Build in AP iM MIB II traps M RADIUS user authentication Fig 58
51. pletes Click Erase Config to reset the configuration settings of the AP to default values 49
52. pproved by the party responsible for compliance could void the user s authority to operate this equipment This transmitter must not be co located or operating in conjunction with any other antenna or trans mitter FCC Radiation Exposure Statement This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environ ment This equipment should be installed and operated with minimum distance 20 cm between the ra diator amp your body This device complies with Part 15 of the FCC Rules Operation is subject to the following two condi tions 1 This device may not cause harmful interference and 2 this device must accept any inter ference received including interference that may cause undesired operation R amp TTE Compliance Statement This equipment complies with all the requirements of DIRECTIVE 1999 5 CE OF THE EUROPEAN PARLIAMENT AND THE COUNCIL OF 9 March 1999 on radio equipment and telecommunication terminal equipment and the mutual recognition of their conformity R amp TTE The R amp TTE Directive repeals and replaces in the directive 98 13 EEC Telecommunications Termi nal Equipment and Satellite Earth Station Equipment as of April 8 2000 Safety This equipment is designed with the utmost care for the safety of those who install and use it How ever special attention must be paid to the dangers of electric shock and static electricity when work ing with electrical equipment All guideline
53. ral Bridge AP Settings and Info HATCP IP IEEE 802 11 Model AP A H Advanced BIOS Firmware Version APXS 2510 v1 3 3 6 5 4602 Operational Mode MAC Address 00 09 92 00 C2 EB System Up Time SE LAN Interface e IP address 192 168 168 229 e Subnet mask 235 2552050 e Default gateway 192 168 168 1 RF type Mixed Regulatory domain Fcc U S Channel number 11 Network name SSID wireless Data rate Auto Transmit power High Security mode Open System AP functionality Enabled SSID broadcasts Enabled Wireless client isolation Disabled e MAC address based access control Disabled e AP load balancing Disabled e Link integrity Disabled e Reference host 0 0 0 0 e Number of WDS links 0 DHCP Server Settings DHCP server is disabled Fig 12 The Start page TCP IP Settings Wireless Settings 3 1 1 Menu Structure The left side of the start page contains a menu for you to carry out commands Here 1s a brief descrip tion of the hyperlinks on the menu Home For going back to the start page Status Status information E Wireless Clients The status of the wireless clients currently associated with the AP DHCP Mappings Current IP MAC address mappings of the built in DHCP server E System Log System events log 17 E Link Monitor When the AP is in AP Client mode this page shows the signal strength and link quality of the wireless link to its associated access point General Glob
54. s Distribution System WDS APs can communicate with one another wirelessly For example in Fig 38 AP 2 acts as an access point for the notebook computers and it forwards packets sent from the notebook computers to AP 1 through WDS Then AP 1 forwards the packets to the Ethernet LAN Packets destined for the note book computers follow a reverse path from the Ethernet LAN through the APs to the notebook com puters In this way AP 2 plays a role of AP repeater WDS Link Bridge 2 Fig 39 LAN to LAN bridging By WDS two or more LAN segments can be connected wirelessly As illustrated in Fig 39 a pair of wireless LAN to LAN bridges is used to connect two LAN segments Since the AP is WDS enabled it can be used as a wireless bridge NOTE An AP can have up to 6 WDS links to other APs or wireless bridges Peer MAC Port Enabled Bases E bt F 01 62 C5 Fig 40 Wireless Distribution System settings To enable a WDS link LL Specify the MAC address of the AP at the other end of the WDS link 2 Select the corresponding Enabled check box For example assume you want two APs with MAC addresses 00 02 65 01 62 C5 and 00 02 65 01 62 C6 to establish a WDS link between them On AP 00 02 65 01 62 C5 set the peer MAC address of port 1 to 00 02 65 01 62 C6 and on AP 00 02 65 01 62 C6 set the peer MAC ad dress of port 1 to 00 02 65 01 CS TIP Plan your wireless network and draw a diagram so that you know how
55. s of this and of the computer manufacture must therefore be allowed at all times to ensure the safe use of the equipment EU Countries Intended for Use The ETSI version of this device is intended for home and office use in Austria Belgium Denmark Finland France with Frequency channel restrictions Germany Greece Ireland Italy Luxembourg Portugal Spain Sweden The Netherlands and United Kingdom The ETSI version of this device is also authorized for use in EFTA member states Norway and Swit zerland EU Countries Not Intended for Use None Potential Restrictive Use France only channels 10 11 12 and 13 Table of Contents e ee le Eed e E 1 Mas BE e TT 1 EN Ee 1 1 3 Feature OFM EE 3 Mee Mle TS TNIV E 4 2 First Time Installation And Configuration ccccccccseccceeeeeeecceeeeeeeececeseuceaeeseeeeseeeseeesaess 5 2 1 Selecting a Power Supply Method 5 2 2 Mounting the AP on a Wall west tei a tccszecincsenewenancentesnt oteganeuecsaneascusesesestesseatacensucasseeass 5 2 3 Preparing for Confguraton 6 2 3 1 Connecting the Managing Computer and heAb 6 2 3 2 Changing the TCP IP Settings of the Managing Computer T 2 4 Configuring UeAb 7 2 4 1 Entering the User Name and Password nannannennnnnennnnnnnnnnnnnnnnnnnnnennrnrnnnne T 2 4 2 Step 1 Selecting an Operational Mode 9 2 4 3 Step 2 Configuring TCP IP Settings cc cccccececeeceseeeseeeseeseeeeesaeeesaees 11 2 4 4 Step 3
56. sociated Access Point This feature is especially useful when you are aligning a pair of direc tional antennas for bridging applications Refer to Section 2 5 for more information about antenna alignment NOTE The values are updated every 20 seconds 3 3 General Operations 3 3 1 Specifying Operational Mode AP Bridge This mode provides both Access Point and Static LAN to Lan Bridging functionality The static LAN to LAN bridging function is supported through Wireless Distribution System CADS AP Client This mode is for Dynamic LAN to LAN Bridging The AP Client automatically establishes bridge links with APs from any vendors Fig 20 Operational modes settings The AP supports 2 operational modes AP Bridge This mode provides both Access Point and Static LAN to LAN Bridging functionality The static LAN to LAN bridging function is supported through Wireless Distribution System WDS AP Client This mode is for Dynamic LAN to LAN Bridging The AP Client automati cally establishes bridge links with APs from any vendors In either mode the AP forwards packets between its Ethernet interface and wireless interface for wired hosts on the Ethernet side and wireless host s on the wireless side There are 2 types of wireless links as specified by the IEEE 802 11 standard STA AP This type of wireless link is established between an IEEE 802 11 Station STA and an IEEE 802 11 Access Point AP An STA is usually a cli
57. tatic DHCP Mappings section of the DHCP Server configuration page see Section 3 4 2 A dynamic mapping indicates that the DHCP server chooses an IP address from the IP address pool specified by the First allocateable IP address and Allocateable IP address count settings on the DHCP Server configuration page 3 2 3 System Log Model AP Ady BIOS Firmvare version 4PYS 8947 v1 4 1 5 35 59351 Operational mode Simple Access Point Current time OF 02 2003 15 05 56 07 02 2003 13 93 57 SYSTEM START UP 077 0272003 13 33 57 Wireless LAN interface initializes success 07 02 2003 13 33 57 BSSID gt 00 90 4B 00 B9 BD 07 02 2003 13 93 57 LAN IP address gt 192 165 168 214 077 0272003 15 00 30 The administrator from 192 168 168 128 logins the device successfully 077 0272003 15 05 49 The administrator from 192 168 168 220 logins the device successfully Fig 18 System log System events are recorded in the memory of the AP The logged information is useful for trouble shooting purposes The system events are divided into several categories and you can select which categories of events to log See Section 3 6 2 2 for more information 3 2 4 Link Monitor Linking Quality Signal Strength Fig 19 Link monitor 20 When the AP is in AP Client mode you can use the Link Monitor status page to monitor the link quality and signal strength sensed by its RF module Larger values means better wireless connectivity to its as
58. th E4 Bits Selected key een Key 1 Key A Key 2 Key d Fig 46 Basic IEEE 802 11g security settings For security reasons it s highly recommended that the security mode be set to options other than Open System When the security mode is set to Open System no authentication and data encryption will be performed Additionally you can disable the SSID broadcasts functionality so that a wireless client computer with an any SSID cannot associate with the AP When the Wireless client isolation setting is set to This AP Only wireless clients of this AP cannot see each other and wireless to wireless traffic is blocked When the setting is set to All APs in This Subnet traffic among wireless users of different APs in the same IP subnet is blocked This feature is useful for WLANs deployed in public places In this way hackers have no chance to attack other wireless users in a hotspot When the Wireless client isolation setting is set to This AP Only wireless clients STAs of this AP cannot see each other and wireless to wireless traffic between the STAs is blocked When the setting is set to All APs in This Subnet traffic among wireless users of different APs in the same IP subnet is blocked The behaviors are illustrated in the following figures WCI This AP Only This AP Only Switch Wireless Link Ethernet Link Fig 47 Behavior of the This AP Only wireless client
59. use TFTP as the firmware management protocol you can configure settings for the AP s TFTP client to communicate with a TFTP server If the TFTP client does not get a response from the TFTP server within a period specified by the Timeout setting it will resend the previous request The Max number of retries setting specifies the maximal number of resend before the TFTP client stops communicating with the TFTP server Within the folder Utilities on the companion CD ROM disk we offered a TFTP server program TftpSrvr exe for firmware upgrade Run this program on the computer that is to serve as a TFTP server Firmware Upgrade Fig 27 Firmware upgrade by TFTP To upgrade firmware of the AP by TFTP 1 Get a computer that will be used as a TFTP server and as a managing computer to trigger the upgrade process 2 Connect the computer and one of the LAN Ethernet switch port with a normal Ethernet cable 3 Configure IP address of the computer so that the AP and the computer are in the same IP subnet 4 On the computer run the TFTP Server utility And specify the folder in which the firmware files reside 5 On the computer run a Web browser and click the General Firmware Tools hyperlink 6 Choose TFTP as the Firmware management protocol 7 Specify the IP address of the computer which acts as a TFTP server If you don t know the IP address of the computer open a Command Prompt and type IpConfig then press the Enter k
60. wser Web Based Management Fig 61 Wireless Router AP Browser The AP stops working and does not respond to Web management requests m The firmware of the AP may be stuck in an incorrect state Unplug the power connector from the power jack and then re plug the connector to restart the AP Contact our technical support representatives to report this problem so that the bugs can be static in future firmware versions m Ifthe AP still does not work after restarting there may be hardware component failures in the AP Contact our technical support representatives for repair 48 Appendix C Additional Information C 1 Firmware Upgrade Using Xmodem Upgrade RS232 Based Firmware Upgrade serial port COM si Connect Folder FN Browse File progress PO po teint Total progress PO Eras Contig lt lt Less h Fig 62 Xmodem Upgrade To upgrade the firmware of AP using Xmodem Upgrade over RS232 1 Power off the AP whose firmware will be upgraded 2 Connect the managing PC and the AP with an RS232 Null Modem cable 3 Select the serial port COM1 or COM2 you use for connecting the device from the Serial port drop down list and click Connect 4 Chose the folder in which the firmware files reside by click Browse 5 Power on the AP and you ll see bootup information 6 Click Start to begin upgrade the firmware of the AP 7 You will be prompted when the upgrade process com

Configuring TCP/IP Settings

Contents

Download Pdf Manuals

Related Search

Related Contents