Teletronics EZStation5 User Manual
Contents
1. cccccccccssssssssseeeeeeees 78 Access the Secure Shell Host Command Line Interface 79 etre WEB MOOG ainina 80 Tr IOI sisa ag see act Tl teach tatadteatiate einai hentonneart 81 SS CUNO NMP TaD eateragantes acetate T aaee ad tants hewn eats 82 SOU ol Pesciees cds tavareavacaticnta coi ca mabeeuesuteniGanaesaninini OO 83 USE VIA CHENG FING codare E A 86 Add a MAC Addressto the MAC Address st cccccesssssseeeeeeees 87 Delete a MAC Address From All ACCESS POINTS ccccccceessseeseeeees 90 Delete a MAC address from individual ACCESS POINL essees 92 Edit MAC Address from the MAC Address USL cccccesssssseeeeeeeneees 94 PERFORM ADVANCED CONFIGURATION ccccsssecesseeeeeeees 96 SETUP ROUINO serra A 96 COMIG Ure Statie ROUNO eiir a a a me aad 97 Use Routing Infommation ProtocCoOl ccccccccccsssssssseeeeeeeeeeseeseeeeeeeeeeessaeees 98 Use Network Address Translation ccccccccccccccsssssseeeeeeeeeesaeesseeeeeeeeeesaneees 99 Configure Virtual Servers Based ON DMZHOSL 1 ceeseeseeeeeeeeeeees 100 Configure Virtual Servers Based on Port Forwarding 00000e 101 Configure Virtual Servers based on IP Forwarding s0eeeeeees 105 Control the Bandwidth Available ccccccssssssseeeceeeseessesseeeeeeeseeesenaees 106 Ena ble Bandwidth CONTO raina A A R 106 Configure WAN Bandwidth Contiol sssssseesssrrnrrenreesssrrnrrrrreesssrn 107 Conf2. Step 2 URL Filter Configuration To select the URL Filter Type click the Change button Step 3 Select to Block or Allow and Select URL Filtering Type then click on the Apply button The default is Disabled which allows all websites to be accessed Then click the Add button Step 4 Add a new URL Filter For the Host Name field input the web site address that you wish to Host Name wwiw objectablewebsites com bloc k Then C lic k the Add button to eE complete your setup Page 151 Configure the Firewall Configure SPI Rrewall Stateful Packet Inspection SPI thwarts common hacker attacks like IP Spoofing Port Scanning Ping of Death and SynFlood by companng certain key parts of the packet to a database of trusted information before allowing it through NOTE Firewall secunty rules should be planned carefully as incorrect configuration may Cause improper network function Select Firewall Configuration from the Secunty Configuration command menu Enable the firewall You can choose among the Default Low Default Medium or Default High sec unty options for convenient setup Then you may choose the type of network activity information you wish to log for reference Data activity ansing from different types of protocol can be recorded Firewall Configuration Page 152 You may add more firewall rules for specific secunty purposes Click on the Add radio button at the screen shown above followed by the
3. Server interfaces 172 18 0 101 Show Dir Thtp Server Tftp Client Syslog server Connection received from 172 18 0 3 on port 2046 Read request for file lt Firmware IMG firmware MG sent 7506 blks 3642773 bytes Connection received from 172 185 0 3 on port 2048 Read request for file lt Firmware IMG lt Firmware IMG gt sent 7506 blks 3642773 bytes Curent 4ction p firmware MG gt w MBYTSTROVANY login useri Password BusyBox vi HA 2686 11 23 18 24 8666 gt Built in shell tash Enter help for a list of built in commands H set upgrade 172 18 8 161 Firmware IMG Please waiting It is upgrading Firmware nowt Finished Finished NOTE The fimmware upgrade process must NOT be interrupted otherwise the device might become unusable Page 166 Perform Firmware Recovery If the system failsto launch propery the access point will automatically switch to loader mode and the diagnostic LED will remain lighted The finmware should then be reloaded Access Point State Diagnostic LED 4 State Conupted firmware access point Blinks very fast automatically switchesto loadermode Recovery in progress ON Suc cessful recovery Blinks very slowly Before starting check the status of the diagnostic LED to confim if firmware failure hasoccunred Step 1 Stop powersupply and disconnect the access point from the network Step 2 Connect the LAN por
4. Cable ADS modem Routor A 192 148 148 254 Viorkstohorns Wireless Chert 5 Subnet 192 168 100 0 Page 96 Configure Static Routing Step 1 Select Routing from the CONAGURATION command menu The System Routing Table page displays Initially the table contains the default routing entnes of the access point Static Routing Table Metak Mask Gateway a Beck mk Destination Step 3 Enter the Destination IP Address Destinaton Net Mask and Gateway IP Address and click the Add button The Static Routing Table reflects the entry Page 97 System Routing Table Destination Network Mask Gateway 132 158 88 43 255 255 255 255 127 0 0 0 255 255 255 0 192 168 168 0 255 255 255 0 Static Routing Table Step 2 Click on the Static Routing Table button then clck the Add button Stat c Routing Table 132 166 100 0 255 255 255 0 132 166 1 ba 254 Lael Cancel Destination IF Address Destination M t MASK Gateway IP Address Static Routing Table Destination 192 168 100 oh 255 255 255 0 Network Mask Gateway 192 168 168 254 Use Routing Information Protocol Available in Wireless Routing Clientand Gateway modes RIP Routing Information Protocol allows information to be exchanged within a set of routers underthe same administration RIPv1 bases the path used to passtraffic between routers on the fewest number of hops between the source and destination IP
5. Change ESSIO sampleRouter Site Survey Remote AP MAC z q Wireless Profile B02 ita W Country NO_COUNTRY_SET NA v Tx Rate Fully Auto The Link Information ta ble displaysthe following data Link Information State Scanning tf tt th fh ft tt Current Channel bal TsFate iMbps Signal Strength 6 Page 58 Parameters Viewable from Desc nption Link Information page State Disolays whether the State is Scanning or Associated and MAC address of the access point to which the client isconnected Current Channel Channel presently being used for transmission Tx Rate Rate of data transmission in Mbps Signal Stength Intensity of the signal received in percentage Page 59 Scan for Channel Survey Available in Access Point and Gateway modes Channel Survey displays a list of all the channels supported by the access point shows the relative interference of all the channels and recommends the least congested channel Step 1 In the Mode Setup page click on the Channel Survey button WLAN Basic Setup Card Status enable The Current Mode Access Point Change ESSIO sampleHouter Wireless Profile 802 11 a w Country NO_COUNTRY_SET NA Channel SmarrtSelect w Channel Survey Tx Rate Fully Auto O Closed System C Act as RootAP C VLANID Apply Page 60 Channel Survey Status Freq Channel MyQuality APCount NeighQuality Recommendation 2437 Oo
6. For Windows 95 98 98SE ME NT sssssssssssssssssssssssssessssssssessseeseessesseeees 25 FOR WINGOWSAP 2000 variates cscssatdisnde eiae e e d dudeuauvandiue a wddeaantaestice 2 ACC E39 JHE WEB INTERFA G Eiamuniiiininwantiiaainiinaniieh 29 PSC C SSS WIE UC ONO rran aa aiaietni nae eimai ees 29 Manual access with Intemet Explorer ccccsssssseeeeeeeeeesessseeeeeeeeessaeens 32 PERFORM BASIC CONFIGURATION cccccseeeesseeeseesseeseeeenees 34 Setup Management POM eredni E 34 TO setup DHCP SONO n a daudeeedstevadeterecesavesdhes xe 40 View Active DHCP Lea S S sssssesessssesurrrrnnesurnnrnrennnnnrnnennnnnnrennnnrnreenrnnnne 46 Reserve IP Addresses for Predetermined DHCP Clients 06 47 Delete DHCP Server Reservation ccssssssseeeeeeeceesssseeeeeeeeessseassseeeeeees 49 Setup WLAN vcs svsirsiraians oubiaoneticasean abuser situunyiuadiaiauusedseutateacaaseusamnikaceuiana 50 Configure the Basic Setup of the Wireless MOd cceseseeeeeeeeeees 50 SC a NOs SIG SUN CY aanp neato 55 VIEW LINK INTOMNMG tOM nina a A 58 SCantor Na ANE SUV GY siaa ees 60 Alg MNE AS Me aasre AA 63 Configure the Advanced Setup of the Wireless Mode nsss 65 VIEW the Sta USEC S ieena restieianet see ieaaoess ada wrehnesatdneeditaneanet 67 Page 3 SOV OUI NIN ag Retake oe ce hth cnet cate teenies ah cceans Meeker at anaes cea caee 68 SUP LENEE SH area mane auemaminiieanes 76 Accessthe TELNET Command Line Inte rface
7. Page 52 Wireless Profile A selection of network environment types in which to operate the access point e 802 11a only Version AG Supports wireless A clients with data rates of up to 54Mbps in the frequency range of 5GHz e 802 11b only Supports wireless B clients with data rates of up to 11Mbps in the frequency range of 2 4GHz e 802 11b g mixed Supports both wireless B and G clients e 802 11g only Supports wireless G clients that offer transmission rates of up to 54Mbpsin the 2 4GHz frequency band Country Choose the Country where you are located Channel This option allows you to select a frequency channel forthe wireless communication and is only available in the Access Point Point to Point and Point to Multiple Point modes Select SmartSelect to automatically scan and recommend the best channel that the access point can utilize Tx Rate Allows you to choose the rate of data transmission ranging from 1Mbps to Fully Auto Closed System The access point will not broadcast its WLAN name ESSID when Closed system is enabled By default Closed system is disabled Page 53 Actas RootAP The access point will connect with 1 or multiple clients to create a point to point and point to multi point connection network with 2 ormore access points This connection mode is fully compliant with 802 1h standards VLAN ID This is the number that identifies the different virtual network
8. a rt TELETRONICS PSA INTERNATIONAL INC ysl Focusing On Your Needs PX XM lag Bu 2 iag gai TELETRONICS INZA INTERNATIONAL INC sestation5 Teletronics EZStation5 User Manual 6 18 2009 2009 Teletronics International Inc Disclaimers No part of this documentation may be reproduced in any form or by any means or used to make any derivative work such as translation transformation or adaptation without written permission from the copyright owner All other trademarks and registered trademarks are the property of their respective owners Statement of Conditions We may make improvements or changes in the product described in this documentation at any time The information regarding the product in this manual is subject to change without notice We assume no responsibility for errors contained herein or for direct indirect special incidental or consequential damages with the furnishing performance or use of this manual or equipment supplied with it even if the suppliers have been advised about the possibility of such damages Electronic Emission Notices This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference 2 This device must accept any interference received including interference that may cause undesired operation FCC INFORMATION The Federal Communication Commission Radio Frequency Interfer
9. different subnet from that of the home network it would inform the notebook that the gateway to the Intemet is in fact the access point itself From then the notebook would contact the access point for accessto the Intemet without any change to the TCP IP settings NOTE For SATto function propery 1 The IP address of the notebook should belong to a different subnet from the LAN IP address of your access point The lt Default Gateway gt in the TCP IP settings of your notebook should NOT be left blank Step 1 Select Static Address Translation from the Home User Features command menu Step 2 Se lec t whethe r to Enable or Enable Disable Static Address Translation Disable SAT and click the Apply button Status Enable Disable SAT is disabled by default Page 115 Use DNS Redirection Available in Wireless Routing Client and Gateway modes When you entera URL into your Intemet browser it requests fora name to IP address translation from the Domain Name System DNS servers to locate the web server hosting the desired website The DNS server searches its local cache for the answer and if found retums this cached IP address Otherwise it contacts other DNS servers until the query isanswered With DNS Redirection DNS requests from the LAN clients are processed by the access point It contacts the DNS server allocated by your ISP to resolve these DNS requests unless you have already specified a default DNS
10. releasing a public IP address to you The access point uses the System Name in the System Identity asthe DHCP Client ID Therefore if this is the case refer to your ISP for the comect DHCP Client ID to be set and follow steps 4 5to accomplish the setup Step 4 Steps 4 5 are forthose who need to set up the System Name in System Identity so that your ISP can authenticate itasa valid DHCP Client ID Select System Identity under the SYSTEM TOOLS command menu Step 5 Enter the DHCP Client ID assigned by your ISP forthe System Name You may also enter in a preferred System Contact person and the System Location of the access point Click the Apply button Select Reboot System under SYSTEM TOOLS and click the Reboot button to effect the settings System Identity System Name Wireless LAN Access Point System Contact unknown System Location unknown Page 69 Setup your WAN forcable intemet whereby fixed WAN IP address is assigned by ISP WAN Setup Parameters Example e IP Address 203 120 12 240 e Network Mask 255 255 255 0 e Gateway IP Address 203 120 12 2 Step 1 Under CONHAGURATION on the command menu select WAN Setup Step 2 Access the Select WAN Type page and select Static IP Address before clicking the Apply button Select WAN Type Static IP Address Dynamic IP Address PPP over Ethernet PPTP L2TF Step 3 Fill in the infomation provided by your ISP in the IP Address Network Mask and Gat
11. 0 28 2447 23 2452 9 2462 9 Recommended 2417 130 2432 194 2457 0 2412 4 2442 0 2422 198 2427 112 OO oO 09909000000 nw ee we ew oO oO Oo 3 lt Step 2 To connect the client to one of the channels detected select the corresponding radio button Step 3 Click on the Apply button to effect the change and retum to the setup page Step 4 Click on the Refresh button to update the screen Page 61 Read Only Parameters of All Desc nption Channels Viewable from Channel Survey page Freq Frequency of the channel at which your access point isoperating Channel Channel of the access point being used for transmission depending on its ongin of country MyQuality Interference level of the respective channel with this AP The lower the value the less interference If the value is zero there isno interference APC ount Total number of access points operating at the Current channel NeighQuality Interference level with those discovered APs at those respective channels The lower the value the less interference If the value is zero there is no interference Recommendation Best channel for the device to use in its curent environment Page 62 Align the Antenna Antenna Alignment precisely aligns the antenna over long distances for higher signal strength to improve the connection between the access point and another access point Step 1 Select WLAN Setup from the CONH
12. 4 5 6 Status and Indication Tas Steady Power is supplied to the device Red No poweris supplied to the device Blinking respective port is transmitting ie data pr Mere U No connection is esta ee edged Steady respective port has successfully Red e to the access point Blinking The respective port is transmitting Red receiving data E Aa No connection is esta P ae 10 ACTLED Steady respective port has successfully Red DN to the access point Page 17 4 WLAN LED Steady Wireless interface up and running Red Ready for operation Flashing Activity is detected in the wireless network Red oo Flashing Data transmission at WAN connection Red epee Flashing _ It indicates that the firmware isconupted Red Connection for computer with NIC Network Interface Card or Ethemet network card Device is power up with PoE on this LAN port SURGE Connectto a ground wire ARRESTOR RESET To reboot pressonce BUTTON To reset password press and hold the button for 5 seconds before releasing it To restore the factory default settings pressand hold the button for 8 seconds before releasing tt Page 18 Install the Hardware This section will show you how to install the hardware of the access point Page 19 Antenna Alignment The antenna alignment of the access point must first be considered to ensure that the signal is strong Installation Direction After considenng the antenna alignment the dire
13. Intemet Access Type Static IP Address Use Static IP Address if you have subscnbed to a fixed IP addressorto a range of fixed IP addresses from your ISP Dynamic IP Address With Dynamic IP Address the access point requests for and is automatically assigned an IP address by your ISP for instance e Singapore Cable Vision e HOME Cable Services PPP over Ethemet PPPoE Use PPPoE if you are using ADSL services in a country utilizing standard PPPoE authentication for instance e Gemany with T 1 Connection e Singapore with SingNet Broadband or Pacific Intemet Broadband PPTP Use PPIP if you are using ADSL services in a country utilizing PPTP connection and authentication Layer Two Tunneling Protocol L21P L2TP enables ISPsto operate Virtual Pnvate Networks VPNs Page 13 Wireless Adapter Mode In Wireless Adapter Mode the access point can communicate wirelessly with another access point to perfomm transparent bndging between 2 networks like in the Access Point Client Mode In this mode however the wireless adapter connects to a single workstation only No client software ordnvers are required to use this mode Optional additional feature Point to Point connection in this operation mode is also supported if you specifically wish to connect with an access point only Please referto the Point to Point setup section internet Dynamically Cable ADSL leased IP I i modem Switch sddreee from T ro
14. Page 173 To Logout Step 1 Select Logoutfrom the SYSTEM TOOLS menu Step 2 Click the LOG ON button to access the access point configuration interface again Wireless LAN Access Point Management Please enter your password Cee Log On Man Forgot your password see the User s Guide for instructions Page 174 Use the HELP menu View About System System Information displays system configuration information that may be required by support technicians for troubleshooting Select About System from the HELP menu The System Information page displays information about the access point configuration settings Device System Up Time BIOS Loader Version Firmware version Network Address Translation Wireless Hardware Address WLAN name ESSID Operating frequency Operating Channel Security mode ESSI LAN Port Hardware Address IP Address Network Mask DHCP Server WAN Port Hardware Address WAN Type IP Address Network Mask Default Gateway Page 175 System Information 0 Days 06 45 50 2 31 build 0310 2 06 build 1229 Enabled 00 80 48 37 95 8b Access Point OMHz2 0 None 0 00 80 48 37 95 8a 192 168 168 1 255 255 255 0 Enabled 00 80 48 37 95 8b Dynamic DHCP Get Technical Support This page displays the contact information of technical support centres around the word lf further information unavailable in the man
15. Syslog This section shows how to e Setup Syslog e View logged infomation The System Log Setup page allowsthe user to e Enable or Disable system logging e Set the Remote IP Address or Domain Name and Remote Port for the router to send the system log messages to Page 158 Follow these steps to setup Syslog Step 1 Click on Syslog from the SYSTEM TOOLS menu Step 2 System Log Setup Status Enable Disable Logging IP or Domain Name 192 168 168 1 Logging Port Select to Enable Syslog Enter the Logging IP or Domain Name Enter the Logging Port Click Apply to make the changes Page 159 Follow these sample stepsto view logged information Step 1 Search fora Syslog listening application Web Images Groups News more Search the web pages from Singapore Step 2 Select a Syslog listening application Web Syslog Daemon for Windows Free Syslog Server Firewall logging Windows Syslog Daemon recelves filters logs displays and forwards Syslog messages and SNMP traps Freeware and service versions available Step 3 Download Syslog listening application Download Now Step 4 Insta Il Syslog listening application a Step 5 View logged information on Syslog listening application Syslog Daemon See File Edit View Help oh T ma A Display 00 Default Date Time Priority Hostname Message 03 07 2006 10 18 36 Mail Info 10 0 0 10 This is Syslog test message
16. Timeout setting allows you to specify the value in seconds after the last Intemet activity by which the access point will disconnect from the ISP A value of 0 will disable idle timeout WAN PPTP Setup WAN Type PPTP IP Address 192 165 88 43 Network Mask 255 255 255 0 Username sampleUser Password VPN Server 192 165 88 22 Idle Timeout 3600 30 3600 0 disabled Status Disconnected Refresh Status IP Address Network Mask Gateway IP Address Apply Email Notification Page 75 Setup Telnet SSH Client sends to Server Internet Telnet allows a computer to remotely connect to the access point CLI Command Line Interface for control and monitonng SSH Secure Shell Host establishes a secure host connection to the access point CLI for contol and monitonng Step 1 Select Telnet SSH Setup from the CONAHGURATION menu Step 2 1 Select Telnet Server Enable and enter the Port Numberto enable 2 Select SSH Server Enable and enter the Port Numberto enable 3 Enter the Time outin seconds for Telnet Click the Apply button Telnet SSH Setup Time outtseconds W Telnet Enable Port Number 23 ko 22 SSH Enable Port Number Apply Page 76 Step 3 To add user 1 Click the Add button User Management Select User Name Permission 2 In Add User Entry Page enter the User Name Password and soecify whether the user is granted pemission to Read Only or Read Write 3 Cli
17. WLAN Basic Setup Card Status enable The Current Mode Transparent Client ESSID Remote AP MAC 03 00 26 23 00 00 Wireless Profile 602 1148 v Country ENO COUNT RSET UNA Tx Rate Fully Auto w Note When using Remote AP MAC the ESSID name must also match the AP s ESSID name especially when Closed System is enabled on the AP Repeat Transparent Client step to add more points to the Point to MultiPoint connection Page 139 Secure your Wireless LAN Step 1 Select Security from WLAN Setup under the CONHGURATION menu Step 2 Make a selection from the Security Mode drop down list The Security Mode is set to NONE by default Click on the Apply button WLAN Security Setup Security Mode WPA Personal IEEE G02 Ts WP Enterprise WPA Personal WPA Enterprise WPA Auto Personal WiPA Auto Enterorise NOTE All nodes in your network must share the same wireless settings in orderto communicate Page 140 Setup WEP At the WEP Setup page WEP Setup Key String Type Hex 0 9 a f A F Length 10 or 26 Ascii 0 9 a z A Z Length 5 or 13 Transmission key Keyl Key 1 64Bit O ISA Key 2 64Bit O Reset Key 3 64Bit O 128Bit Key 4 64Bit O 128Bit Step 1 Specify the key enty type by selecting either e Use Hexadecimal e Use ASCII Step 2 Select the Transmission Key from the pull down menu eKey 1 e Key 2 e Key 3 e Key 4
18. and Port 11 For more information on Virtual AP Multiple SSID please refer to Appendix Virtual AP Multiple SSID FAQ Page 128 Follow these stepsto setup Virtual AP Virtual AP Click on WLAN Setup from the CONHGURATION menu Select Virtual AP Virtual AP List Virtual AP List page displays Statistics Security View NONE c e ClickApply to register changes XX XX XX XX XX XX View NONE elete p p y g g j Back changes will take effect after reboot All c Click Clearto clear Virtual AP List Click Back to retum to WLAN Basic Setup page Select the Delete option beside any Virtual APs you wish to delete Click Add to goto add Virtual AP page Virtual AP 1 Enter ESSID name ESSID sample virualAr VLAN ID i 2 Settings Closed System e VLAN ID RootaP e Closed System Security Mode MONE e RootAP beh Becks Select Secunty Mode Click Apply to make changes or click Back to retum to Virtual AP List page Page 129 Set Prefered APs Available in Client Mode When there is more than one AP with the same SSID the Preferred APs function allows you define the MAC address of the APs in order of preference The MAC address at the top of the Preferred APs list has the highest connection preference and the MAC address at the bottom has the lowest connection preference Follow these stepsto specify your preferred APs Preferred APs 1 Click on WLAN Setup from the CONFIGURAT
19. any other antenna or transmitter Caution Changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment Page 2 Table of Contents OVERVIEW THE PRO DUC T ccccceccssseeseeeeeseeteseeseseeteseetegeeseeeeas 6 TIO GUC THO ia sesedesexteuwnssetcaedutsnubeaaacniedaniat a tetraacetate 6 Feat res and Bene Sraa 7 When to Use Which MOQe ssesssssssessrrrrnnesnrnrrnnesnrnrrnnnnnnnnrnrennnnrnnnennrnrnneennnnnne 9 ACCESPONEMOO C ess tess cide sacucnsrcncareane ap seanesnhan tastes anes ade sevmuctoncudeaeanteanees 9 ACCESS POINT CIIGNUMOG Castes cccoeasset anita sce oectinncesiaatanaaeGanianscenenaauatanneeaes 10 Wireless Routing Client MOC cccccccccsssssssseeeeeeeeeeseeesseeeeeeeesenaaeseeeess 11 Gateway ModE amanan una aaa eaea rea dcan 12 Wireless Adapter MOGC ccsssssecceeecceseeesssseeeeeeceeseeeasseeeeeeseessesaasseess 14 Transparent Client Mode eecccccccccsssssssseeeeeeeeeeeeeesseeeeeeeessessaassseenseseess 15 PANEL VIEWSAND DESC RIP HO N rrrainis pnr 17 INSIALCIHE HARDWARE soiien 19 ANEM AINME Nerana vel naan mannan 20 Msta la ton DIe UO Miesin iniiitinikoriidni a aaia aaka 21 SETUP Regue ments seisein a a a EA 22 i gt 21 Ht 16 E o TEE arr te rece E rrr A E rr rrr nt er cere 22 Mount the Unit on a Pole viveisciicisccrstincucttasauyeiinradaendnadandieakceueninaedeaencaatuns 23 CONFIGURE THE IP ADDRESS onines 25
20. backup in case the active link should fail If SIP costs change or if one network segment in the SIP becomes unreachable the spanning tree algonthm reconfigures the spanning tree topology and re establishes the connection by activating the standby path The path with the smallest cost willbe used and extra redundant paths will be disabled After Implementing STP pe or t rot gt i AP 2 k ee i 8 pi Fis s Cc AP 5 AP 4 cot gi Page 83 Scenario 1 No SIP With no SIP all clients Notebook 1 2 3 4 can access one another resulting in low data secunty Due to the redundant paths broadcast packets will be duplicated and forwarded endlessly resulting ina broadcast stom NO STP NO PVLAN W Notebook 1 Se AP 2 AP 3 i 2 Notebook 2 5 S Notebook 4 VT Notebook 3 AP 4 APIS Scenano 2 With SIP With SIP extra redundant network paths between access points will be disabled hence preventing multiple active network paths in between any 2 access points If one of the access points is down the SIP algonthm will reactivate one of the redundant paths so that the network connection will not be lost All wireless users will be able to communicate with each other if they are associated to the access points that are in the same zone STP NO PVLAN ea ae pre Notebook 1 r S Notebook 4 Page 84 Step 1 Select SIP Setup from the CON
21. containing a DIM every 100 kilomic rosecond 1 kilomicrosecond equals 1 024 microsecond Minimum size of a packet in bytes that will tigger the RIS CTS RTS CTS Threshold mechanism This value extends from 1 to 2312 bytes Maximum size that a packet can reach without being Frag Threshold fragmented represented in bytes This value extends from 256 to 2346 bytes where a value of 0 indicates that all packets should be transmitted using RTS Drop down list of a range of transmission power Transmit Power Disables the radio card automatically when the Ethemet link is Radio Off When Ethemet Link down Down NOTE The values illustrated in the example are suggested values for their respective parameters Page 66 View the Statistics The Statistics feature reveals information on the wireless device connected to the WLAN Step 1 Select WLAN Setup from the CONHGURATION menu The sub menus under WLAN Setup expand select Statistics Wireless clients that are connected to the WLAN are shown in the WLAN Station List Step 2 Click on the Refresh button to get the latest information on the availability of wireless clients in the wireless network WLAN Station List MAC Address RSSI TxRate 00 80 48 37 86 dd 1 36Mbps Refresh Back Step 3 To check the details on an individual wireless client click on the corresponding MAC Address in the WLAN Station List The statistics
22. default settings Reset your settings Step 1 Select Backup or Reset Settings from the SYSTEM TOOLS menu Step 2 To discard configurations made and restore the access point to its initial factory settings click on the Resetbutton Backup or Reset Settings Erase the Machine s configuration restore its factory default Reset settings gt Backup the Machine s configuration gt Restore the Machine s configuration path and file name Step 3 The system will prompt you to reboot your device click on the Reboot button Page 169 Backup your Settings Step 1 Select Backup or Reset Settings from the SYSTEM TOOLS menu Step 2 To back up the curent settings of your access point onto your hard disk drive click on the Backup button Backup or Reset Settings Erase the Machine s configuration restore its factory default settings gt Backup the Machine s configuration gt Restore the Machine s configuration path and file name Browse Restore Step 3 Save your configuration file to your local disk File Download Do you want to save this file Name config cfg Type Unknown File Type 7 52 KB From 192 168 168 1 While files from the Internet can be useful some files can potentially harm your computer If you do not trust the source do not save this file What s the tisk Page 170 Restore your Settings Step 1 Select Backup or Reset Set
23. drop down lst you may also choose to apply the rule to A Range of time In which case you have to specify the time in the format HH MM where HH may take any value from 00 to 23 and MM any value from 00 to 59 Any time Here you may leave both From and To fields blank Step 5 Click on the Apply button to make the new rule effective The Filtering Configuration table will then be updated Add a new Packet Filter rule Rule Mame Blocktos IP Address Army rom 192 165 1658 192 168 168 rk Single Fram 27015 1 27015 OF the Week Ranga Om Man Oo Fn bel wv Day Range hh 00 23 mm 00 53 rom 0700 Ahem 18 00 hh mm Ean Cene Fe Page 150 Time of the Day Range hh 00 23 mm 00 59 From 08 00 hh mm To 21 30 hh mm Time of the Day Any hh 00 From hhimm To hh mm Step 6 In this example we would block an application called CS from all PCs any IP address within the network from Monday to Fnday 7am to 6pm and this application is using the port number 27015 Therefore fora rule we name BlockCS and add the entnes depicted on the left Clicking on the Add button will effect your packet filter rule Use URL FAiltenng URL Filtering allows you to block objectionable websites from your LAN users Configure URL Filtering Step 1 Select URL Filtering from the Security Configuration command menu
24. number 24 03 07 2006 10 18 35 System3 Emerg 10 0 0 10 This is Syslog test message number 23 03 07 2006 10 18 34 Local0 Emerg 10 0 0 10 This is Syslog test message number 22 03 07 2006 10 18 33 Mail Debug 10 0 0 10 This is Syslog test message number 21 03 07 2006 10 18 32 Syslog Warning 10 0 0 10 This is Syslog test message number 20 03 07 2006 10 18 31 Local0 Debug 10 0 0 10 This is Syslog test message number 19 03 07 2006 10 18 30 Local5 Alert 10 0 0 10 This is Syslog test message number 18 03 07 2006 10 18 29 System4 Debug 10 0 0 10 This is Syslog test message number 17 03 07 2006 10 18 28 Local3 Info 10 0 0 10 This is Syslog test message number 16 03 07 2006 10 18 27 Lpr Critical 10 0 0 10 This is Syslog test message number 15 03 07 2006 10 18 26 System4 Notice 10 0 0 10 This is Syslog test message number 14 03 07 2006 10 18 25 System1_Critical 10 0 0 10 This is Syslog test message number 13 03 07 2006 10 18 24 User Warning 10 0 0 10 This is Syslog test message number 12 03 07 2006 10 18 23 System2 Info 10 0 0 10 This is Syslog test message number 11 03 07 2006 10 18 22 Local6 Critical 10 0 0 10 This is Syslog test message number 10 03 07 2006 10 18 21 Local4 Emerg 10 0 0 10 This is Syslog test message number 9 03 07 2006 10 18 20 UUCP Debug 10 0 0 10 This is Syslog test message number 8 03 07 2006 10 18 19 Local4 Info 10 0 0 10 This is Syslog test message number 7 03 07 2006 10 18 18 User Error 10 0 0 10 This is Syslog test message number 6 03 07 2006
25. of 10 and above NOTE To ensure proper functionality of the device select to Stop antenna alignment Altematively you may also reboot the device Configure the Advanced Setup of the Wireless Mode Step 1 Select WLAN Setup from the CONHAGURATION menu to expand four sub menus From here select Advanced Step 2 Enterthe parameters in the WLAN Advanced Setup page Step 3 Click on the Apply button to update the changes WLAN Advanced Setup Beacon Interval Data Beacon Rate DTIM RTS CTS Threshold Frag Threshold Transmit Power Antenna Control Station Isolation Radio Off When Ethernet Link Down joo 100 20 1000 1 1 1 16384 2312 2312 1 2312 2346 2346 256 2346 Maximum Auto _ E d Page 65 Advanced Setup Parameters Beacon Interval Only in Access Point mode Desc nption Amount of time between beacon transmissions This tells the client when to receive the beacon A beacon isa guidance Signal sent by the access point to announce its presence to other devices in the network Data Beacon Rate DTIM Only in Access Point mode How often the beacon contains a delivery traffic indication message DTM The DTM identifies which clients have data waiting to be delivered to them If the beacon penod is st at the default value of 100 and the data beacon rate is set at the default value of 1 the access point will send a beacon
26. of the selected wireless client displays 00 80 48 37 86 dd Statistics Authentication Type Encryption Open System Authentication Deauthentication ssociation isassociation eassociati 0 0 MSDU Data In Client mode you are not allowed to view the information of other wireless clients to do that you need to change to the Access Point mode Page 67 Setup your WAN Available in Wireless Routing Client and Gateway modes Setup your WAN to share Intemet connection among the clients of the access point Setup your WAN forcable intemet whereby WAN IP address is dynamically assigned by ISP The access point is pre configured to support this WAN type However you may venfy the WAN settings with the following steps Step 1 Under CONHGURATION on the command menu select WAN Setup Step 2 On the WAN Dynamic Setup screen venfy that the WAN Type is Dynamic DHCP Otherwise click on the Change button WAN Dynamic Setup WAN Type Dynamic DHCP IP Address Network Mask Gateway IP Address Primary ONS Secondary ONS Step 3 Select Dynamic IP Address and hit the Apply button Reboot to let the settings take effect Select WAN Type Static IP Address Dynamic IP Address PPP over Ethernet PPTP L2TP Page 68 Note Additional configuration might be required before your ISP will allocate an IP addressto the access point Certain ISPs require authentication through a DHCP Client ID before
27. one end of an Rj 45 Ethemet cable to the LAN OUT port of the Injector and the other end to LAN of the access point Maximum length of the RJ 45 Category 5 cable is 100 meters Up to 200mW radio For higher power radio need upgrade to higher rating power adapter Page 23 Ges Connect the RJ 45 Ethemet cable attached to the PoE Injector to a network device such asto a switch orto the PC you will use to configure the access point PoE power input Passive PoE range 12V 24V DC Network Connect the power adapter in the PoE kit to the main electncal supply and the power plug into the socket of the injector Now tum on your power supply Notice that the POWER LED has lighted up This indicates that the access point is receiving power through the PoE Injector and that connection between the access point and your network has been established Note Please use the power adapter in the PoE kit Using a power adapter with a different voltage rating willdamage this product Main Elechical Supply 0 Network Page 24 Configure the IP Address After setting up the hardware you need to assign an IP address to your PC so that it isin the same subnet asthe access point For Windows 95 98 98SE ME NT Step 1 From your desktop nght c lick the Network Neighborhood icon and select Properties Step 2 Select the network adapter that you are using then nght click and select Properties Step 3 Hi
28. segments to which the network devices are grouped Thiscan be any numberfrom 1 to 4094 Channel Survey A list of channels that are detected by your access point in the WLAN Information such as frequency channel MyQuality NeighQuality APCount and Recommendation can be found in the listing The Access Point and Gateway modes support this feature Page 54 Scan for Site Survey Available in Client and Wireless Routing Client modes Step 1 In the Mode Setup page click on the Site Survey button WLAN Basic Setup Card Status enable The Current Mode Client Change ESSID sampleRouter Ste Survey Remote AP MAC C Wireless Profile 802 118 v Country NO_COUNTRY_SET NA Tx Rate Fully Auto v The Site Survey provides a list of the MAC addresses BSSID and SSID of neighbounng access points detected the Chan channels Auth Authentication Alg Algonthm used and the strength of the Signal received Site Survey Bssid SSID Chan Auth Alg Signal 008048003472 Online e WPA sap B PSK O 00804821f877 tang WPA fep g EAP O 00804835891e OPEN NONE 00804800348d OMEGAI OPEN NONE 00804824c675 Any OPEN NONE Apply Back Page 55 Step 2 To connect the client to one of the access points detected select the radio button comesponding to the access point you want to connect to Step 3 Click on the Apply button to effect the change and retum to the setup page Step
29. unty Features Use Packet Filtering Packet filtering selectively allows disallows applications from Intemet connection Configure Packet Filtering Step 1 Select Packet Filtering from the Secunty Configuration command menu Packet Filter Configuration Packet Filter Type Disabled Step 3 Select from three choices Disabled Sent Discarded and then click on the Apply button The default is Disabled which allows all packets to be sent Packet Filter Configuration Packet Filter Type Sent Rule IP Address es Destination Day of the Time of the Name 3 week Add Step 4 Click on the Add button and you will be able to define the details of your Packet Filter Rule from the screen on the nght 4a Enter Rule Name for this new packet filtenng rule For example BlockCS 4b From the IP Address drop down list select whether to Page 148 Step 2 Select the Packet Filter Type by clicking on the Change button Select Packet Filtering Type Disabled All IF packets will be sent Sent AIP packets willbe sent except for eae those matching one or more ot the rules All JF packets will be discarded except for those matching one or mone of the rules O Orsearded Apply Add a new Packet Filter rule Rul Bari IP Address ijAy Prom 192 168 168 T 192 168 168 Destination Fort i Any Prom T Day of the Week i A rori i Kon To 2 Pn Tine of the Day Avr ap
30. 10 18 17 Local3 Notice 10 0 0 10 This is Syslog test message number 5 03 07 2006 10 18 16 Kernel Info 10 0 0 10 This is Sysloa test message number 4 w 100 24 MPH 10 20 03 07 2006 Page 160 Set System Identity You can set the System Identity of the access point to be uniquely identifiable Step 1 Select System Identity from the SYSTEM TOOLS menu System Identity System Name Wireless LAN Access Point System Contact unknown System Location unknown Step 2 Entera unique System Name Step 3 Enterthe name ofa contact person in the System Contactfield Step 4 Enter the System Location This entry identifies the device location especially when there are multiple devices Step 5 Click on the Apply button to effect the changes Setup System Clock Page 161 Step 1 Select System Clock Setup from the SYSTEM TOOLS menu System Time Setting Current Router Time lat 13 2000 21 22 14 and Time Zone GMT 07 00 Proposed Router Time 07704 2005 00 53 17 Select to Change the Time Zone for the Router Location GMT 07 00 Mountain Time US amp Canada v Auto Time Setting SNTP Enable Disable itime nist gov Time Servers i F i cesium mtk nao ac jp v S e g time nist gov ns arc nasa gov Step 2 Select the appropnate time zone from the Select to Change the Time Zone forthe Router Location drop down list Step 3 Enable the
31. 4 Click on the Refresh button to update the screen Page 56 Read Only Parameters of Desc ription Neighbounng Access Points Viewable from Site Survey page Bssid Wireless MAC address of the access point ina wireless network infrastructure SSID Network name that uniquely identifies the network to which the access point is connected Chan Channel being used fortransmission Auth Types of authentication such as WPA WPA Personal etc being used by the access point Alg Types of algonthm such as WEP TKIP etc being used by the access point Signal Strength of the signal received in percentage NOTE Site Survey is used to scan and display all access points based on the Current secunty setting of youraccess point Explanation of the following information supplied by the Site Survey according to the secunty setting e lf the secunty mode is set to None or WEP the scan will show all available access points with no secunty or WEP secunty If the secunty mode is set to WPA Personal the scan will show all available access points with all types of secunty from no secunty WEP sec unty to WPA Personal sec unty Page 57 View Link Information Available in Client and Wireless Routing Client modes To view the connection status when the client is linked to another access point click on the Show Link Information button WLAN Basic Setup Card Status enable The Current Mode Client
32. 9 70 f8 70 80 70 mac2 O 00 b0 d0 86 bb f7 mac3 i changes wili take effect after reboot all 1 AP s Page 92 Step 3 The MAC Filter Address List page displays with updated MAC Address List MAC Filter Address List MAC Address List ESSID sampleRouter Del MAC Address Comments Apply to Fi 08 70 f8 70 80 70 maci all tall 00 b0 d0 86 bb f7 mac3 1 AP s All changes will take effect after reboot Page 93 Edit MAC Address from the MAC Address List Step 1 Select MAC Filtering from WLAN Setup The MAC Address Filtering page displays Select Edit MAC Address Filtering Radio 1 MAC Filtering Options AP Type ESSID Security Status Policy Main AP sampleRouter NONE i Enable i Accept vi Virtual AP VAP1 NONE it Disable Deny Virtual AP VAP2 NONE it Enable Den view Complete MAC List Step 2 MAC Filter Address List page displays Select the MAC addressto edit MAC Filter Address List MAC Address List ESSID API Del MAC Address Comments Apply to F O8 70 f8 70 80 70 mac4 1 APES C Al changes wil take effect after reboot Page 94 Page 95 Step 3 The Edit MAC Address page displays Edit the MAC address settings accordingly Click the Save button Edit MAC Address MAC Address 08 70 18 70 80 70 XX XX XX XX XX XX Comment macd Apply to All Selected AP ESSID Security sampleRouter NONE YAPI NONE VAP2 NONE Save Cancel Ste
33. Auto Time Setting SNIP radio button SNIP stands for Simple Network Time Protocol and is used to synchronise computer clocks Step 4 Fill in the Time Servers field and click on the Apply button to effect the changes Page 162 Upgrade the Amware with UC onfig You can check the types and version of your finmware by clicking on About System from the HELP menu To begin with ensure that you have the updated firmware available Step 1 Select Rrmware Upgrade from the SYSTEM TOOLS menu Firmware Upgrade Browse A Upgrade Firmware path and file name Step 2 Click on the Browse button to locate the file Step 3 Click on the Upgrade button Follow the instructions given dunng the upgrading process Firmware Upgrade CAUTION Upgrading firmware now please wait 50 seconds and don t turn off the power until see the Firmware Upgrade Successfully page reboot to effect all changes BURNING FLASH Please keep current upgrade page 7 Step 4 You need to reboot the system after the finmware upgrade Firmware Upgrade Firmware upgrade successfully reboot now NOTE The fimmware upgrade process must NOT be interrupted otherwise the device might become unusable Page 163 Upgrade the Anmware with Command Line Interface You can check the types and version of your fimmware by clicking on About System from the HELP menu in UC onfig Follow these steps to upgrade firmware from Com
34. Basic Setup of the Wireless Mode WLAN Basic Setup Card Status enable The Current Mode Access Point ESSID sampleRouter Wireless Profile 02 114 v Country NO_COUNTRY_SET NA Channel smartSelect v Tx Rate Fully Auto v CI Closed System O Act as RootaP CO VLANID RootAP Step 2 Select Act as RootAP click on the Apply button and reboot your device to let yourchangestake effect Page 136 Page 137 WLAN Basic Setup Card Status The Current Mode ESSID Wireless Profile Country Channel Tx Rate enable Access Point sampleRouter 802 11a v NO_COUNTRY_SET NA SmartSelect J Channel Survey Fully Auto CO Closed System Act as RootaP C VLANID Follow these stepsto setup Transparent Client s Transparent Client Step 1 Click on WLAN Setup from the CONHGURATION menu You will see the sub menus expanded under WLAN Setup Click on Basic Ensure that The Current Mode is set to Transparent Client To change The Current Mode please refer to Common Configuration WLAN Setup To Configure the Basic Setup of the Wireless Mode WLAN Basic Setup Card Status enable The Current Mode Transparent Client ESSID sampleRouter Site Survey Remote AP MAC o Wireless Profile 802 1148 inal Country NO_COUNTRY_SET NA Tx Rate Fully Auto Page 138 Transparent Client Step 2 Select the Remote AP MAC checkbox Enter the Remote AP MAC
35. CP server followed by the Parallel Broadband feature enabled through the web based configuration Please note that all the access points need to be interconnected Step 1 Select Parallel Broadband from the CONHGURATION command menu Step 2 Select Enable and click the Apply Parallel Broadband Enable Disable button Status Enable Disable Step 3 Appl Repeat Step 1 and Step 2 for the ae rest of the access points New users will then be assigned to the access point with the smallest load ensunng that each access point has approximately the same number of users Important Implementing Parallel Broadband is redundant if there is only 1 access point Page 112 Setup Email Notification This feature notifies you by email if there is a change in the WAN IP address that was supplied to you Step 1 WAN PPPoE Setup Select WAN PPPoE Setup or WAN PPIP Setup from the CONHAGURATION command menu Step 2 ETETE Click on the Email Notification noua button Gefault Gateway Primary DAS Secondary DNS Email Notification Email Notification Enable Disable Email address of Receiver mail yahoo com IP address of Mail Server 192 168 88 43 Needs Authentication User Name sampleUser Password eeee Email address of Sender send yahoo com Status Step 3 Select to Enable Email Notification and enter the following details e Email address of Receiver Email address of the receiver t
36. EEE 802 1x TLS TILS PEAP EAP SIM Network Interface 1x RJ 45 10 100 Mbps auto negotiating Ethemet port Modulation e BPSK Binary Phase Shift Keying e QPSK Quadrature Phase Shift Keying e CCK Complementary Code Keying e 16 QAM 64 QAM Quadrature Amplitude Modulation Radio Technology e DSSS Direct Sequence Spread Spectrum e OFDM Orthogonal Frequency Division Multiplexing Output Power IEEE 802 11la Version AG 20 26 dBm depend on configuration IEEE 02 11b 20 26 dBm depend on configuration IEEE 802 119 20 26 dBm depend on configuration e SNMP RFC 1157 e MIB II RFC 1213 LED Indicators e Power e Diagnostic e LAN Lnk Activity e WLAN Lnk Activity Page 186 IP Addressing All c la ssful c la ssle ss subnets Management e Telnet Command Console e HTIP Web Management e SSH e Syslog Built in DHCP Server Yes DHC P Reservation By MAC address Operating e 11 Channels US and Canada Channels e 13 Channels Europe e 14 Channels Japan Load Balancing Parallel Broadband in Gateway mode Fail Over Parallel Boadband in Gateway mode Redundancy Virtual Server IP and Port Forwarding De Militansed Zone IP Packet Filtering e Time based By TCP Port Static amp Dynamic Entry Through Web based Configuration Menu Interface Restore Power Requirements Passive PoE range 12V 24V DC Page 187
37. EUZ BZ CTRY BOUVIA BO CTRY BRAZL BR C TRY_BRUNEI DARUSSALAM BN CTRY BULGARIA BG CTRY_ CANADA CA CTRY_CHILE CL CTRY_CHINA CN CTRY COLOMBIA CO CTRY_COSTA RICA CR CTRY_ CROATIA HR CTRY_CYPRUS CY CTRY_CZECH CZ CTRY DENMARK DK CTRY_ DOMINICAN REPUBLIC DO CTRY ECUADOR EC C TRY_EGYPT EG C TRY_EL SALVADOR SV CTRY ESTONIA EE CTRY_ FINLAND FI CTRY_ FRANCE FR CTRY FRANCE2 F2 CTRY GEORGIA GE CTRY_ GERMANY DE CTRY_ GREECE GR CTRY_ GUATEMALA GT C TRY HONDURAS HN CTRY HONG KONG HK CTRY_ HUNGARY HU CTRY_ICELAND S y CTRY_INDIA N y C TRY INDONESIA ID Page 178 Page 179 CTRY_IRAN IR CTRY_IRELAND E CTRY_ISRAEL IL CTRY ITALY T CTRY JAPAN P CTRY JAPANI 1 CTRY JAPAN2 J2 CTRY JAPAN3 3 CTRY JAPAN4 4 CTRY JAPANS J5 CTRY JAPANG J6 CTRY JORDAN JO CTRY_KAZAKHSTAN KZ CTRY_KOREA_NORTH KP CTRY_KOREA ROC KR CTRY_KOREA_ROC2 K2 CTRY_KOREA_ROC3 K3 CTRY_KUWAIT KW CTRY_ LATVIA LV CTRY LEBANON LB CTRY_UECHTENSTEIN LI CTRY_ LITHUANIA LT CTRY_LUXEMBOURG LU CTRY MACAU MO CRY MACEDONIA MK CTRY_MALAYSA MY CTRY MALTA MT CTRY MEXICO MX CTRY MONACO MC CTRY MOROCCO MA CTRY_NETHERLANDS NL CTRY_
38. Editbutton Rule Name Disposition Policy Protoc ols ICMP Types Page 153 Edit Firewall rule Entera unique name to identify this firewall rule This parameter determines whether the packets obeying the rule Should be accepted ordenied by the firewall Choose between Acceptand Deny Users are allowed to select the type of data packet from ICP UDP ICMP IGMP or ALL Note If users select either ICMP or IGMP they are required to make further selection in the ICMP Types or IGMP Types respectively This IP protocol is used to report emors in IP packet routing ICMP serves asa fom of flow control although ICMP messages are neither guaranteed to be received ortransmitted ICMP Packet Type Echo request Determines whether an IP node a host ora router isavailable on the network Echo reply Repliesto an ICMP echo request Destination Informs the host that a datagram unreachable Cannot be delivered Informs the host to lower the rate at IGMP Types Source IP Destination IP Source Port Destination Port Check Options Page 154 which it sends datagrams because of congestion Redirect an IP datagram hasexpired Informs that host that there isa problem in one the ICMP parameter packet packet packet This IP protocol is used to establish host memberships in particular multicast groups on a single network The mechanisms of the protocol allow a host to infom its local router using Host
39. GURATION menu You will see the sub menus expanded under WLAN Setup Click on Antenna Alignment The Antenna Alignment page can act aS a diagnostic tool to check the communication with a remote device The remote AP MAC Address is preset to all zeros by default Antenna Alignment Step 2 If you wish to specify the MAC address of the remote AP edit the field next to Remote AP Address option followed by clicking on the Start button A pop up status screen will display allowing you to monitor the Signal strength received from the remote access points If there is no specified access point with the specified MAC address this screen will display To abort or to key in the MAC address of another available remote access point click on the Stop button Antenna Alignment No specified AP available around Stop Page 63 NOTE f no MAC address is entered the Antenna Alignment too will make use of the SSID to align the antenna Please ensure that the corect SSID is entered If more than one access points share the same SSID the access point with the strongest signal will be shown Signal Strength Status of DIAG LED RSSI Value Indicated by DIAG LED Above 20 Stays tumed on Between 19 and 17 Flashes 6 times Between 17 and 14 Flashes 3 times Between 13 and 10 Flashes once Below 10 Tums off Page 64 NOTE Outdoor long distance connection should preferably have signal strength of a RSSI
40. HGURATION menu Step 2 Select the SIP Status Enable radio button fill in the fields and click on the Apply button to update the changes Pnonty Default 32768 Range 0 65535 This isthe relative pnonty The lowest pnonty will be elected asthe root Hello Time Default 2 Range 1 10 This is the time interval in seconds whereby a hello packet is sent out Hello packets are used to communicate information about the topology throughout the entire SIP network Forward Delay Default 15 Range 4 30 This isthe time that is spent in the listening and lea ming state Max Age Default 20 Range 6 40 The max age timer controls the maximum length of time that passes before a port saves its configuration information Spanning Tree Protocol Setup STP Status Enable Disable STP Designated Root 32768 00 80 48 3d 0f 80 Priority 32768 32768 0 65535 Hello Time 2 2 1 10 Forward Delay 15 4 30 Max Age 20 6 40 Page 85 Use MAC Filtenng MAC Filtenng acts as a secunty measure by restncting user network access according to MAC address Each WLAN or radio card supports up to 16 virtual access points and hasitsown MAC address listing NOTE MAC Filtenng will not filter any MAC addressfrom the Ethemet port Page 86 Add a MAC Address to the MAC Address List Step 1 Select MAC Filtering from WLAN Setup The MAC Address Filtering page displays In this page you may also set the MAC Filt
41. ID Q2 Whatcan you do with mSSID connection The application of mSSID is to provide better secunty with multiple network path connections from a single AP to multiple VLAN network segments of the switch on the local area network A network setup application is illustrated below Ethernet Switch with Virtual Local Area Network Wireless Local Area Network PCs E i Foe WAP et it VLAN ID 10 Gr up ak T cu Aah ID tO Te ESSU HAP Porta 2 VLAN ID F VLAN ID 2 r E AANID 20 ie a 5 m pe AVLANID 36 ae 4 E g Virtual AP with SSID VAP1 VLAN ID 10 and WPA PSK wireless secunty enabled will be channeled to Port 2 and Port 3 where the intemet Sshanng router isconnected Virtual AP with SSID VPA2 VLAN ID 20 WPA EAP enabled and connected to a radius server will be channeled to Port 5 and Port 6 which are connected to the firewall of the intemal local area network Page 181 Q3 Can I update my access point to this mSSID firmware Yes You can retain your access point configuration when you update to the mSSID firmware if the curent fimware running is v1 3x and above If AP is unning the following configuration setup updating to the mSSID firmware will affect the configuration f AP is running as PtP Point To Point or PtMP Point To MultiPoint mode The reason it cannot retain the configuration is because mSSID uses a new PtP and PtMP connection setup method called RootAP and Trans
42. ION menu 2 Select Preferred APs Preferred Access Point MAC Address Access Point 1 09 10 44 B89 E2 A4 CRTs eT ANAR Access Paint 2 O8 00 07 A9 2B FC xx XX XX XX XXX 1 Ente r the M AC a d d re SSES of the Access Point 3 XXI XXI XX XX XX XX p referred APs Access Point 4 Xi KK XK KK RK KK 2 Click Apply to effect the settings Page 130 Get Long Distance Parameters The access point can calculate and display suggested values for certain parameters to use to ensure that efficient wireless communication between physically distant access points Select Advanced from WLAN Setup under Configuration Click on the Long Distance Parameters button under the Extended Features section Extended Features Long Distance Parameters Wwhihd Settings WOS settings Select to Enable the Outdoorfunction Long Distance Parameters OutDoor Enable v Distance meter 120 SlotTime us 9 ACKTimeOut us 18 CTSTimeOut us 18 Note Enter the distance of the client from the AP a set for recommended parameters for SlotTime AKCTimeOut and CTSTimeodut wal be computed You can use the recommended parameters or make your own fine tunings Changes made will only take effect after rebooting Apply The access point can automatically calculate the values of the parameters to input based on the distance between your access point and the other wireless device Enter the distance in meters and click on the Show Re
43. IP Address Network Mask Default Gateway IP Step 2 Click the Apply button Apply Help Page 34 Follow these stepsto automatically obtain the IP address from DHCP server Step 1 Click on TCP IP Settings from Management Setup from the CONHGURATION menu Step 2 Select to Automatically obtain IP address Step 3 Select to either Automatically obtain DNS server address or Use the following DNS server addresses and enterthe parameters if any In the Management Port Setup page refer to the table below to replace the default settings of Access point with appropnate values to suit the needs of your network Management Port Setup Ethernet Link Speed Auto Automatically obtain IP address C Use the following IP address IP Address Network Mask Default Gateway IP Automatically obatain DNS server address C Use the following DNS server addresses Primary DNS IP Address Secondary DNS IP Address Aeey Help If you choose to Automatically obtain DNS server address Page 35 Management Port Setup Ethernet Link Speed Auto Automatically obtain IP address C Use the following IP address IP Address Network Mask 2 Default Gateway IP C Automatically obatain DNS server address Use the following DNS server addresses Primary DNS IP Address 210 23 1 4 Secondary DNS IP Address 210 2346 If you choose to Use the following DNS server addresses Step 3 Click
44. Membership Reports Host Membership Information that is from the IGMP data Report packet Query packet Message packet This parameter allows you to specify workstation s generating the data packets Userscan eitherset a single IP addressorseta range of IP addresses This parameter lets you specify the set of workstations that receive the data packets Userscan eitherseta single IP address orseta range of IP addresses You can control requests for using a specific application by entenng its port number here Users can either set a single port number ora range of port numbers This parameter determines the application from the specified destination port Users can either set a single port number ora range of port numbers This parameter refers to the options in the packet header The available selection options are abbreviated as follows SEC Secunity LSRR Loose Source Routing Page 155 Timestamp Timestamp RR Record Route SID Stream Identifier SSRR Strict Source Routing RA Router Alert This parameter would let you screen packets according to their Time To Live TTL value available options are 1 Equal 2 Lessthan 3 Greaterthan 4 Not equal Use the Firewall Log The Firewall Log captures and stores network traffic information such as the type of data traffic the time the source and destination address port aswell asthe action taken by the firewall View Firew
45. NEW_ZEALAND NZ CTRY NORWAY NO CTRY_OMAN OM CTRY_ PAKISTAN PK CTRY PANAMA PA CTRY PERU PE CTRY_PHILIPPINES PH CTRY_ POLAND PL CTRY PORTUGAL PT CTRY_PUERTO_RICO PR CTRY_ QATAR QA CTRY_ROMANIA RO CTRY_RUSSIA RU CTRY_SAUDI ARABIA SA CTRY_SINGAPORE SG CTRY SLOVAKIA SK CTRY SLOVENIA SI CTRY_SOUTH AFRICA ZA CTRY_SPAIN ES CTRY_ SWEDEN SE CTRY_SWITZERLAND CH CTRY_SYRIA SY CTRY TAIWAN TW CTRY_ THAILAND TH CTRY_TRINIDAD_Y TOBAGO TT CTRY_ TUNISIA TN CTRY TURKEY IR CTRY_UKRAINE UA CTRY_UAE AE CTRY_UNITED_KINGDOM GB CTRY_UNITED_ STATES US CTRY_ URUGUAY UY CTRY_UZBEKISTAN UZ CTRY VENEZUELA VE CTRY_VIETNAM VN CTRY_YEMEN YE CTRY ZMBABWE Z2W Channel DESC RIPTION Set channel lt value gt Value in decimal SSID DESC RIPTION Set ssid lt string gt Not More than 32 characters Closed System DESC RIPTION Set hidessid enable disable Enable ordisable broadcasting of SSID Per Node DESC RIPTION Set apbndge enable disable Enable ordisable isolation of wireless client RIS Fragment and Beacon Interval SYNTAX DESRIPION Set rts lt value Value in decimal default 2312 range 1 to 2312 i Set fragment lt value gt Value in decimal default 2346 range 256 to 2346 Set beaconintval lt value gt Value in decim
46. NONE OR e By Remote AP SSID Uncheck the Remote AP MAC checkbox and enterthe Remote AP SSID WDS2 Link Configuration WDS2 Link Status Enable Disable Remote AP SSID rootAPSSID Remote AP MAC 00 0 Cur Security Mode NONE O Click Apply Page 127 Set Virtual AP Multiple SSID Virtual AP implements mSSID Multi SSID whereby a single wireless card can be setup with up to 16 virtual AP connections with different SSIDs or BSSID Basic Service Set Identifier and secunty modes Virtual AP delivers multiple services by VLAN segmentation making the network think there are many SSIDs available and channeling each connection through different VLANs to the respective virtual network segments on the Ethemet network Ethernet Switch with Virtual Local Area Network Wireless Local Area Network PCs 4 VLAN IO 10 Giroup ETEL WAPI i i i z AAN ID toi a i E i Esain viie l iD Fi WLAN D 20 Grow 2 VLAN ID 20 Ca ES0 at VLAN ID J0 Greup y ALAN i bi a E ag How it Works When WLAN PC 1 connects to VAP 1 its packets are channeled to VLAN 10 group where only services connected to Port 2 and Port 3 are available to this wireless connection It is similar for WLAN PC 2 and WLAN PC 3 Although they connect to the same radio card as WLAN PC 1 WLAN PC 2 can only access the services available at Port 6 and Port 7 and WLAN PC 3 can only access the servicesavailable at Port 10
47. The access point lets you define up to four different transmission keys It defines a set of shared keys for network secunty You must enter at least one WEP key to enable secunty using a shared key Step 2 Select the length of each encryption key e 64 bit WEP 10 hexadecimal or5 ASCII Text e 128 bit WEP 26 hexadecimal or 13 ASCII Text To clear the values that you have entered in the field click on the Reset button Click on the Apply button and reboot your access point Page 141 Setup WPA Personal Available in Access Point mode Follow these steps if you have activated the WPA Personal WPA2 Personal or WPA Personal AUTO sec unty modes At the WPAI 2 PSK Setup page WPA1 2 PSK Setup Key String Type Hexadecimal 64 hex digits Passphrase 8 63 ascii characters WPA PSK 11111111 Cipher Type AUTO GTK Update seconds Naa 60 9999 AUTO Apply Step 1 Specify the key entry type by selecting either e Passphrase Alphanumeric characters e Hexadecimal Step 2 Fillin the pre shared network key f you are using the Passphrase format your entry can consist of a minimum of 8 alohanumenc characters or a maximum of 63 alohanumenc characters Otherwise when using the Hexadecimal format your entry MUST consist of 64 hexadecimal characters Page 142 Step 3 For WPA Personal Set the Cipher Type to TKIP WPA replaces WEP with a strong encryption technology called Tempor
48. aTO KOA Minimum CwMax Contention Window Maximum TXOp limit Tra nsmit O pportunity Limit NoAck No Acknowledge ment ACM Admission Control Mandatory BE Best Effort BK Background VI Video ORAL A Page 135 WMM Parameters for advanced users Arbitrary InterFrame Space is the minimum wait time interval between the wireless medium becoming idle and the start of transmission of a frame overthe network Contention Window Minimum is the minimum random watt time drawn from this interval or window for the backoff mechanism on the network Contention Window Maximum is the maximum random wait time drawn from this interval or window for the backoff mechanism on the network Transmit Opportunity limit specifies the minimum duration that an end user device can transmit data traffic after obtaining a transmit opportunity TxOp limit can be used to give data traffic longerand shorter access No Acknowledgement provides control of the reliability of traffic flow Usually an acknowledge packet is retumed for every packet received increasing traffic load and decreasing performance Enabling No Acknowledgement cancels the acknowledgement This is useful for data traffic where speed of transmission is important Admission Control Mandatory enables WMM on the radio interlace When ACM is enabled associated clients must complete the WMM admission control procedure before access Parameters for DataO Be
49. addresses within a packet Routers broadcast RIPv1 information on all router interfaces every 30 seconds and process the information from other routers to determine if a better path is available RIPv2 is more secure and performs broadcasting and the assignment of IP address more efficiently Step 1 Under the CONHGURATION command menu click on Routing to be brought to Route Information Protocol Route Information Protocol RIP Status Enable Disable RIPv2 y Page 98 Route Information Protocol RIP Status Enable Disable RIPv1l Select to Enable RIP Status Select either RIPv1 or RIPv2 On this page click the Apply button Use Network Address Translation Available in Wireless Routing Clientand Gateway modes NAT Network Address Translation allows multiple PCs in a pnvate network to share a single public IP address by using different TCP ports to identify requests coming from different PCs and is enabled by default Computers in the pnvate LAN behind the access point will not be directly accessible from the Intemet However employing virtual servers allows the hosting of Intemet servers by using IP Port Forwarding and De Militanzed Zone hosting Step 1 Select NAT from the Enable Disable NAT CONAGURATION command menu To disable it select the NAT Status Enable Q Disable Disable radio button Step 2 Click the Apply button to effect the setting Important NAT provides for effect
50. al Key Integnty Protocol TKIP with Message Integnty Check MIC For WPA2 Personal Set the Cipher Type to AES Advanced Encryption Standard AES is a stronger symmetnc 128 bit block data encryption technique AES is a requirement of WPA2 under the IEEE 802 11 standard For WPA Personal AUTO Set the Cipher Type to Auto to allow the access point to automatically detect the ciphertype to use Step 4 Enter the GTK Group Transient Key Updates This is the length of time after which the access point will automatically generate a new shared key to secure multicast broadcast traffic among all stations that are communicating with it By default the value is 600 seconds Step 5 Click the Apply button and reboot your system after which your settings will become effective Page 143 Setup 802 1x RADIUS Available in Access Point mode At the IEEE 802 1x Setup page IEEE 802 1X Setup Primary RADIUS Server IP 0 0 0 0 Secondary RADIUS S 0 0 0 0 Authentication Port 1812 Accoun ting Part Shared Secret Key Broadcast Key Rotation seconds 60 9999 Key Length Step 1 Key in the IP address of the Primary RADIUS Server in your WLAN You can optionally add in the IP addressof a Secondary RADIUS Server if any The RADIUS authentication server MUST be in the same subnet as the access point Step 2 By default the value for Authentication Port number is 1812 You can leave this value as it is T
51. al default 1 range 1 to 1000 Set dtim lt value gt Data Beacon Rate value in decimal default 1 range 1 to 16384 WLAN State SYNTAX DESCRIPTION Get wlanstate Display whether status of current wireless operation is Enabled or Disabled Set wlanstate enable disable Set to Disable to tum off wireless operation Set to Enable to tum back on wireless operation Note When executing this command please ensure that you are not connected on wireless with device or you will be disconnected from the device and network The wireless operation can only be Enabled from the Ethemet port or UTP cable connection to device Get buttonpassreset Display the status of Reset Button operation If status is Enabled resetting of password by pressing Reset Button is allowed If status is Disabled resetting ing Reset Button isnot allowed Set buttonpassreset enable disable Set to Disable to prevent resetting of password by pressing Reset button Set to Enable to allow resetting of password by pressing Reset button Upgrade Firmware DESC RIPTION SYNTAX CSE CDESCRPMON Set upgrade lt P address of AP gt To upgrade firmware in CU enter this command with the IP address of AP and the lt firmware image filename gt firmware image filename Page 180 Appendix Virtual AP Mult SSID FAQ Q1 What is mSSID Multi SSID mSSID as the name suggest allows an access point AP with a single radio card to support more than one SS
52. all Logs Step 1 Select Firewall Log from the SECURITY CONHGURATION command menu Step 2 Firewall Log Click on the Refresh button to see the information captured in the log Time at which the packet was detected by the firewall Action which states whether the packet wasaccepted ordenied Protocol type of the packet Source Address from which the packet Onginated Destination Address to which the packet was intended Source Port from which the packet was initiated Destination Port to which the packet was meant for Any Information Page 156 Administer the System Use the System Tools Use the Ping Uulity Available in Wireless Routing Client and Gateway modes You can check whether the access point can communicate ping with another network host with the Ping Utility Step 1 Select Ping Utility underthe SYSTEM TOOLS command menu Step 2 Ping Utility Enter the IP address of the target a host to ping Click the Start button Ping Return Message The Ping messages are displayed Page 157 Use Syslog Syslog forwards system log messages in a network to a machine running a Syslog listening application It is used to help in managing the computer system and increase secunty on the network Freeware supporting Syslog is widely available for download from the Intemet Syslog Enabled Device J a 2 _ Machine Running po Syslog listening application Transfer Logs Via
53. c DNS Setup from the Home User Features command menu Step 2 Ooo Selec t to Enable or Disa ble Enable Disable Dynamic DNS Dynamic DNS Dynamic DNS is disabled by default Dymas DNS Status Click the Apg Page 119 To manage Dynamic DNS List Step 1 Select Dynamic DNS Setup from the Home User Features command menu Step 2 If you have created a list Dynamic DNS List earlier click on the Refresh b utto n to U p d a te the list Jomain Name Update Status Step 3 To add a new Dynamic DNS click on the Add button The Choice DDNS Provider mone page appears ye There are two default providers that you can use The parameters are explained below e Choice Indicates your prefered DDNS provider e ProviderName Name of your prefered DDNS provider e Register Now Allows you to go to the website of your preferred DDNS provider where you can register youraccount Page 120 2 DDNS providers are predefined for you You need to be connected to the Intemet to register your DDNS account Select 2MyDNS Dynamic DNS Service Provider as DDNS Service Provider Step 1 Under the Choice column in the Choice DDNS Provider list check the radio button next to the 2MyDNS DNS Service Provider entry Click on the Nextbutton Step 2 Enter your Domain Name Step 3 The Auto Detect checkbox is selected by default The WAN IP field is empty by default These default settings should be u
54. ck the Apply button Add User Entry User Name Password Permission Read Only Aen To Delete User 1 Select which userto Delete 2 Click the Delete button User Management Select User Name Permission username RO Fi username 2 RW To Refresh User Management list click the Refresh button User Management Select User Name Permission d username2 RW Page 77 Access the TELNET Command Line Interface You may connect to the CU Command Line Interface via a TELNET session to the default IP 192 168 168 1 Microsoft TELNET command isshown here but any TELNET client can be used 1 Enter CA MINDOWS TELNET 192 168 168 1 at DOS prompt and the TELNET application will launch and connect 2 At the login prompt type in the default password password and pressenter You will then login to the CU Telnet 192 168 168 1 Fie Edt View Call Transfer Help Ole a8 2a al Router Manager Console Version 3 03 Build 1111 Nov 11 2003 17 32 20 Please enter your password Connected 0 00 31 Auto detect 19200 8 N 1 Page 78 Access the Secure Shell Host Command Line Interface SSH provides the best remote access secunty using different forms of encryption and ciphers to encrypt sessions and providing better authentication facilities and features that increase the secunty of other protocols An encrypted connection like SSH is not viewable on the network The server can still read the information but onl
55. ction in which the access point is facing must be considered to ensure that the Signal is actually being directed to the receiving end Setting Up Lastly after making these considerations and confining the final position and facing direction of the access point follow the instructions to physically set up and complete the installation of the access point Antenna Alignment The physical environment of the antenna must be examined when aligning the antenna Obstructions available mounting locations and other factors must be considered Many objects such as forests buildings and hills can obstruct the antenna reducing the signal strength The antenna can be installed at a height above such obstructions and aligned so that antennas are directed at each other by taking into account the honzontal angle and the vertical angle of the antenna signal When the antenna is at the optimum alignment there is less possibility of encountenng interference and of causing interference to anyone else and strong signal strength can be maintained NOTE When the antennas are at the same height it is quite simple to align the antennas However when the antennas are at different heights greatercare hasto be taken to ensure that the antennas are properly aligned Page 20 Installation Direction Front Towards Desired Signal Direction The directional antenna radiates the signal towards the front of the unit The unit should be installe
56. d in a position whereby the front of the unit faces the direction you wish to send the signal to Therefore the direction you wish to send the signal to has to be considered before going on to the next step of starting to set up the access point Front Towards Desired Signal Direction Page 21 setup Requirements CAT5 5e Networking Cable e Atleast 1 computer installed with a web browser and a wired or wireless network interface adapter e All network nodes installed with TCP IP and propery configured IP address parameters Setting Up You can install your access point on a pole The mounting method will be descnbed asshown below Note the following guidelines for choosing the best location for your wireless AP e Place the AP as close as possible to the area where users will require accessto the WLAN e Choose an elevated location where trees buildings and large steel structures will not obstruct the antenna signals and which offers maximum line of sight propagation with the users e Select an appropnate antenna to improve range and or coverage and the access point also lets you fine tune parameters such as the transmit power to achieve the best results Page 22 Mount the Uniton a Pole Geo Unpack the 2 cable ties from the box G2 Loop each cable tie through the mounting bracket hole atthe top and bottom Wrap them round the pole and tighten the cable tiesto secure the unit to the pole Geos Connect
57. dware device architecture Step 1 Select SNMP Setup from the CONHGURATION menu Step 2 Select Enable from the SNMP State drop down list The Read Password is set to public while the Read VWiite Password is set to pnvate by default Step 3 Click on the Apply button SNMP Setup Page 81 Setup SNMP Trap The SNMP Trap saves network resources through eliminating the need for unnecessary SNMP requests by providing notification of significant network events with unsolicited SNMP messages Step 1 Select SNMP Setup from the CONHGURATION menu Step 2 Select whether to Enable or Disable the SNMP Trap Enterthe Remote IP Address or DNS Enterthe Remote Port This isthe port number of the SNMP manager Enterthe Community This is used to authenticate message and Is included in every packet that is transmitted between the SNMP managerand agent Click on the Apply button Snmptrap Setup Status Enable Disable Remote IP Address or DNS 192 166 165 1 Remote Port 161 Community public Page 82 Setup SIP Available in Access Point Transparent Client and Repeater modes Before Ge iii STP AP 1 AP 2 1 we OG AP 3 AP 4 AP 5 Spanning Tree Protocol SIP prevents broadcast storms when there are redundant paths in the network SIP creates a tree that spans all devices in an extended network forcing redundant paths into a standby state but establishing the redundant links as
58. ed on their ports Step 1 Select NATfrom the CONAGURATON command menu Step 2 Click the Port Forwarding button in Advanced NATOptons Advanced NAT Options _FonFonerding Step 2 Click the Add button on the Port Forward Entes page Port Forward Entries ServerType Protocol Public Port Private IP Private Port X Page 101 Step 3 In the Add Port Forward Entry page you can set up a Virtual Server for a Known Servertype by selecting from a drop down menu or you can define a Custom Server Add Port Forward Entry Add Help Cancel l Custom Server server Type Protocol Public Port From Tas Private IP Address 92 168 168 55 Private Port From Public IP From To Page 102 Known Server Server Type Private IP Address Public IP From To Custom Server Server Type Protocol Public Port To Private IP Address Private Port From Page 103 Select from the drop down list of known server types e HTIP e FIP e POP3 e Netmeeting Specify the LAN IP address of the server PC running within the pnvate network Select All Sngle or Range from the dropdown list Enter the beginning of the range Enter the end of the range Define a name forthe server type you wish to configure Select either TCP or UDP protocol type from the dropdown list Select whether to define a single port ora range of public portnumbersto accept Startin
59. eld in the PC TCP IP Properties is required for Intemet access If the exact DNS IP address is unavailable simple key in any valid IP address for example 10 10 10 10 Enable or Disable DNS Redirection Step 1 Select DNS Redirection from the Home User Features command menu Step 2 Enable Disable DNS Redirection peices to Enable or Disable DNS Redirection Status Enable Disable Apply Step 3 mg Click the Apply button Page 118 Dynamic DNS Setup With Dynamic IP Intemet connection keeping track of your public IP address for Intemet communication is complicated as it is changed regulary by the ISP If you are doing some web hosting on your computer Intemet users will have to keep up with the changing IP addressto access your computer When you sign up for an account with a Dynamic Domain Name Service DDNS provider it will register your permanent domain name for example MyName Domain com You can configure the access point to automatically contact your DDNS provider whenever it detects a change in its public IP address The access point will then log on to update your account with its latest public IP address If a user enters your address MyName Domain com into their web browser this request would go to the DDNS provider which will then redirect the request to your computer regardless of the IP address it Is Currently assigned by your ISP To enable disable Dynamic DNS Setup Step 1 Select Dynami
60. ence Statement includes the following paragraph The equipment has been tested and found to comply with the limits for a Class B Digital Device pursuant to part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment usage generates radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communication However there is no grantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures e Reorient or relocate the receiving antenna e Increase the separation between the equipment and receiver e Connect the equipment into an outlet on a circuit different from that to which the receiver is connected e Consult the dealer or an experienced radio TV technician for help The equipment is for home or office use IMPORTANT NOTE FCC RF Radiation Exposure Statement This equipment complies with FCC RF radiation exposure limits set forth for an uncontrolled environment This equipment should be installed and operated with a minimum distance of 20cm between the antenna and your body and must not be co located or operating in conjunction with
61. ent errr ee 141 Setup WPA Perona l isisiceecuetnavnaauncconuaaduresnsduuianiipereniebuanipnebaqabuaranaduienenaats 142 Setup 3802 IX RADIUS arare aa 144 Setup WPA EMN emi ara a 146 CONFIG URE THE SEC URITY FEATURES ccccscccsseeeseseeseeeees 148 Use Pac ket Fitenngusanispcieaiii i a 148 Congue PacKECFReNNO corsa 148 Je URE FRENA G recorrien ee a aaa 151 Configure URL FIMGMING sirasini cameras 151 COPTIC UNE The FIG W alll csnrtaiectioinstirenscchnesaninenn eee conned ui eat aineiros 152 Configure SPI Firewall cccccssssssseeceeeeceeeeesssseeeeeeecseeeeessseeeeeeeeeeseeegs 152 Use the Firewall LO g aronrsaasiinnn a 156 View Mewall LOO Sranan ia 156 ADMINISTER THE SY SIEM errn aa A 157 Use the System TOO IS iwswaiintsenitabainnaiinsauliiacanntuatielainiaanhiniieniwedbntelebae 157 We tne PNO UIV svaintanianie tania cna aan aa mate 157 Se Sy ea PA AE SA EE A AESA AEE 158 Set SY SS dA ent asasin a aE 161 LUPEN G OCK nns a en 161 Upgrade the Firmware with UConfig ssssssssssensessssrrrrrrrressrrnrrrrreeens 163 Upgrade the Firmware with Command Line Interface nsee 164 Perfom FINMNWASle Recovery 1 cccccccccsssssssseeeeeeeseeeessseeeeeeeeeeeesasseeeneeeees 167 Backup or Reset the SQttindS ccccccsssssssseeeeeeeceeeeeesssseeeeeeeessensagagees 169 REDOGE CNS SV HOM esnan a ETAD A 172 Gna The Pa SSW ONG sasise 173 Us WS OG Cetea seen atueuscnen batetaducsesucabetadustecmetet ences 174 Se Th eC HELP NG HU syna
62. eout Reconnect Time Factor is also associated with the Always on option and specifies the maximum time the access point will wait before reattempting to connect with your ISP A value of O will disable idle timeout Click the Apply button and Rebootthe access point WAN PPPoE Setup Change Usemame gues Status Connecting IP Address Network Mask Default Gateway Primary ONS Secondary ONS Page 72 You can limit the maximum size a packet can be in a network by setting the MTU Maximum Transmissible Unit Click the MTU Button in Advanced WAN Options Advanced WAN Options MTU The MTU Value hasa range of 1 to 1492 Enter the MTU Value and click Apply MTU Setup MTU Value 1462 11492 Page 73 Setup your WAN for ADSL Intemet using Point to Point Tunneling Protocol PPTP WAN Setup Parameters Example e IP Address 203 120 12 47 e Network Mask 255 255 255 0 e VPN Server 203 120 12 15 Step 1 Under CONHGURATION on the command menu click on WAN Setup Step 2 Access the Select WAN Type page and select PPIP before clicking the Apply button Select WAN Type Static IP Address Dynamic IP Address PPP over Ethernet PPTP L2TP Page 74 Step 3 Fill in the information provided by your ISP in the IP Address Network Mask VPN Server and DHCP fields and click the Apply button Select Reboot System under SYSTEM TOOLS and click the Reboot button to effect the settings The Idle
63. ering Status to Enable or Disable for access points and set the Policy to either Accept or Deny MAC addresses Status Paic MAC Filtering set to Enable with Policy to Accept only the MAC addresses in the MAC Filter Address List and deny allotherMAC addresses L neies MAC Filtering set to Enable with Policy to Deny all the Erate Dev MAC addresses in the MAC Filter Address List and acceptallotherMAC addresses ath ae MAC Filtering set to Disable Whether Policy is set to Disable acen Enable or Deny doesnot matter ea a MAC Filtering set to Disable Whether Policy is set to Enable or Deny does not matter Click the Editbutton MAC Address Filtering Radio 1 MAC Filtering Options AP Type ESSID Security MACs Status Policy Main AP sampleRouter NONE Edit Enable Accept Virtual AP VAP NONE Edit Disable Deny Virtual AP VAP2 NONE Edit Enable Deny View Complete MAC List f Pai a tent a Fam Poe E a U ota f pe Se n All changes wil take effect after reboot Page 87 Step 2 MAC Filter Address List page displays Click the Add button MAC Filter Address List MAC Address List ESSID sampleRouter Del MAC Address Comments Apply to All changes wil take effect after reboot Step 3 The Add MAC Address page displays Add MAC Address MAC Address XX XX XX XX XX XX Comment Apply to All Selected AP ESSID Security sampleRouter NONE F
64. ervations IP Address 192 168 168 20 Hardware Address 00 60 45 e5 0d 05 XX XX XX XX XX XX Sad Deter The DHCP Server Reservations table refreshesto display yourchanges Page 49 Setup WLAN Configure the Basic Setup of the Wireless Mode Step 1 Select WLAN Setup from the CONHGURATION menu and you will see the sub menus expanded under WLAN Setup select Basic The default operating mode of the access point is the Access Point mode Card Status The Current Mode ESSID Wireless Profile Country Channel Tx Rate WLAN Basic Setup enable Access Paint sampleRouter i 802 114 v NO_COUNTRY_SET NA SmartSelect v Fully Auto C Closed System C Act as RootaP O VLANID Step 2 Optional Change Current mode To change the curment mode of the access point click on Change select the Operaton Mode and click on the Apply button to access the setup page of the selected mode You will be prompted to reboot the access point to effect the mode setting WLAN Operation Mode Operation Mode Wireless Routing Client Access Point Mode lt lt Client Mode LOPP Wireless Routing Client Gateway Mode Wireless Adapter Mode Transparent Client Mode Repeater Mode Page 50 Step 3 Enter the parameters in their respective fields click on the Apply button and reboot your device to let yourchanges take effect Note that the WLAN Basic Setup pages for the modes are dif
65. eway IP Address which will be allocated as the Default Gateway IP of the DHCP client The DHCP client will thus receive its dynamic IP address from the access point but will access to the Intemet or the other LAN through the Default Gateway defined by the DHCP Gateway IP Address For instance if the access point in Access Point Client mode connects to an Intemet gateway X a PC wired to the access point will be unable to obtain a dynamic IP address directly from X But if you enable the DHCP server of the access point and set the IP address of X as the DHCP Gateway IP Address the PC will obtain its IP address from the access point and access the Intemet through X Page 45 View Active DHCP Leases Step 1 Select Management Setup from the CONHGURATION menu Step 2 Go to the Advanced DHCP Server Options section and click on the Show Active DHCP leases button Advanced DHCP Server Options Show Active Dhcp Leases Dhcp Server Reservations The DHCP Active Leases table displays e The Host Name of the DHCP client The IP Address allocated to the DHCP client e The Hardware MAC Address of the DHCP client e The Lease Expired Time DHCP Active Leases Host Name IP Address Hardware Address Lease Expired Time sampleHost 192 168 168 22 09 00 7c 01 00 01 11 NOTE Invalid date and time displayed in the Lease Expired Time column indicates that the clock of the access point has not been set propery Pa
66. eway IP Address fields and click the Apply button Select Reboot System under SYSTEM TOOLS and click the Reboot button to effect the settings WAN Static Setup WAN Type Static IP Address 203 120 12 240 Network Mask 1255 255 255 0 Gateway IP ppp 203 120 12 2 Appt Her Page 70 Setup your WAN for ADSL Intemet using PPP over Ethemet If you subscnbe to an ADSL service using PPP over Ethemet PPPoE authentication you can set up your access point s WAN type as follows Forexample you may configure an account whose usemame is guest asdescnbed below Step 1 Under CONAGURATION on the command menu click on WAN Setup Step 2 Access the Select WAN Type page and choose PPP over Ethemet before clicking the Apply button Select WAN Type Static IP Address Dynamic IP Address PPP over Ethernet PPTP L2TP Page 71 Step 3 Enter your account name assigned by your ISP Example guest in the field for Usemame followed by your account Password Select Always On if you want your access point to always maintain a connection with the ISP Otherwise select On Demand for the access point to connect to the ISP automatically when it receives Intemet requests from the PCsin your network Idle Timeout is associated with the On Demand option allowing you to specify the value in seconds after the last Intemet activity by which the access point will disconnect from the ISP A value of 0 will disable idle tim
67. ference Data button Page 131 Long Distance Parameters Outdoor Enable w 100 Distance meter A i Show Reference Data Microsoft Internet Explorer 4 You can enter the parameters based on the recommended values in the pop up window click on the Apply button to update the changes Desc nption Outdoor If set to Enable the Outdoor parameters will be configured for outdoor communication over short or long distances as specified it is disabled by default Distance Determines the distance between your access point and the remote access point in meters Slot Time The amount of time is divided and each unit of time iscalled one slot time ACK Timeout Determines the timeout allowed for the sending client to receive the acknowledgment response from the receiving client If no acknowledgment packet is received within this penod the sender will assume the receiver has not received the packet and will attempt to resend CTS Timeout Clear to Send Timeout is the time the wireless sender will wait for a CTS packet signaling that the channel is idle and it can start data transmission If no CTS packet is received within this penod the sender will assume the channel is busy and will wait before trying to send again Page 132 Set Wireless Multimedia Wireless Multimedia WMM is a QoS Quality of Service standard in IEEE802 11E that we have adopted to improve and support the user expenence
68. ferent Example WLAN Basic Setup page for Client Mode WLAN Basic Setup Card Status enable The Current Mode Client ESSID sampleRouter Site Survey Remote AP MAC P Wireless Profile 802 11a Country NO_COUNTRY_SET NA v Tx Rate Fully Auto Exa mple WLAN Basic Setup page for Access Point WLAN Basic Setup Card Status enable The Current Mode Access Point ESSID sampleRouter Wireless Profile 802 114 x Country NO_COUNTRY_SET NA Channel SmartSelect 7 Channel Survey Tx Rate Fully Auto CI Closed System O Act as RootAP E VLANID Page 51 WLAN Basic Setup Desc nption page Parameters The Current Mode The default operating mode is the Access Point mode Operating modes e Access Point Mode e Client Mode e Wireless Routing Client e Gateway Mode e WirelessAdapter Mode e Transparent Client Mode e RepeaterMode You can toggle the modesby clicking on the Change button ESSID Enter a preferred name for the wireless network Your wireless clients must be configured with the same ESSID This case sensitive entry can consist of a maximum of 32 characters Site Survey A list of wireless devices in the WLAN that are detected by your access point Information such as MAC address channel SSID algonthm and signal strength can be found in the listing This feature is supported by the Access Point Client and Wireless Routing Client modes
69. for multimedia video and voice applications by pnontizing data traffic QoScan be realized through 4 different Access Categones AC Each AC type consists of an independent transmit queue and a channel access function with its own parameters Applications Y Classification Map frames to AC Best Background Video Voice Data BK Data2 VI Data3 VO N S Packet Scheduler Assign Da BE frames to transmit queue wMax contention Window Wait wMin minimum Wait AIFs Resolve internal collision i ds Page 133 Follow these steps to change the setup Wireless Multimedia on your access point Step 1 1 Click on WLAN Setup from the CONHGURATION menu 2 Select Advanced Step 2 Click on the WMM Settings button Extended Features Long Distance Parameters Wwihdhl Settings WOS settings Step 3 Select to Enable Wireless Multimedia WMM Enter the desired WMM parameters Using the default parameters is recommended Click Apply to apply the WMM settings click Default to reset all parameters to default or click Back to discard any changesand retum to WLAN Basic Setup page Enable O Disable Wireless Multimedia CAMM AP WMM Parameters TxOp limit DataO BE Datal BK Data2 VI Data3 VO Station WMM Parameters Data0 BE Datat BK Data2 VI Data3 V0 Page 134 AIFs Arbitrary Inte r Fra me Space Cwmin Contention AYAT
70. g Rate kbit Capped bandwidth rate of throughput Rule Type This defines whether the bandwidth control rule works on downloads or uploads and whether it works by IP address or MAC address IP MAC Address IP address or MAC address for the bandwidth control rule comesponding to whether the Rule Type is defined by IP addressorMAC address Step 4 Click the Add button Repeat Steps 1 to Step 3 to add new bandwidth rule Page 109 Perform Remote Management Available in Wireless Routing Clientand Gateway modes You can use the access point web based interface from the Intemet to manage your network remotely Setup Remote Management Step 1 Select Remote Management from the CONAGURATION command menu Remote Management Remote HTTP l i 0 disabled Port 0 O disabled Apply Step 2 To disable Remote Management set Remote Http Portto 0 To enable Remote Management set Remote Http Port to an unused port number It is recommended that you avoid using port number 80 as it is blocked by some ISPs In Gateway mode Remote Management is enabled with Port 88 and the Ethemet port becomesa WAN port To continue using it open the web manager using the WAN IP with Port 88 Example For WAN IP 100 100 100 1 use http 100 100 100 1 88 NOTE It is recommended that the default password is replaced with a new password changed penodically to prevent unauthonzed access Page 110 U
71. g public port number Ending public port number If the Public Port type is Single this field willbe ignored Specify the IP address of the server PC running within the pnvate network Starting pnvate port number The ending pnvate port number willbe calculated automatically according to the public port range Public IP Select All Single or Range from the dropdown list Fom Enter the beginning of the range To Enterthe end of the range For example to set up a web server on a PC with IP address 192 168 168 55 set the Server Type as HIIP and set the Private IP Address as 192 168 168 55 then click on the Add button Port Forward Entries Sener protocol Public Port Private IP Private Port Tee So 192 168 168 55 30 Type HTTP ma Page 104 Configure Virtual Servers based on IP Forwarding If you are subscnbed to more than one IP address from your ISP virtual servers based on IP forwarding can forward all Intemet requests regardless of the port number to defined computers in the pnvate network Advanced NAT Options Lie Pi Frand Forwarding Step 3 In the Add IP Forward Entry page enter the Private IP Address and Public IP Address In this example we would like all requests for 213 18 213 101 to be forwarded to a PC with Private IP Address 192 168 168 55 NOTE Please ensure that you are subscnbed to the Public IP Address you intend to forward from Step 4 Click the Add bu
72. ge 46 Reserve IP Addresses for Predetemined DHCP Clients A reserved IP address is excluded from the pool of free IP addresses the DHCP server drawson fordynamic IP address allocation For instance if you set up a publicly accessible FIP or HTP server within your pnvate LAN while that server requires a fixed IP address you would still want the DHCP server to dynamically allocate IP addresses to the rest of the PCson the LAN Step 1 From the Advanced DHCP Server Options section click on the DHCP Server Reservations button Advanced DHCP Server Options show Active Dhep Leases i 4 T i Step 2 Click on the Add button DHCP Server Reservations Hardware Address Page 47 Step 3 Fill in The host portion of the IP Addressto be reserved The Hardware Address in pairs of two hexadecimal values Press the Apply button to effect your new entry DHCP Server Reservations IP Address 192 168 168 20 Hardware Address O00 80 45 e5 0d 05 xx XX XX XK XX XX Add Cancel The DHCP Server Reservations page refreshes to display the curently reserved IP addresses DHCP Server Reservations IP Address Hardware Address 192 168 168 20 00 80 45 e5 0d 05 Page 48 Delete DHCP Server Reservation Step 1 Select the reserved IP address to delete DHCP Server Reservations Hardware Address 00 80 45 65 0d 05 Add Back Step 2 Click on the Delete button DHCP Server Res
73. ghlight TCP IP and click on the Properties button Step 4 Select the Specify an IP address radio button Set the IP address to 192 168 168 X and subnet mask to 255 255 255 0 where X can be any number from 2 to 254 Page 25 Network 24x Configuration Identification Access Control The following network components are installed E Client for Microsoft Networks af Realtek ATL8139 Family PCI Fast Ethernet Controller Y TCP IP File and printer sharing for Microsoft Networks Add Remove Properties Primary Network Logon Client for Microsoft Networks yA File and Print Sharing r Description TCP IP is the protocol you use to connect to the Internet and wide area networks TCP IP Properties 21x Bindings Advanced NetBlOs DNS Configuration Gateway WINS Configuration IP Address An IP address can be automatically assigned to this computer li pour network does not automatically assign IP addresses ask your network administrator for an address and then type it in lhe space below C Obtain an IP address automatically Specily an IP address IP Address 192 168 168 100 Subnet Mask 255 255 255 0 OK Coat Step 5 To venfy that the IP address has been correctly assigned to your PC go to the Start menu select Run and enter the command winipcfg Select the Ethemet adapter from the drop down list and click OK fa IP Configuration P
74. he Yes button This uCo niig utility should be run only in one to one Estes ection with a uContig compatible device if your PC is connected to other IP devices in the network uConfig may not work property j you wani to proceed Page 29 Step 3 Select the access point from the products list and click on the Open Web button To retneve and display the latest device s in the list click on the Refresh button Description MAC IP Mask Gateway Broadcom Wireles 00 17 C4 04 A3 2D 0 0 0 0 0 0 0 0 Realtek ATLS168 O0 03 25 2F D1 80 192 168 168 171 255 255 255 0 Forward A oute List ehad Deet e stein a tee 127 0 0 0 255 0 0 0 127 0 0 1 E 192 168 168 0 255 255 255 0 19216816811 192 168 168 11 192 168 168 1 255 255 255 255 127 0 0 1 127 0 0 1 197 1AA TAA AAA FAR AAR PAR PAR 192 AA TAR 11 197 1AA 1AA 11 Comper Products List Current Selected 1 Product Model MAC O0 60 45 32 34 56 192 165 165 1 Step 4 Do not exit the uConfig program while accessing the web based interface asthis will disconnect you from the device Click on the OK button Warning The selected product is on different subnet uConfig will change the system settings to enable access to the product s Web Interface Do not close uConfig while accessing the product s Yeb Interface doing so will break the connection After finishing the product configuration press the lt ExitUconfig gt link on the product s Web Interface uC
75. his value must be set to be the same asthe one in the RADIUS server Step 3 By default the value for Accounting Port number is 1813 You can leave this value as it is This value must be set to be the same asthe one in the RADIUS server Step 4 Enter the Shared Secret Key in the field provided Step 5 By default the Broadcast Key Rotation is set as 600 seconds You may leave this value as its default setting Page 144 Step 6 Select the length of each encryption key e 64 bit 10 hexadecimal or 5 ASCII Text e 128 bit 26 hexadecimal or 13 ASCII Text Step 7 Click the Apply button and reboot your system after which your settings will become effective Page 145 Setup WPA Enterprise Available in Access Point mode Follow these steps if you have selected the WPA WPA1 Entermpnse WPA2 Enterprise or WPA Enterpnse AUTO secunty modes At the WPAI1 2 EAP Setup page WPA1 2 EAP Setup Primary RADIUS S 0 0 0 0 Secondary RADIUS Server IP 0 0 0 0 Authentication Port 1812 Accoun ting Port Shared Secret Key Cipher Type GTK update seconds 60 9999 Step 1 Key in the IP address of the Primary RADIUS Serverin your WLAN You can optionally add in the IP address of a Secondary RADIUS Server if any The RADIUS authentication server MUST be in the same subnet asthe access point Step 2 By default the value for Authentication Port number is 1812 You can either leave this value asit isor
76. i YAPI NONE O VAP2 NONE Step 4 Enter the MAC Address of the client in the format XX XX XX XX XX XX where xcan take any value from Oto 9ora tof Enter the Comment This descnbesthe MAC Address you have entered To apply to all vitual access points check Apply to All To apply to specific virtual access point select the checkbox of the conesponding access point Click the Apply button Add MAC Address MAC Address 08 70 18 70 80 70 xx Xx XX XX xx XXx Comment mac4 Apply to All Selected AP ESSID Security sampleRouter NONE E YAPI NONE O YAP2 NONE Page 88 Step 5 MAC Filter Address List page displays with updated MAC Address List MAC Filter Address List MAC Address List ESSID sampleRouter Del MAC Address Comments Apply to F 08 70 f8 70 80 70 mac4 all All changes will take effect after reboot NOTE Please reboot to effect allchangesand new MAC address entres Page 89 Delete a MAC Address From All Access Points Step 1 Select MAC Filtering from WLAN Setup The MAC Address Filtering page displays Select View Complete MAC List MAC Address Filtering Radio 1 MAC Filtering Options AP Type ESSID Security Status Policy Main AP sampleRouter NONE Enable Accept v Virtual AP VAP1 NONE Disable Deny virtual AP VAP2 NONE Enable Deny View Complete MAC List All changes will take effect after reboot Step 2 The MAC Filter Address Lis
77. ic Setup Card Status enable The Current Mode Access Point ESSID rootAPSSID Wireless Profile 802 114 v Country NO_COUNTRY_SET NA Channel 5180MHz Channel 36 Channel Survey Tx Rate Fully Auto Maximum Associations 32 32 1 128 CI Closed System Act as RootAP C VLANID Page 125 Follow these settings to setup access point 2 Setup access point 2 Click on WLAN Setup from the CONHAGURATION menu You will see the sub menus expanded under WLAN Setup Click on Basic Select the Channel common to both access point 1 and access point 2 WLAN Basic Setup Card Status enable The Current Mode Access Point ESSID accesspoint Wireless Profile 802 11a v L Country NO_COUNTRY_SET NA Channel Tx Rate Fully Auto 7 Maximum Associations he 32 1 128 C Closed System Act as RootAP CO VLANID Page 126 Configure WDS2 link Click on WLAN Setup from the CONHGURATION menu You will see the Ssub menus expanded under WLAN Setup Click on Advanced Extended Features Long Distance Parameters Whihd Settings WOse settings Under Extended Features click on the WDS2 Settings button Set WDS2 Link Status to Enable Options for configunng WDS2 link e By Remote AP MAC Enterthe Remote AP MAC WDS2 Link Configuration WDS2 Link Status Enable Disable Remote AP SSID Remote AP MAC 08 00 69 02 01 FC Cur Security Mode
78. iel xi M Ethernet Adapter Information Realtek RATL8139 Family PCI Fas Adapter Address 00 80 48 EA A4 A2 IP Addiess 199 168 168 160 SubnetMask 255 255 255 0 Default Gateway 192 168168 16 f f 46lease RETEN Release All Renew All More Info Your PC is now ready to communicate with the access point Page 26 For Windows XP 2000 Step 1 Go to your desktop nght click on the My Network Places icon and select Properties Step 2 LAN or High Speed Internet Right click the network adapter icon and select Properties Disable Status Repair annettiin rih aa Bridge Connections Create Shortcut Rename Properties Step 3 Highlight Intemet Protocol TCP IP and click ae on the Properties button Connect using E Realtek RTL8139 Family PCI Fast Ett This connection uses the following items M Y NWLink NetBIOS A M 3 NWLink IPX SPX NetBIOS Compatible Transport Prot cms internet Protocol TCP IP al gt Install Properties Description Transmission Control Protocol Internet Protocol The default wide area network protocol that provides communication across diverse interconnected networks C Show icon in notification area when connected Notify me when this connection has limited or no connectivity Step 4 Internet Protocol TCPAP Properties Select the Use the following IP address radio but
79. igure LAN Bandwidth COontrol esssssssssssessssrnrrerrreesssrnrrrrressern 108 Perform Remote Management sssssssrerseesssrrrrrrrrreosrnrrrrreerssrenrrrrrrenee 110 Setup Remote Management s s ssnssresenrnrrsnrnrnrrnrnrrrnnnrenennnrnrnnnnene 110 USE PARALLEL BROADBAND vnitistiatienanonmnianaiiennaiernia 111 Enable Parallel Broad Da nd ensisi 112 Setup EmMa ENO UCA UO spin 113 Using Static Address Transla tiOn ssssssnsseessssrrrrrrrrensssrrnrrrnnresssrrnnreeeene 115 Use DUNS REGIE CHO fenantren uaaetelnineuietndenaves 116 Enable or Disable DNS Redirection sss ssssssssrrrrrrrrressrrrnrrrreessrrrrrrnns 118 Dyna mMC DNS Set iio O T 119 To enable disable Dyna mic DNS Setup ssssssssssssreeeeessssrsrrrrnrrrrrrrrrnns 119 To manage Dynamic DNS st snnnnnseesssnnnenneesssrrnrrrrrreesssrrrrrreesssenn 120 USE THE WIRELESS EXTENDED FEATUREG ccscesseeeseeeeeeeeees 124 SOU VV SZ eana aa tatimeiatvegtaceacin tensa tedmamenenncs 124 Sev Vital AP MUMDIG SSID ninaa a 128 CU PICT IGG AP cssiasicsoreuiedsaisincdustetaavnniatis a a a 130 Get LONG Distance Para MALTON cccccccccssssssssseeeeeeeeeeeneesseeeeeeetsnneees 131 Set Wireless MI GING GAs pvssinsicaiasenerriaratiaieen dae aatnmannineys 133 Setup Point to Point amp Point to MultiPoint Connection seess 136 Page 4 SEC URE TOUR WIRELESS LAIN Sten edeeoresta ieee 140 PUPAE pane Pe PCr Tree era ooo om nent erent rrr rT econ in er
80. in routing mode Step 3 Click on the Apply button to save your new parameters Page 38 This table descnbes the parameters that can be modified in the Parameters IP Address Management Port Setup page Description When the DHCP server of the access point is enabled unless you set a different DHCP Gateway IP Address this LAN IP Address would be allocated as the Default Gateway of the DHCP client The IP address of your Access point is set by default to 192 168 168 1 Network Mask The Network Mask serves to identify the subnet in which your Access point resides The default network mask is 255 255 255 0 Default Gateway IP Optional As a bndge Access Point the access point does not usually communicate with devices on other IP subnets However the Default Gateway a PC allowsthe access point to communicate with devices on different subnets For instance if you want to access the access point from the Intemet or from a router on the LAN enter the router IP address in the Default Gateway IP field The Default Gateway IP address of your access point is set to nil by default IP Address Pimary DNS Your ISP usually provides the IP address of the DNS server Secondary DNS Address IP This optional field is reserved for the IP address of a secondary DNS server Page 39 To Setup DHCP Server There are 3 DHCP Modes e NONE By default DHCP Mode isset to NONE Leave the se
81. ive broadband Intemet shanng do NOTdisable NAT unless it is absolutely necessary Page 99 Configure Virtual Servers Based on DMZ Host DMZ De Milittanzed Zone makes specific PCs in a NAT enabled network directly accessible from the Intemet With NAT the access point keeps track of which client is using which port number and forwards Intemet replies to the client according to the port number in the reply packet Reply packets with unrecognized port numbers are discarded but with DMZ these packets are forwarded to the DMZenabled PC instead Step 1 Advanced NAT Options Select NAT from the CONAGURATION command menu TT Sua annari F DMZ Port Forveccding Foewending S Step 2 Click on the DMZ button in Advanced NAT Options Step 3 Enter the Private IP Address of the DMZ NAT DMZ IP Address host on the NATDMZIP Address page Private IP Address 192 168 163 55 To disable DMZ enter 0 0 0 0 oy Ea Click the Apr NOTE DMZ may not function propery if the DMZhost IP address is changed due to DHCP therefore Static IP Address configuration isrecommended forthe DMZhost Please note that the DMZ host is susceptible to malicious attacks asALLof its ports are exposed to the Intemet Page 100 Configure Virtual Servers Based on Port Forwarding Virtual Server based on Port Forwarding forwards Intemet requests amving at the access point WAN interface to specific PCsin the pnvate network bas
82. key in a different Authentication Port but it MUST match the conesponding port of the RADIUS server Step 3 By default the value for Accounting Portis 1813 You can leave this value as it is This value must be set to be the same asthe one in the RADIUS server Step 4 Enter the Shared Secret Key used to validate client server RADIUS Communications Page 146 Step 5 Select the length of each encryption key e 64 bit 10 hexadecimal or5 ASCII Text e 128 bit 26 hexadecimal or 13 ASCII Text Step 6 For WPA Enterpnse Set the Cipher Type to TKIP WPA replaces WEP with a strong encryption technology called Temporal Key Integnty Protocol TKIP with Message Integnty Check MIC For WPA2 Enterprise Set the Cipher Type to AES Advanced Encryption Standard AES isa symmetnc 128 bit block data encryption technique It is a requirement of WPA2 under the IEEE 802 11i standard For WPA Enterprise AUTO Set the Cipher Type to Auto to allow the access point to automatically detect the ciphertype to use Step 7 Enter the GTK Group Transient Key Updates This is the length of time after which the access point will automatically generate a new shared key to secure multicast broadcast traffic among all stations that are communicating with it By default the value is 600 seconds Step 8 Click the Apply button and reboot your system after which your settings will become effective Page 147 Configure the Sec
83. l Setup from the Bandwidth Contol sub menu from the CONHGURATION command menu Step 2 Enter the Download Total Rate and Upload Total Rate The default values are O which indicates that there is no bandwidth limit Click the Apply button WAN Bandwidth Control Setup Upload Download Bandwidth Setting Download Total Rate kbit 0 Upload Total Rate kbit Apply Page 107 Configure LAN Bandwidth Contol Bandwidth Control can also limit LAN users throughput Step 1 Select LAN Bandwidth Control Setup from the Bandwidth Contol sub menu from the CONHGURATION command menu Step 2 Click the Add button to create the bandwidth rule for LAN user LAN Bandwidth Control Setup Name Committed Rate kbit Ceil Rate kbit IPMAC Address Rule type DownLoad By MAC sampleRule 10 100 09 00 2B 01 00 00 e Add Page 108 Step 3 Click the Add button to create the rule for LAN users bandwidth control Bandwid Add Bandwidth Control Entry th Control Rule Rule Name sampleRule Committe d Rate kbit 10 Ceil Rate kbit 100 Rule type IP MAC A DownLoad By MAC Address xi ddress 09 00 28 01 00 00 Parameters Desc nption Rule Name You can set a name for the bandwidth control rule Committed Rate kbit Minimum bandwidth rate of throughput NOTE The sum of the Committed Rate of all the rules should not exceed the total rate available Ceilin
84. l costs change the spanning tree algonthm reconfigures the spanning tree topology and re establishes the link by activating the standby path e HTIPS The access point supports HTIPS SSL in addition to the standard HTIP HTIPS SSL features additional authentication and encryption for secure communication e Telnet Telnet allows a computer to remotely connect to the access point CU Command Line Interface for control and monitonng e SSH SSH Secure Shell Host establishes a secure host connection to the access point CU for control and monitonng e WDS2 WDS2 Wireless Distnbuted System 2 links up access points to create a wider network in which mobile users can roam while still staying connected to available network resources Page 8 When to Use Which Mode Access Point Mode The Access Point Mode is the default mode of the access point and enables the bndging of wireless clients to access the wired network infrastructure and also enables their communication with each other In this example the wireless users are able to access the file server connected to the switch through the access point in Access Point Mode Cabla ADSt modom routor Switeh E j Laptop Page 9 Access Point Client Mode In Access Point Client Mode the device actsasa wireless client When connected to an access point it createsa network link between the Ethemet network connected at this client device and the wireless Ethe
85. lection at this mode if you do not wish to use DHCP e DHCP Server Select this mode to setup a DHCP server e DHCP Relay Select this mode to setup a DHCP relay By default DHCP broadcast messages do not cross router interfaces DHCP Relay supports DHCP Clients and DHCP Servers on different networks by configunng the router to pass selective DHCP messages Follow these stepsif you do not wish to use DHCP Step 1 Click on Advanced Settings from Management Setup from the CONAGURATION menu Step 2 Set DHCP Mode to NONE DHCP Server Setup DHCP Mode NONE Step 3 Click on the Apply button Page 40 The following will guide you to setup the DHCP Server Step 1 Click on Advanced Settings from Management Setup from the CONAGURATION menu Step 2 Set DHCP Mode to DHCP Server In DHCP Server Setup refer to the table below to set the appropnate values to suit the needs of your network DHCP Server Setup DHCP Mode DHCP Server DHCP Start IP Address 192 168 168 100 DHCP End IP Address 192 168 168 254 DHCP Gateway IP Address 192 168 88 2 DHCP Lease Time 3600 seconds Primary DNS IP Address 210 23 1 4 Secondary DNS IP Address 2110 23 46 Step 3 Click on the Apply button Page 41 This table descnbes the parameters that can be modified in DHCP Server Setup Parameters Description The fields DHCP Start IP Address and DHCP End IP Address fields allo
86. mand Line Interface CL Step 1 Ensure that you have the updated firmware available l firmware File Edit View Deity Tools Help Norton Antivirus fod Page 164 Step 2 On the PC connected to the AP run a IFIP server and setup to point to the same firmware image filename Step 3 In the Command Line Interface enter the command with the IP address of the AP and the filename of the firmware image asthe parameters Fl LO ee Soo o aa ioj x Current Directory C MFirmware Browse Server interlaces 17218 0101 Chow Cir Titp Server Tftp Client Syslog server Connection received from 172 18 0 3 on port 2048 Read request for file lt Firmware IMG Firmware MG sent 7506 blks 364273 bytes Connection received from 172 18 0 5 on port 2045 Read request for file lt Firmware MG C ti lt File size 36427 73 3166720 Bytes sent 263093 Butes sec LITT TTT TTT About Settings Help Sample Sc reenshot Current Acton Set upgrade lt P address of AP gt lt firmware image filename gt BYSTROVANY login useri Passuord Bus yBox vi HA 2666 11 23 16 24 6868 gt Built in shell tash Enter help for a list of built in commands H set upgrade 172 18 09 101 firmware IMG Please waiting It is upgrading firmware nouw Page 165 Step 4 These screens display when upgrade isdone AII ELS ee lll ioj x Current Directory C MFirmware Browse
87. me is rae being added to the list the message Waiting in queue Domain Name Updete Status will be disolayed under the cuiaesamacn tint ce Update Status column of the a Rae Dynamic DNS Listta ble he Page 123 Use the Wireless Extended Features Setup WDS2 WDS2 Wireless Distnbuted System 2 links up access points to create a wider network in which mobile users can roam while still staying connected to available network resources The wireless client and root access point has to be set up with the same channel frequency This allows them to connect even when the link is lost as the channel frequency setting is preserved Switch Access Point 2 COCO CO Act as RootAP Enabled 7 ESSID rootAPSSID WDS2 Link Status Enabled Channel 5180MHz Remote AP SSID rootAPSSID Channel 5180MHz In this example there are 2 access points Access Point 1 and Access Point 2 with Access Point 1 as the root access point Page 124 Follow these stepsto change the setup the root access point Setup access point 1 Click on WLAN Setup from the CONAGURATION menu You will see the sub menus expanded under WLAN Setup Click on Basic Ensure that The Current Mode is set to Access Point To change The Current Mode please refer to Common Configuration WLAN Setup To Configure the Basic Setup of the Wireless Mode Select Actas RootAP Select the Channel common to both accesspoint 1 and access point 2 WLAN Bas
88. met network connected at the access point In this mode it can only connect with another access point Other wireless clients cannot connect to it directly unless they are also connected to the same access point allowing them to communicate with alldevicesconnected to the Ethemet port of the access point In this example the workgroup PCs can access the printer connected to the access point in Access Point Client Mode Optional additional feature Point to Point connection in this operation mode is also supported if you specifically wish to connect with an access point only Please referto the Point to Point setup section Internet Terminal Cable ADSL modem gt Switch router d t l AY Access Point Client t Access Point 2H Workgroup of PCs Printer Page 10 Wireless Routing Client Mode In Wireless Routing Client Mode the Ethemet port of the access point may be used to connect with other devices on the network while Intemet access would be provided through wireless communication with a wireless ISP Public IP address is Switch transmitted A A Q Routing Ciloni Workgroup of PCs ai Page 11 Gateway Mode In Gateway Mode the access point supports several types of broadband connections in a wireless network after you have identified the type of broadband Intemet access you are subscnbed to yr Jnternet Cable ADSL Tp A gt Laptop Page 12 Broadband
89. n decimal Set the CTS timeout value in decimal Set the Slot timeout value in decimal TX Power SYNTAX DESRPION Set txpower lt string gt Default full auto 1 2 3 4 17 full min TX Rate SNAX DESCRIPMON Set txrate lt string gt Values are default auto 802 11a 6 9 12 18 24 36 48 54 auto Version AG 802 11b g mixed 1 2 5 5 11 6 9 12 18 24 36 48 54 auto 802 11b only 1 2 5 5 11 auto Page 177 Wireless Mode SYNTAX DESCRIPION Set wirelessmode lt string gt Supported strings are auto 11a 11b 11g pureg superg supera Enable or disable smart channel select during power up Enable disable enable disable WEP Key Must first set a key entry type then proceed to set the key index size and value DESC RIPTION SYNTAX S O Set key lt keyindex gt lt keysize gt Set keyentrymethod hex ascii lt keyvalue gt Set key lt keyindex gt default Set default key Add or Delete User DESC RIPTION Set user lt r w gt lt password gt To add a user usemame To delete user Country Code Set countrycode lt iso name gt List of countnes Set countrycode lt 2 letter string gt 0 NA CTRY_ ALBANIA AL CTRY_ ALGERIA DZ CTRY_ARGENTINA AR CTRY_ ARMENIA AM CTRY_AUSTRALIA AU CTRY_ AUSTRIA AT C TRY_AZERBAI AN AZ CTRY_ BAHRAIN BH CTRY_ BELARUS BY CTRY BELGIUM BE CTRY B
90. nections Ca Page 32 Step 3 At the Address bartype in http 192 168 168 1 and press Enteron your keyboard http 192 168 168 1 View Favorites Tools Help Step 4 At the login page click on the LOG ON Button Wireless LAN Access Point Management Please enter your password Forgot your password see the User s Guide for instructions You willthen reach the home page of the access point web interface 2 Wireless LAN Access Point After feinatong Conbgueabon Pirate Click 2 etlicontig Te End Contig Mode Or Turn of the dence fer mare then 5 seconds Page 33 Perform Basic Configuration Setup Management Port At the Management Port Setup page you may e Set Ethemet Link Soeed and duplex settings e Automatically obtain IP address from DHCP server The default IP 192 168 168 1 is used until a new IP isobtained Access Point Clients also allows PCs connected to the Ethemet port to obtain IP from the DHCP server at the access point end network e Manually define IP address Follow these stepsto set Ethemet Link Soeed and duplex settings Step 1 Click on TCP IP Settings from Management Setup from the CONHGURATION menu Step 2 Select the desired Ethemet Link Speed and duplex settings e Auto Automatic Detection 100 Full LOOBaseT Full Duplex 100 Ha lf LOOBaseT Ha If Duplex 10 Full 10BaseT Full Duplex 10 Half LOBaseT Ha lf Duplex Management Port Setup Ethernet Link Speed
91. o MultiPoint communication between different buildings enables you to bndge wireless clients that are kilometres apart while unifying the networks e Virtual AP Multiple SSID Virtual AP implements mSSID Multi SSID This allows a single wireless card to be set up with multiple virtual AP connections with different SSIDs or BSSID Basic Service Set Identifier and secunty modes e Highly Secured Wireless Network The access point supports the highest available wireless secunty standard WPA2 WPA2 has two different modes WPA2 Personal for SOHO users and WPA2 Enterpnse for Enterpnse users The access point also supports IEEE 802 1x for secure and centralized userbased authentication Wireless clients are thus required to authenticate through highly secure methods like EAP TLS EAP TILS and EAP PEAP in orderto obtain accessto the network e Smart Select This feature will automatically scan and recommend the best channel that the access point can utilize e uConfig Utlity The exclusive uConfig utility allows users to access the user fnendly Web configuration interface of the access point without having to change the TCP IP setup of the workstation Page 7 e SIP Spanning Tree Protocol provides path redundancy while preventing undesirable loops in the network It forces certain redundant data paths into a standby blocked state If one network segment in the Spanning Tree Protocol becomes unreachable or if Spanning Tree Protoco
92. o the access point will be unable to obtain a dynamic IP address directly from X But if you enable the DHCP server of the access point and set the IP addressof Xas the DHCP Gateway IP Address the PC will obtain its IP address from the access point and access the Intemet through X DHCP Lease Time This is the length of time that the client may use the assigned address before having to check with the DHCP server to see if the Address is still valid Primary DNS IP Address Your ISP usually provides the IP address of the DNS server Secondary DNS Address IP This optional setting is the IP address of a secondary DNS server Page 43 The following will guide you to setup the DHCP Relay Step 1 Click on Advanced Settings from Management Setup from the CONAGURATION menu Step 2 Set DHCP Mode to DHCP Relay In DHCP Server Setup refer to the table below to set the appropnate values to suit the needs of your network DHCP Server Setup DHCP Mode DHCP server IP 192 168 168 254 DHCP Gateway IP 19216811 Step 3 Click on the Apply button Page 44 This table descnbes the parameters that can be modified in DHCP Server Setup Parameters Description DHCP Server IP This is the IP address of the DHCP server DHCP Gateway IP Though the DHCP server usually also acts as the Default Gateway of the DHCP client the access point allows you to define a different Gat
93. o whom the message would be sent e IP address of Email Server IP address of the SMTP server through which the message will be sent It is recommended that you use your ISP s SMTP server e UserName UserName forthe specified email account This is necessary if authentication is required e Password Pass word forthe specified email account This is necessary if authentication is required e Email address of Sender Email addressto be displayed asthe sender Page 113 Step 4 Specify whether the SMTP server Needs Authentication or not by setting the checkbox accordingly By default it isnot selected Step 5 Click on the Apply button Page 114 Using Static Address Translation Available in Wireless Routing Clientand Gateway modes If you use a notebook for work in the office you most probably brng it home to connect to the Intemet as well Since it is most likely that your office network and home network broadband shanng network subnets are configured differently you would have the hassle of reconfigunng your TCP IP settings every time you use the notebook in a different place Static Address Translation allows you to bypass this hassle With SAT if you try to access the Intemet on your notebook from home but with your office TCP IP settings the notebook will try to contact the IP address of your office gateway to the Intemet When the access point finds that the notebook is trying to contact a device lying ona
94. on the Apply button to save yournew parameters Page 36 This table describes the parameters that can be modified in the Management Port Setup page if you select to Use the following DNS server addresses Parameters Description Pimary DNS Your ISP usually provides the IP address of IP Address the DNS server Secondary This optional field is reserved for the IP DNS IP addressofa secondary DNS server Address Page 37 Follow these stepsto manually define the IP address Step 1 Click on TCP IP Settings from Management Setup from the CONHGURATION menu Step 2 Select to Use the following IP address In the Management Port Setup page refer to the table below to replace the default settings of Access point with appropnate values to suit the needs of your network Management Port Setup Ethernet Link Speed Auto Automatically obtain IP address Use the following IP address IP Address 192 168 168 4 Network Mask 255 255 255 0 Default Gateway IP 192 168 88 2 Automatically obatain DNS server address Use the following ONS server addresses Primary ONS IP Address 210 23 1 4 Secondary ONS IP Address 210 2346 el Management Port Setup Ethernet Link Speed Auto gt IP Address 1921681684 Network Mask 255 255 255 0 Default Gateway IP fa2168 886 2 Primary DNS IP Address 210 2314 Secondary DNS IP Address 210 23 4 6 Apply Her The parameters are the same
95. onfig will then close automatically Page 30 Step 5 At the login page press the LOG ON button to enter the configuration page The default password is password Wireless LAN Access Point Management Please enter your password Cre LOGIN Forgotten your password see the User s Guide for instructions Step 6 You will then reach the home page of the access point web based interface Wireless LAN Access Point Afer fminstong Corikguaton Pirate Click Extticontig Te End uConig Mode Or Tum of the device fr mare than 4 seconds Page 31 Manual access wit Intemet Explorer Step 1 Launch your Web browserand under the Toolstab select Intemet Options Z Yahoo Singapore Microsoft Internet Explorer File Edit view Favorites BETSI Help Mail and News Q Bak J x Synchronize g l Windows Update i Address 2 http lsg yahoo com Windows Messenger Yahoo Messenger Show Related Links ER Step 2 Open the Connections tab and in the LAN Settings section disable all the option boxes Click on the OK button to update the changes Local Area Network LAN Settings Automatic configuration Automatic configuration may override manual settings To ensure the use of manual settings disable automatic configuration Automatically detect settings Fi Use automatic configuration script Proxy server o Use a proxy server for your LAN These settings will not apply to dial up or YPN con
96. p 4 The MAC Filter Address List page displays with updated MAC Address List MAC Filter Address List MAC Address List ESSID VAP1 Del MAC Address Comments Apply to O 08 70 f8 70 80 70 mac4 all All changes will take effect after reboot Perform Advanced Configuration Setup Routing Available in Wireless Routing Client and Gateway modes The access point allows you to add a static routing entry into its routing table to re route IP packetsto another access point This is useful if your network has more than one access point Important You do NOTneed to set any routing information if you are simply configunng the access point for broadband Intemet shanng The wrong routing configuration might cause the access point to function impropeny In this network the main office of subnet 192 168 168 0 contains two routers the office is connected to the Intemet via the access point 192 168 168 1 and to the remote office via 192 168 168 254 The remote office resides on subnet 192 168 100 0 You can add a Static routing entry into the access point routing table so that IP packets from the clients in the main office with a destination IP address of 192 168 100 X where X is any number from 2 to 254 will be re routed to the router which actsasthe gateway to that subnet Static Routing S K anolog lt ros 3 e i modem dii 56K analog a eT Access point modem 192 160 148 1 i _ a
97. parent Client This method iscompliant with IEEE 802 11h standard AP is running very old firmware v1 2x and below Q4 Can update to mSSD firmware but setup only one SSD connection Yes mSSID fimmware operation is similar to previous single SSID firmware when setup with one SSID If the existing AP is running v1 3x firmware after updating to mSSID it will retain and continue to tun the previous configuration No reconfiguration isneeded Q5 I have a MAC Altenng table set from a previous fimware Will updating to mSSID cause the MAC table to be lost No if your firmware is v1 3x and higher updating to mSSID firmware will retain all entnesin the MAC table However if you switch back from mSSID to the previous sSSID fimware the MAC table will be lost Page 182 Q6 I have Pseudo VLAN for Per Group enabled Will updating to mSSID firmware sull support wireless clients with MAC addresses listed in Per Group The mSSID firmware replaces Pseudo VLAN and integrates it into VAP Virtual AP and MAC Filtering Thus Pseudo VLAN with its VLAN ID and MAC listing will be lost after updating to mSSID firmware Refer to the user manual on how to create new VAP with VLAN ID and MAC Filtenng Similarly Per Node control to isolate wireless station in AP being part of Pseudo VLAN will also be lost This option can be enabled again with the option Station Isolation in VAP setup page Q7 I have WDS setup in my network Will mSSID
98. ply the rule to A Range of IP addresses In this case you will have to define From which IP address To which IP address your range extends A Single IP address Here you need only specify the source IP address in the From field Any IP address You may here leave both the From as well as the To fields blank Here the rule will apply to all IP addresses 4c At the Destination Port drop down list select either A Range of TCP ports In this case you will have to define From which port To which port your rule applies A Single TCP port Here you need only specify the source port in the From field Any IP port You may here leave both the From as well as the To fields blank Here the rule will apply to all ports 4d From the Day of the Week drop down list select whether the rule should apply to A Range of days Here you will have to select Fom which day To which day Any day Page 149 IP Address f ange KA From 192 168 168 lt 5 192 168 168 75 192 168 168 25 192 168 168 IP Address Any v From 192 168 168 TO 192 166 166 Destination Port Hange From 2 Destination Port Av From To Day of the Week From We Ta Fn Day of the Week tai From Sun To Su In this case you may skip both the From as well asthe To drop down fields 4e At the Time of the Day
99. r 175 WIC WE FOU ay Sie ld asrsacanadeaieaataauacant conte seasnneuaniei sa guuidatadeaseaunmaateaanaaiel 175 GEE TSCHMIC A SUD DOM nuien a ii 176 APPENDIX USE THE COMMAND LINE INTERFACE 177 APPENDIX VIRTUAL AP MULTI SSID FAQ necesser 181 APPENDIX VIEW THE TEC HNIC AL SPECIFICATIONS 185 TEC HNIC AL SUPPORT INFORMATION ccccsseeeseesseeseeeeees 188 Page 5 Overview the Product Intoduction The EZtationS Outdoor Access Point is a high performance AP designed for enterpnse and outdoor users The access point is compatible with IEEE 802 1la and supports high speed data transmission of up to 54Mbps This equips the access point with network robustness Stability and wider network coverage Housed in a weatherproof casing the access point is designed to withstand any outdoor climatic conditions making it the ideal solution foroutdoorapplications The access point is capable of operating in 7 modes Access Point Mode Client Mode Wireless Routing Client Gateway Mode Wireless Adapter Mode and Transparent Client Mode which is specifically developed to be paired with root access point for Point to Point and Point to MultiPoint connection Moreover its integrated Power over Ethemet PoE allows the access point to be used in areas where power outlets are not readily available Page 6 Features and Benefits e Point to Point amp Point to MultiPoint Support Point to Point and _ Point t
100. rvice Provider omasin Mame rmana mai x WAH IF Dynamic DNS List Update St tus Add Botesh Dynamic DNS Edit Provider 2MyDNS Dynamic DNS Service Provider Domain Name people onlinepeople net WAN IP E Auto Detect Username tester Password eseese Wildcard YES ONO a Mail xchanger ann_tey powlmeaic com st Backup Mal vec A Exchanger gt h Save Reset Delate Back ug Select DDNS as DDNS Service Provider Step 1 Under the Choice column in Choice DDNS Provider the Choice DDNS Provider list check the radio button next to the DDNS entry Click on the Nextbutton Step 2 Dynamic DNS Add Enter your Domain Name Step 3 Provider DtDNS The Auto Detect C hec kbox iS Domain Name gamer dd game com selected by default WAN IP 192 168 88 44 Z Auto Detect The WAN IP field is empty by Password eeee default These default settings should be used if dynamic WAN IP connection is used f your ISP connection uses dynamic WAN IP Select the Auto Detect checkbox to let the DtDNS server leam your current WAN IP address Enter your DtDNS account Usemame and Password If your ISP connection uses a fixed WAN IP Enter the IP address in the WAN IP field Deselect the Auto Detect checkbox The access point will update the DtDNS server with the specified WAN IP Step 4 Then click on the Add button Step 5 While the new domain na
101. se Parallel Broadband Available in Gateway mode Parallel Booadband provides scalable Intemet bandwidth with Load Balancing and FailLOver Redundancy Load Balancing is provided by balancing the aggregate bandwidth of multiple broadband connections across the traffic demands of your pnvate network With Parallel Broadband if a particular broadband connection fails the access point will use the remaining functional broadband connections thus providing Fail Over Redundancy Implementing Parallel Booadband requires the installation of 2 or more access points in the network each connected to separate broadband Intemet service account As there is no restnction to the type of broadband Intemet they are connected to be it cable or ADSL you may thus have one access point connected to cable Intemet and another to an ADSL line The access points have to be operating in Gateway mode with Parallel Broadband and set to the same ESSID Parallel Broadband Sx Cable ADSI EC INTERNE 53 modems Load Baloncing amp Fall Over Redundancy oe B K Laptop with PCI adopter Page 111 Enable Parallel Broadband Begin by venfying that every access point in the network is properly configured to connect to its individual broadband Intemet account Secondly ensure that either e each access point is connected to an Ethemet port in the network OR e the accesspoints are wired to each other Then all the access points have to have the DH
102. sed if dynamic WAN IP connection is used lf your ISP connection uses dynamic WAN IP Select the Auto Detect checkbox to let the DDNS server leam your current WAN IP address Enter your DDNS account Usemame and Password If your ISP connection uses a fixed WAN IP Enter the IP address in the WAN IP field Deselect the Auto Detect checkbox The access point will update the DDNS server with the soecified WAN IP Step 4 Optional Your hostname will be allowed multiple identities if wildcard is enabled For example if you register mydomain 2mydns net users looking for www mydomain 2mydns net or fto mydomain 2mydns net can still reach yourhostname Page 121 Choice DDNS Provider Provider Name Register Now 2MyDNS Dynamic DNS Service Provider Register Online DDNS Register Online mg Dynamic DNS Add Provider ZMYONS Dynamic DNS Service Provider Step 5 Optional In the Mail Exchanger field enter the Static WAN IP address of the mail server configured to handle email for yourdomain Select Backup Mail Exchanger to enable this service Step 6 Click on the Add button The new domain is added to the Dynamic DNS list table It will appear asa hypenink that you can click to go back to the Dynamic DNS Edit page Step 7 From the Dynamic DNS Edit page you can update or reset the parameters or delete the domain name Page 122 Dynamic DNS Add Provider 2MyDNS Dynamic OWS Se
103. server in the access point LAN Setup This default DNS server ovemdes the one defined in the TCP IP settings of the LAN clients allowing the access point to direct DNS requests from the LAN to a local or to a closer DNS server that it is aware of thus improving the response time DNS Redirection also provides more control to the network administrator In the event that there isa change in DNS servers he can simply indicate the actual DNS server IP address an the access point LAN Setup and enable DNS Redirection without having to reconfigure the DNS settings of every LAN client Page 116 Page 117 al Thi access point contacts the Web server indicated by DNS server A ff When communication is established between ae ig hd mae tg r access Pont ne webpage appearm Web server your browser hesting the website a Type a URL in the intemet z Another DNS serve rB The access point asks DNS Server 3 contacted by ONS carver A A for the IPaddress of the server hosting the website that you want to access d DNS Server A returns the P address of the Web server to the access point b DNS Server 4 does not have the IP address of the web server and contacts another DNS server to find the answer E DNS server B would then search its cache or would in tum contact other ONS servers to return a reply to ONS Server A ONS server A contacted by the access point NOTE An entry for the DNS Server fi
104. st Effort Best Effort data traffic has no pnontization applications equally share available bandwidth and Parameters for Datal Background Background data traffic is de pnontized and is mostly for backup applications or background transfers like backup applications or background transfers like bulk copies that do notimpact ongoing traffic like Intemet downloads Parameters for video data traffic Parameters for voice data traffic Setup Point to Point amp Point to MultPoint Connection You can implement Point to Point connection by simply setting one access point as RootAP in Access Point mode and setting the other access points to Transparent Client mode You can seta root accesspoint and a transparent client to allow point to point communication between different buildings and enable you to bndge wireless clients that are kilometres apart while unifying the networks Or you can seta root access point and multiple transparent clients to allow point to multiple point communication between the access point located at a facility and several other access points installed in any direction from that facility Follow these stepsto setup RootAP RootAP Step 1 Click on WLAN Setup from the CONHGURATION menu You will see the sub menus expanded under WLAN Setup Click on Basic Ensure that The Current Mode is set to Access Point To change The Current Mode please refer to Common Configuration WLAN Setup To Configure the
105. sull support this WDS has the limitation that it can only support WEP secunty key To support higher wireless secunty it is replaced with Repeater mode in mSSID firmware Thus updating to mSSID will disconnect the WDS links and connections with the rest of the APs It is recommended to connect directly to each AP to update the fimware then set to Repeater mode and configure it before updating the next AP This way you can build back the connections Referto the user manual for more details instructions on the setup Updating to the mSSID firmware is not necessary if you do not need the higher wireless sec unty support Page 183 Q3 I have 2 of the access point units installed ata site about 2km from each other running PtP modes Should update to mSSID firmware Can I do it from one location to update the firmware like do with the current single SSID firmware The setup for PtP and PtMP for mSSID firmware is different the current sSSID firmware After mSSID firmware starts up the link between the 2 APs will be lost The recommended method is to setup 2 similar model units in the office Load the mSSID firmware and create the new PtP PtMP configuration using the actual parameters of the 2 units on site that you will update After testing the connection to be working in the office backup the configuration file foreach unit Go to the first ste to update the mSSID firmware and restore the configuration forthe site then go to
106. t of the access point to the LAN port of your computer with an MDI cable Step 3 Power on the access point and start up your computer You are recommended to set your computer s IP address to 192 168 168 100 and its network mask to 255 255 255 0 It isrecommended that your computer IP address is set to 192 168 168 100 and the network mask is set to 255 255 255 0 Step 4 Insert the Product CD into the CD drive of yourcomputer Page 167 Step 5 From the Start menu click Run and type cmd When the command prompt window appears type in the following command XA recovery TFIP i 192 168 168 1 PUT image_name IMG where X refers to your CD dnve and image_name IMG refers to the firmware filename found in the Recovery folder of the Product CD Step 6 f you have downloaded a newer firmware and have saved it in your local hard disk as C accesspoint accesspoindKx IMG then replace the command with this new path and firmware name Forexample CA accesspoint FIP i 192 168 168 1 PUTaccesspointdtox img The recovery process takes place You can monitor the progress of the recovery process with the diagnostic LED When firmware restoration iscomplete reboot the access point and it will be ready to operate Page 168 Bac kup or Reset the Settings You may choose to save the current configuration profile create a backup of it on your hard disk restore an eanlier saved profile or to reset the access point back to its
107. t page displays Select the checkbox of the MAC address you wish to delete Click the Delete button MAC Filter Address List MAC Address List Radio 1 Del MAC Address Comments E 08 70 f8 70 80 70 maci 00 b0 d0 86 bb f7 mac3 Apply to all 1 AP s U ANS SS ee sift ae Ph E hy anaia a pne a F i changes wil take effect after reboot Page 90 Step 3 The MAC Filter Address List page displays with updated MAC Address List MAC Filter Address List MAC Address List Radio 1 Del MAC Address Comments Apply to F 08 70 f8 70 80 70 maci all Al changes will take effect after reboot Page 91 Delete a MAC address from individual access point Step 1 Select MAC Filtering from WLAN Setup The MAC Address Filtering page displays Select Editfor the corresponding access point MAC Address Filtering Radio 1 MAC Filtering Options AP Type ESSID Security Status Policy Main AP sampleRouter NONE i Enable Accept v virtual AP VAP1 NONE Disable Deny Virtual AP VAP2 NONE Enable Deny v View Complete MAC List ai i in este poon ay A att See Fan Sey i changes wil take effect after reboot Step 2 The MAC Filter Address List page displays Select the checkbox of the MAC address you wish to delete Click the Delete button MAC Filter Address List MAC Address List ESSID sampleRouter Del MAC Address Comments CT 08 70 f8 70 80 70 maci Apply to all 0
108. the next site and do the same When both APs are up again the network at both sides should be connected with the new PtP setup Note If existing PtP connection is running well it is not necessary to update to the mSSID firmware Unless you have the following concems Curent firmware PtP is not compliant with IEEE 802 11h standard and the respective country authonty requires it to be changed Current firmware PtP wireless secunty only supports WEP key and you are very concemed about the vulnerability to being hacked Page 184 Appendix View the Technical Safety and Electomagnetic Conformance Industnal Standards Data Rates Frequency Range IEEE 802 11a Version AG IEEE 802 11b IEEE 802 119 Wireless Operation Modes Page 185 Spec fications FCC Part 15 SubPart B and SubPart C for wireless module EN 300 328 2 EMC CE EN 301 489 EN300 826 EN 55022 CISPR 22 EN 55024 Class B EN 61000 3 2 EN 61000 3 3 CE EN 60950 EN 301 893 IEEE 802 11a Version AG IEEE 802 11b IEEE 802 11g Network speeds dynamically shift between 1 2 5 5 11 12 18 24 36 48 54 Mbps 5 180 5 825 GHz 2 4 2 4835 GHz 2 4 2 497 GHz Access Point Mode Client Mode Wireless Routing Client Gateway Mode Wireless Adapter Mode Transparent Client Mode Repeater Mode 64 bit 128 bit WEP WPA Enterpnse WPA Personal WPA2 Enterpnse WPA2 Personal WPA Auto Enterpnse WPA Auto Personal Tagged VLAN I
109. tings from the SYSTEM TOOLS menu Step 2 To restore previously saved settings click on the Browse button and select the folder where you saved your configuration file Backup or Reset Settings Erase the Machine s configuration restore its factory default settings gt Backup the Machine s configuration gt Restore the Machine s configuration path and file name C Documents and Settings config cfg Browse O Click on the Restore button and the system will prompt you to reboot your device Page 171 Reboot the System Most of the changes you make to the system settings require a system reboot before the new parameters can take effect Step 1 Select Reboot System from the SYSTEM TOOLS menu Step 2 Click on the Reboot button Reboot System Reboot now Step 3 Wait forthe system to reboot and the login page will be displayed Rebooting The machine is rebooting Please wait for about 30 seconds until login page is displayed http 192 168 168 1 Page 172 Change the Password It isrecommended that the login password ischanged from the factory default password Step 1 Select Change Password from the SYSTEM TOOLS menu Step 2 Key in the Current Password The password iscase sensitive and defaulted to password Enter the New Password field and then Confirm Password Step 3 Click on the Apply button to update the changes Change Password
110. ton a General You can get IP settings assigned automatically if pour network supports this capability Otherwise you need to ask your network administrator for the appropriate IP settings Obtain an IP address automatically Set the IP address to 192 168 168 X and Uen tha Tolong IP akes subnet mask to 255 255 255 0 where X can ae a be any number from 2 to 254 205 200 250 0 Default gateway Use the following DNS server addresses Preferred DNS server Alternate DNS server Step 5 Click on the OK button to close all windows Page 27 Step 6 To venfy that the IP address has been corectly assigned to your PC go to the Start menu Accessones select Command Prompt and type the command ipconfig all co CS WINDOWS systema s cmd exe C Documents and S strator gt ipconf ig all Windows ITP Conf igurat ion winxp riprti pj i Area Connection Lonnect ic e cikic DHS Suffix Description s s Realtek RILS139 Family PCI Fast Ethe Physical Address BA 81 8H BE Bb 37 Dhep Enabled Ho l Your PC is now ready to communicate with youraccess point Page 28 Access the Web Interface Access with uConfig The UConfig utility provides direct access to the web interface Step 1 From the Utilities section select to install the uConfig utility to your hard disk Step 2 After installation double click on the uConfig icon and click on t
111. tton IP Forward Entries Private IP 192 168 168 55 192 168 169 55 Public IP 213 18 213 101 Page 105 Step 1 Select NAT CONAGURATION menu from the command Step 2 Click the IP Forwarding button in Advanced NATOptons Add IP Forward Entry Private IP Address Public IP Address 192 168 168 55 213 18 213 101 Ea Step 5 The IP Forward Entes page reflects yournew addition Control the Bandwidth Available Available in Wireless Routing Clientand Gateway modes You can control the bandwidth available to subscnbers to prevent the occurence of massive data transfer that can slow down the network Enable Bandwidth Control Step 1 Select Bandwidth Contol from the CONHGURATION command menu Enable Disable Bandwidth Control Bandwidth Control Status O Enable Disable Apply WAN Bandwidth Control Setup Upload Download Bandwidth Setting Download Total Ratefebit 0 Upload Total Ratevebit 0 Apply LAN Bandwidth Control Setup Committed Fiabe Petes kb Cad Rabe PRAC Address Fule type Step 2 Bandwidth Contol is disabled by default select Enable and click the Apply button Enable Disable Bandwidth Control Bandwidth Control Status Enable Disable Page 106 Configure WAN Bandwidth Contol The Upload Download Bandwidth Setting can limit throughput to the defined rates regardless of the number of connections Step 1 Select WAN Bandwidth Conto
112. ual or data sheet is required please contact a Technical Support Centre by mail email fax ortelephone Click on Get Technical Supportfrom the HELP menu Support Information For technical support email to support compex com sg For updates connect to the following Web Sites http www cpox com http www compex com s Regional Technical Support Centers U S A Canada Latin America and South America Compex Inc 840 Columbia Street Suite B Brea CA92821 USA Tel 714 482 0333 Fax 714 482 0332 800 Line 800 279 8891 Support email support cpx com Asia Australia New Zealand Middle East and the rest of the world Compex Systems Pte Ltd 135 Joo Seng Road 08 01 PM Industrial Building Singapore 368363 HotLine 65 6 286 1805 Fax 65 6 283 8337 Page 176 Appendix Use the Command Line Interface Get Operation List SYNTAX DESCRIPION Get tasks Display all active procesytasks Get sysinfo Display system information Get brmacshow Display bridge leamed MAC address list Set Operation List SYNTAX DERON S O Save Configuration SYNTAX CSE DESCRIPMON Commit Save current configuration to flash Most commands require rebooting to take effect after saving Long Range Check for recommended values from long distance option setup page SYNTAX DESCRIPTON Enable outdoor for long range connection Set the connection distant value in decimal Set the ACK timeout value i
113. uter if DHCP SOrvor q J HV Wireloss c DP f Adapter Macintosh Acoess Point Workgroup of PCs Page 14 Transparent Client Mode In Transparent Client Mode the access point provides connection with an access point acting as the RootAP This operation is designed for the implementation of Point to Point and _ Point to Multipoint connections Point to Point Point to MultiPoint AnaccesspointactsasRootAPand Anaccesspoint actsasRoot AP l otheraccess point actsas and several other access point Transparent Client actsas Transparent Clients This mode is generally used for outdoor connections over long distances orforindoorconnections between local networks sparent Client Mode MAC MAC wa 00 70 37 2c f5 de 90 90 99 4c fr de Page 15 Difference Between other client modes and Transparent Client Mode Other client modes Transparent Client Mode Connectivity pi any standard Connectivity with RootAP supported S APS All devices connected to the Devices connected to the Ethemet Ethemet ports use a common ports flow through freely and MAC address for communications transparently without the MAC with the AP address restnction The Transparent Client Mode is more transparent making it more Suitable for linking 2 networks together in a point to point or point to multipoint network connection MAC 00 80 48 3c f6 de MAC 00 80 48 3c f6 de Page 16 Panel Views and Description 1 2 3
114. w you to define the range of IP addresses from which the DHCP Server can assign an IP addressto the LAN DHCP Start IP Address This is the first IP address that the DHCP server will assign and should belong to the same subnet as the access point For example if the access point IP address is 192 168 168 1 and the network mask is 192 168 168 1 and 255 255 255 0 the DHCP Start IP Address should be 192 168 168 X where X can be any number from 2 to 254 It is pre set to 192 168 168 100 DHCP End IP Address This is the last IP address that the DHCP server can assign and should also belong to the same subnet as your access point For example if the access point IP address is 192 168 168 1 and the network mask is 192 168 168 1 and 255 255 255 0 the DHCP End IP Address should be 192 168 168 X where X can be any number from 2 to 254 It is pre set as 192 168 168 254 Page 42 DHCP Gateway Address IP Though the DHCP server usually also actsasthe Default Gateway of the DHCP client the access point allows you to define a different Gateway IP Address which will be allocated as the Default Gateway IP of the DHCP client The DHCP client will thus receive its dynamic IP address from the access point but will access to the Intemet or the other LAN through the Default Gateway defined by the DHCP Gateway IP Address For instance if the access point in Access Point Client mode connects to an Intemet gateway X a PC wired t
115. y after negotiating the encrypted session with the client A login session through Telnet Terminal Terminal Sg ae username passywor P gt client server The client types jsmith COlts06 jsmith coltso6 As seen on the network A login session through SSH Terminal Terminal oY 4hS346y9246hnr98 client The client types jsmith coltso6 As seen on the network SSH CLI hasa command line interface Generating public private dsa key pair Enter file in which to save the key i home localuser ssh id dsaj Enter passphrase empty for no passphrase Enter same passphrase again Your identification has been saved in homer localuser ssh id dsa Your public key has been saved in home localuser ssh id dsa pubh The key fingerprint is aal 3d f8 e5 localuserfmybox home cor Page 79 Set the WEB Mode HTTP server The access point supports HTIPS SSL featunng additional authentication and encryption for sec ure communication in addition to the standard HTIP Step 1 Select Web Management Setup from the CONHGURATION menu Step 2 1 Select whether to set web serverto HTIP or HTIPS SSL mode 2 Click Apply Changes will be effected after reboot Web Management Setup HTTP HTTPS SSL Page 80 Setup SNMP The Simple Network Management Protocol SNMP is a set of communication protocols that separates the management software architecture from the har
Download Pdf Manuals
Related Search