IWP-2000-68 User`s Manual
Contents
1. subtree Sub Tree the OID value For example 1 3 6 1 2 1 View Name Include Sub Tree 1 mib2 include 1 3 6 1 2 1 2 generic Include 1 3 6 1 4 1 5205 a menn naue S O4 Include FIS include O6 Include w lg Include w o8 Include w 9 include v oO 10 include v n include E a 12 nclude 13 include 14 include 015 Include D 16 include 17 include Figure 3 2 28 126 Access The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any v1 v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The av2. Item MACaddress Ex 22 22 22 22 22 22 MAC address 1 Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 _Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 _Delete MAC address 14 Delete MAC address 15 Delete Figure 3 4 35 3 4 6 SNMP The IWP 2000 65 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 4 6 1 Basic Setting SNMP Agent Check the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants Lantech View to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location Itis used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s SNMP community settings on this page Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the name of community for the SNMP manager SNMP Communit
3. Trap Active GDisable Enable vl v2c Trap Index Version IP Address Port Community 0 Version 1 192 Jes Ja 162 public 1 Disable 2 Disable 3 Disable 4 Disable Do genericro Mi R A NoAuthNoPriv o1 genericro i NoAuthNoPriv 2 genericro_w l NoAuthNoPriv 3 genericra Y i l J NoAuthNoPriv 4 genericro v NoAuthNoPriv w Figure 3 8 38 gt Trap Items Enable Disable which trap items to send Trap Items Cold Start ODisable Enable Warm Start ODisable Enable Link Up ODisable Enable Link Down ODisable Enable Auth Fail ODisable Enable Log In ODisable Enable Figure 3 8 39 3 8 6 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Command Ping Ping IP Count 3 Disable Enable Figure 3 8 40 3 8 7 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 8 41 176 3 9 OLSR AP Mode To set this device as a MESH device the setting and functions as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System time Reboot V WAN e WAN Settings e Bandwidth Managemen
4. Deny vi Deny 4 Deny vi Deny vi Deny xi Auth Privacy Access Protocol Y Passphrase Right DES vw unused unused unused unused unused Security Level Type Auth Passphrase AuthPriv AuthPriv AuthPriv AuthPriv AuthPriv lt lt lt lt lt lt lt lt lt DES lt lt lt lt lt a SERMET ETI Figure 3 5 30 3 5 6 2 VACM Setting User can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that user can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options User can use this token to give SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network Com
5. Item MAC address Ex 22 22 22 22 22 22 MAC address 1 Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 f Delete MAC address 14 Delete MAC address 15 Delete Figure 3 9 37 3 9 7 SNMP The IWP 2000 65 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 9 7 1 Basic Setting SNMP Agent Check the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants LantechView to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location Itis used to define the location of the host on which the 200 SNMP agent is running V1 V2C User can change user s SNMP community settings on this page Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the name of community for the SNMP manager SNMP Community provides a simple protection by using
6. M1 Imib2 i Include 1 3 6 1 2 1 M2 generic include 1 3 6 1 4 1 5206 a nn Enn Da Include w O5 Include O6 Include DO Include O8 include D9 include v o 10 include Ou Include we 12 Include 13 Include 14 nclude v 15 Include 16 Jn Include vi 17 Include x Figure 3 10 35 229 Access The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any vi v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table Security Model Sec
7. Item MAC address Ex 22 22 22 22 22 22 MAC address 1 Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 _Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 Delete MAC address 14 Delete MAC address 15 Delete Figure 3 2 32 3 3 5 SNMP The IWP 2000 65 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 3 5 1 Basic Setting SNMP Agent Check the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants LantechView to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location Itis used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s SNMP community settings on this page Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the name of community for the SNMP manager SNMP Community provides a simple protection by using the community name to co
8. 1 M2 genericusm usm AuthPriv vi all vi all v jall v g3 generic vij Lany x NoAuthNoPriv j all v all v all b 4 generic v any x NoAuthNoPriv all xj all v jall bw ij generic v any NoAuthNoPriv all x all v jall v Figure 3 5 33 3 5 6 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in vi or v2c or not send disable gt V1 V2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps V3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address amp Port The IP and Port of a device to receive traps 107 Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoPriv AuthPriv SNMP Trap Trap Active Disable Enable vl v2c Trap 0 Version 1 192 fies f 21 162 public 1 Disable LI 2 Disable K 3 Disable w 4 Disable v3 Trap Index Do genericro Si A 3 NoAuthNoPriv o1 genericro A ji l NoAuthNoPriv v 02 genericro Y e i li NoAuthNoPriv W 3 genericro
9. DES lt lt lt lt lt a SERMET ETI Figure 3 7 27 3 7 5 2 VACM Setting User can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that user can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options User can use this token to give SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network Community The community name that is used Group 147 Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain
10. Figure 3 2 31 gt Trap Items Enable Disable which trap items to send Cold Start O Disable Enable Warm Start O Disable Enable Link Up ODisable Enable Link Down ODisable Enable Auth Fail ODisable Enable Log In ODisable Enable Figure 3 2 32 3 2 6 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Ping IP Count 3 Q Disable Enable Figure 3 2 33 3 2 7 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 2 34 33 3 3 AP CB Bridge Mode AP CB Bridge mode is to set this device as an AP and Client Bridge device the setting and functions as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control Bridge Status WIFI Status Log System time Reboot V LAN e Bridge LAN settings V WIRELESS e Rogue Ap Scan WIFI ath3 Setting WIFI ath4 Setting WIFI ath5 Setting WIFI ath6 Setting WIFI ath7 Setting V FILTER e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 3 3 1 System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control Bridge Status WIFI Status Log System Time and Reboot screen as shown in Figure 3 3 1 34 Dual WLAN Device System Setting This
11. Figure 3 8 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on NEXT button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT J Figure 3 8 9 Enter the necessary setting in next page then click on lt Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFIP FTP TFTP or FTP Server IP L L L Firmware Filename in server configs tar FTP Username FTP Password Backup To Server Restore From Server Figure 3 8 10 3 8 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control Bridge LAN port AP WIFI 1 Status AP WIFI 2 Status 156 Status Current Firmware Version IWP 2000 65 v0 1 8 Device Name TWP 2000 65 System Model AP_WDS_BRG System Time Wed Nov 3 03 24 06 2010 ethO PoE Disabled IP Address 192 168 1 1 MAC Address 00 26 48 00 0e df Mask 255 255 255 0 MODE 802 11 a COUNTRY North_America_Area CHANNEL Auto DTIM 1 FRAG 2346 RTS 2346 BEACON 100 DISTANCE 100 SSID A1_AP0 Security Disabled MODE 802 11 a COUNTRY North America Area SSID A2 AP4 Security Disabled Figure 3 8 11 3 8 1 5 Power Control In this page user can enable the ethO port to provide Po
12. 200 Lease Time Halfhour Figure 3 5 20 In Lan configuration user can also configure the IP of Station ath7 Settings IP Authentication Indicate how the IP address of this device will be assigned There are two options available here Static option the IP address should be entered in Network IP Parameters and DHCP option the IP address will be assigned from other DHCP server 97 LAN Setting IP Authentication Static DHCP Network IP Parameters IP Address fs2 f6 27 AD Subnet Mask 255 255 255 Jo Figure 3 5 21 3 5 4 Wireless User can configure the wireless related settings in this page Dual WLAN Device Wireless You can set the wireless releated setting here WIFI ath7 Setting Figure 3 5 22 3 5 4 1 Rogue AP Scan Rogue Enable Check the radio box in front of lt Enable gt to enable the Rogue AP detection and Press Add or Del button to apply Allow AP The allowable AP list The AP in the list is a legal AP for CB to connect Check the box and press the Del button to remove it Rogue AP The nearby AP list not include the allowed APs Check the box and press the lt Add gt button to add it as a legal AP Re Scan Press lt WIFIx gt button to Re scan the APs nearby which are scanned by wifi card x x 1 or 2 98 Rogue Scan Rogue Enable Rogue Enable Enable O Disable Allow AP Del MAC Addr SSID SOU A a Z a Rogue AP
13. Account F3000 Password F3000 Figure 3 3 26 Please Note In wifi station model the security setting must be same as the AP that user wish to connect 3 3 3 3 WIFI ath4 7 Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the operating frequency channel for this device 48 Radio Power On vi Wireless Mode 802 11 b g SSID JA1 APO SSID Hide Oon Gof Country North America Area v Channel 9 Yi Figure 3 3 27 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traff
14. Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Time Update for Every User can set time update interval by enter the days hours and minutes Time Setting a i Sameby O S RE ee Tane Server Current System Time Tue Apr 13 00 44 23 UTC 2010 Year Month Day 2010 4 vi 13 Year 1900 2037 Hour Minute Second 00 foo oo Hours from GMT 8 Y Hours Server IP 140 142 16 34 Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every 0 days O 3 0 hours 0 23 10 minites 0 59 Figure 3 8 16 3 8 1 10 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To 159 perform the reboot click on the Reboot button and click on OK on pop up screen to confirm user s decision Reboot Access Point After you change the setting or in the event that the Access Point stops responding correctly or in some way stops functioning Sis cae fein a Reboot To porlon the Renae cikit Ga ths Tisha beaten bolan Vee sell ps SAT T9 Ce You prentan Figure 3 8 17 3 8 2 LAN Configuration Interface brO Setting IP Authentication Indicate how the IP address of this device will be assigned There are t
15. Network IP Parameters User can change the network settings of this device from LAN Configuration it is including IP address Subnet mask and Gateway address Bridge STP Setting User can also set the Bridge STP setting in this page STP RSTP Disable the bridge STP or set the bridge mode as STP or RSTP mode Bridge Priority Set the priority value of the bridge The priority value is a number between O and 65535 The bridge with the 21 lowest priority will be elected root bridge Hello Time Set the bridge s bridge hello time value seconds Forwarding Delay Set the bridge s bridge forward delay value seconds Max Age Set the bridge s maximum message age value seconds Port Cost Set the port cost of the port Port Priority Set the port priority of the port interface It is used in the designated port and root port selection algorithms P to P If a bridge port is operating in full duplex mode than the port is functioning as point to point The available options are auto true or false By default it is set to auto Edge If a port is operating in half duplex mode and is not connected to any further bridges participating in STP or RSTP then the port is an edge port The available options are yes or no By default it is set to no LAN Setting IP Authentication Static ODHCP Network IP Parameters IP Address 192 168 E BE Subnet Mask 255 a255 255 l Gateway Address 192 168 H1 254 STP RSTP R
16. Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto Rate 54 Y Mbits v Fixed Layer 2 Isolation Disable Enable Key 1 eeeee WEP Key Setting Key 2 eeeee Key 3 eeece Key 4 eeece Figure 3 6 20 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are 119 transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP WEP Encryption Open ORestricted KEY 1 KEY 2 O Select Key KEY 3 KEY 4 Figure 3 6 21 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access
17. Figure 3 4 18 3 4 2 WAN Configuration 3 4 2 1 WAN Settings This function is to establish a connection with user s WAN network select the IP Allocation Mode that ISP is used Interface ath3 Setting IP Authentication Indicate how the IP address of this device will be assigned There are two options available here Static option the IP address should be entered in Network IP Parameters and DHCP option the IP address will be assigned from other DHCP server Network IP Parameters User can change the network settings of this device from WAN Configuration it is including IP address Subnet mask and Gateway address WAN Setting IP Authentication Static DHCP Network IP Parameters IP Address 192 168 123 a Subnet Mask 255 255 255 0 Gateway Address 192 168 23 254 Figure 3 4 19 3 4 2 2 Bandwidth Management This function allows user to set the limitation of total upload download bandwidth on WAN interface and also can set the limitation of upload download bandwidth for each user or a group of users by IP address gt Bandwidth Management Bandwidth Management Enable bandwidth limitation function Upload Bandwidth The total upload bandwidth in Mbps Download Bandwidth The total download bandwidth in Mbps gt Bandwidth Limitation Action To set the action type of bandwidth limitation The options available here are disable upload download and upload download Start IP Address To set
18. usm AuthPriv kil all v all v all k 3 generic v any NoAuthNoPrivy all bi all v all v 4 generic vi any v NoAuthNoPriv w all Si all y jal v 5 generic v any v NoAuthNoPriv vi all v all v all v Figure 3 2 30 3 2 5 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address amp Port The IP and Port of a device to receive traps 32 Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoPriv AuthPriv SNMP Trap Trap Active Disable O Enable vl v2c Trap Index Version Version 1 192 1168 A1 121 4162 public Disable Disable Disable v v A Ww Nae o Disable Do genericra i 1 NoAuthNoPriv Yi 01 genericro W l NoAuthNoPriv v D2 sere x Nod O3 generico w A kk fi NoAuitiNoPriv 04 genericro i NoAuthNoPriv
19. 1000 DTIM Period 1 l 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 12346 1 2346 Tx Power auto Rate 54 v Mbits M Fixed Layer 2 Isolation Disable Enable Key 1 00000 WEP Key Setting Key 2 00000_ e Key 3 eeeee Key 4 eeece Figure 3 8 21 WDS MAC Address Setting MAC Address In WDS function user should enter the MAC address that indicates which AP to connect to WDS MAC Address Setting MAC Address 1 Delete MAC Address 2 MAC Address 3 Delete MAC Address 4 l Figure 3 8 22 Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANS defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key you would like to use for this AP Authentication WEP l E EP Eiei Open ORestricted O ry O Select Key KEY 1 KEY 2 O KEY 3 KEY 4 Figure 3 8 23 WPA Personal The method of authentication is similar t
20. 15 PtoP auto v Edge no w Figure 3 8 18 3 8 3 Wireless User can set the wireless related setting here Dual WLAN Device Wireless You can set the wireless releated setting here WIFI athO Setting WIFI ath4 Setting WIFI ath5 Setting WIFI ath6 Setting WIFI ath Setting Figure 3 8 19 3 8 3 1 WIFI athO Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all points in the network It is case sensitive and maximum length is 32 161 Country This setting configures the access point s country code which identifies the country of operation and sets the authorized radio channels Channel Set the operating frequency channe for user s AP Radio Power On MA Wireless Mode 802 11 b g vi SSID A1_APO SSID Hide OOn Of Country North America Area Y Channel 9 v Figure 3 8 20 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beaco
21. Deny vi Deny xi Auth Privacy Access Protocol Y Passphrase Right DES vw unused unused unused unused unused Security Level Type Auth Passphrase AuthPriv AuthPriv AuthPriv AuthPriv AuthPriv lt lt lt lt lt lt lt lt lt DES lt lt lt lt lt a SERMET ETI Figure 3 2 27 3 2 5 2 VACM Setting User can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points e When processing retrieval request messages from the SNMP manager e When processing modification request messages from the SNMP manager e When notification messages must be sent to the SNMP manager The following tokens for VACM access security that user can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options User can use this token to give SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network Community The community name that is used Group 30 Map the
22. Lantech IWP 2000 65 Industrial 802 11 a b g IP65 Redundant Access Point w MESH User s Manual IWP 2000 68 User s Manual Release 1 0 Table of Contents CAURION ki bonte po twe a A a Do eee D e See Die eee De des DIe Zoe l va ie e DRWA Vi ie TAK OUE NON ok e ata W e a a kt n a a ik oy kem n e RE 2 1 1 Overview of IWP 2000 65 tk knn n nn nn nan nannan nannan anana taa an aaaannanannnnnn 2 T 2S PECITICAUION kikote pe wes pie a boo l ee bo ke bu e b k e Dee ka YO but kes DEA oi 3 1 3 Package Contents e ie aks asse ankd anan kana nn nandana adadad koua nan kak kaa A a aNS ka 5 2 TASCAM ALO Ni ke a Guat n a ke n e e e n e Gn teeta pau e ate 6 2 1 Full View of IWP 2000 65 enan annan antann aaansaaansaanssannosannsannnnnnnonn 6 2 2 Full View of POE Injector iii sisie id anks kass anksanns anis asa s anka aaed ank sans annan 7 2 3 Mount Kit for IWP 2000 65 tk tan knn annan anana anan annan ae ranataaananaannannannn 7 2 4 System RequiremENtS kk ene nannan nannan nna anana aaansaanntaanasannosnnnannnnnnnnnnn 8 2 4 1 Inline Power Injector POE sssssssssnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn 8 2 4 2 Preparing Installation kte tk knn knn nn kann n nannan anana anan anana nnaananannnnn 8 3 Operation of Web based Management eeterrtraaernnrartasesnonnnnnnn 10 3 1 Basic COnfIgUrFa C1ON vas si ki ae ta a a e a e a n a a e a anai 10 3 2 AP Bridge Mode v s ke ske k s as es a tass sand kas anka s
23. NoAuthNoPriv v generic generic generic genericusm Y usm W AuthPriv Mi ai Mi lat NM pat MW generic vi any NoAuthNoPriv v all Mi all be all Mi generic v any NoAuthNoPriv Y all v all v all v generic v any NoAuthNoPriv all v all v all v Figure 3 3 37 3 3 5 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID 58 IP Address 8 Port The IP and Port of a device to receive traps Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoPriv AuthPriv Trap Active Disable Enable vl v2c Trap Index Version IP Address Port Community 0 Version 1 12 es lf 21 162 public 1 Disable Mi 2 Disable Yi 3 Disable 4 Disable Ho genericro NoAuthNoPriv w O1 genericro i NoAuthNoPriv 2 genericro J f i NoAuthNoPriv 03 genericro Y j fi
24. Sub Tree the OID value For example 1 3 6 1 2 1 View Name Include Sub Tree 1 mib2 Include 1 3 6 1 2 1 M2 generic include 136 141 5206 o ncu mo Include wi O5 include O6 include all Include o8 Include w 9 include O 10 Include w nn 11 Include O 12 Include w O13 clude vi a j O 14 nclude 15 Include 16 Inc ude v Maloy include Figure 3 9 40 203 Access The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any v1 v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are al
25. Tue Apr 13 00 00 00 UIC 2010 Apr 13 00 00 07 IWP 2000 65 user info Terminated Apr 13 00 00 07 IWP 2000 65 daemon info avahi daemon 2838 Registering new address record for Apr 13 00 00 07 IWP 2000 65 daemon info avahi daemon 2838 New relevant interface ethi IPv4 fo Apr 13 00 00 07 IWP 2000 65 daemon info avahi daemon 2838 Joining mDNS multicast group on int Apr 13 00 00 07 IWP 2000 65 daemon info avahi daemon 2838 Registering new address record for Apr 13 00 00 07 IWP 2000 65 daemon info avahi daemon 2838 New relevant interface eth0 IPv4 fo Apr 13 00 00 07 IWP 2000 65 daemon info avahi daemon 2838 Joining mDNS multicast group on int Apr 13 00 00 07 IWP 2000 65 daemon info avahi daemon 2838 Interface ethO IPv4 no longer relev Y gt Figure 3 9 14 3 9 1 8 System time gt Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is Synchronize with an Internet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute Second Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Time Update for Every User can set time update interval by enter the days hours and minutes 184 Time Setting Select Setting Type Setting by Manual Setting Synchronize with an Internet Time Server Cur
26. atizan n Language Select Language English v Model Select OLSRAP AODV_AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE OVLAN AP O AP_WDS BRG_ AP4 WDS BRG Password Settings Current Password Password B _ 12 Characters Re type Password Idle Time Out 30 1 0999 minutes Remote Management Enable If enabled only the foiowing k PC can Te this AP IP Address WIFI Loading Warning Threshold Threshold is 6 25 Mb sec Figure 3 3 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by LantechView network management system LantechView will monitor the WIFI loading when the loading is over this value LantechView will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 3 1 2
27. ji i i NoAuthNoPriv 4 genericro NoAuthNoPriv Figure 3 5 34 Trap Items Enable Disable which trap items to send Cold Start ODisable Enable Warm Start ODisable Enable Link Up ODisable Enable Link Down ODisable Enable Auth Fail ODisable Enable Log In ODisable Enable Figure 3 5 35 3 5 7 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Command Ping Ping IP Count 3 Disable Enable Figure 3 5 36 3 5 8 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 5 3 108 3 6 VLAN AP Mode To set this device as a VLAN AP Each AP bridge SSID has its own VLAN ID the setting and functions as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System time Reboot V LAN e LAN settings V WIRELESS e WIFI athO Setting WIFI athi Setting WIFI ath2 Setting WIFI ath3 Setting WIFI ath4 Setting WIFI ath5 Setting WIFI ath6 Setting WIFI ath7 Setting V FILTER e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 3 6 1 System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control WIFI
28. 192 168 1 10 login Apr 13 00 00 00 IWP 2000 65 user info web server flash setup sh web server flash setup sh Apr 13 00 00 00 IWP 2000 65 user info date 041300002010 00 Apr 13 00 00 00 IWP 2000 65 user info Tue Apr 13 00 00 00 UTC 2010 Apr 13 00 00 05 IWP 2000 65 user info Terminated Apr 13 00 00 03 IWP 2000 65 user info Killed Apr 13 00 00 03 IWP 2000 65 user info Terminated Apr 13 00 00 00 IWP 2000 65 user info kernel br0 port 1 ethi transitioning to FORWARDING s Apr 13 00 00 00 IWP 2000 65 user info kernel brO port 2 eth0O transitioning to FORWARDING s Apr 13 00 00 00 IWP 2000 65 user info kernel br0 port 3 ath0 transitioning to FORWARDING s Apr 13 00 00 00 IWP 2000 65 user info kernel br0O port 4 ath4 transitioning to FORWARDING s Apr 13 00 00 00 WP 2000 65 user info kernel brO port 1 ethi transitioning to LEARNING sta Apr 13 00 00 00 IWP 2000 65 user info kernel brO port 2 eth0O transitioning to LEARNING sta Apr 13 00 00 00 IWP 2000 65 user info kernel brO port 3 ath0 transitioning to LEARNING sta Apr 13 00 00 00 IWP 2000 65 user info kernel brO port 4 ath4 transitioning to LEARNING sta lt gt Figure 3 8 15 3 8 1 9 System time gt Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is Synchronize with an Internet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute Second
29. AP WIFI 2 Status 65 Status Current Firmware Version TWP 2000 65 v0 1 8 Device Name TWP 2000 65 System Model AP Bridge System Time Wed Nov 3 00 43 52 2010 Power Control Status eth0 PoE Disabled Bridge LAN Pot IP Address 192 168 1 1 MAC Address 00 26 48 00 0e df Mask 255 255 255 0 SAP WILY Status MODE 802 11 a COUNTRY North America Area CHANNEL Auto DTIM 1 FRAG 2346 RTS 2346 SSID A1 APO Security Disabled MODE 802 11 a COUNTRY North America Area Figure 3 4 11 3 4 1 5 Power Control Status In this page user can enable the ethO port to provide PoE power forwarding function 66 Power Control Status PoE Power Control etho port OEnable Disable Figure 3 4 12 3 4 1 6 WIFI Status In this page user can click WIFI Interfaces to see each WIFI information of this device such as Interface information Security information Associated AP Station The Figure 3 4 13 shows the ath3 CB interface is waiting for connecting to an AP WIFI Status PE n e ot WIFI Interfaces ath3 ath4 Interface ath3 Waiting for Connecting End of Status Figure 3 4 13 The Figure 3 4 14 shows that the ath3 CB model has connected to an AP and display the relevant information WIFI Status a T T WIFI Interfaces ath3 ath4 Interface Information IEEE 802 11bg ESSID OW 1000 1 Nickname Mode Managed Frequency 2 417 GHz Access Point 00 40 C7 EF 00 28 Bit Rate 36 Mb s Tx Power 16 dBm Sensitivi
30. IP Pool Starting Ending Address The IP Address range which will be assigned Lease Time How long does the IP address can be leased by DHCP server LAN Setting Network IP Parameters IP Address 192 168 p l Subnet Mask B55 255 kss p DHCP Server ET DHCP Server Parmeters Primary DNS Address 168 195 B Secondary DNS Address A A IP Pool Starting Address IP Pool Ending Address Lease Time Halfhour v Figure 3 10 18 3 10 3 2 AP WLAN Settings User can change the local network settings from LAN Configuration for ath4 interface which include the IP address Subnet mask and DHCP server related settings gt Network IP Parameters User can change the network settings of this interface from LAN configuration it is including IP address Subnet mask Gateway address and enable disable the DHCP server Function gt DHCP Server Parameters Primary DNS Address The domain name servers option specifies a primary Domain Name System servers available to the client Secondary DNS Address In same case user can specifies a secondary Domain Name System servers available to the client IP Pool Starting Ending Address The range of IP addresses which can be assigned to the client Lease Time How long does the IP address can be leased by DHCP server 216 LAN Setting IP Address 192 1168 24 1 Subnet Mask 255 1255 255 0 DHCP
31. Joining mDNS multicast group on int Withdrawing address record for 192 Leaving mDNS multicast group on int Interface ath3 IPv4 no longer relev Registering new address record for New relevant interface ath3 IPv4 fo Joining mDNS multicast group on int Withdrawing address record for 192 16 l v Time Update for Every User can set time update interval by enter the days hours and minutes Time Setting Select Setting Type Setting by Current System Time 5 Manual Setting Synchronize with an Internet Time Server Tue Apr 13 00 19 48 UTC 2010 Manual Setting Year Month Day Hour Minute Second loo 00 o0 Using Internet Time Server Hours from GMT Server IP Server IP for Reference Time Update for Every 3 4 1 9 Reboot 8 Y Hours 140 142 16 34 140 142 16 34 or 129 132 2 21 lo days 0 31 0 hours 0 23 10 minites 0 59 Figure 3 4 17 User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To 68 perform the reboot click on the Reboot button and click on OK on pop up screen to confirm user s decision Reboot Access Point After you change the ya n a n ag eran Jee n aj A in some way stops functioning to confirm your you can perform a Reboot To perform the the Reboot button below You will be asked to decision
32. Local Repaire Enable local repair repair routing table Net Diameter Net diameter it measures the maximum possible number of hops between two nodes in the network Node Travesal Time It is a conservative estimate of the average one hop traversal time for packets and should include queuing delays interrupt processing times and transfer times Active Route Timeout It is the lifetime of an active route The unit is msec Select the mobility of nodes on aodv network Static active_route_timeout will set as 15000 Dynamic active_route_timeout 3000 Manual user can enter the value manually Advance Setting Timeout Buffer Its purpose is to provide a buffer for the timeout so that if the RREP is delayed due to congestion a timeout is less likely to occur while the RREP is still en route back to the source Wait On Reboot Wait on reboot delay then begin to run rec tx packages 3 10 5 Wireless User can set the wireless related setting here Dual WLAN Device Wireless You can set the wireless releated setting here WIFI AP Setting WIFI MESH Setting Figure 3 10 21 3 10 5 1 WIFI AP Setting gt General 218 Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that you want to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identica
33. On v Wireless Mode 802 11 b g v SSID JA1 APO SSID Hide Oon Gof Country North America Area v Channel 9 vl Figure 3 4 28 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the cl
34. This table displays the topology information that mesh system has gathered from LQ TC messages It states which nodes in the network report links to which other nodes and what quality does these links have This table has the following columns Destination IP The node to which the source node reports the link LQ link quality The quality of the link as determined by the source node For the source node this is the Link Quality For the destination node this is the Neighbor Link Quality ILQ inverse link quality The quality of the link as determined by the destination node For the source node this is the Neighbor Link Quality For the destination node this is the Link Quality ETX The ETX value for this link calculated by ETX 1 ILQ x Dual WLAN Device Te Local IP Remote IP linkQuality lost total NLQ ETX 192 168 2 4 192 168 2 3 1 25 0 10 0 00 0 00 192 168 2 4 192 168 2 5 125 0 10 0 67 1 20 Local IP SYM MPR MPRS Willingness 2 Hop Neighbors 192 168 2 3 YES YES YES 7 192 168 2 5 192 168 2 5 YES YES YES 7 192 168 2 3 Destination IP Last Hop IP LQ ILQ EXT 192 168 2 4 192 168 2 3 0 24 0 00 0 00 192 168 2 4 0 24 0 83 495 192 168 2 3 192 168 2 5 0 24 0 24 16 92 192 168 24 0 24 0 83 495 Figure 3 9 25 3 9 5 Wireless User can set the wireless related setting here 192 Dual WLAN Device Wireless You can set the wireless releated setting here WIFI AP Setting WIFI MESH Setting Figure 3 9 26 3 9 5 1 WIFI AP S
35. enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 6 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 2 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings 112 Configuration Backup Restore Server Type Select OTFIP FTP TFTP or FTP Server IP LI L Firmware Filename in server configs tar FTP Username FTP Password l Backup To Server Restore From Server Figure 3 6 4 gt Restore Factory Default Configuration To reset configuration settings to the factory default values just click on lt NEXT gt button beside Restore Factory Default Configuration Restore Factory Default Configuration er Figure 3 6 5 Then click on lt Restore gt button on next page now the system will reset to factory default value Restore Factory Default Figure 3 6 6 gt Local Backup Settings Restore settings To backup or restore the configuration for this device Click on NEXT button beside Local
36. example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address Time Update for Every User can set time update interval by enter the days hours and minutes Time Setting Manual Setti Setting by O ea an Internet Time Server Current System Time Wed Nov 3 02 27 13 2010 Manual Setting Year Month Day 2010 11 3 vear 1970 2037 Hour Minute Second joo joo oo Hours from GMT 8 Hours Server IP 0121634 Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every o0 _ days o 31 0 hours 0 23 10 minites 0 59 Figure 3 3 18 3 3 1 10 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the lt Reboot gt button and click on lt OK gt on pop up screen to confirm user s decision Reboot Access Point After you change the setting or in the event that the Access Point stops responding correctly or in some way stops functioning you can perform a Reboot To perform the Reboot click on the Reboot button below You will be asked to confirm your ge NOTE Some of the ANTI VIRUS shield programes may block the following WEB page Please wait for a while then reconnect this device Figure 3 3 19 3 3 2 LAN Configuration Interface brO Setting IP Authentication Indica
37. 1 2346 Tx Power Auto Rate 54 Y Mbits v Fixed Layer 2 Isolation Disable Enable Key 1 eeeee WEP Key Setting Key 2 eeeee Key 3 eeeee Key 4 eooo Figure 3 9 34 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are two options for authentication Disable WEP WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to 198 authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key you would like to use for this AP SSID Security Mode Authentication WEP WER Encryption GOpen ORestricted Select Key KEYA O KEY 2 O KEY 3 KEY 4 Figure 3 9 35 3 9 6 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 9 6 1 IP Filtering User can block certain client PCs from accessing this AP based on
38. 1 255 x32ms ACM OEnable Disable Cwmin 7 w CWMax 15_ AIFS 1 1 255 STA Tx Voice Saye TXOP 94 1 255 x32ms ACM CEnable Disable Figure 3 9 32 3 9 5 2 WIFI MESH Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that you want to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the operand iae ats Sua for this device Radio Power On Wireless Mode 802 11 b g SSID A1 APO SSID Hide Don of Country Asia Pacific Sa Channel 19 Si Figure 3 9 33 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon 197 interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic
39. 10 100 1000 Ethernet port and web browser e g Internet Explore or Firefox 2 RJ 45 Ethernet cable connected to the Ethernet network 3 An AC power outlet 100 240V 50 60Hz supplies the power 2 4 1 Inline Power Injector PoE The IWP 2000 65 is equipped with an Inline Power Injector module The Inline Power Injector PoE delivers both data and power to IWP 2000 65 via Ethernet cable and gives the following benefits to improve the performance vs installation cost ratio This works great in areas where you may not have power like house roof gt This also allows you to place the IWP 2000 65 unit closer to the antenna to make installation easier more thus reducing signal loss over antenna cabling Ethernet signal travels well over CAT 5 cable but 2 4GHz 5GHZ signal doesn t do as well over antenna cabling Ethernet cabling is much cheaper than Antenna cabling 2 4 2 Preparing Installation Before installing IWP 2000 65 for outdoor application or hard to reach location we recommend configure and test all the devices first For configuring the IWP 2000 65 please follow the quick steps below to power up the IWP 2000 65 Refer to Figure 2 2 for steps 1 through 4 Figure 2 2 Step1 Connect the DC plug of the AC DC power adapter into the DC Input Port of Inline Power Injector and the AC plug into a power outlet The Green LED on the Inline Power Injector will light up Step2 Connect the cross over Ethernet cable
40. 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP v WEP Encryption GOpen ORestricted g Select Key KEY 1 KEY 2 O KEY 3 KEY 4 Figure 3 10 24 220 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPA2 is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal WPA MODE WPA amp WP
41. 2 1 View Name Include Sub Tree 1 mib2 include 1 3 6 1 2 1 2 generic Include 1 3 6 1 4 1 5205 a menn naue S O4 Include FIS include O6 Include w lg Include w o8 Include w 9 include v oO 10 include v n include E a 12 nclude 13 include 14 include 015 Include D 16 include 17 include Figure 3 4 38 84 Access The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any vi v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table Security Model Se
42. 3 3 7 Click on lt Backup Settings gt button on next page to save the settings of this device to a file named configs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process Backup Settings Backup Settings Restore Settings Figure 3 3 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on NEXT button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 3 9 Enter the necessary setting in next page then click on Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFTP OFTP TFTP or FTP Server IP L L L Firmware Filename in server configs tar FTP Username FTP Password Backup To Sener Figure 3 3 10 3 3 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control Bridge LAN port Station WIFI 1 Status AP WIFI 2 Status 39 Status Current Firmware Version TWP 2000 65 v0 1 8 Device Name TWP 2000 65 System Model AP CB Bridge System Time Wed Nov 3 01 53 45 2010 m IP Address 192 168 1 1 MAC Address 00
43. 3 6 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 6 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of firmware 111 Firmware Update Current Firmware information Version IWP 2000 65 v0 1 4 Date 2010 04 13 Using TFTP vex J Using WEB Using FTP Figure 3 6 3 Using TFTP On any computer in the network or a compute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page
44. 4 2 WAN Configuration ssssssssssuu 2s ssu2uuuusss2nnuuunnnnnnnnnnnnnn 69 3 4 3 LAN Configuration ssssssssss1uuuu2 22ss2s2uuuuuuunnnnnnnnnnnnnnnnnnnnn 70 3 4 4 Wirel sS ewo vii de ede ko tele pa ok n ke a fon ka a ob n ra tk a n m e a a kt 71 3 4 5 FICEFINO ie ie kase saaa new seceded E a ai kaa a AN 79 3 4 6 SNMP sisi iis ii siren k na sake sona g kn pie pake KA eA kn ka unninn A K ke k k R N a A 81 Bid TOONS k k ian k k trike at n ata nana kat ANE 86 3 4 8 LOU OUE i erie iei fake nainn aaraa e AN Ae SR ANN ADAN tNS EAR ASSAD ENA d 86 3 5 CB CB ROUt MOUE wiii beke oo t aka koka ka ko k die kose so ae 87 3 51 SYS O Mika ak kaa ka aa kaa ae e ka we ka ka k a A a DA RD A A RA 88 3 5 2 WAN Configuration tk kk nn nna nan nn nan nannan annan annan anana nn nanannnnannnnnn 95 3 5 3 LAN Configuration sssssssssssuuuuu252222200ununnnunnnnnnnnnnnnnnnnnnnnnnnnnn 97 Seaway Wireless oeaan aani ana a aA AAA NEA aa Si 98 cHe a E ren ki kita re errr cre errr oi E T 101 25040 SIN MP iv teaava boo dove a dieo do de kw aw too de ka aie dw 103 3 9 Z TOOIS ret aie ed aaa a a e fa n aa a e n a a a n a a ka a a a a a A aa a ka a e a a a a a e 108 3 5 8 LOG OU kika kd ank ea d s akte t Get ke YA ee n ke DESA E ken taka E A STD EE kte da KA kd n Ske 108 VLAN AP MOUE keiiikwi eke ase aie tk a e a a e a e e n a a e n ak m T 109 3 6 1 System catcscacindsacssatecatusecasasusensaacecanscaaeastese ecar
45. 9 28 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key you would like to use for this AP 194 SSID Security Mode Authentication WEP E WEP Encryption Open ORestricted O Select Key KEY 1 Q KEY 2 O KEY 3 KEY 4 Figure 3 9 29 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPA2 is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 charact
46. AP WDS BRG To set this device as a WDS device with AP function AP4 WDS BRG To set this device as WDS device with AP function and support up to 4 SSID Administrator Settings Device Name Name IWP 2000 65 Cog AZ az on n Language English ix OLSR_AP AODV_AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP AP_WDS_BRG AP4 WDS BRG Password Settings Current Password Password 4 3 12 Characters Re type Password idle Time Out 30 1 999 minutes Remote Management Enable Ifenabled only the following PC can manage this AP IP Address A W E 6 WIFI Loading Warning Threshold Threshold 15 5 25 Mb sec Figure 3 4 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold 62 The threshold value is used by LantechView network management system LantechView will monitor the WIFI loading when the loading is
47. Authenticatoin Server 192 k 168 L 1 180 1812 Shared Secret secret Backup Radius Server Optional AuthenticatoinServer L Shared Secret Figure 3 6 23 Qos WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters CWmin Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmin must be lower than the value for CWmax CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and
48. Backup settings Restore settings Local Backup Settings Restore settings r Figure 3 6 7 Click on lt Backup Settings gt button on next page to save the settings of this device to a file named configs tar on user s PC To restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process 113 Backup Settings Backup Settings Restore Settings Figure 3 6 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on NEXT button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 6 9 Enter the necessary setting in next page then click on Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFIP FTP TFTP or FTP Server IP LI LI LI Firmware Filename in server configs tar FTP Username FTP Password Figure 3 6 10 3 6 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control LAN Port of eth1 AP WIFI 1 Status AP WIFI 2 Status 114 Status Current Firmware Version IWP 2000 65 v0 1 8 Device Name IWP 2000 65 System Model VLAN AP System Time Wed N
49. Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time w
50. BiG 0 TOONS inei inaina ae tate aaa ane ai ka kaa ON 176 3 8 7 LOU OUE iii ini fake k aa rit k eke SSR aa SAN aaa GEN Ran EN RA Ne SEN RAS SER ESE 176 3 9 OLSE AP MOOG wii bio koyo on soi ke ke ta pi kek pa kaa da a doi pe 177 3 9 1 SY SEE MN kw kk ki m a m ak n a e e ok a A a a a A RE pa 178 3 9 2 WAN Configuration L kk tann nn nn nn annan annan anana anana nana nsannnnaannannnnn 185 3 9 3 LAN Configuration sssssssss ss s2uuuuuuuuuu2222200unnnnnnnnn 187 3 94 MESH FOR EE EE aaaea Eaa OEA EE 188 3 9 5 WIFSIESS 355 8zoan voi wes swa bat kool ke sti ba kaa pei kode be e ie a vas dede et 192 3 9 6 PUterinG kek ket kana ian saaa aaa a a a E YN A a kI sds 199 3 9 7 SNMP asi vis coan sedans es du koke evan ek e kk ao kk On kk kk kd kn M a a 200 Outs TOONS E E E E 205 3 9 9 LOG OU annaa aaa now ai Aai AA A Ati KAS ANSE RAD EN 205 Q AODNV AP MOUE see oi krek yok ba ke be kwa bon kw boo kou bas konen bon aa pet 206 33 10 51 SYStOM kin ai kk ak n a A D 206 3 10 2 WAN ConfiqguraC O fk e ie kasas seki stan kanson annan asasina nt kanni as aaa nen 214 3 10 3 LAN Configuration sssssssssssuuuus25 2222uunnuuuunnnnnnnnnnnnnnnnnnn 216 Bs LO MESH E TE T E yin E A T ET 217 3 10 5 Wireless susccsciisscccsansasacsapessudcspaoraceusaesuscuneanucaneosueeanasaadounes 218 3 10 6 Fitri kak koi aakk aaa saaa ason kai anka aka kana nana aaa AS NA a aYN aaa ko ka NA NAN 225 3 10 7 SNMP ive koke sink ii pd je a a e ok a m n kk A pk e m
51. Burst 0 0 AP Tx Background CWmin 15 v CWMax 1023 v AIFS 7 1 255 Burst 00 AP Tx Video CwWmin 7 y CWMax 7 v AIFS 1 1 255 Burst 1 5 AP Tx Voice CWmin 7 y CWMax 15 v AIFS 1 1 255 Burst 3 0 CWmin 7 w CWMax 1023 v AIFS 2 1 255 STA Tx Best Effort ka s s j TXOP 64 1 255 x32ms ACM OEnable Disable CWmin 15 CWMax 1023 v AIFS 7 1 255 STA Tx Background p a ti TXOP 1 1 255 x32ms ACM OEnable Disable i CwWmin 7 v CWMax 7 v AIFS 1 1 255 STA Tx Video P ar i TXOP 47 1 255 x32ms ACM OEnable Disable ji CWmin 7 y CWMax 15 v AIFS 1 1 255 STA Tx Voice a a TXOP 94 1 255 x32ms ACM OEnable Disable Figure 3 8 26 3 8 3 2 WIFI ath4 ath7 Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the koni n map for this device Radio Power On A Wireless Mode 8
52. FTP Figure 3 8 3 Using TFTP On any computer in the network or a compute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 8 1 3 Configuration Tools By selecting the item
53. It is used in the designated port and root port selection algorithms Pto P If a bridge port is operating in full duplex mode than the port is functioning as point to point The available options are auto true or false By default it is set to auto Edge If a port is operating in half duplex mode and is not connected to any further bridges participating in STP or RSTP then the port is an edge port The available options are yes or no By default it is set to no LAN Setting IP Authentication Static ODHCP Network IP Parameters IP Address 192 168 1 1 Subnet Mask 255 1255 255 0 Gateway Address 192 168 1 1254 STP RSTP Disable w Bridge Priority 15 STP 0 65535 RSTP 0 15 Hello Time 2 1 10 second Forwarding Delay 15 4 30 second Max Age 20 6 40 second Cost 18 0 2 10 8 Priority 1 STP 0 255 RSTP 0 15 Port eth0 7 m K PtoP auto v Edge no vw ho o r jority 1 0 a Port eth1 Cost 0 2 10 8 Priority STP 0 255 RSTP 0 15 PtoP auto w Edge no vi Cost 2000000 0 2 10 8 Priority 10 STP 0 255 RSTP 0 15 Port wdsj0 s jority PtoP auto v Edge no w 2100000 0 2 10 jority 11 O o Port wdsj1 Cost 21 0 2 10 8 Priority STP 0 255 RSTP 0 15 PtoP auto w Edge no vw 2200000 2 10 jority 12 0 0 Port wdsj2 Cost 0 2 10 8 Priority STP 0 255 RSTP 0 15 PtoP auto v Edge no vi 2300000 0 2 10 jority 13 0 0 Port wdsj3 Cost 0 2 10 8 _Prio
54. LAN Setting IP Authentication Static ODHCP IP Address 192 188 a fi Subnet Mask 255 255 255 0 Gateway Address 192 168 1 254 STP RSTP Disable w Bridge Priority 15 STP 0 65535 RSTP 0 15 Hello Time 2 1 10 second Forwarding Delay 15 4 30 second Max Age 20 6 40 second Cost 18 0 2 10 8 Priority 1 STP 0 255 RSTP 0 15 Port eth0 PtoP auto v Edge no w 19 2 iority 1 Port etht Cost 0 2 10 8 Priority STP 0 255 RSTP 0 15 PtoP auto v Edge no vw kw Cost 2000000 0 2 1048 Priority 10 STP 0 255 RSTP 0 15 l p PtoP auto v Edge no w Port wdsj1 Cost 2100000 0 2 10 8 Priority 11 STP 0 255 RSTP 0 15 a PtoP auto vw Edge no l Cost 2200000 0 2 10 8 Priority 12___ STP 0 255 RSTP 0 15 Port wdsj2 m a PtoP auto v Edge no w Port wdsj3 Cost 2300000 0 2 10 8 Priority 13 STP 0 255 RSTP 0 15 PtoP auto v Edge no v Port ath4 Cost 2400000 0 2 1048 Priority 6 STP 0 255 RSTP 0 15 PtoP auto v Edge no v Cost 2500000 0 2 10 8 Priority 7 STP 0 255 RSTP 0 15 Port ath5 PtoP auto v Edge no v Port ath6 Cost 2600000 0 2 10 8 Priority 8 STP 0 255 RSTP 0 15 PtoP auto Edge no Port ath7 Cost 2700000 _ 0 2 1048 Priority 9 STP 0 255 RSTP 0
55. NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account and assign access rights by VACM 146 SNMP Basic Settings SNMP Agent Enable System Information Contact IContact me Location Lam_here V1NV2C Index Access Right Community 1 2 3 4 5 Deny vi Deny 4 Deny vi Deny vi Deny xi Auth Privacy Access Protocol Y Passphrase Right DES vw unused unused unused unused unused Security Level Type Auth Passphrase AuthPriv AuthPriv AuthPriv AuthPriv AuthPriv lt lt lt lt lt lt lt lt lt
56. Rx invalid crypt 0 Rx invalid frag 0 Tx excessive 4 Invalid misc 0 Missed beacon 0 retries 0 4 formati Security Mode Disable No wifi Associated Figure 3 7 14 3 7 1 8 Log In this page user could see the system logs record of this device ogs System Logs A Apr 13 00 02 01 WP 2000 65 cron notice crond 2844 USER root pid 3462 cmd web server www htm Apr 13 00 00 48 IWP 2000 65 auth notice root 192 168 1 10 login Apr 13 00 00 00 WP 2000 65 user info web server flash setup sh web server flash setup sh Apr 13 00 00 00 IWP 2000 65 user info date 041300002010 00 Apr 13 00 00 00 WP 2000 65 user info Tue Apr 13 00 00 00 UIC 2010 Apr 13 00 00 05 WP 2000 65 user info Terminated Apr 13 00 00 03 WP 2000 65 user info Killed Apr 13 00 00 03 WP 2000 65 user info Terminated Apr 13 00 00 00 WP 2000 65 user info kernel br0 port 1 ethi transitioning to FORWARDING s Apr 13 00 00 00 WP 2000 65 user info kernel brO port 2 eth0 transitioning to FORWARDING s Apr 13 00 00 00 WP 2000 65 user info kernel brO port 3 ath0 transitioning to FORWARDING s Apr 13 00 00 00 WP 2000 65 user info kernel br0 port 4 ath4 transitioning to FORWARDING s Apr 13 00 00 00 WP 2000 65 user info kernel brO port 1 ethi transitioning to LEARNING sta Apr 13 00 00 00 WP 2000 65 user info kernel brO port 2 eth0O transitioning to LEARNING sta Apr 13 00 00 00 WP 2000 65 user info kernel br0 port 3 ath
57. Server vi Primary DNS Address 168 195 4 AH Secondary DNS Address IP Pool Starting Address a A 100 IP Pool Ending Address ke 5 200 Lease Time Half hour Figure 3 10 19 3 10 3 3 MESH WLAN Settings User can configure the IP address for MESH ath0O interface in here The IP address for MESH athO must be in the same subnet with other MESH device s athO interface and must be in different subnet with WAN AP WLAN IP address Network IP Parameters IP Address The IP address of the AP on the MESH network Subnet Mask The subnet mask of the IP address LAN Setting IP Address 192 1168 2 1 Subnet Mask 255 255 255 o Figure 3 10 20 3 10 4 MESH This page will show the mesh information The option available here is AODV ADMIN 3 10 4 1 AODV ADMIN This page allows user to set AODV Admin settings gt AODV Parameters Setting 217 Active Internet It will provide interfaces to provide internet When set on the ethi will be the interface to internet The default gateway is set within WAN setting page When set off the default gateway will set on the AODV interface athoO RREQ Gratuitous Force the gratuitous flag to be set on all RREQ s Active Hellos Send HELLOs or not when forwarding data Unidir Hack Detect and avoid unidirectional links Hello Interval The time interval of sending HELLO packet Expanding Ring Rearch Expanding ring search for RREQs On or Off
58. Settings Restore settings Ler Remote Backup Settings Restore settings Ler Figure 3 2 4 gt Restore Factory Default Configuration To reset configuration settings to the factory default values just click on lt NEXT gt button beside Restore Factory Default Configuration Restore Factory Default Configuration NEXT Figure 3 2 5 Then click on Restore button on next page now the system will reset to factory default value Restore Factory Default Figure 3 2 6 Local Backup Settings Restore settings To backup or restore the configuration for this device click on NEXT button beside Local Backup settings Restore settings Local Backup Settings Restore settings NET J Figure 3 2 7 Click on lt Backup Settings gt button on next page to save the settings of this device to a file named configs tar on user s PC To restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process Backup Settings Backup Settings Restore Settings Figure 3 2 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on NEXT button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 2 9 Enter the necessary setting in next page then cl
59. Simplified Chinese and Traditional Chinese Model Select OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To set this device as a router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID AP_WDS_BRG To set this device as a WDS device with AP function AP4_WDS_BRG To set this device as WDS device with AP function and support up to 4 SSID Administrator Settings Device Name Name IWP 2000 65 0 9 A Z a z ont n Language English v OLSR_AP AODV AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE OVLAN AP O AP_WDS_BRG AP4 WDS BRG Password Settings Current Password l Password li 3 12 Characters Re type Password lale Time Out 30 1 999 minutes Enable C Ifenabled only the following PC can manage this AP IP Address E Threshold 15 6 25 Mb sec Figure 3 2 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before
60. Status Current Firmware Version TWP 2000 65 v0 1 8 Device Name TWP 2000 65 System Model CB CB ROUTE System Time Wed Nov 3 00 13 14 2010 eth0 PoE Disabled IP Address 192 168 23 1 MAC Address 00 26 48 00 0e df Mask 255 255 255 0 Gateway NA DHCP Disabled IP Address 192 168 0 1 MAC Address 00 40 c 00 00 33 Mask 255 255 255 0 IP Address 192 168 1 1 MAC Address 00 40 cf 00 00 22 Mask 255 255 255 0 DHCP Disabled Staton WIFIA Status MODE 802 11 a COUNTRY North America Area Radio Off IP Address 192 168 23 1 MAC Address 00 26 48 00 0e df Mask 255 255 255 0 DHCP Disabled SSID A1 AP3 Security Disabled Station WIFI 2 Stats MODE 802 11 a COUNTRY North_America_Area DTIM 1 FRAG 2346 RTS 2346 BEACON 100 DISTANCE 100 Radio off Radio off Radio off IP Address 192 168 27 1 MAC Address 00 40 c7 fb 00 8 Mask 255 255 255 0 DHCP Disabled SSID A2 AP7 Security Disabled Figure 3 5 1 93 3 5 1 5 Power Control Status In this page user can enable the ethO port to provide PoE power forwarding function Power Control Status PoE Power Control etho port OEnable Disable Figure 3 5 12 3 5 1 6 WIFI Status In this page user can click WIFI Interfaces to see each WIFI information of this device such as Interface information Security information Associated AP Station The Figure 3 5 13 shows the ath3 ath7 CB interface is waiting for connecting to an AP WIFI Status WIFI Interfac
61. System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System time and Reboot screen as shown in Figure 3 5 1 Dual WLAN Device System Setting This page includes all the basic configuration tools for the Access Paint The options are in the menu screen to the left Figure 3 5 1 3 5 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 5 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a w z A w Z _ or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese Model OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To set this device as a router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB 88 functions VLAN AP To set this device a
62. Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory 165 QoS Setting On AP WMM Enable O Disable MAX Associated Station 32 1 2007 AP Tx Best Effort CWmin 2047 CWMax 4095 v AIFS 2 1 255
63. WAN Settings This function is to establish a connection with user s WAN network and also assign the IP to the host behind this AP gt Network IP Parameters User can change the network settings of this interface from WAN configuration it is including IP address Subnet mask Gateway address and enable disable the DHCP server Function gt DHCP Server Parameters Primary Secondary DNS Address The domain name servers option specifies a list of Domain Name System name servers available to the client IP Pool Starting Ending Address The IP Address range which will be assigned Lease Time How long does the IP address can be leased by DHCP server 214 WAN Setting Network IP Parameters IP Address 192 vi D D Subnet Mask 255 255 0 Gateway Address a hes st 254 DHCP Server Enable DHCP Server Parmeters Primary DNS Address 168 95 D LE Secondary DNS Address al IP Pool Starting Address is 168 3 100 IP Pool Ending Address A 1 200 Lease Time Halfhour Figure 3 10 16 3 10 2 2 Bandwidth Management This function allows user to set the limitation of total upload download bandwidth on WAN interface and also can set the limitation of upload download bandwidth for each user or a group of users by IP address gt Bandwidth Management Bandwidth Management Enable bandwidth limitation function Upload Bandwidth The total upload bandwidth in Mbps Download Bandwidth The total
64. and assign access rights by VACM 124 SNMP Basic Settings SNMP Agent Enable System Information Contact IContact me Location I am_here V1NV2C Index Access Right Community 1 Deny vi Deny Deny Deny 2 3 4 5 Deny Auth Type Privacy Access Protocol Y Passphrase Right DES v unused unused unused unused unused Security Level Auth Passphrase AuthPriv AuthPriv AuthPriv AuthPriv AuthPriv S I isi s s w a SNS SNS oO m a lt lt lt lt Figure 3 6 26 3 6 5 2 VACM Setting User can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that user can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options User can use this token to give SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communitie
65. any data get or make any change set Multiple SNMP managers may be organized in a specified community v3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account and assign access rights by VACM 104 SNMP Basic Settings SNMP Agent Enable System Information Contact IContact me Location Lam_here V1NV2C IndexAccess Right Community 1 2 3 4 5
66. basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System Time and Reboot screen as shown in Figure 3 4 1 Dual WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 4 1 3 4 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 4 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a w z A w Z _ or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese Model OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function 61 AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To set this device as a router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID
67. can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options User can use this token to give SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network Community The community name that is used Group 173 Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is v1 or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings 1 Community to Security for V1 V2c Index Security Name IP Source Community K n A UNa mypriv 127 0 0 1 public Group Name Security Model Security Name a 1 generic vi B mypriv v M2 genericusm di usm generic v 3 j Mi mypriv x O4 vw mypri
68. checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network Community The community name that is used Group 202 Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is v1 or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings 1 Community to Security for V1IIV2c Security Name Source Community Wi mypriv 127 0 0 1 public sd rie m J o3 Da O5 L Group Name Security Model Mi generic My mypriv xj 2o DO oo i x a O ou mai 3 O4 i i jw mypriv Ki FIS woo mypriv vi Figure 3 9 39 View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset View Name The name of view Include Assign include or exclude in this record for certain subtree
69. control traffic for their neighbors This option specifies a fixed willingness value to be announced by the local node 4 is a neutral option here while O specifies that this node will never act as a relay and 7 specifies that this node will always act as such a relay If this option is not set in the configuration file then mesh system will try to retrieve information about the system power and dynamically update willingness according to this info The 189 default value is 7 Fisheye Enable Disable To increase stability in a mesh TC messages should be sent quite frequently However the network would then suffer from the resulting overhead The idea is to frequently send TC messages to adjacent nodes i e nodes that are likely to be involved in routing loops without flooding the whole mesh with each sent TC message The default value is Enable Enable local HNA entry HNA entry Enable Disable Hosts in an OLSR routed network can announce connectivity to external networks using HNA messages This function is used to set the IPv4 networks to be announced by this host Security The function uses this shared secret key for signature generation and verification Security Enable Disable To enable or disable the security function Security Key 0123456789abcdef For nodes to participate in the OLSR routing domain they need to use the key used by the other nodes The key is 128 bits MESH Admin Setting The MESH is Enab
70. device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie O 9 a f User can set maximum 4 keys but only one key will functional at one time Advanced Setting Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto v Rate 54 Y Mbits V Fixed Layer 2 Isolation Disable Enable Key 1 00000 WEP Ke
71. download bandwidth in Mbps gt Bandwidth Limitation Action To set the action type of bandwidth limitation The options available here are disable upload download and upload download Start IP Address To set the start IP of bandwidth limitation End IP Address To set the end IP of bandwidth limitation Bandwidth Limitation To set the bandwidth in Kbps of bandwidth limitation User can press lt Add gt button to add IP address to the Bandwidth Limitation list User can tick the check box and press lt Del gt button to delete the IP address from the Bandwidth Limitation list Bandwidth Management Bandwidth Management Bandwidth Management O Enable 9 Disable Upload Bandwidth 54 Mbps Download Bandwidth 54 Mbps Action Start IP Address End IP Address Bandwidth Limitation Kbps 1 C Up Download 2 168 1 2 8 1 001 Action Start IP Address End IP Address Bandwidth Limitation Kbps Up Download 0 0 0 0 0 0 0 0 200 Figure 3 10 17 215 3 10 3 LAN Configuration 3 10 3 1 EthO Settings Network IP Parameters User can change the network settings of this interface from LAN configuration it is including IP address Subnet mask and enable disable the DHCP server Function DHCP Server Parameters Primary Secondary DNS Address The domain name servers option specifies a list of Domain Name System name servers available to the client
72. enter the Year Month Day and Hour Minute Second Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Time Update for Every User can set time update interval by enter the days hours and minutes 213 Time Setting Select Setting Type Setting by Manual Setting Synchronize with an Internet Time Server Current System Time Tue Apr 13 00 44 23 UTC 2010 Manual Setting Year Month Day 2010 pla 13 vi Year1900 2037 Hour Minute Second joo fo joo Hours from GMT 8 Y Hours Server IP 140 142 16 34 Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every 0 days 0 31 0 hours Q 23 10 minites 0 59 Figure 3 10 15 3 10 1 9 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the lt Reboot gt button and click on lt OK gt on pop up screen to confirm user s decision Reboot Access Point After you change the setting or in the event that the Access Point stops responding correctly or in some way stops functioning you can param a Reboot To perom th Reboot chk on tne Rebo buton below You wil Be asked com you Figure 3 10 15 3 10 2 WAN Configuration 3 10 2 1
73. for user to configure the Access Point ethO For connecting and provide power to other device such as IPCAM By default it is disabled Please note the voltage supply by ethO is 48V and maximum output power watt is the outcome of AP s power usage deduct from total input power For example with standard power adaptor the total input power is 48V x 0 375A 18W The AP use about 6W when it s full load Therefore the maximum power that ethO can support is about 12W N type antenna connector for connecting N type antennas Antenna 1 Antenna 2 ath0 3 ath4 7 2 2 Full View of POE Injector Interface on the Inline Power Injector PC SW Data Input Port Bi for connecting cross over Ethernet Cable to PC or straight Ethernet cable to Hub Switch or Router DC Input Port 4 power adapter 48V 0 375A DC input AP CB Power amp Data Output Port 5 for connecting an Ethernet Cable to the AP Grounding Port 6 for connecting grounding wire POE m ba picture2 Power and Data Interface location on the PoE denoted by numbers 3 6 2 3 Mount Kit for IWP 2000 65 The IWP 2000 65 can be mounted on a pole user can use the Pole Mount kit to mount the IWP 2000 65 as shown in Figure 2 1 4 Aa A 48864 l t Figure 2 1 2 4 System Requirements Installation of the IWP 2000 65 Outdoor Wireless unit requires the following 1 A PC with
74. from PC SW Port to the Ethernet port on a PC Step3 Connect another Ethernet cable to the ethi on IWP 2000 65 Hand tightens the water proof strain relief after you connect the connector Step4 Connect the remaining end of the CAT 5 cable into the labeled AP CB port on PoE injector This is the power side of the PoE that will power up the IWP 2000 65 When the IWP 2000 65 receives power over the Ethernet cable the IWP 2000 65 will start its boot up sequence User can configure the IWP 2000 65 via HTML browser such as Microsoft Internet Explorer or Fire Fox from a remote host or PC 3 Operation of Web based Management 3 1 Basic Configuration This chapter instructs user how to configure and manage the IWP 2000 65 through the web user interface The default values of the AP are listed in the table below IP Address 192 168 1 1 Subnet Mask 255 255 255 0 Gateway Address 192 168 1 254 Username admin Password admin Table 3 1 Open your web browser and enter the default IP http 192 168 1 1 in the address bar it will show the following screen see Fig 3 1 and ask user enter the username and password The default username and password are both admin For the first time to use please enter the default username and password then click the lt LOGIN gt button The login process now is completed To optimize the display effect we recommend user use Microsoft IE 7 or above FireFox 3 o
75. group table IP source Describes a host or network Community The community name that is used Group 83 Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is v1 or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings 1 Community to Security for V1 V2c Index Security Name IP Source Community K n A UNa mypriv 127 0 0 1 public Group Name Security Model Security Name a 1 generic vi B mypriv v M2 genericusm di usm generic v 3 j v mypriv O4 vw mypriv vi 5 Moun mypriv xi Figure 3 4 37 gt View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset Include Assign include or exclude in this record for certain subtree Sub Tree the OID value For example 1 3 6 1
76. of Configuration Tools under System the screen will show in Figure 3 8 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings 154 Configuration Tools Restore Factory Default Configuration Cer Local Backup Settings Restore settings per Remote Backup Settings Restore settings Ler Figure 3 8 4 gt Restore Factory Default Configuration To reset configuration settings to the factory default values just click on lt NEXT gt button beside Restore Factory Default Configuration Restore Factory Default Configuration er Figure 3 8 5 Then click on lt Restore gt button on next page now the system will reset to factory default value Restore Factory Default Figure 3 8 6 gt Local Backup Settings Restore settings To backup or restore the configuration for this device Click on lt NEXT gt button beside Local Backup settings Restore settings Local Backup Settings Restore settings er Figure 3 8 7 Click on lt Backup Settings gt button on next page to save the settings of this device to a file named configs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process 155 Backup Settings Backup Settings Restore Settings
77. off Encryption key off Power Management off Link Quality 69 70 Signal level 24 dBm Noise level 93 dBm Rx invalid nwid 26463 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security information SE ko se ee ee Security Mode Disable Associated AP Station MAC Address 00 40 C7 EF 00 28 Figure 3 3 15 The Figure 3 3 16 shows ath4 AP model information a S E w WIFI Interfaces ath3 ath4 Interface Information IEEE 802 11bg ESSID A2 AP4 Nickname Mode Master Frequency 2 412 GHz Access Point 00 26 48 00 0E C2 Bit Rate 0 kb s Tx Power 17 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 0 70 Signal level 96 dBm Noise level 96 dBm Rx invalid nwid 2229 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Information Security Mode Disable Associated AP Statioi End of Status Figure 3 3 16 3 3 1 8 Log In this page user could see the system logs record of this device Logs System Logs Apr 13 00 07 07 WP 2000 65 user info kernel br0 port Apr 13 00 07 05 WP 2000 65 user info kernel br0 port Apr 13 00 07 05 WP 2000 65 user info kernel br0 port Apr 13 00 07 04 WP 2000 65 user info kernel br0 port Apr 13 00 07 04 WP 2000 65 user info kernel br0 port Apr 13 00 07 04 WP 2000 65 user info kernel br0 po
78. off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to 63 commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 4 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 4 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings Configuration Tools Restore Factory Default Configuration Local Backup Settings Restore settings BEE Remote Backup Settings Restore settings Figure 3 4 4 Restore Factory Default Configuration To reset configuration settings to the factory default values just click on lt NEXT gt button beside Restore Factory Default Configuration Restore Factory Default Configuration NEXT J Figure 3 4 5 Then click on lt Restore gt button on next page now the system will reset to factory default value Restore Factory Default Figure 3 4 6 Local Backup Settings Restore s
79. page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 3 1 3 3 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 3 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a w z A w Z _ or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese Model Select OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To set this device as a router device with AP and CB functions CB CB ROUTE To set this device asa router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID AP WDS BRG To set this device as a WDS device with AP function AP4 WDS BRG To set this device as WDS device with AP function and support up to 4 SSID 35 Administrator Settings Device Name Name 1WP 2000 65 0 9 A Z
80. password If user don t have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community v3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account and assign access rights by VACM 227 SNMP Basic Settings SNMP Agent Enable System Information Contact IContact me Loc
81. pp A 226 3 10 8 TOONS Lier ear kone ee oke 231 3 10 9 LOU OUE si ccssccscrcsecusenacacosaucaaceassusacuassaeccustansaceasuaeccnseuntacuaeaws 231 Revision History Release Date Revision 1 0 12 31 2010 A1 Caution Circuit devices are sensitive to static electricity which can damage their delicate electronics Dry weather conditions or walking across a carpeted floor may cause you to acquire a static electrical charge To protect your device always e Touch the metal chassis of your computer to ground the static electrical charge before you pick up the circuit device e Pick up the device by holding it on the left and right edges only e The Web UI s Main Menu links are used to navigate to other menus and display configuration parameters and statistics with suggestive value 1024x768 e If you need using outdoor device connects to this device with cable then you need to add an arrester on the cable between outdoor device and this device vi About this user s manual In this user s manual it will not only tell you how to install and connect your network system but configure and monitor the IWP 2000 65 through the built in web UI step by step Many explanations in details of hardware and software functions are shown as well as the examples of the operation for web based interface Overview of this user s manual m Chapter 1 Introduction describes the features of IWP 2000 65 H Chapter 2 In
82. pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal WPA MODE WPA amp WPA2 w Share Key 123456789 8 63 characters WPA Encryption Auto Group Key Update Interval 600 30 65535 Figure 3 2 23 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here 25 SSID Security Mode Authentication WPA enterprise Y WPA MODE WPA OO jw Share Key 8 63 characters WPA Encryption Auto v Group Key Update Interval 1600 E 0 65535 Primary Radius Server Authenticatoin Server 192 k 168 L 1 180 1812 Shared Secret secret Backup Radius Server Optional Authenticatoin Server L L Shared Secret Figure 3 2 24 Qos WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters CW
83. security names into group names For SNMP V3 the security Name is the user ID in Basic setting Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is vi or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings 1 Community to Security for VIIV2c Index Security Name IP Source Community myptiv 127 0 0 1 public Security Model Security Name generic vi B mypriv v M2 genericusm usm generic v 03 m x mypriv x O4 N W mypriv vi 5 wy mypriv v Figure 3 2 28 View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset View Name The name of view Include Assign include or exclude in this record for certain subtree Sub Tree the OID value For example 1 3 6 1 2 1 View Name Include Sub Tree M1 mib2 nclude 13 61 21 M2 generic include 1 3 6 1 4 1 5205 a rence E penn DO4 Inc
84. streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate 121 The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory QoS Setting On AP WMM Enable O Disable MAX Associated Station 32 1 2007 AP Tx Best Effort CWmin 2047 w CWMax 4095 w AIFS 2 1 255 Burst 0 0 AP Tx Background CWmin 15 CWMax 1023 AIFS 7 1 255 Burst 0 0 AP Tx Video CWmin 7 vy CWMax 7 x AIFS 1 255 Burst 1 5 AP Tx V
85. superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the 50 pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK broadcast multicast enc SSID Security Mode Authentication WPA MODE Share Key WPA Encryption Group Key Update Interval WPA enterprise ption keys in seconds WPA personal WPA amp WPA2 123456789 8 63 characters Auto 600 30 65535 Figure 3 3 30 WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here SSID Security Mode Authentication WPA MODE Share Key WPA Encryption Group Key Update Interval 802 1x Primary Radius Server Authenticatoin Server 192 168 80 Backup Radius Server Optional Authenticatoin Server WPA enterprise v IWPA vy 123456789 8 63 characters Auto v 600 30 65535 1812 Shared Secret secret
86. user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by Lantech View network management system Lantech View will monitor the WIFI loading when the loading is over this value Lantech View will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 2 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 2 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of the firmware 14 Firmware Update Current Firmware information Version IWP 2000 65 v0 1 4 Date 2010 04 13 Using TFTP NET Using WEB NE Using FTP NET Figure 3 2 3 Using TFTP On any computer in the network ora compute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP server utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPL
87. 0 port OEnable Disable Figure 3 9 12 183 3 9 1 6 WIFI Status In this page user could see the WIFI information of this device such as Interface information Security information Associated AP Station WIFI Status ath0 WIFI Interfaces ath4 Interface Information IEEE 802 11bg ESSID A1 APO Nickname Mode Master Frequency 2 452 GHz Access Point 00 40 C7 FB 00F8 Bit Rate 0 kb s Tx Power 16 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 0 70 Signal level 97 dBm Noise level 97 dBm Rx invalid nwid 1615 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Associated API Station End of Status Figure 3 9 13 3 9 1 7 Log In this page user could see the system logs record of this device Logs System Logs Apr 13 00 02 01 IWP 2000 65 cron notice crond 2844 USER root pid 3525 cmd Tora Apr 13 00 00 32 WP 2000 65 auth notice root 192 168 1 10 login Apr 13 00 00 25 WP 2000 65 auth notice root 192 168 1 10 login Apr 13 00 00 00 IWP 2000 65 user info web server flash setup sh web server flash setup sh Apr 13 00 00 00 IWP 2000 65 user info RINETLINK answers No such file or directory hh Apr 13 00 00 00 WP 2000 65 user info RTINETLINK answers No such file or directory Apr 13 00 00 00 IWP 2000 65 user info date 041300002010 00 Apr 13 00 00 00 WP 2000 65 user info
88. 00000000020 designated root 8000 000000000020 root port 0 path cost 0 max age 20 00 bridge max age 20 00 hello time 2 00 bridge hello time 2 00 forward delay 15 00 bridge forward delay 15 00 ageing time 300 00 hello timer 0 00 ten timer 0 00 port id 8001 state forwarding designated root 8000 000000000020 path cost 19 designated bridge 8000 000000000020 message age timer 2744 02 designated port 8001 forward delay timer 2743 07 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8002 state forwarding designated root 8000 000000000020 path cost 100 designated bridge 8000 000000000020 message age timer 2744 03 designated port 8002 forward delay timer 2743 08 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes 2 port id 8003 state forwarding designated root 8000 000000000020 path cost 100 designated bridge 8000 000000000020 message age timer 2744 04 designated port 8003 forward delay timer 2743 08 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8004 state forwarding designated root 8000 000000000020 path cost 100 designated bridge 8000 000000000020 message age timer 2744 04 designated port 8004 forward delay timer 2743 08 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port no mac addr is local ageing timer 2 00 00 00 00 00 20 yes 0 00 1 00 00 00 00 00 21 yes 0 00 1 00 13 a9 2a be 78 no 0 05 3 00 26 48 00 0e c2 yes 0 00
89. 02 11 b g SSID A1_AP0 SSID Hide Qon Off Country North America Area Channel 9 M Figure 3 8 27 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a 166 number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect
90. 0O transitioning to LEARNING sta Apr 13 00 00 00 WP 2000 65 user info kernel brO port 4 ath4 transitioning to LEARNING stall Figure 3 7 15 3 7 1 9 System time gt Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is Synchronize with an Internet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute Second Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Time Update for Every User can set time update interval by enter the days hours and minutes 137 Time Setting Select Setting Type Setting by Manual Setting Synchronize with an Internet Time Server Current System Time Tue Apr 13 00 44 23 UTC 2010 Manual Setting Year Month Day 2010 yla 13 Year 1900 2037 Hour Minute Second joo fo joo Hours from GMT 8 Y Hours Server IP 140 142 16 34 Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every 0 _ days 0 31 0 hours 0 23 10 minites 0 59 Figure 3 7 16 3 7 1 10 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the Reboot button and
91. 2 168 fi 254 Figure 3 6 17 3 6 3 Wireless User can configure the wireless related settings in this page 117 Dual WLAN Device Wireless You can set the wireless releated setting here Figure 3 6 18 3 6 3 1 WIFI athO 7 Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g VLAN ID Itis only available in VLAN_AP model It is the VLAN tag value SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the operating frequency channel for this device Radio Power On Wireless Mode 802 11 b g VLAN ID 10 LAN ID 1 4094 SSID A1 APO SSID Hide on Gor Country North America Area Channel 9 vil Figure 3 6 19 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of t
92. 2000 65 IWP 2000 65 IWP 2000 65 IWP 2000 65 IWP 2000 65 IWP 2000 65 IWP 2000 65 IWP 2000 65 IWP 2000 65 IWP 2000 65 IWP 2000 65 IWP 2000 65 IWP 2000 65 IWP 2000 65 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 daemon info avahi daemon 2838 Figure 3 4 3 4 1 8 System time Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is synchronize with an Internet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute Second Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Registering new address record for New relevant interface ath3 IPv4 fo Joining mDNS multicast group on int Withdrawing address record for 192 Leaving mDNS multicast group on int Interface ath3 IPv4 no longer relev Registering new address record for New relevant interface ath3 IPv4 fo
93. 26 48 00 0e df Mask 255 255 255 0 Statiom WIFI 4 Status MODE 802 11 a COUNTRY North America Area DTIM 1 FRAG 2346 RTS 2346 BEACON 100 DISTANCE 100 DISTANCE 100 Figure 3 3 11 3 3 1 5 Power Control Status In this page user can enable the ethO port to provide PoE power forwarding function Power Control Status PoE Power Control etho port OEnable Disable Figure 3 3 12 40 3 3 1 6 Bridge Status In this page user could see the bridge interfaces information of this device such as interface information STP ststus mac address information etc Bridge Status Bridge bro Bridge STP State off bridge id 8000 002648000edf designated root 8000 002648000edf root port 0 path cost 0 max age 20 00 bridge max age 20 00 hello time 2 00 bridge hello time 2 00 forward delay 15 00 bridge forward delay 15 00 ageing time 300 00 hello timer 0 00 ten timer 0 00 port id 8001 state forwarding designated root 8000 002648000edf path cost 19 designated bridge 8000 002648000edf message age timer 7373 86 designated port 8001 forward delay timer 7372 91 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes e uM ee port id 8002 state forwarding designated root 8000 002648000edf path cost 100 designated bridge 8000 002648000edf message age timer 7373 87 designated port 8002 forward delay timer 7372 92 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8003 state f
94. 27 255 511 1023 2047 or 4095 The value for CWmin must be lower than the value for CWmax CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data th
95. 3 6 1 4 1 5205 ai Include ve Da Include w ES include O Include m include O8 Include 9 include v oO 10 include 11 Include D 12 Include ENS include O 14 Include w 0O15 Include O 16 Include w O17 nclude Figure 3 5 32 106 Access The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any v1 v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table Security Model Security Level Write Notify generic v any vi NoAuthNoPriv generic generic generic
96. 4 00 40 c7 fb 00 8 yes 0 00 End of Status Figure 3 2 13 3 2 1 7 WIFI Status In this page user could see the WIFI information of this device such as Interface information Security information Associated AP Station 19 WIFI Status WIFI Interfaces athO ath4 IEEE 802 11g ESSID A1 APO Nickname Mode Master Frequency 2 452 GHz Access Point 00 26 48 00 0E C2 Bit Rate 0 kb s Tx Power 18 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power off Management Link Quality 0 70 Signal level 96 dBm Noise level 96 dBm Rx invalid nwid 223 Rx invalid crypt 0 Rx invalid frag 0 eee 0 Invalid misc 0 Missed beacon 0 retries MOMA Security Mode Disable No wifi Associated End of Status 3 2 1 8 Log Figure 3 2 14 In this page user could see the system logs record of this device Logs System Logs Apr 13 00 25 06 WP 2000 65 Apr 13 00 10 10 WP 2000 65 Apr 13 00 02 01 WP 2000 65 Apr 13 00 00 00 wp 2000 65 Apr 13 00 00 00 wp 2000 65 Apr 13 00 00 00 wp 2000 65 Apr 13 00 00 05 wp 2000 65 Apr 13 00 00 03 WP 2000 65 Apr 13 00 00 03 WP 2000 65 Apr 13 00 00 00 WP 2000 65 Apr 13 00 00 00 Wwp 2000 65 Apr 13 00 00 00 WP 2000 65 Apr 13 00 00 00 WP 2000 65 Apr 13 00 00 00 Wp 2000 65 Apr 13 00 00 00 WP 2000 65 Apr 13 00 00 00 WP 2000 65 auth notice root 192 168 1 10 login A auth notice root 192 168 1 10 login cron notice
97. 48 VDC O 37 Requirements SA External Power Unit Auto sensing 100 240 VAC 50 60 Hz Regulation FCC CE by request IP65 Certifications Hard Ware Information CPU Intel IXP 425 533MHz network processor Interface 1 RJ 45 Ethernet Port for POE input 1 RJ 45 Ethernet Port for POE power forwarding Flash 16MB RF Information Output power 802 11a 22dBm 6Mbps 1 5 2dBm 19 5dBm 36Mbps 20dBm 48Mbps 18dBm 54Mbps 802 11b 24 5dBm 1iMbps 802 11g 24 5dBm 6 24Mbps 22 5dBm 36Mbps 21 5dBm 48Mbps 21dBm 54Mbps Sensitivity 802 11a 91dBm 6Mbps 72dBm 54Mbps Typical 802 11b 97dBm 1Mbps 88dBm 11Mbps 802 11g 91dBm 6Mbps 74dBm 54Mbps Networking Information Topology Ad Hoc Infrastructure Operation Model OLSR_AP AODV_AP AP Bridge AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP 3 SSID Interface Security STP RSTP QOS Bandwidth limitation AP WDS BRG AP4_WDS_BRG Multiple SSID Two 10 100Mbps RJ 45 LAN Ports elEEE802 1x RADIUS Client TTLS PEAP Support i n AP Mode eIEE802 1x Supplicant TTLS PEAP support in Client Bridge Mode eWPA WiFi Protected Access eWPA2 802 11i eWEP 64 128 bits eIP address filtering eMAC address filtering eLayer2 Isolation eVLAN tunneling Support eHide SSID eRogue AP Scan STP RSTP WMM Traffic shaping by IP address in MESH and ROUTE mode Management Features IP Auto configuration SNMP LLDP NTP Remote Configuration Firm
98. 6 1 2 1 View Name Include Sub Tree 1 mib2 Include w 1 3 6 1 2 1 2 generic nclude 1 3 6 1 4 1 5205 _ incide Mi ren inelude v 5 inclu 7 Include 8 Include Y 9 nclude 10 include Y di include w 12 L J nclude w 13 OO nclude 5 14 Mi n Include vi E 15 Include w 16 Include v 17 include v Figure 3 3 36 57 Access The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any vi v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table Group Security Model Security Level Write Notify generic v any
99. A2 Share Key 123456789 8 63 characters WPA Encryption Auto YO Group Key Update Interval 600 30 65535 Figure 3 10 25 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here SSID Security Mode Authentication WPA enterprise w WPA MODE WA 7 vy Share Key 123456789 i 8 63 characters WPA Encryption Auto Group Key Update Interval 1600 30 65535 802 1x Primary Radius Server AuthenticatoinServer 192 168 h 80 1812 Shared Secret secret Backup Radius Server Optional Authenticatoin Server LI Shared Secret Figure 3 10 26 Qos WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table 221 Common Parameters CWmin Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmin must be lower than the value for CWmax CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the val
100. Add MAC Addr SSID Re Scan Figure 3 5 23 3 5 4 2 WIFI ath3 and ath7 Settings General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network In station mode CB this SSID must be same as the AP that user wish to connect User can either type in the SSID by themselves or simply press the lt Scan gt button and select the AP form the popup list then click lt submit gt MAC Cloning This feature controls the MAC Address of the Wireless Bridge seen by other devices wired or wireless If set to Ethernet Client the MAC Address from the first Ethernet client that transmits data through the Wireless Bridge will be used When multiple Ethernet devices are connected to the Wireless Bridge it may not be obvious which MAC Address will be used If set to WDS it will include 4 MAC address while transmit the data through Wireless Bridge It is only available on bridge mode in station interface If the AP to associate does not support 4 WAY HANDSHAKE the Ethernet client should be selected Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item con
101. Backup settings Restore settings Local Backup Settings Restore settings NEXT J Figure 3 10 7 Click on lt Backup Settings gt button on next page to save the settings of this device to a file named configs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process 210 Backup Settings Backup Settings Restore Settings Figure 3 10 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on NEXT button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 10 9 Enter the necessary setting in next page then click on Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFIP FTP TFTP or FTP Server IP LI LI LI Firmware Filename in server configs tar FTP Username FTP Password Figure 3 10 10 3 10 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control WAN Port AODV Status ethO LAN Port MESH WIFI Status AP WIFI 2 Status 211 Status Current Firmware Version IWP 2000 65 v0 1 8 Device Name TWP 2000 65 System Model AO
102. DS_BRG To set this device as a WDS device with AP function AP4_WDS_BRG To set this device as WDS device with AP function and support up to 4 SSID 130 Administrator Settings Device Name Name IWP 2000 65 0 9 AW Z az on Language Select Language English di v Model Select OLSR AP AODV_AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP AP_LWDS_BRG AP4_WDS_BRG Password Settings Current Password Password L __ 3 12 Characters a Idle Time Out 999 1 999 minutes Remote Management Re type Password Enable If enabled only the following PC can manage this AP IP Address MW ON J L WIFI Loading Warning Threshold Threshold 15 6 25Mbiseo Figure 3 7 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by LantechView network management system LantechView wil
103. DV AP System Time Wed Nov 3 01 16 31 2010 eth0 PoE Disabled IP Address 192 168 1 1 MAC Address 00 40 cf 00 00 22 Mask 255 255 255 0 Gateway NA AODV Actived IP Address 192 168 0 1 MAC Address 00 40 cf 00 00 33 Mask 255 255 255 0 MODE 802 11 a IP Address 192 168 2 1 MAC Address 00 26 48 00 0e df Mask 255 255 255 0 IP Address 192 168 24 1 MAC Address 00 40 c7 fb 00 f8 Mask 255 255 255 0 SSID A2_AP4 Security Disabled Figure 3 10 1 3 10 1 5 Power Control In this page user can enable the ethO port to provide PoE power forwarding function Power Control Status PoE Power Control etho port OEnable Disable Figure 3 10 12 212 3 10 1 6 WIFI Status In this page user could see the WIFI information of this device such as Interface information Security information Associated AP Station WIFI Status ath0 WIFI Interfaces ath4 Information IEEE 802 11bg ESSID A1 APO Nickname Mode Master Frequency 2 452 GHz Access Point 00 40 C7 FB 00F8 Bit Rate 0 kb s Tx Power 16 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 0 70 Signal level 97 dBm Noise level 97 dBm Rx invalid nwid 1615 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Mode Disable _ Associated AP Station End of Status Figure 3 10 13 3 10 1 7 Log In this page user could see the syst
104. E power forwarding function Power Control Status PoE Power Control etho port OEnable Disable Figure 3 8 12 3 8 1 6 Bridge Status In this page user could see the bridge interfaces information of this device such as interface information STP status mac address information etc 157 Bridge Status Bridge brO Bridge STP State off Bridge br0 Information bridge id 8000 000000000020 designated root 8000 000000000020 root port 0 path cost 0 max age 20 00 bridge max age 20 00 hello time 2 00 bridge hello time 2 00 forward delay 15 00 bridge forward delay 15 00 ageing time 300 00 hello timer 0 00 ten timer 0 00 0 ile 0 port id 8001 state forwarding designated root 8000 000000000020 path cost 19 designated bridge 8000 000000000020 message age timer 2744 02 designated port 8001 forward delay timer 2743 07 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8002 state forwarding designated root 8000 000000000020 path cost 100 designated bridge 8000 000000000020 message age timer 2744 03 designated port 8002 forward delay timer 2743 08 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8003 state forwarding designated root 8000 000000000020 path cost 100 designated bridge 8000 000000000020 message age timer 2744 04 designated port 8003 forward delay timer 2743 08 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8004 s
105. FI ath4 Setting WIFI athS Setting WIFI ath6 Setting WIFI ath Setting Figure 3 3 21 3 3 3 1 Rogue AP Scan Rogue Enable Check the radio box in front of lt Enable gt to enable the Rogue AP detection and Press lt Add gt or lt Del gt button to apply Allow AP The allowable AP list The AP in the list is a legal AP for CB to connect Check the box and press the lt Del gt button to remove it Rogue AP The nearby AP list not include the allowed APs Check the box and press the Add button to add it as a legal AP Re Scan Press WIFIx button to Re scan the APs nearby which are scanned by wifi card x x 1 or 2 Rogue Scan Rogue Enable Rogue Enable Enable Disable Allow AP Del MAC Addr SSID Di panye l Rogue AP Add MAC Addr SSID Re Scan Figure 3 3 22 3 3 3 2 WIFI ath3 Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g 45 SSID The SSID service set identifier is an identifier of an AP in user s wireless network In station mode CB this SSID must be same as the AP that user wish to connect User can either type in the SSID by themself or simply press the Scan button and select the AP form the popup list then click lt submit gt MAC Cloning This feature controls the MAC Address of the Wiress Bridge seen by other devices wired o
106. Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 3 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of firmware Firmware Update Current Firmware information Version IWP 2000 65 v0 1 4 Date 2010 04 13 Using TFTP NET Using WEB NE Using FTP NET Figure 3 3 3 Using TFTP On any computer in the network or a compute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP server utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP pa
107. IP source Describes a host or network Community The community name that is used Group 228 Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is v1 or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings 1 Community to Security for V1 V2c Index Security Name IP Source Community Imypriv n A UNa Group Name Security Mode Security Name a 1 generic wy mypriv v M2 genericusm usm generic v 3 m E myprv vi DO 4 lvl oy mypriv vi 5 iM mypriv xi Figure 3 10 34 gt View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset View Name The name of view Include Assign include or exclude in this record for certain subtree Sub Tree the OID value For example 1 3 6 1 2 1 View Name Include Sub Tree
108. Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie O 9 a f User can set maximum 4 keys but only one key will functional at one time Advanced Setting Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346
109. Key Setting Keyi ecese Figure 3 5 24 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANS defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP w WEP Encryption Open ORestricted Select Key KEY 1 KEY 2 O KEY 3 KEY 4 Figure 3 5 25 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is 100 granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPA2 is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length
110. Local Backup Settings Restore settings To backup or restore the configuration for this device Click on NEXT button beside Local Backup settings Restore settings Local Backup Settings Restore settings NEXT Figure 3 7 7 Click on lt Backup Settings gt button on next page to save the settings of this device to a file named configs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process 133 Backup Settings Backup Settings Restore Settings Figure 3 7 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on NEXT button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 7 9 Enter the necessary setting in next page then click on Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFIP OFIP TFTP or FTP Server IP LI LI L Firmware Filename in server configs tar FTP Username FTP Password __Backup To Sener_ Restore From Sener__ Figure 3 7 10 3 7 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Contr
111. Location It is used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s SNMP community settings on this screen Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented 171 Community Specify the name of community for the SNMP manager SNMP Community provides a simple protection by using the community name to control the access to the SNMP The community name can be thought of as a password If user don t have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community v3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option
112. Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Trans
113. P with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To set this device as a router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID AP WDS BRG To set this device as a WDS device with AP function 178 AP4 WDS BRG To set this device as WDS device with AP function and support up to 4 SSID Administrator Settings Device Name Name IWP 2000 65 0 9 A Z a z ont n Language English OLSRAP AODV AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE OVLAN AP AP WDS BRG AP4 WDS BRG Password Settings Current Password Password li 3 12 Characters Re type Password Idle Time Out 30 1 999 minutes Remote Management Enable If enabled only the following PC can manage this AP IP Address A i Threshold 15 6 25 Mbisec Figure 3 9 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the manag
114. STP v Bridge Priority 15 STP 0 65535 RSTP 0 15 Hello Time 2 1 10 second Forwarding Delay 15 4 30 second Max Age 20 6 40 second Cost 18 0 2 10 8 Priority 1 STP 0 Port ethO 255 RSTP 0 15 PtoP auto SA Edge no v Cost 19 0 2 10 8 Priority 1 STP 0 Port eth1 255 RSTP 0 15 PtoP auto v Edge no w i Cost 2000000 0 2 10 8 Priority 2 STP 0 Port athO 255 RSTP 0 15 e PtoP auto v Edge no vw Cost 2100000 0 2 1048 Priority 3 STP 0 Port ath1 255 RSTP 0 15 PtoP auto v Edge no w Cost 2200000 0 2 1048 Priority4 STP 0 Port ath2 255 RSTP 0 15 PtoP auto v Edge no w Cost 2300000 0 2 108 Priority 5 STP 0 Port ath3 255 RSTP 0 15 ae PtoP auo y Edge no w Cost 2400000 0 2 10 8 Priority 6 STP 0 Port ath4 255 RSTP 0 15 PtoP auto v Edge no vw Cost 2500000 0 2 10 8 Priority 7 STP 0 Port ath5 255 RSTP 0 15 PtoP auto v Edge no w Cost 2600000 0 2 1058 Priority 8 STP 0 Port ath6 255 RSTP 0 15 PtoP auto v Edge no Cost 2700000 0 2 10 8 Priority 9 STP 0 Port ath7 255 RSTP 0 15 PtoP auto vy Edge no w Figure 3 2 18 22 3 2 3 Wireless User can configure the wireless related settings in this page WIFI athO Setting WIFI ath1 Setting WIFI af ng WIFI ath3 Setting WIFI ath4 Setting WIFI ath5 Setting WIFI ath6 Setting WIFI ath Setting 3 2 3 1 Dual WLAN Device Wireless You can set the wirel
115. Shared Secret Qos Figure 3 3 31 WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters CWmin Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CW min must be lower than the value for CW max CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin 51 AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when the
116. Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here 168 SSID Security Mode Authentication WPA enterprise Y WPA MODE WPA OO jw Share Key 8 63 characters WPA Encryption Auto v Group Key Update Interval 1600 E 0 65535 Primary Radius Server Authenticatoin Server 192 k 168 L 1 180 1812 Shared Secret secret Backup Radius Server Optional Authenticatoin Server L L A Shared Secret Figure 3 8 31 Qos WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters CWmin Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CW min must be lower than the value for CW max CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most tradit
117. Status Log System time and Reboot screen as shown in Figure 3 6 1 109 Dual WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 6 1 3 6 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 6 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a w z A w Z _ or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese gt Model OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To set this device as a router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID AP WDS BRG To set this device as a WDS device with AP function AP4_WDS_BRG To set this device as WDS device with AP function an
118. Status WIFI Status Log System time Reboot V LAN e Bridge LAN settings V WIRELESS e WIFI athO Setting WIFI athi Setting WIFI ath2 Setting WIFI ath3 Setting WIFI ath4 Setting WIFI ath5 Setting WIFI ath6 Setting WIFI ath7 Setting V FILTER e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 3 2 1 System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control Bridge Status WIFI Status Log System Time and Reboot screen as shown in Figure 3 2 1 Administrator Firmware Configuration Toals General Status Power Control Bridge Status Log System Time Reboot WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 2 1 3 2 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 2 2 These settings allow user to configure the device Name language model password remote management and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a w z A w Z jn or rh Language Select This function allows user to select a language for the UI the options available are English
119. TA Tx Video _ ki TXOP 47 1 255 x32ms ACM OEnable Disable ASE CWmin 7 CWMax 15 AIFS 1 1 255 TXOP 94 1 255 x32ms ACM CEnable Disable Figure 3 2 25 3 2 4 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 2 4 1 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario gt General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those 27 interfaces PCs with MAC address in the MAC address table can access this AP Reject All PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table MAC address filtering Filtering type Disable MAC address table Item MAC address Ex 22 22 22 22 22 22 MAC address 1 Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Del
120. WLAN Settings User can configure the IP address for MESH ath0O interface in here The IP address for MESH athO must be in the same subnet with other MESH device s athO interface and must be in different subnet with WAN AP WLAN IP address Network IP Parameters IP Address The IP address of the AP on the MESH network Subnet Mask The subnet mask of the IP address LAN Setting Network IP Parameters IP Address 192 168 2 Bp Subnet Mask 255 255 1255 o Figure 3 9 21 3 9 4 MESH This page will show the mesh information The options available here are OLSR CONFIG OLSR ADMIN OLSR ROUTES and OLSR LINKS 3 9 4 1 OLSR CONFIG In this page user can see all the MESH configuration information Variables In here the table shows Pollrate TC redundancy MPR coverage LQ level LQ winsize FISHEYE and Willingness information Interface atho In here the table shows IP MASK BCAST MTU and STATUS information 188 MESH Configuration Pollrate 0 500000 TC redundancy 2 MPR coverage 5 LQ levet 2 LQ winsize 10 FISHEYE Enable Willingness 7 IP 192 168 2 1 MASK 255 255 255 0 BCAST 192 168 2 255 MTU 1500 STATUS UP Figure 3 9 22 3 9 4 2 OLSR ADMIN In this page user can set the MESH related settings that shows in OLSR CONFIG Change basic settings Pollrate 0 O m n This option sets the interval in seconds which the mesh scheduler should be poll for events every 0 2 seconds if the pollrate is set t
121. Y gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 2 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 2 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings 15 Configuration Tools Restore Factory Defautt Configuration Ler Local Backup
122. agement system SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address 8 Port The IP and Port of a device to receive traps 149 Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoPriv AuthPriv SNMP Trap Trap Active Disable Enable vl v2c Trap 0 Version 1 192 1168 A1 21 4162 public 1 Disable 2 Disable 3 Disable 4 Disable v3 Trap Index Do genericro vi A a a ai NoAuthNoPriv v O1 genericro a E 3 NoAuthNoPriv 02 genericro l NoAuthNoPriv 03 genericro v i l f NoAuthNoPriv O4 genericro NoAuthNoPriv Figure 3 7 31 Trap Items Enable Disable which trap items to send Trap Items Cold Start ODisable Enable Warm Start ODisable Enable Link Up ODisable Enable Link Down ODisable Enable Auth Fail ODisable Enable Log In ODisable Enable Figure 3 7 32 3 7 6 Tools Command Pi
123. ailable options for this field are all none mib2 and the View Name from View table Security Model Security Level generic any NoAuthNoPriv generic generic generic v genericusm usm AuthPriv vi all vi all v all si Lany Mj NoAuthNoPriv all xj all generic any NoAuthNoPriv all ball all 6 CS IEK IIE i 2 3 generic 4 5 v w v lt lt 2 generic any NoAuthNoPriv all vi all Figure 3 2 29 3 6 5 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in vi or v2c or not send disable vi v2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address 8 Port The IP and Port of a device to receive traps 127 Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoPriv AuthPriv SNMP Trap Trap Active Disable O Enable vl v2c Trap 0 Version 1 192 he Li Bi fe2 pu
124. as a WDS device AP4 WDS BRG To set this device as WDS and AP device 207 Administrator Settings Device Name Name IWP 2000 65 0 9 A Z an zon ni Language Select Language English w Model Select OLSR AP AODV AP O AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE C VLAN AP AP WDS BRG AP4 WDS BRG Password Settings Current Password I Password E 3 12 Characters Re type Password Idle Time Out 999 1 999 minutes Remote Management Enable If enabled only the following PC can manage this AP IP Address Figure 3 10 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just click on lt Enable gt button and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by LantechView network management system LantechView will monitor the WIFI loading when the loading is over this value LantechView will change the color of the link line on network topology to notify the
125. at requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a 196 WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory QoS Setting On AP WMM GEnable O Disable MAX Associated Station 32 1 2007 AP Tx Best Effort CWmin 2047 v CWMax 4095 v AIFS 2 1 255 Burst 0 0 AP Tx Background CWmin 15 Si CWMax 1023 v AIFS 7 1 255 Burst 0 0 AP Tx Video CWmin 7 CWMax 7 v AIFS 1 1 255 Burst 1 5 AP Tx Voice CWmin 7 CWMax 15 AIFS 1 1 255 Burst 3 0 CWmin 7 CWMax 1023 v AIFS 2 1 255 STA Tx Best Effort a ae TXOP 64 1 255 x32ms ACM OEnable Disable CWmin 15 w CWMax 1023 v AIFS 7 1 255 STA Tx Background oun a y TXOP 1 1 255 x32ms ACM OEnable Disable CWmin 7 v CWMax 7 v AIFS 1 1 255 STA Tx Video TXOP 47
126. ata will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory QoS Setting On AP WMM Enable O Disable MAX Associated Station 32 1 2007 AP Tx Best Effort CWmin 2047 w CWMax 4095 w AIFS 2 1 255 Burst 0 0 AP Tx Background CWmin 15 CWMax 1023 AIFS 7 1 255 Burst 0 0 AP Tx Video CWmin 7 vy CWMax 7 x AIFS 1 255 Burst 1 5 AP Tx Voice CWmin 7 v CWMax 15 v AIFS 1 1 255 Burst 3 0 Say Reon CWmin 7 w CWMax 1023 w AIFS 2 1 255 TXOP 64 1 255 x32ms ACM OEnable Disable SEEN A Cwmin 15 vw CWMax 1023 7 AIFS 7 1 255 TXOP 1 1 255 x32ms ACM OEnable Disable i CWmin 7 CWMax 7 _ AIFS 1 1 255 S
127. ation Lam_here V1NV2C IndexAccess Right Community 1 2 3 4 5 Deny vi Deny 4 Deny vi Deny vi Deny xi Auth Privacy Access Protocol Y Passphrase Right DES vw unused unused unused unused unused Security Level Type Auth Passphrase AuthPriv AuthPriv AuthPriv AuthPriv AuthPriv lt lt lt lt EEIE NNN I DES lt lt lt lt lt w a SERMET ETI Figure 3 10 33 3 10 8 2 VACM Setting You can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that you can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options You can use this token to give SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table
128. blic 1 Disable 2 Disable x 3 Bese Mi 4 Disable v3 Trap Index User IP Address Port Security Level Do genericro w f i l NoAuthNoPriv 01 genericro v 3 a a NoAuthMoPriv 2 genericro w i K fi 4 NoAuthNoPriv v 03 genericro a NoAuthNoPriv il D4 genericro NoAuthNoPriv Figure 3 6 30 Trap Items Enable Disable which trap items to send Trap Items Cold Start ODisable Enable Warm Start ODisable Enable Link Up ODisable Enable Link Down ODisable Enable Auth Fail ODisable Enable Log In ODisable Enable Figure 3 6 31 3 6 6 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Command Ping Ping IP Count 3 Disable Enable Figure 3 6 32 3 6 7 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 6 33 128 3 7 AP WDS Bridge Mode To set this device as a WDS device the setting and functions as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control Bridge Status WIFI Status Log System time Reboot V LAN e Bridge LAN settings V WIRELESS e WIFI athO Setting e WIFI ath4 Setting V FILTER e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 3 7 1 System This page shows the current status and some bas
129. ccess this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those 170 interfaces PCs with MAC address in the MAC address table can access this AP Reject All PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table MAC address filtering Filtering type Disable v MAC address table Item MAC address Ex 22 22 22 22 22 22 MAC address 1 Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 _Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 Delete MAC address 14 Delete MAC address 15 Delete Figure 3 8 33 3 8 5 SNMP The IWP 2000 65 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 8 5 1 Basic Setting SNMP Agent Check the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants LantechView to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person
130. ce root 192 168 1 10 login Apr 13 00 01 47 WP 2000 65 auth notice root 192 168 1 10 login Apr 13 00 00 00 IWP 2000 65 user info web server flash setup sh web server flash setup sh Apr 13 00 00 00 IWP 200065 user info date 041300002010 00 Apr 13 00 00 00 WP 200065 user info Tue Apr 13 00 00 00 UTC 2010 Apr 13 00 00 05 WP 2000 65 user info Terminated Apr 13 00 00 03 WP 2000 65 user info Killed Apr 13 00 00 03 IWP 2000 65 user info Terminated Apr 13 00 00 00 WP 2000 66 user info kernel br4 port 1 ethi 24 transitioning to FORWARDIN Apr 13 00 00 00 WP 2000 65 user info kernel br4 port 3 ath4 transitioning to FORWARDING s Apr 13 00 00 00 WP 2000 65 user info kernel bri0 port 1 eth1 10 transitioning to FORWARDI Apr 13 00 00 00 WP 2000 65 user info kernel bri0 port 3 ath0 transitioning to FORWARDING Apr 13 00 00 00 IWP 2000 65 user info kernel br4 port 1 eth1 24 transitioning to LEARNING Apr 13 00 00 00 WP 2000 65 user info kernel br4 port 2 eth0 24 transitioning to DISABLED Apr 13 00 00 00 IWP 2000 65 user info kernel br4 port 3 ath4 transitioning to LEARNING sta Figure 3 6 14 3 6 1 8 System time Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is Synchronize with an Internet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute Second Using Internet Time Server H
131. click on OK on pop up screen to confirm user s decision Reboot Access Point After you change the setting or in the event that the Access Point stops responding correctly or in some way stops functioning ee To perform the Reboot click on the Reboot button below You will be asked to confirm your Figure 3 7 17 3 7 2 LAN Configuration Interface brO Setting IP Authentication Indicate how the IP address of this device will be assigned There are two options available here Static option the IP address should be entered in Network IP Parameters and DHCP option the IP address will be assigned from other DHCP server Network IP Parameters User can change the network settings of this device from LAN Configuration it is including IP address Subnet mask and Gateway address Bridge STP Setting User can also set the Bridge STP setting in this page STP RSTP Disable the bridge STP or set the bridge mode as STP or RSTP mode Bridge Priority Set the priority value of the bridge The priority value is a number between O and 65535 The bridge with the lowest priority will be elected root bridge Hello Time Set the bridge s bridge hello time value seconds Forwarding Delay Set the bridge s bridge forward delay value seconds 138 Max Age Set the bridge s maximum message age value seconds Port Cost Set the port cost of the port Port Priority Set the port priority of the port interface
132. crond 2844 USER root pid 3393 cmd web server www htm _ user info web server flash setup sh web server flash setup sh user info date 041300002010 00 user info Tue Apr 13 00 00 00 UTC 2010 a user info Terminated user info Killed user info Terminated user info kernel brO port 1 ethi transitioning to FORWARDING s user info kernel brO port 2 eth0 transitioning to FORWARDING s user info kernel brO port 3 ath0 transitioning to FORWARDING s user info kernel brO port 4 ath4 transitioning to FORWARDING s user info kernel brO port 1 ethi transitioning to LEARNING sta user info kernel brO port 2 eth0 transitioning to LEARNING sta user info kernel brO port 3 ath0 transitioning to LEARNING sta 2 gt Figure 3 2 15 3 2 1 9 System time gt Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is synchronize with an Internet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute Second Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Time Update for Every User can set time update interval by enter the days hours and minutes 20 Time Setting Select Setting Type Setting by Manual Setting Synchronize with an Internet Time Serve
133. curity Level Notify generic Lany a NoAuthNoF ri pa generic m generic Wa generic W genericusm usm AuthPriv ki all vi all Yi jal vi generic v any NoAuthNoPriv all jal vi jal v generic v any NoAuthNoPriv all x all v all v generic Y ke NoAuthNoPriv W a Mw W fi W Figure 3 4 39 3 4 6 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID 85 IP Address 8 Port The IP and Port of a device to receive traps Auth Level Assign security level in this record The Options are NoAuthNopPriv AuthNoPriv AuthPriv Trap Active GDisable Enable vl v2c Trap Index Version IP Address Port Community 0 Version 1 12 es lf 21 162 public 1 Disable Mi 2 Disable Yi 3 Disable 4 Disable Ho genericro NoAuthNoPriv w O1 genericro i NoAuthNoPriv 2 genericro J f i NoAuthNoP
134. d streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network 222 ACM Admission control mandatory QoS Setting On AP WMM Enable O Disable MAX Associated Station 132 1 2007 AP Tx Best Effort CWmin 2047 v CWMax 4095 EI AFS 2 1 255 Burst 10 0 AP Tx Background CWmin 15 v CWMax 1023 v AIFS 7 1 255 Burst 10 0 AP Tx Video CWmin 7 v CWMax 7 v AIFS 1 1 255 Burst 1 5 AP Tx Voice CWmin 7 v CWMax 15 v AIFS 1 1 255 Burst 3 0 CWmin 7 v CWMax 1023 AIFS 2 1 255 STA Tx Best Effort W TXOP 64 1 255 x32ms ACM OEnable Disable CWmin 15 v CWMax 1023 AIFS 7 1 255 STA Tx Background Pa n e TXOP 1 1 255 x32ms ACM OEnable Disable CWmin 7 CWMax 7 y AIFS 1 1 255 STA Tx Video r ki TXOP 47 1 255 x32ms ACM OEnable Disable i CWmin 7 w CWMax 15 AIFS 1 1 255 STA Tx Voice an TXOP 94 1 255 x32ms ACM OEnable Disable Figure 3 10 27 3 10 5 2 WIFI MESH Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mod
135. d key here there are three options Auto AES and TKIP Authentication WPA MODE WPA Share Key 123456789 8 63 characters WPA Encryption Auto Figure 3 4 26 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter their account and password to pass the authentication SSID Security Mode Authentication WPA enterprise WPA MODE wa Share Key 12345678 8 63 characters WPA Encryption Auto Account F3000 Password F3000 Figure 3 4 27 Please Note In wifi station model the security setting must be same as the AP that user wish to connect 3 4 4 3 WIFI ath4 7 Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all points 74 in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the operating frequency channel for this device Radio Power
136. d on its IP address If enabled user should also configure the IP Filtering Address This option is only available in router and MESH modes IP Filtering Enable Disable IP Filtering IP Address Enter the Network IP Address and press lt Apply gt to filter 79 IP Filtering IP Filtering Disable Enable Category IP Address Delete IP Address 1 Delete IP Address 2 Delete IP Address 3 fi Delete IP Address 4 Delete IP Address 5 Delete IP Address 6 Delete IP Address 7 fo Delete IP Address 8 fo Delete IP Address 9 Delete IP Address 10 Delete IP Address 11 Delete IP Address 12 Delete IP Address 13 Delete IP Address 14 Delete IP Address 15 Delete Figure 3 4 34 3 4 5 2 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario gt General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those interfaces PCs with MAC address in the MAC address table can access this AP Reject All PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table 80 MAC address filtering Filtering type Disable v MAC address table
137. d support up to 4 SSID 110 Administrator Settings Device Name Name IWP 2000 65 CCHS ASZ aE Or Language Engish OLSR_AP AODV_AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP AP WDS BRG AP4 WDS BRG Password Settings Current Password Password a 3 12 Characters Re type Password Idle Time Out 30 1 999 minutes Enable If enabled only the following PC can manage this AP IP Address A Ei A Threshold 15 6 25 Mbisec Figure 3 6 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by LantechView network management system LantechView will monitor the WIFI loading when the loading is over this value LantechView will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25
138. d wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 7 4 1 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario gt General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those interfaces PCs with MAC address in the MAC address table can access this AP Reject All PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table 144 MAC address filtering Filtering type Disable v MAC address table Item MAC address Ex 22 22 22 22 22 22 MAC address 1 Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 _Delete MAC address 14 Delete MAC address 15 Delete Figure 3 7 26 3 7 5 SNMP The IWP 2000 65 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 7 5 1 Basic Setting SNMP Agent Ch
139. determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie O 9 a f User can set maximum 4 keys but only one key will functional at one time 46 peg Se Radio Power on Wireless Mode 80211a vi SSID A1 AP3 Scan MAC Cloning WDS v Auto b Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 4 1 255 Fragmentation Threshold 2346 256 2346 RTSICTS Threshold 2346 1 2346 Tx Power Auto W Key 1 essee WEP Key Setting Key 2 osese Figure 3 3 23 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANS defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radi
140. e Disable MAC address table Item MAC address Ex 22 22 22 22 22 22 MAC address 1 Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 Delete MAC address 14 Delete MAC address 15 Delete Figure 3 6 25 3 6 5 SNMP The IWP 2000 65 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 6 5 1 Basic Setting SNMP Agent Check the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants Lantech View to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location Itis used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s SNMP community settings on this page Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented 123 Community Specify the name of community for the SNMP manage
141. e here Static option the IP address should be entered in Network IP Parameters and DHCP option the IP address will be assigned from other DHCP server Network IP Parameters User can change the network settings of this device from WAN Configuration it is including IP address Subnet mask and Gateway address WAN Setting IP Authentication Static DHCP Network IP Parameters IP Address 192 j 168 23 ai Subnet Mask 255 255 255 10 Gateway Address f2 168 23 254 Figure 3 5 18 3 5 2 2 Bandwidth Management This function allows user to set the limitation of total upload download bandwidth on WAN interface and also can set the limitation of upload download bandwidth for each user or a group of users by IP address Bandwidth Management Bandwidth Management Enable bandwidth limitation function Upload Bandwidth The total upload bandwidth in Mbps Download Bandwidth The total download bandwidth in Mbps Bandwidth Limitation Action To set the action type of bandwidth limitation The options available here are disable upload download and upload download Start IP Address To set the start IP of bandwidth limitation End IP Address To set the end IP of bandwidth limitation Bandwidth Limitation To set the bandwidth in Kbps of bandwidth limitation User can press Add button to add IP address to the Bandwidth Limitation list User can tick the check box and press Del button to de
142. e organized in a specified community v3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account and assign access rights by VACM 29 SNMP Basic Settings SNMP Agent Enable System Information Contact IContact me Location Lam_here V1NV2C Index Access Right Community 1 2 3 4 5 Deny vi Deny 4 Deny vi
143. e that you want to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the operate Meats Sua for this device Radio Power on w Wireless Mode 802 11 b g SSID A1 APO SSID Hide Don of Country Asia Pacific Channel 19 Si Figure 3 10 28 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify 223 Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than th
144. e the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each 219 other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie O 9 a f User can set maximum 4 keys but only one key will functional at one time Advanced Setting Auto w Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto w Rate 54 x mbitis Fixed Layer 2 Isolation Disable Enable Key 1 eeoee WEP Key Setting Key 2 eeeee a Key 3 seven Key 4 esooo Figure 3 10 23 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANS defined in the 802
145. e value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCIT to set the key values ie 0 9 a z Or use HEX to set the key value in hexadecimal ie 0 9 a f User can set maximum 4 keys but only one key will functional at one time Advanced Setting Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto v Rate 54 Y Mbits V Fixed Layer 2 Isolation Disable Enable Key 1 00000 WEP Key Setting Key 2 eeeee Key 3 eeeee Key 4 00000 Figure 3 10 29 SSID Security Mode Authentication User can choose which authentication type to
146. e which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode tn wep E CTCL yo Open ORestricted ry a Select Key KEY 1 KEY 2 O KEY 3 KEY 4 Figure 3 4 25 73 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPA2 is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre share
147. ecenesavesaesiuesanat 109 3 6 2 LAN Configuration sssssssssssu1uuuu25 2200uunnnnunnnnnnnnnnnnnnnnnnnnn 117 3 6 3 Wireless ese ai aa ik e a a a a a a a ka a a A 117 3 6 4 FIIESFINO ki kk kenken ka at dote na ket ke diaou ea kaka T ae t aaeain didai 122 3 6 5 SIN MP kek kiss kika e a ot a e pa e a a a a a n at 123 xO 6 TO NS kita drol nee ken Dan ak Se YA A An ke ae kk kk ka a 128 36 7 LOG OU ei sect Sik dans rass saka at sa AE at SAD SIR ns anaia 128 AP_WDS_Bridge Mode sisi kika koka kak e a e L L kk 129 S27 ak SYSUEM BE EE EE e a T 129 3 7 2 LAN Configuration ii aie aie kt a e e n a a e a L Ko A 138 3 7 3 Wireless held pete nt dan e kn e ek PA e n kk e A a e 139 Bid 14 W aid ka OMUNG ER A A A DE DE aaia 144 3 5 SNMP siek owa ina a ki e a a lk rr rrr e Ek re a rT 145 3 70 TOONS ake t set as atake kte aske tate gate setaS Et ks ak As kaa te SASA NS dat k Sa YAN SE kd R SAN 150 3 7 7 LOG OUE iii aaa seek snake aks aaie asa aae kata kai Aaa asa Aaa A inanir 150 3 8 AP4 WDS Bridge Mode tL kk tann nn nn nan nn nan nannan annan nana enan aa kannnannnnannnnn 151 DOL SYSTEM east at ani kapa at sanse asa sais sasa AE ANA RES RADA ea ke aa An 151 3 8 2 LAN Configuration eski wew ki e a a a a A l kb a a 160 3 8 3 Wireless pini zini f a ek w pa l a e a e pk a da n e ey a m 161 3 8 4 FIIESEFIN Oke ak endear a a a a a a a m a a a KE A A a DA A dds 170 3 8 5 IN MP oii vids oke die sek nwe ake eee kn S n ke pen kok e e A A m EN a 171
148. eck the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants LantechView to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location Itis used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s SNMP community settings on this screen Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the name of community for the SNMP manager SNMP Community provides a simple protection by using the community name to control the access to the SNMP The community name can be thought of as a password If user don t 145 have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community v3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are
149. eless network ACM Admission control mandatory QoS Setting On AP WMM Enable O Disable MAX Associated Station 32 1 2007 AP Tx Best Effort CWmin 2047 w CWMax 4095 w AIFS 2 1 255 Burst 0 0 AP Tx Background CWmin 15 CWMax 1023 AIFS 7 1 255 Burst 0 0 AP Tx Video CWmin 7 vy CWMax 7 x AIFS 1 255 Burst 1 5 AP Tx Voice CWmin 7 v CWMax 15 v AIFS 1 1 255 Burst 3 0 Say Reon CWmin 7 w CWMax 1023 w AIFS 2 1 255 TXOP 64 1 255 x32ms ACM OEnable Disable SEEN A Cwmin 15 vw CWMax 1023 7 AIFS 7 1 255 TXOP 1 1 255 x32ms ACM OEnable Disable i CWmin 7 CWMax 7 _ AIFS 1 1 255 STA Tx Video _ ki TXOP 47 1 255 x32ms ACM OEnable Disable ASE CWmin 7 CWMax 15 vw AIFS 1 1 255 TXOP 94 1 255 x32ms ACM CEnable Disable Figure 3 8 32 3 8 4 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 8 4 1 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario gt General Disabled Disable this filtering function If this option is selected all PCs can a
150. elete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 _Delete MAC address 14 Delete MAC address 15 Delete Figure 3 5 29 3 5 6 SNMP The IWP 2000 65 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 5 6 1 Basic Setting SNMP Agent Check the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants Lantech View to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location Itis used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s SNMP community settings on this page Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the name of community for the SNMP manager SNMP Community provides a simple protection by using the community name to control the access to the SNMP The community name can be thought of as a password If user don t 103 have the correct community name user can t retrieve
151. em logs record of this device Logs System Logs Apr 13 00 02 01 IWP 2000 65 cron notice crond 2844 USER root pid 3488 cmd web server www htm S Apr 13 00 01 09 IWP 2000 65 auth notice root 192 168 1 10 login Apr 13 00 00 00 IWP 2000 65 user info web server flash setup sh web server flash setup sh Apr 13 00 00 00 IWP 2000 65 user info RTNETLINK answers No such file or directory Apr 13 00 00 00 IWP 2000 65 user info RINETLINK answers No such file or directory Apr 13 00 00 00 IWP 2000 65 user info date 041300002010 00 Apr 13 00 00 00 IWP 2000 65 user info Tue Apr 13 00 00 00 UTC 2010 Apr 13 00 00 06 IWP 2000 65 user info Terminated Apr 13 00 00 03 IWP 2000 65 daemon notice aodvd main In wait on reboot for 2000 milliseconds Apr 13 00 00 03 IWP 2000 65 daemon notice aodvd aodv socket init Receive buffer size set to 2 Apr 13 00 00 03 IWP 2000 65 daemon notice aodvd aodv socket init RAW send socket buffer size Apr 13 00 00 03 WP 200i65 user info DEBUG 0 Apr 13 00 00 03 IWP 2000 65 user info DEBUG Apr 13 00 00 03 IWP 2000 65 user info Killed Apr 13 00 00 03 IWP 2000 65 user info Terminated Apr 13 00 00 00 IWP 2000 65 user info date 041300002010 00 lt i Figure 3 10 14 h v 3 10 1 8 System time Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is Synchronize with an Internet Time Server Manual Setting User can manually
152. ement of the Access Point from a remote host Just tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by LantechView network management system LantechView will monitor the WIFI loading when the loading is over this value LantechView will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 9 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 9 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of firmware 179 Firmware Update Current Firmware information Version IWP 2000 65 v0 1 4 Date 2010 04 13 Using TFTP ET Using WEB er Using FTP ET Figure 3 9 3 Using TFTP On any computer in the network or a compute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Acc
153. enericro x 3 y 4 NoAuthNoPriv v mi genericro F 2 3 1 NoAuthNoPriv 02 genericro y i i fl NoAuthNoPriv o3 genericro v i W i 7 E a NoAuthNoPriv D4 genericro 3 NoAuthNoPriv w Figure 3 9 42 Trap Items Enable Disable which trap items to send Trap Items Cold Start O Disable Enable Warm Start ODisable Enable Link Up ODisable Enable Link Down ODisable Enable Auth Fail ODisable Enable LogIn ODisable Enable Figure 3 9 43 3 9 8 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Command Ping Ping IP Count 3 Disable Enable Figure 3 9 44 3 9 9 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 9 45 205 3 10 AODV AP Mode To set this device as a MESH device the setting and functions as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Concrol WIFI Status Log System time Reboot V WAN e WAN Settings e Bandwidth Management V LAN e EthO settings e AP WLAN Settings e MESH WLAN Settings V MESH e AODV ADMIN V WIRELESS e WIFI AP Setting e WIFI MESH Setting V FILTER e IP Filtering e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 3 10 1 System This page shows the current status and some basic settings of
154. er Type Select OTFTP FTP TFTP or FTP Server IP L L Firmware Filename in server configs tar FTP Username FTP Password Figure 3 9 10 3 9 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control WAN Port OLSR Status ehtO LAN Port MESH WIFI Status AP WIFI 2 Status 182 Status Current Firmware Version IWP 2000 65 v0 1 8 Device Name TWP 2000 65 System Model OLSR_AP System Time Wed Nov 3 00 57 39 2010 Power Control Stats eth0 PoE Disabled oo ee IP Address 192 168 1 1 MAC Address 00 40 cf 00 00 22 Mask 255 255 255 0 Gateway NA DHCP Disabled OLSR Actived IP Address 192 168 0 1 MAC Address 00 40 cf 00 00 33 Mask 255 255 255 0 DHCP Disabled MESH WH Status MODE 802 11 a COUNTRY North_America_Area CHANNEL Auto DTIM 1 FRAG 2346 RTS 2346 BEACON 100 DISTANCE 100 IP Address 192 168 2 1 MAC Address 00 26 48 00 0e df Mask 255 255 255 0 DHCP Disabled SSID A1 APO Security Disabled AP WPL Stats MODE 802 11 a COUNTRY North_America_Area CHANNEL Auto DTIM 1 FRAG 2346 RTS 2346 BEACON 100 DISTANCE 100 IP Address 192 168 24 1 MAC Address 00 40 c7 b 00 f8 Mask 255 255 255 0 DHCP Disabled SSID A2 AP4 Security Disabled Figure 3 9 1 3 9 1 5 Power Control In this page user can enable the ethO port to provide PoE power forwarding function Power Control Status PoE Power Control eth
155. ers WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal WPA MODE WPA amp WPA2 Share Key 123456789 we 8 63 characters WPA Encryption Auto vi o Group Key Update Interval 600 30 65535 Figure 3 9 30 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here SSID Security Mode Authentication WPA enterprise w WPA MODE ix Share Key WPA Encryption Group Key Update Interval 3o 65535 802 1x 8 63 characters Primary Radius Server Authenticatoin Server 192 ji68 1 jso 1812 Shared Secret secret Backup Radius Server Optional Authenticatoin Server LI LI L Shared Secret Figure 3 9 31 195 Qos WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters CWmin Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 1
156. es ath3 ath7 Interface ath3 Waiting for Connecting Figure 3 5 13 The Figure 3 5 14 shows that the ath3 ath7 CB model has connected to an AP and display the relevant information WIFI Status EEE WIFI Interfaces ath3 ath7 IEEE 802 11bg ESSID A1 APO Nickname Mode Managed Frequency 2 417 GHz Access Point 00 40 C7 EF 00 28 Bit Rate 36 Mb s Tx Power 16 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 69 70 Signal level 24 dBm Noise level 93 dBm Rx invalid nwid 26463 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Mode Disable AGG Ata aTh Ati Gene mel A A RA tan MAC Address Q0 40 C7 EF 00 28 Figure 3 5 14 3 5 1 7 Log In this page user could see the system logs record of this device ogs System Logs Apr 13 00 05 11 WP 2000 65 daemon info avahi daemon 2838 Registering new address record for 3 Apr 13 00 05 11 WP 2000 65 daemon info avahi daemon 2838 New relevant interface ath7 IPv4 fo Apr 13 00 05 11 WP 2000 65 daemon info avahi daemon 2838 Joining mDNS multicast group on int Apr 13 00 05 08 WP 200065 daemon info avahi daemon 2838 Withdrawing address record for 192 Apr 13 00 05 08 WP 200065 daemon info avahi daemon 2838 Leaving mDNS multicast group on int Apr 13 00 05 08 WP 200065 daemon info avahi daemon 2838 Interface ath7 IPv4 no longer
157. ess Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 9 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 9 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings 180 Configuration Tools Restore Factory Default Configuration Leer Local Backup Settings Restore settings vex J er Remote Backup Settings Restore settings Figure 3 9 4 Restore Factory Default Configuration To reset configura
158. ess releated setting here Figure 3 2 19 WIFI athO 7 Setting gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the cepa Aaa for this device Radio Power On w Wireless Mode 802 11 b g SSID A1_APO SSID Hide OOn Off Country North America Area v Channel 9 vi Figure 3 2 20 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals 23 between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless
159. ete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 f Delete MAC address 14 Delete MAC address 15 Delete Figure 3 2 26 3 2 5 SNMP The IWP 2000 65 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 2 5 1 Basic Setting SNMP Agent Check the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants Lantech View to remote management the AP and draw the network topography System Information Contact Specify the contact name for this managed node as well as information about how to contact this person Location Itis used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s SNMP community settings on this page Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented 28 Community Specify the name of community for the SNMP manager SNMP Community provides a simple protection by using the community name to control the access to the SNMP The community name can be thought of as a password If user doesn t have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may b
160. etting General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that you want to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the ope ating dezi for this device Radio Power On Wireless Mode 802 11 b g SSID A2_AP4 SSID Hide OOn of Country Asia Pacific vi Channel Auto Figure 3 9 27 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value 193 b
161. ettings SNMP Agent Enable System Information Contact IContact me Location Lam_here V1NV2C IndexAccess Right Community 1 2 3 4 5 Deny vi Deny 4 Deny vi Deny vi Deny xi Auth Privacy Access Protocol Y Passphrase Right DES vw unused unused unused unused unused Security Level Type Auth Passphrase AuthPriv AuthPriv AuthPriv AuthPriv AuthPriv lt lt lt lt EMEA NNN DES lt lt lt lt lt a SERMET ETI Figure 3 9 38 3 9 7 2 VACM Setting You can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that you can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options You can use this token to give SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communities Index Index of Community to Security Tick the
162. ettings To backup or restore the configuration for this device Click on lt NEXT gt button beside Local Backup settings Restore settings Local Backup Settings Restore settings NET J Figure 3 4 7 Click on lt Backup Settings gt button on next page to save the settings of this device to a file named configs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore 64 Settings button to start the restore settings process Backup Settings Backup Settings Restore Settings Figure 3 4 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on lt NEXT gt button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 4 9 Enter the necessary setting in next page then click on Backup To Server gt or Restore From Server to start the process Configuration Backup Restore Server Type Select OTFTP FTP TFTP or FTP Server IP LI L L Firmware Filename in server configs tar FTP Username FTP Password Figure 3 4 10 3 4 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control Status WAN Port ethO LAN Port eth1i LAN Port Station WIFI 1 Status
163. etween 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie O 9 a f User can set maximum 4 keys but only one key will functional at one time Advanced Setting Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto v Rate 54 Mbits V Fixed Layer 2 Isolation Disable Enable Key 1 eeeee WEP Key Setting Key 2 eeeee Key 3 eeeee Key 4 eecce Figure 3
164. fies a list of Domain Name System name servers available to the client IP Pool Starting Ending Address The IP Address range which will be assigned Lease Time How long does the IP address can be leased by DHCP server 185 WAN Setting Network IP Parameters IP Address 192 168 fi D Subnet Mask 255 255 255 0 Gateway Address 192 168 1 254 DHCP Server Enable vw Primary DNS Address 168 95 D 1 Secondary DNS Address i IP Pool Starting Address i le 100 IP Pool Ending Address 2 l 200 Lease Time Halfhour v Figure 3 9 17 3 9 2 2 Bandwidth Management This function allows user to set the limitation of total upload download bandwidth on WAN interface and also can set the limitation of upload download bandwidth for each user or a group of users by IP address gt Bandwidth Management Bandwidth Management Enable bandwidth limitation function Upload Bandwidth The total upload bandwidth in Mbps Download Bandwidth The total download bandwidth in Mbps gt Bandwidth Limitation Action To set the action type of bandwidth limitation The options available here are disable upload download and upload download Start IP Address To set the start IP of bandwidth limitation End IP Address To set the end IP of bandwidth limitation Bandwidth Limitation To set the bandwidth in Kbps of bandwidth limitation User can press lt Add gt button to add IP address
165. for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account and assign access rights by VACM 172 SNMP Basic Settings SNMP Agent Enable Contact IContact me Location Lam_here V1NV2C 1 Deny 2 Deny vi 3 Deny v 4 Deny vi 5 Deny vi Security Level sou Auth Passphrase po Pity Passphrase SA 2 i AuthPriv v MD5 v DES vw unused AuthPriv vi mMDS DES unused 3 AuthPriv y MD5 w DES v unused sv 4 AuthPriv MD5 DES unused 5 AuthPriv vi MDS x DES v unused v Figure 3 8 34 3 8 5 2 VACM Setting User can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that user
166. from the Security Name of Comunity to Security when security model is v1 or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings 1 Community to Security for V1 V2c Index Security Name IP Source Community K mypriv 127 0 0 1 public n A UNa Group Name Security Model Security Name a 1 generic vi B mypriv v M2 genericusm di usm generic v Ss v mypriv O4 vw mypriv vi 5 Moun mypriv xi Figure 3 7 28 gt View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset Include Assign include or exclude in this record for certain subtree Sub Tree the OID value For example 1 3 6 1 2 1 view Name Include Sub Tree M1 mib2 include 1 3 6 1 2 1 M2 generice include 1 3 6 1 4 1 5205 03 e Include D4 include tis include o6 m OO Include oO Include L8 e Include w Da Include v O 10 include O11 _ ne ude v p 12 Include vi ale include 14 include Ki 15 include oO 16 Include B EI include Figure 3 7 29 148 Access The Access table grants the groups access right to certain views Each gr
167. g gt General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network In station mode CB this SSID must be same as the AP that user wish to connect User can either type in the SSID by themselves or simply press the Scan button and select the AP form the popup list then click lt submit gt MAC Cloning This feature controls the MAC Address of the Wireless Bridge seen by other devices wired or wireless If set to Ethernet Client the MAC Address from the first Ethernet client that transmits data through the Wireless Bridge will be used When multiple Ethernet devices are connected to the Wireless Bridge it may not be obvious which MAC Address will be used If set to WDS it will include 4 MAC address while transmit the data through Wireless Bridge It is only available on bridge mode in station interface If the AP to associate does not support 4 WAY HANDSHAKE the Ethernet client should be selected Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specif
168. ge enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 3 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 3 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings 37 Configuration Tools Restore Factory Defautt Configuration Ler Local Backup Settings Restore settings Ler Remote Backup Settings Restore settings Ler Figure 3 3 4 gt Restore Factory Default Configuration To reset configuration settings to the factory default values just click on lt NEXT gt button beside Restore Factory Default Configuration Restore Factory Default Configuration NEXT Figure 3 3 5 Then click on Restore button on next page now the system will reset to factory default value Restore Factory Default Figure 3 3 6 Local Backup Settings Restore settings To backup or restore the configuration for this device click on NEXT button beside Local Backup settings Restore settings Local Backup Settings Restore settings NET J Figure
169. gement and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a w z A w Z _ or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese gt Model OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To set this device as a router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID AP_WDS_BRG To set this device as a WDS device with AP function AP4_WDS_BRG To set this device as WDS device with AP function and support up to 4 SSID 152 Administrator Settings Device Name Name IWP 2000 65 j 0 9 A T akaz or Ga a Language Select Language English w Model Select OLSRAP AODV AP AP Bridge Model AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP AP WDS BRG 8 AP4 WDS BRG Password Settings Current Password Password 3 12 Characters Re type Password Idle Time Out 999 1 999 minutes Remote Manageme
170. he Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here SSID Security Mode Authentication WPA MODE Share Key WPA Encryption Group Key Update Interval 802 1x Primary Radius Server Authenticatoin Server 192 168 80 Backup Radius Server Optional Authenticatoin Server WPA enterprise _ WPA v 123456789 8 63 characters Auto v 600 30 65535 1812 Shared Secret secret Shared Secret Qos Figure 3 4 32 WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters Cwmin Minimum Contention Window The valid values for Cwmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for Cwmin must be lower than the value for Cwmax Cwmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for Cwmax must be higher than the value for Cwmin 77 AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx
171. he beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals 118 between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie O 9 a f User can set maximum 4 keys but only one key will functional at one time Advanced Setting
172. hen the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory 78 QoS Setting On AP WMM Enable O Disable MAX Associated Station 132 Ia 2007 AP Tx Best Effort CWmin 2047 w CWMax 4095 w AIFS 2 12255 Burst 0 0 AP Tx Background CWmin 15 w CWMax 1023 v AIFS 7 12255 Bwst 0 0 AP Tx Video CWmin 7 v CWMax 7 v AIFS 1 1 255 Bust 15 AP Tx Voice CWmin 7 y CWMax 15 AIFS 1 1 255 Burst 13 0 CWmin v CWMax 1023 AIFS 2 1 255 STA Tx Best Effort lt _ h TXOP 64 1 255 x32ms ACM OEnable Disable CWmin 15 CWMax 1023 v AIFS 7 1 255 STA Tx Background que TXOP 1 1 255 x32ms ACM OEnable Disable i CWmin 7 cWMax 7 w AFS 1 1 255 STA Tx Video P TXOP 47 1 255 x32ms ACM OEnable Disable CWmin 7 v CWMax 15 yv AIFS 1 255 STA Tx Voice a TXOP 94 1 255 x32ms ACM OEnable Disable Figure 3 4 33 3 4 5 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 4 5 1 IP Filtering User can block certain client PCs from accessing this AP base
173. hold 2346 1 2346 Tx Power Auto iy Rate 54 mbitis Fixed Layer 2 Isolation Disable Enable Key 1 eeeee WEP Key Setting Key 2 eoeee To Key 3 esseo Key 4 eeece Figure 3 3 28 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANS defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP v WEP Encryption Open ORestricted lo Select Key KEY 1 KEY 2 O KEY 3 KEY 4 Figure 3 3 29 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPA2 is far
174. i NoAuthNoPriv vl 04 genericro NoAuthNoPriv Figure 3 3 38 gt Trap Items Enable Disable which trap items to send Trap Items Cold Start O Disable Enable Warm Start ODisable Enable Link Up ODisable Enable Link Down ODisable Enable Auth Fail ODisable Enable Log In ODisable Enable Figure 3 3 39 3 3 6 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Command Ping Ping IP Count 3 Disable Enable Figure 3 3 40 3 3 7 Log Out User can manually logout by click on lt Log Out gt 59 Log Out Figure 3 3 41 3 4 AP CB Route Mode AP CB Route mode is to set this device as a router device with AP and CB functions The setting and functions as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System time Reboot V WAN e WAN Setting e Bandwidth Management V LAN e EthO Settings Eth1 Settings AP ath4 Setting AP ath5 Setting AP ath6 Setting AP ath7 Setting V WIRELESS e Rogue Ap Scan e WIFI ath3 Setting e WIFI ath4 Setting e WIFI ath5 Setting e WIFI ath6 Setting WIFI ath7 Setting V FILTER e IP Filtering e MAC Filtering 60 V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 3 4 1 System This page shows the current status and some
175. ic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie O 9 a f User can set maximum 4 keys but only one key will functional at one time 49 Advanced Setting Auto S Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 4 255 Fragmentation Threshold 2346 256 2346 RTS CTS Thres
176. ic settings of the device including Administrator Firmware Configuration Tools General Status Power Control Bridge Status WIFI Status Log System time and Reboot screen as shown in Figure 3 7 1 129 Dual WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 7 1 3 7 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 7 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a w z A w Z _ or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese Model OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 3 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client Bridge device AP CB ROUTE To set this device as a router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB functions VLAN AP To set this device as a VLAN AP device Each SSID can have its own VLAN ID AP_W
177. ick on Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFTP OFTP TFTP or FTP Server IP L L L Firmware Filename in server configs tar FTP Username FTP Password Backup To Sener Figure 3 2 10 3 2 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control Bridge LAN port AP WIFI 1 Status AP WIFI 2 Status 17 Status Current Firmware Version TWP 2000 65 v0 1 8 Device Name TWP 2000 65 System Model AP Bridge System Time Wed Nov 3 00 43 52 2010 Power Control Status eth0 PoE Disabled Bridge LAN Pot IP Address 192 168 1 1 MAC Address 00 26 48 00 0e df Mask 255 255 255 0 SAP WIFLS Status MODE 802 11 a COUNTRY North America_Area CHANNEL Auto DTIM 1 FRAG 2346 RTS 2346 Radio off MODE 802 11 a COUNTRY North_America_Area CHANNEL Auto Figure 3 2 11 18 3 2 1 5 Power Control Status In this page user can enable the PoE power forwarding function for ethO port Power Control Status PoE Power Control eth0 port OEnable Disable Figure 3 2 12 3 2 1 6 Bridge Status In this page user could see the bridge interfaces information of this device such as interface information STP status Mac address information etc Bridge Status Bridge bro Bridge STP State off Bridge br0 Information bridge id 8000 0
178. icre W j NoAuthioPriv W D4 genericro NoAuthNoPriv Figure 3 10 37 gt Trap Items Enable Disable which trap items to send Cold Start ODisable Enable Warm Start O Disable Enable Link Up Disable Q Enable Link Down ODisable Enable Auth Fail Disable Enable Login ODisable Q Enable Figure 3 10 38 3 10 8 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Command Ping Ping IP Count 3 Disable Enable Figure 3 10 39 3 10 9 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 10 40 231 Caution The Part 15 radio device operates on a non interference basis with other devices operating at this frequency when using A integrated antennas Any changes or modification to the product not expressly approved by Original Manufacture could void the user s authority to operate this device 232
179. ients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie O 9 a f User can set maximum 4 keys but only one key will functional at one time 75 Advanced Setting Auto w Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto Rate 54 Mbit s Fixed Layer 2 Isolation Disable Enable Key 1 00000 WEP Key Setting Key 2 eeeee ON Key 3 esseo Key 4 eeece Figure 3 4 29 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANS defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key that user w
180. ing frequency cnanne for this device Radio Power On Wireless Mode 802 11 b g vi SSID Hide OOn GOf Country North America Area Y Channel 9 v Figure 3 7 19 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP m
181. ional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate 169 The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wir
182. irmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 10 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 10 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings 209 Configuration Tools Restore Factory Default Configuration LET Local Backup Settings Restore settings vex J Remote Backup Settings Restore settings LET Figure 3 10 4 Restore Factory Default Configuration To reset configuration settings to the factory default values just click on NEXT button beside Restore Factory Default Configuration Restore Factory Default Configuration NEXT Figure 3 10 5 Then click on Restore button on next page now the system will reset to factory default value Restore Factory Default Figure 3 10 6 Local Backup Settings Restore settings To backup or restore the configuration for this device Click on NEXT button beside Local
183. is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPAZ is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal WPA MODE WPA amp WPA2 w Share Key 123456789 8 63 characters WPA Encryption Auto Group Key Update Interval 600 30 65535 Figure 3 6 22 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here 120 SSID Security Mode Authentication WPA enterprise Y WPA MODE WPA OO jw Share Key 8 63 characters WPA Encryption Auto v Group Key Update Interval 1600 E 0 65535 Primary Radius Server
184. is normal behavior and do not turn off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 7 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 7 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings 132 Configuration Tools Restore Factory Defautt Configuration Ler Local Backup Settings Restore settings Ler Remote Backup Settings Restore settings Figure 3 7 4 gt Restore Factory Default Configuration To reset configuration settings to the factory default values just click on lt NEXT gt button beside Restore Factory Default Configuration Restore Factory Default Configuration NEXT Figure 3 7 5 Then click on Restore button on next page now the system will reset to factory default value Restore Factory Default Figure 3 7 6
185. its IP address If enabled user should also configure the IP Filtering Address This option is only available in router and MESH modes IP Filtering Enable Disable IP Filtering IP Address Enter the Network IP Address and press lt Apply gt to filter IP Filtering IP Filtering Disable O Enable Category IP Address Delete IP Address 1 Delete IP Address 2 Delete IP Address 3 Delete IP Address 4 Delete IP Address 5 Delete IP Address 6 Delete IP Address 7 Delete IP Address 8 Delete IP Address 9 NM Delete IP Address 10 Delete IP Address 11 Delete IP Address 12 Delete IP Address 13 Delete IP Address 14 Delete IP Address 15 Delete Figure 3 9 36 199 3 9 6 2 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those interfaces PCs with MAC address in the MAC address table can access this AP Reject All PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table MAC address filtering Filtering type Disable gt MAC address table
186. ks aaa a d s k ak etan aka ask uunia 11 3 2 1 System AA e GP PE DE De OO Re DO PL en 12 3 2 2 LAN CONTIQUEBaT Te ie ei cedar koka ane pe kn kok k ka AS DA e Ak a EAR Ak A A aK AN M 21 3 2 3 Wireless ei kikonk ik fan a ak m m n anj D m m 23 3 2 4 Filtering ee aktik a e a an aa n aaa aa Aa a a an a n a a n aa a a a a a ak a a 27 3 2 5 SNM Pri it i die ae ava t e ae d aks akte ARUNAN Andus f e NCA UNA AAA KARA EK NS ad DESA A 28 Si2sG TOONS rindade AN ae RA da SAA REN da DE AAA EN ANA 33 3 2 7 COG QUU ti ke kinn ki oo a a a oo A A a Do a RO e KE l 33 3 3 AP CB Bridge MOOG was rans n ake asna sans atasin ass ansan asasen anan sansi as ake ak van 34 3 3 1 System s sssssssssuuss255u55 5ss5555uu5520uuuuuuununnnnnnnnn 34 3 3 2 LAN Configuration isis kane aske kaka an an saka kase anka kankan kadna k en ad AA 43 3 3 3 Wireless ivane kan ak aa anni dan saaa aa ak dane A ae dan aaa ake ake dan kd Nan AAA ES A n 44 3 3 4 FIIESENNO Perec ener reer reer reer Cer terre err errr eer reer eer err etree reer rr errr Ok a 53 3 3 9 SNMP sians ei kinan tie ia kana drink n asa desin an ak ski ae 54 3 3 6 TOO S Lisi awa n aa a a aa an an aa ala a aaa n a a a a n aa n ka a a a ka fk a 59 3 3 7 Log OUE oi iii da k y ai bite k k ae bate ae boo e bak Ske koi ae ee a ane Yi 59 3 4 AP CB Rout MOU aa ie sesa anan kas ee anka an nesans ad konsian ke kank none aaa pann aaa 60 3 4 1 System ie ea iii ke ki a a a a a a no l AP l a K n n 61 3
187. l none mib2 and the View Name from View table Security Model Security Level generic any vi NoAuthNoPriv generic generic generic genericusm usm AuthPriv v all all v all generic any vi NoAuthNoPriv all generic rae ealiea eal EEA 2 v v any NoAuthNoPriv all vi all v generic any vi NoAuthNoPriv all Figure 3 9 41 3 9 7 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address 8 Port The IP and Port of a device to receive traps 204 Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoPriv AuthPriv SNMP Trap aces A Disable Trap Active GDisable Enable vl v2c Trap Index Version 0 Version 1 192 1 168 1 21 4162 public 1 Disable w 2 Disable E 4 lann MN Disable oo g
188. l for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the kan ao A for this device Radio Power On v Wireless Mode 802 11 b g v SSID A1_AP0 SSID Hide OOn Off Country North America Area v Channel 9 vi Figure 3 1 0 22 Advanced Settings Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determin
189. l monitor the WIFI loading when the loading is over this value LantechView will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 7 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 7 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of firmware 131 Firmware Update Current Firmware information Version IWP 2000 65 v0 1 4 Date 2010 04 13 Using TFTP Using WEB Using FTP Figure 3 7 3 Using TFTP On any computer in the network or a compute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This
190. l parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table Security Model Security Level generic any NoAuthNoPriv generic generic generic v genericusm usm AuthPriv vi all vi all v all si generic any MI NoAuthNoPriv all Si all generic any NoAuthNoPriv all ball all 6 CS IEK IIE v w v lt lt 2 generic any NoAuthNoPriv all vi all Figure 3 8 37 3 8 5 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address 8 Port The IP and Port of a device to receive traps Auth Level Assign security level in this record The Options are 175 NoAuthNopPriv AuthNoPriv authPriv
191. lable options are yes or no By default it is set to no LAN Setting IP Authentication Static DHCP Network IP Parameters IP Address 192 te8 1 MO Subnet Mask 255 ss 255 0 Gateway Address 192 168 H 1254 STPIRSTP Disable v Bridge Priority 15 STP 0 65535 RSTP 0 15 Hello Time 2 1 10 second Forwarding Delay 15 4 30 second Max Age 20 6 40 second Cost 18 0 2 10 8 Priority 1 STP 0 255 RSTP 0 15 Port eth0 T K K j PtoP auto Edge no vi 19 Ko 2 0 iority 1 STP 0 0 m Cost 18 OO 0 2108 Priority STP 0 255 RSTP 0 15 PtoP auto v Edge no vi Cost 2300000 0 2 10 8 Priority 5 STP 0 255 RSTP 0 15 Port ath3 k K Ne K PtoP auto v Edge no vi 2400000 2 10 iority 6 0 pwe Cost 2400000 0 2 10 8 Priority STP 0 255 RSTP 0 15 PtoP auto Edge no vi 2500000 10 jority 7 STP 0 0 Port ath5 Cost 900 0 2 10 8 _ Priority STP 0 255 RSTP 0 15 PtoP auto v Edge no vi 2600000 o 2 jority 8 0 Port ath6 Cost M 1018 Priority STP 0 255 RSTP 0 15 PtoP auto Mi Edge no E 2700000 0 2 10 iority 9 0 pa Cost I2700000 _ 0 2 10 8 Priority STP 0 255 RSTP 0 15 3 3 3 Wireless PtoP auto vw Edge no vi Figure 3 3 20 User can set the wireless related setting here 44 Dual WLAN Device aay Wireless tect E You can set the wireless releated setting here Rogue Ap Scan WIFI ath3 Setting WI
192. leased by DHCP server 70 Dual WLAN Device vs LAN Setting i 3 Network IP Parameters IP Address 192 168 a Subnet Mask 255 255 255 lo a DHCP Server Enable v A DHCP Server Parmeters Primary DNS Address 168 25 i o D Secondary DNS Address l i IP Pool Starting Address oe i vo l IP Pool Ending Address i Bi nui 200 i Lease Time Half hour we Figure 3 4 21 3 4 4 Wireless User can set the wireless related setting here Dual WLAN Device Wireless You can set the wireless releated setting here Rogue Ap Scan WIFI ath3 Setting WIFI ath4 Setting WIFI athS Setting WIFI ath6 Setting WIFI ath Setting Figure 3 4 22 3 4 4 1 Rogue AP Scan Rogue Enable Check the radio box in front of lt Enable gt to enable the Rogue AP detection and Press lt Add gt or lt Del gt button to apply Allow AP The allowable AP list The AP in the list is a legal AP for CB to connect Check the box and press the lt Del gt button to remove it Rogue AP The nearby AP list not include the allowed APs Check the box and press the lt Add gt button to add it as a legal AP 71 Re Scan Press lt WIFIx gt button to Re scan the APs nearby which are scanned by wifi card x x 1 or 2 Rogue Scan Rogue Enable Rogue Enable Enable Disable Allow AP Del MAC Addr SSID e n AAA eo Rogue AP Add MAC Addr SSID Re Scan Figure 3 4 23 3 4 4 2 WIFI ath3 Settin
193. led TCredundancy 12 l Pollrate 10 50 MPRcoverage 5 Willingness la LQlevel 2 LQwinsize 10 Fisheye Enable Disable HNA Entry Enable 5 Disable Security Disable v Security Key Figure 3 9 23 3 9 4 3 OLSR ROUTES OLSR routes in kernel Destination Gateway Metric ETX Interface Type 192 168 2 15 192 168 2 15 1 3 25 athOd HOST 0 0 0 0 0 0 0 0 192 168 2 15 1 3 25 atho HNA Destination The node that packet is sent to Gateway The route packets via which gateway Metric The distance to the target usually counted in hops ETX the ETX value for this link calculated by ETX 1 ILQ x LQ Interface the device interface the packets go through Type HOST means that it s belong to node s routing tables HNA 190 means that node can connect to internet via this routing path Dual WLAN Device MESH ROUTES Destination Gateway Metric ETX Interface Type 192 168 2 3 192 168 2 3 1 324 ath HOST 192 168 2 5 192 163 2 3 a 20 15 ath HOST 192 168 4 0 192 168 2 3 1 324 ath HNA 192 168 6 0 192 168 2 3 vi 20 15 ath0 HNA Figure 3 9 24 3 9 4 4 OLSR LINKS LINKS Local IP Remote IP LQ lost total NLQ ETX 192 168 0 2 192 168 0 1 1 000 0 100 1 000 1 00 This table contains the links to our neighbors It contains the following columns Local IP The IP address of the interface that have contacted to the neighbor Remote IP The IP address of the neighbor LinkQuality The quality of the link determined at our e
194. lete the IP address from the Bandwidth Limitation list 96 Bandwidth Management Bandwidth Management Bandwidth Management O Enable Disable Upload Bandwidth 54 Mbps Download Bandwidth 64 Mbps Action Start IP Address End IP Address Bandwidth Limitation Kbps 1 DI UpDownload 192 16 J essas Action Start IP Address End IP Address Bandwidth Limitation Kbps UpiDounlozd 4 0000 e000 0 Figure 3 5 19 3 5 3 LAN Configuration User can change the local network settings of this device from LAN Configuration for ethO and ethi which include the IP address Subnet mask Gateway and DHCP server related settings Network IP Parameters User can change the network settings of this interface from LAN configuration it is including IP address Subnet mask and enable disable the DHCP server Function DHCP Server Parameters Primary Secondary DNS Address The domain name servers option specifies a list of Domain Name System name servers available to the client IP Pool Starting Ending Address The IP Address range which will be assigned Lease Time How long does the IP address can be leased by DHCP server LAN Setting Network IP Parameters IP Address 192 168 0 D Subnet Mask 255 255 255 0 DHCP Server Enable v DHCP Server Parmeters Primary DNS Address 168 95 A A Secondary DNS Address p IP Pool Starting Address 1 LI E 100 IP Pool Ending Address
195. lude vi Cis include o6 nclude al Include o8 nclude vi mE include v J 10 include vi Ou Include 12 include LI 13 Include gu rense E O15 Include 16 nclude w 17 nclude Figure 3 2 29 31 Access The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any v1 v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table nde Security Model Security Level Write Notify M1 generic vi any v NoAuthNoPriv vi generic v generic v generic i v 2 genericusm
196. m allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key you would like to use for this AP SSID Security Mode Authentication WEP wl WEP Encryption Open ORestricted a O Select Key KEY 1 KEY 2 KEY 3 KEY 4 Figure 3 7 22 141 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPA2 is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal WPA MODE WPA amp WPA2 Share Key 123456789 8 63 characters WPA Encryp
197. min Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CW min must be lower than the value for CW max CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate 26 The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP d
198. mission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network 143 ACM Admission control mandatory QoS Setting On AP WMM Enable O Disable MAX Associated Station 132 1 2007 AP Tx Best Effort CWmin 2047 w CWMax 4095 v AIFS 2 1 255 Burst 0 0 AP Tx Background CWmin 15 v CWMax 1023 v AIFS 7 1 255 Burst 10 0 AP Tx Video CWmin 7 v CWMax 7 v AIFS 1 1 255 Burst 1 5 AP Tx Voice CWmin 7 CWMax 15 v AIFS 1 1 255 Burst 3 0 CWmin 7 CWMax 1023 v AIFS 2 1 255 STA Tx Best Effort W TXOP 64 1 255 x32ms ACM OEnable Disable CWmin 15 v CWMax 1023 AIFS 7 1 255 STA Tx Background Pa a e TXOP 1 1 255 x32ms ACM OEnable Disable CWmin 7 v CWMax 7 y AIFS 1 1 255 STA Tx Video peman ki TXOP 47 1 255 x32ms ACM OEnable Disable 3 CWmin 7 CWMax 15 AIFS 1 1255 STA Tx Voice an TXOP 94 1 255 x32ms ACM OEnable Disable Figure 3 7 25 3 7 4 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorize
199. munity The community name that is used Group 105 Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is v1 or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings Community to Security for V1 V2c Index Security Name IP Source Community mypriv 127 0 0 1 K n A UNa Group Name Security Model Security Name a 1 generic vi B mypriv v M2 genericusm di usm generic v 3 j v mypriv O4 vw mypriv vi 5 Mon mypiv W Figure 3 5 31 View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset Include Assign include or exclude in this record for certain subtree Sub Tree the OID value For example 1 3 6 1 2 1 Include Sub Tree 1 Imib2 Include w 136121 M2 generic include 1
200. n Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module Rate Set the bit rate for wireless interface to supporting multiple bit rates The value Auto causes the device to use the bit rate selected by the rate control module Layer 2 Isolation It is used in AP mode only If enabled all of the clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie O 9 a f User can set maximum 4 keys but only one key will functional at one time 162 Advanced Setting Auto w Peer MOU Distance Distance 100 m 100 65535 Beacon Period 100 20
201. n access rights by VACM 82 SNMP Basic Settings SNMP Agent Enable Contact IContact me Location Lam_here V1NV2C 1 Deny 2 Deny vi 3 Deny v 4 Deny vi 5 Deny vi Security Level sou Auth Passphrase po Pity Passphrase SA 2 i AuthPriv v MD5 v DES vw unused AuthPriv vi mMDS DES unused 3 AuthPriv y MD5 w DES v unused sv 4 AuthPriv MD5 DES unused 5 AuthPriv vi MDS x DES v unused v Figure 3 4 36 3 4 6 2 VACM Setting User can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that user can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options User can use this token to give SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the
202. nd lost The number of lost packets among the n packets most recently sent by our neighbor via this link n is the link quality window size total the total number of packets received up to now This value starts at 0 immediately after a link has come to alive and then counts each packet It is capped at the link quality window size NLQ this is our neighbor s view of the link quality Previously we have called this the Neighbor Link Quality This value is extracted from LQ HELLO messages received from our neighbors ETX This is the ETX for this link i e 1 NLQ x LQ NEIGHBORS IP address SYM MPR MPRS will 2 Hop Neighbors 10 0 0 6 YES YES YES 7 10 0 0 7 This table contains a list of all our neighbors It is closely related to the link table in that we are connected to a neighbor via one or more links The table has the following columns IP address The main IP address of the neighbor SYM This states whether the link to this neighbor is considered symmetric by link detection mechanism MPR multi point relay This indicates whether we have selected this neighbor to act as an MPR for us MPRS multi point relay selector This indicates whether the 191 neighbor node has selected us to act as an MPR for it will The neighbor s willingness 2 Hop Neighbors The IP address of 2 hops neighbors Topology entries Source IP Dest IP LQ ILQ ETX 0 0 0 6 92 168 0 2 000 000 00 0 0 0 6 0 0 0 5 000 000 00
203. ng It runs ping command to test the connection capability of this device with the other Ethernet device Tools Command Ping Ping IP Count 3 Disable Enable Figure 3 7 33 3 7 7 Log Out User can manually logout by click on lt Log Out gt Log Out Figure 3 7 34 150 3 8 AP4 WDS Bridge Mode To set this device as a WDS device the setting and functions as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control Bridge Status WIFI Status Log System time Reboot V LAN e Bridge LAN settings V WIRELESS e WIFI athO Setting WIFI ath4 Setting WIFI ath5 Setting WIFI ath6 Setting WIFI ath7 Setting V FILTER e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 3 8 1 System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control Bridge status WIFI Status Log System time and Reboot screen as shown in Figure 3 8 1 151 Dual WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 8 1 3 8 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 8 2 These settings allow user to configure the Device Name Language Model Password Remote Mana
204. ng is over this value Lantech View will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 5 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 5 3 This page shows current firmware 89 version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of firmware Firmware Update Current Firmware information Version IWP 2000 65 v0 1 4 Date 2010 04 13 Using TFTP ET Using WEB Using FTP Der Figure 3 5 3 gt Using TFTP On any computer in the network or a compute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading gt Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not
205. nt Enable System Information Contact Contact me Location Lam here V1IV2C IndexAccess Right Community 1 Deny Mi 2 bev vi 3 dey sd 4 Dev Wi 5 Dey vi Auth Privacy Access Priv Passphrase Security Level Type Auth Passphrase Protocol Right AuthPriv w MDS DES v unused w AuthPriv v MD5 DES vi unused AuthPriv MD5 vi DES w unused AuthPriv v MD5 v DES unused w AuthPriv MD5 w DES vi unused Figure 3 2 34 3 3 5 2 VACM Setting User can use the View based Access Control Model VACM to define whether access to a specified managed object is authorized Access control is done at the following points eWhen processing retrieval request messages from the SNMP manager eWhen processing modification request messages from the SNMP manager eWhen notification messages must be sent to the SNMP manager The following tokens for VACM access security that user can use Community to Security for V1 V2c Map the community name COMMUNITY into a security name The Community to Security token takes NAME SOURCE and COMMUNITY options User can use this token to give SNMPv3 security privileges to SNMPv1 and SNMPv2 users and communities Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the gr
206. nt Enable C Ifenabled only the following PC can manage this AP IP Address A i a Figure 3 8 2 gt Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout gt Remote Management User can enable disable the management of the Access Point from a remote host Just tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by LantechView network management system LantechView will monitor the WIFI loading when the loading is over this value LantechView will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 8 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 8 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of firmware 153 Firmware Update Current Firmware information Version IWP 2000 65 v0 1 4 Date 2010 04 13 Using TFTP NEXT Using WEB Using
207. ntrol the access to the SNMP The community name can be thought of as a password If user don t 54 have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community v3 The SNMP V3 isa Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account and assign access rights by VACM 55 SNMP Basic Settings SNMP Age
208. o 0 2 The default value is 0 5 TC redundancy 0 1 2 This value controls the TC redundancy used by the local node in TC message generation If set to 0 the advertised link set of the node is limited to the MPR selectors If set to 1 the advertised link set of the node is the union of its MPR set and its MPR selector set If set to 2 the advertised link set of the node is the full symmetric neighbor set of the node The default value is O MPR coverage 1 n This value decides how many MPRs a node should attempt to select for every two hop neighbor The default value is 5 LQ level 1 2 This setting decides the Link Quality scheme to use If set to O the link quality is not regarded and mesh system runs in OLSR mode RFC3626 If set to 1 the link quality is used when calculating MPRs If set to 2 the route will also be calculated based on distributed link quality information This option should therefore only be set to 1 or 2 if such a setting is used by all other nodes in the network The default value is to 2 Please note that if LQ level is set to 1 or 2 the mesh will not compatible with RFC3626 LQ winsize 1 n The total number of packets received up to now This value starts at 0 immediately after a link has come alive and then counts each packet It is capped at the link quality window size The default value is 100 Willingness 0 7 Nodes participating in an OLSR routed network will announce their willingness to act as relays for
209. o WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is 163 granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPAZ is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal vw WPA MODE WPA amp WPA2 w Share Key 123456789 8 63 characters WPA Encryption Auto Group Key Update Interval 600 30 65535 Figure 3 8 24 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here SSID Security Mode Authentication WPA MODE Share Key WPA Encryption Group Ke
210. o box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP v WEP Encryption Open ORestricted KEY 1 KEY 2 O Select Key y KEY 3 KEY 4 Figure 3 3 24 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPAZ is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and 47 TKIP SSID Security Mode Authentication RSE WPA MODE WPA vi Share Key 123456789 8 63 characters WPA Encryption Auto v Figure 3 3 25 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter their account and password to pass the authentication SSID Security Mode Authentication WPA enterprise WPA MODE a Share Key 123456789 8 63 characters WPA Encryption Auto
211. ode only If enabled all of the 140 clients connect to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie O 9 a f User can set maximum 4 keys but only one key will functional at one time Advanced Setting Auto Peer Node Distance n 1 Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 346 256 2346 RTSICTS Threshold 2346 1 2346 Tx Power Auto Na Rate 54 v Mbits Z Fixed Layer 2 Isolation Disable Enable Key 1 eecee WEP Key Setting Key 2 ee ese Key 3 eeece Key 4 ee Figure 3 7 20 WDS MAC Address Setting MAC Address In WDS function user should enter the MAC address that indicates which AP to connect to WDS MAC Address Setting MAC Address 1 MAC Address 2 Delete MAC Address 3 MAC Address 4 Figure 3 7 21 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANS defined in the 802 11 standard Open or Restricted An open syste
212. of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Authentication WPA MODE WPA vi Share Key 123456789 8 63 characters WPA Encryption Auto Figure 3 5 26 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter their account and password to pass the authentication SSID Security Mode Authentication WPA enterprise v WPA MODE Wwa vi Share Key 123456785 8 63 characters WPA Encryption Auto Account F3000 Password F3000 Figure 3 5 27 Please Note In wifi station model the security setting must be same as the AP that user wish to connect 3 5 5 Filtering The MAC address filter section can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 5 5 1 IP Filtering User can block certain client PCs from accessing this AP based on its IP address If enabled user should also configure the IP Filtering Address This option is only available in router and MESH modes 101 IP Filtering Enable Disable IP Filtering IP Addre
213. oice CWmin 7 v CWMax 15 v AIFS 1 1 255 Burst 3 0 Say Reon CWmin 7 w CWMax 1023 w AIFS 2 1 255 TXOP 64 1 255 x32ms ACM OEnable Disable SEEN A Cwmin 15 vw CWMax 1023 7 AIFS 7 1 255 TXOP 1 1 255 x32ms ACM OEnable Disable i CWmin 7 CWMax 7 _ AIFS 1 1 255 STA Tx Video _ ki TXOP 47 1 255 x32ms ACM OEnable Disable ASE CWmin 7 CWMax 15 AIFS 1 1 255 TXOP 94 1 255 x32ms ACM CEnable Disable Figure 3 6 24 3 6 4 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 6 4 1 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario gt General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those 122 interfaces PCs with MAC address in the MAC address table can access this AP Reject all PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table MAC address filtering Filtering typ
214. ol Bridge LAN port AP WIFI 1 Status AP WIFI 2 Status 134 Status Current Firmware Version TWP 2000 65 v0 1 8 Device Name IWP 2000 65 System Model AP WDS BRG System Time Wed Nov 3 00 40 55 2010 eth0 PoE Disabled IP Address 192 168 1 1 MAC Address 00 26 48 00 0e df Mask 255 255 255 0 MODE 802 11 a COUNTRY North_America_Area Figure 3 7 11 3 7 1 5 Power Control Status In this page user can enable the ethO port to provide PoE power forwarding function Power Control Status PoE Power Control etho port OEnable Disable Figure 3 7 12 135 3 7 1 6 Bridge Status In this page user could see the bridge interfaces information of this device such as interface information STP ststus mac address information etc Bridge Status Bridge brO Bridge STP State off bridge id 8000 002648000edf designated root 8000 002648000edf root port 0 path cost 0 max age 20 00 bridge max age 20 00 hello time 2 00 bridge hello time 2 00 forward delay 15 00 bridge forward delay 15 00 ageing time 300 00 hello timer 0 00 ten timer 0 00 port id 8001 state forwarding designated root 8000 002648000edf path cost 19 designated bridge 8000 002648000edf message age timer 2813 31 designated port 8001 forward delay timer 2812 36 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8002 state forwarding designated root 8000 002648000edf path cost 100 designated bridge 8000 002648000edf me
215. orwarding designated root 8000 002648000edf path cost 100 designated bridge 8000 002648000edf message age timer 42 61 designated port 8003 forward delay timer 39 01 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8004 state forwarding designated root 8000 002648000edf path cost 100 designated bridge 8000 002648000edf message age timer 7373 88 designated port 8004 forward delay timer 7372 92 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes Bridge br Learned MACS port no mac addr is local ageing timer 1 00 13 a9 2a be 78 no 0 04 3 00 26 48 00 0e df yes 0 00 4 00 40 c7 fb 00 f3 yes 0 00 1 00 40 cf 00 00 22 yes 0 00 00 40 cf 00 00 33 yes 0 00 Figure 3 3 13 3 3 1 7 WIFI Status In this page user can click WIFI Interfaces to see each WIFI s information of this device such as Interface information Security information Associated AP Station The Figure 3 3 14 shows the ath3 CB interface is waiting for connecting to an AP WIFI Status WIFI Interfaces ath3 ath4 Interface ath3 Waiting for Connecting Figure 3 3 14 The Figure 3 3 15shows that the ath3 CB model has connected to an AP and display the relevant information 41 WIFI Status WIFI Interfaces ath3 ath4 IEEE 802 11bg ESSID A1 APO Nickname Mode Managed Frequency 2 417 GHz Access Point 00 40 C7 EF 00 28 Bit Rate 36 Mb s Tx Power 16 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr
216. ould like to use for this AP SSID Security Mode Authentication WEP v WEP Encryption Open ORestricted A C Select Key KEY 1 O KEY 2 O KEY 3 KEY 4 Figure 3 4 30 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA 8 WPA2 WPA2 is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the 76 pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK broadcast multicast enc SSID Security Mode Authentication WPA MODE Share Key WPA Encryption Group Key Update Interval WPA enterprise ption keys in seconds WPA personal WPA amp WPA2 123456789 8 63 characters Auto 600 30 65535 Figure 3 4 31 WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of t
217. oup can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any vi v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityModel parameter The available options for this field are all none mib2 and the View Name from View table Write Authorized View Name for write access The available options for this field are all none mib2 and the View Name from View table Notify Authorized View Name for notify access The available options for this field are all none mib2 and the View Name from View table Security Model Security Level generic any NoAuthNoPriv generic generic generic v genericusm usm AuthPriv vi all vi all v all si Lany Mj NoAuthNoPriv all xj all generic any NoAuthNoPriv vl all ball all 6 CS IEK IIE i 2 3 generic 4 5 lt lt 2 S generic any NoAuthNoPriv all vi all Figure 3 7 30 3 7 5 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network man
218. oup table IP source Describes a host or network Community The community name that is used Group 56 SN Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is v1 or v2c or obtain from the User ID of usm when security model is usm MP VACM Settings 1 Community to Security for V1 V2c Index Security Name IP Source Community K n A UNa MED DEDS Imypriv 127 0 0 1 Group Name Security Model Security Name 4 generic vi B mypriv v 2 genericusm di usm generic v A A A an mypriv x 4 vw mypriv vi 5 iM mypriv xi Figure 3 3 35 gt View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset Include Assign include or exclude in this record for certain subtree Sub Tree the OID value For example 1 3
219. ours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Time Update for Every User can set time update interval by enter the days hours and minutes 116 Time Setting Select Setting Type Manual Setting Sey OO Yi on wih aa ineme Time Server Current System Time Tue Apr 13 00 13 59 UTC 2010 Year Month Day 2010 4 13 Year 1900 2037 Hour Minute Second oo jo0 s o0 Hours from GMT 8 Hours Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every o days O 31 0 hours 0 23 10 minites 0 59 Figure 3 6 15 3 6 1 9 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the lt Reboot gt button and click on lt OK gt On pop up screen to confirm user s decision Reboot Access Point Reboot Figure 3 6 16 3 6 2 LAN Configuration Network IP Parameters User can change the network settings of this device from LAN Configuration it is including IP address Subnet mask and Gateway address LAN Setting iets el Seng O Network TP Parameters IP Address 192 168 fi fi Subnet Mask 255s 2ss 2es 0 Gateway Address fie
220. ov 3 01 09 12 2010 eth0 PoE Disabled IP Address 192 168 1 1 MAC Address 00 40 cf 00 00 22 Mask 255 255 255 0 MODE 802 11 a COUNTRY North_America_Area CHANNEL Auto DTIM 1 FRAG 2346 RTS 2346 BEACON 100 DISTANCE 100 DISTANCE 100 SSID A2 AP4 Security Disabled Figure 3 6 11 3 6 1 5 Power Control Status In this page user can enable the ethO port to provide PoE power forwarding function Power Control Status PoE Power Control etho port OEnable Disable Figure 3 6 12 115 3 6 1 6 WIFI Status In this page user could see the WIFI information of this device such as Interface information Security information Associated AP Station WIFI Status WIFI Interfaces ath0 ath4 IEEE 802 11bg ESSID A1 APO Nickname Mode Master Frequency 2 452 GHz Access Point 00 40 C7 FB 00 F8 Bit Rate 0 kb s Tx Power 16 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 0 70 Signal level 96 dBm Noise level 96 dBm Rx invalid nwid 979 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Mode Disable Associated AP Station End of Status Figure 3 6 13 3 6 1 7 Log In this page user could see the system logs record of this device Logs Apr 13 00 02 01 IWP 2000 65 cron notice crond 2844 USER root pid 3531 cmd web server www htm i Apr 13 00 02 00 WP 2000 65 auth noti
221. over this value LantechView will change the color of the link line on network topology to notify the user about condition of the link quality The threshold value is between 5 and 25 3 4 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 4 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of the firmware Firmware Update Current Firmware information Version IWP 2000 65 v0 1 4 Date 2010 04 13 Using TFTP NE Using WEB NEXT Using FTP NEXT Figure 3 4 3 Using TFTP On any computer in the network or a compute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn
222. r SNMP Community provides a simple protection by using the community name to control the access to the SNMP The community name can be thought of as a password If user don t have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community v3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account
223. r Current System Time Tue Apr 13 00 44 23 UTC 2010 Manual Setting Year Month Day 2010 yla 13 Year 1900 2037 Hour Minute Second joo fo joo Hours from GMT 8 Y Hours Server IP 140 142 16 34 Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every 0 _ days 0 31 0 hours 0 23 10 minites 0 59 Figure 3 2 16 3 2 1 10 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the lt Reboot gt button and click on lt OK gt on pop up screen to confirm user s decision Reboot Access Point After you change the setting or in the event that the Access Point stops responding correctly or in some way stops functioning you can perform a Reboot To perform the Reboot click on the Reboot button below You will be asked to confirm your decision NOTE Some of the ANTI VIRUS shield programes may block the following WEB page Please wait for a while then reconnect this device Figure 3 2 17 3 2 2 LAN Configuration Interface brO Setting IP Authentication Indicate how the IP address of this device will be assigned There are two options available here Static option the IP address should be entered in Network IP Parameters and DHCP option the IP address will be assigned from other DHCP server
224. r above and have the resolution 1024x768 Web Access Procedures Now user can use web browser to configure IWP 2000 65 The following procedure explains how to configure each item Stepi Open your web browser and enter the IP Address 192 168 1 1 as default Wireless Access Point SETUP MENU Windows GO e 192 168 1 1 v Step2 Press lt ENTER gt key and the IWP 2000 65 Login screen will appear as shown in Figure 3 1 Wireless Access Point SETUP MENU Windows Internet Explorer OO E http 192 168 1 1 MAk BJ Google File Edit View Favorites Tools Help n i l i aw Wireless Access Point SET ith amp Dual WLAN Device Username Password Figure 3 1 Step3 Enter admin in the Username and Password fields and click lt LOGIN gt to enter the web configuration page as shown in Figure 3 2 This page includes all basic configurations for the Access Point The items are list in left hand side of the menu WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 2 3 2 AP Bridge Mode The default operating model for IWP 2000 65 is AP Bridge this model is to set the device as a normal AP The functions and settings are list as following V SYSTEM e Administrator e Firmware e Configuration Tools General Status Power Control Bridge
225. r wireless If set to Ethernet Client the MAC Address from the first Ethernet client that transmits data through the Wireless Bridge will be used When multiple Ethernet devices are connected to the Wireless Bridge it may not be obvious which MAC Address will be used If set to WDS it will include 4 MAC address while transmit the data through Wireless Bridge It is only available on bridge mode in station interface If the AP to associate does not support 4 WAY HANDSHAKE the Ethernet client should be selected Peer Node Distance Set the distance between this device and it s adjacent If select manual the distance will be determined by Slot time ACK timeout and CTS timeout three values Beacon Period This item contains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device
226. relev Apr 13 00 05 05 WP 200065 daemon info avahi daemon 2838 Registering new address record for Apr 13 00 05 05 WP 200065 daemon info avahi daemon 2838 New relevant interface ath3 IPv4 fo Apr 13 00 05 05 WP 200065 daemon info avahi daemon 2838 Joining mDNS multicast group on int Apr 13 00 05 02 WP 2000 65 daemon info avahi daemon 2838 Withdrawing address record for 192 Apr 13 00 05 02 WP 2000 65 daemon info avahi daemon 2838 Leaving mDNS multicast group on int Apr 13 00 05 02 WP 200065 daemon info avahi daemon 2838 Interface ath3 IPv4 no longer relev Apr 13 00 04 11 WP 200065 daemon info avahi daemon 2838 Registering new address record for Apr 13 00 04 11 WP 200065 daemon info avahi daemon 2838 New relevant interface ath7 IPv4 fo Apr 13 00 04 11 IWP 200065 daemon info avahi daemon 2838 Joining mDNS multicast group on int Apr 13 00 04 08 WP 2000 65 daemon info avahi daemon 2838 Withdrawing address record for 192 lt gt 7 Figure 3 5 15 3 5 1 8 System time gt Select Setting Type Setting by User can set system time in two ways One is manual 94 setting the other one is Synchronize with an Internet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute Second Using Internet Time Server Hours from GMT User can enter the Hours from GMT for example Taiwan is GMT 8 Hours Server IP User should enter the Internet time server IP address here Time Upda
227. rent System Time Tue Apr 13 00 44 23 UTC 2010 Manual Setting Year Month Day 2010 pla 13 x Year 1900 2037 Hour Minute Second foo oo0 oo0 Hours from GMT 8 Y Hours Server IP 140 142 16 34 Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every o days 0 31 0 hours 0 23 10 _ minites 0 59 Figure 3 9 15 3 9 1 9 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the lt Reboot gt button and click on lt OK gt on pop up screen to confirm user s decision Reboot Access Point After you change change the setting or in the event that the Access Point stops responding correctly or in some way stops functioning you can perform a Reboot To perform the Reboot click on the Reboot button below se ate ap aa kt decision Figure 3 9 16 3 9 2 WAN Configuration 3 9 2 1 WAN Settings This function is to establish a connection with user s WAN network and also assign the IP to the host behind this AP Network IP Parameters User can change the network settings of this interface from WAN configuration it is including IP address Subnet mask Gateway address and enable disable the DHCP server Function DHCP Server Parameters Primary Secondary DNS Address The domain name servers option speci
228. rity STP 0 255 RSTP 0 15 PtoP auto w Edge no w 2400000 0 2 10 jority 14 0 0 Port wdsi4 Cost 2400000 0 2 10 8 Priority 14 STP 0 255 RSTP 0 15 PtoP auto v Edge no vw Cost 2500000 0 2 10 8 Priority 15 STP 0 255 RSTP 0 15 Port wdsi5 a K my F PtoP auto v Edge no v 2600000 o 2 jority 15 Do 0 Port wdsj6 Cost 0 2 10 8 Priority STP 0 255 RSTP 0 15 PtoP auto Edge no vw 2700000 0 2 10 jority 15 o 0 Port wdsi7 Cost 27 _ O 2 10 8 Priority STP 0 255 RSTP 0 15 PtoP auto w Edge no v Figure 3 7 18 3 7 3 Wireless User can set the wireless related setting here Dual WLAN Device Wireless You can set the wireless releated setting here WIFI athO Setting WIFI ath4 Setting Figure 3 7 19 139 3 7 3 1 WIFI athO and ath4 Setting General Radio Power Turn this interface on or off Wireless Mode Select which wireless mode that user wants to use The options available here are 802 11a 802 11b 802 11g and 802 11b g SSID The SSID service set identifier is an identifier of an AP in user s wireless network The SSID must be identical for all access points in the network It is case sensitive and maximum length is 32 SSID Hide This function is to hide the SSID in the wireless net work Country This setting configures the access point s country code which identify the country of operation and sets the authorized radio channels Channel Set the operat
229. riv 03 genericro Y j fi i NoAuthNoPriv vl 04 genericro NoAuthNoPriv Figure 3 4 40 gt Trap Items Enable Disable which trap items to send Trap Items Cold Start O Disable Enable Warm Start ODisable Enable Link Up ODisable Enable Link Down ODisable Enable Auth Fail ODisable Enable Log In ODisable Enable Figure 3 4 41 3 4 7 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device Tools Command Ping Ping IP Count 3 Disable Enable Figure 3 4 42 3 4 8 Log Out User can manually logout by click on Log Out 86 Log Out Figure 3 4 43 3 5 CB CB Route Mode CB CB Route mode is to set this device as a router device with two CBs Station mode For example one CB connects to an Internet Provider s AP for WAN connection another CB connects to the intranet s AP The setting and functions list as following V SYSTEM e Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System time Reboot V WAN e WAN Settings e Bandwidth Management V LAN e eth0 Settings e ethi Settings e Station ath7 Settings V WIRELESS e Rogue Ap Scan e WIFI ath3 Setting e WIFI ath7 Setting V FILTER e IP Filtering e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting 87 V Tools e Tools V Log Out 3 5 1
230. rt Apr 13 00 07 01 WP 2000 65 user info kernel br0 port Apr 13 00 07 01 WP 2000 65 user info kernel br0 port Apr 13 00 07 01 WP 2000 65 user info kernel br0 port Apr 13 00 07 01 WP 2000 65 user info kernel brO port Apr 13 00 06 07 WP 2000 65 user info kernel br0 port Apr 13 00 06 05 WP 2000 65 user info kernel br0 port Apr 13 00 06 05 WP 2000 65 user info kernel br0 port Apr 13 00 06 04 WP 2000 65 user info kernel br0 port Apr 13 00 06 04 WP 2000 65 user info kernel brO port ath3 transitioning to RSTP mode Apr 13 00 06 04 WP 2000 65 user info kernel brO port ath3 enabled a i gt Figure 3 3 17 ath3 enabled ath3 transitioning to FORWARDING s ath3 transitioning to LEARNING sta ath3 transitioning to DESIGNATED r ath3 transitioning to RSTP mode ath3 enabled ath3 transitioning to DISCARDING s ath3 transitioning to DISABLED rol ath3 disabled ath3 enabled ath3 enabled ath3 transitioning to FORWARDING s ath3 transitioning to LEARNING sta ath3 transitioning to DESIGNATED r Wow W W w www w Wow WWW Ww 3 3 1 9 System time Select Setting Type Setting by User can set system time in two ways One is manual setting the other one is synchronize with an Internet Time Server Manual Setting User can manually enter the Year Month Day and Hour Minute Second 42 Using Internet Time Server Hours from GMT User can enter the Hours from GMT for
231. s Index Index of Community to Security Tick the checkbox to enable the recordset Security Name is a name that will use by the group table IP source Describes a host or network Community The community name that is used Group 125 Map the security names into group names For SNMP V3 the security Name is the user ID in Basic setting Index Index of Group Tick the checkbox to enable the recordset Group Name A group name is given to a group of users and is used when managing their access rights Security Model Assign security model for group Security Name Assign security name for group This field will obtain from the Security Name of Comunity to Security when security model is v1 or v2c or obtain from the User ID of usm when security model is usm SNMP VACM Settings 1 Community to Security for V1 V2c Index Security Name IP Source Community K n A UNa mypriv 127 0 0 1 public Group Name Security Model Security Name a 1 generic vi B mypriv v M2 genericusm di usm generic v 3 j v mypriv O4 vw mypriv vi 5 Moun mypriv xi Figure 3 6 27 gt View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset Include Assign include or exclude in this record for certain
232. s a VLAN AP device Each SSID can have its own VLAN ID AP WDS BRG To set this device as a WDS device with AP function AP4 WDS BRG To set this device as WDS device with AP function and support up to 4 SSID Administrator Settings Device Name Name IWP 2000 65 0 9 A Z a z ont Language English v OLSR AP AODV_AP AP Bridge Model AP CB Bridge AP CB ROUTE 8 CB CB ROUTE VLAN AP AP_WDS_BRG AP4 WDS BRG Current Password Password G 12Characers Re type Password Idle Time Out 999 1 999 minutes Enable if enabled only the following PC can manage this AP IP Address Ei Threshold 15 5 25 Mb sec Figure 3 5 2 Password Settings If user wants to change the password for admin account the user should enter the current password a new password and re type the new password The Idle Time Out is the amount of time of inactivity allowed before user proceeds next action The user needs to re login if the idle time passes timeout Remote Management User can enable disable the management of the Access Point from a remote host Just click tick the lt Enable gt check box and enter an IP address of the remote host Then only the host with the entered IP address can access this device WIFI Loading Warning Threshold The threshold value is used by Lantech View network management system Lantech View will monitor the WIFI loading when the loadi
233. secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all the packets are transmitted with encryption 224 Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP yi m at Open ORestricted A Select Key KEY 1 KEY 2 KEY 3 KEY 4 Figure 3 10 30 3 10 6 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 10 6 1 IP Filtering User can block certain client PCs from accessing this AP based on its IP address If enabled user should also configure the IP Filtering Address This option is only available in router and MESH modes IP Filtering Enable Disable IP Filtering IP Address Enter the Network IP Address and press lt Appl
234. sk 255 255 255 0 DHCP Server v DHCP Server Parmeters Primary DNS Address 168 95 E 1 Secondary DNS Address IP Pool Starting Address a SI 100 IP Pool Ending Address gt 200 Lease Time Halfhour v Figure 3 9 19 3 9 3 2 AP WLAN Settings User can change the local network settings from LAN Configuration for ath4 interface which include the IP address Subnet mask Gateway and DHCP server related settings Network IP Parameters User can change the network settings of this interface from LAN configuration it is including IP address Subnet mask Gateway address and enable disable the DHCP server Function DHCP Server Parameters Primary DNS Address The domain name servers option specifies a primary Domain Name System servers available to the client Secondary DNS Address In same case user can specifies a secondary Domain Name System servers available to the client 187 IP Pool Starting Ending Address The range of IP addresses which can be assigned to the client Lease Time How long does the IP address can be leased by DHCP server LAN Setting Interface ath Seting Network IP Parameters IP Address 192 168 24 1 Subnet Mask 255 255 255 10 DHCP Server DHCP Server Parmeters Primary DNS Address 168 95 1 A Secondary DNS Address 7 fi LE IP Pool Starting Address 32 2 100 IP Pool Ending Address 5 2 200 Lease Time Haifhour v Figure 3 9 20 3 9 3 3 MESH
235. ss Enter the Network IP Address and press lt Apply gt to filter IP Filtering IP Filtering Disable O Enable Category IP Address Delete IP Address 1 Delete IP Address 2 a Delete IP Address 3 Pol Delete IP Address 4 Delete IP Address 5 Delete IP Address 6 li Delete IP Address 7 ko ui Delete IP Address 8 Po Delete IP Address 9 Delete IP Address 10 Po Delete IP Address 11 Delete IP Address 12 men Oo Delete IP Address 13 Delete IP Address 14 Delete IP Address 15 B Delete Figure 3 5 28 3 5 5 2 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario gt General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those interfaces PCs with MAC address in the MAC address table can access this AP Reject All PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table 102 MAC address filtering Filtering type Disable v MAC address table Item MAC address Ex 22 22 22 22 22 22 MAC address 1 Delete MAC address 2 Delete MAC address 3 Delete MAC address 4 Delete MAC address 5 D
236. ss 2 Delete MAC address 3 Delete MAC address 4 Delete MAC address 5 Delete MAC address 6 Delete MAC address 7 Delete MAC address 8 Delete MAC address 9 Delete MAC address 10 Delete MAC address 11 Delete MAC address 12 Delete MAC address 13 _Delete MAC address 14 Delete MAC address 15 Delete Figure 3 10 32 3 10 7 SNMP The IWP 2000 65 support SNMP V1 V2C V3 this page is for defines the SNMP access control and SNMP traps 3 10 7 1 Basic Setting SNMP Agent Check the Enable check box to turn on SNMP Please Note Enable the SNMP will also enable the LLDP Link Layer Discovery Protocol function This function will be used if user wants Lantech View to remote management the AP and draw the network topography System Information 226 Contact Specify the contact name for this managed node as well as information about how to contact this person Location Itis used to define the location of the host on which the SNMP agent is running V1 V2C User can change user s SNMP community settings on this screen Access Right Select an access right for the SNMP manager Read is read only Write is read write and Deny means this community name is not implemented Community Specify the name of community for the SNMP manager SNMP Community provides a simple protection by using the community name to control the access to the SNMP The community name can be thought of as a
237. ssage age timer 2813 32 designated port 8002 forward delay timer 2812 37 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes EDIT pen konn id 8003 state forwarding designated root 8000 002648000edf path cost 100 designated bridge 8000 002648000edf message age timer 2813 34 designated port 8003 forward delay timer 2812 38 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port id 8004 state forwarding designated root 8000 002648000edf path cost 100 designated bridge 8000 002648000edf message age timer 2813 34 designated port 8004 forward delay timer 2812 38 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port no mac addr is local ageing timer 1 00 13 a9 2a be 78 no 0 09 3 00 26 48 00 0e df yes 0 00 4 00 40 C7 f0 00 f8 yes 0 00 1 00 40 cf 00 00 22 yes 0 00 2 00 40 cf 00 00 33 yes 0 00 End of Statu w Figure 3 7 13 3 7 1 7 WIFI Status In this page user could see the WIFI information of this device such as Interface information Security information Associated AP Station 136 WIFI Status WIFI Interfaces ath0 ath4 cunt Information IEEE 802 11g ESSID A1 APO Nickname Mode Master Frequency 2 452 GHz Access Point 00 26 48 00 0E C2 Bit Rate 0 kb s Tx Power 18 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power off Management Link Quality 0 70 Signal level 96 dBm Noise level 96 dBm Rx invalid nwid 223
238. stallation H Chapter 3 Operation of Web based Management 1 Introduction 1 1 Overview of IWP 2000 65 The IWP 2000 65 is a 802 11a b g Dual Radio Outdoor Multi Function Wireless Access Point with Power over Ethernet PoE supported The IWP 2000 65 also operates as multi function wireless system that includes MESH Point to Point Point to Multipoint Bridge Access Point Wireless Client and Repeater The dual radio of IWP 2000 65 can be functioned dual band and maintain each radio up to 54Mbps data rate simultaneously on both directions Key Features in the Device e Dual Radio Two high power IEEE 802 11 a b g radio for backhaul and local access e Multi operating modes support OLSR_AP AODV_AP AP Bridge AP CB Bridge AP CB ROUTE CB CB ROUTE VLAN AP AP_WDS_BRG AP4_WDS_BRG e Bandwidth limitation Traffic shaping by IP in MESH and ROUTE model up to 30 list e Power over Ethernet e PoE Power Forwarding e Mac filtering e IP filtering e QOS WMM Enhance performance and density e LLDP Link Layer Discovery Protocol e Up to 8 SSID support e Supports WEP 64 128 WPA WPA2 encryption e Support SNMP V1 V2c V3 e Support STP RSTP e IP65 Industrial standard 1 2 Specification Data Rates 802 11b 1 2 5 5 11Mbps 802 11g 6 9 12 18 24 36 48 54 Mbps 802 11a 6 9 12 18 24 36 48 54 Mbps Standards IEEE802 11 a b g IEEE802 1x IEEE802 3 IEEE802 3u IEEE802 3af Power Active Ethernet Power over Ethernet
239. t V LAN e EthO settings e AP WLAN Settings e MESH WLAN Settings V MESH e OLSR CONFIG e OLSR ADMIN e OLSR ROUTES e OLSR LINKS V WIRELESS e WIFI Ap Setting e WIFI MESH Setting V FILTER e IP Filtering e MAC Filtering V SNMP e Basic Setting e VACM Setting e Trap Setting V Tools e Tools V Log Out 177 3 9 1 System This page shows the current status and some basic settings of the device including Administrator Firmware Configuration Tools General Status Power Control WIFI Status Log System Time and Reboot screen as shown in Figure 3 9 1 Se D Dual WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 9 1 3 9 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 9 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold gt Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a z A w Z _ or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese Model OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an A
240. t Effort pe TXOP 64 1 255 x32ms ACM OEnable Disable CWmin 15 CWMax 1023 w AIFS 7 1 255 STA Tx Background e 5 ae fae TXOP 1 1 1 255 x32ms ACM OEnable Disable n CWmin 7 v CWMax 7 v AIFS 1 4 255 STA Tx Video J TXOP 47 1 255 x32ms ACM OEnable Disable CWmin 7 v CWMax 15 AIFS 1 1 255 STA Tx Voice A TXOP 94 1 255 x32ms ACM OEnable Disable Figure 3 3 32 3 3 4 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter s It is most useful to prevent unauthorized wireless devices from connecting to user s network A MAC address is a unique ID assigned by the manufacturer of the network adapter 3 3 4 1 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario gt General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those interfaces PCs with MAC address in the MAC address table can access this AP Reject All PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table 53 MAC address filtering Filtering type Disable v MAC address table
241. tains the length of the beacon interval Enter a value between 20 and 1000 to specify the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold 99 Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie O 9 a f User can set maximum 4 keys but only one pi will functional at one time Radio Power On Wireless Mode 80211a SSID ALAP3 MAC Cloning WDS bw Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto v Key 1 eevee WEP
242. tate forwarding designated root 8000 000000000020 path cost 100 designated bridge 8000 000000000020 message age timer 2744 04 designated port 8004 forward delay timer 2743 08 designated cost 0 hold timer 0 00 adminp2pmac AUTO edge yes port no mac addr is local ageing timer 2 00 00 00 00 00 20 yes 0 00 1 00 00 00 00 00 21 yes 0 00 1 00 13 a9 2a be 78 no 0 05 3 00 26 48 00 0e c2 yes 0 00 4 00 40 c7 fb 00 8 yes 0 00 End of Status Figure 3 8 13 3 8 1 7 WIFI Status In this page user could see the WIFI information of this device such as Interface information Security information Associated AP Station WIFI Status A ath0 WIFI Interfaces a Interface Information TEEE 802 11bg ESSID A1 APO Nickname Mode Master Frequency 2 452 GHz Access Point 00 40 C7 FB 00 F8 Bit Rate 0 kb s Tx Power 16 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 0 70 Signal level 97 dBm Noise level 97 dBm Rx invalid nwid 1615 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Information Associated AP Station End of Status i i Figure 3 8 14 158 3 8 1 8 Log In this page user could see the system logs record of this device Logs System Logs Apr 13 00 02 01 IWP 2000 65 cron notice crond 2844 USER root pid 3454 cmd web server www htm A Apr 13 00 00 14 IWP 2000 65 auth notice root
243. te for Every User can set time update interval by enter the days hours and minutes Time Setting i anni O SE an Internet Time Server Current System Time Tue Apr 13 00 44 23 UTC 2010 Manual Setting Year Month Day 2010 p 4 vi 13 v Year1900 2037 Hour Minute Second foo oo jo Hours from GMT 8 Hours Server IP 140 142 16 34 Server IP for Reference 140 142 16 34 or 129 132 2 21 Time Update for Every 0 days 0 31 0 hours 0 23 10 _ minites 0 59 Figure 3 5 16 3 5 1 9 Reboot User can perform reboot function in case of the device is not function normally or after user change some major settings for example change system model The existing settings will not be changed To perform the reboot click on the lt Reboot gt button and click on lt OK gt on pop up screen to confirm user s decision Reboot Access Point After you change the setting or in the event that the Access Point stops responding correctly or in some way stops functioning you can perform a Reboot To perform the Reboot click on the Reboot button below You will be asked to confirm your decision Figure 3 5 17 3 5 2 WAN Configuration 3 5 2 1 WAN Settings This function is to establish a connection with user s WAN network select the IP Allocation Mode that ISP is used 95 Interface ath3 Setting IP Authentication Indicate how the IP address of this device will be assigned There are two options availabl
244. te how the IP address of this device will be assigned There are two options available here Static option the IP address should be entered in Network IP Parameters and DHCP option the IP address will be assigned from other DHCP server Network IP Parameters User can change the network settings of this device from LAN Configuration it is including IP address Subnet mask and Gateway address 43 Bridge STP Setting User can also set the Bridge STP setting in this page STP RSTP Disable the bridge STP or set the bridge mode as STP or RSTP mode Bridge Priority Set the priority value of the bridge The priority value is a number between 0 and 65535 The bridge with the lowest priority will be elected root bridge Hello Time Set the bridge s bridge hello time value seconds Forwarding Delay Set the bridge s bridge forward delay value seconds Max Age Set the bridge s maximum message age value seconds Port Cost Set the port cost of the port Port Priority Set the port priority of the port interface It is used in the designated port and root port selection algorithms P to P If a bridge port is operating in full duplex mode than the port is functioning as point to point The available options are auto true or false By default it is set to auto Edge If a port is operating in half duplex mode and is not connected to any further bridges participating in STP or RSTP then the port is an edge port The avai
245. the community name to control the access to the SNMP The community name can be thought of as a password If user don t have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community v3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account and assign access rights by VACM 201 SNMP Basic S
246. the device including Administrator Firmware Configuration Tools 206 General Status Power Control WIFI Status Log System Time and Reboot screen as shown in Figure 3 10 1 Dual WLAN Device System Setting This page includes all the basic configuration tools for the Access Point The options are in the menu screen to the left Figure 3 10 1 3 10 1 1 Administrator By selecting the item of Administrator under System User will see the screen shown in Figure 3 10 2 These settings allow user to configure the Device Name Language Model Password Remote Management and WIFI Loading Warning Threshold Device Name This is a host name or system name for the device The maximum length is 20 characters User can only input 0 9 a w z A w Z or Language Select This function allows user to select a language for the UI the options available are English Simplified Chinese and Traditional Chinese Model OLSR AP To set this device as an AP with layer 3 MESH function AODV AP To set this device as an AP with layer 2 MESH function AP Bridge To set this device as a normal AP AP CB Bridge To set this device as an AP and Client bridge device AP CB ROUTE To set this device as a router device with AP and CB functions CB CB ROUTE To set this device as a router device with dual CB functions VLAN AP To set this device as a VLAN device Each AP can has it s own VLAN ID AP WDS BRG To set this device
247. the start IP of bandwidth limitation 69 End IP Address To set the end IP of bandwidth limitation Bandwidth Limitation To set the bandwidth in Kbps of bandwidth limitation User can press Add button to add IP address to the Bandwidth Limitation list User can tick the check box and press Del button to delete the IP address from the Bandwidth Limitation list Bandwidth Management Bandwidth Management Bandwidth Management Enable 9 Disable Upload Bandwidth s4 Mbps Download Bandwidth 54 Mbps Action Start IP Address End IP Address Bandwidth Limitation Kbps 1 O UpDownload 3000 Action Start IP Address End IP Address Bandwidth Limitation Kbps Up Download v 0 0 0 0 0 0 0 0 200 Figure 3 4 20 3 4 3 LAN Configuration User can change the local network settings of this device from LAN Configuration for ethO eth1 and ath4 ath7 which include the IP address Subnet mask and DHCP server related settings gt Network IP Parameters User can change the network settings of this interface from LAN configuration it is including IP address Subnet mask and enable disable the DHCP server Function gt DHCP Server Parameters Primary Secondary DNS Address The domain name servers option specifies a list of Domain Name System name servers available to the client IP Pool Starting Ending Address The IP Address range which will be assigned Lease Time How long does the IP address can be
248. tings To backup or restore the configuration for this device Click on NEXT button beside Local Backup settings Restore settings Local Backup Settings Restore settings NEXT Figure 3 5 7 Click on lt Backup Settings gt button on next page to save the settings of this device to a file named configs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process Backup Settings Backup Settings Restore Settings Figure 3 5 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on NEXT button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT Figure 3 5 9 Enter the necessary setting in next page then click on Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Server Type Select OTFIP FTP TFTP or FTP Server IP LI LI LI Firmware Filename in server configs tar FTP Username FTP Password Figure 3 5 10 3 5 1 4 General Status In this page user could see the detail settings of this device including the System Information Power Control ethO LAN Port ehti LAN Port Station WIFI 1 Status and Station WIFI 2 Status 92
249. tion Auto YO Group Key Update Interval 600 30 65535 Figure 3 7 23 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and Shared Secret here In case if a backup server has been deployed in user s network user can also enter the necessary information here SSID Security Mode Authentication WPA enterprise w WPA MODE WA 7 vy Share Key 123456789 i 8 63 characters WPA Encryption Auto Group Key Update Interval 1600 30 65535 802 1x Primary Radius Server Authenticatoin Server 192 168 h 80 1812 Shared Secret secret Backup Radius Server Optional Authenticatoin Server LI LI Shared Secret igure 3 7 24 Qos WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table 142 Common Parameters CWmin Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CW min must be lower than the value for CW max CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin AIFS Arbitration Inter Frame Spacing Burst
250. tion settings to the factory default values just click on NEXT button beside Restore Factory Default Configuration Restore Factory Default Configuration Next Figure 3 9 5 Then click on lt Restore gt button on next page now the system will reset to factory default value Restore Factory Default Figure 3 9 6 Local Backup Settings Restore settings To backup or restore the configuration for this device Click on NEXT button beside Local Backup settings Restore settings Local Backup Settings Restore settings NEXT Figure 3 9 7 Click on Backup Settings button on next page to save the settings of this device to a file named configs tar on user s PC To Restore the settings click on lt Browse gt button and select the correct file path and file name Then click on lt Restore Settings gt button to start the restore settings process 181 Backup Settings Backup Settings Restore Settings Figure 3 9 8 Remote Backup Settings Restore settings User can also backup restore the configuration of this device remotely Click on NEXT button beside Local Backup settings Restore settings Remote Backup Settings Restore settings NEXT J Figure 3 9 9 Enter the necessary setting in next page then click on lt Backup To Server gt or Restore From Server gt to start the process Configuration Backup Restore Serv
251. to the Bandwidth Limitation list User can tick the check box and press lt Del gt button to delete the IP address from the Bandwidth Limitation list Bandwidth Management Bandwidth Management Bandwidth Management O Enable Disable Upload Bandwidth 54 Mbps Download Bandwidth 54 Mbps Action Start IP Address End IP Address Bandwidth Limitation Kbps 1 O Up Download 2 168 1 2 8 1 000 Action Start IP Address End IP Address Bandwidth Limitation Kbps Up Download _ 0 0 0 0 0 0 0 0 200 Figure 3 9 18 186 3 9 3 LAN Configuration The Access Point must have an IP address for the wireless local area network User can also enable DHCP service to assign IP address to the wireless clients Please Note The DHCP service for MESH network is inhibited 3 9 3 1 EthO Settings Network IP Parameters User can change the network settings of this interface from LAN configuration it is including IP address Subnet mask and enable disable the DHCP server Function DHCP Server Parameters Primary Secondary DNS Address The domain name servers option specifies a list of Domain Name System name servers available to the client IP Pool Starting Ending Address The IP Address range which will be assigned Lease Time How long does the IP address can be leased by DHCP server LAN Setting Network IP Parameters IP Address 192 168 0 1 Subnet Ma
252. to the same AP will not be able to access each other WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie O 9 a f User can set maximum 4 keys but only one key will functional at one time Advanced Setting Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto v Rate 54 Mbits Fixed Layer 2 Isolation Disable Enable Key 1 eeeee WEP Key Setting Key 2 e0000 Key 3 eeeee Key 4 00000 Figure 3 8 28 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are transmitted without encryption If the Restricted selected all 167 the packets are transmitted with encryption Select Key Check the radio box in front of the key you would like
253. to use for this AP SSID Security Mode Authentication WEP o WER Eb is Open ORestricted ry Select Key KEY 1 KEY 2 KEY 3 KEY 4 Figure 3 8 29 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPA2 is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the pre share key in here the length of the key is 8 23 characters WPA Encryption User can choose the encryption method of the pre shared key here there are three options Auto AES and TKIP Group Key Update Interval Time interval for rekeying the GTK broadcast multicast encryption keys in seconds SSID Security Mode Authentication WPA personal WPA MODE WPA amp WPA2 Share Key 123456789 8 63 characters WPA Encryption Auto v Group Key Update Interval 600 30 65535 Figure 3 8 30 WPA enterprise WPA Enterprise includes all of the features of WPA PSK plus support the 802 1x authentication To use this function a separate RADIUS server is required User should enter the IP and port number of the Authentication Server and
254. turn off the Access Point while firmware is upgrading gt Using FTP On FTP server there should have valid firmware which includes fs opn img and or kernel opn img On the Firmware Update FTP page enter the IP address of the FTP server firmware name and FTP user name and password Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading 3 5 1 3 Configuration Tools By selecting the item of Configuration Tools under System the screen will show in Figure 3 5 4 This page includes three selections Restore Factory Default Configuration Local Backup settings Restore settings and Remote Backup Settings Restore settings 90 Configuration Tools Restore Factory Defautt Configuration Ler Local Backup Settings Restore settings ET Remote Backup Settings Restore settings ET Figure 3 5 4 Restore Factory Default Configuration To reset configuration settings to the factory default values just click on NEXT button beside Restore Factory Default Configuration Restore Factory Default Configuration NEXT Figure 3 5 5 Then click on Restore button on next page now the system will reset to factory default value Restore Factory Default Figure 3 5 6 Local Backup Settings Restore set
255. ty 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 69 70 Signal level 24 dBm Noise level 93 dBm Rx invalid nwid 26463 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Information Security Mode Disable Associated AP Station MAC Address Q0 40 C7 EF 00 28 Figure 3 4 14 End of Status The Figure 3 4 15 shows ath4 AP model information WIFI Status Se n a e ee WIFI Interfaces ath3 ath4 ath IEEE 802 11bg ESSID A2 AP4 Nickname Mode Master Frequency 2 412 GHz Access Point 00 26 48 00 0E C2 Bit Rate 0 kb s Tx Power 17 dBm Sensitivity 1 1 Retry off RTS thr off Fragment thr off Encryption key off Power Management off Link Quality 0 70 Signal level 96 dBm Noise level 96 dBm Rx invalid nwid 2229 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 0 Invalid misc 0 Missed beacon 0 Security Security Mode Disable Associated AP Station End of Status Figure 3 4 15 3 4 1 7 Log In this page user could see the system logs record of this device Logs System Logs 2 Apr 13 00 16 04 Apr 13 00 16 04 Apr 13 00 16 04 Apr 13 00 16 01 Apr 13 00 16 01 Apr 13 00 16 01 Apr 13 00 15 04 Apr 13 00 15 04 Apr 13 00 15 04 Apr 13 00 15 01 Apr 13 00 15 01 Apr 13 00 15 01 Apr 13 00 14 04 Apr 13 00 14 04 Apr 13 00 14 04 Apr 13 00 14 01 lt IWP 2000 65 IWP 2000 65 IWP
256. ue for CWmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay Time sensitive video data is automatically sent to this queue AP Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically sent to this queue STA Parameters These parameters are sent to WMM clients when they associate The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP an
257. urity Level generic any vi NoAuthNoPriv generic generic generic genericusm usm AuthPriv v all all v all generic any vi NoAuthNoPriv v all generic rae ealiea eal EEA 2 v v any NoAuthNoPriv all vi all v generic any NoAuthNoPriv all Figure 3 10 36 3 10 7 3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system SNMP Trap Trap Active To enable or disable SNMP Trap function Version Indicate the traps will be sent in v1 or v2c or not send disable vi v2c Trap IP Address 8 Port The IP and Port to receive traps Community The community string to be used when sending traps v3 Trap Trap Index of SNMP v3 traps Tick the checkbox to enable recordset User The usm User ID IP Address 8 Port The IP and Port of a device to receive traps 230 Auth Level Assign security level in this record The Options are NoAuthNoPriv AuthNoPriv AuthPriv SNMP Trap Trap Active GDisable Enable vi v2c Trap 0 Version 1 192 tea ft 21 162 public 1 Disable 2 Disable v 3 Disable w pi 4 Disable ve v3 Trap Do genericro 5 NoAuthNoPriv w 01 genericro MA i NoAuthNoPriv 02 genericro ai 1 NoAuthNoPriv O3 gener
258. user about condition of the link quality The threshold value is between 5 and 25 3 10 1 2 Firmware Update By selecting the item of Firmware under System User will see the screen shown in Figure 3 10 3 This page shows current firmware version and date This page also allow user to using TFTP or WEB or FTP method to upgrade to the new version of firmware 208 Firmware Update Current Firmware information Version IWP 2000 65 v0 1 4 Date 2010 04 13 Using TFTP NET Using WEB Using FTP Figure 3 10 3 Using TFTP On any computer in the network or a compute direct connect to the AP Install a TFTP Server utility and put the firmware file named upgradeFW tar in a folder Run TFTP utility and specify the folder in which the firmware file located Enter the TFTP server IP and click on lt APPLY gt button At the end of the upgrade process this device may not respond to commands before the device boots up This is normal behavior and do not turn off the Access Point while the firmware is upgrading Using WEB Click on lt Browse gt button and select the correct firmware file path and file name Then click on lt APPLY gt button to start the firmware upgrade process At the end of the upgrade process the Access Point may not respond to commands while uploading the firmware This is normal behavior and do not turn off the Access Point while firmware is upgrading Using FTP On FTP server there should have valid f
259. v vi 5 m E mypriv xi Figure 3 8 35 gt View Create a view for user to let the groups have rights to view the MIB tree Index Index of View Tick the checkbox to enable the recordset Include Assign include or exclude in this record for certain subtree Sub Tree the OID value For example 1 3 6 1 2 1 View Name Include Sub Tree 1 mib2 include 1 3 6 1 2 1 2 generic Include 1 3 6 1 4 1 5205 a menn naue S O4 Include FIS include O6 Include w lg Include w o8 Include w 9 include v oO 10 include v n include E a 12 nclude 13 include 14 include 015 Include D 16 include 17 include Figure 3 8 36 174 Access The Access table grants the groups access right to certain views Each group can have multiple access rights The most secure access right is chosen Index Index of Access Tick the checkbox to enable recordset Group Returned and lookup the Group Name from the Group table Security model Specified in the message s msgSecurityModel parameter The available options for this field are any vi v2c and usm Security level Specified in the message s msgFlags parameter The available options for this field are NoauthNoPriv AutoNoPriv and AuthPriv Read Specified in the message s msgSecurityMode
260. ware Upgrade Max Client Network management Environmental Temperature Range Humidity non condensing DHCP client server V1 V2c V3 Link Layer Discovery Protocol Support NTP client Web based configuration HTTP HTTPS Upgrade firmware via WEB TFTP and FTP 32 users simultaneously per radio Lantech View e Operating 20 C to 70 C e Storage 40 C to 80 C 5 95 Typical 1 3 Package Contents Make sure that you have following items 1 1x IWP 2000 65 Outdoor Wireless Access Point unit 2 1x 100 240VAC 50 60Hz AC to 48V O 375A DC switching adapter 3 1x Inline Power Injector PoE 4 1x Grounding wire 1 8m 5 1x RJ 45 CAT 5 Cross over Ethernet cable 1 8m 6 1x RJ 45 CAT 5 Ethernet cable 30m optional 7 2 x Strain Relief 8 1x User manual CD 9 2 x 7dBi dual band Omni Antenna 10 1 x Pole mount kit and Screws pack 1 Main Unit 2 Power 3 Inline Power 4 1 8m E Adapter Injector PoE Grounding wire 5 1 8m cable 6 30m cable 7 Strain Relief 8 User manual optional CD Lantech K D FA T enmen gt SA N Dwe Fi 9 Antenna 10 Pole mount kit and screws pack n KB Please notify your sales representative immediately if any of the aforementioned items is missing or damaged Fj LA os g 2 Installation 2 1 Full View of IWP 2000 65 Interface on the IWP 2000 65 Unit eth1 For connecting the RJ 45 CAT 5 Ethernet cable to receiving the power and
261. wo options available here Static option the IP address should be entered in Network IP Parameters and DHCP option the IP address will be assigned from other DHCP server Network IP Parameters User can change the network settings of this device from LAN Configuration it is including IP address Subnet mask and Gateway address Bridge STP Setting User can also set the Bridge STP setting in this page STP RSTP Disable the bridge STP or set the bridge mode as STP or RSTP mode Bridge Priority Set the priority value of the bridge The priority value is a number between O and 65535 The bridge with the lowest priority will be elected root bridge Hello Time Set the bridge s bridge hello time value seconds Forwarding Delay Set the bridge s bridge forward delay value seconds Max Age Set the bridge s maximum message age value seconds Port Cost Set the port cost of the port Port Priority Set the port priority of the port interface It is used in the designated port and root port selection algorithms P to P If a bridge port is operating in full duplex mode than the port is functioning as point to point The available options are auto true or false By default it is set to auto Edge If a port is operating in half duplex mode and is not connected to any further bridges participating in STP or RSTP then the port is an edge port The available options are yes or no By default it is set to no 160
262. y Setting Key 2 e0000 Key 3 eseeo Key 4 eeecee Figure 3 2 21 SSID Security Mode Authentication User can choose which authentication type to secure the wireless net work There are four options for authentication Disable WEP WPA personal and WPA enterprise WEP Short for Wired Equivalent Privacy a security protocol for wireless local area networks WLANs defined in the 802 11 standard Open or Restricted An open system allows any client to authenticate as long as it conforms to any MAC address filter policies that may have been set All authentication packets are 24 transmitted without encryption If the Restricted selected all the packets are transmitted with encryption Select Key Check the radio box in front of the key that user would like to use for this AP SSID Security Mode Authentication WEP WEP Encryption Open ORestricted KEY 1 OKEY 2 O Select Key KEY 3 O KEY 4 Figure 3 2 22 WPA Personal The method of authentication is similar to WEP user can define a Pre Shared Key once the key is confirmed and satisfied on both the client and access point then access is granted The encryption method used is referred to as the Temporal Key Integrity Protocol TKIP WPA MODE In this setting user can choose WPA or WPA2 or WPA amp WPA2 WPA2 is far superior to WPA because the encryption of method used is Advanced Encryption Standard AES Share Key User should define the
263. y Update Interval 600 30 65535 802 1x Primary Radius Server Authenticatoin Server 192 168 1 L80 1812 Shared Secretlsecret Backup Radius Server Optional Authenticatoin Server L L n z Shared Secret Figure 3 8 25 8 63 characters Qos WMM Enable disable WMM support MAX Associated Station Maximum number of stations allowed in station table Common Parameters 164 CWmin Minimum Contention Window The valid values for CWmin are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CW min must be lower than the value for CW max CWmax Maximum Contention Window The Valid values for cwmax are 1 3 7 15 31 63 127 255 511 1023 2047 or 4095 The value for CWmax must be higher than the value for CWmin AIFS Arbitration Inter Frame Spacing Burst Maximum length in milliseconds with precision of up to 0 1 ms for bursting AP Parameters This affects traffic flowing from the access point to the client station These parameters are used by the access point when transmitting frames to the clients AP Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data is sent to this queue AP Tx Background Low Priority High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AP Tx Video High Priority Minimum delay
264. y associate The parameters will be used by WMM clients for frames transmitted to the access point STA Tx Best Effort Medium Priority Medium throughput and delay Most traditional IP data will be sending to this queue STA Tx Background Low Priority High throughput Bulk data that requires maximum throughput and it s not time sensitive will be sending to this queue FTP data for example STA Tx Video High Priority Minimum delay Time sensitive video data will automatically send to this queue STA Tx Voice High Priority Time sensitive data like VoIP and streaming media are automatically send to this queue TXOP Transmission Opportunity is an interval of time when a WMM Client Station has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for Client Station that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission control mandatory 52 QoS Setting On AP WMM Enable O Disable MAX Associated Station 32 1 2007 AP Tx Best Effort CWmin 2047 w CWMax 4095 v AIFS 2 1 255 Burst 0 0 AP Tx Background CWmin 15 v CWMax 1023 v AIFS 7 1 255 Burst 0 0 AP Tx Video CWmin 7 CWMax 7 sv AIFS 1 1 255 Burst 1 5 AP Tx Voice CWmin 7 CWMax 15 AIFS 1 1 255 Burst 3 0 CWmin 7 CWMax 1023 v AIFS 2 1 255 STA Tx Bes
265. y gt to filter IP Filtering IP Filtering Disable Enable Category IP Address Delete IP Address 1 L Delete IP Address 2 enn Delete IP Address 3 pen Delete IP Address 4 Delete IP Address 5 Delete IP Address 6 Delete IP Address 7 Delete IP Address A Bae IP Address 9 Delete IP Address 10 a Delete IP Address 11 Delete IP Address 12 men Delete IP Address 13 Delete IP Address 14 Delete IP Address 15 Delete Figure 3 10 31 225 3 10 7 2 MAC Filtering User can block certain clients from accessing this AP based on its MAC address Use Filtering type to define the filtering scenario General Disabled Disable this filtering function If this option is selected all PCs can access this AP Accept All PCs are filtered out except those MAC addresses in the following MAC address table In other words only those interfaces PCs with MAC address in the MAC address table can access this AP Reject Only PCs interfaces with MAC addresses in the following MAC address table are included in the filtering list In other words all PCs interfaces can access this AP except those interfaces PCs with MAC address in the MAC address table MAC address filtering Filtering type Disable MAC address table Item MAC address Ex 22 22 22 22 22 22 MAC address 1 Delete MAC addre
266. y provides a simple protection by using the community name to control the access to the SNMP The 81 community name can be thought of as a password If user don t have the correct community name user can t retrieve any data get or make any change set Multiple SNMP managers may be organized in a specified community v3 The SNMP V3 is a Security Enhancement for SNMP it provides secure access to devices by a combination of userID authenticating and encrypting packets over the network User ID A string representing the name of the user Security Level User can select which security level that user wants to use The available options for this field are NoAuthNoPriv AuthNoPriv or AuthPriv Auth Type Authentication Protocol An indication of which authentication protocol is used The available options for this field are MD5 and SHA Auth Passphrase Authentication Key A secret key used by the authentication protocol for authenticating messages Privacy Protocol An indication of which privacy protocol is used The available option for this field is DES Priv Passphrase Privacy Key The secret key used by the privacy protocol for encrypting and decrypting messages Access Right Assign the access right for account The options are Unused The account is disabled Read Only The account has read only access rights Read Write The account has read and writes access rights usm This account will be an usm account and assig
267. y the Beacon Period DTIM Period This item contains the number of Beacon intervals between Delivery Traffic Indication Message DTIM Enter a number between 1 and 255 to specify Fragment Threshold It is the maximum frame size that wireless device can transmit without fragmenting the frame Enter a value between 256 and 2346 to specify the Fragment Threshold 72 RTS CTS Threshold Packets larger than the value are transmitted by the RTS CTS handshake Enter a value between 1 and 2346 to specify the value of the RTS CTS Threshold Tx Power To set the tx power as off to turn off the tx power set auto to let device determine the tx power value automatically or set manual to set the tx power value The max value is depending on the wireless module WEP Key Setting It uses two kinds of WEP Encryption key length 5 bytes and 13 bytes The key format can either use ASCII to set the key values ie O 9 a z Or use HEX to set the key value in hexadecimal ie O 9 a f User can set maximum 4 keys but only one l will functional at one time Radio Power On Wireless Mode 80211a vi SSID A1_AP3 MAC Cloning WDS v Auto v Peer Node Distance Distance 100 m 100 65535 Beacon Period 100 20 1000 DTIM Period 1 1 255 Fragmentation Threshold 2346 256 2346 RTS CTS Threshold 2346 1 2346 Tx Power Auto v WEP Key Setting Key 2 essee Figure 3 4 24 SSID Security Mode Authentication User can choos
Download Pdf Manuals
Related Search