Wireless N/A 5GHz 200mW Outdoor AP Model
Contents
1. Signal Strength ANTI HT Status Channel BandWidth Guard Interval MCS Link Status Connected Main_AP 253 00 11 A3 0A 7B F2 Link is Up 44 5220000 KHz Central Channel 46 Tx Mbps 270 0 Rx Mbps 243 0 Good Good Good 40 long 15 100 100 100 Transmit Statistics Frames Transmitted Successfully Frames Transmitted Successfully Without Retry Frames Transmitted Successfully After Retry s Frames Fail To Receive ACK After All Retries RTS Frames Sucessfully Receive CTS RTS Frames Fail To Receive CTS Receive Statistics Frames Received Successfully Frames Received With CRC Error Frames Dropped Due To Out of Resource Duplicate Frames Received Status Shows the current link status It should be Connected or Disconnected co oo ESSID Shows the current SSID which must be the same on the wireless client and AP in order for communication to be established y Y y y y y access point HT Status Channel Shows current channel and central channel its corresponding frequency Link Quality Shows the link quality of the system with an access point BSSID Shows the associated BSSID which can be used to identify the wireless access point Extra Info Shows the current link status of extra information It should be Link is Up or Link is Down Link Speed Mbps The data transfer speed adopted by this network measured in Mbits per second Signal Strength2. Y Y Y y y y y y y Wireless Information AF MAC Address 00 11 53 0A 7B FA Station MAC Address 00 11 43 04 7B FB Channel 44 AP Rate 300 Mb z station Rate 300 Mbs Receive Bytes 113126 Receive Packets 526 Transmit Bytes 2708 XT Transmit Packets 88 AP MAC Address The MAC address of the repeater AP Station MAC Address The MAC address of the Wireless Client Station Channel The current channel on the Wireless port AP Rate The current Bit Rate on the Repeater AP Station Rate The current Bit Rate on the Wireless Client Station Receive bytes The total received packets in bytes on the Wireless port Receive packets The total received packets on the Wireless port Transmit bytes The total transmitted packets in bytes on the Wireless port Transmit packets The total transmitted packets on the Wireless port 205 DHCP Server Status Users could retrieve DHCP server and DHCP clients IP MAC address via this field DHCP Server Status DHCP Enable Start IP 192 168 2 10 End IP 192 166 2 7 DNS1 IP 192 168 2 1 DNS2 IP WINS IF Domain Lease Time 85400 IP Address MAC Address Expired In none gt IP Address IP addresses to LAN devices by DHCP server gt MAC Address MAC addresses of LAN devices gt Expired In Shows how long the leased IP address will expire 206 7 5 2 Associated Clients Status It displays ESSID on off Status Security Type total number o
3. o O AC BK 7 15 M 1023 oo O AC VI 2 7 15 e 94 O AC VO 3 e 7 e laz 7 O a When you enable WMM the Tx Burst will be Disabled automatically by system WMM Parameters of Access Point This affects traffic flowing from the access point to the client station Data Transmitted AP to Clients Priority Description Queue High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AC _BE Best Effort Medium Medium throughput and delay Most traditional IP data is sent to this queue AC _BK Background Low AC VI Video High Minimum delay Time sensitive video data is automatically sent to this queue Time sensitive data like VolP and streaming media are automatically sent to this AC_VO Voice High queue Configuring QoS options consists of setting parameters on existing queues for different types of wireless traffic You can configure different minimum and maximum wait times for the transmission of packets in each queue based on the requirements of the media being sent Queues automatically provide minimum transmission delay for Voice Video multimedia and mission critical applications and rely on best effort parameters for traditional IP data As an Example time sensitive Voice amp Video and multimedia are given effectively higher priority for transmission lower wait times for channel access w
4. 0 20 00 2 00 15 00 300 00 0 84 0 00 6001 8000 000c43285008 6000 000c43235005 6001 0 8002 6000 000c43235005 68000 000c43285008 9002 0 Local no yes no no no no no Ageing Timer 1 69 0 00 Bridge STP Information Select Bridge STP Information on the drop down list to display a list of bridge STP path cost 0 bridge max age 20 00 bridge hello time 2 00 bridge forward delay 15 00 ten timer 0 00 gc timer 2 83 state forwarding path cost 100 message age timer 0 00 forward delay timer 0 00 hold timer 0 85 state forwarding path cost 100 message age timer 0 00 forward delay timer 0 00 hold timer 0 85 4 4 4 Event Log The Event log displays system events when system is up and running Also it becomes very useful as a troubleshooting tool when issues are experienced in system System Log clear Result Time Facility Severity Message 2000 Jan 1 de en in E 00 00 11 System Info dnsmasq 94 started version 2 40 cachesize 150 2000 Jan 1 dnsmasq 94 compile time options no IPv6 GNU getopt 00 00 11 System Info no RTC no MMU no lSC leasefile no DBus no 118N i TFTP prneezad System Info dnsmasq 94 reading etc resolv conf Dies System Info dnsmasq 94 using nameserver 192 168 2 1 53 age System Info dnsmasq 94 cleared cache panel System Info Authentication successful for root from 192 168 2 22 Time The date and time when the event occurred Facility lt helps users to identify so
5. AP Information Repeater AP Clients AP ESSID MAC Address State Security Type Clients Signal RepeaterAP Main_AP_Repeater 00 11 A3 04 7B FA On Disable 1 MAC Address Strength ANTO 100 00 06 B1 13 35 00 06 B1 13 35 EF 32dBm AP Information Highlights key Repeater AP information y Y y y y y AP Available Repeater AP ESSID Display name of ESSID for Repeater AP MAC Address Display MAC address for Repeater AP Status On Off Signal Strength ANT 100 40dBm BandWidth 20MHz Idle Time 8 67 Security Type Display chosen security type WEP WPA WPA2 PSK WPA WPA2 Enterprise Clients Display total number of wireless connections on Repeater AP m Repeater AP Clients Display all associated clients y y y y y y MAC Address MAC address of associated clients Signal Strength ANTO ANT1 Signal Strength of from associated clients Bandwidth Channel bandwidth of from associated clients Idle Time Last inactive time period in seconds for a wireless connection Connect Time Total connection time period in seconds for a wireless connection Disconnect Click Delete button to manually disconnect a wireless client in a Repeater AP 169 Disconnect Time 6 7 3 Remote AP SSID MAC address antenna 0 1 received signal strength and channel bandwidth for associated AP are available Remote AP Connection Information ES SID MAC Address Signal Strength ANTO Si
6. Active O Enable Disable m Rules control can be managed by a rule Use the settings on this screen to establish an access policy gt Comment Enter a descriptive name for this rule for identifying purposes gt MAC Address Enter MAC address in valid MAC address format xx xx xx xx xXx xx and click Add button to add in the MAC group of each rule Click Remove button can remove MAC address in the group of each rule There are 10 MAC address maximum allowed in each rule gt Local Destination IP Specify local LAN destination IP addresses range required for this rule If you specify local IP addresses range from 192 168 1 1 to 192 168 2 254 The matches a range of local IP addresses include every single IP address from the first to the last so the example above includes everything from 192 168 1 1 to 192 168 2 254 158 3 Protocol Select Any or specify protocol TCP UDP ICMP URL Blocking and Application from drop down list When you select ICMP or Layer 7 Application the Local LAN Destination Port can not used If you want to block websites with specific URL address or using specific keywords enter each URL or keyworks in the URL Blocking field and click Add button to add in the URL Blocking list of each rule Click Remove button can remove URL or keywords URL Blocking Add Remove 3 Local Port Specify local port LAN port range required for this rule gt Destinatio
7. Connection Information ES SID MAC Address Signal Strength ANTO Signal Strength ANT1 BandWidth Main_AP 253 00 11 43 04 7B F2 100 39dBrn 100 42dBrr A0MHZ m ESSID Shows the current ESSID which must be the same on the wireless client and AP in order for communication to be established m MAC Address Display MAC address of associated AP Signal Strength ANTO ANT1 Shows the wireless signal strength of the connection between system and an access point BandWidth Shows the current channel bandwidth used for communication It should be 20 or 40 If displays No Connection AP you need check Wireless configuration Things to verify are Channel and Security type Also adjust antenna angle and Tx Power 208 7 5 4 Extra Information Users could pull out information such as Route table ARP table MAC table Bridge table or STP available in the drop down list from system The Refresh button is used to retrieve latest table information Extra Information Extra Information Netstat Information Information Netstat Information ha Protocol LiveTime Status SrciP SrcPort DstiP DstPort tcp 119 TIME_WAIT 192 168 2 22 3423 192 168 2 254 80 tcp 113 TIME_WAIT 192 168 2 22 3419 192 168 2 254 80 udp 5 192 168 222 138 192 168 2255 138 tcp 118 TIME_WAIT 192168222 3421 192 168 2 254 80 tcp 90 TIME_WAIT 192168222 3413 192 168 2 254 80 tcp 431999 ESTABLISHED 192168222 3425 192 168 2 254 80 tcp 90 TIM
8. Networking Services window ensure that the Internet Gateway Device and UPnP User Interface options are checked If they are not check it to enable them as shown below and click OK to continue Networking Services To add or remove a component click the check bos 4 shaded box means that only part of the component will be installed To see what s included in a component click Details subcomponents of Networking Services Internet Gateway Device Discover and Control Client 0 0 MB L amp Peer to Peer 0 0 ME O RIP Listener 0 0 MB E amp Simple TCP IP Services 0 0 ME l 2 E Description Displays icons in My Network Places for UPnP devices detected on the network Also opens the required Windows Firewall ports Total disk space required Fb MB Space available on disk 331 5 4 MB 3 Next in the Control panel open the Administrative Tools and then open Services Scroll down until you find the SSDP Discovery Interface If the Status is not Started double click on SSDP Discovery Interface to open the service properties Change the startup type to Automatic then close the properties Now right click on SSDP 271 Discovery Services and choose Start from the pop up menu The SSDP Discovery Service will then be running and start each time you boot 4 Services E el x File Action View Help e mM sa BRB 2m ay Services
9. agents By enabling SNMP function the administrator can obtain the system information remotely Please click on System gt SNMP Setup and follow the below setting SNMP Setup Enable E SNMP v2c Enable Check to enable SNMP v2c SNMP v2c Enable ro community re community gt ro community Set a community string to authorize read only access gt rw community Set a community string to authorize read write access SNMP v3 Enable Check to enable SNMP v3 SNMPv3 supports the highest level SNMP security SNMP v3 Enable SNMP ro user SNMP ro password SNMP rw user SNMP rw password SNMP ro user Set a community string to authorize read only access SNMP ro password Set a password to authorize read only access SNMP rw user Set a community string to authorize read write access y y y y SNMP rw password Set a password to authorize read write access m SNMP Trap Events such as cold start interface up amp down and association amp disassociation will report to an assigned server ONMP Trap Enable Community Pi 3 Community Set a community string required by the remote host computer that will receive trap messages or notices send by the system gt IP Enter the IP addresses of the remote hosts to receive trap messages Click Save button to save changes and click Reboot button to activate 68 4 3 4 Backup Restore and Reset to Factory Back
10. e Change Windows Firewall Wireless Network Connection settings Disabled Firewalled TL 9 Atheros ARSOO6EG Wireless N See Also y Network Troubleshooter Other Places G Control Panel My Network Places E My Documents ig My Computer Details Network Connections System Folder 2 Click right on Local Area Connection and select Properties s Network Connections File Edit View Favorites Tools Advanced Help Y ee P wi Bs Search m Folders E Address e Network Connections LAN or High Speed Internet Network Tasks 1394 Connection ocal Area Connection Create a new Connected Firewalled Connected Firewalled connection 204 Met Adanter E 1394 Net Adapter A Set up a home or small da Disable office network Wireless Network Connection Status Change Windows Disabled Firewalled Repair Firewall settings TL t Atheros ARSOD6EG Wireless N Disable this network Bridge Connections device Q Repair this connection Create Shortcut mi Rename this connection View status of this connection Properties Change settings of this connection Rename Other Places G Control Panel My Network Places E My Documents ig My Computer Details Local Area Connection 264 3 In Local Area Connection Properties window select Internet Protocol TCP IP and click on Properties Local rea Connection Properties Advanced Connect using EJ NV
11. 0 O acvo 1 GE CA fa 0 L WMM Parameters of Station Aifsn CWiMin CWilax Txop ACM AC BE 3 15 M 1023 o O AC BK 7 15 M 1023 oo O AC VI 2 7 15 e 94 O AC VO 2 3 e Fan laz O a When you enable WMM the Tx Burst will be Disabled automatically by system gt WMM Parameters of Access Point This affects traffic flowing from the access point to the client station Data Transmitted AP to Clients Priority Description Queue High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AC BE Best Effort Medium Medium throughput and delay Most traditional IP data is sent to this queue AC _BK Background Low AC VI Video High Minimum delay Time sensitive video data is automatically sent to this queue AC VO Vales High ee data like VoIP and streaming media are automatically sent to this Configuring QoS options consists of setting parameters on existing queues for different types of wireless traffic You can configure different minimum and maximum wait times for the transmission of packets in each queue based on the requirements of the media being sent Queues automatically provide minimum transmission delay for Voice Video multimedia and mission critical applications and rely on best effort parameters for traditional IP data As an Example time sensitive Voice am
12. 3 Description Provide description of the system 3 Location Enter geographical location information of the system It helps administrator to locate the system easier The system supports two management accounts root and admin The network manager is assigned with full administrative privileges when logging in as root user to manage the system in all aspects While logging in as an admin user only subset of privileges is granted such as basic maintenance For example root user can change passwords for both root and admin account and admin user can only manage its own For more information about covered privileges for these two accounts please refer to Appendix D Network manager Privileges Root Password Log in as a root user and is allowed to change its own plus admin user s password gt New Password Enter a new password if desired gt Check New Password Enter the same new password again to check Admin Password Log in as a admin user and is allowed to change its own gt New Password Enter a new password if desired gt Check New Password Enter the same new password again to check 144 Admin Login Methods Only root user can enable or disable system login methods and change services port gt gt gt gt y y y y Enable HTTP Check to select HTTP Service HTTP Port The default is 80 and the range is between 1 65535 Enable HTTPS Check to select HTTPS Service HTTPS Port The
13. Bridge Table information on the drop down list to display bridge table Bridge table will show Bridge ID and STP s Status on the each Ethernet bridge and its attached interfaces the Bridge Port should be attached to some interfaces 171 Bridge Table Information Bridge Port Bridge ID STP Enabled Interface bred 8000 0011a30a7bf9 no eth2 ral Bridge MAC information Select Bridge MACs Information on the drop down list to display MAC table This table displays local MAC addresses associated with wired or wireless interfaces but also remember non local MAC addresses learned from wired or wireless interfaces Ageing timers will be reset when existing MAC addresses in table are learned again or added when new MAC addresses are seen from wired or wireless interfaces as well When time runs out for a particular entry it will be pruned from the table In that situation switching packet to that particular MAC address will be discontinued Bridge MACs Information Port MAC Address Local Ageing Timer LAN 00 11a30a 7b f8 yes 0 00 Repeater 4P 00 11a3 0a 7b fa yes 0 00 LAN 00 1a 92 9fa4 9b no 0 09 Bridge STP Information Select Bridge STP Information on the drop down list to display a list of bridge STP information Bridge STP Information bred bridge id 8000 0011a30a7bf9 designated root 8000 0011a30a7bf9 root port 0 path cost 0 max age 20 00 bridge max age 20 00 hello time 2 00 bridge hello time 2
14. SNMP Site Survey A Event Log Table 7 1 Client Bridge Universal Repeater Mode Functions 7 1 External Network Connection 7 1 1 Network Requirement It can be used as an Client Bridge or Universal Repeater to receive and repeat wireless signal over last mile applications helping WISPs deliver wireless broadband Internet service to new residential and business customers In this mode APO1200 APO1215 is enabled with DHCP Server functions The wired clients of APO1200 APO1215 are in the same subnet from Main Base Station and it accepts wireless connections from wireless client devices 192 168 2 10 Main 192 148 2 950 APO1200 E 192 16 2 254 e 192 168 2 X Figure 7 1 Client Bridge Universal Repeater mode network Configuration When the APO1200 APO1215 configured as an Access Point and Client Station simultaneously the Wireless General and Advanced Setup also used simultaneously But the Security Type can be different In the other word the channel or other settings will be the same between APO1200 APO1215 to Main Base Station and wireless client to APO1200 APO1215 but security type can be different 175 7 1 2 Configure LAN IP Here are the instructions for how to setup the local IP Address and Netmask Please click on System gt LAN and follow the below setting LAN Setup Ethernet Connection Type DNS Mode O Static IP O Dynamic IP DNS No Default DNS Server O Specify DNS Server IP Primary Static
15. Select Bridge STP Information on the drop down list to display a list of bridge STP information Bridge STP Information bred bridge id 8000 0011a30a7bfa designated root 2000 0011a30a7bfa root port 0 path cost 0 max age 20 00 bridge max age 20 00 hello time 2 00 bridge hello time 2 00 forward delay 15 00 bridge forward delay 15 00 ageing time 300 00 hello timer 0 75 ten timer 0 00 topology change timer 0 00 gc timer 0 75 flags raQ 1 port id 8001 state forwarding designated root 2000 0011a30a7bfa path cost 100 designated bridge 8000 0011a30a7bfa message age timer 0 00 designated port 2001 forward delay timer 0 00 designated cost 0 hold timer OT flags 261 8 7 5 QoS Plot The QoS Plot show graphs which continuously represents the current data traffic on each QoS rule The chart scale and throughput dimension bps Kbps Mbps changes dynamically according to the mean throughput value The statistics is updated automatically every 5 seconds The throughput statistics of QoS can be updated manually using the Refresh button Refresh QoS Plot QoS List Comment Remark DSCP Bandwidth U D kbps FTP NO 1024 2048 X JS 2 25 pa s A VIDp 15 5 25 715 0 50 0 25 Mbps 0 262 8 7 6 Event Log The Event log displays system events when system is up and running Also it becomes very useful as a troubleshooting tool when issues are experienced in system System Log clear Result Time Facility S
16. This section breaks down into subsections of System Overview WDS Link Status Extra Information and Event Log 4 4 1 System Overview Detailed information on System Network LAN Information and Wireless Information can be reviewed via this page m System Display the information of the system oystem Host Name WEB1200H2PX Operating Mode WDS Mode Location Description Outdoor WiFEN 56 200m Firmware Version Cen CPE N5H2 1 0 1 Version Firmware Date 2009 10 27 15 50 04 Device Time 2000 01 01 00 07 48 System Up Time 07 48 gt System Name The name of the system gt Operating Mode The mode currently in service 3 Location The reminding note on the geographical location of the system gt Description The reminding note of the system gt Firmware Version The current firmware version installed gt Firmware Date The build time of the firmware installed gt Device Time The current time of the system 3 System Up Time The time period that system has been in service since last reboot Network Information Display the information of the Network Network Mode Static Mode IP Address k F Netmask TE AS 192 168 2 254 255 255 255 0 IP Gateway 192 168 2 1 Primary DNS secondary DNS Mode Supports Static or Dynamic modes on the LAN interface IP Netmask The network mask By default it s 255 255 255 0 Primary DNS The primary DNS server in service y Y y y y y Secondary
17. ecelve Bytes Receive Packets Transmit Bytes Transmit Packets Station Rate The current Bit Rate Y Y Y y y y y y y 00 11 43 04 7B FA 00 11 43 04 7B FB 300 Mbs 300 Mbs 113126 mm ch Eb 706 GG AP MAC Address The MAC address of the Repeater AP Station MAC Address The MAC address of the Wireless Client Station Channel The current channel on the Wireless port AP Rate The current Bit Rate on the Repeater AP on the Wireless Client Station Receive bytes The total received packets in bytes on the Wireless port Receive packets The total received packets on the Wireless port Transmit bytes The total transmitted packets in bytes on the Wireless port Transmit packets The total transmitted packets on the Wireless port DHCP Server Status Users could retrieve DHCP server and DHCP clients IP MAC address via this field DHCP Server Status DHCP Start IF End IP 7 DNS1 IP DNS2 IP WINS IP Domain Lease Time IP Address gt gt MAC Address MAC addresses of Enable 192 166 2 10 192 168 2 70 192 168 2 1 25400 MAC Address Expired In none IP Address IP addresses to LAN devices by DHCP server LAN devices gt Expired In Shows how long the leased IP address will expire 168 6 7 2 Associated Clients Status It displays ESSID on off Status Security Type total number of wireless clients associated with Repeater AP Wireless Clients
18. gt MAX Hop Specifies the maximum number of hops max time to live value traceroute will probe 43 3 4 7 Reboot This function allows user to restart system with existing or most current settings when changes are made Click Reboot button to proceed and take around three minutes to complete Reboot o You must be reboot the system after changing settings Rebooting the system will not delete any of your configuration settings Click reboot button to reboot the system A reminder will be available for remaining time to complete If power cycle is necessary please wait till completion of the reboot process Please Wait The System Overview page appears upon the completion of reboot 44 3 5 System Status This section breaks down into subsections of System Overview Associated Clients Status WDS Link Status Extra Information and Event Log 3 5 1 System Overview Display detailed information of System Network LAN and Wireless in the System Overview page m System Display the information of the system oystem Host Name WEB1200H2PX Operating Mode AP Mode Location Description Outdoor WiFHN 56 200mVV Firmware Version Cen CPE N5H2 V1 0 1 Version Firmware Date 2009 10 27 15 50 04 Device Time 2000 01 01 00 00 33 System Up Time 33 System Name The name of the system Operating Mode The mode currently in service Location Deployed geographical location Description A description of th
19. m Rules control can be managed by a rule Use the settings on this screen to establish an access policy gt Comment Enter a descriptive name for this rule for identifying purposes gt MAC Address Enter MAC address in valid MAC address format xx xx xx xx Xx xx and click Add button to add in the MAC group of each rule Click Remove button can remove MAC address in the group of each rule There are 10 MAC address maximum allowed in each rule gt Local Destination IP Specify local LAN destination IP addresses range required for this rule If you specify local IP addresses range from 192 168 1 1 to 192 168 2 254 The matches a range of local IP addresses include every single IP address from the first to the last so the example above includes everything from 192 168 1 1 to 192 168 2 254 247 3 Protocol Select Any or specify protocol TCP UDP ICMP URL Blocking and Application from drop down list When you select ICMP or Layer 7 Application the Local LAN Destination Port can not used If you want to block websites with specific URL address or using specific keywords enter each URL or keywords in the URL Blocking field and click Add button to add in the URL Blocking list of each rule Click Remove button can remove URL or keywords URL Blocking Add Remove 3 Local Port Specify local port LAN port range required for this rule gt Destination Port Specify destination port range require
20. AP Mode Configuration When CPE AP mode is chosen the system can be configured as a Customer Premises Equipment CPE This section provides detailed explanation for users to configure in the CPE AP mode with help of illustrations In the CPE AP mode functions listed in the table below are also available from the Web based GUI interface OPTION Wireless Advance Utilities Status Profiles Settings system Overview Operating Mode General Setup DMZ Advanced Setup IP Filter Firmware Upgrade Station Statistics Repeater AP Setup MAC Filter Network Utility Extra Info Functions Wireless Profile Virtual Server QoS Plot Site Survey Parental Control A Event Log IS IN Table 6 1 CPE AP Mode Functions 6 1 External Network Connection 6 1 1 Network Requirement It can be used as an Outdoor Customer Premises Equipment CPE to receive and repeat wireless signal over last mile application helping WISPs deliver wireless broadband Internet service to residents and business customers In the CPE AP mode APO1200 APO1215 is a gateway enabled with NAT and DHCP Server functions The wired and wireless clients connected to APO1200 APO12105 are in different subnet from those connected to Main Base Station and in CPE AP mode it accepts wireless connections from wireless client devices NAT Main Ha er Pee APO1200 192 168 2 10 B 192 168 1 250 WIFI WAN LAN 192 168 1 254 192 168 2 254 3 192 168 2 A Figure 6 1 CPE AP mod
21. Enable SNMP ro user SNMP ro password SNMP ru user SNMP rw password SNMP ro user Set a community string to authorize read only access SNMP ro password Set a password to authorize read only access SNMP rw user Set a community string to authorize read write access y y y y SNMP rw password Set a password to authorize read write access m SNMP Trap Events such as cold start interface up amp down and association amp disassociation will report to an assigned server 149 SNMP Trap Enable Community Pal gt Community Set a community string required by the remote host computer that will receive trap messages or notices send by the system gt IP Enter the IP addresses of the remote hosts to receive trap messages Click Save button to save changes and click Reboot button to activate 150 6 4 5 Backup Restore and Reset to Factory Backup current configuration restore prior configuration or reset back to factory default configuration can be executed via this page Please click on Utilities gt Profile Setting and follow the below setting Profile Save Profile Save save Settings To PC Load Settings From PC Browse Upload Reset To Factory Default Default iB In this page you can save your cument configuration restore a previously saved configuration or reset all of the settings to the factory default settings m Save Settings to PC Click Save
22. Operating Mode Location Description Firmware Version Firmware Date Device Time System Up Time Network Mode IP Address IP Netmask IP Gateway Primary DNS Secondary DNS Cen CPE N5H2 V1 0 10 Version Static Mode LAN Information MAC Address 00 11 A3 1A F3 DD Receive Bytes 146489 Receive Packets 1207 Transmit Bytes 966616 Transmit Packets 1073 APO1200 AP Mode Outdoor WiFi N 5G 200mW 2010 03 19 04 34 20 2000 01 01 01 08 53 01 08 53 Wireless Information MAC Address 00 11 A3 1A F8 DE Channel 44 Rate 300 Mb s Receive Bytes 0 192 168 2 254 255 255 255 0 192 168 2 1 Receive Packets 0 Transmit Bytes Transmit Packets CopyRight Airlink101 All rights reserved 16 Chapter 3 AP Mode Configuration When AP mode is selected the system can be configured as an Access Point This section provides detailed explanation for users to configure in the AP mode with help of illustrations In the AP mode functions listed in the table below are also available from the Web based GUI interface Option system Wireless umes Status Operating Mode General Setup Profiles Settings System Overview LAN Advanced Setup Firmware Upgrade Functions Virtual AP Network Utility WDS Status Table 3 1 AP Mode Functions 3 1 External Network Connection 3 1 1 Network Requirement Normally APO1200 AP0O1215 connects to a wired LAN and provides a wireless connec
23. Save Local Time Display the current system time NTP Client To synchronize the system time with NTP server gt Enable Check to select NTP client 3 Default NTP Server Select the NTP Server from the drop down list gt Time Zone Select a desired time zone from the drop down list gt Daylight saving time Enable or disable Daylight saving e If the system time from NTP server seems incorrect please verify your network settings like default Gateway and DNS settings Click Save button to save your changes Click Reboot button to activate your changes 38 3 4 3 Configure SNMP Setup SNMP is an application layer protocol that provides a message format for communication between SNMP manager and agent By enabling SNMP function the administrator can obtain the system information remotely Please click on System gt SNMP Setup and follow the below setting SNMP Setup Enable E SNMP v2c Enable Check to enable SNMP v2c ONMP v2c Enable ro community re community gt ro community Set a community string to authorize read only access gt rw community Set a community string to authorize read write access SNMP v3 Enable Check to enable SNMP v3 SNMPv3 supports the highest level SNMP security SNMP v3 Enable SNMP ro user SNMP ro password SNMP rw user SNMP rw password SNMP ro user Set a community string to authorize read only access SNMP ro p
24. System Information Admin Login Methods System Name WCB1200H2PX Enable HTTP Y Port 80 Description Outdoor WiFi N 5G 200mW Enable HTTPS Port 443 UploadKey nani Enable Telnet Port 23 E Enable SSH Y Port 22 Root Password Host Key Footprint ssh rsa AAAAB3NzaCiyc2EAAAADAQABAAAAgw New Root Password Check Root Password nep Ping Watchdog E E dl Ping Watchdog O Enable Disable Admin Password IP Address To Ping New Admin Password Ping Interval Seconds Check New Password Startup Delay Seconds Failure Count To Reboot m System Information gt System Name Enter a desired name or use the default one 3 Description Provide description of the system 3 Location Enter geographical location information of the system It helps administrator to locate the system easier The system supports two management accounts root and admin The network manager is assigned with full administrative privileges when logging in as root user to manage the system in all aspects While logging in as an admin user only subset of privileges is granted such as basic maintenance For example root user can change passwords for both root and admin account and admin user can only manage its own For more information about covered privileges for these two accounts please refer to Appendix D Network manager Privileges Root Password Log in as a root user and is allowed to change its own plus admin user s pas
25. UDP ICMP Application from drop down list When you select ICMP or Layer 7 Application the Local Destination Port can not used 3 Local Port Specify local port LAN port range required for this rule gt Destination Port Specify destination port range required for this rule Action After configuring rule a policy rule ensures that a traffic flow gets the requested treatment in the network gt Remark DSCP Specify a new DSCP class if you want to replace or remark the DSCP gt Bandwidth Click Enable to activate function and click Disable to deactivate function 3 Upload Download Specify the bandwidth in kilobit per second Kbps Enter a number between 8 to 8192 default upload is 128 Kbps download is 1024 Kbps Click Add button to add QoS rule to List There are 10 rules maximum allowed in this QoS List All rules can be removed or edited on the List Click Reboot button to activate your changes When you create rules on the QoS List the previous rules have higher priority Below depict the examples for explaining priority of QOS setup gt Example 1 On this setting the FTP has 1024 Kbps upload and 8196 Kbps download on 192 168 2 10 The remaining IP address and other remaining protocol of IP address 192 168 2 10 only can use total bandwidth 512 Kbps bandwidth Because rule 1 s priority is higher than rule 2 Rule Source IP Destination IP DSCP Protocol Remark DSCP Bandwidth Up Down 1 192 16
26. gt Domain Enter the domain name for this network gt Lease Time The IP addresses given out by the DHCP server will only be valid for the duration specified by the lease time Increasing the time ensure client operation without interruptions but could introduce potential conflicts Lowering the lease time will avoid potential address conflicts but might cause more interruptions to the client while it will acquire new IP addresses from the DHCP server Default is 86400 seconds Click Save button to save your changes Click Reboot button to activate your changes 127 6 2 Access Point Association 6 2 1 Configure Wireless General Setting The administrator can change the data transmission channel and output power settings for the system Please click on Wireless gt General Setup and follow the below setting Wireless Setup General Setup HT Physical Mode Band Mode 802 11 a n mixed mode Operating Mode Mixed Mode O Green Field gt Country NONE v O Channel BandWidth 20 20 40 adeeb Guard Interval O Long O Auto MCS Auto HT Other Reverse Direction Grant oe HT TxStream 2 Y RDG Disable Enable HT RxStream 2 v A MSDU O Disable O Enable Auto Block ACK Disable O Enable Decline BA Request O Disable Enable Band Mode Select an appropriate wireless band bands available are 801 11aor 802 11a n mixed mode Transmit Rate Control Select the desired rate from the drop
27. port id designated root designated bridge designated port designated cost flags S000 000c43286010 S000 000c43256010 0 20 00 2 00 15 00 300 00 1 36 0 00 8001 S000 000c43286010 8000 000c43286010 8001 0 9002 S000 000c43286010 S000 000c43286010 8002 0 9003 S000 000c43286010 S000 000c43286010 8003 0 210 yes path cost bridge max age bridge hello time bridge forward delay ten timer gc timer state path cost message age timer forward delay timer hold timer state path cost message age timer forward delay timer hold timer state path cost message age timer forward delay timer hold timer 0 09 2 50 0 00 0 00 0 00 0 10 65 92 Bridge STP Information Select Bridge STP Information on the drop down list to display a list of bridge STP 20 00 2 00 15 00 0 00 3 36 forwarding 100 0 00 0 00 0 00 forwarding 100 0 00 0 00 0 00 forwarding 100 0 00 0 00 0 00 7 5 5 Event Log The Event log displays system events when system is up and running Also it becomes very useful as a troubleshooting tool when issues are experienced in system System Log clear Result Time Facility Severity Message 2000 Jan 1 de en in E 00 00 11 System Info dnsmasq 94 started version 2 40 cachesize 150 2000 Jan 1 dnsmasq 94 compile time options no IPv6 GNU getopt 00 00 11 System Info no RTC no MMU no lSC leasefile no DBus no 118N i TFTP prneez
28. work or public areas Below depict an example for Profile List Profile List Active Profile Name ESSID MAC Address Channel Security Type Delete Edit 1 AP_Profile default 44 MONE Delete Edit a 2 Profile Test 253AP1 00 11 a3 0a 7b f3 44 OPEN Delete Edit Connect 63 gt Click Edit an exist profile on the Profile List The field of System Configuration and Security Policy will display profile s content Edit profile s content and then click Save button to save the profile gt Click Delete to remove profile 3 Click and Select a profile from list then click the Connect button to connecting to the wireless network with the profile setting After clicking Connect button you can verify connecting status on Remote AP Page If turns on IEEE802 11H and APO1200 APO1215 connect AP with DFS channel 52 150 APO1200 4PO1215 Will have 60 sec to do channel available check and will not send beacon and can not be connect Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 188 7 3 Wireless LAN Network Creation The network manager can configure related wireless settings Repeater AP Setup Security Settings and MAC Filter Settings 7 3 1 Repeater AP Setup Administrators can configure ESSID SSID broadcasting Maximum number of client associations security type settings and MAC Filter settings Repeater AP Setu
29. 00 forward delay 15 00 bridge forward delay 15 00 ageing time 300 00 hello timer 0 99 ten timer 0 00 topology change timer 0 00 gc timer 0 98 flags eth 1 port id 8001 state forwarding designated root 8000 0011a30a7bf9 path cost 100 desionated bridge 2000 0011a30aFbf9 message age timer 0 00 designated port 8001 forward delay timer 0 00 desionated cost 0 hold timer 0 00 flags raQ 2 port id 8002 state forwarding designated root 8000 0011a30a7bf9 path cost 100 desionated bridge 2000 0011a30aFbf9 message age timer 0 00 designated port 8002 forward delay timer 0 00 desionated cost 0 hold timer 0 00 flags 172 6 7 5 QoS Plot The QoS Plot show graphs which continuously represents the current data traffic on each QoS rule The chart scale and throughput dimension bps Kbps Mbps changes dynamically according to the mean throughput value The statistics is updated automatically every 5 seconds The throughput statistics of QoS can be updated manually using the Refresh button Refresh QoS Plot QoS List Comment Remark DSCP Bandwidth U D kbps FTP NO 1024 2048 X JS 2 25 pa s A VIDp 15 5 25 715 0 50 0 25 Mbps 0 173 6 7 6 Event Log The Event log displays system events when system is up and running Also it becomes very useful as a troubleshooting tool when issues are experienced in system System Log clear Result Time Facility Severity Message 2000 Jan 1 de en in E 00 00 11 System Info d
30. 1 2543 192 168 2 254 us SO 192 168 2 20 Port 21 25 a A 19 2 168 2 21 Port 80 Please click on Advance gt Virtual Server and follow the below setting Virtual Server Setup Virtual Server Virtual Server List Virtual Server Enable Disable Status Description Protocol PrivateIP Public Port Private Port Delete Edit Description No Rule in the List Private IP Protocol Type TCP O UDP Private Port Public Port Virtual Server By Default Its Disable Check Enable radial button to enable Virtual Server Description Enter appropriate message for resource sharing via Virtual Server Private IP Enter corresponding IP address of internal resource to share Protocol Type Select appropriate sessions TCP or UDP from shared host via multiple private ports Private Port A port or a range of ports may be specified as start end i e port 20 80 m Public Port A port or a range of ports may be specified as start end i e port 20 80 The Private Port and Public Port can be different However total number of ports need to be the same Example Public Port is 11 to 20 and the Private Port can be a 10 ports range 164 Click Add button to add Virtual Server rule to List Total of maximum 20 rules are allowed in this List All rules can be edited or removed from the List Click Reboot button to activate your changes While creating multiple Virtual Server rules the prior rules have
31. 63 ASCII or 64 HEX format AES key WDS MAC List gt Enable Click Enable to create WDS link gt WDS Peer s MAC Address Enter the MAC address of WDS peer 3 Description Description of WDS link a The WDS link needs to be set at same Channel and with same Security Type Click Save button to save your changes Click Reboot button to activate your changes 232 8 4 System Management 8 4 1 Configure Management Administrator could specify geographical location of the system via instructions in this page Administrator could also enter new Root and Admin passwords and allow multiple login methods Please click System gt Management and follow the below settings Management Setup System Information Admin Login Methods System Name WCB1200H2PX Enable HTTP Y Port 80 Description Outdoor WiFi N 5G 200mW Enable HTTPS Port 443 UploadKey nani Enable Telnet Port 23 E Enable SSH Y Port 22 Root Password Host Key Footprint ssh rsa AAAAB3NzaCiyc2EAAAADAQABAAAAgw New Root Password Check Root Password nep Ping Watchdog E E dl Ping Watchdog O Enable Disable Admin Password IP Address To Ping New Admin Password Ping Interval Seconds Check New Password Startup Delay Seconds Failure Count To Reboot m System Information gt System Name Enter a desired name or use the default one 3 Description Provide description of the system 3 Location Enter geographical location i
32. ANTO ANT1 Shows the wireless signal strength of the connection between system and an gt Channel BandWidth Shows the current channel bandwidth used for communication It should be 20 or 40 gt Guard Interval Shows the current Gl used for communication It should be short or long gt MCS Shows the current Gl used for communication It should be between 0 to 15 or 32 Transmit Statistics gt Frames Transmitted Successfully The number of successfully transmitted frames gt Frames Transmitted Successfully Without Retry The number of successfully transmitted frames without any retry gt Frames Transmitted Successfully After Retry s The number of successfully transmitted frames with one or more retries 116 Frames Fail To Receive ACK After All Retries The number of unsuccessfully transmitted frame with many retries RTS Frames Successfully Receive CTS The number of successful received CTS Clear To Send response after this APO1200 APO1215 sends out the RTS Request To Send message RTS Frames Fail To Receive CTS The number of unsuccessful received CTS response after this APO1200 APO1215 sends out the RTS message Receive Statistics gt gt Frames Received Successfully The number of successful received frames Frames Received With CRC Error The number of received frames with CRC Cyclical Redundancy Checking error Frames Dropped Due To Out of Resource The number of
33. Address IP Netmask PPTP Server IP Address User name PassWord Reconnect Mode Always On On Demand Manual Idle Time minutes MTU 1450 MPPE Encryption L MPPE 40 C MPPE 128 IP Address The IP address of the WAN port IP Netmask The Subnet mask of the WAN port PPTP Server IP Address The IP address of the PPTP server User Name Enter User Name for PPTP connection Password Enter Password for PPTP connection Xx YN OS S Reconnect Mode e Always on A connection to Internet is always maintained e On Demand A connection to Internet is made as needed 214 a When Time Server is enabled at the On Demand mode the Reconnect Mode will turn out Always on e Manual Click the Connect button on WAN Information in the Overview page to connect to the Internet v idle Time Time to last before disconnecting PPPoE session when it is idle Enter preferred Idle Time in minutes Default is 0 indicates disabled When Idle time is disabled the Reconnect Mode will turn out Always on v MTU By default it s 1460 bytes MTU stands for Maximum Transmission Unit Consult with WISP for a correct MTU setting v MPPE Encryption Microsoft Point to Point Encryption MPPE encrypts data in Point to Point Protocol PPP based dial up connections or Point to Point Tunneling Protocol PPTP virtual private network VPN connections 128 bit key st
34. Address Delete MAC Address No MAC Rule in the List m MAC Filter Rule By default it s Disable Options are Disabled Only Deny List MAC or Only Allow List MAC Click Save button to save your change Two ways to set the MAC Filter List gt Only Allow List MAC The wireless clients in the MAC Filter List will be allowed to access to Access Point All others will be denied gt Only Deny List MAC The wireless clients in the MAC Filter List will be denied to access to Access Point All others will be allowed m MAC Address Enter MAC address e g aa bb cc 00 00 0a and click Add button then the MAC address should display in the MAC Filter List There are a maximum of 20 clients allowed in this MAC Filter List The MAC addresses of the wireless clients can be added and removed to the list using the Add and Delete buttons Click Reboot button to activate your changes 157 6 5 3 Parental Control Setup Parental Control allows you to block or allow specific kinds of Internet usage and traffic such as Internet access designated services and websites NAT Main Base Station 192 168 1 250 192 168 2 50 100 Please click on Advance gt Parental Control and follow the below setting Parental Control Rules Parental Control List Comment Comment Active Delete Edit MAC Address Add Rule No Rule in the List Local IP Destination IP Protocol Any v Local Port Destination Port
35. Control Policy by IP IP Range MAC Group Port Layer 7 Protocol Traffic Analysis and Statistics No of Max Policy setting 10 DiffServ ToS IEEE802 1p CoS IEEE 802 1Q Tag VLAN priority control IEEE802 11e WMM Parental Control gt gt Blocking Control Policy by IP Range MAC Group Port Layer 7 Protocol URL Blocking 10 System Administration Y Y Y y y y y y y y y y y y y y y y sy Intuitive Web Management Interface Password Protected Access Firmware upgrade via Web Reset to Factory Defaults Profiles Configuration Backup and Restore One button click to reset factory default Two administrator accounts Remote Link Test Display connect statistics Full Statistics and Status Reporting Real time QoS Flow Plot NTP Time Synchronization Even Log Support SNMP v1 v2c v3 SNMP Traps to a list of IP Address Support MIB II CLI access via Telnet and SSH Administrative Access HTTP and HTTPS UPnP Universal Plug and Play Ping Watchdog 11 Chapter 2 Basic Installation 2 1 Hardware Installation 2 1 1 Package Contents The standard package contents of APO1200 APO1215 APO1200 AP01215 x1 Quick Installation Guide x 1 CD ROM with User Manual and QIG x 1 m Power Adapter DC24V 0 5A x 1 m PoE Injector x 1 Mounting Kit x2 A It is highly recommended to use all the supplies in the package instead of substituting any components by other suppliers to guarantee best performance 2 1 2 Panel
36. IP Netmask 255 IP Gateway 192 Primary DNS Lig P 1 cai Ca Em Ga Secondary ONS Receive Bytes 1 Receive Packets 126 Transmit Bytes 0 5 Transmit Packets The WAN port specified Dynamic IP the Release and Renew button will be show up click Release button to release IP address of WAN port Renew button to renew IP address through DHCP server WAN Information Mode Dynamic Mode MAC Address 00 0C 43 23 60 14 113 The WAN port specified PPPoE or PPTP and the Connect and DisConnect button will be show up Click Connect button to assigned IP address from PPPoE or PPTP server DisConnect button to release IP address of WAN port Y Y Y y y y y y y y y y WAN Information Mode PPPoE Mode Reconnect Mode Manual Mode Supports Static Dynamic PPPoE and PPTP modes Reconnect Mode The current reconnect mode of the PPPoE or PPTP MAC Address The MAC address of the WAN port IP Address The IP address of the WAN port IP Netmask The IP netmask of the WAN port IP Gateway The gateway IP address of the WAN port Primary DNS The primary DNS server in service Secondary DNS The secondary DNS server in service Receive bytes The total received packets in bytes on the WAN port Receive packets The total received packets of the WAN port Transmit bytes The total transmitted packets in bytes of the WAN port Transmit packets The total transmitted packets of the WAN port LAN In
37. IP Secondary IP Address 192 168 2 254 IP Netmask 255 255 255 0 DHCP Server IP Gateway 192 168 2 1 DHCP O Enable O Disable m Mode Check either Static IP or Dynamic IP button as desired to set up the system IP of LAN port gt Static IP The administrator can manually setup the LAN IP address when static IP is available preferred v IP Address The IP address of the LAN port default IP address is 192 168 2 254 v IP Netmask The Subnet mask of the LAN port default Netmask is 255 255 255 0 v IP Gateway The default gateway of the LAN port default Gateway is 192 168 2 1 gt Dynamic IP This configuration type is applicable when the APO1200 APO1215 is connected to a network with the presence of a DHCP server all related IP information will be provided by the DHCP server automatically Dynamic IP Hostname m Hostname The Hostname of the LAN port m DNS Check either No Default DNS Server or Specify DNS Server IP button as desired to set up the system DNS gt Primary The IP address of the primary DNS server gt Secondary The IP address of the secondary DNS server m DHCP Setup Devices connected to the system can obtain an IP address automatically when this service is enabled DHCP Server DHCP 2 Enable Disable Start IP 192 168 2 10 End IP 192 168 2 70 DNS1 P DNS2 IP WINS IP Domain Lease Time 176 DHCP Check Enable button to activate this func
38. Indicate the SGI Short Guard Interval of the respective WDS linked 1 indicate the Short Guard Interval 0 indicate the Long Guard Interval If display no signal Signal Strength ANTO ANT1 you need check WDS configuration Things to verify are MAC Address Channel and Security type Also adjust antenna angle and Tx Power 48 3 5 4 Extra Information Users could pull out information such as Route table ARP table MAC table Bridge table or STP available in the drop down list from system The Refresh button is used to retrieve latest table information Extra Information Extra Information Route Information information Route Information v Destination Gateway Genmask Flags Metric Ref Use Iface 192 168 2 0 0 0 0 0 255 255 255 0 U 0 0 O bred 127 0 0 0 0 0 0 0 255 255 255 0 U 0 0 O0 lo 0 0 0 0 192 168 2 1 0 0 0 0 UG 0 0 O bred Route table information Select Route table information on the drop down list to display route table APO1200 APO1215 could be used as a L2 or L3 device It doesn t support dynamic routing protocols such as RIP or OSPF Static routes to specific hosts networks or default gateway are set up automatically according to the IP configuration of system s interfaces When used as a L2 device it could switch packets and as L3 device it s capable of being a gateway to route packets inward and outward Route Information Destination Gateway Genmask Flags Metric Ref Use Iface 1
39. Indicate the system s Virtual AP m ESSID Indicate the ESSID of the respective Virtual AP m MAC Address The MAC address of the VAP Interface is displayed here When you enable AP and reboot system the MAC address will display here m Status Indicate the Status of the respective Virtual AP The Primary AP always on m Security Type Indicate an used security type of the respective Virtual AP MAC Filter Indicate an used MAC filter of the respective Virtual AP Edit Click Edit button to configure Virtual AP s settings including security type and MAC Filter 28 3 2 3 2 Virtual AP Setup For each Virtual AP administrators can configure SSID VLAN tag ID SSID broadcasting Maximum number of client associations security type settings Click Edit button on the Edit column and then a Virtual AP setup page appears VAP 1 Setup security MAC Filter Enable AP Enable O Disable Action Disable vi ESSID Client Isolation O Enable Disable Hidden SSID O Enable Disable Maximum Clients 32 T a se A a VLAN Tag ID Y Enable Disable 1 4094 Security Type Disable v m Enable AP By default its Disable for VAP1 VAP6 The Primary AP always enabled Select Enable to activate VAP or click Disable to deactivate this function m ESSID Extended Service Set ID When clients are browsing for available wireless networks this is the SSID that will appear in the list ESSID will determine
40. Name 32 chars ESSID Length 31 Space 0 9 A Z a z OES di aes WEP Key 10 26 HEX chars or 5 13 ASCII chars Pre shared Key 8 63 ASCII chars 64 HEX chars Advanced Setup Beacon Interval 20 1024 Date Beacon Rate 1 255 Fragment Threshold 206 2346 RTS Threshold 1 2347 267 Table B WEB GUI Valid Characters continued Block Field Valid Characters Virtual AP Setup ESSID Length 31 Space 0 9 A Z a z I _ lt gt Maximum Clients 1 32 VLAN ID 1 4094 WEP Key 10 26 HEX chars or 5 13 ASCII chars Group Key Update Period gt 60 seconds PMK Cache Period gt 0 minute Pre Shared Key 8 63 ASCII chars 64 HEX chars Radius Server IP IP Format 1 254 Radius Port 1 65535 Shared Secret 8 64 characters Session Timeout gt 60 seconds 0 Is disable WDS Setup WEP Key 10 26 HEX chars or 5 13 ASCII chars TKIP Key 8 63 ASCII chars 64 HEX chars AES Key 8 63 ASCII chars 64 HEX chars Peer s MAC Address 12 HEX chars Description 32 chars IP Filter Source Address IP Format 1 254 Source Mask 0 32 Source Port 1 65535 Destination Address IP Format 1 254 Destination Mask 0 32 Destination Port 1 65535 MAC Filter MAC address MAC Format 12 HEX chars Virtual Server Description 32 chars Private IP IP Formate 1 254 Private Publi
41. Please click on Advance gt QoS and follow the below setting 249 QoS Setup Rules QoS List Comment Comment Remark DSCP Bandwidth U D Delete Edit MAC Address Rule No QoS Rule in the List Local IP Destination IP DSCP Class Any Y Protocol Any v Local Port Destination Port Action Remark DSCP No Remark vw Bandwidth O Enable Disable Upload Kbits Download Kbits m Rules Use the rules to define the classifiers After you define the rules you can specify action to act upon the traffic that matches the rules gt Comment Enter a descriptive name for this rule for identifying purposes gt MAC Address Enter MAC address in valid MAC address format xx xx xx xx Xx xx and click Add button to add in the MAC group of each rule Click Remove button can remove MAC address in the group of each rule There are 10 MAC address maximum allowed in each rule 3 Local Destination IP Specify local LAN destination IP addresses range required for this rule If you specify local IP addresses range from 192 168 1 1 to 192 168 2 254 The matches a range of local IP addresses include every single IP address from the first to the last so the example above includes everything from 192 168 1 1 to 192 168 2 254 gt DSCP Class Differentiated services code point DSCP Select Any or specify classify traffic from drop down list The Per Hop Behavior PHB is indicated by encoding a 6 bit value called
42. Setting for transmission speed Dynamic Wireless re transmission IEEE802 11f IAPP Inter Access Point Protocol hand over users to another AP IEEE 802 11i Preauth PMKSA Cache IEEE 802 11h TPC Transmission Power Control and DFS Dynamic Frequency Select IEEE 802 11d Multi country roaming Wireless Site Survey Channel Bandwidth setting 20MHz or 20 40MHz HT Tx Rx Stream selection 1 or 2 A MSDU and A MPDU support Maximal MPDU density for TX aggregation setting Short Slot support Slot time and ACK Timeout support Y Y Y y y y y y y y y yy y y y y y y y y sy RTS Threshold and Fragment Threshold support Authentication Encryption Wireless Security Y Y Y y y y y y y y y y y y y y y Layer 2 User Isolation and AP Isolation Blocks client to client discovery within a specified VLAN WEP 64 128 Bits EAP TLS Dynamic WEP EAP TTLS Dynamic WEP PEAP MS PEAP Dynamic WEP WPA PSK TKIP WPA 802 1x certification TKIP 802 111 WPA2 PSK CCMP AES 802 111 WPA2 802 1x certification CCMP AES Setting for TKIP CCMP AES key s refreshing period Hidden ESSID support Setting for Deny ANY connection request MAC Address filtering MAC ACL No of registered RADIUS servers 1 VLAN assignment on ESSID Support WEP AES and TKIP data encryption over WDS link Quality of Service Y Y y y y y y y y Download and Upload traffic control Packet classifications via DSCP Differentiated Services Code Point
43. Status Peers MAC Address antenna 0 1 received signal strength phy mode and channel bandwidth for each WDS are avallable WDS Information WDS Link Status Signal Strength Signal Strength Phy MAC Address ANTO ANTA Mode BandWidth MCS SG OO11 AS 0AYB F2 100 5 dBm 100 6 dBm HTMIX 40M 15 1 m MAC Address Display MAC address of WDS peer Signal Strength ANTO ANT1 Indicate the signal strength of the respective WDS links m Phy Mode Indicate the phy mode of the respective WDS linked BandWidth Indicate the channel bandwidth of the respective WDS linked m MCS Indicate the MCS of the respective WDS linked m SGI Indicate the SGI Short Guard Interval of the respective WDS linked 1 indicate the Short Guard Interval 0 indicate the Long Guard Interval If display no signal Signal Strength ANTO ANT1 you need check WDS configuration Things to verify are MAC Address Channel and Security type Also adjust antenna angle and Tx Power 259 9 7 4 Extra Info Users could pull out information such as Route table ARP table MAC table Bridge table or STP available in the drop down list from system The Refresh button is used to retrieve latest table information Extra Information Extra Information Netstat Information Information Netstat Information v Protocol LiveTime Status SrciP SrcPort DstIP DstPort tcp 119 TIME_WAIT 192 168 222 3423 192 168 2254 80 tcp 113 TIME_WAIT 192 168
44. Timeout 0 v WPA General Settings e Cipher Suite By default it is AES Select either AES or TKIP cipher suites e Group Key Update Period By default it s 3600 seconds This time interval for rekeying GTK broadcast multicast encryption keys in seconds Entering the time length is required e PMK Cache Period By default it s 10 minutes Set WPA2 PMKID cache timeout period after time out the cached key will be deleted e Pre Authentication By default it s Disable To Enable is use to speed up roaming before pre authenticating IEEE 802 1X EAP part of the full RSN authentication and key handshake before actually associating with a new AP a PMK Cache Period and Pre Authentication is used in WPA2 Enterprise v Radius Server Settings e IP Address Enter the IP address of the Authentication RADIUS server e Port By default its 1812 The port number used to communicate with RADIUS server e Shared secret A secret key used between system and RADIUS server Supports 8 to 64 characters e Session Timeout The Session timeout is in the range of 0 60 seconds The default is O to disable re authenticate service Amount of time before a client will be required to re authenticate 141 gt WEP 802 1X When WEP 802 1x Authentication is enabled please refer to the following Dynamic WEP and RADIUS settings to complete configuration 802 1x WEP Dynamic WEP Enable Authentication RADIUS Server Authentic
45. a program online to open it a Name contig bin Type Unknown File Type From 192 168 2 254 harm your computer If vou do not trust the source do not find a Y While files from the Internet can be useful some files can potentially E program to open this file or save this file What s the risk m Load Settings from PC Click Browse button to locate a configuration file to restore and then click Upload button to upload m Reset To Factory Default Click Default button to reset back to the factory default settings and expect Successful loading message Then click Reboot button to activate 240 8 4 6 Firmware Upgrade Firmware is the main software image that system needs to respond to requests and to manage real time operations Firmware upgrades are sometimes required to include new features or bugs fix It takes around 2 minutes to upgrade due to complexity of firmware To upgrade system firmware click Browse button to locate the new firmware and then click Upgrade button to upgrade Firmware Upgrade Firmware Infomation Firmware Version Cen CPE N5H V0 0 4 Beta Version Firmware Date 2009 09 03 09 26 27 Update Firmware ee _ Browse o From time to time the product may release new versions of the firmware You can check and download up to date firmware and click Browser button to locate the file from your local harddisk Upgrade 1 To prevent data loss during firmware upgrade ple
46. access system s WMI https 192 168 2 254 There will be a Certificate Error because the browser treats system as an illegal website Certificate Error Navigation Blocked Windows Internet Explorer ts Y e 192 168 2 254 File Edit View Favorites Tools Help gly Favorites Sp M Suggested sites EQ Free Hotmail E we allery e Certificate Error Navigation Blocked 3 There is a problem with this website s security certificate The security certificate presented by this website was not issued by a trusted certificate authority The security certificate presented by this website was issued for a different website s address Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server We recommend that you close this webpage and do not continue to this website Y Click here to close this webpage Y Continue to this website not recommended E More information Click Continue to this website to access the system s WMI The system s Overview page will appear 37 3 4 2 Configure System Time System time can be configured via this page and manual setting or via a NTP server is supported Please click on System gt Time Server and follow the below setting Time Server Setup System Time Local Time 2000 01 01 Sat 00 05 44 NTP Client Enable Default NTP Server optional Time Zone Daylight saving time
47. admin Step IP Segment Set up for Administrator s PC Laptop Set the IP segment of the administrator s computer to be in the same range as APO1200 AP01215 for accessing the system Do not duplicate the IP Address used here with IP Address of APO1200 APO1215 or any other device within the network Example of Segment The valid range is 1 254 and 192 168 2 254 shall be avoided because it is already assigned to APO1200 APO1215 192 168 2 10 is used in the example below m P Address 192 168 2 10 m IP Netmask 255 255 255 0 Launch Web Browser Launch web browser to access the web management interface of system by entering the default IP Address http 192 168 2 254 in the URL field and then press Enter nie er y E http 1192 168 2 254 15 System Login The system manager Login Page then appears Enter root for user name and default for password and then click OK to login to the system The server 192 168 2 254 at APOT 200 requires a username and password Warning This server is requesting that your username and password be sent in an insecure manner basic authentication without a secure connection Remember my credentials Login Success System Overview page will appear after successful login Pren networkingsolutions APO1200 Overview Clients WDS Status Extra Info Event Log System Overview System Host Name
48. are supported MPPE provides data security for the PPTP connection that is between the VPN client and the VPN server m DNS Check No Default DNS Server or Specify DNS Server IP radial button as desired to set up system DNS gt Primary The IP address of the primary DNS server gt Secondary The IP address of the secondary DNS server m MAC Clone The MAC address is a 12 digit HEX code uniquely assigned to hardware as identification Some ISPs require you to register a MAC address in order to access to Internet If not you could use default MAC or clone MAC from a PC CPE AP Mode does not support MAC Clone function MAC Clone O Keep Defaut MAC Address Clone MAC Address 00 14 92 9F 44 98 O Manual MAC Address gt Keep Default MAC Address Keep the default MAC address of WAN port on the system gt Clone MAC Address If you want to clone the MAC address of the PC then click the Clone MAC Address button The system will automatically detect your PC s MAC address The Clone MAC Address field will display MAC address of the PC connected to system Click Save button can make clone MAC effective gt Manual MAC Address Enter the MAC address registered with your ISP Click Save button to save your changes Click Reboot button to activate your changes 82 5 1 3 Configure DDNS Setup Dynamic DNS allows you to map domain name to dynamic IP address Please click on System gt DDNS Setup and follo
49. byte The main purpose of enabling RTS by changing RTS threshold is to reduce possible collisions due to hidden wireless clients RTS in AP will be enabled automatically if the packet size is larger than the Threshold value By default RTS is disabled in a normal environment supports non jumbo frames J m Short Preamble By default it s Enable To Disable is to use Long 128 bit Preamble Synchronization field The preamble is used to signal here is a train of data coming to the receiver The short preamble provides 72 bit Synchronization field to improve WLAN transmission efficiency with less overhead Tx Burst By default it s Enable To Disable is to deactivate Tx Burst With TX burst enabled AP will send many packets in a burst without collision detection and RTS CTS for each packet TX Burst have better throughput but cause interference with other APs in channel m Pkt Aggregate By default it s Enable Increase efficiency by aggregating multiple packets of application data into a single transmission frame In this way 802 11n networks can send multiple data packets with the fixed overhead cost of just a single frame m IEEE802 11H DFS By default it s Disable To Enable is to use IEEE802 11H DFS With DFS Dynamic Frequency Selection enabled radio is operating on one of the following channels the wireless device uses DFS to monitor the operating frequency and switch to another frequen
50. clean environment higher fragment threshold can be an option to increase throughput Fragmentation will be triggered by setting the Fragment Threshold usually in Byte length Only when the frame size is over the Threshold fragmentation will take place automatically m RTS Threshold TRTS Threshold is in the range of 1 2347 byte The default is 2347 byte The main purpose of enabling RTS by changing RTS threshold is to reduce possible collisions due to hidden wireless clients RTS in AP will be enabled automatically if the packet size is larger than the Threshold value By default RTS is disabled in a normal environment supports non jumbo frames J Short Preamble By default it s Enable To Disable is to use Long 128 bit Preamble Synchronization field The preamble is used to signal here is a train of data coming to the receiver The short preamble provides 72 bit Synchronization field to improve WLAN transmission efficiency with less overhead Tx Burst By default it s Enable To Disable is to deactivate Tx Burst With TX burst enabled AP will send many packets in a burst without collision detection and RTS CTS for each packet TX Burst have better throughput but cause interference with other APs in channel m Pkt_Aggregate By default it s Enable Increase efficiency by aggregating multiple packets of application data into a single transmission frame In this way 802 11n networks can send mul
51. default Gateway and DNS settings Click Save button to save your changes Click Reboot button to activate your changes 94 5 3 3 Configure UPnP Universal Plug and Play UPnP is an architecture to enable pervasive peer to peer network connectivity between PCs intelligent devices and appliances when UPnP is supported UPnP works on TCP IP network to enable UPnP devices to connect and access to each other very well adopted in home networking environment UPNP Setup UPNP UPNP O Enable Disable UPnP By default it s Disable Select Enable or Disable of UPnP Service Click Save button to save changes and click Reboot button to activate changes For UPnP to work in Windows XP the APO 1200 APO1215 must be available in My Network Places If these devices are not available you should verify that the correct components and services are loaded in Windows XP Please refer to Appendix E Using UPnP on Windows XP 95 5 3 4 Configure SNMP Setup SNMP is an application layer protocol that provides a message format for communication between SNMP managers and agents By enabling SNMP function the administrator can obtain the system information remotely Please click on System gt SNMP Setup and follow the below setting SNMP Setup Enable O Enable F Enable E SNMP v2c Enable Check to enable SNMP v2c SNMP v2c Enable ro community re community gt ro community Set
52. default is 443 and the range is between 1 65535 If you already have an SSL Certificate please click UploadKey button to select the file and upload it Enable Telnet Check to select Telnet Service Telnet Port The default is 23 and the range is between 1 65535 Enable SSH Check to select SSH Service SSH Port Please The default is 22 and the range is between 1 65535 Click GenerateKey button to generate RSA private key The host key footprint gray blank will display content of RSA key Ping Watchdog The ping watchdog sets the APO1200 APO1215 Device to continuously ping a user defined IP address it can be the internet gateway for example If it is unable to ping under the user defined constraints the APO1200 APO1215 device will automatically reboot This option creates a kind of fail proof mechanism Ping Watchdog is dedicated for continuous monitoring of the particular connection to remote host using the Ping tool The Ping works by sending ICMP echo request packets to the target host and listening for ICMP echo response replies If the defined number of replies is not received the tool reboots the device gt gt gt Enable Ping Watchdog control will enable Ping Watchdog Tool IP Address To Ping specify an IP address of the target host which will be monitored by Ping Watchdog Tool Ping Interval specify time interval in seconds between the ICMP echo requ
53. devices are preferred m Public hotspot operation for caf parks convention centers shopping malls or airports m Wireless coverage for indoor and outdoor grounds in private resorts home yards or gulf course communities A WAN APO1200 APO1215 Survellance Camera Notebook 1 3 Applications in Wireless Network APO1200 APO1215 is a multiple mode system which can be configured either as a wireless gateway or an access point as desired It also can be used as a WDS link for Ethernet network expansion This section depicts different applications on Router AP Mode AP Mode WDS Mode CPE Mode Client Bridge Universal Repeater Mode and CPE AP Mode Operating Mode LAN Management Time Server SNMP Operating Mode Operating Mode O Router AP Mode 2 O AP Mode 2 WDS Mode 2 O CPE Mode 2 O Client Bridge Universal Repeater Mode O CPE AP Mode 2 Save amp Reboot Configuration on Router AP Mode Gateway Access Point WDS gt Example 1 Router AP without WDS Y It can be deployed as a gateway with wireless Access Point NAT APO1200 192 168 2 10 WAN WLAN 192 168 1 254 192 168 2 254 gt Example 2 Router AP with WDS v ltcan be deployed as a gateway with wireless Access Point and provides WDS link for network extension 34 Remote 192 168 2 20 100 Base Station NAT WDS E APO1200 192 168 2 10 WAN WLAN 192 168 1 254 19
54. dropped frames Duplicate Frames Received The number of duplicate frames 117 5 6 3 Extra Info Users could pull out information such as Route table ARP table MAC table Bridge table or STP available in the drop down list from system The Refresh button is used to retrieve latest table information Extra Information Extra Information Netstat Information Information Netstat Information v Protocol LiveTime Status SrciP SrcPort DstIP DstPort tcp 119 TIME_WAIT 192 168 222 3423 192 168 2254 80 tcp 113 TIME_WAIT 192 168 222 3419 192 168 2254 80 udp 5 192 168 222 138 192 168 2255 138 tcp 118 TIME_WAIT 192 168 222 3421 192 168 2254 980 tcp 90 TIME_WAIT 192 168 2 22 3413 192 168 2254 980 tcp 431999 ESTABLISHED 192 168 222 3425 192168 2 254 980 tcp 90 TIME_WAIT 192 168 222 3415 192 168 2254 80 tcp 91 TIME_WAIT 192 168 222 3417 192 168 2254 80 Netstat Information Select NetStatus Information on the drop down list the connection track list should show up the list can be updated using the Refresh button NetStatus will show all connection track on the system the information include Protocol Live Time Status Source Destination IP address and Port Route table information Select Route table information on the drop down list to display route table APO1200 AP0O1215 could be used as a L2 or L3 device It doesn t support dynamic routing protocols such as RIP or OSPF Static routes to specific hosts networks
55. end i e port 20 80 m Public Port A port or a range of ports may be specified as start end i e port 20 80 The Private Port and Public Port can be different However total number of ports need to be the same Example Public Port is 11 to 20 and the Private Port can be a 10 ports range Click Add button to add Virtual Server rule to List Total of maximum 20 rules are allowed in this List All rules can be edited or removed from the List Click Reboot button to activate your changes 111 While creating multiple Virtual Server rules the prior rules have higher priority The Virtual server rules have precedence over the DMZ one while both rules exist Example 1 and 2 demonstrate proper usage of DMZ and Virtual Server rules m Example 1 All connections should be redirected to 192 168 2 12 while DMZ is enabled Since Virtual Server rules have precedence over the DMZ rule all connections to TCP port 22 will be directed to TCP port 22 of 192 168 2 10 and remaining connections to port TCP 20 80 will be redirected to port TCP 20 80 of 192 168 2 11 DMZ Enabled 192 168 2 12 Rule Protocol Private IP Private Port Public Port 1 TCP 192 168 2 10 22 22 2 TCP 192 168 2 11 20 80 20 80 m Example 2 All connections should be redirected to 192 168 2 12 while DMZ is enabled Since Virtual Server rules have precedence over the DMZ rule all other connections to TCP port 20 80 will be redirected to port
56. environment where communication quality is fine and interference is weak While the No ACK policy helps improve transmission efficiency it can cause increased packet loss when communication quality deteriorates This is because when this policy is used a sender does not retransmit packets that have not been received by the recipient When the Normal ACK policy is used the recipient acknowledges each received unicast packet gt WMM Parameters of Station This affects traffic flowing from the client station to the access point Data Transmitted ao eae Queue Clients to AP Priority Description AC BK Background aa High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AC_BE Best Effort Medium Medium throughput and delay Most traditional IP data is sent to this queue AC_VI Video High Minimum delay Time sensitive video data is automatically sent to this queue AC VO Voice High re aa data like VoIP and streaming media are automatically sent to this Aifsn The Arbitration Inter Frame Spacing Number specifies a wait time in milliseconds for data frames CWmin Minimum Contention Window This parameter is input to the algorithm that determines the initial random backoff wait time window for retry of a transmission The value specified here in the Minimum Contention Window is the upper limit in milliseconds of a range from which
57. for AP s RF advanced settings and will be applied to all VAPs and WDS Links 21 3 2 3 Create Virtual AP VAP The APO1200 AP01215 support broadcasting multiple SSIDs allowing the creation of Virtual Access Points partitioning a single physical access point into 7 logical access points each of which can have a different set of security VLAN Tag ID and network settings Figure 3 2 shows multiple SSIDs with different security type and VLAN settings Sales Network Resource y Pay SSID Sales Engineer Network Resource pa 802 109 Trunk Market Metwork Resource Se x SSID Market VLAN 3 3 a7 in Guest Network Resource g SSID Guest VLAN 4 pL SSID Accounting Accounting Network Resource ae VLAN 5 Figure 3 2 Multiple SSIDs with different Security Type and VLAN Tag 3 2 3 1 Virtual AP Overview The administrator can view all of the Virtual AP s settings via this page Please click on Wireless gt Virtual AP Setup and the Virtual AP Overview Page appears Virtual AP Overview VAP List VAP ESSID MAC Address Status Security Type MAC Filter Edit Primary AP Main_AP 00 26 CE 01 06 92 On Disable Disable Edit VAP 00 00 00 00 00 00 Off Disable Disable Edit WAPZ 00 00 00 00 00 00 Off Disable Disable Edit WAP3 00 00 00 00 00 00 Off Disable Disable Edit VAPA 00 00 00 00 00 00 Off Disable Disable Edit WAPS 00 00 00 00 00 00 Off Disable Disable Edit WAPS 00 00 00 00 00 00 Off Disable Disable Edit m VAP
58. higher priority The Virtual server rules have precedence over the DMZ one while both rules exist Example 1 and 2 demonstrate proper usage of DMZ and Virtual Server rules m Example 1 All connections should be redirected to 192 168 2 12 while DMZ is enabled Since Virtual Server rules have precedence over the DMZ rule all connections to TCP port 22 will be directed to TCP port 22 of 192 168 2 10 and remaining connections to port TCP 20 80 will be redirected to port TCP 20 80 of 192 168 2 11 DMZ Enabled 192 168 2 12 Rule Protocol Private IP Private Port Public Port 1 TCP 192 168 2 10 22 22 2 TCP 192 168 2 11 20 80 20 80 m Example 2 All connections should be redirected to 192 168 2 12 while DMZ is enabled Since Virtual Server rules have precedence over the DMZ rule all other connections to TCP port 20 80 will be redirected to port 20 80 of 192 168 2 11 The rule 2 won t take effect DMZ Enabled 192 168 2 12 Rule Protocol Private IP Private Port Public Port 1 TCP 192 168 2 11 20 80 20 80 2 TCP 192 168 2 10 22 22 165 6 7 System Status This section breaks down into subsections of System Overview Associated Clients Status Remote AP Extra Information and Event Log 6 7 1 Overview Detailed information on System WAN Information LAN Information Wireless Information and DHCP Server Status can be reviewed via this page m System Display the information of the sy
59. in as a admin user and is allowed to change its own gt New Password Enter a new password if desired gt Check New Password Enter the same new password again to check 194 Admin Login Methods Only root user can enable or disable system login methods and change services port gt gt gt gt y y y y Enable HTTP Check to select HTTP Service HTTP Port The default is 80 and the range is between 1 65535 Enable HTTPS Check to select HTTPS Service HTTPS Port The default is 443 and the range is between 1 65535 If you already have an SSL Certificate please click UploadKey button to select the file and upload it Enable Telnet Check to select Telnet Service Telnet Port The default is 23 and the range is between 1 65535 Enable SSH Check to select SSH Service SSH Port Please The default is 22 and the range is between 1 65535 Click GenerateKey button to generate RSA private key The host key footprint gray blank will display content of RSA key Ping Watchdog The ping watchdog sets the APO1200 APO1215 Device to continuously ping a user defined IP address it can be the internet gateway for example If it is unable to ping under the user defined constraints the APO1200 APO1215 device will automatically reboot This option creates a kind of fail proof mechanism Ping Watchdog is dedicated for continuous monitoring of the particular connection to remote host usin
60. it s Disable Options are Disable Only Deny List MAC or Only Allow List MAC Two ways to set MAC filter rules 3 Only Allow List MAC The wireless clients in the Enable list will be allowed to access the Access Point All others or clients in the Disable list will be denied 3 Only Deny List MAC The wireless clients in the Enable list will be denied to access the Access Point All others or clients inthe Disable list will be allowed m Add a station MAC Enter MAC address e g aa bb cc 00 00 0a and click Add button then the MAC address should display in the Enable List There are a maximum of 20 clients allowed in this Enable List The MAC addresses of the wireless clients can be added and removed to the list using the Add and Remove buttons Click Reboot button to activate your changes a MAC Access Control is the weakest security approach WPA or WPA2 security method is highly recommended 193 7 4 System Management 7 4 1 Configure Management Administrator could specify geographical location of the system via instructions in this page Administrator could also enter new Root and Admin passwords and allow multiple login methods Please click System gt Management and follow the below settings Management Setup System Information Admin Login Methods System Name WCB1200H2PX Enable HTTP Y Port 80 Description Outdoor WiFi N 5G 200mW Enable HTTPS Por
61. last mile services to business or residential broadband subscribers Network administrators can create multiple subscriber service tiers using per subscriber rate limiting features and manage centrally Airlink101 Outdoor AP utilizes a 200mW output Tx Power connecting to the WiFi mesh or WDS infrastructure and provides the subscriber with an Ethernet connection for a local access Airlink1016 Outdoor AP can be used for nine different purposes in six different modes In the Router AP mode it can be deployed as a gateway with wireless Access Point AP and provides WDS link for network extension In the AP mode it can be deployed either as traditional fixed wireless Access Point or combination of AP and WDS AP WDS In the WDS mode it s only used to expand or bridge Ethernet networks and deployed as a main base relay based or remote base station In the CPE mode it connects to Wireless Internet Service Provider s WISP outdoor network via wireless WAN gateway to access Internet In the Client Bridge Universal Repeater mode it connects to Wireless Internet Service Provider s WISP outdoor network via wireless or wired bridge to access to Internet In the CPE AP mode it connects to Wireless Internet Service Provider s WISP outdoor network via wireless WAN gateway to access Internet and it also can provide wireless clients associated via Access Point 1 Router AP WDS It can be deployed as a gateway with wireless Access Point and provide
62. number of connectivity test Traceroute Allows tracing the hops from the APO1200 APO1215 device to a selected outgoing IP address It should be used for the finding the route taken by ICMP packets across the network to the destination host The test is started using the Start button click Stop button to stopped test gt Destination Host Specifies the Destination Host for the finding the route taken by ICMP packets across the network gt MAX Hop Specifies the maximum number of hops max time to live value traceroute will probe 100 5 3 8 Reboot This function allows user to restart system with existing or most current settings when changes are made Click Reboot button to proceed and take around three minutes to complete Reboot O You must be reboot the system after changing settings Rebooting the system will not delete any of your configuration settings Click reboot button to reboot the system A reminder will be available for remaining time to complete If power cycle is necessary please wait till completion of the reboot process Please Wait The System Overview page appears upon the completion of reboot 101 5 4 Access Control List 5 4 1 IP Filter Setup Allows to create deny or allow rules to filter ingress or egress packets from specific source and or to destination IP address on wired LAN or Wireless WAN ports Filter rules could be used to filter unicast or multicast packets on different
63. protocols as shown in the IP Filter Setup Important to note that IP filter rules has precedence over Virtual server rules Please click on Advance gt IP Filter Setup and follow the below setting IP Filter Setup IP Rules IP Filter List Source Address Mask Source Destination A i In Out Protocol Listen Action Interface Delete Edit Source Port Address Mask Port Address Mask Port Destination No IP Rule in the List Address Mask Destination Port In Out O in Out Protocol TCP upp O icmp Listen Oves Ono Source Address Mask Enter desired source IP address and netmask i e 192 168 2 10 32 Source Port Enter a port or a range of ports as start end i e port 20 80 Destination Address Mask Enter desired destination IP address and netmask i e 192 168 1 10 32 Destination Port Enter a port or a range of ports as start end i e port 20 80 m In Out Applies to Ingress or egress packets Protocol Supports TCP UDP or ICMP m Listen Click Yes radial button to match TCP packets only with the SYN flag Active Deny to drop and Pass to allow per filter rules m Interface The interface that a filter rule applies a All packets are allowed by default Deny rules could be added to the filter list to filter out unwanted packets and leave remaining allowed Click Save button to add IP filter rule Total of 20 rules maximum allowed in the IP Filter List All rules can be edited or remove
64. ro user Set a community string to authorize read only access SNMP ro password Set a password to authorize read only access SNMP rw user Set a community string to authorize read write access y y y y SNMP rw password Set a password to authorize read write access m SNMP Trap Events such as cold start interface up amp down and association amp disassociation will report to an assigned server 238 SNMP Trap Enable Community Pal gt Community Set a community string required by the remote host computer that will receive trap messages or notices send by the system gt IP Enter the IP addresses of the remote hosts to receive trap messages Click Save button to save changes and click Reboot button to activate 239 3 4 5 Backup Restore and Reset to Factory Backup current configuration restore prior configuration or reset back to factory default configuration can be executed via this page Please click on Utilities gt Profile Setting and follow the below setting Profile Save Profile Save Load Settings From PC Browse _ Upload Reset To Factory Default Default i In this page you can save your current configuration restore a previously saved configuration or reset all of the settings to the factory default settings m Save Settings to PC Click Save button to save the current configuration to a local disk File Download Do you want to save this file or find
65. rules have precedence over IP Filter rules Please click on Advance gt MAC Filter Setup and follow the below setting MAC Filter Setup MAC Rules MAC Filter List Action Disabled v MAC Address Delete MAC Address Delete MAC Address No MAC Rule in the List m MAC Filter Rule By default it s Disable Options are Disabled Only Deny List MAC or Only Allow List MAC Click Save button to save your change Two ways to set the MAC Filter List gt Only Allow List MAC The wireless clients in the MAC Filter List will be allowed to access to Access Point All others will be denied gt Only Deny List MAC The wireless clients in the MAC Filter List will be denied to access to Access Point All others will be allowed a If there does not have any MAC address in MAC Filter List the MAC filter function deactivated m MAC Address Enter MAC address e g aa bb cc 00 00 0a and click Add button then the MAC address should display in the MAC Filter List There are a maximum of 20 clients allowed in this MAC Filter List The MAC addresses of the wireless clients can be added and removed to the list using the Add and Delete buttons Click Reboot button to activate your changes 104 5 4 3 Parental Control Setup Parental Control allows you to block or allow specific kinds of Internet usage and traffic such as Internet access designated services and websites NAT A f ETET oe Facebook X 19
66. secret in 64 HEX digits format or 8 to 63 ASCII characters v Group Key Update Period By default it is 3600 seconds This time interval for rekeying GTK broadcast multicast encryption keys in seconds Entering the time length is required gt WPA Enterprise or WPA2 Enterprise The RADIUS authentication and encryption will be both enabled if this is selected 190 WPA General Cipher Suite AES ho Group Key Update Period 3600 seconds FMK Cache Period 10 _ minute Pre Authentication Disable O Enable Authentication RADIUS Server Authentication Server Port 1812 shared Secret Session Timeout 0 v WPA General Settings e Cipher Suite By default it is AES Select either AES or TKIP cipher suites e Group Key Update Period By default it s 3600 seconds This time interval for rekeying GTK broadcast multicast encryption keys in seconds Entering the time length is required e PMK Cache Period By default it s 10 minutes Set WPA2 PMKID cache timeout period after time out the cached key will be deleted e Pre Authentication By default it s Disable To Enable is use to speed up roaming before pre authenticating IEEE 802 1X EAP part of the full RSN authentication and key handshake before actually associating with a new AP a PMK Cache Period and Pre Authentication is used in WPA2 Enterprise v Radius Server Settings e IP Address Enter the IP address of the Authenticati
67. the Differentiated Services Code Point DSCP into the 8 bit Differentiated Services DS field of the IP packet header Below depicts class for DSCP v BE Default PHB which is typically best effort traffic v EF Expedited Forwarding PHB dedicated to low loss low latency traffic v AF Assured Forwarding PHB which gives assurance of delivery under conditions The AF behavior group defines four separate AF classes Within each class packets are given a drop precedence high medium or low The combination of classes and drop precedence yields twelve separate DSCP encodings from AF11 through AF43 see table 250 DROP Precedence Class 1 Class2 Class3 Class 4 Low Drop AF11 AF21 AF31 AF41 Medium Drop AF12 AF22 AF32 AF42 High Drop AF13 AF23 AF33 AF43 gt Protocol Select Any or specify protocol from drop down list When you select ICMP or Layer 7 Application the Source Destination Port can not used 3 Local Port Specify local port LAN port range required for this rule gt Destination Port Specify destination port range required for this rule Action After configuring rule a policy rule ensures that a traffic flow gets the requested treatment in the network gt Remark DSCP Specify a new DSCP class if you want to replace or remark the DSCP gt Bandwidth Click Enable to activate function and click Disable to deactivate function 3 Upload Download Specify the bandwidth in kil
68. the NTP Server from the drop down list gt Time Zone Select a desired time zone from the drop down list gt Daylight saving time Enable or disable Daylight saving e If the system time from NTP server seems incorrect please verify your network settings like default Gateway and DNS settings Click Save button to save your changes Click Reboot button to activate your changes 197 7 4 3 Configure SNMP Setup SNMP is an application layer protocol that provides a message format for communication between SNMP manager and agent By enabling SNMP function the administrator can obtain the system information remotely Please click on System gt SNMP Setup and follow the below setting SNMP Setup Enable O Enable F Enable E SNMP v2c Enable Check to enable SNMP v2c SNMP v2c Enable ro community re community gt ro community Set a community string to authorize read only access gt rw community Set a community string to authorize read write access SNMP v3 Enable Check to enable SNMP v3 SNMPv3 supports the highest level SNMP security SNMP v3 Enable SNMP ro user SNMP ro password SNMP ru user SNMP rw password SNMP ro user Set a community string to authorize read only access SNMP ro password Set a password to authorize read only access SNMP rw user Set a community string to authorize read write access y y y y SNMP rw password Set a password t
69. the Threshold value By default RTS is disabled in a normal environment supports non jumbo frames J m Short Preamble By default it s Enable To Disable is to use Long 128 bit Preamble Synchronization field The preamble is used to signal here is a train of data coming to the receiver The short preamble provides 72 bit Synchronization field to improve WLAN transmission efficiency with less overhead Tx Burst By default it s Enable To Disable is to deactivate Tx Burst With TX burst enabled AP will send many packets in a burst without collision detection and RTS CTS for each packet TX Burst have better throughput but cause interference with other APs in channel m Pkt Aggregate By default it s Enable Increase efficiency by aggregating multiple packets of application data into a single transmission frame In this way 802 11n networks can send multiple data packets with the fixed overhead cost of just a single frame m IEEE802 11H DFS By default it s Disable To Enable is to use IEEE802 11H DFS With DFS Dynamic Frequency Selection enabled radio is operating on one of the following channels the wireless device uses DFS to monitor the operating frequency and switch to another frequency or reduce power as necessary DFS Channels 52 56 60 64 100 104 108 112 116 120 124 128 136 140 The maximum legal transmit power is greater for some 5 GHz channels than for ot
70. the wireless network with the profile setting After clicking Connect button you can verify connecting status on Remote AP Page If turns on IEEE802 11H and APO1200 APO1215 connect AP with DFS channel 52 150 APO1200 4PO1215 Will have 60 sec to do channel available check and will not send beacon and can not be connect Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 138 6 3 Wireless LAN Network Creation The network manager can configure related wireless settings Repeater AP Setup Security Settings and MAC Filter Settings 6 3 1 Repeater AP Setup Administrators can configure ESSID SSID broadcasting Maximum number of client associations security type settings and MAC Filter settings Repeater AP Setup Security MAC Filter Enable Repeater AP Enable Disable Action Disable ho ESSID Main_AP_Repeater Client Isolation Enable O Disable ce CY Ce Hidden SSID 2 Enable Y Disable Maximum Clients 32 Security Type Disable v J m Enable Repeater AP By default it s Enable for repeater AP Select Enable to activate Repeater AP or click Disable to deactivate this function m ESSID Extended Service Set ID When clients are browsing for available wireless networks this is the SSID that will appear in the list ESSID will determine the service type available to AP s clients associ
71. to a unique hardware address MAC of a device It is important to have a unique IP address as final destination to switch packets to ARP Table Information IP Address MAC Address Interface 192 168 226 00 06 81 13 35 EF bred 192 168 1 27 00 714 92 9F 44 98 eth2 Bridge table information Select Bridge Table information on the drop down list to display bridge table Bridge table will show Bridge ID and STP s Status on the each Ethernet bridge and its attached interfaces the Bridge Port should be attached to some interfaces e g ra0 ra6 and wdsO wds3 260 Bridge Table Information Bridge Port Bridge ID STP Enabled Interface bred 2000 0011a30a7bftfa no ra Bridge MAC information Select Bridge MACs Information on the drop down list to display MAC table This table displays local MAC addresses associated with wired or wireless interfaces but also remember non local MAC addresses learned from wired or wireless interfaces Ageing timers will be reset when existing MAC addresses in table are learned again or added when new MAC addresses are seen from wired or wireless interfaces as well When time runs out for a particular entry it will be pruned from the table In that situation switching packet to that particular MAC address will be discontinued Bridge MACs Information Port MAC Address Local Ageing Timer PrimaryAP 00 06 01 13 35 ef no a T PrimaryAP 00 11 a30a 7b ta yes 0 00 Bridge STP Information
72. traditional IP data is sent to this queue AC _BK Background Low AC VI Video High Minimum delay Time sensitive video data is automatically sent to this queue Time sensitive data like VolP and streaming media are automatically sent to this AC_VO Voice High queue Configuring QoS options consists of setting parameters on existing queues for different types of wireless traffic You can configure different minimum and maximum wait times for the transmission of packets in each queue based on the requirements of the media being sent Queues automatically provide minimum transmission delay for Voice Video multimedia and mission critical applications and rely on best effort parameters for traditional IP data As an Example time sensitive Voice amp Video and multimedia are given effectively higher priority for transmission lower wait times for channel access while other applications and traditional IP data which are less time sensitive but often more data intensive are expected to tolerate longer wait times 223 Aifsn The Arbitration Inter Frame Spacing Number specifies a wait time in milliseconds for data frames CWmin Minimum Contention Window This parameter is input to the algorithm that determines the initial random backoff wait time window for retry of a transmission The value specified here in the Minimum Contention Window is the upper limit in milliseconds of a range from which the init
73. traffic from the same protocol port such as FTP to form a flow Shaping 192 168 2 50 MAC 00 0B 6B A4 BB 01 LOZAK gece 192 168 2 51 MAC 00 0B 6B AA BB 02 3 Download 2046K Upload 1024K Download 512K Upload 256K APQ1200 192 168 1 254 192 168 2 254 WAN LAN 192 168 2 10 20 NAT Down 1024 Kbps A 7 Up 512 Kbps E 192 168 2 10 50 a n 2048 Kbps 0 tt to LH a a u m u E m Sm E E O O OO Main p 31024 Kbps Base Station 8 z OE 192 168 1 250 WiFi WAN LAN o 192 168 2 254 192 168 2 100 120 192 168 1 254 Please click on Advance gt QoS and follow the below setting 107 QoS Setup Rules QoS List Comment Comment Remark DSCP Bandwidth U D Delete Edit MAC Address Rule No QoS Rule in the List Local IP Destination IP DSCP Class Any Y Protocol Any v Local Port Destination Port Action Remark DSCP No Remark vw Bandwidth O Enable Disable Upload Kbits Download Kbits m Rules Use the rules to define the classifiers After you define the rules you can specify action to act upon the traffic that matches the rules gt Comment Enter a descriptive name for this rule for identifying purposes gt MAC Address Enter MAC address in valid MAC address format xx xx xx xx Xx xx and click Add button to add in the MAC group of each rule Click Remove button can remove MAC address in t
74. used to communicate with RADIUS server e Shared secret A secret key used between system and RADIUS server Supports 8 to 64 characters e Session Timeout The Session timeout is in the range of 0 60 seconds The default is O to disable re authenticate service Amount of time before a client will be required to re authenticate Click Save button to save your changes Click Reboot button to activate your changes 230 8 2 4 Wireless MAC Filter Setup Continue 8 2 3 2 Virtual AP Setup section For each Virtual AP setting the administrator can allow or reject clients to access each Virtual AP MAC Filter Action Only Deny List MAC Add a station MAC Add Enable Disable a lt lt gt gt MAC Filter Setup By default it s Disable Options are Disable Only Deny List MAC or Only Allow List MAC Two ways to set MAC filter rules gt Only Allow List MAC The wireless clients in the Enable list will be allowed to access the Access Point All others or clients in the Disable list will be denied 3 Only Deny List MAC The wireless clients in the Enable list will be denied to access the Access Point All others or clients inthe Disable list will be allowed m Adda station MAC Enter MAC address e g aa bb cc 00 00 0a and click Add button then the MAC address should display in the Enable List There are a maximum of 20 clients allowed in this Enable List The M
75. will start to Resend packet before ACK is received and throughputs become low due to excessively high re transmission ACK Timeout is best determined by distance between the radios data rate of average environment The Timeout value is calculated based on round trip time of packet with a little tolerance So if experiencing re transmissions or poor performance the ACK Timeout could be made longer to accommodate Slot Time and ACK Timeout settings are for long distance links It is important to tweak settings to achieve the optimal result based on requirement Beacon Interval Beacon Interval is in the range of 20 1024 and set in unit of millisecond The default value is 100 MSEC Access Point AP in IEEE 802 11 will send out a special approximated 50 byte frame called Beacon Beacon is broadcast to all the stations provides the basic information of AP such as SSID channel encryption keys signal strength time stamp support data rate All the radio stations received beacon recognizes the existence of such AP and may proceed next actions if the information from AP matches the requirement Beacon is sent on a periodic basis the time interval can be adjusted By increasing the beacon interval you can reduce the number of beacons and associated overhead but that will likely delay the association and roaming process because stations scanning for available access points may miss the beacons You can decrease the be
76. 2 168 2 10 50 B 1200 if 33 Base Station APO1200 find pf g 192 168 1 250 WiFi WAN LAN 192 168 1 254 192 1698 2 254 192 168 2 100 120 Please click on Advance gt Parental Control and follow the below setting Parental Control Rules Parental Control List Comment Comment z Active Delete Edit MAC Address Add Rule No Rule in the List Local IP Destination IP Protocol Any v Local Port Destination Port Active O Enable Disable m Rules control can be managed by a rule Use the settings on this screen to establish an access policy gt Comment Enter a descriptive name for this rule for identifying purposes gt MAC Address Enter MAC address in valid MAC address format xx xx xx xx Xx xx and click Add button to add in the MAC group of each rule Click Remove button can remove MAC address in the group of each rule There are 10 MAC address maximum allowed in each rule gt Local Destination IP Specify local LAN destination IP addresses range required for this rule If you specify local IP addresses range from 192 168 1 1 to 192 168 2 254 The matches a range of local IP addresses include every single IP address from the first to the last so the example above includes everything from 192 168 1 1 to 192 168 2 254 3 Protocol Select Any or specify protocol TCP UDP ICMP URL Blocking and Application from drop down list When you select ICMP or Layer 7 Applicati
77. 2 168 2 254 Configuration in AP Mode including Access Point WDS An access point can be either a main relay or remote base station A main base station is typically connected to a wired network via the Ethernet port A relay base station relays data between main base stations and relay stations or remote base stations with clients A remote base station is the end point to accept connections from wireless clients and pass data upwards to a network wirelessly gt Example 1 Access Point without WDS v Iltcan be deployed as a tradition fixed wireless Access Point a APO1200 192 168 2 254 192 168 2 10 gt Example 2 Access Point with WDS v ltcan be deployed as a tradition fixed wireless Access Point and provides WDS link to expand network WDS Remote Base Station _ APO1200 192 168 2 254 sl l gt Main 192 168 2 10 Base Station 192 168 2 250 192 ae 2 254 192 168 2 A 192 168 2 10 Configuration in WDS Mode Pure WDS An access point can be either a main relay or remote base station A main base station is typically connected to a wired network via the Ethernet port A relay base station relays data between main base stations and relay stations or remote base stations with clients A remote base station is the end point to accept connections from wireless clients and pass data upwards to a network wirelessly In this mode it can support single or multiple WDS links and no
78. 20 80 of 192 168 2 11 The rule 2 won t take effect DMZ Enabled 192 168 2 12 Rule Protocol Private IP Private Port Public Port 1 TCP 192 168 2 11 20 80 20 80 2 TCP 192 168 2 10 22 22 112 5 6 System Status This section breaks down into subsections of System Overview Station Statistics Extra Information and Event Log 5 6 1 Overview Detailed information on System WAN Information LAN Information and DHCP Server Status can be reviewed via this page oystem Host Name Operating Mode Location Description Firmware Version Firmware Date 2000 01 01 00 02 42 System Up Time Device Time System Display the information of the system WCB1200H2PX CPE Mode Outdoor WiF N 5G 00m Cen CPE N5H2 1 0 1 Version 2008 10 27 15 50 04 02 42 System Name The name of the system Operating Mode The mode currently in service Location The reminding note on the geographical location of the system Description The reminding note of the system Firmware Version The current firmware version installed Firmware Date The build time of the firmware installed Device Time The current time of the system y Y y y y y y y System Up Time The time period that system has been in service since last reboot WAN Information Display the information of the WAN interface Lif WAN Information Mode Static Mode MAC Address 00 0C 43 20 60 34 IP Address 192
79. 222 3419 192 168 2254 80 udp 5 192 168 222 138 192 168 2255 138 tcp 118 TIME_WAIT 192 168 222 3421 192 168 2254 80 tcp 90 TIME_WAIT 192 168 222 3413 192 168 2254 980 tcp 431999 ESTABLISHED 192 168 222 3425 1921682254 80 tcp 90 TIME_WAIT 192 168 222 3415 192 168 2254 980 tcp 91 TIME_WAIT 192 168 222 3417 192 168 2254 80 Netstat Information Select NetStatus Information on the drop down list the connection track list should show up the list can be updated using the Refresh button NetStatus will show all connection track on the system the information include Protocol Live Time Status Source Destination IP address and Port Route table information Select Route table information on the drop down list to display route table APO1200 APO1215 could be used as a L2 or L3 device It doesn t support dynamic routing protocols such as RIP or OSPF Static routes to specific hosts networks or default gateway are set up automatically according to the IP configuration of system s interfaces When used as a L2 device it could switch packets and as L3 device it s capable of being a gateway to route packets inward and outward Route Information Destination bateway Netmask Interface 192 168 2 0 0 0 0 0 255 255 255 0 bred 192 168 1 0 0 0 0 0 255 255 255 0 eth2 0 0 0 0 192 168 1 1 0 0 0 0 eth2 ARP table Information Select ARP Table Information on the drop down list to display ARP table ARP associates each IP address
80. 254 80 Netstat Information Select NetStatus Information on the drop down list the connection track list should show up the list can be updated using the Refresh button NetStatus will show all connection track on the system the information include Protocol Live Time Status Source Destination IP address and Port Route table information Select Route table information on the drop down list to display route table APO1200 APO1215 could be used as a L2 or L3 device It doesn t support dynamic routing protocols such as RIP or OSPF Static routes to specific hosts networks or default gateway are set up automatically according to the IP configuration of system s interfaces When used as a L2 device it could switch packets and as L3 device it s capable of being a gateway to route packets inward and outward Route Information Destination Gateway Netmask Interface 192 168 3 0 0 0 0 0 255 255 255 0 bred 192 168 2 0 0 0 0 0 255 255 255 0 apcli 0 0 0 0 192 168 2 1 0 0 0 0 apcli0 ARP table Information Select ARP Table Information on the drop down list to display ARP table ARP associates each IP address to a unique hardware address MAC of a device It is important to have a unique IP address as final destination to switch packets to ARP Table Information IP Address MAC Address Interface 192 168 2 1 00 D0 41 4E 36 61 apcli 192 1683 27 00 74 92 9F 44 98 bred Bridge table information Select
81. 3 Hardware Installation Steps You can refer to the Quick Installation Guide for more detailed instructions Follow the steps mentioned below to install the hardware of APO1200 APO1215 APO1200 m Connect N type antenna to the N type connector on the rear panel m Connect PSE to the PoE connector on the front panel m Connect an Ethernet cable to the PSE and the other end to a computer or a subnet 192 168 2 x m Power on the PSE in order to supply power to APO1200 APO1215 m Connect PSE to the PoE connector on the front panel m Connect an Ethernet cable to the PSE and the other end to a computer or a subnet 192 168 2 x m Power on the PSE in order to supply power to APO1215 14 2 2 Web Management Interface Instructions APO1200 AP01215 supports web based configuration Upon the completion of hardware installation APO1200 APO1215 can be configured through a PC Laptop by using its web browser such as Internet Explorer version 6 0 Default IP Address 192 168 2 254 Default IP Netmask 255 255 255 0 Default User Name and Password The default user name and password for both root manager account and admin manager account are as follows Mode Router AP CPE AP WDS UR CB CPE AP Management Account Root Root Admin Root Root Root Root Admin g Account Account Account Account Account Account Account Account User Name root root admin root root root root admin Password default default admin default default default default
82. 4 6 Network Utility The administrator can diagnose network connectivity via the PING utility Please click on Utilities gt Network Utility and follow the below setting Network Utility Ping Result Destination IP Doamin Count 5 ping Traceroute Destination Host MAX Hop 6 Start Stop Ping This utility will help ping other devices on the network to verify connectivity Ping utility using ICMP packets detects connectivity and latency between two network nodes As result of that packet loss and latency time are available in the Result field while running the PING test gt Destination IP Domain Enter desired domain name i e www google com or IP address of the destination and click ping button to proceed The ping result will be shown in the Result field gt Count By default it s 5 and the range is from 1 to 50 It indicates number of connectivity test m Traceroute Allows tracing the hops from the APO1200 APO1215 device to a selected outgoing IP address It should be used for the finding the route taken by ICMP packets across the network to the destination host The test is started using the Start button click Stop button to stopped test gt Destination Host Specifies the Destination Host for the finding the route taken by ICMP packets across the network gt MAX Hop Specifies the maximum number of hops max time to live value traceroute will probe 202 7 4 7 Reboot This function allow
83. 4 sets of WEP keys Key Length Hex ASCII 64 bit 10 characters 5 characters 128 bit 26 characters 13 characters gt WPA PSK or WPA2 PSK WPA or WPA2 Algorithms allows the system accessing the network by using the WPA PSK protected access WPA General Cipher Suite AES Pre shared Key Group Key Update Period 3600 seconds v Cipher Suite By default it is AES Select either AES or TKIP cipher suites v Pre shared Key Enter the pre shared key the format shall go with the selected key type a Pre shared key can be entered with either a 256 bit secret in 64 HEX digits format or 8 to 63 ASCII characters v Group Key Update Period By default it is 3600 seconds This time interval for rekeying GTK broadcast multicast encryption keys in seconds Entering the time length is required 228 gt WPA Enterprise or WPA2 Enterprise The RADIUS authentication and encryption will be both enabled if this is selected WPA General Cipher Suite AES Group Key Update Period 3600 seconds PMK Cache Period 10 minute Pre Authentication a Disable o Enable Authentication RADIUS Server Authentication Server Port 1812 shared Secret Session Timeout 0 v WPA General Settings e Cipher Suite By default it is AES Select either AES or TKIP cipher suites e Group Key Update Period By default it s 3600 seconds This time interval for rekeying GTK
84. 6 100 AA WPA2PSKAES 11ain Infrastructure Select 253AP5 00 11 a30a 7b ff 100 dd WPA2PSKTKIP 11ain Infrastructure Select m ESSID Available Extend Service Set ID of surrounding Access Points m MAC Address MAC addresses of surrounding Access Points m Signal Received signal strength of all found Access Points m Channel Channel numbers used by all found Access Points m Security Security type by all found Access Points m Band Wireless band used by all found Access Points m Network Type Network type used by all found Access Points m Select Click Select to configure settings and associate with chosen AP While clicking Select button in the Site Survey Table the ESSID and Security Type will apply in the Wireless Profile Setup However more settings are needed including Security Key 88 5 2 4 Create Wireless Profile The administrator can configure station profiles via this page Please click on Wireless gt Wireless Profile and follow the below setting Station Profile System Configuration Profile List MAC Address 00 26 CE 01 C6 92 Active Profile Name ESSID Security Type Delete Profile Name O AP Profiled default NONE Delete ESSID security Policy Security Type NONE v Save m MAC Address The MAC address of the Wireless Station is displayed here Profile Name Set different profiles for quick connection uses m ESSID Assign Service Set ID for the wireles
85. 8 2 10 ANY FTP NO 1024 8196 2 ANY ANY NO 512 512 gt Example 2 On this setting the FTP has 512 Kbps upload and 512 Kbps download on 192 168 2 10 Because rule 1 s priority is higher than rule 2 Rule Source IP Destination IP DSCP Protocol Remark DSCP Bandwidth Up Down 1 ANY ANY NO 512 512 2 192 168 2 10 ANY FTP NO 1024 8196 109 5 5 Resource Sharing 9 5 1 DMZ DMZ is commonly work with the NAT functionality as an alternative of Virtual Server Port Forwarding while wanting all ports of DMZ host visible to Internet users Virtual Server rules have precedence over the DMZ rule In order to use a range of ports available to access to different internal hosts Virtual Server rules are needed NAT 9 8 192 168 2 20 100 e E LETE EEEE a aaa 7 a a a a s a a a a Main 1 Base Station AP O 00 192 168 1 250 WiFi WAN LAN 192 168 1 254 192 168 2 254 192 168 2 10 Please click on Advance gt DMZ and follow the below setting DMZ Setu DMZ DMZ O Enable Disable padares i OE m DMZ By default its Disable Check Enable radial button to enable DMZ m IP Address Enter IP address of DMZ host and only one DMZ host is supported Click Save button to save your changes Click Reboot button to activate your changes 110 5 5 2 Virtual Server Port Forwarding Virtual Server can also referred to
86. 92 168 2 0 0 0 0 0 255 255 255 0 U 0 0 0 bred 127 0 0 0 0 0 0 0 255 255 255 0 U 0 0 0 lo 0 0 0 0 192 168 2 1 0 0 0 0 UG 0 0 0 bret ARP table Information Select ARP Table Information on the drop down list to display ARP table ARP associates each IP address to a unique hardware address MAC of a device It is important to have a unique IP address as final destination to switch packets to ARP Table Information IP Address HWW Type Flags HW Address Mask Device 192 168 2 22 0x1 One 00 14 92 9F 44 98 bred Bridge table information Select Bridge Table information on the drop down list to display bridge table Bridge table will show Bridge ID and STP s Status on the each Ethernet bridge and its attached interfaces the Bridge Port should be attached to some interfaces e g eth2 ra0 ra6 and wdsO wds3 Bridge Table Information Bridge Port Bridge ID STP Enabled Interface bred 8000 000c432880b0 no eth raQ Bridge MAC information Select Bridge MACs Information on the drop down list to display MAC table This table displays local MAC addresses associated with wired or wireless interfaces but also remember non local MAC addresses learned from wired or wireless interfaces Ageing timers will be reset when existing MAC addresses in table are learned again or added when new MAC addresses are seen from wired or wireless interfaces as well When time runs out for a particular entry it will be pruned from the table
87. AC addresses of the wireless clients can be added and removed to the list using the Add and Remove buttons Click Reboot button to activate your changes MAC Access Control is the weakest security approach WPA and WPA2 security method is highly recommended 231 8 3 Wireless Network Expansion The administrator could create WDS Links to expand wireless network When WDS is enabled access point functions as a wireless bridge and is able to communicate with other access points via WDS links A WDS link is bidirectional and both side must support WDS Access points know each other by MAC Address In other words each access point needs to include MAC address of ts peer Ensure all access points are configured with the same channel and own same security type settings NAT WDS ag noo 192 168 2 20 100 Base Station 5 APO1200 192 168 2 10 WAN WLAN 192 168 1 254 192 168 2 254 Please click on Wireless gt WDS Setup and follow the below setting WDS Setup Security WDS MAC List Security Type Disable v Enable WDS Peer s MAC Address Description O 01 O 02 O 03 O 04 m Security Type Option is Disable WEP TKIP or AES from drop down list Needs the same type to build WDS links Security type takes effect when WDS is enabled gt WEP Key Enter 5 13 ASCII or 10 26 HEX format WEP key gt TKIP Key Enter 8 to 63 ASCII or 64 HEX format TKIP key gt AES Key Enter 8 to
88. APO1215 are in different subnet from those connected to Internet NAT WDS g Remote 192 168 2 20 100 Base Station APO1200 192 168 2 10 WAN WLAN 192 168 1 254 192 168 2 254 Figure 8 1 Router AP mode network configuration 212 8 1 2 Configure WAN Setup There are three connection types for the WAN port Static IP Dynamic IP PPPoE and PPTP Please click on System gt WAN and follow the below setting WAN Setup Internet Connection Type DNS Mode Static IP O Dynamic IP PPPoE PPTP DNS No Default DNS Server Specify DNS Server IP Primary Static IP a IP Address 192 168 2 254 IP Netmask 255 255 255 0 MAC Clone IP Gateway 192 168 2 1 Keep Default MAC Address Clone MAC Address 00 14 92 9F A4 9B O Manual MAC Address m Mode By default it s Static IP Check Static IP Dynamic IP PPPoE or PPTP to set up system WAN IP gt Static IP Users can manually setup the WAN IP address with a static IP provided by WISP v IP Address The IP address of the WAN port default IP address is 192 168 1 254 v IP Netmask The Subnet mask of the WAN port default Netmask is 255 255 255 0 v IP Gateway The default gateway of the WAN port default Gateway is 192 168 1 1 gt Dynamic IP Please consult with WISP for correct wireless settings to associate with WISP AP before a dynamic IP along with related IP settings including DNS can be available from DHCP server If IP
89. Address is not assigned please double check with your wireless settings and ensure successful association Also you may go to WAN Information in the Overview page to click Release button to release IP address and click Renew button to renew Dynamic IP IP address Hostname again v Hostname The Hostname of the WAN port gt PPPoE To create wireless PPPoE WAN connection to a PPPoE server in network PPPoE User name Password Recoonect Mode Always On O On Demand O Manual Idle Time minutes MTU 1492 213 v User Name Enter User Name for PPPoE connection v Password Enter Password for PPPoE connection v Reconnect Mode e Always on A connection to Internet is always maintained e On Demand A connection to Internet is made as needed e Manual Click the Connect button on WAN Information in the Overview page to connect to the Internet v idle Time Time to last before disconnecting PPPoE session when it is idle Enter preferred Idle Time in minutes Default is 0 indicates disabled When Idle time is disabled the Reconnect Mode will turn out Always on v MTU By default it s 1492 bytes MTU stands for Maximum Transmission Unit Consult with WISP for a correct MTU setting gt PPTP The Point to Point Tunneling Protocol PPTP mode enables the implementation of secure multi protocol Virtual Private Networks VPNs through public networks PPTP IP
90. Altos Wireless N A 5GHz 200mW Outdoor AP Model APO1200 AP01215 User s Manual V 1 0 Table of Contents CHAPTER T SYSTEM OVERVIEW cuasi islote 1 Ms O TI II II R 1 aro TE MOONE Did ol aa o a os 2 1 3 APPLICATIONS IN WIRELESS NETWORK ad 3 Pee PRODUC MBENE led da 7 WN PE FEIE A NON nic E E Pettis A E N 8 CHAPTER 2 BASIC INSTALLATION 2 A aaa aaaea aTe Eae Nana atac 12 21 HARDWARE INSTALLATION A A A wet dese ekasss 12 Bala acka GE CONES ld E 12 2 de Panel FUNCION DOS CAPI Sa A E E e anes N E 12 2 k3 Hardware INSTANAUON E sd rodas acid 14 2 2 WEB MANAGEMENT INTERFACE INSTRUCTION S sii ir AAA nda dasdotedecdonteleadecss 15 CHAPTER 3 AP MODE CONFIGURA TON si A E A 17 3 1 EXTERNAL NE WORK CONNECTION atada ici 17 ON N NANN 17 TLA OMAN E ir a aa 18 3 2 WIRELESS LAN NETWORK CREATION vecs 20 DET Wireless Generalo glUD sce sees e a a a E 20 dee Wireless Advanced SOTO rh is aa a a aa a daa eae eae eal ne dele ceah ds 22 AO VIN GIA VAF ee ea a a a a a a a ad costal et Cee 28 329 k Virtual AP OVS AA E A ERSA 28 3232 V Wa AFR SCI E RS N N 29 3 2 4 Wireless MAC FMERS UD renina E EEE NE E E e a E AE 33 3 3 WIRELESS NETWORK EXPANSION 0 iia add 34 OAS STEM IMIANA CEMENTO 35 34 1 GONAQUE Mana CNN llore idiotas 35 34 2 CONg re System TI E aeren e nA E E AA a E R 38 sA SCONE IIED sisena E a a e a a R 39 3 4 4 Backup Restore ANG Res t LO AA 4 DAD IMMWANLC NS DOM AOC A A E as 42 DOIN CIW OIC GUY dde 43 E ised co haces II E A 44 SS ST
91. DNS The secondary DNS server in service 13 IP Address The management IP of system By default it s 192 168 2 254 IP Gateway The gateway IP address and by default it s 192 168 2 1 LAN Information Display total received and transmitted statistics on the LAN interface y y y y y LAN Information MAC Address 00 0C 43 28 60 30 ecelve Bytes Co Co Pi Receive Packets tare Ea Transmit Bytes Pu Bi D Mo o PA Transmit Packets MAC Address The MAC address of the LAN port Receive bytes The total received packets in bytes on the LAN port Receive packets The total received packets of the LAN port Transmit bytes The total transmitted packets in bytes of the LAN port Transmit packets The total transmitted packets of the LAN port Wireless Information Display the detailed receive and transmit statistics of Wireless interface Y Y Y y y y y Wireless Information MAC Address 00 11 43 D4 7B FA Channel 44 Rate 300 Mb s Receive Bytes 167110 Receive Packets 706 Transmit Bytes 15373 Transmit Packets 104 MAC Address The MAC address of the Wireless port Channel The current channel on the Wireless port Rate The current Bit Rate on the Wireless port Receive bytes The total received packets in bytes on the Wireless port Receive packets The total received packets of the Wireless port Transmit bytes The total transmitted packets in bytes of the Wirele
92. E Sd de o tact sits scat 45 EA O A Scalostshantthods dada e a aa etskaiouletastereneaes 45 Jor e EA E etal a i Mate eae trans 47 TD CROW VIS LINES AS A SA vas 48 TOMEMOS ON AO citada 49 ISS EVON LOG ARA A A PTO oo Or ee eee 51 CHAPTER 4 WDS MODE CONFIGURATION ssuuiiaiic tias 52 E T EXTERNAL NETWORK CONNECT Ni di lo 52 4 1 1 Network OUT A Ed SEEE 52 A he CONQUE 53 AZ WIRELESS NETWORK EXPANS ON AN ii 54 AN A A OER Ler aecee 54 422 WWAKEIESS AVANCE SUD iii re icon S6 423 O SO O o la 62 AS SYSTEM MANAGEMENT os e dit 63 ASA CONQUE MINA te da dd od 63 4 32 CONMQUEO O YS CIO TINE AAA AS AAA AA AA AAA AA 66 43 3 CONQUE SNMP SOU seire catia A id la 67 4 3 4 Backup Restore and Reset to FACIOIY ii rics ated raakoina niacin eal cal ea iaaea 69 SN o A A A SANN 70 a DOING WV OVI HEINEY od reas ste A A O AN 71 SP PRCT OO a area cach assests A AS ROSA A Ba en eM tale ota A 72 AA SYSTEMS TALUS escort A secet cesta cca leeeleoave capenetnesee siveeeaateaetnee casita sautialee A N A E hs 73 dA SV SLOVO VOTO A O ER O II In 73 LAZ SA A ee one cere ee arn a Oe ORS ere erg ee 75 RREA EU UNO o R 76 LAA EVON LOG da E ota teh oat 78 CHAPTER 5 CPE MODE CONFIGURATION sicisinsseccccvcccasscssessencesosdsssesasuasnnsncensescensssenssenseesssenadvassebossesedessensesdesssopendeeduaewoenasacensecdens 79 p MEXTERNAL INETWORK CONNECTION o e e e o e ta a e do 79 DAN CIWOTK EQUINOS 79 5 12 CONQUE WAN SC UD O acd cos cise cae hse aed patie aa E cud tine era a E
93. EAE E EE E ETEA EE een ene ee OEE 252 A A A E E AE E A ETETEN 252 9 0 2 Virtual Server FON t OlWarGin it dol did ica 253 Sos sl AE one E E EEE EA OE en eee ee en ee eee 255 OF OVT W RR 255 8 7 2 ASSOCl ted Chens SINUS ii T A EET E EN AE E ANA NA 258 SAS SOW WDS LINK SIUS e a e E ON NEN 259 BE A A O A eee ern Ss 260 A O Ameena ea cata beta ance htm daria acid 262 TF OV CINE LOQ hess acts see eee teen at csr E ees ie ae ead cand ewe eye ata ae besa tee a vee aurea ota dele Sat en vee abe 263 APPENDIX A WINDOWS TCP IP SETTING Susi checese ies aaa aaa a a ia oaea aanas 264 APPENDIX B WEB GUI VALID CHARACTERS suicida acond 266 APPENDIX C MCS DATA RATE coi A de 269 APPENDIX D SYSTEM MANAGER PRIVILEGES enoessesseesesscescsccesoescesccscssosscescesoesocsoceccsccssesscsscesossoesossccsocsossosscesoessesoessossesse 270 APPENDIX E ENABLING UPNP IN WINDOWS XP esoessessessessesecscceccescescsscesoscossoescesocscesosscesccsocsocsocscosccescescsscsscssossosseesossossoe 271 TECHNICAL SUPPORT iscssscsssssossssssesscessses canasasguceseaaeaasauenseansopssupnasansasaenagaannsssopacnanaonssea onsauanqavnaneabaussebssonaveseasanssnabonumens casadas iodid ranas 273 Chapter 1 System Overview 1 1 Introduction Airlink101 Wireless N A 5GHz 200mW Outdoor Access Point APO1200 Wireless N A 5GHz 200mW Outdoor Access Point with 15dBi Patch Antenna APO1215 is the point of connection to Wireless Outdoor Network for service provider deploying
94. E_WAIT 192168222 3415 192 168 2 254 80 tcp 91 TIME_WAIT 192 168 2 22 3417 192 168 2 254 80 Route table information Select Route table information on the drop down list to display route table APO1200 APO1215 could be used as a L2 or L3 device It doesn t support dynamic routing protocols such as RIP or OSPF Static routes to specific hosts networks or default gateway are set up automatically according to the IP configuration of system s interfaces When used as a L2 device it could switch packets and as L3 device it s capable of being a gateway to route packets inward and outward Route Information Destination Gateway Genmask Flags Metric Ref Use Iface 192 168 2 0 0 0 0 0 255 255 255 0 U 0 0 0 bred 127 0 0 0 0 0 0 0 255 255 255 0 U o 0 0 lo 0 0 0 0 192 158 2 1 0 0 0 0 UG O 0 0 bret ARP table Information Select ARP Table Information on the drop down list to display ARP table ARP associates each IP address to a unique hardware address MAC of a device It is important to have a unique IP address as final destination to switch packets to ARP Table Information IP Address HWW Type Flags HW Address Mask Device 192 168 2 22 0x1 Oxe 00 14 92 9F 44 98 g bred Bridge table information Select Bridge Table information on the drop down list to display bridge table Bridge table will show Bridge ID and STP s Status on the each Ethernet bridge and its attached interfaces the Bridge Port should be attached to som
95. Function Descriptions APO1200 Front Panel Rear Panel 1 Reboot Button Unscrew the screw and click Reset button to restart system or reset to default configurations gt Press and hold the Reset button for 2 seconds and release to restart system The LED except Power indicator will be off before restarting gt Press and hold the Reset button for more than 10 seconds to reset the system to default configurations Power Green LED ON indicates power on and OFF indicates power off WLAN Green LED FLASH indicates Wireless Transmit LAN Green LED ON indicates connection OFF indicates no connection FLASH indicates packets transmit PoE Connector For connecting to PSE oS oO Pe 9 N N type Connector For connecting to N Type Antenna 12 APO1200 Front Panel Rear Panel 1 Reboot Button Unscrew the screw and click Reset button to restart system or reset to default configurations gt Press and hold the Reset button for 2 seconds and release to restart system The LED except Power indicator will be off before restarting gt Press and hold the Reset button for more than 10 seconds to reset the system to default configurations Power Green LED ON indicates power on and OFF indicates power off WLAN Green LED FLASH indicates Wireless Transmit LAN Green LED ON indicates connection OFF indicates no connection FLASH indicates packets transmit NN E PoE Connector For connecting to PSE 13 2 1
96. GURATION o occccnccinocconoccnncconocionoconocconoconnnconocoonocconoccnocconaccnnncconoconacconocconaconnconocconaccnass 212 8 1 EXTERNAL NETWORK CONNECTION acacia iia A EA ATA 212 O21 TINGIWON REQUIEM lu 212 9 12 CONGUE WAN SCI AT 213 8 29 Congre DON SS UD A tried 216 Oe 14 GONTQUES LAN SC UD tl laca 217 8 2 WIRELESS LAN NETWORK CREATION unas SS R T A R AS 218 9 221 Wireless GOMECI al SUIS E E T EEA T 218 8 2 2 Wireless Advanced SOUND serret iiser i aes reent ea E ERN BERENE EEEE EE EE Geta acd AEE ENNEN EAE E EA a Mia O aa E 220 823 Greate MINA AP VA AA A S ORA 226 a UI IA A PP a EO ne AS 226 LA NS A ee ene no eer ee 227 8 2 4 Wireless MAC Filter Setup a ia A aa ities ei ha dow 231 8 3 WIRELESS NETWORK EXPANSION E Moe aman 232 OASYS TEMIMANA CEMENTO eae eh A tad 233 84 1 CONQUE MANGO CIN CN sath es osc ctsct iat ROA ese caret tad 233 GAL CONNOULE SVSICTI IC RS A hoknseeo tes 236 ron Brig G0 4 0 0 EUF IE meee et nee eee Re Mr eR nr eg eNO en ree oe pe eee 237 8 44 CONMQUIESSINMIP SOU a A Ad 238 8 4 5 Backup Restore and Reset to FAC Vias 240 SAO EMV AO DO E E ES 24 OT INCI WV OTIC OMV diosas 242 oA FAC OO OOOO UP UNe A PA eeates nee av cde 243 G 0 ACCESS CONTROL EIST ic cette de n r dd lo ae 244 EDS A ITIP SOLID AAA Pe ttt eat eta net SR el acetic ha cae a att okes tech SO 244 8 9 2 MAC FINer SGUD cerai a ENE A NE 246 A E EA ee Go eS 247 O GOO SOTO ri E a re O E O sibel data 249 GO RESOURCE SHARIN ieee ee ee en E A
97. Green Field gt Country NONE v O Channel BandWidth 20 20 40 adeeb Guard Interval O Long O Auto MCS Auto HT Other Reverse Direction Grant oe HT TxStream 2 Y RDG Disable Enable HT RxStream 2 v A MSDU O Disable O Enable Auto Block ACK Disable O Enable Decline BA Request O Disable Enable Band Mode Select an appropriate wireless band bands available are 801 11aor 802 11a n mixed mode Transmit Rate Control Select the desired rate from the drop down list the options are auto or ranging from 6 to 54 Mbps for 802 11a Country Select the desired country code from the drop down list the options are US ETSI JP and NONE m Tx Power You can adjust the output power of the system to get the appropriate coverage for your wireless network Specify digit number between 7 to 100 the unit is for your environment If you are not sure of which setting to choose then keep the default setting 100 When Band Mode select in 802 11a only mode the HT High Throughput Physical Mode and 11n Configuration settings should be hidden immediately m Operating Mode By default it s Mixed Mode gt Mixed Mode In this mode packets are transmitted with a preamble compatible with the legacy 802 11a g the rest of the packet has a new format In this mode the receiver shall be able to decode both the Mixed Mode packets and legacy packets gt Green Field In this mode high throughput
98. HEX format TKIP key gt AES Key Enter 8 to 63 ASCII or 64 HEX format AES key WDS MAC List gt Enable Click Enable to create WDS link gt WDS Peer s MAC Address Enter the MAC address of WDS peer gt Description Description of WDS link a The WDS link needs to be set at same Channel and Security Type between WDS link Click Save button to save your changes Click Reboot button to activate your changes 62 4 3 System Management 4 3 1 Configure Management Administrator could specify geographical location of the system via instructions in this page Administrator could also enter new Root and Admin passwords and allow multiple login methods Please click System gt Management and follow the below settings Management Setup System Information Admin Login Methods System Name WCB1200H2PX Enable HTTP Y Port 80 Description Outdoor WiFi N 5G 200mW Enable HTTPS Port 443 UploadKey nani Enable Telnet Port 23 E Enable SSH Y Port 22 Root Password Host Key Footprint ssh rsa AAAAB3NzaCiyc2EAAAADAQABAAAAgw New Root Password Check Root Password nep Ping Watchdog E E dl Ping Watchdog O Enable Disable Admin Password IP Address To Ping New Admin Password Ping Interval Seconds Check New Password Startup Delay Seconds Failure Count To Reboot m System Information gt System Name Enter a desired name or use the default one 3 Description Provide description o
99. Hz channel on which power is restricted the wireless device automatically reduces transmit power to comply with power limits for that channel in that regulatory domain The Channel 52 140 is DFS channel If turns on IEEE802 11H AP Will have 60 sec to do channel available a check and will not send beacon and can not be connect When APO1200 APO1215 detect radar 5GHZ signal the AP will switch channel and stop beacon transmit between 15 sec WMM By default it s Disable To Enable is to use WMM and the WMM parameters should appears 132 WMM Parameters of Access Point Aifsn CWMin CWMax Txop ACM AckPolicy ac BE 3 is es fo O O acBK 7 isiv 1023 o _ Oo O acme k CE hsm a 0 Oo AC_VO i bE a w 0 O WMM Parameters of Station Aifsn CWiMin CWilax Txop ACM cee b as 102353 o O AC_BK 7 15 M 1023 bo O AC VI 2 7 15 M 94 O AC_VO 2 3 sl 7 e laz O a When you enable WMM the Tx Burst will be Disabled automatically by system WMM Parameters of Access Point This affects traffic flowing from the access point to the client station Data Transmitted Queue AP to Clients Priority Description AC BK Background iow High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AC_BE Best Effort Medium Medium throughput and delay Most traditional IP data is s
100. IDIA nForce Networking Controller This connection uses the following tems los Packet Scheduler AEGIS Protocol IEEE 802 1 3 4 70 0 ug Intemet Protocol TCP IP Install Uninstall Description Transmission Control Protocol Internet Protocol The default Wide area network protocol that provides communication across diverse interconnected networks C Show icon in notification area when connected Notify me when this connection has limited or no connectivity 4 Select Use the following IP address and type in IP address 192 168 2 100 Subnet mask 255 255 255 0 Internet Protocol TCP IP Properties fou can get IF settings assigned automatically if your network supports this capability Otherwise you need to ask pour network administrator for the appropriate IP settings Obtain an IP address automatically Use the following IP address IP address 197 168 2 100 Subnet mask 255 255 255 0 Obtain ONS server address automatically 5 Use the following ONS server addresses Alternate ONS server Preferred ONS server as 265 Appendix B WEB GUI Valid Characters Table B WEB GUI Valid Characters Block Field Valid Characters LAN IP Address IP Format 1 254 IP Netmask 128 0 0 0 255 255 255 252 IP Gateway IP Format 1 254 Primary DNS IP Format 1 254 secondary DNS IP Format 1 254 Hostname L
101. IP WINS IP Domain Lease Time gt DHCP Check Enable button to activate this function or Disable to deactivate this service gt Start IP End IP Specify the range of IP addresses to be used by the DHCP server when assigning IP address to clients The default range IP address is 192 168 2 10 to 192 168 2 70 the netmask is 255 255 255 0 gt DNS1 IP Enter IP address of the first DNS server this field is required gt DNS2 IP Enter IP address of the second DNS server this is optional gt WINS IP Enter IP address of the Windows Internet Name Service WINS server this is optional gt Domain Enter the domain name for this network gt Lease Time The IP addresses given out by the DHCP server will only be valid for the duration specified by the lease time Increasing the time ensure client operation without interruptions but could introduce potential conflicts Lowering the lease time will avoid potential address conflicts but might cause more interruptions to the client while it will acquire new IP addresses from the DHCP server Default is 86400 seconds Click Save button to save your changes Click Reboot button to activate your changes 217 8 2 Wireless LAN Network Creation The network manager can configure related wireless settings General Settings Advanced Settings Virtual AP VAP Setting Security Settings and MAC Filter Settings 8 2 1 Wireless General Setup The administrator can change the data transmiss
102. IP Address To Ping New Admin Password Ping Interval Seconds Check New Password Startup Delay Seconds Failure Count To Reboot m System Information gt System Name Enter a desired name or use the default one 3 Description Provide description of the system 3 Location Enter geographical location information of the system It helps administrator to locate the system easier The system supports two management accounts root and admin The network manager is assigned with full administrative privileges when logging in as root user to manage the system in all aspects While logging in as an admin user only subset of privileges is granted such as basic maintenance For example root user can change passwords for both root and admin account and admin user can only manage its own For more information about covered privileges for these two accounts please refer to Appendix D Network manager Privileges Root Password Log in as a root user and is allowed to change its own plus admin user s password gt New Password Enter a new password if desired gt Check New Password Enter the same new password again to check Admin Password Log in as a admin user and is allowed to change its own gt New Password Enter a new password if desired gt Check New Password Enter the same new password again to check 91 Admin Login Methods Only root user can enable or disable system login methods and change ser
103. In that situation switching packet to that particular MAC address will be dropped 49 Port PrimarAP WDS0 LAN PrimarnAP LAN Bridge MACs Information MAC Address 00 06 b1 13 35 8f 00 11 a30a 7b H 00 11 a3 0a b f9 00 11 a3 0a 7b fa 00 13 92 9 a4 9b Ageing Timer 157 50 2 05 0 00 0 00 0 10 Bridge STP Information Select Bridge STP Information on the drop down list to display a list of bridge STP information Bridge STP Information bred bridge id designated root root port max age hello time forward delay ageing time hello timer topology change timer flags eth2 1 9000 000c43285008 2000 000c43235008 0 20 00 2 00 15 00 300 00 0 84 0 00 path cost bridge max age bridge hello time bridge forward delay ten timer gc timer port id designated root designated bridge designated port designated cost flags ral 2 port id designated root designated bridge designated port designated cost flags 6001 8000 000c43285008 0000 000c43235005 6001 0 8002 0000 000c43235005 8000 000c43285008 ogiz 0 50 State path cost message age timer forward delay timer hold timer State path cost message age timer forward delay timer hold timer 20 00 2 00 15 00 0 00 2 83 forwarding 100 0 00 0 00 0 85 forwarding 100 0 00 0 00 0 85 3 5 5 Event Log The Event log displays system events when system is up and running Also it becomes very u
104. Local Mame Description Status Startup Type Log On As Ba Shell Hardware Det Started Automatic Local System Ba Smart Card Manages a Manual Local Service zta SSDP Discovery Ser Enables dis Started Manual Local Service Ba System Event Motifi Tracks syst Started Automatic Local System System Restore Se Performs s Started Automatic Local System Ba Task Scheduler Enables a Started Automatic Local System Ba TCP IP NetBIOS He Enables su Started Automatic Local Service a Telephony Provides T Started Manual Local System Extended JA Standard After enabling UPnP and starting the SSDP Discovery Service it may take few minutes for the Air Force One 5 to be discovered and appear in your My Network Places Y My Network Places File Edit View Favorites Tools Help gt gt ya Search Folders Fst A r me E r Address 4 My Network Places Name Comments Network Tasks 4 APO1200 Outdoor WiFi N 5G 200mW 212 Technical Support E mail support airlink101 com Toll Free 1 888 746 3238 Web Site www airlink101 com Theoretical maximum wireless signal rate derived from IEEE standard 802 11 specifications Actual data throughput will vary Network conditions and environmental factors including volume of network traffic building materials and construction mix of wireless products used radio frequency interference e g c
105. No ACK When the no acknowledgment No ACK policy is used the recipient does not acknowledge received packets during wireless packet exchange This policy is suitable in the environment where communication quality is fine and interference is weak While the No ACK policy helps improve transmission efficiency it can cause increased packet loss when communication quality deteriorates This is because when this policy is used a sender does not retransmit packets that have not been received by the recipient When the Normal ACK policy is used the recipient acknowledges each received unicast packet gt WMM Parameters of Station This affects traffic flowing from the client station to the access point Data Transmitted so ee Queue Clients to AP Priority Description AC BK Background aa High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AC_BE Best Effort Medium Medium throughput and delay Most traditional IP data is sent to this queue AC_VI Video High Minimum delay Time sensitive video data is automatically sent to this queue AC VO Voice High re aa data like VoIP and streaming media are automatically sent to this Aifsn The Arbitration Inter Frame Spacing Number specifies a wait time in milliseconds for data frames CWmin Minimum Contention Window This parameter is input to the algorithm that determines the initial ran
106. P Domain Lease Time gt DHCP Check Enable button to activate this function or Disable to deactivate this service gt Start IP End IP Specify the range of IP addresses to be used by the DHCP server when assigning IP address to clients The default range IP address is 192 168 2 10 to 192 168 2 70 the netmask is 255 255 255 0 gt DNS1 IP Enter IP address of the first DNS server this field is required gt DNS2 IP Enter IP address of the second DNS server this is optional gt WINS IP Enter IP address of the Windows Internet Name Service WINS server this is optional gt Domain Enter the domain name for this network gt Lease Time The IP addresses given out by the DHCP server will only be valid for the duration specified by the lease time Increasing the time ensure client operation without interruptions but could introduce potential conflicts Lowering the lease time will avoid potential address conflicts but might cause more interruptions to the client while it will acquire new IP addresses from the DHCP server Default is 86400 seconds Click Save button to save your changes Click Reboot button to activate your changes 84 5 2 Access Point Association 5 2 1 Configure Wireless General Setting The administrator can change the data transmission channel and output power settings for the system Please click on Wireless gt General Setup and follow the below setting Wireless Setup General Configuration HT
107. P address of WAN port WAN Information Mode PPPoE Mode Reconnect Mode Manual Mode Supports Static Dynamic PPPoE and PPTP modes Reconnect Mode The current reconnect mode of the PPPoE or PPTP MAC Address The MAC address of the WAN port IP Address The IP address of the WAN port IP Netmask The IP netmask of the WAN port IP Gateway The gateway IP address of the WAN port Primary DNS The primary DNS server in service Y Y Y y y y y y Secondary DNS The secondary DNS server in service LAN Information Display total received and transmitted statistics on the LAN interface LAN Information MAC Addre IP Addre IP Netmask 237 00 0C 43 22 50 30 z8 2254 192 166 2 254 2059 209 255 0 Receive Bytes a 2 lecelwe Packets 1 Transmit Bytes 37 3 Transmit Packets MAC Address The MAC address of the LAN port IP Address The IP address of the LAN port IP Netmask The IP netmask of the LAN port Receive bytes The total received packets in bytes on the LAN port Receive packets The total received packets of the LAN port Transmit bytes The total transmitted packets in bytes of the LAN port Y Y y y y y y Transmit packets The total transmitted packets of the LAN port 167 Wireless Information Display the detailed receive and transmit statistics of Wireless interface Wireless Information APMAC Addrezs Station MAC Address Channel AP Rate Station Rate
108. PING test gt Destination IP Domain Enter desired domain name i e www google com or IP address of the destination and click ping button to proceed The ping result will be shown in the Result field gt Count By default it s 5 and the range is from 1 to 50 It indicates number of connectivity test m Traceroute Allows tracing the hops from the APO1200 APO1215 device to a selected outgoing IP address It should be used for the finding the route taken by ICMP packets across the network to the destination host The test is started using the Start button click Stop button to stopped test gt Destination Host Specifies the Destination Host for the finding the route taken by ICMP packets across the network gt MAX Hop Specifies the maximum number of hops max time to live value traceroute will probe 71 4 3 7 Reboot This function allows user to restart system with existing or most current settings when changes are made Click Reboot button to proceed and take around three minutes to complete Reboot o You must be reboot the system after changing settings Rebcoting the system will not delete any of your configuration settings Click reboot button to reboot the system A reminder will be available for remaining time to complete If power cycle is necessary please wait till completion of the reboot process Please Wait The System Overview page appears upon the completion of reboot 4 4 System Status
109. Physical Mode Band Mode 802 11 a n mixed mode Operating Mode Mixed Mode O Green Field Country NONE bi Channel BandWidth O 20 Auto Tx Power 10 Guard Interval O Long Auto MCS Auto 11n Configuration MPDU Enable O Enable Disable A MPDU Manual Auto MPDU Density A MSDU O Enable O Disable m Band Mode Select an appropriate wireless band bands available are 801 11a or 802 11a n mixed mode Country Select the desired country code from the drop down list the options are US ETSI JP and NONE m Tx Power You can adjust the output power of the system to get the appropriate coverage for your wireless network Specify digit number between 7 to 100 the unit is for your environment If you are not sure of which setting to choose then keep the default setting 100 When Band Mode select in 802 11a only mode the HT High Throughput Physical Mode and 11n Configuration settings should be hidden immediately m Operating Mode By default it s Mixed Mode gt Mixed Mode In this mode packets are transmitted with a preamble compatible with the legacy 802 11a g the rest of the packet has a new format In this mode the receiver shall be able to decode both the Mixed Mode packets and legacy packets gt Green Field In this mode high throughput packets are transmitted without a legacy compatible part m Channel Bandwidth The Auto MHz option is usually best The other option is available for sp
110. PnP works on TCP IP network to enable UPnP devices to connect and access to each other very well adopted in home networking environment UPNP Setup UPNP UPNP Enable Disable UPnP By default it s Disable Select Enable or Disable of UPnP Service Click Save button to save changes and click Reboot button to activate changes For UPnP to work in Windows XP the APO 1200 APO1215 must be available in My Network Places If these devices are not available you should verify that the correct components and services are loaded in Windows XP Please refer to Appendix E Using UPnP on Windows XP 237 3 4 4 Configure SNMP Setup SNMP is an application layer protocol that provides a message format for communication between SNMP managers and agents By enabling SNMP function the administrator can obtain the system information remotely Please click on System gt SNMP Setup and follow the below setting SNMP Setup Enable O Enable F Enable E SNMP v2c Enable Check to enable SNMP v2c SNMP v2c Enable ro community re community gt ro community Set a community string to authorize read only access gt rw community Set a community string to authorize read write access SNMP v3 Enable Check to enable SNMP v3 SNMPv3 supports the highest level SNMP security SNMP v3 Enable SNMP ro user SNMP ro password SNMP ru user SNMP rw password SNMP
111. Settings Advanced Settings Virtual AP VAP Setting Security Settings and MAC Filter Settings 3 2 1 Wireless General Setup The administrator can change the data transmission channel and output power settings for the system Please click on Wireless gt General Setup and follow the below setting Wireless Setup General Setup HT Physical Mode MAC Address 00 11 43 04 7B F2 Operating Mode O Mixed Mode O Green Field Band Mode 802 11 a n mixed mode N Channel BandWidth 20 20 40 aie Menahie O nieahle Pa renee oe Guard Interval O Long O auto E j A Country NONE MCS Auto Channel Frequency 44 5220MHz v Reverse Direction Grant Tx Power 100 o RDG Disable Enable A MSDU Disable O Enable HT Other Auto Block ACK Disable Enable T Tw as Epa a A a aot A oe a O a HT TxStream 2 Decline BA Request S Disable _ Enable HT RxStream 2 vw Save m MAC Address The MAC address of the Wireless interface is displayed here m Band Mode Select an appropriate wireless band bands available are 801 11a or 802 11a n mixed mode AP isolation Select Enable all clients will be isolated from each VAP that means different VAP s clients can not reach to each other Transmit Rate Control Select the desired rate from the drop down list the options are auto or ranging from 6 to 54Mbps only for 802 11a mode Country Select the desired country code from the drop do
112. Tool Default is 300 seconds Startup Delay specify initial time delay in seconds until first ICMP echo requests are sent by the Ping Watchdog Tool The value of Startup Delay should be at least 60 seconds as the network interface and wireless connection initialization takes considerable amount of time if the device is rebooted Default is 300 seconds Failure Count To Reboot specify the number of ICMP echo response replies If the specified number of ICMP echo response packets is not received continuously the Ping Watchdog Tool will reboot the device 64 Click Save button to save your changes Click Reboot button to activate your changes Without a valid certificate users may encounter the following problem in IE7 when they try to access system s WMI https 192 168 2 254 There will be a Certificate Error because the browser treats system as an illegal website Certificate Error Navigation Blocked Windows Internet Explorer Ge de le 192 168 2 254 vj File Edit View Favorites Tools Help Ly Favorites y E z Free Hotmail Certificate Error Navigation Blocked There is a problem with this website s security certificate The security certificate presented by this website was not issued by a trusted certificate authority The security certificate presented by this website was issued for a different website s address Security certificate problems may indicate an attem
113. a a 121 CHAPTER 6 CPE AP MODE CONFIGURATION sesseccecccsoccoscescccosccsccsoscesoccoccescesoccoscesoscoscosoccoccosocoosscsccsosooscosoesessosccsessessee 122 6 1 EXTERNALNETWORK CONNECTION arune a E E TAE AEAEE TIRE N E EE EE 122 EVA NEIWOrk CU a a a A O ON Kalle saad ae te tecale hd 122 6 1 2 CORTOUIC WAN SlU eaa e A on 123 DES Conie DNS SUD i A a E E 126 614 Congue LAN SOUL sores hi AON gsc Ns ABS a a a a te a seh le 127 GZ NC Ga aa ONS SOON add hems IN 128 6 2 1 Configure Wireless General Setting Ud A ads 128 622 WNElESSAO VANCES OUD rr r E E lolo To 130 SS AS RN E E Aa EN 136 6 24 Groate MIES RM nd 137 0 90 WIRELESS LAN NETWORK OGREATO Net E E E diets 139 63 FICDEAIEF APS UD a a a a a e lured E AA 139 6 3 2 Wireless MAC Filer SOU a E a aTa 143 DS Y STEM MANAGEMENT LS 144 6 4 1 Configure MAIN Mi A A iia 144 6 42 COMUNE SV SION IM a 147 643 CONNGUIC IN da 148 OA A CORNGUIC SNMP SOUID d a EE Ea EEEE EAE AEA EEE aO CEEE REEE alee NENESE EE 149 6 4 5 Backup Restore and Reset to FACIONY ii A A ia dias 151 bA OFWS OPNA OO iiia EE A E EE E EA T 152 EA TINO A EE AA A A di 153 6 40 CD OO dci 154 0 0 ACCESS CONTROL HS Tetrti di sor 155 E A A A 155 ASS A A Yel aalec iacet ase choles 157 II AENA CONTO SOU sss ia rt ioe tae do dd ed io saa cs 158 CIAO tre AANEEN ENEE cr ett est eee e te cos 160 CORE SOURCE SHARING asia rd rod 163 A SC ner ec Pee eer et er eee en eee ee 163 6 6 2 Vru Server POM FOIMWAIOING otitis 164 AS SU e
114. a community string to authorize read only access gt rw community Set a community string to authorize read write access SNMP v3 Enable Check to enable SNMP v3 SNMPv3 supports the highest level SNMP security SNMP v3 Enable SNMP ro user SNMP ro password SNMP ru user SNMP rw password SNMP ro user Set a community string to authorize read only access SNMP ro password Set a password to authorize read only access SNMP rw user Set a community string to authorize read write access y y y y SNMP rw password Set a password to authorize read write access m SNMP Trap Events such as cold start interface up amp down and association amp disassociation will report to an assigned server 96 SNMP Trap Enable Community Pal gt Community Set a community string required by the remote host computer that will receive trap messages or notices send by the system gt IP Enter the IP addresses of the remote hosts to receive trap messages Click Save button to save changes and click Reboot button to activate 97 5 3 5 Backup Restore and Reset to Factory Backup current configuration restore prior configuration or reset back to factory default configuration can be executed via this page Please click on Utilities gt Profile Setting and follow the below setting Profile Save Profile Save Save Settings To PC Load Settings From PC Browse Upload Reset To Fa
115. acon interval which increases the rate of beacons This will make the association and roaming process very responsive however the network will incur additional overhead and throughput will go down DTIM Interval The DTIM interval is in the range of 1 255 The default is 1 DTIM is defined as Delivery Traffic Indication Message It is used to notify the wireless stations which support power saving mode when to wake up to receive multicast frame DTIM is necessary and critical in wireless environment as a mechanism to fulfill power saving synchronization A DTIM interval is a count of the number of beacon frames that must occur before the access point sends the buffered multicast frames For instance if DTIM Interval is set to 3 then the Wi Fi clients will expect to receive a multicast frame after receiving three Beacon frame The higher DTIM interval will help power saving and possibly decrease wireless throughput in multicast applications 181 Fragment Threshold The Fragment Threshold is in the range of 256 2346 byte The default is 2346 byte Each Wi Fi packet can be divided into smaller packets marked with a sequential fragment number and re assemble in the receiving ends The purpose is to make a short frame instead of long frame transmitting by radio in a heavy noisy environment Because of sending smaller frames corruptions are much less likely to occur The pros is obvious the cons is the overhead for transmission So in a
116. ad System Info dnsmasq 94 reading etc resolv conf Dies System Info dnsmasq 94 using nameserver 192 168 2 1 53 age System Info dnsmasq 94 cleared cache panel System Info Authentication successful for root from 192 168 2 22 Time The date and time when the event occurred Facility lt helps users to identify source of events such System or User m Severity Severity level that a specific event is associated such as info m Message Description of the event Click Refresh button to renew the log or click Clear button to clear all the record 211 warning etc Chapter 8 Router AP Mode Configuration When Router AP mode is chosen the system can be configured as a Router with Access Point and WDS function This section provides detailed explanation for users to configure in the Router AP mode with help of illustrations In the Router AP mode functions listed in the table below are also available from the Web based GUI interface Status Virtual AP Setup Extra Info DDNS WDS Setup 08 Pla anaiena as IO IO Event Log Utilities General Setup System Overview Advanced Setup Station Statistics Functions DDNS O Table 8 1 Router AP Mode Functions 8 1 External Network Connection 8 1 1 Network Requirement It can be used as an Router AP with WDS function In this mode APO1200 APO1215 is a gateway enabled with NAT and DHCP Server functions The wireless clients connected to APO1200
117. address of ts peer Ensure all access points are configured with the same channel and own same security type settings WDS Remote Base Station a APO1200 192 168 2 10 192 168 2 254 Please click on Wireless gt WDS Setup and follow the below setting WDS Setup Security WDS MAC List Security Type Disable v Enable WDS Peer s MAC Address Description O 01 Save m Security Type Option is Disable WEP TKIP or AES from drop down list Needs the same type to build WDS links Security type takes effect when WDS is enabled gt WEP Key Enter 5 13 ASCII or 10 26 HEX format WEP key 3 TKIP Key Enter 8 to 63 ASCII or 64 HEX format TKIP key gt AES Key Enter 8 to 63 ASCII or 64 HEX format AES key WDS MAC List gt Enable Click Enable to create WDS link gt WDS Peer s MAC Address Enter the MAC address of WDS peer gt Description Description of WDS link a The WDS link needs to be set at same Channel and with same Security Type Click Save button to save your changes Click Reboot button to activate your changes 34 3 4 System Management 3 4 1 Configure Management Administrator could specify geographical location of the system via instructions in this page Administrator could also enter new Root and Admin passwords and allow multiple login methods Please click System gt Management and follow the below settings Management Setup
118. al is in the range of 20 1024 and set in unit of millisecond The default value is 100 MSEC Access Point AP in IEEE 802 11 will send out a special approximated 50 byte frame called Beacon Beacon is broadcast to all the stations provides the basic information of AP such as SSID channel encryption keys signal strength time stamp support data rate All the radio stations received beacon recognizes the existence of such AP and may proceed next actions if the information from AP matches the requirement Beacon is sent on a periodic basis the time interval can be adjusted By increasing the beacon interval you can reduce the number of beacons and associated overhead but that will likely delay the association and roaming process because stations scanning for available access points may miss the beacons You can decrease the beacon interval which increases the rate of beacons This will make the association and roaming process very responsive however the network will incur additional overhead and throughput will go down DTIM Interval The DTIM interval is in the range of 1 255 The default is 1 DTIM is defined as Delivery Traffic Indication Message It is used to notify the wireless stations which support power saving mode when to wake up to receive multicast frame DTIM is necessary and critical in wireless environment as a mechanism to fulfill power saving synchronization A DTIM interval is a count of the number of beac
119. ample 1 and 2 demonstrate proper usage of DMZ and Virtual Server rules m Example 1 All connections should be redirected to 192 168 2 12 while DMZ is enabled Since Virtual Server rules have precedence over the DMZ rule all connections to TCP port 22 will be directed to TCP port 22 of 192 168 2 10 and remaining connections to port TCP 20 80 will be redirected to port TCP 20 80 of 192 168 2 11 DMZ Enabled 192 168 2 12 Rule Protocol Private IP Private Port Public Port 1 TCP 192 168 2 10 22 22 2 TCP 192 168 2 11 20 80 20 80 m Example 2 All connections should be redirected to 192 168 2 12 while DMZ is enabled Since Virtual Server rules have precedence over the DMZ rule all other connections to TCP port 20 80 will be redirected to port 20 80 of 192 168 2 11 The rule 2 won t take effect DMZ Enabled 192 168 2 12 Rule Protocol Private IP Private Port Public Port 1 TCP 192 168 2 11 20 80 20 80 2 TCP 192 168 2 10 22 22 254 8 7 System Status This section breaks down into subsections of System Overview Associated Clients Status WDS Link Status Extra Information and Event Log 8 7 1 Overview Detailed information on System WAN Information LAN Information Wireless Information and DHCP Server Status can be reviewed via this page m System Display the information of the system System Host Name WEB1200H2PX Operating Mode Router AP Mode Location Descriptio
120. as Port Forward as well and used interchangeably Resources in the network can be exposed to the Internet users in a controlled manner including on line gaming video conferencing or others via Virtual Server setup Don t repeat ports usage to avoid confusion Suppose you want to assign ports 21 25 to one FTP Telnet and SMTP server A in the example and port 80 to another B in the example You assign the LAN IP addresses and the ISP assigns the WAN IP address The NAT network appears as a single host on the Internet NAT 192 168 2 10 Port 21 25 B Mai Base Station APO1200 197 168 1 250 WIFI WAN LAN 192 168 1 254 192 168 2 254 192 168 2 11 Port 80 Please click on Advance gt Virtual Server and follow the below setting Virtual Server Setup Virtual Server Virtual Server List Virtual Server Enable Disable Status Description Protocol PrivateIP Public Port Private Port Delete Edit Private IP Protocol Type TCP UDP Private Port Public Port Virtual Server By Default It s Disable Check Enable radial button to enable Virtual Server Description Enter appropriate message for resource sharing via Virtual Server Private IP Enter corresponding IP address of internal resource to share Protocol Type Select appropriate sessions TCP or UDP from shared host via multiple private ports Private Port A port or a range of ports may be specified as start
121. ase back up current settings before proceeding 2 Do not interrupt during firmware upgrade including power on off as this may damage system 3 Never perform firmware upgrade over wireless connection or via remote access connection 241 3 4 7 Network Utility The administrator can diagnose network connectivity via the PING and TRACEROUTE utility Please click on Utilities gt Network Utility and follow the below setting Network Utility Ping Result Destination IP Doamin Count 5 ping Traceroute Destination Host MAX Hop 6 Start Stop Ping This utility will help ping other devices on the network to verify connectivity Ping utility using ICMP packets detects connectivity and latency between two network nodes As result of that packet loss and latency time are available in the Result field while running the PING test gt Destination IP Domain Enter desired domain name i e www google com or IP address of the destination and click ping button to proceed The ping result will be shown in the Result field gt Count By default it s 5 and the range is from 1 to 50 It indicates number of connectivity test Traceroute Allows tracing the hops from the APO1200 APO1215 device to a selected outgoing IP address It should be used for the finding the route taken by ICMP packets across the network to the destination host The test is started using the Start button click Stop button to stopped test gt D
122. ase efficiency by aggregating multiple packets of application data into a single transmission frame In this way 802 11n networks can send multiple data packets with the fixed overhead cost of just a single frame m IEEE802 11H DFS By default it s Disable To Enable is to use IEEE802 11H DFS With DFS Dynamic Frequency Selection enabled radio is operating on one of the following channels the wireless device uses DFS to monitor the operating frequency and switch to another frequency or reduce power as necessary DFS Channels 52 56 60 64 100 104 108 112 116 120 124 128 136 140 The maximum legal transmit power is greater for some 5 GHz channels than for others When the wireless device randomly selects a 5 GHz channel on which power is restricted the wireless device automatically reduces transmit power to comply with power limits for that channel in that regulatory domain The Channel 52 140 is DFS channel If tuen on IEEE802 11H AP Will have 60 sec to do channel available a check and will not send beacon and can not be connect When APO1200 APO1215 detect radar 5GHZ signal the AP will switch channel and stop beacon trasmit between 15 sec WMM By default it s Disable To Enable is to use WMM and the WMM parameters should appears 58 WMM Parameters of Access Point Aifsn CWMin CWMax Txop ACM AckPolicy ACBE j se oy fo a acek 7 sE 103 lo O L acme ha CE bbe a
123. assword Set a password to authorize read only access SNMP rw user Set a community string to authorize read write access y y y y SNMP rw password Set a password to authorize read write access m SNMP Trap Events such as cold start interface up amp down and association amp disassociation will report to an assigned server ONMP Trap Enable Community P 1 3 Community Set a community string required by the remote host computer that will receive trap messages or notices send by the system gt IP Enter the IP addresses of the remote hosts to receive trap messages Click Save button to save changes and click Reboot button to activate 40 3 4 4 Backup Restore and Reset to Factory Backup current configuration restore prior configuration or reset back to factory default configuration can be executed via this page Please click on Utilities gt Profile Setting and follow the below setting Profile Save Profile Save save Settings To PC Load Settings From PC Browse _ Upload Reset To Factory Default i In this page you can save your cument configuration restore a previously saved configuration or reset all of the settings to the factory default settings m Save Settings To PC Click Save button to save the current configuration to a local disk File Download Do you want to save this file or find a program online to open it E Name config bin E Type Unknown Fi
124. ated with the specified AP m Client Isolation By default it s Disable Select Enable all clients will be isolated from each other which means they can t reach each other Hidden SSID By default it s Disable Enable this option to stop the SSID broadcast in your network When disabled people could easily obtain the SSID information with the site survey software and get access to the network if security is not turned on When enabled network security is enhanced It s suggested to enable it after AP security settings are archived and setting of AP s clients could make to associate to it Maximum Clients The default value is 32 You can enter the number of wireless clients that can associate to a particular SSID When the number of client is set to 5 only 5 clients at most are allowed to connect to this Repeater AP m Security Type Select the desired security type from the drop down list the options are Disable WEP WPA PSK WPA2 PSK WPA Enterprise WPA2 Enterprise and WEP 802 1X gt Disable Data are unencrypted during transmission when this option is selected gt WEP Wired Equivalent Privacy WEP is a data encryption mechanism based on a 64 bit or 128 bit shared key 139 WEP Authentication Type OPEN SHARED WEPAUTO Key Index 1 WEP Key 1 WEP Key 2 WEP Key 3 WEP Key 4 v Authentication Method Enable the desire option among OPEN SHARED or WEPAUTO v Key I
125. ation Server Port 1812 shared Secret Session Timeout 0 v Radius Server Settings e IP Address Enter the IP address of the Authentication RADIUS server e Port By default it s 1812 The port number used to communicate with RADIUS server e Shared secret A secret key used between system and RADIUS server Supports 8 to 64 characters e Session Timeout The Session timeout is in the range of 0 60 seconds The default is O to disable re authenticate service Amount of time before a client will be required to re authenticate Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes 142 6 3 2 Wireless MAC Filter Setup Continue 6 3 1 Repeater AP Setup section the administrator can allow or reject clients to access Repeater AP MAC Filter Action Only Deny List MAC Add a station MAC Add Enable Disable MAC Filter Setup By default it s Disable Options are Disable Only Deny List MAC or Only Allow List MAC Two ways to set MAC filter rules 3 Only Allow List MAC The wireless clients in the Enable list will be allowed to access the Access Point All others or clients in the Disable list will be denied 3 Only Deny List MAC The wireless clients in the Enable list will be denied to access the Access Point All others or clients inthe Disable list will be allowed m Add a station MAC Ente
126. band Internet service to new residential and business customers In this mode APO1200 APO1215 is enabled with DHCP Server functions The wired clients of APO1200 APO 1215 are in the same subnet from Main Base Station and it accepts wireless connections from client devices 192 168 2 10 Main ase Station B 192 168 2 250 192 168 2 A Configuration on CPE AP Mode Router Client Access Point It can be used as an Outdoor Customer Premised Equipment CPE to receive wireless signal over the last mile helping WISPs deliver wireless broadband Internet service to new residential and business customers In this mode the APO1200 APO1215 is a gateway with NAT and DHCP Server functions The wireless and wired clients of APO1200 APO1215 are on the different subnet from Main Base Station and it accepts wireless connections from client devices NAT 192 168 2 10 Main APO1200 Base Station a 192 168 1 250 WIFI WAN LAN 192 168 1 254 192 168 2 254 33 l 192 168 2 X 1 4 Product Benefit m IEEE 802 11n Compliance in 2Tx 2Rx Design Support IEEE 802 11n and 802 11a m Operates in the 5GHz ISM Band m Enables Bandwidth of up to 300Mbps Tx 300Mbps Rx link rate m Topology Point to Point Point to Multi Point 3 Router AP Mode gt Access Point Mode Pure Access Point Function and Access Point Bridge WDS Function gt WDS Mode 3 CPE Mode Router Client 3 Client Bridge Universal Repeater gt CPE AP Mode m Sec
127. ble Enable Disable Tx Burst Enable Disable Pkt_Aggregate Enable Disable EEE 802 11H 0FS O Enable Disable WMM O Enable Disable Save Short Slot By default it s Enable for educing the slot time from the standard 20 microseconds to the 9 microsecond short slot time Slot time is the amount of time a device waits after a collision before retransmitting a packet Reducing the slot time decreases the overall back off which increases throughput Back off which is a multiple of the slot time is the random length of time a station waits before sending a packet on the LAN For a sender and receiver own right of the channel the shorter slot time help manage shorter wait time to re transmit from collision because of hidden wireless clients or other causes When collision sources can be removed sooner and other senders attempting to send are listening the channel CSMA CA the owner of the channel should continue ownership and finish their transmission and release the channel Then following ownership of the channel will be sooner for the new pair due to shorter slot time However when long duration of existing collision sources and shorter slot time exist the owners might experience subsequent collisions When adjustment to longer slot time can t improve performance then RTS CTS could supplement and help improve performance Extra Slot Time Slot time is in the range of 1 255 and set in unit of microsecond The
128. bps A 192 168 2 50 100 Please click on Advance gt QoS and follow the below setting 160 QoS Setup Rules QoS List Comment Comment Remark DSCP Bandwidth U D Delete Edit MAC Address Rule No QoS Rule in the List Local IP Destination IP DSCP Class Any Y Protocol Any v Local Port Destination Port Action Remark DSCP No Remark vw Bandwidth O Enable Disable Upload Kbits Download Kbits m Rules Use the rules to define the classifiers After you define the rules you can specify action to act upon the traffic that matches the rules gt Comment Enter a descriptive name for this rule for identifying purposes gt MAC Address Enter MAC address in valid MAC address format xx xx xx xx Xx xx and click Add button to add in the MAC group of each rule Click Remove button can remove MAC address in the group of each rule There are 10 MAC address maximum allowed in each rule gt Local Destination IP Specify local LAN destination IP addresses range required for this rule If you specify local IP addresses range from 192 168 1 1 to 192 168 2 254 The matches a range of local IP addresses include every single IP address from the first to the last so the example above includes everything from 192 168 1 1 to 192 168 2 254 gt DSCP Class Differentiated services code point DSCP Select Any or specify classify traffic from drop down list The Per Hop Behavior PHB is indicated by enc
129. broadcast multicast encryption keys in seconds Entering the time length is required e PMK Cache Period By default it s 10 minutes Set WPA2 PMKID cache timeout period after time out the cached key will be deleted e Pre Authentication By default it s Disable To Enable is use to speed up roaming before pre authenticating IEEE 802 1X EAP part of the full RSN authentication and key handshake before actually associating with a new AP a PMK Cache Period and Pre Authentication is used in WPA2 Enterprise v Radius Server Settings e IP Address Enter the IP address of the Authentication RADIUS server e Port By default it s 1812 The port number used to communicate with RADIUS server e Shared secret A secret key used between system and RADIUS server Supports 8 to 64 characters e Session Timeout The Session timeout is in the range of 0 60 seconds The default is O to disable re authenticate service Amount of time before a client will be required to re authenticate 229 gt WEP 802 1X When WEP 802 1x Authentication is enabled please refer to the following Dynamic WEP and RADIUS settings to complete configuration 802 1x WEP Dynamic WEF Enable Authentication RADIUS Server Authentication Server Port 1812 Shared Secret o Session Timeout 0 v Radius Server Settings e IP Address Enter the IP address of the Authentication RADIUS server e Port By default its 1812 The port number
130. button to save the current configuration to a local disk File Download Do you want to save this file or find a program online to open it a Name contig bin En Type Unknown File Type From 192 168 2 254 harm your computer If vou do not trust the source do not find a Y While files from the Internet can be useful some files can potentially E program to open this file or save this file What s the risk m Load Settings from PC Click Browse button to locate a configuration file to restore and then click Upload button to upload m Reset To Factory Default Click Default button to reset back to the factory default settings and expect Successful loading message Then click Reboot button to activate 151 6 4 6 Firmware Upgrade Firmware is the main software image that system needs to respond to requests and to manage real time operations Firmware upgrades are sometimes required to include new features or bugs fix It takes around 2 minutes to upgrade due to complexity of firmware To upgrade system firmware click Browse button to locate the new firmware and then click Upgrade button to upgrade Firmware Upgrade Firmware Infomation Firmware Version Cen CPE N5H 2 V 0 0 4 Beta Version Firmware Date 2009 09 03 09 26 27 Browse _ Update Firmware ri From time to time the product may release new versions of the firmware You can check and download up to date firmware and click Brows
131. c Port 1 65535 DMZ IP Address IP Format 1 254 QoS Comment 32 chars iii MAC Address MAC Format 12 HEX chars Local Destination IP IP Formate 1 254 Local Destination Port 1 65535 Upload amp Download 8 8192 digital number 268 Appendix C MCS Data Rate The table below shows the relationships between the variables that allow for the maximum data rate Table C MCS Data Rate Data Rate Mb s MCS Index Modulation Channel Bandwidth 20 Channel Bandwidth 40 Long Guard interval terval Interval Interval 0 BPSK 6 5 7 2 13 5 15 0 1 QPSK 13 0 14 4 27 0 30 0 2 QPSK 19 5 21 7 40 5 45 0 3 16 QAM 26 0 28 9 54 0 60 0 4 16 QAM 39 0 43 3 81 0 90 0 5 64 QAM 52 0 57 8 108 0 120 0 6 64 QAM 58 5 65 0 121 5 135 0 7 64 QAM 65 0 72 2 135 0 157 5 8 BPSK 13 0 14 4 27 0 30 0 9 QPSK 26 0 28 9 54 0 60 0 10 QPSK 39 0 43 3 81 0 90 0 11 16 QAM 52 0 57 8 108 0 120 0 12 16 QAM 78 0 86 7 162 0 180 0 13 64 QAM 104 0 115 6 216 0 240 0 14 64 QAM 117 0 130 0 243 0 270 0 15 64 QAM 130 0 114 4 270 0 300 0 Note v When MCS 32 only Short Guard Interval option is supported Channel Bandwidth 20 is not supported If Channel Bandwidth 40 the HT duplicate 6Mbps Y When MCS 0 7 One Tx Stream Guard Interval and Channel Bandwidth are supported v When MCS 8 15 Two Tx Stream Guard Interval and Channel Bandwidth are supported 269 Appendix D S
132. ce Delete Edit Source Port Address Mask Port Address Mask Port Destination No IP Rule in the List Address Mask Destination Port In Out O in Out Protocol TCP upp O icmp Listen Oves Ono Source Address Mask Enter desired source IP address and netmask i e 192 168 2 10 32 Source Port Enter a port or a range of ports as start end i e port 20 80 Destination Address Mask Enter desired destination IP address and netmask i e 192 168 1 10 32 Destination Port Enter a port or a range of ports as start end i e port 20 80 m In Out Applies to Ingress or egress packets Protocol Supports TCP UDP or ICMP m Listen Click Yes radial button to match TCP packets only with the SYN flag Active Deny to drop and Pass to allow per filter rules m Interface The interface that a filter rule applies a All packets are allowed by default Deny rules could be added to the filter list to filter out unwanted packets and leave remaining allowed Click Save button to add IP filter rule Total of 20 rules maximum allowed in the IP Filter List All rules can be edited or removed from the List Click Reboot button to activate your changes When you create rules in the IP Filter List the prior rules maintain higher priority To allow limited access from a subnet to a destination network manager needs to create allow rules first and followed by deny rules So if you just want one IP address to access the syst
133. ces but also remember non local MAC addresses learned from wired or wireless interfaces Ageing timers will be reset when existing MAC addresses in table are learned again or added when new MAC addresses are seen from wired or wireless interfaces as well When time runs out for a particular entry it will be pruned from the table In that situation switching packet to that particular MAC address will be discontinued Bridge MACs Information Port MAC Address Local Ageing Timer LAN 00 11 a3 0a 7b f9 yes 0 00 LAN 00 1a 92 9fa4 9b no 0 08 Bridge STP Information Select Bridge STP Information on the drop down list to display a list of bridge STP information Bridge STP Information bred bridge id 8000 000c43288008 designated root S000 000c43288008 root port 0 path cost 0 max age 20 00 bridge max age 20 00 hello time 2 00 bridge hello time 2 00 forward delay 15 00 bridge forward delay 15 00 ageing time 300 00 hello timer 1 93 ten timer 0 00 topology change timer 0 00 gc timer 3 92 flags eth 1 port id 8001 state forwarding designated root 2000 000c432868008 path cost 100 designated bridge 2000 000c432868008 message age timer 0 00 designated port 8001 forward delay timer 0 00 designated cost 0 hold timer 0 00 flags 119 5 6 4 QoS Plot The QoS Plot show graphs which continuously represents the current data traffic on each QoS rule The chart scale and throughput dimension bps Kbps Mbps changes dynam
134. ciation from wireless clients NAT Main 1 Base Station APO1200 192 168 1 250 WIFI WAN LAN 192 168 1 254 192 168 2 254 u 192 168 2 A Figure 5 1 CPE mode network configuration 79 5 1 2 Configure WAN Setup There are three connection types for the WAN port Static IP Dynamic IP PPPoE and PPTP Please click on System gt WAN and follow the below setting WAN Setup Internet Connection Type DNS Mode Static IP O Dynamic IP PPPoE PPTP DNS No Default DNS Server Specify DNS Server IP Primary Static IP ds IP Address 192 168 2 254 IP Netmask 255 255 255 0 MAC Clone IP Gateway 192 168 2 1 Keep Default MAC Address Clone MAC Address 00 14 92 9F A4 9B O Manual MAC Address m Mode By default it s Static IP Check Static IP Dynamic IP PPPoE or PPTP to set up system WAN IP gt Static IP Users can manually setup the WAN IP address with a static IP provided by WISP v IP Address The IP address of the WAN port default IP address is 192 168 1 254 v IP Netmask The Subnet mask of the WAN port default Netmask is 255 255 255 0 v IP Gateway The default gateway of the WAN port default Gateway is 192 168 1 1 gt Dynamic IP Please consult with WISP for correct wireless settings to associate with WISP AP before a dynamic IP along with related IP settings including DNS can be available from DHCP server If IP Address is not assigned please double check with your w
135. cify the bandwidth in kilobit per second Kbps Enter a number between 8 to 8192 default upload is 128 Kbps download is 1024 Kbps Click Add button to add QoS rule to List There are 10 rules maximum allowed in this QoS List All rules can be removed or edited on the List Click Reboot button to activate your changes When you create rules on the QoS List the previous rules have higher priority Below depict the examples for explaining priority of QOS setup gt Example 1 On this setting the FTP has 1024 Kbps upload and 8196 Kbps download on 192 168 2 10 The remaining IP address and other remaining protocol of IP address 192 168 2 10 only can use total bandwidth 512 Kbps bandwidth Because rule 1 s priority is higher than rule 2 Rule Source IP Destination IP DSCP Protocol Remark DSCP Bandwidth Up Down 1 192 168 2 10 ANY FTP NO 1024 8196 2 ANY ANY NO 512 512 gt Example 2 On this setting the FTP has 512 Kbps upload and 512 Kbps download on 192 168 2 10 Because rule 1 s priority is higher than rule 2 Rule Source IP Destination IP DSCP Protocol Remark DSCP Bandwidth Up Down 1 ANY ANY NO 512 512 2 192 168 2 10 ANY FTP NO 1024 8196 162 6 6 Resource Sharing 6 6 1 DMZ DMZ is commonly work with the NAT functionality as an alternative of Virtual Server Port Forwarding while wanting all ports of DMZ host visible to Internet users Virtua
136. ckoff wait time window for retry of a transmission The value specified here in the Minimum Contention Window is the upper limit in milliseconds of a range from which the initial random backoff wait time is determined CWmax Maximum Contention Window The value specified here in the Maximum Contention Window is the upper limit in milliseconds for the doubling of the random backoff value This doubling continues until either the data frame is sent or the Maximum Contention Window size is reached Once the Maximum Contention Window size is reached retries will continue until a maximum number of retries allowed is reached Valid values for the cwmax are 1 3 7 15 31 63 127 255 511 or 1024 The value for cwmax must be higher than the value for cwmin Txop Transmission Opportunity is an interval of time when a WME AP has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for AP that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission Control Mandatory ACM only takes effect on AC_VI and AC_VO When you do not click Checkbox it means that the ACM is controlled by the connecting AP If you click Checkbox it means that the Client is in charge AckPolicy Acknowledgment Policy WMM defines two ACK policies Normal ACK and No ACK Click Checkbox indicates
137. ctory Default Default fit In this page you can sawe your current configuration restore a previously saved configuration or reset all of the settings to the factory default settings m Save Settings to PC Click Save button to save the current configuration to a local disk File Download Do you want to save this file or find a program online to open it a Name contig bin En Type Unknown File Type From 192 168 2 254 harm your computer If vou do not trust the source do not find a Y While files from the Internet can be useful some files can potentially E program to open this file or save this file What s the risk m Load Settings from PC Click Browse button to locate a configuration file to restore and then click Upload button to upload m Reset To Factory Default Click Default button to reset back to the factory default settings and expect Successful loading message Then click Reboot button to activate 98 5 3 6 Firmware Upgrade Firmware is the main software image that system needs to respond to requests and to manage real time operations Firmware upgrades are sometimes required to include new features or bugs fix It takes around 2 minutes to upgrade due to complexity of firmware To upgrade system firmware click Browse button to locate the new firmware and then click Upgrade button to upgrade Firmware Upgrade Firmware Infomation Firmware Version Cen CPE NSH2 V0 0 4 Beta Version Fir
138. cy or reduce power as necessary DFS Channels 52 56 60 64 100 104 108 112 116 120 124 128 136 140 The maximum legal transmit power is greater for some 5 GHz channels than for others When the wireless device randomly selects a 5 GHz channel on which power is restricted the wireless device automatically reduces transmit power to comply with power limits for that channel in that regulatory domain The Channel 52 140 is DFS channel If turns on IEEE802 11H AP Will have 60 sec to do channel available a check and will not send beacon and can not be connect When APO1200 APO1215 detect radar 5GHZ signal the AP will switch channel and stop beacon transmit between 15 sec 24 WMM By default it s Disable To Enable is to use WMM and the WMM parameters should appears WMM Parameters of Access Point Aifsn CWMin CWMax Txop ACM AckPolicy ACBE 3 sE sm o Oo O acek o 7 i5pm 1023m o O O aem i CHE asw o4 E O Ac vo 1 3 m 17 e 47 O O WMM Parameters of Station Aifsn CWiMin CWilax Txop ACM AC_BE 3 asw 1023 M lo O AC_BK 7 15 1023 o O AC VI 2 17 2 is e 94 C acvo kR am 7 a 0 When you enable WMM the Tx Burst will be Disabled automatically by system gt WMM Parameters of Access Point This affects traffic flowing from the access point to the client station Data Transmitted AP to Clients Priority Description Queue High throu
139. d SSID s AP s with different MAC addresses With AP lock on the station will lock to MAC address and not roam between several Access Points with the same ESSID m Channel Frequency Select the desired channel range m Security Type Select the desired security type from the drop down list the options are NONE OPEN SHARED WPA PSK and WPA2 PSK gt OPEN SHARED OPEN and SHARED require the user to set a WEP key to exchange data WEP Key Index 1 M WEP Key 1 WEP Key 2 WEP Key 3 WEP Key 4 v Key Index key index is used to designate the WEP key during data transmission 4 different WEP keys can be entered at the same time but only one is chosen v WEP Key Enter HEX or ASCII format WEP key value the system supports up to 4 sets of WEP keys Key Length Hex ASCII 64 bit 10 characters 5 characters 128 bit 26 characters 13 characters 187 gt WPA PSK or WPA2 PSK WPA or WPA2 Algorithms allows the system accessing the network by using the WPA PSK protected access WPA Cipher Suite AES Pre shared Key v Cipher Suite Select the desired cipher suite from the drop down list the options are AES and TKIP v Pre shared Key Enter the information for pre shared key the key can be either entered as a 256 bit secret in 64 HEX digits format or 8 to 63 ASCII characters Profile List The user can manage the created profiles for home
140. d for this rule gt Active Check Enable button to activate this rule and Disable to deactivate Click Add button to add control rule to List There are 10 rules maximum allowed in this Control List All rules can be removed or edited on the List Click Reboot button to activate your changes 248 8 5 4 QoS Setup Quality of Service QoS refers to both a network s ability to deliver data with minimum delay and the networking methods used to control the use of bandwidth Without QoS all traffic data is equally likely to be dropped when the network is congested This can cause a reduction in network performance and make the network inadequate for time critical application such as video on demand A classifier groups traffic into data flows according to specific criteria such as the source address destination address source port number destination port number or incoming port number For example you can configure a classifier to select traffic from the same protocol port such as FTP to form a flow 192 168 2 50 MAC 00 0B 6B A4 BB 01 192 168 2 51 MAC 00 0B 6B AA BB 02 Download 2046K Upload 10246 Download 512K Upload 256K APO1200 192 168 1 254 192 168 2 254 WAN LAN 192 168 2 10 20 B J NAT WDS lt lt 00 e per 192 168 2 50 60 an Base Station a Down 2048 Kbps E APQ1200 pp 1024 Kbps 4223202 WAN WLAN 192 168 2 10 20 192 168 1 254 192 16B 2 254
141. d from the List Click Reboot button to activate your changes When you create rules in the IP Filter List the prior rules maintain higher priority To allow limited access from a subnet to a destination network manager needs to create allow rules first and followed by deny rules So if you just want one IP address to access the system via telnet from your subnet not others the Example 1 demonstrates it not rules in the Example 2 102 Example 1 Create a higher priority rule to allow IP address 192 168 2 2 Telnet access from LAN port first and deny Telnet access from remaining IP addresses in the same subnet Hae Source Destination IP Mask Port IP Mask Port In Out Protocol Listen Action Side 192 168 2 2 32 192 168 2 254 32 22 In TCP n Pass LAN 2 192 168 2 0 24 192 168 2 254 32 22 In TCP n Deny LAN Example 2 All Telnet access to the system from the IP addresses of subnet 192 168 2 x works with the rule 1 of Example 2 The rule 2 won t make any difference nl Source Destination IP Mask Port IP Mask Port In Out Protocol Listen Action Side 1 192 168 2 0 24 192 168 2 254 32 22 In TCP n Deny LAN 2 192 168 2 2 32 192 168 2 254 32 22 In TCP n Pass LAN 103 5 4 2 MAC Filter Setup Allows to create MAC filter rules to allow or deny unicast or multicast packets from limited number of MAC addresses Important to note that MAC filter
142. d its attached interfaces the Bridge Port should be attached to some interfaces e g eth2 ra0 and wdsO wds3 Bridge Table Information Bridge Port Bridge ID STP Enabled Interface bred 8000 000c432880b0 no eth raQ 76 Bridge MAC information Select Bridge MACs Information on the drop down list to display MAC table This table displays local MAC addresses associated with wired or wireless interfaces but also remember non local MAC addresses learned from wired or wireless interfaces Ageing timers will be reset when existing MAC addresses in table are learned again or added when new MAC addresses are seen from wired or wireless interfaces as well When time runs out for a particular entry it will be pruned from the table In that situation switching packet to that particular MAC address will be discontinued Bridge MACs Information information Port WDSO LAN LAN LAN LAN LAN LAN MAC Address 00 11 a309 7b H 00 11 a30a b T9 00 12c5tea27 00 16 d433 32 6b 00 1a 4b 10 05 15 00 14 92 9f a4 9b 00 21 8b dfd9 31 Bridge STP Information bred bridge id designated root root port max age hello time forward delay ageing time hello timer topology change timer flags eth 1 port id designated root designated bridge designated port designated cost flags raQ 2 port id designated root designated bridge designated port designated cost flags 9000 000c43285008 8000 000c43288008
143. de WDS Status Functions WDS Setup Network Utility Extra Info SNMP _ Table 4 1 WDS Mode Functions 4 1 External Network Connection 4 1 1 Network Requirement You could expand your Ethernet network via WDS link In this mode the APO1200 APO1215 connects directly to a wired LAN and wirelessly bridges to a remote access point via a WDS link as shown in Figure 4 1 In the mode it can t associate with any wireless clients WDS Remote APO1200 Base Station 192 168 2 254 1972 168 2 250 Figure 4 1 Point to Point network Configuration 92 4 1 2 Configure LAN IP Here are the instructions for how to setup the local IP Address and Netmask Please click on System gt LAN and follow the below setting LAN Setup Ethernet Connection Type DNS Mode Static IP Dynamic IP DNS No Default DNS Server O Specify DNS Server IP Primary Static IP Secondary IP Address 192 168 2 254 IP Netmask 255 255 255 0 IP Gateway 192 168 2 1 m Mode Check either Static IP or Dynamic IP button as desired to set up the system IP of LAN port gt Static IP The administrator can manually setup the LAN IP address when static IP is available preferred v IP Address The IP address of the LAN port default IP address is 192 168 2 254 v IP Netmask The Subnet mask of the LAN port default Netmask is 255 255 255 0 v IP Gateway The default gateway of the LAN port default Gateway is 192 168 2 1 gt Dynamic IP T
144. default value is 9 microsecond When you enable Short Slot and set Extra Slot time to 10 the actual Slot Time 9 10 us When you disable Short Slot and set Extra Slot time to 10 the actual Slot Time 20 10 us 130 ACK Timeout ACK timeout is in the range of 1 255 and set in unit of microsecond The default value is 32 microsecond All data transmission in 802 11b g request an Acknowledgement ACK send by receiving radio The transmitter will resend the original packet if correspondent ACK failed to arrive within specific time interval also refer to as ACK Timeout ACK Timeout is adjustable due to the fact that distance between two radio links may vary in different deployment ACK Timeout makes significant influence in performance of long distance radio link If ACK Timeout is set too short transmitter will start to Resend packet before ACK is received and throughputs become low due to excessively high re transmission ACK Timeout is best determined by distance between the radios data rate of average environment The Timeout value is calculated based on round trip time of packet with a little tolerance So if experiencing re transmissions or poor performance the ACK Timeout could be made longer to accommodate Slot Time and ACK Timeout settings are for long distance links It is important to tweak settings to achieve the optimal result based on requirement Beacon Interval Beacon Interv
145. delay the association and roaming process because stations scanning for available access points may miss the beacons You can decrease the beacon interval which increases the rate of beacons This will make the association and roaming process very responsive however the network will incur additional overhead and throughput will go down DTIM Interval The DTIM interval is in the range of 1 255 The default is 1 DTIM is defined as Delivery Traffic Indication Message It is used to notify the wireless stations which support power saving mode when to wake up to receive multicast frame DTIM is necessary and critical in wireless environment as a mechanism to fulfill power saving synchronization A DTIM interval is a count of the number of beacon frames that must occur before the access point sends the buffered multicast frames For instance if DTIM Interval is set to 3 then the Wi Fi clients will expect to receive a multicast frame after receiving three Beacon frame The higher DTIM interval will help power saving and possibly decrease wireless throughput in multicast applications 57 Fragment Threshold The Fragment Threshold is in the range of 256 2346 byte The default is 2346 byte Each Wi Fi packet can be divided into smaller packets marked with a sequential fragment number and re assemble in the receiving ends The purpose is to make a short frame instead of long frame transmitting by radio in a heavy noisy environment Because
146. dence over the DMZ rule In order to use a range of ports available to access to different internal hosts Virtual Server rules are needed 192 168 2 20 100 WDS NAT Remote ELS Stat kan UN 192 168 2 11 DMZ APQ12N0_ WAN WLAN 192 168 2 10 192 169 1 254 a 192 168 2 254 Lorraine III a Please click on Advance gt DMZ and follow the below setting DMZ Setup DMZ DMZ O Enable Disable PAddress m DMZ By default its Disable Check Enable radial button to enable DMZ m IP Address Enter IP address of DMZ host and only one DMZ host is supported Click Save button to save your changes Click Reboot button to activate your changes 252 8 6 2 Virtual Server Port Forwarding Virtual Server can also referred to as Port Forward as well and used interchangeably Resources in the network can be exposed to the Internet users in a controlled manner including on line gaming video conferencing or others via Virtual Server setup Don t repeat ports usage to avoid confusion Suppose you want to assign ports 21 25 to one FTP Telnet and SMTP server A in the example and port 80 to another B in the example You assign the LAN IP addresses and the ISP assigns the WAN IP address The NAT network appears as a single host on the Internet Ne U en Remote APO1200 WAN WLAN 192 168 1 254 192 168 2 254 0 t08 2 10 a E Port 21 25 Please clic
147. dom backoff wait time window for retry of a transmission The value specified here in the Minimum Contention Window is the upper limit in milliseconds of a range from which the initial random backoff wait time is determined CWmax Maximum Contention Window The value specified here in the Maximum Contention Window is 26 the upper limit in milliseconds for the doubling of the random backoff value This doubling continues until either the data frame is sent or the Maximum Contention Window size is reached Once the Maximum Contention Window size is reached retries will continue until a maximum number of retries allowed is reached Valid values for the cwmax are 1 3 7 15 31 63 127 255 511 or 1024 The value for cwmax must be higher than the value for cwmin v Txop Transmission Opportunity is an interval of time when a WME AP has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity Txop for AP that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network v ACM Admission Control Mandatory ACM only takes effect on AC_VI and AC_VO When you do not click Checkbox it means that the ACM is controlled by the connecting AP If you click Checkbox it means that the Client is in charge Click Save button to save your changes Click Reboot button to activate your changes The items in this page are
148. down list the options are auto or ranging from 6 to 54 Mbps for 802 11a Country Select the desired country code from the drop down list the options are US ETSI JP and NONE m Tx Power You can adjust the output power of the system to get the appropriate coverage for your wireless network Specify digit number between 7 to 100 the unit is for your environment If you are not sure of which setting to choose then keep the default setting 100 When Band Mode select in 802 11a only mode the HT High Throughput Physical Mode and 11n Configuration settings should be hidden immediately m Operating Mode By default it s Mixed Mode 3 Mixed Mode In this mode packets are transmitted with a preamble compatible with the legacy 802 11a g the rest of the packet has a new format In this mode the receiver shall be able to decode both the Mixed Mode packets and legacy packets gt Green Field In this mode high throughput packets are transmitted without a legacy compatible part m Channel Bandwidth The Auto MHz option is usually best The other option is available for special circumstances Guard Interval Using Auto option can increase throughput However it can also increase error rate in some installations due to increased sensitivity to radio frequency reflections Select the option that works best for your installation 128 m MCS This parameter represents transmission rate By default Auto the fastest p
149. e ESSID Security Type Delete Edit O 1 Profiled default NONE Delete Edit O z Frofile Test 253AP 1 OPEN Delete Edit Click Edit an exist profile on the Profile List The field of System Configuration and Security Policy will display profile s content Edit profile s content and then click Save button to save the profile 3 Click Delete to remove profile Click and Select a profile from list then click the Connect button to connecting to the wireless network with the profile setting After clicking Connect button you can verify connecting status on Station Statistic Page Click Save button to save your changes Click Reboot button to activate your changes 90 5 3 System Management 5 3 1 Configure Management Administrator could specify geographical location of the system via instructions in this page Administrator could also enter new Root and Admin passwords and allow multiple login methods Please click System gt Management and follow the below settings Management Setup System Information Admin Login Methods System Name WCB1200H2PX Enable HTTP Y Port 80 Description Outdoor WiFi N 5G 200mW Enable HTTPS Port 443 UploadKey nani Enable Telnet Port 23 E Enable SSH Y Port 22 Root Password Host Key Footprint ssh rsa AAAAB3NzaCiyc2EAAAADAQABAAAAgw New Root Password Check Root Password nep Ping Watchdog E E dl Ping Watchdog O Enable Disable Admin Password
150. e Error Navigation Blocked Windows Internet Explorer Ge de le 192 168 2 254 vj File Edit View Favorites Tools Help Ly Favorites y E z Free Hotmail Certificate Error Navigation Blocked There is a problem with this website s security certificate The security certificate presented by this website was not issued by a trusted certificate authority The security certificate presented by this website was issued for a different website s address Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server We recommend that you close this webpage and do not continue to this website Y Click here to close this webpage Y Continue to this website not recommended E More information Click Continue to this website to access the system s WMI The system s Overview page will appear 196 7 4 2 Configure System Time System time can be configured via this page and manual setting or via a NTP server is supported Please click on System gt Time Server and follow the below setting Time Server Setup system Time Local Time 2000 07 01 Sat 00 05 44 NTP Client Enable L Default NTP Server optional Time Zone Daylight saving time Save Local Time Display the current system time NTP Client To synchronize the system time with NTP server gt Enable Check to select NTP client 3 Default NTP Server Select
151. e LAN port m DNS Check either No Default DNS Server or Specify DNS Server IP button as desired to set up the system DNS gt Primary The IP address of the primary DNS server gt Secondary The IP address of the secondary DNS server 802 1d Spanning Tree The spanning tree network protocol provides a loop free topology for a bridged LAN between LAN interface and 4 WDS interfaces from wds0 to wds3 The Spanning Tree Protocol which is also referred to as STP is defined in the IEEE Standard 802 1d The Spanning tree always enabled on APO1200 APO1215 Below Figures depict a loop for a bridged LAN between LAN and WDS link 18 7 _ PA E AS Li TAN barn A LN TA F Tip g a P a Fa EN APO1200 w i Loop Remote pase Station 192 168 2 x 192 168 2 254 y gt 192 158 2 250 DS Blocked by vips Spanning Tree Protocol Remote Base Station 192 168 2 x 192 168 2 251 A A Ds re a LETT uN fry APO1200 RemoteBase Station 192 168 2 x F 192 58 2 250 192 168 2 254 A A E Blocked by i LOOP A wps 2 E g E ai a Taa 57 A a LAA s C ss Base Station 192 168 2 253 Spanning Tree Protocol M5 Remote Base Station 192 168 2 x 192 168 2 251 Click Save button to save your changes Click Reboot button to activate your changes 19 3 2 Wireless LAN Network Creation The network manager can configure related wireless settings General
152. e interfaces e g eth2 ra0 and apcli0 Bridge Table Information Bridge Port Bridge ID STP Enabled Interface bred 8000 000c43286010 no eth raQ apcli Bridge MAC information Select Bridge MACs Information on the drop down list to display MAC table This table displays local MAC addresses associated with wired or wireless interfaces but also remember non local MAC addresses learned from wired or wireless interfaces Ageing timers will be reset when existing MAC addresses in table are learned again or added when new MAC addresses are seen from wired or wireless interfaces as well When time runs out for a particular entry it will be 209 pruned from the table In that situation switching packet to that particular MAC address will be discontinued Port Bridge MACs Information MAC Address Ageing Timer information Repeater 4P WLAN Client LAN Repeater AP WLAN Client LAN WLAN Client 00 06 b7 13 35 ef 00 11 a3 0a 7b H 00 11 a3 0a 7b f9 00 11 a3 0a 7b fa 00 11 a3 0a 7b fb 00 1a2 929fa4 9b 00 40 d0 3e 7b td Bridge STP Information bred bridge id designated root root port max age hello time forward delay ageing time hello timer topology change timer flags eth 1 port id designated root designated bridge designated port designated cost flags raQ 2 port id designated root designated bridge designated port designated cost flags apcli0 3
153. e network configuration When the APO1200 APO1215 configured as an Access Point and Client Station simultaneously the Wireless General and Advanced Setup also used simultaneously But the Security Type can be different In the other word the channel or other settings will be the same between APO1200 APO1215 to Main Base Station and wireless client to APO1200 APO1215 but security type can be different 122 6 1 2 Configure WAN Setup There are three connection types for the WAN port Static IP Dynamic IP PPPoE and PPTP Please click on System gt WAN and follow the below setting WAN Setup E Internet Connection Type DNS Mode Static IP O Dynamic IP PPPoE PPTP DNS No Default DNS Server Specify DNS Server IP Primary Static IP Secondary IP Address 192 168 2 254 IP Netmask 255 255 255 0 IP Gateway 192 168 2 1 Save a In CPE mode the WAN Port is the Wireless interface m Mode By default it s Static IP Check Static IP Dynamic IP PPPoE or PPTP to set up system WAN IP gt Static IP Users can manually setup the WAN IP address with a static IP provided by WISP v IP Address The IP address of the WAN port default IP address is 192 168 1 254 v IP Netmask The Subnet mask of the WAN port default Netmask is 255 255 255 0 v IP Gateway The default gateway of the WAN port default Gateway is 192 168 1 1 gt Dynamic IP Please consult with WISP for correct wirele
154. e system Firmware Version The current installed firmware version Firmware Date The build time of installed firmware Device Time The current time of the system Y Y Y y y y y y System Up Time The time period that system has been in service since last reboot Network Information Supports Static or Dynamic modes on the LAN interface Network Mode Static Mode IP Address 192 166 2254 IP Netmask 255 255 255 0 IP Gateway 192 168 2 1 Primary DNS Secondary DNS IP Address The management IP of system By default it s 192 168 2 254 IP Netmask The network mask By default it s 255 255 255 0 IP Gateway The gateway IP address and by default it s 192 168 2 1 Primary DNS The primary DNS server in service y y y y y Secondary DNS The secondary DNS server in service 45 LAN Information Display total received and transmitted statistics on the LAN interface LAN Information WAC Address 00 00 43 28 60 30 Receive Bytes 75821 Transmit Bytes 113309 Transmit Packets 375 MAC Address The MAC address of the LAN port Receive bytes The total received packets in bytes on the LAN port Receive packets The total received packets of the LAN port Transmit bytes The total transmitted packets in bytes of the LAN port y y y y y Transmit packets The total transmitted packets of the LAN port Wireless Information Display total received and transmitted statistics on available V
155. ecial circumstances Guard Interval Using Auto option can increase throughput However it can also increase error rate in some installations due to increased sensitivity to radio frequency reflections Select the option that works best for your installation 85 MCS This parameter represents transmission rate By default Auto the fastest possible transmission rate will be selected You have the option of selecting the speed if necessary Refer to Appendix C MCS Data Rate MPDU Enable Check Enable button to activate this function and Disable to deactivate m A MPDU A MPDU Aggregated Mac Protocol Data Unit allows the transmissions of multiple Ethernet frames to a single location as burst of up to 64kbytes This is performed on the hardware itself Select Manual to set MPDU Density MPDU Density Minimum separation of MPDUs in an A MPDU 0 1 2 3 4 5 6 7 No Restriction us ys 1yus 2us 4us 8us 16 us m A MSDU Aggregated Mac Service Data Unit A MSDU Select Enable to allows aggregation for multiple MSDUs in one MPDU Default is disabled Click Save button to save your changes Click Reboot button to activate your changes 86 5 2 2 Configure Wireless Advanced Setting To achieve optimal wireless performance it is necessary to tweak advance setting per requirements properly not necessary higher the better or lower The administrator can change the RTS
156. eer network connectivity between PCs intelligent devices and appliances when UPnP is supported UPnP works on TCP IP network to enable UPnP devices to connect and access to each other very well adopted in home networking environment UPNP Setup UPNP UPNP Enable Disable UPnP By default it s Disable Select Enable or Disable of UPnP Service Click Save button to save changes and click Reboot button to activate changes For UPnP to work in Windows XP the APO1200 AP01215 must be available in My Network Places If these devices are not available you should verify that the correct components and services are loaded in Windows XP Please refer to Appendix E Using UPnP on Windows XP 148 6 4 4 Configure SNMP Setup SNMP is an application layer protocol that provides a message format for communication between SNMP managers and agents By enabling SNMP function the administrator can obtain the system information remotely Please click on System gt SNMP Setup and follow the below setting SNMP Setup Enable O Enable F Enable E SNMP v2c Enable Check to enable SNMP v2c SNMP v2c Enable ro community re community gt ro community Set a community string to authorize read only access gt rw community Set a community string to authorize read write access SNMP v3 Enable Check to enable SNMP v3 SNMPv3 supports the highest level SNMP security SNMP v3
157. em via telnet from your subnet not others the Example 1 demonstrates it not rules in the Example 2 244 Example 1 Create a higher priority rule to allow IP address 192 168 2 2 Telnet access from LAN port first and deny Telnet access from remaining IP addresses in the same subnet Hae Source Destination IP Mask Port IP Mask Port In Out Protocol Listen Action Side 192 168 2 2 32 192 168 2 254 32 22 In TCP n Pass LAN 2 192 168 2 0 24 192 168 2 254 32 22 In TCP n Deny LAN Example 2 All Telnet access to the system from the IP addresses of subnet 192 168 2 x works with the rule 1 of Example 2 The rule 2 won t make any difference nl Source Destination IP Mask Port IP Mask Port In Out Protocol Listen Action Side 1 192 168 2 0 24 192 168 2 254 32 22 In TCP n Deny LAN 2 192 168 2 2 32 192 168 2 254 32 22 In TCP n Pass LAN 245 8 5 2 MAC Filter Setup Create MAC filter rules to allow or deny unicast or multicast packets from limited number of MAC addresses It is important to note that MAC filter rules have precedence over IP Filter rules Please click on Advance gt MAC Filter Setup and follow the below setting MAC Filter Setup MAC Rules MAC Filter List Action Disabled v MAC Address Delete MAC Address Delete MAC Address No MAC Rule in the List m MAC Filter Rule By default it s Disable Options a
158. ength 32 0 9 A Z a z MOD AAS a FASA yas WAN Manual MAC Address 12 HEX chars IP Address IP Format 1 254 IP Netmask 128 0 0 0 255 255 255 252 IP Gateway IP Format 1 254 Hostname Length 32 0 9 A Z a z OED O a AN a eee User name Length 32 0 9 A Z a z Password G _ lt gt 5 MTU 576 1492 for PPPoE 1400 1460 for PPTP Idle Time 0 60 minutes Primary DNS IP Format 1 254 Secondary DNS IP Format 1 254 DDNS Hostname Length 32 0 9 A Z a z _ User Name Length 32 0 9 A Z a z Password G _ lt gt 5 DHCP Server Start IP IP Format 1 254 End IP IP Format 1 254 DNS1 IP IP Format 1 254 DNS2 IP IP Format 1 254 WINS IP IP Format 1 254 Domain Length 32 0 9 A Z a z TO MS AN aS Lease Time 600 99999999 266 Table B WEB GUI Valid Characters continued Block Field Valid Characters Management system Name Location Length 32 0 9 A Z a z Space A a ee ea pa Description 32 chars Password Length 4 30 0 9 A Z a z PROPIA e O a a HTTP HTTPS Port 165939 Telnet SSH Port 1 65535 SNMP RO RW community Length 32 0 9 A Z a z Oe ASC beg pies ey a RO RW user Length 31 0 9 A Z a z SLOP ie AN AS RO RW password Length 8 32 0 9 A Z a z PORVOO Y e SS 2a 5 a Community Length 32 0 9 A Z a z SLOPE E EAN ES IP IP Format 1 254 General Setup Tx Power 1 100 Wireless Profile Profile
159. ent to this queue AC_VI Video High Minimum delay Time sensitive video data is automatically sent to this queue AC VO Vales High Time sensitive data like VolP and streaming media are automatically sent to this queue Configuring QoS options consists of setting parameters on existing queues for different types of wireless traffic You can configure different minimum and maximum wait times for the transmission of packets in each queue based on the requirements of the media being sent Queues automatically provide minimum transmission delay for Voice Video multimedia and mission critical applications and rely on best effort parameters for traditional IP data As an Example time sensitive Voice amp Video and multimedia are given effectively higher priority for transmission lower wait times for channel access while other applications and traditional IP data which are less time sensitive but often more data intensive are expected to tolerate longer wait times 133 Aifsn The Arbitration Inter Frame Spacing Number specifies a wait time in milliseconds for data frames CWmin Minimum Contention Window This parameter is input to the algorithm that determines the initial random backoff wait time window for retry of a transmission The value specified here in the Minimum Contention Window is the upper limit in milliseconds of a range from which the initial random backoff wait time is determined CWmax Maximum C
160. er button to locate the file from your local harddisk Upgrade 1 To prevent data loss during firmware upgrade please back up current settings before proceeding 2 Do not interrupt during firmware upgrade including power on off as this may damage system 3 Never perform firmware upgrade over wireless connection or via remote access connection 152 6 4 7 Network Utility The administrator can diagnose network connectivity via the PING and TRACEROUTE utility Please click on Utilities gt Network Utility and follow the below setting Network Utility Ping Result Destination IP Doamin Count 5 ping Traceroute Destination Host MAX Hop 6 Start Stop Ping This utility will help ping other devices on the network to verify connectivity Ping utility using ICMP packets detects connectivity and latency between two network nodes As result of that packet loss and latency time are available in the Result field while running the PING test gt Destination IP Domain Enter desired domain name i e www google com or IP address of the destination and click ping button to proceed The ping result will be shown in the Result field gt Count By default it s 5 and the range is from 1 to 50 It indicates number of connectivity test Traceroute Allows tracing the hops from the APO1200 APO1215 device to a selected outgoing IP address It should be used for the finding the route taken by ICMP packets across the ne
161. er name PassWord Reconnect Mode Always On On Demand Manual Idle Time minutes MTU 1450 MPPE Encryption L MPPE 40 C MPPE 128 IP Address The IP address of the WAN port IP Netmask The Subnet mask of the WAN port PPTP Server IP Address The IP address of the PPTP server User Name Enter User Name for PPTP connection Password Enter Password for PPTP connection Xx YN OS S Reconnect Mode e Always on A connection to Internet is always maintained e On Demand A connection to Internet is made as needed 81 a When Time Server is enabled at the On Demand mode the Reconnect Mode will turn out Always on e Manual Click the Connect button on WAN Information in the Overview page to connect to the Internet v idle Time Time to last before disconnecting PPPoE session when it is idle Enter preferred Idle Time in minutes Default is 0 indicates disabled When Idle time is disabled the Reconnect Mode will turn out Always on v MTU By default it s 1460 bytes MTU stands for Maximum Transmission Unit Consult with WISP for a correct MTU setting v MPPE Encryption Microsoft Point to Point Encryption MPPE encrypts data in Point to Point Protocol PPP based dial up connections or Point to Point Tunneling Protocol PPTP virtual private network VPN connections 128 bit key strong and 40 bit key standard MPPE encryption schemes
162. estination Host Specifies the Destination Host for the finding the route taken by ICMP packets across the network gt MAX Hop Specifies the maximum number of hops max time to live value traceroute will probe 242 8 4 8 Reboot This function allows user to restart system with existing or most current settings when changes are made Click Reboot button to proceed and take around three minutes to complete Reboot O You must be reboot the system after changing settings Rebooting the system will not delete any of your configuration settings Click reboot button to reboot the system A reminder will be available for remaining time to complete If power cycle is necessary please wait till completion of the reboot process Please Wait The System Overview page appears upon the completion of reboot 243 8 5 Access Control List 8 5 1 IP Filter Setup Allows to create deny or allow rules to filter ingress or egress packets from specific source and or to destination IP address on wired LAN or Wireless WAN ports Filter rules could be used to filter unicast or multicast packets on different protocols as shown in the IP Filter Setup Important to note that IP filter rules has precedence over Virtual server rules Please click on Advance gt IP Filter Setup and follow the below setting IP Filter Setup IP Rules IP Filter List Source Address Mask Source Destination A i In Out Protocol Listen Action Interfa
163. ests are sent by the Ping Watchdog Tool Default is 300 seconds Startup Delay specify initial time delay in seconds until first ICMP echo requests are sent by the Ping Watchdog Tool The value of Startup Delay should be at least 60 seconds as the network interface and wireless connection initialization takes considerable amount of time if the device is rebooted Default is 300 seconds Failure Count To Reboot specify the number of ICMP echo response replies If the specified number of ICMP echo response packets is not received continuously the Ping Watchdog Tool will reboot the device 145 Click Save button to save your changes Click Reboot button to activate your changes Without a valid certificate users may encounter the following problem in IE7 when they try to access system s WMI https 192 168 2 254 There will be a Certificate Error because the browser treats system as an illegal website Certificate Error Navigation Blocked Windows Internet Explorer Ge de le 192 168 2 254 vj File Edit View Favorites Tools Help Ly Favorites y E z Free Hotmail Certificate Error Navigation Blocked There is a problem with this website s security certificate The security certificate presented by this website was not issued by a trusted certificate authority The security certificate presented by this website was issued for a different website s address Security ce
164. etup IP Rules IP Filter List Source Address Mask Source Destination A i In Out Protocol Listen Action Interface Delete Edit Source Port Address Mask Port Address Mask Port Destination No IP Rule in the List Address Mask Destination Port In Out O in Out Protocol TCP upp O icmp Listen Oves Ono Source Address Mask Enter desired source IP address and netmask i e 192 168 2 10 32 Source Port Enter a port or a range of ports as start end i e port 20 80 Destination Address Mask Enter desired destination IP address and netmask i e 192 168 1 10 32 Destination Port Enter a port or a range of ports as start end i e port 20 80 m In Out Applies to Ingress or egress packets Protocol Supports TCP UDP or ICMP m Listen Click Yes radial button to match TCP packets only with the SYN flag Active Deny to drop and Pass to allow per filter rules m Interface The interface that a filter rule applies a All packets are allowed by default Deny rules could be added to the filter list to filter out unwanted packets and leave remaining allowed Click Save button to add IP filter rule Total of 20 rules maximum allowed in the IP Filter List All rules can be edited or removed from the List Click Reboot button to activate your changes When you create rules in the IP Filter List the prior rules maintain higher priority To allow limited access from a subnet to a destination network mana
165. everity Message 2000 Jan 1 de en in E 00 00 11 System Info dnsmasq 94 started version 2 40 cachesize 150 2000 Jan 1 dnsmasq 94 compile time options no IPv6 GNU getopt 00 00 11 System Info no RTC no MMU no 1SC leasefile no DBus no 118N i TFTP prneezad System Info dnsmasq 94 reading etc resolv conf Dies System Info dnsmasq 94 using nameserver 192 168 2 1 53 age System Info dnsmasq 94 cleared cache panel System Info Authentication successful for root from 192 168 2 22 Time The date and time when the event occurred Facility lt helps users to identify source of events such System or User m Severity Severity level that a specific event is associated such as info m Message Description of the event Click Refresh button to renew the log or click Clear button to clear all the record 263 warning etc Appendix A Windows TCP IP Settings Windows XP 1 Click Start gt Settings gt Control Panel and then Control Panel window appears Click on Network Connections and then Network Connections window appears Network Connections File Edit View Favorites Tools Advanced Help Y pako Q Dd yo Search Ks Folders E Address Network Connections LAN or High Speed Internet Network Tasks A i Local Area Connection Create a new connection j my Connected Firewalled D Set up a home or small i J ae A NVIDIA nForce Networking Co office network
166. ews os cade dees ac abe ag ace 80 O COMNQULESDIIIIN Si SUN agas 83 GOTO LAN S UA ES ad a tt aD nak a alee tral eer unc A 84 S2 ACCESS POINT ASSOCIATION dl 85 5 2 1 Configure Wireless General Seting iii A A A A a ab 85 5 2 2 Configure Wireless Advanced aos 87 AS a asa a based eich haat walla asia E A AS 88 5924 Create Wireles ES Omaisen a a e A a Gace uchel atcha ehseiadas 89 5 3 SYSTEM MANAGEMENT mirena N E AE A A AA 91 5 31 GONIQUre Manageme ti AE E EREE A Ee 9 10 2 CONQUISTA TIVOS AA A ADA 94 O Oaa US O o Vai 95 93 4 CONQUE SNMP Set ieii n E EAA E NE a AR 96 5 3 5 Backup Restore and Reset to FactotY neennnennnennnnnnnnnnnnnesseesseesseneseoesseesseesseesseessseesseesseesseresooesseesseesseessersseresseesseess 98 RA A N E A 99 Dd NEWOK UI enas a aaa a a a a G 100 CG Hc yg 910 10 u On II EA N E T E A E E E A ee eee 101 DA ACCESS CONTROL LIS Tasa a N N NN 102 IAP a O 10 AAA A E O O EE E eS Pe 102 542 MAC FINOS 0 A AAA A A A A AAA 104 OAS Palenial Conor roet nanela a lio 105 JAA COS II E A it 107 59 RESOURCE SHARIN Gr dd de ed do ion 110 ON a aio 110 50 2 Vital Server POI FORWAI GING Js A O Re 111 DOS VS TEM SO TATU Sd eat tam ee cea S A E EE enced es Rete den Petes cnc deena EERE 113 DOA SOV ONION passes hai setts Bes AA AAA AAA AA dt ains 113 DAS ANO SAS MES e o ad e a yeaa Oct as a el 116 So A O temas edeuedsaenunaerete 118 DOF GOD FOL RAEI EIE NIOEN EEA E N AAE E E EAA EAA VEA 120 IGS EVON LOO arer E A
167. f the system 3 Location Enter geographical location information of the system It helps administrator to locate the system easier The system supports two management accounts root and admin The network manager is assigned with full administrative privileges when logging in as root user to manage the system in all aspects While logging in as an admin user only subset of privileges is granted such as basic maintenance For example root user can change passwords for both root and admin account and admin user can only manage its own For more information about covered privileges for these two accounts please refer to Appendix D Network manager Privileges Root Password Log in as a root user and is allowed to change its own plus admin user s password gt New Password Enter a new password if desired gt Check New Password Enter the same new password again to check Admin Password Log in as a admin user and is allowed to change its own gt New Password Enter a new password if desired gt Check New Password Enter the same new password again to check 63 Admin Login Methods Only root user can enable or disable system login methods and change services port gt gt gt gt y y y y Enable HTTP Check to select HTTP Service HTTP Port The default is 80 and the range is between 1 65535 Enable HTTPS Check to select HTTPS Service HTTPS Port The default is 443 and the range is betwee
168. f wireless clients associated with Repeater AP Wireless Clients AP Information Repeater AP Clients AP ESSID MAC Address State Security Type Clients Signal RepeaterAP Main_AP_Repeater 00 11 A3 04 7B FA On Disable 1 MAC Address Strength ANTO 100 00 06 B1 13 35 00 06 B1 13 35 EF 32dBm AP Information Highlights key Repeater AP information y Y y y y y AP Available Repeater AP ESSID Display name of ESSID for Repeater AP MAC Address Display MAC address for Repeater AP Status On Off Signal Strength ANT 100 40dBm BandWidth 20MHz Idle Time 8 67 Security Type Display chosen security type WEP WPA WPA2 PSK WPA WPA2 Enterprise Clients Display total number of wireless connections on Repeater AP m Repeater AP Clients Display all associated clients y y y y y y MAC Address MAC address of associated clients Signal Strength ANTO ANT1 Signal Strength of from associated clients Bandwidth Channel bandwidth of from associated clients Idle Time Last inactive time period in seconds for a wireless connection Connect Time Total connection time period in seconds for a wireless connection Disconnect Click Delete button to manually disconnect a wireless client in a Repeater AP 207 Disconnect Time 7 5 3 Remote AP SSID MAC address antenna 0 1 received signal strength and channel bandwidth for associated AP are available Remote AP
169. files via this page Please click on Wireless gt Wireless Profile and follow the below setting Station Profile System Configuration Profile List MAC Address 00 26 CE 01 06 93 Active Profile Name ESSID MAC Address Channel Security Type Delete Edit Profle Name 1 AP Profileo default 44 NONE Delete Edit ESSID Lock to AP MAC Optional Channel Frequency 36 5180MHz w security Policy Security Type NONE v Save m MAC Address The MAC address of the Wireless Station is displayed here Profile Name Set different profiles for quick connection uses m ESSID Assign Service Set ID for the wireless system m Lock to AP MAC This allows the station to always maintain connection to a particular AP with a specific MAC address This is useful as sometimes there can be few identically named SSID s AP s with different MAC addresses With AP lock on the station will lock to MAC address and not roam between several Access Points with the same ESSID m Channel Frequency Select the desired channel range m Security Type Select the desired security type from the drop down list the options are NONE OPEN SHARED WPA PSK and WPA2 PSK gt OPEN SHARED OPEN and SHARED require the user to set a WEP key to exchange data WEP Key Index 1 M WEP Key 1 WEP Key 2 WEP Key 3 WEP Key 4 v Key Index key index is used to designate the WEP key during data transmission 4 diffe
170. formation Display total received and transmitted statistics on the LAN interface Y Y y y y y y LAN Information MAC Address 00 00 43 28 6 IP Address 19 P Netmask 255 Receive Bytes 20576 Receive Packets 174 Transmit Bytes 37610 Transmit Packets 177 MAC Address The MAC address of the LAN port IP Address The IP address of the LAN port IP Netmask The IP netmask of the LAN port Receive bytes The total received packets in bytes on the LAN port Receive packets The total received packets of the LAN port Transmit bytes The total transmitted packets in bytes of the LAN port Transmit packets The total transmitted packets of the LAN port DHCP Server Status Users could retrieve DHCP server and DHCP clients IP MAC address via this field 114 DHCP Server Status DHCP Enable Start IP 192 163 2 10 End IP 192 168 2 70 DNS1 IP 192 168 2 1 DNS2 IP WINS IP Domain Lease Time 85400 IP Address MAC Address Expired In nane gt IP Address IP addresses to LAN devices by DHCP server gt MAC Address MAC addresses of LAN devices gt Expired In Shows how long the leased IP address will expire 115 5 6 2 Station Statistics Link information Transmit and Receive Statistics for the connection with AP Below depicts an example for Station Statistics Station Statistics Link Status Status ESSID BSSID Extra Info Channel Link Speed Link Quality Signal Strength ANTO
171. g the Ping tool The Ping works by sending ICMP echo request packets to the target host and listening for ICMP echo response replies If the defined number of replies is not received the tool reboots the device gt gt gt Enable Ping Watchdog control will enable Ping Watchdog Tool IP Address To Ping specify an IP address of the target host which will be monitored by Ping Watchdog Tool Ping Interval specify time interval in seconds between the ICMP echo requests are sent by the Ping Watchdog Tool Default is 300 seconds Startup Delay specify initial time delay in seconds until first ICMP echo requests are sent by the Ping Watchdog Tool The value of Startup Delay should be at least 60 seconds as the network interface and wireless connection initialization takes considerable amount of time if the device is rebooted Default is 300 seconds Failure Count To Reboot specify the number of ICMP echo response replies If the specified number of ICMP echo response packets is not received continuously the Ping Watchdog Tool will reboot the device 195 Click Save button to save your changes Click Reboot button to activate your changes Without a valid certificate users may encounter the following problem in IE7 when they try to access system s WMI https 192 168 2 254 There will be a Certificate Error because the browser treats system as an illegal website Certificat
172. ger needs to create allow rules first and followed by deny rules So if you just want one IP address to access the system via telnet from your subnet not others the Example 1 demonstrates it not rules in the Example 2 155 Example 1 Create a higher priority rule to allow IP address 192 168 2 2 Telnet access from LAN port first and deny Telnet access from remaining IP addresses in the same subnet Hae Source Destination IP Mask Port IP Mask Port In Out Protocol Listen Action Side 192 168 2 2 32 192 168 2 254 32 22 In TCP n Pass LAN 2 192 168 2 0 24 192 168 2 254 32 22 In TCP n Deny LAN Example 2 All Telnet access to the system from the IP addresses of subnet 192 168 2 x works with the rule 1 of Example 2 The rule 2 won t make any difference nl Source Destination IP Mask Port IP Mask Port In Out Protocol Listen Action Side 1 192 168 2 0 24 192 168 2 254 32 22 In TCP n Deny LAN 2 192 168 2 2 32 192 168 2 254 32 22 In TCP n Pass LAN 156 6 5 2 MAC Filter Setup Create MAC filter rules to allow or deny unicast or multicast packets from limited number of MAC addresses It is important to note that MAC filter rules have precedence over IP Filter rules Please click on Advance gt MAC Filter Setup and follow the below setting MAC Filter Setup MAC Rules MAC Filter List Action Disabled v MAC Address Delete MAC
173. ghput Bulk data that requires maximum throughput and is not time AC_BK Background Low sensitive is sent to this queue FTP data for example AC BE Best Effort Medium Medium throughput and delay Most traditional IP data is sent to this queue AC VI Video High Minimum delay Time sensitive video data is automatically sent to this queue Time sensitive data like VolP and streaming media are automatically sent to this AC_VO Voice High queue Configuring QoS options consists of setting parameters on existing queues for different types of wireless traffic You can configure different minimum and maximum wait times for the transmission of packets in each queue based on the requirements of the media being sent Queues automatically provide minimum transmission delay for Voice Video multimedia and mission critical applications and rely on best effort parameters for traditional IP data As an Example time sensitive Voice amp Video and multimedia are given effectively higher priority for transmission lower wait times for channel access while other applications and traditional IP data which are less time sensitive but often more data intensive are expected to tolerate longer wait times 25 Aifsn The Arbitration Inter Frame Spacing Number specifies a wait time in milliseconds for data frames CWmin Minimum Contention Window This parameter is input to the algorithm that determines the initial random ba
174. gnal Strength ANT1 BandWidth Main AP 253 00 11 43 04 7B F2 100 39dBrn 100 42dBrr A0MHZ m ESSID Shows the current ESSID which must be the same on the wireless client and AP in order for communication to be established m MAC Address Display MAC address of associated AP Signal Strength ANTO ANT1 Shows the wireless signal strength of the connection between system and an access point BandWidth Shows the current channel bandwidth used for communication It should be 20 or 40 If displays No Connection AP you need check Wireless configuration Things to verify are Channel and Security type Also adjust antenna angle and Tx Power 170 6 7 4 Extra Info Users could pull out information such as Route table ARP table MAC table Bridge table or STP available in the drop down list from system The Refresh button is used to retrieve latest table information Extra Information Extra Information Netstat Information Information Netstat Information v Protocol LiveTime Status SrciP SrcPort DstIP DstPort tcp 119 TIME_WAIT 192 168 222 3423 192 168 2254 80 tcp 113 TIME_WAIT 192 168 222 3419 192 168 2254 80 udp 5 192 168 222 138 192 168 2255 138 tcp 118 TIME_WAIT 192 168 222 3421 192 168 2254 80 tcp 90 TIME_WAIT 192 168 222 3413 192 168 2254 980 tcp 431999 ESTABLISHED 192 168 222 3425 1921682254 80 tcp 90 TIME_WAIT 192 168 222 3415 192 168 2254 980 tcp 91 TIME_WAIT 192 168 222 3417 192 168 2
175. he desired security type from the drop down list the options are Disable WEP WPA PSK WPA2 PSK WPA Enterprise WPA2 Enterprise and WEP 802 1X gt Disable Data are unencrypted during transmission when this option is selected gt WEP Wired Equivalent Privacy WEP is a data encryption mechanism based on a 64 bit or 128 bit shared key WEP Authentication Type OPEN SHARED WEPAUTO Key Index 1 WEP Key 1 WEP Key 2 WEP Key 3 WEP Key 4 Authentication Method Enable the desire option among OPEN SHARED or WEPAUTO gt Key Index Key index is used to designate the WEP key during data transmission 4 different WEP keys can be entered at the same time but only one is chosen gt WEP Key Enter HEX or ASCII format WEP key value the system supports up to 4 sets of WEP keys Key Length Hex ASCII 64 bit 10 characters 5 characters 128 bit 26 characters 13 characters gt WPA PSK or WPA2 PSK WPA or WPA2 Algorithms allows the system accessing the network by using the WPA PSK protected access WPA General Cipher Suite AES Pre shared Key Group Key Update Period 3600 seconds v Cipher Suite By default it is AES Select either AES or TKIP cipher suites v Pre shared Key Enter the pre shared key the format shall go with the selected key type a Pre shared key can be entered with either a 256 bit secret in 64 HEX digits format or 8 to 63 ASCII charac
176. he group of each rule There are 10 MAC address maximum allowed in each rule 3 Local Destination IP Specify local LAN destination IP addresses range required for this rule If you specify local IP addresses range from 192 168 1 1 to 192 168 2 254 The matches a range of local IP addresses include every single IP address from the first to the last so the example above includes everything from 192 168 1 1 to 192 168 2 254 gt DSCP Class Differentiated services code point DSCP Select Any or specify classify traffic from drop down list The Per Hop Behavior PHB is indicated by encoding a 6 bit value called the Differentiated Services Code Point DSCP into the 8 bit Differentiated Services DS field of the IP packet header Below depicts class for DSCP v BE Default PHB which is typically best effort traffic v EF Expedited Forwarding PHB dedicated to low loss low latency traffic v AF Assured Forwarding PHB which gives assurance of delivery under conditions The AF behavior group defines four separate AF classes Within each class packets are given a drop precedence high medium or low The combination of classes and drop precedence yields twelve separate DSCP encodings from AF11 through AF43 see table 108 DROP Precedence Class 1 Class2 Class3 Class 4 Low Drop AF11 AF21 AF31 AF41 Medium Drop AF12 AF22 AF32 AF42 High Drop AF13 AF23 AF33 AF43 gt Protocol Select Any or specify protocol TCP
177. he respective Virtual AP Edit Click Edit button to configure Virtual AP s settings including security type and MAC Filter 226 8 2 3 2 Virtual AP Setup For each Virtual AP administrators can configure SSID SSID broadcasting Maximum number of client associations security type settings Click Edit button on the Edit column and then a Virtual AP setup page appears VAP 1 Setup security MAC Filter Enable AP Enable O Disable Action Disable vi ESSID Client Isolation O Enable Disable Hidden SSID O Enable Disable Maximum Clients 32 T a se A a VLAN Tag ID Y Enable Disable 1 4094 Security Type Disable v m Enable AP By default its Disable for VAP1 VAP6 The Primary AP always enabled Select Enable to activate VAP or click Disable to deactivate this function m ESSID Extended Service Set ID When clients are browsing for available wireless networks this is the SSID that will appear in the list ESSID will determine the service type available to AP s clients associated with the specified VAP Client Isolation Select Enable all clients will be isolated from each other that means all clients can not reach to other clients Below Figures depict Client Isolation and AP Isolation yu X Client Isolation VAPO gt i APO1200 192 168 2 2 AP Isolation m Hidden SSID By default it s Disable Enable this option to stop the SSID broadcast in your
178. hers When the wireless device randomly selects a 5 GHz channel on which power is restricted the wireless device automatically reduces transmit power to comply with power limits for that channel in that regulatory domain The Channel 52 140 is DFS channel If turn on IEEE802 11H AP Will have 60 sec to do channel available a check and will not send beacon and can not be connect When APO1200 APO1215 detect radar 5GHZ signal the AP will switch channel and stop beacon transmit between 15 sec WMM By default it s Disable To Enable is to use WMM and the WMM parameters should appears 222 WMM Parameters of Access Point Aifsn CWMin CWMax Txop ACM AckPolicy ACBE j se oy fo a acek 7 sE 103 lo O L acme ha CE bbe a 0 O acvo 1 GE CA fa 0 L WMM Parameters of Station Aifsn CWiMin CWilax Txop ACM AC BE 3 15 M 1023 o O AC BK 7 15 M 1023 w bo O AC VI 2 7 15 94 O AC_VO 3 e 7 M laz O a When you enable WMM the Tx Burst will be Disabled automatically by system gt WMM Parameters of Access Point This affects traffic flowing from the access point to the client station Data Transmitted AP to Clients Priority Description Queue High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AC BE Best Effort Medium Medium throughput and delay Most
179. hile other applications and traditional IP data which are less time sensitive but often more data intensive are expected to tolerate longer wait times 183 Aifsn The Arbitration Inter Frame Spacing Number specifies a wait time in milliseconds for data frames CWmin Minimum Contention Window This parameter is input to the algorithm that determines the initial random backoff wait time window for retry of a transmission The value specified here in the Minimum Contention Window is the upper limit in milliseconds of a range from which the initial random backoff wait time is determined CWmax Maximum Contention Window The value specified here in the Maximum Contention Window is the upper limit in milliseconds for the doubling of the random backoff value This doubling continues until either the data frame is sent or the Maximum Contention Window size is reached Once the Maximum Contention Window size is reached retries will continue until a maximum number of retries allowed is reached Valid values for the cwmax are 1 3 7 15 31 63 127 255 511 or 1024 The value for cwmax must be higher than the value for cwmin Txop Transmission Opportunity is an interval of time when a WME AP has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for AP that is the interval of time when the WMM AP has the right to initiate transmissio
180. his configuration type is applicable when the APO1200 APO1215 is connected to a network with the presence of a DHCP server all related IP information will be provided by the DHCP server automatically Dynamic IP Hostname v Hostname The Hostname of the LAN port m DNS Check either No Default DNS Server or Specify DNS Server IP button as desired to set up the system DNS gt Primary The IP address of the primary DNS server gt Secondary The IP address of the secondary DNS server Click Save button to save your changes Click Reboot button to activate your changes 53 4 2 Wireless Network Expansion The network manager can configure related wireless settings General Settings Advanced Settings and WDS Settings 4 2 1 General Setup The administrator can change the data transmission channel and output power settings for the system Please click on Wireless gt General Setup and follow the below setting Wireless Setup MAC Address Band Mode AP Isolation Country Channel Frequency Tx Power HT Other HT TxStream HT RxStream 2 HT Physical Mode D0 11 A3 04 7B F2 Operating Mode 802 11 a n mixed mode v Channel BandWidth O Enable Disable AN NONE ae 44 5220MHz Mi Reverse Direction Grant 100 DG A MSDU Auto Block ACK 2 w Decline BA Request Mixed Mode 20 O Long Auto Disable Disable QO Disable Di
181. hreshold 2346 RTS Threshold 2347 Short Preamble Enable Disable Tx Burst Enable Disable Pkt_Aggregate Enable Disable EEE 802 11H 0FS Enable Disable WMM O Enable Disable Save Short Slot By default it s Enable for educing the slot time from the standard 20 microseconds to the 9 microsecond short slot time Slot time is the amount of time a device waits after a collision before retransmitting a packet Reducing the slot time decreases the overall back off which increases throughput Back off which is a multiple of the slot time is the random length of time a station waits before sending a packet on the LAN For a sender and receiver own right of the channel the shorter slot time help manage shorter wait time to re transmit from collision because of hidden wireless clients or other causes When collision sources can be removed sooner and other senders attempting to send are listening the channel CSMA CA the owner of the channel should continue ownership and finish their transmission and release the channel Then following ownership of the channel will be sooner for the new pair due to shorter slot time However when long duration of existing collision sources and shorter slot time exist the owners might experience subsequent collisions When adjustment to longer slot time can t improve performance then RTS CTS could supplement and help improve performance m Extra Slot Time Slot time is in
182. ial random backoff wait time is determined CWmax Maximum Contention Window The value specified here in the Maximum Contention Window is the upper limit in milliseconds for the doubling of the random backoff value This doubling continues until either the data frame is sent or the Maximum Contention Window size is reached Once the Maximum Contention Window size is reached retries will continue until a maximum number of retries allowed is reached Valid values for the cwmax are 1 3 7 15 31 63 127 255 511 or 1024 The value for cwmax must be higher than the value for cwmin Txop Transmission Opportunity is an interval of time when a WME AP has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for AP that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission Control Mandatory ACM only takes effect on AC_VI and AC_VO When you do not click Checkbox it means that the ACM is controlled by the connecting AP If you click Checkbox it means that the Client is in charge AckPolicy Acknowledgment Policy WWMM defines two ACK policies Normal ACK and No ACK Click Checkbox indicates No ACK When the no acknowledgment No ACK policy is used the recipient does not acknowledge received packets during wireless packet exchange This policy is suitable in the
183. ial time delay in seconds until first ICMP echo requests are sent by the Ping Watchdog Tool The value of Startup Delay should be at least 60 seconds as the network interface and wireless connection initialization takes considerable amount of time if the device is rebooted Default is 300 seconds Failure Count To Reboot specify the number of ICMP echo response replies If the specified number of ICMP echo response packets is not received continuously the Ping Watchdog Tool will reboot the device 234 Click Save button to save your changes Click Reboot button to activate your changes Without a valid certificate users may encounter the following problem in IE7 when they try to access system s WMI https 192 168 2 254 There will be a Certificate Error because the browser treats system as an illegal website Certificate Error Navigation Blocked Windows Internet Explorer Ge de le 192 168 2 254 vj File Edit View Favorites Tools Help Ly Favorites y E z Free Hotmail Certificate Error Navigation Blocked There is a problem with this website s security certificate The security certificate presented by this website was not issued by a trusted certificate authority The security certificate presented by this website was issued for a different website s address Security certificate problems may indicate an attempt to fool you or intercept any data you send to the serve
184. ically according to the mean throughput value The statistics is updated automatically every 5 seconds The throughput statistics of QoS can be updated manually using the Refresh button Refresh QoS Plot QoS List Comment Remark DSCP Bandwidth U D kbps FTP NO 1024 2048 X JS 2 25 pa s A VIDp 15 5 25 715 0 50 0 25 Mbps 0 120 5 6 5 Event Log The Event log displays system events when system is up and running Also it becomes very useful as a troubleshooting tool when issues are experienced in system System Log clear Result Time Facility Severity Message 2000 Jan 1 de en in E 00 00 11 System Info dnsmasq 94 started version 2 40 cachesize 150 2000 Jan 1 dnsmasq 94 compile time options no IPv6 GNU getopt 00 00 11 System Info no RTC no MMU no 1SC leasefile no DBus no 118N i TFTP prneezad System Info dnsmasq 94 reading etc resolv conf Dies System Info dnsmasq 94 using nameserver 192 168 2 1 53 age System Info dnsmasq 94 cleared cache panel System Info Authentication successful for root from 192 168 2 22 Time The date and time when the event occurred Facility lt helps users to identify source of events such System or User m Severity Severity level that a specific event is associated such as info m Message Description of the event Click Refresh button to renew the log or click Clear button to clear all the record 121 warning etc Chapter 6 CPE
185. in DDNS service Click Save button to save your changes Click Reboot button to activate your changes 126 6 1 4 Configure LAN Setup Here are the instructions for how to setup the local IP Address and Netmask Please click on System gt LAN and follow the below setting LAN Setup LAN IP DHCP Server IP Address 192 168 2 254 DHCP O Enable Disable IP Netmask 255 255 255 0 Save m LAN IP The administrator can manually setup the LAN IP address gt IP Address The IP address of the LAN port default IP address is 192 168 2 254 gt IP Netmask The Subnet mask of the LAN port default Netmask is 255 255 255 0 DHCP Setup Devices connected to the system can obtain an IP address automatically when this service is enabled DHCP Server DHCP Enable Disable Start IP 192 166 2 10 End IP 192 168 2 70 DNS1 IP DNS2 IP WINS IP Domain Lease Time gt DHCP Check Enable button to activate this function or Disable to deactivate this service gt Start IP End IP Specify the range of IP addresses to be used by the DHCP server when assigning IP address to clients The default range IP address is 192 168 2 10 to 192 168 2 70 the netmask is 255 255 255 0 gt DNS1 IP Enter IP address of the first DNS server this field is required gt DNS2 IP Enter IP address of the second DNS server this is optional gt WINS IP Enter IP address of the Windows Internet Name Service WINS server this is optional
186. ion channel and output power settings for the system Please click on Wireless gt General Setup and follow the below setting Wireless Setup General Setup HT Physical Mode MAC Address 00 11 A3 0A 7B F2 Operating Mode O Mixed Mode O Green Field Band Mode 802 11 a n mixed mode E Channel BandWidth 20 O 20 40 AP Isolation Enable O Disable a G Guard Interval 2 Long 2 Auto C y dN v Country NONE mos Auto Channel Frequency 44 5220MHz Mi Reverse Direction Grant Tx Power 100 o RDG Disable Enable A MSDU Disable O Enable HT Other Auto Block ACK Disable Enable T T 5 a E a A m HT TxStream 2 Decline BA Request Disable Y Enable HT RxStream 2 w Save m MAC Address The MAC address of the Wireless interface is displayed here Band Mode Select an appropriate wireless band bands available are 801 11a or 802 11a n mixed mode AP Isolation Select Enable all clients will be isolated from each VAP that means different VAP s clients can not reach to each other Transmit Rate Control Select the desired rate from the drop down list the options are auto or ranging from 6 to 54Mbps only for 802 11a mode Country Select the desired country code from the drop down list the options are US ETSI JP and NONE m Channel Frequency The channel range will be changed by selecting different country code Below depicts the channel range for different Cou
187. ireless settings and ensure successful association Also you may go to WAN Information in the Overview page to click Release button to release IP address and click Renew button to renew IP address again Dynamic IF Hostname v Hostname The Hostname of the WAN port gt PPPoE To create wireless PPPoE WAN connection to a PPPoE server in network PPPoE User name Password Recoonect Mode O Always On O On Demand O Manual idle Time minutes MTU 1492 80 v User Name Enter User Name for PPPoE connection v Password Enter Password for PPPoE connection v Reconnect Mode e Always on A connection to Internet is always maintained e On Demand A connection to Internet is made as needed e Manual Click the Connect button on WAN Information in the Overview page to connect to the Internet v idle Time Time to last before disconnecting PPPoE session when it is idle Enter preferred Idle Time in minutes Default is 0 indicates disabled When Idle time is disabled the Reconnect Mode will turn out Always on v MTU By default it s 1492 bytes MTU stands for Maximum Transmission Unit Consult with WISP for a correct MTU setting gt PPTP The Point to Point Tunneling Protocol PPTP mode enables the implementation of secure multi protocol Virtual Private Networks VPNs through public networks PPTP IP Address IP Netmask PPTP Server IP Address Us
188. irtual AP Wireless Information MAC Address 00 11 A3DA 7B FA Channel 44 Rate 300 Mb s Receive Bytes 34305465 Receive Packets 15601 Transmit Bytes 20677 Transmit Packets 493 MAC Address The MAC address of the Wireless port Channel The current channel on the Wireless port Rate The current Bit Rate on the Wireless port Receive bytes The total received packets in bytes on the Wireless port Receive packets The total received packets on the Wireless port Transmit bytes The total transmitted packets in bytes on the Wireless port Vvv y y y y Transmit packets The total transmitted packets on the Wireless port 46 3 5 2 Associated Clients Status It displays ESSID on off Status Security Type total number of wireless clients associated with all Virtual AP Wireless Clients VAP Information Primary AP Clients VAP ESSID MAC Address State Security Type Clients Signal Signal MAC Address Strength Strength BandWidth sac Sees Disconnect Primary AP Main_AP 00 11 A3 0A 7B FA On Disable 1 Time Time ANTO ANT1 VAP1 00 00 00 00 00 00 Off Disable 0 Cae care Oy ae i VAP2 00 00 00 00 00 00 Off Disable 0 00 06 B1 13 35 EF 4 om 38dBm 20MHz 11 134 VAP3 00 00 00 00 00 00 Off Disable 0 VAP4 00 00 00 00 00 00 Off Disable 0 VAPS 00 00 00 00 00 00 Off Disable 0 VAP6 00 00 00 00 00 00 Off Disable 0 VAP Information Highlights key VAP information VAP Available VAP from Primary AP to VAP6 ESSID D
189. isplay name of ESSID for each VAP MAC Address Display MAC address for each VAP Status On Off Security Type Display chosen security type WEP WPA WPA2 PSK WPA WPA2 Enterprise y Y y y y y Clients Display total number of wireless connections for each VAP VAP Clients Display all associated clients on each Virtual AP MAC Address MAC address of associated clients Signal Strength ANTO ANT1 Signal Strength of from associated clients Bandwidth Channel bandwidth of from associated clients Idle Time Last inactive time period in seconds for a wireless connection Connect Time Total connection time period in seconds for a wireless connection y y y y y y Disconnect Click Delete button to manually disconnect a wireless client in a Virtual AP 47 3 5 3 Show WDS Link Status Peers MAC Address antenna 0 1 received signal strength phy mode and channel bandwidth for each WDS are avallable WDS Information WDS Link Status Signal Strength Signal Strength Phy MAC Address ANTO ANTA Mode BandWidth MCS SG OO11 AS 0AYB F2 100 5 dBm 100 6 dBm HTMIX 40M 15 1 m MAC Address Display MAC address of WDS peer Signal Strength ANTO ANT1 Indicate the signal strength of the respective WDS links m Phy Mode Indicate the phy mode of the respective WDS linked BandWidth Indicate the channel bandwidth of the respective WDS linked m MCS Indicate the MCS of the respective WDS linked m SGI
190. issions on the wireless network v ACM Admission Control Mandatory ACM only takes effect on AC_VI and AC_VO When you do not click Checkbox it means that the ACM is controlled by the connecting AP If you click Checkbox it means that the Client is in charge Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes The items in this page are for AP s RF advanced settings and will be applied to all WDS Links 61 4 2 3 WDS Setup The administrator could create WDS Links to expand wireless network When WDS is enabled access point functions as a wireless bridge and is able to communicate with other access points via WDS links A WDS link is bidirectional and both side must support WDS Access points know each other by MAC Address In other words each access point needs to include MAC address of ts peer Ensure all access points are configured with the same channel and own same security type settings WDS Setup Carurih IAIDO RAAS I ES Securty WUO MAG LISI Security Type Disable v Enable WDS Peer s MAC Address Description O 01 O O 03 O Save m Security Type Option is Disable WEP TKIP or AES from drop down list Needs the same type to build WDS links Security type takes effect when WDS is enabled gt WEP Key Enter 5 13 ASCII or 10 26 HEX format WEP key gt TKIP Key Enter 8 to 63 ASCII or 64
191. ity certificate The security certificate presented by this website was not issued by a trusted certificate authority The security certificate presented by this website was issued for a different website s address Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server We recommend that you close this webpage and do not continue to this website Y Click here to close this webpage amp Continue to this website not recommended E More information Click Continue to this website to access the system s WMI The system s Overview page will appear 93 5 3 2 Configure System Time System time can be configured via this page and manual setting or via a NTP server is supported Please click on System gt Time Server and follow the below setting Time Server Setup system Time Local Time 2000 01 01 Sat 00 05 44 NTP Client Enable L Default NTP Server foptional Time Zone Daylight saving time Save Local Time Display the current system time NTP Client To synchronize the system time with NTP server gt Enable Check to select NTP client 3 Default NTP Server Select the NTP Server from the drop down list gt Time Zone Select a desired time zone from the drop down list gt Daylight saving time Enable or disable Daylight saving e If the system time from NTP server seems incorrect please verify your network settings like
192. k Flags Metric Ref Use Iface 192 168 2 0 0 0 0 0 255 255 255 0 U 0 0 O bred 127 0 0 0 0 0 0 0 255 255 255 0 U 0 0 0 lo 0 0 0 0 192 168 2 1 0 0 0 0 UG 0 0 O bred Route table information Select Route table information on the drop down list to display route table APO1200 APO1215 could be used as a L2 or L3 device It doesn t support dynamic routing protocols such as RIP or OSPF Static routes to specific hosts networks or default gateway are set up automatically according to the IP configuration of system s interfaces When used as a L2 device it could switch packets and as L3 device it s capable of being a gateway to route packets inward and outward Route Information Destination Gateway Genmask Flags Metric Ref Use Iface 192 168 2 0 0 0 0 0 255 255 255 0 U 0 0 0 bred 127 0 0 0 0 0 0 0 255 255 255 0 U 0 0 0 lo 0 0 0 0 192 168 2 1 0 0 0 0 UG 0 0 0 bred ARP table Information Select ARP Table Information on the drop down list to display ARP table ARP associates each IP address to a unique hardware address MAC of a device It is important to have a unique IP address as final destination to ARP Table Information switch packets to IP Address HW Type Flags HW Address Mask Device 192 168 2222 Ox Ox2 00 14 92 9F 44 98 8 bred Bridge table information Select Bridge Table information on the drop down list to display bridge table Bridge table will show Bridge ID and STP s Status on the each Ethernet bridge an
193. k on Advance gt Virtual Server and follow the below setting Virtual Server Setup Virtual Server Virtual Server List Virtual Server Enable Disable Status Description Protocol Private lP Public Port Private Port Delete Edit Description No Rule in the List Private IP Protocol Type OTcP upp Private Port E Public Port Virtual Server By Default Its Disable Check Enable radial button to enable Virtual Server Description Enter appropriate message for resource sharing via Virtual Server Private IP Enter corresponding IP address of internal resource to share Protocol Type Select appropriate sessions TCP or UDP from shared host via multiple private ports Private Port A port or a range of ports may be specified as start end i e port 20 80 m Public Port A port or a range of ports may be specified as start end i e port 20 80 The Private Port and Public Port can be different However total number of ports need to be the same Example Public Port is 11 to 20 and the Private Port can be a 10 ports range 253 Click Add button to add Virtual Server rule to List Total of maximum 20 rules are allowed in this List All rules can be edited or removed from the List Click Reboot button to activate your changes While creating multiple Virtual Server rules the prior rules have higher priority The Virtual server rules have precedence over the DMZ one while both rules exist Ex
194. l Server rules have precedence over the DMZ rule In order to use a range of ports available to access to different internal hosts Virtual Server rules are needed NAT I Main l Base Station APO1200 192 168 2 10 197 168 1 250 WIFI WAN LAN a 197 168 1 2543 192 168 2 254 DMZ 192 168 2 20 192 168 2 30 100 Please click on Advance gt DMZ and follow the below setting DMZ Setu DMZ DMZ Enable Disable gt P Address o m DMZ By default it s Disable Check Enable radial button to enable DMZ m IP Address Enter IP address of DMZ host and only one DMZ host is supported Click Save button to save your changes Click Reboot button to activate your changes 163 6 6 2 Virtual Server Port Forwarding Virtual Server can also referred to as Port Forward as well and used interchangeably Resources in the network can be exposed to the Internet users in a controlled manner including on line gaming video conferencing or others via Virtual Server setup Don t repeat ports usage to avoid confusion Suppose you want to assign ports 21 25 to one FTP Telnet and SMTP server A in the example and port 80 to another B in the example You assign the LAN IP addresses and the ISP assigns the WAN IP address The NAT network appears as a single host on the Internet NAT Main y Base Station APO1200 192 168 2 10 192 168 1 250 WIFI WAN LAN 192 168
195. le Type From 192 168 2 254 harm your computer If vou do not trust the source do not find a Y While files from the Internet can be useful some files can potentially E program to open this file or save this file What s the risk m Load Settings from PC Click Browse button to locate a configuration file to restore and then click Upload button to upload m Reset To Factory Default Click Default button to reset back to the factory default settings and expect Successful loading message Then click Reboot button to activate 41 3 4 5 Firmware Upgrade Firmware is the main software image that system needs to respond to requests and to manage real time operations Firmware upgrades are sometimes required to include new features or bugs fix It takes around 2 minutes to upgrade due to complexity of firmware To upgrade system firmware click Browse button to locate the new firmware and then click Upgrade button to upgrade Firmware Upgrade Firmware Infomation Firmware Version Cen CPE N5H2 V0 0 4 Beta Version Firmware Date 2009 09 03 09 26 27 Update Firmware g From time to time the product may release new versions of the firmware You can chec and download up to date firmware and click Browser button to locate the file from your local harddisk Upgrade To prevent data loss during firmware upgrade please back up current settings before proceeding Do not interrupt during firmware upgrade including power on
196. lick Reboot button to activate your changes The items in this page are for AP s RF general settings and will be applied to all WDS Links 55 4 2 2 Wireless Advanced Setup To achieve optimal wireless performance it is necessary to tweak advance setting per requirements properly not necessary higher the better or lower The administrator can change the RTS threshold and fragmentation threshold settings for the system Please click on Wireless gt Advanced Setup and follow the below setting Wireless Setup Advanced Setup Short Slot Enable Disable Extra Slot Time 9 us ACK Timeout 32 pus Beacon Interval 100 i ms DTIM Interval 1 ms Fragment Threshold 2346 RTS Threshold 2347 Short Preamble 5 Enable Disable Tx Burst Enable Disable Pkt_Aggregate Enable O Disable EEE 802 11H DFS O Enable Y Disable wim O Enable Disable Save Short Slot By default it s Enable for educing the slot time from the standard 20 microseconds to the 9 microsecond short slot time Slot time is the amount of time a device waits after a collision before retransmitting a packet Reducing the slot time decreases the overall back off which increases throughput Back off which is a multiple of the slot time is the random length of time a station waits before sending a packet on the LAN For a sender and receiver own right of the channel the shorter slot time help manage shorter wait ti
197. lowing the creation of Virtual Access Points partitioning a single physical access point into 7 logical access points each of which can have a different set of security and network settings Figure 8 2 shows multiple SSIDs with security type settings APO1200 WAN WLAN 192 168 1 254 192 168 2 254 Figure 8 2 Multiple SSIDs with different Security Type 8 2 3 1 Virtual AP Overview The administrator can view all of the Virtual AP s settings via this page Please click on Wireless gt Virtual AP Setup and the Virtual AP Overview Page appears Virtual AP Overview VAP List VAP ESSID MAC Address Status Security Type MAC Filter Edit Primary AP Main_AP 00 26 0E 01 06 92 On Disable Disable Edit WAPI 00 00 00 00 00 00 Off Disable Disable Edit WAP2 00 00 00 00 00 00 Off Disable Disable Edit WAP3 00 00 00 00 00 00 Off Disable Disable Edit WAPA 00 00 00 00 00 00 Off Disable Disable Edit WAPS 00 00 00 00 00 00 Off Disable Disable Edit VAPS 00 00 00 00 00 00 Off Disable Disable Edit m VAP Indicate the system s Virtual AP m ESSID Indicate the ESSID of the respective Virtual AP m MAC Address The MAC address of the VAP Interface is displayed here When you enable AP and reboot system the MAC address will display here m Status Indicate the Status of the respective Virtual AP The Primary AP always on m Security Type Indicate an used security type of the respective Virtual AP m MAC Filter Indicate an used MAC filter of t
198. ma eee A TER WOE os Te AE WO Re eS em NE Ee 166 FN COV RARA AN AAN IA A IN ass EA 166 67 2 ASSOCIATES US ents es ede oA 169 OA TA CIO OVA AI ade a aaasaasbaas pads aide E TTAN 170 6 7 acl 4 2 AA RE er ee OTR on a eR 171 OA COS la eaten 173 OO E VOTA ao 174 CHAPTER 7 CLIENT BRIDGE UNIVERSAL REPEATER CONFIGURATION ooccnncinnccnocinocinnconoconoconoconoconoconocconoconoconoconos 175 TAE TERNALINETWORKS ONNECTO Nc o aid 175 LLANO VOS TAO QUIE ia 175 LA CONIU LAN ME a A A A A oa ictal Ons Daw 176 T2 ACCESS POINT ASSOCIATION ai 178 7 2 1 Configure Wireless General Setting dr 178 L22 WIFEICSS AGVANCCO SC UD A A A N 180 EAS A O En cco ult dea elt alsa wae ie Lee E ats Rhonda atebinade 186 kaa eate Wireless Froe ruren a E AA A dauisbne tsa taster anata teal E E E ieee anes 187 TI WIRELESS LAN NETWORK CREATION irora ieur o deaths 189 TOV A OC A E EN E A N E 189 fd WWIFCICSS MAC AAC ESC dd A A A 193 TAS YSTEMWMANAGEMENT se ia S 194 LAT CONAQUES Management AAA AA E Suances A ia 194 TAE CONMGUIC SYSTEM TIMO ec da AAA A AAA A 197 22 39 CONVOQUE SIMS UD iia 198 7 4 4 Backup Restore and Reset to FCI Vii ii A ai ici 200 LA S TINWE UPNA OE A T A n 201 7A ON CIO OUY ll E 202 PAL AAC ii ia N T ER 203 A A sais ec chs sca et eee ese eee tyes cease ante eeeeeeceee 204 ETS O AAA O A A Aeatencs ie NG 204 LoL AS SOCIA CO CIENS AUS A A A A ion 207 ASE NA A A A OA 208 LAIA E MINOR dd ada das 209 ASA A A ages 211 CHAPTER 8 ROUTER AP MODE CONFI
199. me to re transmit from collision because of hidden wireless clients or other causes When collision sources can be removed sooner and other senders attempting to send are listening the channel CSMA CA the owner of the channel should continue ownership and finish their transmission and release the channel Then following ownership of the channel will be sooner for the new pair due to shorter slot time However when long duration of existing collision sources and shorter slot time exist the owners might experience subsequent collisions When adjustment to longer slot time can t improve performance then RTS CTS could supplement and help improve performance Extra Slot Time Slot time is in the range of 1 255 and set in unit of microsecond The default value is 9 microsecond When you enable Short Slot and set Extra Slot time to 10 the actual Slot Time 9 10 us When you disable Short Slot and set Extra Slot time to 10 the actual Slot Time 20 10 us 96 ACK Timeout ACK timeout is in the range of 1 255 and set in unit of microsecond The default value is 32 microsecond All data transmission in 802 11b g request an Acknowledgement ACK send by receiving radio The transmitter will resend the original packet if correspondent ACK failed to arrive within specific time interval also refer to as ACK Timeout ACK Timeout is adjustable due to the fact that distance between two radio links may vary in different de
200. mware Date 2009 09 03 09 26 27 r Update Firmware o Ooo Browse i From time to time the product may release new versions of the firmware You can check and download up to date firmware and click Browser button to locate the file from your local harddisk Upgrade To prevent data loss during firmware upgrade please back up current settings before proceeding Do not interrupt during firmware upgrade including power on off as this may damage system Never perform firmware upgrade over wireless connection or via remote access connection 99 5 3 7 Network Utility The administrator can diagnose network connectivity via the PING and TRACEROUTE utility Please click on Utilities gt Network Utility and follow the below setting Network Utility Ping Result Destination IP Doamin Count 5 ping Traceroute Destination Host MAX Hop 6 Start Stop Ping This utility will help ping other devices on the network to verify connectivity Ping utility using ICMP packets detects connectivity and latency between two network nodes As result of that packet loss and latency time are available in the Result field while running the PING test gt Destination IP Domain Enter desired domain name i e www google com or IP address of the destination and click ping button to proceed The ping result will be shown in the Result field gt Count By default it s 5 and the range is from 1 to 50 It indicates
201. n A DTIM interval is a count of the number of beacon frames that must occur before the access point sends the buffered multicast frames For instance if DTIM Interval is set to 3 then the Wi Fi clients will expect to receive a multicast frame after receiving three Beacon frame The higher DTIM interval will help power saving and possibly decrease wireless throughput in multicast applications 221 m Fragment Threshold The Fragment Threshold is in the range of 256 2346 byte The default is 2346 byte Each Wi Fi packet can be divided into smaller packets marked with a sequential fragment number and re assemble in the receiving ends The purpose is to make a short frame instead of long frame transmitting by radio in a heavy noisy environment Because of sending smaller frames corruptions are much less likely to occur The pros is obvious the cons is the overhead for transmission So in a clean environment higher fragment threshold can be an option to increase throughput Fragmentation will be triggered by setting the Fragment Threshold usually in Byte length Only when the frame size is over the Threshold fragmentation will take place automatically m RTS Threshold TRTS Threshold is in the range of 1 2347 byte The default is 2347 byte The main purpose of enabling RTS by changing RTS threshold is to reduce possible collisions due to hidden wireless clients RTS in AP will be enabled automatically if the packet size is larger than
202. n Outdoor WIFEN S 200mwV Firmware Version Cen CPE N5H2 1 0 5 Version Firmware Date 2010 02 02 15 37 29 Device Time 2000 01 01 00 01 17 System Up Time 01 17 System Name The name of the system Operating Mode The mode currently in service Location The reminding note on the geographical location of the system Description The reminding note of the system Firmware Version The current firmware version installed Firmware Date The build time of the firmware installed Device Time The current time of the system y Y Y y y y y y System Up Time The time period that system has been in service since last reboot WAN Information Display the information of the WAN interface ny WA N Information Mode Static Mode MAC Address 00 11 43 04 7B F9 IP Address 192 1568 1 254 IP Netmask IP Gateway Primary DNS secondary DNS on Receive Bytes Receive Packets Transmit Bytes Mm co ca a j Ta Pie Transmit Packets The WAN port specified Dynamic IP the Release and Renew button will be show up click Release button to release IP address of WAN port Renew button to renew IP address through DHCP server 255 WAN Information Mode Dynamic Mode MAC Address 00 0C 43 23 60 14 The WAN port specified PPPoE or PPTP and the Connect and DisConnect button will be show up Click Connect button to assigned IP address from PPPoE or PPTP server DisConnect butt
203. n 1 65535 If you already have an SSL Certificate please click UploadKey button to select the file and upload it Enable Telnet Check to select Telnet Service Telnet Port The default is 23 and the range is between 1 65535 Enable SSH Check to select SSH Service SSH Port Please The default is 22 and the range is between 1 65535 Click GenerateKey button to generate RSA private key The host key footprint gray blank will display content of RSA key Ping Watchdog The ping watchdog sets the APO1200 APO1215 Device to continuously ping a user defined IP address it can be the internet gateway for example If it is unable to ping under the user defined constraints the APO1200 APO1215 device will automatically reboot This option creates a kind of fail proof mechanism Ping Watchdog is dedicated for continuous monitoring of the particular connection to remote host using the Ping tool The Ping works by sending ICMP echo request packets to the target host and listening for ICMP echo response replies If the defined number of replies is not received the tool reboots the device gt gt gt Enable Ping Watchdog control will enable Ping Watchdog Tool IP Address To Ping specify an IP address of the target host which will be monitored by Ping Watchdog Tool Ping Interval specify time interval in seconds between the ICMP echo requests are sent by the Ping Watchdog
204. n MAC Add Enable Disable a lt lt gt gt MAC Filter Setup By default it s Disable Options are Disable Only Deny List MAC or Only Allow List MAC Two ways to set MAC filter rules gt Only Allow List MAC The wireless clients in the Enable list will be allowed to access the Access Point All others or clients in the Disable list will be denied 3 Only Deny List MAC The wireless clients in the Enable list will be denied to access the Access Point All others or clients inthe Disable list will be allowed m Adda station MAC Enter MAC address e g aa bb cc 00 00 0a and click Add button then the MAC address should display in the Enable List There are a maximum of 20 clients allowed in this Enable List The MAC addresses of the wireless clients can be added and removed to the list using the Add and Remove buttons Click Reboot button to activate your changes MAC Access Control is the weakest security approach WPA and WPA2 security method is highly recommended 33 3 3 Wireless Network Expansion The administrator could create WDS Links to expand wireless network When WDS is enabled access point functions as a wireless bridge and is able to communicate with other access points via WDS links A WDS link is bidirectional and both side must support WDS Access points know each other by MAC Address In other words each access point needs to include MAC
205. n Port Specify destination port range required for this rule gt Active Check Enable button to activate this rule and Disable to deactivate Click Add button to add control rule to List There are 10 rules maximum allowed in this Control List All rules can be removed or edited on the List Click Reboot button to activate your changes 159 6 5 4 QoS Setup Quality of Service QoS refers to both a network s ability to deliver data with minimum delay and the networking methods used to control the use of bandwidth Without QoS all traffic data is equally likely to be dropped when the network is congested This can cause a reduction in network performance and make the network inadequate for time critical application such as video on demand A classifier groups traffic into data flows according to specific criteria such as the source address destination address source port number destination port number or incoming port number For example you can configure a classifier to select traffic from the same protocol port such as FTP to form a flow Shaping 192 168 2 50 MAC 00 0B 6B A4 BB 01 1024K 256K 192 168 2 51 MAC 00 0B 6B 44 BB 02 Download 2046K APO1900 Upload 1024K 192 168 1 254 192 168 2 254 WAN LAN 192 168 2 10 20 Download 512K Upload 256K NAT Down 1024 Kbps Main Base Station AP Ol 00 197 168 1 250 WIFI WAN z A Down 2048 Kbps Up 1024 K
206. n Wireless gt Site Survey Below depicts an example for site survey Station Site Survey Scan Result ESSID MAC Address Signal Channel Security Band pan Select Main AP 00 11a30a7c3a 50 44 MONE diain Infrastructure Select ey 00 11 a3 03 7b f2 100 44 NONE 11aln Infrastructure Select 253AP 1 00 11 a30a7b f3 100 44 WEP 11ain Infrastructure Select 253AP2 00 11 a30a b f4 100 44 WPAPSKAES 11afn Infrastructure Select 253AP3 00 11 a30a 7b f5 100 44 WPAPSK TKIP 11ain Infrastructure Select 2534P4 O0 11 a3 0a b f6 100 AA WPA2PSKAES 11ain Infrastructure Select 253AP5 00 11 a30a 7b ff 100 dd WPA2PSKTKIP 11ain Infrastructure Select m ESSID Available Extend Service Set ID of surrounding Access Points m MAC Address MAC addresses of surrounding Access Points m Signal Received signal strength of all found Access Points m Channel Channel numbers used by all found Access Points m Security Security type by all found Access Points m Band Wireless band used by all found Access Points m Network Type Network type used by all found Access Points m Select Click Select to configure settings and associate with chosen AP While clicking Select button in the Site Survey Table the ESSID and Security Type will apply in the Wireless Profile Setup However more settings are needed including Security Key 136 6 2 4 Create Wireless Profile The administrator can configure station pro
207. n a normal environment supports non jumbo frames J m Short Preamble By default it s Enable To Disable is to use Long 128 bit Preamble Synchronization field The preamble is used to signal here is a train of data coming to the receiver The short preamble provides 72 bit Synchronization field to improve WLAN transmission efficiency with less overhead Tx Burst By default it s Enable To Disable is to deactivate Tx Burst With TX burst enabled AP will send many packets in a burst without collision detection and RTS CTS for each packet TX Burst have better throughput but cause interference with other APs in channel m Pkt Aggregate By default it s Enable Increase efficiency by aggregating multiple packets of application data into a single transmission frame In this way 802 11n networks can send multiple data packets with the fixed overhead cost of just a single frame m IEEE802 11H DFS By default it s Disable To Enable is to use IEEE802 11H DFS With DFS Dynamic Frequency Selection enabled radio is operating on one of the following channels the wireless device uses DFS to monitor the operating frequency and switch to another frequency or reduce power as necessary DFS Channels 52 56 60 64 100 104 108 112 116 120 124 128 136 140 The maximum legal transmit power is greater for some 5 GHz channels than for others When the wireless device randomly selects a 5 G
208. nd follow the below setting Dynamic DNS Setup ar iro i Enable O Enable Disable Serivce Provider Hostname User Name Password J Enabled By default it s Disable The mapping domain name won t change when dynamic IP changes The beauty of it is no need to remember the dynamic WAP IP while accessing to it m Service Provider Select the preferred Service Provider from the drop down list including dyndns dhs ods and tzo Hostname Host Name that you register to Dynamic DNS service and export m User Name amp Password User Name and Password are used to login DDNS service Click Save button to save your changes Click Reboot button to activate your changes 216 8 1 4 Configure LAN Setup Here are the instructions for how to setup the local IP Address and Netmask Please click on System gt LAN and follow the below setting LAN Setup LAN IP DHCP Server IP Address 192 168 2 254 DHCP O Enable Disable IP Netmask 255 255 255 0 m LAN IP The administrator can manually setup the LAN IP address gt IP Address The IP address of the LAN port default IP address is 192 168 2 254 gt IP Netmask The Subnet mask of the LAN port default Netmask is 255 255 255 0 m DHCP Setup Devices connected to the system can obtain an IP address automatically when this service is enabled DHCP Server DHCP Enable Disable Start IP 192 168 2 10 End IP 192 168 2 70 DNS1 IP DNS2
209. ndex key index is used to designate the WEP key during data transmission 4 different WEP keys can be entered at the same time but only one is chosen v WEP Key Enter HEX or ASCII format WEP key value the system supports up to 4 sets of WEP keys Key Length Hex ASCII 64 bit 10 characters 5 characters 128 bit 26 characters 13 characters gt WPA PSK or WPA2 PSK WPA or WPA2 Algorithms allows the system accessing the network by using the WPA PSK protected access WPA General Cipher Suite AES 4 Pre shared Key Group Key Update Period 3600 seconds v Cipher Suite By default it is AES Select either AES or TKIP cipher suites v Pre shared Key Enter the pre shared key the format shall go with the selected key type 6 Pre shared key can be entered with either a 256 bit secret in 64 HEX digits format or 8 to 63 ASCII characters v Group Key Update Period By default it is 3600 seconds This time interval for rekeying GTK broadcast multicast encryption keys in seconds Entering the time length is required gt WPA Enterprise or WPA2 Enterprise The RADIUS authentication and encryption will be both enabled if this is selected 140 WPA General Cipher Suite AES ho Group Key Update Period 3600 seconds FMK Cache Period 10 _ minute Pre Authentication Disable O Enable Authentication RADIUS Server Authentication Server Port 1812 shared Secret Session
210. network When disabled people could easily obtain the SSID information with the site survey software and get access to the network if security is not turned on When enabled network security is enhanced It s suggested to enable it after AP security settings are archived and setting of AP clients could make to associate to it Maximum Clients The default value is 32 You can enter the number of wireless clients that can associate to a particular SSID When the number of client is set to 5 only 5 clients at most are allowed to connect to this VAP 227 a In this mode the system does not support VLAN Tag ID function m Security Type Select the desired security type from the drop down list the options are Disable WEP WPA PSK WPA2 PSK WPA Enterprise WPA2 Enterprise and WEP 802 1X gt Disable Data are unencrypted during transmission when this option is selected gt WEP Wired Equivalent Privacy WEP is a data encryption mechanism based on a 64 bit or 128 bit shared key WEP Authentication Type OPEN SHARED WEPAUTO Key Index 1 WEP Key 1 WEP Key 2 WEP Key 3 WEF Key 4 Authentication Method Enable the desire option among OPEN SHARED or WEPAUTO gt Key Index Key index is used to designate the WEP key during data transmission 4 different WEP keys can be entered at the same time but only one is chosen gt WEP Key Enter HEX or ASCII format WEP key value the system supports up to
211. nformation of the system It helps administrator to locate the system easier The system supports two management accounts root and admin The network manager is assigned with full administrative privileges when logging in as root user to manage the system in all aspects While logging in as an admin user only subset of privileges is granted such as basic maintenance For example root user can change passwords for both root and admin account and admin user can only manage its own For more information about covered privileges for these two accounts please refer to Appendix D Network manager Privileges Root Password Log in as a root user and is allowed to change its own plus admin user s password gt New Password Enter a new password if desired gt Check New Password Enter the same new password again to check Admin Password Log in as a admin user and is allowed to change its own gt New Password Enter a new password if desired gt Check New Password Enter the same new password again to check 233 Admin Login Methods Only root user can enable or disable system login methods and change services port gt gt gt gt y y y y Enable HTTP Check to select HTTP Service HTTP Port The default is 80 and the range is between 1 65535 Enable HTTPS Check to select HTTPS Service HTTPS Port The default is 443 and the range is between 1 65535 If you already have an SSL Certificate plea
212. nimum delay Time sensitive video data is automatically sent to this queue AC VO Vata High Time sensitive data like VolP and streaming media are automatically sent to this queue Aifsn The Arbitration Inter Frame Spacing Number specifies a wait time in milliseconds for data frames CWmin Minimum Contention Window This parameter is input to the algorithm that determines the initial random backoff wait time window for retry of a transmission The value specified here in the Minimum Contention Window is the upper limit in milliseconds of a range from which the initial random backoff wait time is determined CWmax Maximum Contention Window The value specified here in the Maximum Contention Window is 184 the upper limit in milliseconds for the doubling of the random backoff value This doubling continues until either the data frame is sent or the Maximum Contention Window size is reached Once the Maximum Contention Window size is reached retries will continue until a maximum number of retries allowed is reached Valid values for the cwmax are 1 3 7 15 31 63 127 255 511 or 1024 The value for cwmax must be higher than the value for cwmin v Txop Transmission Opportunity is an interval of time when a WME AP has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity Txop for AP that is the interval of time when the WMM AP has the
213. ns on the wireless network ACM Admission Control Mandatory ACM only takes effect on AC_VI and AC_VO When you do not click Checkbox it means that the ACM is controlled by the connecting AP If you click Checkbox it means that the Client is in charge AckPolicy Acknowledgment Policy WMM defines two ACK policies Normal ACK and No ACK Click Checkbox indicates No ACK When the no acknowledgment No ACK policy is used the recipient does not acknowledge received packets during wireless packet exchange This policy is suitable in the environment where communication quality is fine and interference is weak While the No ACK policy helps improve transmission efficiency it can cause increased packet loss when communication quality deteriorates This is because when this policy is used a sender does not retransmit packets that have not been received by the recipient When the Normal ACK policy is used the recipient acknowledges each received unicast packet gt WMM Parameters of Station This affects traffic flowing from the client station to the access point Data Transmitted Queue Clients to AP Priority Description AC BK Background er High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AC_BE Best Effort Medium Medium throughput and delay Most traditional IP data is sent to this queue AC_VI Video High Mi
214. nsmasq 94 started version 2 40 cachesize 150 2000 Jan 1 dnsmasq 94 compile time options no IPv6 GNU getopt 00 00 11 System Info no RTC no MMU no lSC leasefile no DBus no 118N i TFTP prneezad System Info dnsmasq 94 reading etc resolv conf Dies System Info dnsmasq 94 using nameserver 192 168 2 1 53 age System Info dnsmasq 94 cleared cache panel System Info Authentication successful for root from 192 168 2 22 Time The date and time when the event occurred Facility lt helps users to identify source of events such System or User m Severity Severity level that a specific event is associated such as info m Message Description of the event Click Refresh button to renew the log or click Clear button to clear all the record 174 warning etc Chapter 7 Client Bridge Universal Repeater Configuration When Client Bridge Universal Repeater mode is activated the system can be configured as an Access Point and Client Station simultaneously This section provides information in configuring the Client Bridge Universal Repeater mode with graphical illustrations APO1200 APO1215 provides functions as stated below where they can be configured via a user friendly web based interface Operating Mode General Setup Profiles Settings System Overview LAN Advanced Setup Firmware Upgrade Functions q Management Repeater AP Setup Network Utility Remote AP Time Server Wireless Profile Reboot Extra Info
215. nt to Point Protocol PPP based dial up connections or Point to Point Tunneling Protocol PPTP virtual private network VPN connections 128 bit key strong and 40 bit key standard MPPE encryption schemes are supported MPPE provides data security for the PPTP connection that is between the VPN client and the VPN server DNS Check No Default DNS Server or Specify DNS Server IP radial button as desired to set up system DNS gt Primary The IP address of the primary DNS server gt Secondary The IP address of the secondary DNS server a In this mode the system does not support MAC Clone function Click Save button to save your changes Click Reboot button to activate your changes 125 6 1 3 Configure DDNS Setup Dynamic DNS allows you to map domain name to dynamic IP address Please click on System gt DDNS Setup and follow the below setting Dynamic DNS Setup DDNS Enable O Enable Disable Service Provider Hostname User Name Password Save m Enabled By default it s Disable The mapping domain name won t change when dynamic IP changes The beauty of it is no need to remember the dynamic WAP IP while accessing to it m Service Provider Select the preferred Service Provider from the drop down list including dyndns dhs ods and tzo m Hostname Host Name that you register to Dynamic DNS service and export m User Name amp Password User Name and Password are used to log
216. ntially E program to open this file or save this file What s the risk m Load Settings from PC Click Browse button to locate a configuration file to restore and then click Upload button to upload m Reset To Factory Default Click Default button to reset back to the factory default settings and expect Successful loading message Then click Reboot button to activate 200 7 4 5 Firmware Upgrade Firmware is the main software image that system needs to respond to requests and to manage real time operations Firmware upgrades are sometimes required to include new features or bugs fix It takes around 2 minutes to upgrade due to complexity of firmware To upgrade system firmware click Browse button to locate the new firmware and then click Upgrade button to upgrade Firmware Upgrade Firmware Infomation Firmware Version Cen CPE N5H2 V0 0 4 Beta Version Firmware Date 2009 09 03 09 26 27 J Update Firmware g From time to time the product may release new versions of the firmware You can check and download up to date firmware and cick Browser button to locate the file from your local harddisk Upgrade 1 To prevent data loss during firmware upgrade please back up current settings before proceeding 2 Do not interrupt during firmware upgrade including power on off as this may damage system 3 Never perform firmware upgrade over wireless connection or via remote access connection 201 7
217. ntry Country Channel US 36 40 44 48 52 56 60 64 149 153 157 161 ETSI 36 40 44 48 52 56 60 64 100 104 108 112 116 120 124 128 132 136 140 JP 36 40 44 48 NONE 36 40 44 48 52 56 60 64 100 104 108 112 116 120 124 128 132 136 140 149 153 157 161 m Tx Power You can adjust the output power of the system to get the appropriate coverage for your wireless network Specify digit numbers between 1 to 100 the unit is for your environment If you are not sure which setting to choose then keep the default setting 100 When Band Mode select in 802 11a only mode the HT High Throughput settings should be hidden immediately 218 m HT TxStream RxStream By default it s 2 m Operating Mode By default it s Mixed Mode gt Mixed Mode In this mode packets are transmitted with a preamble compatible with the legacy 802 11a g the rest of the packet has a new format In this mode the receiver shall be able to decode both the Mixed Mode packets and legacy packets gt Green Field In this mode high throughput packets are transmitted without a legacy compatible part m Channel Bandwidth The 20 40 MHz option is usually best The other option is available for special circumstances Guard Interval Using Auto option can increase throughput However it can also increase error rate in some installations due to increased sensitivity to radio frequency
218. o authorize read write access m SNMP Trap Events such as cold start interface up amp down and association amp disassociation will report to an assigned server 198 SNMP Trap Enable Community P 1 gt Community Set a community string required by the remote host computer that will receive trap messages or notices send by the system gt IP Enter the IP addresses of the remote hosts to receive trap messages Click Save button to save changes and click Reboot button to activate 199 7 4 4 Backup Restore and Reset to Factory Backup current configuration restore prior configuration or reset back to factory default configuration can be executed via this page Please click on Utilities gt Profile Setting and follow the below setting Profile Save Profile Save save Settings To PC Load Settings From PC Browse J Upload Reset To Factory Default a In this page you can save your current configuration restore a previously saved configuration oF reset all of the settings to the factory default settings m Save Settings To PC Click Save button to save the current configuration to a local disk File Download Do you want to save this file or find a program online to open it a Name contig bin En Type Unknown File Type From 192 168 2 254 harm your computer If vou do not trust the source do not find a Y While files from the Internet can be useful some files can pote
219. obit per second Kbps Enter a number between 8 to 8192 default upload is 128 Kbps download is 1024 Kbps Click Add button to add QoS rule to List There are 10 rules maximum allowed in this QoS List All rules can be removed or edited on the List Click Reboot button to activate your changes When you create rules on the QoS List the previous rules have higher priority Below depict the examples for explaining priority of QOS setup gt Example 1 On this setting the FTP has 1024 Kbps upload and 8196 Kbps download on 192 168 2 10 The remaining IP address and other remaining protocol of IP address 192 168 2 10 only can use total bandwidth 512 Kbps bandwidth Because rule 1 s priority is higher than rule 2 Rule Source IP Destination IP DSCP Protocol Remark DSCP Bandwidth Up Down 1 192 168 2 10 ANY FTP NO 1024 8196 2 ANY ANY NO 512 512 gt Example 2 On this setting the FTP has 512 Kbps upload and 512 Kbps download on 192 168 2 10 Because rule 1 s priority is higher than rule 2 Rule Source IP Destination IP DSCP Protocol Remark DSCP Bandwidth Up Down 1 ANY ANY NO 512 512 2 192 168 2 10 ANY FTP NO 1024 8196 251 8 6 Resource Sharing 8 6 1 DMZ DMZ is commonly work with the NAT functionality as an alternative of Virtual Server Port Forwarding while wanting all ports of DMZ host visible to Internet users Virtual Server rules have prece
220. oding a 6 bit value called the Differentiated Services Code Point DSCP into the 8 bit Differentiated Services DS field of the IP packet header Below depicts class for DSCP v BE Default PHB which is typically best effort traffic v EF Expedited Forwarding PHB dedicated to low loss low latency traffic v AF Assured Forwarding PHB which gives assurance of delivery under conditions The AF behavior group defines four separate AF classes Within each class packets are given a drop precedence high medium or low The combination of classes and drop precedence yields twelve separate DSCP encodings from AF11 through AF43 see table 161 DROP Precedence Class 1 Class2 Class3 Class 4 Low Drop AF11 AF21 AF31 AF41 Medium Drop AF12 AF22 AF32 AF42 High Drop AF13 AF23 AF33 AF43 gt Protocol Select Any or specify protocol from drop down list When you select ICMP or Layer 7 Application the Source Destination Port can not used 3 Local Port Specify local port LAN port range required for this rule gt Destination Port Specify destination port range required for this rule Action After configuring rule a policy rule ensures that a traffic flow gets the requested treatment in the network gt Remark DSCP Specify a new DSCP class if you want to replace or remark the DSCP gt Bandwidth Click Enable to activate function and click Disable to deactivate function 3 Upload Download Spe
221. of sending smaller frames corruptions are much less likely to occur The pros is obvious the cons is the overhead for transmission So in a clean environment higher fragment threshold can be an option to increase throughput Fragmentation will be triggered by setting the Fragment Threshold usually in Byte length Only when the frame size is over the Threshold fragmentation will take place automatically m RTS Threshold TRTS Threshold is in the range of 1 2347 byte The default is 2347 byte The main purpose of enabling RTS by changing RTS threshold is to reduce possible collisions due to hidden wireless clients RTS in AP will be enabled automatically if the packet size is larger than the Threshold value By default RTS is disabled in a normal environment supports non jumbo frames J m Short Preamble By default it s Enable To Disable is to use Long 128 bit Preamble Synchronization field The preamble is used to signal here is a train of data coming to the receiver The short preamble provides 72 bit Synchronization field to improve WLAN transmission efficiency with less overhead Tx Burst By default it s Enable To Disable is to deactivate Tx Burst With TX burst enabled AP will send many packets in a burst without collision detection and RTS CTS for each packet TX Burst have better throughput but cause interference with other APs in channel m Pkt_Aggregate By default it s Enable Incre
222. off as this may damage system Never perform firmware upgrade over wireless connection or via remote access connection 42 3 4 6 Network Utility The administrator can diagnose network connectivity via the PING or TRACEROUTE utility Please click on Utilities gt Network Utility and follow the below setting Network Utility Ping Result Destination IP Doamin Count 5 ping Traceroute Destination Host MAX Hop 6 Start Stop Ping This utility will help ping other devices on the network to verify connectivity Ping utility using ICMP packets detects connectivity and latency between two network nodes As result of that packet loss and latency time are available in the Result field while running the PING test gt Destination IP Domain Enter desired domain name i e www google com or IP address of the destination and click ping button to proceed The ping result will be shown in the Result field gt Count By default it s 5 and the range is from 1 to 50 It indicates number of connectivity test m Traceroute Allows tracing the hops from the APO1200 APO1215 device to a selected outgoing IP address It should be used for the finding the route taken by ICMP packets across the network to the destination host The test is started using the Start button click Stop button to stopped test gt Destination Host Specifies the Destination Host for the finding the route taken by ICMP packets across the network
223. on the Local LAN Destination Port can not used 105 If you want to block websites with specific URL address or using specific keywords enter each URL or keywords in the URL Blocking field and click Add button to add in the URL Blocking list of each rule Click Remove button can remove URL or keywords URL Blocking Add Remove gt Local Port Specify local port LAN port range required for this rule 3 Destination Port Specify destination port range required for this rule gt Active Check Enable button to activate this rule and Disable to deactivate Click Add button to add control rule to List There are 10 rules maximum allowed in this Control List All rules can be removed or edited on the List Click Reboot button to activate your changes 106 5 4 4 QoS Setup Quality of Service QoS refers to both a network s ability to deliver data with minimum delay and the networking methods used to control the use of bandwidth Without QoS all traffic data is equally likely to be dropped when the network is congested This can cause a reduction in network performance and make the network inadequate for time critical application such as video on demand A classifier groups traffic into data flows according to specific criteria such as the source address destination address source port number destination port number or incoming port number For example you can configure a classifier to select
224. on RADIUS server e Port By default its 1812 The port number used to communicate with RADIUS server e Shared secret A secret key used between system and RADIUS server Supports 8 to 64 characters e Session Timeout The Session timeout is in the range of 0 60 seconds The default is O to disable re authenticate service Amount of time before a client will be required to re authenticate 191 gt WEP 802 1X When WEP 802 1x Authentication is enabled please refer to the following Dynamic WEP and RADIUS settings to complete configuration 802 1x WEP Dynamic WEP Enable Authentication RADIUS Server Authentication Server Port 1812 shared Secret Session Timeout 0 v Radius Server Settings e IP Address Enter the IP address of the Authentication RADIUS server e Port By default it s 1812 The port number used to communicate with RADIUS server e Shared secret A secret key used between system and RADIUS server Supports 8 to 64 characters e Session Timeout The Session timeout is in the range of 0 60 seconds The default is O to disable re authenticate service Amount of time before a client will be required to re authenticate 192 7 3 2 Wireless MAC Filter Setup Continue 7 3 1 Repeater AP Setup section the administrator can allow or reject clients to access Repeater AP MAC Filter Action Only Deny List MAC Add a station MAC Add Enable Disable MAC Filter Setup By default
225. on frames that must occur before the access point sends the buffered multicast frames For instance if DTIM Interval is set to 3 then the Wi Fi clients will expect to receive a multicast frame after receiving three Beacon frame The higher DTIM interval will help power saving and possibly decrease wireless throughput in multicast applications 131 Fragment Threshold The Fragment Threshold is in the range of 256 2346 byte The default is 2346 byte Each Wi Fi packet can be divided into smaller packets marked with a sequential fragment number and re assemble in the receiving ends The purpose is to make a short frame instead of long frame transmitting by radio in a heavy noisy environment Because of sending smaller frames corruptions are much less likely to occur The pros is obvious the cons is the overhead for transmission So in a clean environment higher fragment threshold can be an option to increase throughput Fragmentation will be triggered by setting the Fragment Threshold usually in Byte length Only when the frame size is over the Threshold fragmentation will take place automatically m RTS Threshold TRTS Threshold is in the range of 1 2347 byte The default is 2347 byte The main purpose of enabling RTS by changing RTS threshold is to reduce possible collisions due to hidden wireless clients RTS in AP will be enabled automatically if the packet size is larger than the Threshold value By default RTS is disabled i
226. on requirement Beacon Interval Beacon Interval is in the range of 20 1024 and set in unit of millisecond The default value is 100 MSEC Access Point AP in IEEE 802 11 will send out a special approximated 50 byte frame called Beacon Beacon is broadcast to all the stations provides the basic information of AP such as SSID channel encryption keys signal strength time stamp support data rate All the radio stations received beacon recognizes the existence of such AP and may proceed next actions if the information from AP matches the requirement Beacon is sent on a periodic basis the time interval can be adjusted By increasing the beacon interval you can reduce the number of beacons and associated overhead but that will likely delay the association and roaming process because stations scanning for available access points may miss the beacons You can decrease the beacon interval which increases the rate of beacons This will make the association and roaming process very responsive however the network will incur additional overhead and throughput will go down DTIM Interval The DTIM interval is in the range of 1 255 The default is 1 DTIM is defined as Delivery Traffic Indication Message It is used to notify the wireless stations which support power saving mode when to wake up to receive multicast frame DTIM is necessary and critical in wireless environment as a mechanism to fulfill power saving synchronizatio
227. on to release IP address of WAN port WAN Information Mode PPPoE Mode Reconnect Mode Manual Mode Supports Static Dynamic PPPoE and PPTP modes Reconnect Mode The current reconnect mode of the PPPoE or PPTP MAC Address The MAC address of the WAN port IP Address The IP address of the WAN port IP Netmask The IP netmask of the WAN port IP Gateway The gateway IP address of the WAN port Primary DNS The primary DNS server in service Secondary DNS The secondary DNS server in service Receive bytes The total received packets in bytes on the WAN port Receive packets The total received packets of the WAN port Transmit bytes The total transmitted packets in bytes of the WAN port Y Y Y y y y y y y y y y Transmit packets The total transmitted packets of the WAN port LAN Information Display total received and transmitted statistics on the LAN interface LAN Information MAC Address 00 0C 43 28 60 30 IP Address 192 168 2 254 IP Netmask 255 255 255 0 fa Receiwe Bytes 20576 1 z z Receive Packets Transmit Bytes 3 Transmit Packets 1 MAC Address The MAC address of the LAN port IP Address The IP address of the LAN port IP Netmask The IP netmask of the LAN port Receive bytes The total received packets in bytes on the LAN port Receive packets The total received packets of the LAN port Transmit bytes The total transmitted packets in bytes of the LAN port Y Y
228. ontention Window The value specified here in the Maximum Contention Window is the upper limit in milliseconds for the doubling of the random backoff value This doubling continues until either the data frame is sent or the Maximum Contention Window size is reached Once the Maximum Contention Window size is reached retries will continue until a maximum number of retries allowed is reached Valid values for the cwmax are 1 3 7 15 31 63 127 255 511 or 1024 The value for cwmax must be higher than the value for cwmin Txop Transmission Opportunity is an interval of time when a WME AP has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for AP that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission Control Mandatory ACM only takes effect on AC_VI and AC_VO When you do not click Checkbox it means that the ACM is controlled by the connecting AP If you click Checkbox it means that the Client is in charge AckPolicy Acknowledgment Policy WMM defines two ACK policies Normal ACK and No ACK Click Checkbox indicates No ACK When the no acknowledgment No ACK policy is used the recipient does not acknowledge received packets during wireless packet exchange This policy is suitable in the environment where communication quality is fine and interference i
229. oot This option creates a kind of fail proof mechanism Ping Watchdog is dedicated for continuous monitoring of the particular connection to remote host using the Ping tool The Ping works by sending ICMP echo request packets to the target host and listening for ICMP echo response replies If the defined number of replies is not received the tool reboots the device gt gt gt Enable Ping Watchdog control will enable Ping Watchdog Tool IP Address To Ping specify an IP address of the target host which will be monitored by Ping Watchdog Tool Ping Interval specify time interval in seconds between the ICMP echo requests are sent by the Ping Watchdog Tool Default is 300 seconds Startup Delay specify initial time delay in seconds until first ICMP echo requests are sent by the Ping Watchdog Tool The value of Startup Delay should be at least 60 seconds as the network interface and wireless connection initialization takes considerable amount of time if the device is rebooted Default is 300 seconds Failure Count To Reboot specify the number of ICMP echo response replies If the specified number of ICMP echo response packets is not received continuously the Ping Watchdog Tool will reboot the device Click Save button to save your changes Click Reboot button to activate your changes 36 Without a valid certificate users may encounter the following problem in IE7 when they try to
230. or default gateway are set up automatically according to the IP configuration of system s interfaces When used as a L2 device it could switch packets and as L3 device it s capable of being a gateway to route packets inward and outward Route Information Destination Gateway Genmask Flags Metric Ref Use Iface 192 168 2 0 0 0 0 0 255 255 255 0 U 0 0 0 bred 192 168 1 0 0 0 0 0 255 255 255 0 U 0 0 0 rad 127 0 0 0 0 0 0 0 255 255 255 0 U 0 0 0 lo 0 0 0 0 192 168 1 1 0 0 0 0 UG 0 0 0 rad ARP table Information Select ARP Table Information on the drop down list to display ARP table ARP associates each IP address to a unique hardware address MAC of a device It is important to have a unique IP address as final destination to switch packets to ARP Table Information IP Address HWW Type Flags HW Address Mask Device 192 168 222 0x1 One 00 14 92 9F 44 98 i bred 118 Bridge table information Select Bridge Table information on the drop down list to display bridge table Bridge table will show Bridge ID and STP s Status on the each Ethernet bridge and its attached interfaces the Bridge Port should be attached to some interfaces Bridge Table Information Bridge Port Bridge ID STP Enabled Interface bred 8000 000c43288008 no eth2 Bridge MAC information Select Bridge MACs Information on the drop down list to display MAC table This table displays local MAC addresses associated with wired or wireless interfa
231. ordless telephones and microwaves as well as network overhead lower actual data throughput rate Photo of product may not reflect actual content All products and trademarks are the property of their respective owners Copyright 2010 Airlink1016 2 3
232. ossible transmission rate will be selected You have the option of selecting the speed if necessary Refer to Appendix C MCS Data Rate MPDU Enable Check Enable button to activate this function and Disable to deactivate m A MPDU A MPDU Aggregated Mac Protocol Data Unit allows the transmissions of multiple Ethernet frames to a single location as burst of up to 64kbytes This is performed on the hardware itself Select Manual to set MPDU Density MPDU Density Minimum separation of MPDUs in an A MPDU 0 1 2 3 4 5 6 7 No Restriction YV us 2us 1yus 2us 4us 8us 16 us m A MSDU Aggregated Mac Service Data Unit A MSDU Select Enable to allows aggregation for multiple MSDUs in one MPDU Default is disabled Click Save button to save your changes Click Reboot button to activate your changes 129 6 2 2 Wireless Advanced Setup To achieve optimal wireless performance it is necessary to tweak advance setting per requirements properly not necessary higher the better or lower The administrator can change the RTS threshold and fragmentation threshold settings for the system Please click on Wireless gt Advanced Setup and follow the below setting Wireless Setup Advanced Setup Short Slot Enabe Disable Extra Slot Time 9 us ACK Timeout 32 us Beacon Interval 100 ms DTIM interval 1 ms Fragment Threshold 2346 RTS Threshold 2347 Short Pream
233. p Security MAC Filter Enable Repeater AP Enable Disable Action Disable ho ESSID Main_AP_Repeater Client Isolation Enable O Disable ce CY Ce Hidden SSID 2 Enable Y Disable Maximum Clients 32 Security Type Disable v J m Enable Repeater AP By default it s Enable for repeater AP Select Enable to activate Repeater AP or click Disable to deactivate this function m ESSID Extended Service Set ID When clients are browsing for available wireless networks this is the SSID that will appear in the list ESSID will determine the service type available to AP s clients associated with the specified AP m Client Isolation By default it s Disable Select Enable all clients will be isolated from each other which means they can t reach each other Hidden SSID By default it s Disable Enable this option to stop the SSID broadcast in your network When disabled people could easily obtain the SSID information with the site survey software and get access to the network if security is not turned on When enabled network security is enhanced It s suggested to enable it after AP security settings are archived and setting of AP s clients could make to associate to it Maximum Clients The default value is 32 You can enter the number of wireless clients that can associate to a particular SSID When the number of client is set to 5 only 5 clients at most a
234. p Video and multimedia are given effectively higher priority for transmission lower wait times for channel access while other applications and traditional IP data which are less time sensitive but often more data intensive are expected to tolerate longer wait times 99 Aifsn The Arbitration Inter Frame Spacing Number specifies a wait time in milliseconds for data frames CWmin Minimum Contention Window This parameter is input to the algorithm that determines the initial random backoff wait time window for retry of a transmission The value specified here in the Minimum Contention Window is the upper limit in milliseconds of a range from which the initial random backoff wait time is determined CWmax Maximum Contention Window The value specified here in the Maximum Contention Window is the upper limit in milliseconds for the doubling of the random backoff value This doubling continues until either the data frame is sent or the Maximum Contention Window size is reached Once the Maximum Contention Window size is reached retries will continue until a maximum number of retries allowed is reached Valid values for the cwmax are 1 3 7 15 31 63 127 255 511 or 1024 The value for cwmax must be higher than the value for cwmin Txop Transmission Opportunity is an interval of time when a WME AP has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmi
235. packets are transmitted without a legacy compatible part m Channel Bandwidth The Auto MHz option is usually best The other option is available for special circumstances Guard Interval Using Auto option can increase throughput However it can also increase error rate in some installations due to increased sensitivity to radio frequency reflections Select the option that works best for your installation 178 MCS This parameter represents transmission rate By default Auto the fastest possible transmission rate will be selected You have the option of selecting the speed if necessary Refer to Appendix C MCS Data Rate MPDU Enable Check Enable button to activate this function and Disable to deactivate m A MPDU A MPDU Aggregated Mac Protocol Data Unit allows the transmissions of multiple Ethernet frames to a single location as burst of up to 64kbytes This is performed on the hardware itself Select Manual to set MPDU Density MPDU Density Minimum separation of MPDUs in an A MPDU 0 1 2 3 4 5 6 7 No Restriction us ys 1yus 2us 4us 8us 16 us m A MSDU Aggregated Mac Service Data Unit A MSDU Select Enable to allow aggregation for multiple MSDUs in one MPDU Default is disabled Click Save button to save your changes Click Reboot button to activate your changes The items in this page are for AP s RF general settings and will be applied to Repea
236. perating Mode By default it s Mixed mode gt Mixed Mode In this mode packets are transmitted with a preamble compatible with the legacy 802 11a g the rest of the packet has a new format In this mode the receiver shall be able to decode both the Mixed Mode packets and legacy packets gt Green Field In this mode high throughput packets are transmitted without a legacy compatible part m Channel Bandwidth The 20 40 MHz option is usually best The other option is available for special circumstances Guard Interval Using Auto option can increase throughput However it can also increase error rate in some installations due to increased sensitivity to radio frequency reflections Select the option that works best for your installation m MCS This parameter represents transmission rate By default Auto the fastest possible transmission rate will be selected You have the option of selecting the speed if necessary Refer to Appendix C MCS Data Rate m Reverse Direction Grant RDG Disable or enable reserve direction grant Default is enabled m A MSDU Aggregated Mac Service Data Unit Select Enable to allow aggregation for multiple MSDUs in one MPDU Default is disabled Auto Block ACK Disable or enable auto block ACK Default is enabled Decline BA Request Disable or enable decline BA request Default is disabled Change these settings as described here and click Save button to save your changes C
237. ployment ACK Timeout makes significant influence in performance of long distance radio link If ACK Timeout is set too short transmitter will start to Resend packet before ACK is received and throughputs become low due to excessively high re transmission ACK Timeout is best determined by distance between the radios data rate of average environment The Timeout value is calculated based on round trip time of packet with a little tolerance So if experiencing re transmissions or poor performance the ACK Timeout could be made longer to accommodate Slot Time and ACK Timeout settings are for long distance links It is important to tweak settings to achieve the optimal result based on requirement Beacon Interval Beacon Interval is in the range of 20 1024 and set in unit of millisecond The default value is 100 MSEC Access Point AP in IEEE 802 11 will send out a special approximated 50 byte frame called Beacon Beacon is broadcast to all the stations provides the basic information of AP such as SSID channel encryption keys signal strength time stamp support data rate All the radio stations received beacon recognizes the existence of such AP and may proceed next actions if the information from AP matches the requirement Beacon is sent on a periodic basis the time interval can be adjusted By increasing the beacon interval you can reduce the number of beacons and associated overhead but that will likely
238. poor performance the ACK Timeout could be made longer to accommodate Slot Time and ACK Timeout settings are for long distance links It is important to tweak settings to achieve the optimal result based on requirement Beacon Interval Beacon Interval is in the range of 20 1024 and set in unit of millisecond The default value is 100 MSEC Access Point AP in IEEE 802 11 will send out a special approximated 50 byte frame called Beacon Beacon is broadcast to all the stations provides the basic information of AP such as SSID channel encryption keys signal strength time stamp support data rate All the radio stations received beacon recognizes the existence of such AP and may proceed next actions if the information from AP matches the requirement Beacon is sent on a periodic basis the time interval can be adjusted By increasing the beacon interval you can reduce the number of beacons and associated overhead but that will likely delay the association and roaming process because stations scanning for available access points may miss the beacons You can decrease the beacon interval which increases the rate of beacons This will make the association and roaming process very responsive however the network will incur additional overhead and throughput will go down DTIM Interval The DTIM interval is in the range of 1 255 The default is 1 DTIM is defined as Delivery Traffic Indication Message It is used to notify
239. pt to fool you or intercept any data you send to the server We recommend that you close this webpage and do not continue to this website Y Click here to close this webpage Y Continue to this website not recommended E More information Click Continue to this website to access the system s WMI The system s Overview page will appear 65 4 3 2 Configure System Time System time can be configured via this page and manual setting or via a NTP server is supported Please click on System gt Time Server and follow the below setting Time Server Setup oystem Time Local Time 2000 01 01 Sat 00 05 44 NTP Client Enable _ Default NTP Server optional Time Zone Daylight saving time Save Local Time Display the current system time NTP Client To synchronize the system time with NTP server gt Enable Check to select NTP client 3 Default NTP Server Select the NTP Server from the drop down list gt Time Zone Select a desired time zone from the drop down list gt Daylight saving time Enable or disable Daylight saving e If the system time from NTP server seems incorrect please verify your network settings like default Gateway and DNS settings Click Save button to save your changes Click Reboot button to activate your changes 66 4 3 3 Configure SNMP Setup SNMP is an application layer protocol that provides a message format for communication between SNMP managers and
240. r We recommend that you close this webpage and do not continue to this website Y Click here to close this webpage Y Continue to this website not recommended E More information Click Continue to this website to access the system s WMI The system s Overview page will appear 235 8 4 2 Configure System Time System time can be configured via this page and manual setting or via a NTP server is supported Please click on System gt Time Server and follow the below setting Time Server Setup oystem Time Local Time 2000 01 01 Sat 00 05 44 NTP Client Enable Default NTP Server optional Time Zone Daylight Saving time Save Local Time Display the current system time NTP Client To synchronize the system time with NTP server gt Enable Check to select NTP client 3 Default NTP Server Select the NTP Server from the drop down list gt Time Zone Select a desired time zone from the drop down list gt Daylight saving time Enable or disable Daylight saving a If the system time from NTP server seems incorrect please verify your network settings like default Gateway and DNS settings Click Save button to save your changes Click Reboot button to activate your changes 236 8 4 3 Configure UPnP Universal Plug and Play UPnP is an architecture to enable pervasive peer to peer network connectivity between PCs intelligent devices and appliances when UPnP is supported U
241. r MAC address e g aa bb cc 00 00 0a and click Add button then the MAC address should display in the Enable List There are a maximum of 20 clients allowed in this Enable List The MAC addresses of the wireless clients can be added and removed to the list using the Add and Remove buttons Click Reboot button to activate your changes a MAC Access Control is the weakest security approach WPA or WPA2 security method is highly recommended 143 6 4 System Management 6 4 1 Configure Management Administrator could specify geographical location of the system via instructions in this page Administrator could also enter new Root and Admin passwords and allow multiple login methods Please click System gt Management and follow the below settings Management Setup System Information Admin Login Methods System Name WCB1200H2PX Enable HTTP Y Port 80 Description Outdoor WiFi N 5G 200mW Enable HTTPS Port 443 UploadKey nani Enable Telnet Port 23 E Enable SSH Y Port 22 Root Password Host Key Footprint ssh rsa AAAAB3NzaCiyc2EAAAADAQABAAAAgw New Root Password Check Root Password nep Ping Watchdog E E dl Ping Watchdog O Enable Disable Admin Password IP Address To Ping New Admin Password Ping Interval Seconds Check New Password Startup Delay Seconds Failure Count To Reboot m System Information gt System Name Enter a desired name or use the default one
242. rames m Short Preamble By default it s Auto To Disable is to use Long 128 bit Preamble Synchronization field The preamble is used to signal here is a train of data coming to the receiver The short preamble provides 72 bit Synchronization field to improve WLAN transmission efficiency with less overhead Tx Burst By default it s Enable To Disable is to deactivate Tx Burst With TX burst enabled AP will send many packets in a burst without collision detection and RTS CTS for each packet TX Burst have better throughput but cause interference with other APs in channel WMM By default it s Disable Select Enable the packets with QoS WMM will have higher priority Click Save button to save your changes Click Reboot button to activate your changes 87 5 2 3 Site Survey Use this tool to scan and locate WISP Access Points and select one to associate with Please click on Wireless gt Site Survey Below depicts an example for site survey Station Site Survey Scan Result ESSID MAC Address Signal Channel Security Band pan Select Main AP 00 11a30a7c3a 50 44 MONE diain Infrastructure Select ey 00 11 a3 03 7b f2 100 44 NONE 11aln Infrastructure Select 253AP 1 00 11 a30a7b f3 100 44 WEP 11ain Infrastructure Select 253AP2 00 11 a30a b f4 100 44 WPAPSKAES 11afn Infrastructure Select 253AP3 00 11 a30a 7b f5 100 44 WPAPSK TKIP 11ain Infrastructure Select 2534P4 O0 11 a3 0a b f
243. re Date The build time of the firmware installed Device Time The current time of the system Y Y y y y y y y System Up Time The time period that system has been in service since last reboot Network Information Display the information of the Network Network Mode IP Address IP Netmask IP Gateway Static Mode 192 168 2 254 255 255 255 0 192 166 2 1 Primary DNS Secondary DNS Mode Supports Static or Dynamic modes on the LAN interface IP Address The management IP of system By default it s 192 168 2 254 IP Netmask The network mask By default it s 255 255 255 0 IP Gateway The gateway IP address and by default it s 192 168 2 1 Primary DNS The primary DNS server in service y y y y y y Secondary DNS The secondary DNS server in service 204 LAN Information Display the detailed receive and transmit statistics of LAN interface y y y y y LAN Information WAC Address 00 00 43 28 60 30 Receive Bytes 75621 Transmit Bytes 113309 Transmit Packets 375 MAC Address The MAC address of the LAN port Receive bytes The total received packets in bytes on the LAN port Receive packets The total received packets of the LAN port Transmit bytes The total transmitted packets in bytes of the LAN port Transmit packets The total transmitted packets of the LAN port Wireless Information Display the detailed receive and transmit statistics of Wireless interface
244. re Disabled Only Deny List MAC or Only Allow List MAC Click Save button to save your change Two ways to set the MAC Filter List gt Only Allow List MAC The wireless clients in the MAC Filter List will be allowed to access to Access Point All others will be denied gt Only Deny List MAC The wireless clients in the MAC Filter List will be denied to access to Access Point All others will be allowed m MAC Address Enter MAC address e g aa bb cc 00 00 0a and click Add button then the MAC address should display in the MAC Filter List There are a maximum of 20 clients allowed in this MAC Filter List The MAC addresses of the wireless clients can be added and removed to the list using the Add and Delete buttons Click Reboot button to activate your changes 246 8 5 3 Parental Control Setup Parental Control allows you to block or allow specific kinds of Internet usage and traffic such as Internet access designated services and websites EP xX Remote 192 168 2 50 60 Base Station A APO1200 MSN a WAN WLAN 192 168 2 10 20 192 168 1 254 192 168 2 254 Please click on Advance gt Parental Control and follow the below setting Parental Control Rules Parental Control List Comment Comment z Active Delete Edit MAC Address Add Rule No Rule in the List Local IP Destination IP Protocol Any v Local Port Destination Port Active O Enable Disable
245. re allowed to connect to this Repeater AP m Security Type Select the desired security type from the drop down list the options are Disable WEP WPA PSK WPA2 PSK WPA Enterprise WPA2 Enterprise and WEP 802 1X gt Disable Data are unencrypted during transmission when this option is selected gt WEP Wired Equivalent Privacy WEP is a data encryption mechanism based on a 64 bit or 128 bit shared key 189 WEP Authentication Type OPEN SHARED WEPAUTO Key Index 1 WEP Key 1 WEP Key 2 WEP Key 3 WEP Key 4 v Authentication Method Enable the desire option among OPEN SHARED or WEPAUTO v Key Index key index is used to designate the WEP key during data transmission 4 different WEP keys can be entered at the same time but only one is chosen v WEP Key Enter HEX or ASCII format WEP key value the system supports up to 4 sets of WEP keys Key Length Hex ASCII 64 bit 10 characters 5 characters 128 bit 26 characters 13 characters gt WPA PSK or WPA2 PSK WPA or WPA2 Algorithms allows the system accessing the network by using the WPA PSK protected access WPA General Cipher Suite AES 4 Pre shared Key Group Key Update Period 3600 seconds v Cipher Suite By default it is AES Select either AES or TKIP cipher suites v Pre shared Key Enter the pre shared key the format shall go with the selected key type a Pre shared key can be entered with either a 256 bit
246. reflections Select the option that works best for your installation m MCS This parameter represents transmission rate By default Auto the fastest possible transmission rate will be selected You have the option of selecting the speed if necessary Refer to Appendix C MCS Data Rate m Reverse Direction Grant RDG Disable or enable reserve direction grant Default is enabled m A MSDU Aggregated Mac Service Data Unit Select Enable to allow aggregation for multiple MSDUs in one MPDU Default is disabled Auto Block ACK Disable or enable auto block ACK Default is enabled Decline BA Request Disable or enable decline BA request Default is disabled Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes The items in this page are for AP s RF general settings and will be applied to all VAPs and WDS Links 219 8 2 2 Wireless Advanced Setup To achieve optimal wireless performance it is necessary to tweak advance setting per requirements properly not necessary higher the better or lower The administrator can change the RTS threshold and fragmentation threshold settings for the system Please click on Wireless gt Advanced Setup and follow the below setting Wireless Setup Advanced Setup Short Slot Enable Disable Extra Slot Time 9 us ACK Timeout 32 jus Beacon Interval 100 ms OTIM Interval 1 ms Fragment T
247. reless Clients VAP Information Primary AP Clients VAP ESSID MAC Address State Security Type Clients Signal Signal MAC Address Strength Strength BandWidth sac Sees Disconnect Primary AP Main_AP 00 11 A3 0A 7B FA On Disable 1 Time Time ANTO ANT1 VAP1 00 00 00 00 00 00 Off Disable 0 Cae care Oy ae i VAP2 00 00 00 00 00 00 Off Disable 0 00 06 B1 13 35 EF 4 om 38dBm 20MHz 11 134 VAP3 00 00 00 00 00 00 Off Disable 0 VAP4 00 00 00 00 00 00 Off Disable 0 VAPS 00 00 00 00 00 00 Off Disable 0 VAP6 00 00 00 00 00 00 Off Disable 0 VAP Information Highlights key VAP information VAP Available VAP from Primary AP to VAP6 ESSID Display name of ESSID for each VAP MAC Address Display MAC address for each VAP Status On Off Security Type Display chosen security type WEP WPA WPA2 PSK WPA WPA2 Enterprise y Y y y y y Clients Display total number of wireless connections for each VAP VAP Clients Display all associated clients on each Virtual AP MAC Address MAC address of associated clients Signal Strength ANTO ANT1 Signal Strength of from associated clients Bandwidth Channel bandwidth of from associated clients Idle Time Last inactive time period in seconds for a wireless connection Connect Time Total connection time period in seconds for a wireless connection y y y y y y Disconnect Click Delete button to manually disconnect a wireless client in a Virtual AP 258 8 7 3 Show WDS Link
248. rent WEP keys can be entered at the same time but only one is chosen v WEP Key Enter HEX or ASCII format WEP key value the system supports up to 4 sets of WEP keys Key Length Hex ASCII 64 bit 10 characters 5 characters 128 bit 26 characters 13 characters 137 gt WPA PSK or WPA2 PSK WPA or WPA2 Algorithms allows the system accessing the network by using the WPA PSK protected access WPA Cipher Suite AES Pre shared Key v Cipher Suite Select the desired cipher suite from the drop down list the options are AES and TKIP v Pre shared Key Enter the information for pre shared key the key can be either entered as a 256 bit secret in 64 HEX digits format or 8 to 63 ASCII characters Profile List The user can manage the created profiles for home work or public areas Below depict an example for Profile List Profile List Active Profile Name ESSID MAC Address Channel Security Type Delete Edit 1 AP_Profile default 44 MONE Delete Edit a 2 Profile Test 253AP1 00 11 a3 0a 7b f3 44 OPEN Delete Edit Connect 63 gt Click Edit an exist profile on the Profile List The field of System Configuration and Security Policy will display profile s content Edit profile s content and then click Save button to save the profile gt Click Delete to remove profile 3 Click and Select a profile from list then click the Connect button to connecting to
249. right to initiate transmissions on the wireless network v ACM Admission Control Mandatory ACM only takes effect on AC_VI and AC_VO When you do not click Checkbox it means that the ACM is controlled by the connecting AP If you click Checkbox it means that the Client is in charge Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes The items in this page are for AP s RF advanced settings and will be applied to Repeater AP 185 7 2 3 Site Survey Use this tool to scan and locate WISP Access Points and select one to associate with Please click on Wireless gt Site Survey Below depicts an example for site survey Station Site Survey Scan Result ESSID MAC Address Signal Channel Security Band pan Select Main AP 00 11a30a7c3a 50 44 MONE diain Infrastructure Select ey 00 11 a3 03 7b f2 100 44 NONE 11aln Infrastructure Select 253AP 1 00 11 a30a7b f3 100 44 WEP 11ain Infrastructure Select 253AP2 00 11 a30a b f4 100 44 WPAPSKAES 11afn Infrastructure Select 253AP3 00 11 a30a 7b f5 100 44 WPAPSK TKIP 11ain Infrastructure Select 2534P4 O0 11 a3 0a b f6 100 AA WPA2PSKAES 11ain Infrastructure Select 253AP5 00 11 a30a 7b ff 100 dd WPA2PSKTKIP 11ain Infrastructure Select m ESSID Available Extend Service Set ID of surrounding Access Points m MAC Address MAC addresses of surrounding Access Points m Signal Received signal s
250. rong and 40 bit key standard MPPE encryption schemes are supported MPPE provides data security for the PPTP connection that is between the VPN client and the VPN server m DNS Check No Default DNS Server or Specify DNS Server IP radial button as desired to set up system DNS gt Primary The IP address of the primary DNS server gt Secondary The IP address of the secondary DNS server m MAC Clone The MAC address is a 12 digit HEX code uniquely assigned to hardware as identification Some ISPs require you to register a MAC address in order to access to Internet If not you could use default MAC or clone MAC from a PC MAC Clone O Keep Default MAC Address Clone MAC Address 00 14 92 9F 44 9B O Manual MAC Address gt Keep Default MAC Address Keep the default MAC address of WAN port on the system gt Clone MAC Address If you want to clone the MAC address of the PC then click the Clone MAC Address button The system will automatically detect your PC s MAC address The Clone MAC Address field will display MAC address of the PC connected to system Click Save button can make clone MAC effective gt Manual MAC Address Enter the MAC address registered with your ISP Click Save button to save your changes Click Reboot button to activate your changes 215 8 1 3 Configure DDNS Setup Dynamic DNS allows you to map domain name to dynamic IP address Please click on System gt DDNS Setup a
251. rtificate problems may indicate an attempt to fool you or intercept any data you send to the server We recommend that you close this webpage and do not continue to this website Y Click here to close this webpage Y Continue to this website not recommended E More information Click Continue to this website to access the system s WMI The system s Overview page will appear 146 6 4 2 Configure System Time System time can be configured via this page and manual setting or via a NTP server is supported Please click on System gt Time Server and follow the below setting Time Server Setup oystem Time Local Time 2000 01 01 Sat 00 05 44 NTP Client Enable Default NTP Server optional Time Zone Daylight Saving time Save Local Time Display the current system time NTP Client To synchronize the system time with NTP server gt Enable Check to select NTP client 3 Default NTP Server Select the NTP Server from the drop down list gt Time Zone Select a desired time zone from the drop down list gt Daylight saving time Enable or disable Daylight saving e If the system time from NTP server seems incorrect please verify your network settings like default Gateway and DNS settings Click Save button to save your changes Click Reboot button to activate your changes 147 6 4 3 Configure UPnP Universal Plug and Play UPnP is an architecture to enable pervasive peer to p
252. s WDS link for network extension Access Point It can be deployed as a traditional fixed wireless Access Point Repeater To expand wireless service by repeating prior AP WDS It can be used to expand Ethernet network via wireless WDS Link AP WDS Not only to extend Ethernet network but also provide wireless access to the expanded network Oy Or ae 2 CPE Customer Premises Equipment It is a wireless gateway with NAT and DHCP Server functions to connects to Wireless Internet Service Provider s WISP 7 Client Bridge Universal Repeater It is a wireless repeater or bridge to connects to Wireless Internet Service Provider s WISP 8 CPE AP It is a wireless repeater or gateway with NAT and DHCP Server functions to connects to Wireless Internet Service Provider s ISP 1 2 System Concept The APO1200 AP01215 is not only designed and used as traditional outdoor AP but also with rich features tailored for WISP applications The two level management capability and access control ease WISP and owners to maintain and manage wireless network in a more controllable fashion Main applications are listed as follows with illustration m Wireless CPE for Multi Dwelling Unit Multi Tenant Unit MDU MTU complexes including apartments dormitories and office complexes m Outdoor Access Point for school campuses enterprise campuses or manufacture plants m Indoor Access Point for hotels factories or warehouses where industrial grade
253. s automatically sent to this queue AC VO Vela High Time sensitive data like VolP and streaming media are automatically sent to this queue v Aifsn The Arbitration Inter Frame Spacing Number specifies a wait time in milliseconds for data frames v CWmin Minimum Contention Window This parameter is input to the algorithm that determines the initial random backoff wait time window for retry of a transmission The value specified here in the Minimum Contention Window is the upper limit in milliseconds of a range from which the initial random backoff wait time is determined CWmax Maximum Contention Window The value specified here in the Maximum Contention Window is the upper limit in milliseconds for the doubling of the random backoff value This doubling continues until 60 either the data frame is sent or the Maximum Contention Window size is reached Once the Maximum Contention Window size is reached retries will continue until a maximum number of retries allowed is reached Valid values for the cwmax are 1 3 7 15 31 63 127 255 511 or 1024 The value for cwmax must be higher than the value for cwmin v Txop Transmission Opportunity is an interval of time when a WME AP has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity Txop for AP that is the interval of time when the WMM AP has the right to initiate transm
254. s clients or Stations STA to associate gt CPE Mode v WiFi connection as WAN in CPE mode the device run as DHCP server to assign IP address to wire clients out of a private IP address pool behind a NAT gt Client Bridge CB Universal Repeater UR Mode v Awireless repeater and bridge with DHCP server enabled clients on the same subnet as host AP Primary Router gt CPE AP Mode v WiFi connection as WAN in this mode the device run as DHCP server to assign IP address to wire and wireless clients out of a private IP address pool behind a NAT m Networking gt Support Static IP Dynamic IP DHCP Client PPPoE and PPTP on WAN Connection Support MPPE 64 and MPPE 128 Encryption on PPTP Connection Support PPTP L2TP IP Sec Pass Through PPPoE and PPTP Reconnect Always On On demand Manual y y y y MAC Cloning DHCP Server in Router AP CPE CPE AP and Client Bridge Universal Repeater Mode 802 3 Bridging Masquerading NAT Proxy DNS Dynamic DNS NTP Client Virtual DMZ Virtual Server IP Port Forwarding Support MAC Filter Support IP Filter Y Y Y y y y y y y y y Bandwidth traffic Shaping Wireless Feature Transmission power control 1 100 Channel selection Manual or Auto No of associated clients per AP 32 Setting for max no associated clients Yes No of ESSID Virtual AP 7 No of Max WDS setting 4 Preamble setting Short Long Setting for 802 11a n mix or 802 11a only
255. s system Edit Edit m Security Type Select an appropriate security type for association the Security Type can be selected in NONE OPEN SHARED WPA PSK or WPA2 PSK from drop down list the type needs to be the same as that associated access point gt OPEN SHARED OPEN and SHARED require the user to set a WEP key to exchange data WEP Key Index 1 we WEP Key 1 WEP Key 2 WEP Key 3 WEP Key 4 v Key Index key index is used to designate the WEP key during data transmission 4 different WEP keys can be entered at the same time but only one is chosen v WEP Key Enter HEX or ASCII format WEP key value the system supports up to 4 sets of WEP keys Key Length Hex ASCII 64 bit 10 characters 5 characters 128 bit 26 characters 13 characters gt WPA PSK or WPA2 PSK WPA or WPA2 Algorithms allows the system accessing the network by using the WPA PSK protected access Cipher Suite AES Pre shared Key 89 v Cipher Suite Select the desired cipher suite from the drop down list the options are AES and TKIP v Pre shared Key Enter the information for pre shared key the key can be either entered as a 256 bit secret in 64 HEX digits format or 8 to 63 ASCII characters Profile List The user can manage the created profiles for home work or public areas Below depict an example for a Profile List Profile List Actve Profile Nam
256. s user to restart system with existing or most current settings when changes are made Click Reboot button to proceed and take around three minutes to complete Reboot O You must be reboot the system after changing settings Rebooting the system will not delete any of your configuration settings Click reboot button to reboot the system A reminder will be available for remaining time to complete If power cycle is necessary please wait till completion of the reboot process Please Wait The System Overview page appears upon the completion of reboot 203 7 5 System Status This section breaks down into subsections of System Overview Associated Clients Status Remote AP Extra Information and Event Log 7 5 1 System Overview Display detailed information of System Network LAN and Wireless in the System Overview page m System Display the information of the system Host Name WCB1200H2PX Operating Mode Client Bridge Univerzal Repeater Mode Location Description Outdoor WiFEN 56 200mvV Cen CPE N5H2 1 0 1 Wersion 2009 10 27 15 50 04 2000 01 01 00 04 47 04 41 Firmware Version Firmware Date Device Time system Up Time System Name The name of the system Operating Mode The mode currently in service Location The reminding note on the geographical location of the system Description The reminding note of the system Firmware Version The current firmware version installed Firmwa
257. s weak While the No ACK policy helps improve transmission efficiency it can cause increased packet loss when communication quality deteriorates This is because when this policy is used a sender does not retransmit packets that have not been received by the recipient When the Normal ACK policy is used the recipient acknowledges each received unicast packet gt WMM Parameters of Station This affects traffic flowing from the client station to the access point Data Transmitted so Zee Queue Clients to AP Priority Description AC BK Background o High throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AC_BE Best Effort Medium Medium throughput and delay Most traditional IP data is sent to this queue AC VI Video High Minimum delay Time sensitive video data is automatically sent to this queue AC VO Voice High re aa data like VoIP and streaming media are automatically sent to this Aifsn The Arbitration Inter Frame Spacing Number specifies a wait time in milliseconds for data frames CWmin Minimum Contention Window This parameter is input to the algorithm that determines the initial random backoff wait time window for retry of a transmission The value specified here in the Minimum Contention Window is the upper limit in milliseconds of a range from which the initial random backoff wait time is determined CWmax Maxim
258. sable m MAC Address The MAC address of the Wireless interface is displayed here an e Green Field 20 40 Auto 2 Enable O Enable 2 Enable CY Enable m Band Mode Select an appropriate wireless band bands available are 801 11a or 802 11a n mixed mode Transmit Rate Control Select the desired rate from the drop down list the options are auto or ranging from 6 to 54Mbps only for 802 11a mode Country Select the desired country code from the drop down list the options are US ETSI JP and NONE m Channel Frequency The channel range will be changed by selecting different country code Below depicts the channel range for different Country Country Channel US 36 40 44 48 52 56 60 64 149 153 157 161 ETSI 36 40 44 48 52 56 60 64 100 104 108 112 116 120 124 128 132 136 140 JP 36 40 44 48 NONE 36 40 44 48 52 56 60 64 100 104 108 112 116 120 124 128 132 136 140 149 153 157 161 m Tx Power You can adjust the output power of the system to get the appropriate coverage for your wireless network Specify digit number between 7 to 100 the unit is for your environment If you are not sure which setting to choose then keep the default setting 100 When Band Mode select in 802 11a only mode the HT High Throughput settings should be hidden immediately 54 HT TxStream RxStream By default it s 2 m O
259. se click UploadKey button to select the file and upload it Enable Telnet Check to select Telnet Service Telnet Port The default is 23 and the range is between 1 65535 Enable SSH Check to select SSH Service SSH Port Please The default is 22 and the range is between 1 65535 Click GenerateKey button to generate RSA private key The host key footprint gray blank will display content of RSA key Ping Watchdog The ping watchdog sets the APO1200 APO1215 Device to continuously ping a user defined IP address it can be the internet gateway for example If it is unable to ping under the user defined constraints the APO1200 APO1215 device will automatically reboot This option creates a kind of fail proof mechanism Ping Watchdog is dedicated for continuous monitoring of the particular connection to remote host using the Ping tool The Ping works by sending ICMP echo request packets to the target host and listening for ICMP echo response replies If the defined number of replies is not received the tool reboots the device gt gt gt Enable Ping Watchdog control will enable Ping Watchdog Tool IP Address To Ping specify an IP address of the target host which will be monitored by Ping Watchdog Tool Ping Interval specify time interval in seconds between the ICMP echo requests are sent by the Ping Watchdog Tool Default is 300 seconds Startup Delay specify init
260. seful as a troubleshooting tool when issues are experienced in system System Log clear Result Time Facility Severity Message 2000 Jan 1 de en in E 00 00 11 System Info dnsmasq 94 started version 2 40 cachesize 150 2000 Jan 1 dnsmasq 94 compile time options no IPv6 GNU getopt 00 00 11 System Info no RTC no MMU no lSC leasefile no DBus no 118N i TFTP prneezad System Info dnsmasq 94 reading etc resolv conf Dies System Info dnsmasq 94 using nameserver 192 168 2 1 53 age System Info dnsmasq 94 cleared cache panel System Info Authentication successful for root from 192 168 2 22 Time The date and time when the event occurred Facility lt helps users to identify source of events such System or User m Severity Severity level that a specific event is associated such as info m Message Description of the event Click Refresh button to renew the log or click Clear button to clear all the record 51 warning etc Chapter 4 WDS Mode Configuration Please refer to illustrations of the section 1 3 for possible applications in the WDS mode This section provides detailed explanation for users to configure in the WDS mode with help of illustrations In the WDS mode functions listed in the table below are also available from the Web based GUI interface option System Wireless ommes status Operating Mode General Setup Profiles Settings System Overview LAN Advanced Setup Firmware Upgra
261. senders attempting to send are listening the channel CSMA CA the owner of the channel should continue ownership and finish their transmission and release the channel Then following ownership of the channel will be sooner for the new pair due to shorter slot time However when long duration of existing collision sources and shorter slot time exist the owners might experience subsequent collisions When adjustment to longer slot time can t improve performance then RTS CTS could supplement and help improve performance m Extra Slot Time Slot time is in the range of 1 255 and set in unit of microsecond The default value is 9 microsecond When you enable Short Slot and set Extra Slot time to 10 the actual Slot Time 9 10 us When you disable Short Slot and set Extra Slot time to 10 the actual Slot Time 20 10 us 180 ACK Timeout ACK timeout is in the range of 1 255 and set in unit of microsecond The default value is 32 microsecond All data transmission in 802 11b g request an Acknowledgement ACK send by receiving radio The transmitter will resend the original packet if correspondent ACK failed to arrive within specific time interval also refer to as ACK Timeout ACK Timeout is adjustable due to the fact that distance between two radio links may vary in different deployment ACK Timeout makes significant influence in performance of long distance radio link If ACK Timeout is set too short transmitter
262. setting Wireless Setup Advanced Setup short Slot Extra Slot Time ACK Timeout Beacon Interval DTIM interval Fragment Threshold RTS Threshold Short Preamble Tx Burst Pkt_Aggregate a Enable 2346 2347 Enable Enable Enable Disable Disable Disable Disable EEE 02 11H 0FS O Enable Disable WMM O Enable Disable Save Short Slot By default it s Enable for educing the slot time from the standard 20 microseconds to the 9 microsecond short slot time Slot time is the amount of time a device waits after a collision before retransmitting a packet Reducing the slot time decreases the overall back off which increases throughput Back off which is a multiple of the slot time is the random length of time a station waits before sending a packet on the LAN For a sender and receiver own right of the channel the shorter slot time help manage shorter wait time to re transmit from collision because of hidden wireless clients or other causes When collision sources can be removed sooner and other senders attempting to send are listening the channel CSMA CA the owner of the channel should continue ownership and finish their transmission and release the channel Then following ownership of the channel will be sooner for the new pair due to shorter slot time However when long duration of existing collision sources and shorter slot time exist the o
263. ss port Transmit packets The total transmitted packets of the Wireless port 74 4 4 2 WDS List Peers MAC Address antenna 0 1 received signal strength phy mode and channel bandwidth for each WDS are available WDS Information WDS Link Status signal Strength signal Strength Phy ANTO ANT1 Mode DOATTASDATB FZ 100 5 dBm 100 6 dBm HT MIA 40M 15 1 MAC Address BandWidth MCS SG m MAC Address Display MAC address of WDS peer Signal Strength ANTO ANT1 Indicate the signal strength of the respective WDS links m Phy Mode Indicate the phy mode of the respective WDS linked BandWidth Indicate the channel bandwidth of the respective WDS linked m MCS Indicate the MCS of the respective WDS linked m SGI Indicate the SGI Short Guard Interval of the respective WDS linked 1 indicate the Short Guard Interval 0 indicate the Long Guard Interval If display no signal Signal Strength ANTO ANT1 you need check WDS configuration Things to verify are MAC Address Channel and Security type Also adjust antenna angle and Tx Power 15 4 4 3 Extra Information Users could pull out information such as Route table ARP table MAC table Bridge table or STP available in the drop down list from system The Refresh button is used to retrieve latest table information Extra Information Extra Information Route Information Information Route Information v Destination Gateway Genmas
264. ss settings to associate with WISP AP before a dynamic IP along with related IP settings including DNS can be available from DHCP server If IP Address is not assigned please double check with your wireless settings and ensure successful association Also you may go to WAN Information in the Overview page to click Release button to release IP address and click Renew button to renew IP address again Dynamic IP Hostname v Hostname The Hostname of the WAN port gt PPPoE To create wireless PPPoE WAN connection to a PPPoE server in network PPPoE User name Password ecoonect Mode Always On D On Demand O Manual Idle Time minutes ru 1492 123 v User Name Enter User Name for PPPoE connection v Password Enter Password for PPPoE connection v Reconnect Mode e Always on A connection to Internet is always maintained e On Demand A connection to Internet is made as needed e Manual Click the Connect button on WAN Information in the Overview page to connect to the Internet v idle Time Time to last before disconnecting PPPoE session when it is idle Enter preferred Idle Time in minutes Default is 0 indicates disabled When Idle time is disabled the Reconnect Mode will turn out Always on v MTU By default it s 1492 bytes MTU stands for Maximum Transmission Unit Consult with WISP for a correct MTU setting gt PPTP The Point to Poin
265. ssion Opportunity TXOP for AP that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM Admission Control Mandatory ACM only takes effect on AC_VI and AC_VO When you do not click Checkbox it means that the ACM is controlled by the connecting AP If you click Checkbox it means that the Client is in charge AckPolicy Acknowledgment Policy WMM defines two ACK policies Normal ACK and No ACK Click Checkbox indicates No ACK When the no acknowledgment No ACK policy is used the recipient does not acknowledge received packets during wireless packet exchange This policy is suitable in the environment where communication quality is fine and interference is weak While the No ACK policy helps improve transmission efficiency it can cause increased packet loss when communication quality deteriorates This is because when this policy is used a sender does not retransmit packets that have not been received by the recipient When the Normal ACK policy is used the recipient acknowledges each received unicast packet gt WMM Parameters of Station This affects traffic flowing from the client station to the access point Data Transmitted Queue Clients to AP Priority Description i ae oe ee AC_BE Best Effort Medium Medium throughput and delay Most traditional IP data is sent to this queue AC_VI Video High Minimum delay Time sensitive video data i
266. stem System Host Name WEB1200H2PX Operating Mode CPE AP Mode Location Description Outdoor WIFEN S 200m Firmware Version Cen CPE N5H2 V1 0 5 Version Firmware Date 2010 02 02 15 37 29 Device Time 2000 01 01 00 00 50 System Up Time 50 System Name The name of the system Operating Mode The mode currently in service Location The reminding note on the geographical location of the system Description The reminding note of the system Firmware Version The current firmware version installed Firmware Date The build time of the firmware installed Device Time The current time of the system y Y Y y y y y y System Up Time The time period that system has been in service since last reboot WAN Information Display the information of the WAN interface WAN Information Mode Static Mode MAC Address 00 11 43 04 7B FB IP Address 192 158 2 254 IP Netmask 255 255 255 0 IP Gateway 192 168 2 1 Primary DNS secondary DNS The WAN port specified Dynamic IP the Release and Renew button will be show up click Release button to release IP address of WAN port Renew button to renew IP address through DHCP server WAN Information Mode Dynamic Mode WAC Address 00 0C 43 28 60 14 166 The WAN port specified PPPoE or PPTP and the Connect and DisConnect button will be show up Click Connect button to assigned IP address from PPPoE or PPTP server DisConnect button to release I
267. sword gt New Password Enter a new password if desired gt Check New Password Enter the same new password again to check Admin Password Log in as a admin user and is allowed to change its own gt New Password Enter a new password if desired gt Check New Password Enter the same new password again to check 35 Admin Login Methods Only root user can enable or disable system login methods and change services port gt gt gt gt y y y y Enable HTTP Check to select HTTP Service HTTP Port The default is 80 and the range is between 1 65535 Enable HTTPS Check to select HTTPS Service HTTPS Port The default is 443 and the range is between 1 65535 If you already have an SSL Certificate please click UploadKey button to select the file and upload it Enable Telnet Check to select Telnet Service Telnet Port The default is 23 and the range is between 1 65535 Enable SSH Check to select SSH Service SSH Port Please The default is 22 and the range is between 1 65535 Click GenerateKey button to generate RSA private key The host key footprint gray blank will display content of RSA key Ping Watchdog The ping watchdog sets the APO1200 APO1215 Device to continuously ping a user defined IP address it can be the internet gateway for example If it is unable to ping under the user defined constraints the APO1200 APO1215 device will automatically reb
268. t 443 UploadKey nani Enable Telnet Port 23 E Enable SSH Y Port 22 Root Password Host Key Footprint ssh rsa AAAAB3NzaCiyc2EAAAADAQABAAAAgw New Root Password Check Root Password nep Ping Watchdog E E dl Ping Watchdog O Enable Disable Admin Password IP Address To Ping New Admin Password Ping Interval Seconds Check New Password Startup Delay Seconds Failure Count To Reboot m System Information gt System Name Enter a desired name or use the default one 3 Description Provide description of the system 3 Location Enter geographical location information of the system lt helps administrator to locate the system easier The system supports two management accounts root and admin The network manager is assigned with full administrative privileges when logging in as root user to manage the system in all aspects While logging in as an admin user only subset of privileges is granted such as basic maintenance For example root user can change passwords for both root and admin account and admin user can only manage its own For more information about covered privileges for these two accounts please refer to Appendix D Network manager Privileges Root Password Log in as a root user and is allowed to change its own plus admin user s password gt New Password Enter a new password if desired gt Check New Password Enter the same new password again to check Admin Password Log
269. t Tunneling Protocol PPTP mode enables the implementation of secure multi protocol Virtual Private Networks VPNs through public networks PPTP IP Address IP Netmask PPTP Server IP Address User name PassWord Reconnect Mode Always On On Demand Manual Idle Time minutes MTU 1450 MPPE Encryption L MPPE 40 C MPPE 128 IP Address The IP address of the WAN port IP Netmask The Subnet mask of the WAN port PPTP Server IP Address The IP address of the PPTP server User Name Enter User Name for PPTP connection Password Enter Password for PPTP connection Xx YN OS S Reconnect Mode e Always on A connection to Internet is always maintained e On Demand A connection to Internet is made as needed 124 a When Time Server is enabled at the On Demand mode the Reconnect Mode will turn out Always on e Manual Click the Connect button on WAN Information in the Overview page to connect to the Internet v idle Time Time to last before disconnecting PPPoE session when it is idle Enter preferred Idle Time in minutes Default is 0 indicates disabled When Idle time is disabled the Reconnect Mode will turn out Always on v MTU By default it s 1460 bytes MTU stands for Maximum Transmission Unit Consult with WISP for a correct MTU setting v MPPE Encryption Microsoft Point to Point Encryption MPPE encrypts data in Poi
270. ter AP 179 7 2 2 Wireless Advanced Setup To achieve optimal wireless performance it is necessary to tweak advance setting per requirements properly not necessary higher the better or lower The administrator can change the RTS threshold and fragmentation threshold settings for the system Please click on Wireless gt Advanced Setup and follow the below setting Wireless Setup Advanced Setup short Slot Enable Disable Extra Slot Time 9 us ACK Timeout 32 jus Beacon Interval 100 ms OTIM Interval 1 ms Fragment Threshold 2346 RTS Threshold 2347 Short Preamble Enable Disable Tx Burst Enable Disable Pkt_Aggregate Enable Disable EEE 802 11H 0FS Enable Disable WMM O Enable Disable Save Short Slot By default it s Enable for educing the slot time from the standard 20 microseconds to the 9 microsecond short slot time Slot time is the amount of time a device waits after a collision before retransmitting a packet Reducing the slot time decreases the overall back off which increases throughput Back off which is a multiple of the slot time is the random length of time a station waits before sending a packet on the LAN For a sender and receiver own right of the channel the shorter slot time help manage shorter wait time to re transmit from collision because of hidden wireless clients or other causes When collision sources can be removed sooner and other
271. ters v Group Key Update Period By default it is 3600 seconds This time interval for rekeying GTK broadcast multicast encryption keys in seconds Entering the time length is required gt WPA Enterprise or WPA2 Enterprise The RADIUS authentication and encryption will be both enabled if this is selected 30 WPA General Cipher Suite AES kal Group Key Update Period 3600 seconds PMK Cache Period 10 minute Pre Authentication Disable C Enable Authentication RADIUS Server Authentication Server Port 1812 shared Secret Session Timeout 0 v WPA General Settings e Cipher Suite By default it is AES Select either AES or TKIP cipher suites e Group Key Update Period By default it s 3600 seconds This time interval for rekeying GTK broadcast multicast encryption keys in seconds Entering the time length is required e PMK Cache Period By default it s 10 minutes Set WPA2 PMKID cache timeout period after time out the cached key will be deleted e Pre Authentication By default it s Disable To Enable is use to speed up roaming before pre authenticating IEEE 802 1X EAP part of the full RSN authentication and key handshake before actually associating with a new AP a PMK Cache Period and Pre Authentication is used in WPA2 Enterprise v Radius Server Settings e IP Address Enter the IP address of the Authentication RADIUS server e Port By default it s 1812 The port n
272. the initial random backoff wait time is determined CWmax Maximum Contention Window The value specified here in the Maximum Contention Window is 224 the upper limit in milliseconds for the doubling of the random backoff value This doubling continues until either the data frame is sent or the Maximum Contention Window size is reached Once the Maximum Contention Window size is reached retries will continue until a maximum number of retries allowed is reached Valid values for the cwmax are 1 3 7 15 31 63 127 255 511 or 1024 The value for cwmax must be higher than the value for cwmin v Txop Transmission Opportunity is an interval of time when a WME AP has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity Txop for AP that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network v ACM Admission Control Mandatory ACM only takes effect on AC_VI and AC_VO When you do not click Checkbox it means that the ACM is controlled by the connecting AP If you click Checkbox it means that the Client is in charge Click Save button to save your changes Click Reboot button to activate your changes The items in this page are for AP s RF advanced settings and will be applied to all VAPs and WDS Links 225 8 2 3 Create Virtual AP VAP The APO1200 AP01215 support broadcasting multiple SSIDs al
273. the range of 1 255 and set in unit of microsecond The default value is 9 microsecond When you enable Short Slot and set Extra Slot time to 10 the actual Slot Time 9 10 us When you disable Short Slot and set Extra Slot time to 10 the actual Slot Time 20 10 us 220 ACK Timeout ACK timeout is in the range of 1 255 and set in unit of microsecond The default value is 32 microsecond All data transmission in 802 11b g request an Acknowledgement ACK send by receiving radio The transmitter will resend the original packet if correspondent ACK failed to arrive within specific time interval also refer to as ACK Timeout ACK Timeout is adjustable due to the fact that distance between two radio links may vary in different deployment ACK Timeout makes significant influence in performance of long distance radio link If ACK Timeout is set too short transmitter will start to Resend packet before ACK is received and throughputs become low due to excessively high re transmission ACK Timeout is best determined by distance between the radios data rate of average environment The Timeout value is calculated based on round trip time of packet with a little tolerance So if experiencing re transmissions or poor performance the ACK Timeout could be made longer to accommodate Slot Time and ACK Timeout settings are for long distance links It is important to tweak settings to achieve the optimal result based
274. the service type available to AP s clients associated with the specified VAP Client Isolation Select Enable all clients will be isolated from each other that means all clients can not reach to other clients Below Figures depict Client Isolation and AP Isolation yu X Client Isolation VAPO gt i APO1200 192 168 2 2 AP Isolation m Hidden SSID By default it s Disable Enable this option to stop the SSID broadcast in your network When disabled people could easily obtain the SSID information with the site survey software and get access to the network if security is not turned on When enabled network security is enhanced It s suggested to enable it after AP security settings are archived and setting of AP clients could make to associate to it Maximum Clients The default value is 32 You can enter the number of wireless clients that can associate to a particular SSID When the number of client is set to 5 only 5 clients at most are allowed to connect to this VAP 29 m VLAN Tag ID By default it s selected Disable This system supports tagged Virtual LAN VLAN A valid number of 1 to 4094 can be entered after it s enabled If your network utilize VLANs you could tie a VLAN Tag to a specific SSID and packets from to wireless clients belonging to that SSID will be tagged with that VLAN Tag This enables security of wireless applications by applying VLAN Tag m Security Type Select t
275. the wireless stations which support power saving mode when to wake up to receive multicast frame DTIM is necessary and critical in wireless environment as a mechanism to fulfill power saving synchronization A DTIM interval is a count of the number of beacon frames that must occur before the access point sends the buffered multicast frames For instance if DTIM Interval is set to 3 then the Wi Fi clients will expect to receive a multicast frame after receiving three Beacon frame The higher DTIM interval will help power saving and possibly decrease wireless throughput in multicast applications 23 Fragment Threshold The Fragment Threshold is in the range of 256 2346 byte The default is 2346 byte Each Wi Fi packet can be divided into smaller packets marked with a sequential fragment number and re assemble in the receiving ends The purpose is to make a short frame instead of long frame transmitting by radio in a heavy noisy environment Because of sending smaller frames corruptions are much less likely to occur The pros is obvious the cons is the overhead for transmission So in a clean environment higher fragment threshold can be an option to increase throughput Fragmentation will be triggered by setting the Fragment Threshold usually in Byte length Only when the frame size is over the Threshold fragmentation will take place automatically m RTS Threshold TRTS Threshold is in the range of 1 2347 byte The default is 2347
276. threshold and fragmentation threshold settings for the system Please click on Wireless gt Advanced Setup and follow the below setting Wireless Setup Advanced Setup Fragment Threshold 2346 RTS Threshold 2347 Short Preamble Enable Disable Tx Burst Enable Disable wm Enable 5 Disable Fragment Threshold The Fragment Threshold is in the range of 256 2346 byte The default is 2346 byte Each Wi Fi packet can be divided into smaller packets marked with a sequential fragment number and re assemble in the receiving ends The purpose is to make a short frame instead of long frame transmitting by radio in a heavy noisy environment Because of sending smaller frames corruptions are much less likely to occur The pros is obvious the cons is the overhead for transmission So in a clean environment higher fragment threshold can be an option to increase throughput Fragmentation will be triggered by setting the Fragment Threshold usually in Byte length Only when the frame size is over the Threshold fragmentation will take place automatically m RTS Threshold RTS Threshold is in the range of 1 2347 byte The default is 2347 byte The main purpose of enabling RTS by changing RTS threshold is to reduce possible collisions due to hidden wireless clients RTS in AP will be enabled automatically if the packet size is larger than the Threshold value By default RTS is disabled in a normal environment supports non jumbo f
277. tion or Disable to deactivate this service y y Start IP End IP Specify the range of IP addresses to be used by the DHCP server when assigning IP address to clients The default range IP address is 192 168 2 10 to 192 168 2 70 the netmask is 255 255 255 0 DNS1 IP Enter IP address of the first DNS server this field is required DNS2 IP Enter IP address of the second DNS server this is optional WINS IP Enter IP address of the Windows Internet Name Service WINS server this is optional Domain Enter the domain name for this network y y y y y Lease Time The IP addresses given out by the DHCP server will only be valid for the duration specified by the lease time Increasing the time ensure client operation without interruptions but could introduce potential conflicts Lowering the lease time will avoid potential address conflicts but might cause more interruptions to the client while it will acquire new IP addresses from the DHCP server Default is 86400 seconds Click Save button to save your changes Click Reboot button to activate your changes 177 7 2 Access Point Association 7 2 1 Configure Wireless General Setting The administrator can change the data transmission channel and output power settings for the system Please click on Wireless gt General Setup and follow the below setting Wireless Setup General Setup HT Physical Mode Band Mode 802 11 a n mixed mode Operating Mode Mixed Mode O
278. tion point to associate with wireless client as shown in Figure 3 1 Then Wireless clients could access to LAN or Internet by associating themselves with APO1200 APO1215 set in AP mode APO1200 192 168 2 10 192 168 2 254 Figure 3 1 Access Point on a Wired LAN Configuration 17 3 1 2 Configure LAN IP Here are the instructions to setup the local IP Address and Netmask Please click on System gt LAN and follow the below setting LAN Setup Ethernet Connection Type DNS Mode Static IP Dynamic IP DNS No Default DNS Server O Specify DNS Server IP Primary Static IP Secondary IP Address 192 168 2 254 IP Netmask 255 255 255 0 IP Gateway 192 168 2 1 m Mode Check either Static IP or Dynamic IP button as desired to set up the system IP of LAN port gt Static IP The administrator can manually setup the LAN IP address when static IP is available preferred v IP Address The IP address of the LAN port default IP address is 192 168 2 254 v IP Netmask The Subnet mask of the LAN port default Netmask is 255 255 255 0 v IP Gateway The default gateway of the LAN port default Gateway is 192 168 2 1 gt Dynamic IP This configuration type is applicable when the APO1200 APO1215 is connected to a network with the presence of a DHCP server all related IP information will be provided by the DHCP server automatically Dynamic IP Hostname v Hostname The Hostname of th
279. tiple data packets with the fixed overhead cost of just a single frame m IEEE802 11H DFS By default it s Disable To Enable is to use IEEE802 11H DFS With DFS Dynamic Frequency Selection enabled radio is operating on one of the following channels the wireless device uses DFS to monitor the operating frequency and switch to another frequency or reduce power as necessary DFS Channels 52 56 60 64 100 104 108 112 116 120 124 128 136 140 The maximum legal transmit power is greater for some 5 GHz channels than for others When the wireless device randomly selects a 5 GHz channel on which power is restricted the wireless device automatically reduces transmit power to comply with power limits for that channel in that regulatory domain The Channel 52 140 is DFS channel If turns on IEEE802 11H AP Will have 60 sec to do channel available a check and will not send beacon and can not be connect When APO1200 APO1215 detect radar 5GHZ signal the AP will switch channel and stop beacon transmit between 15 sec WMM By default it s Disable To Enable is to use WMM and the WMM parameters should appears 182 WMM Parameters of Access Point Aifsn CWMin CWMax Txop ACM AckPolicy ACBE j se oy fo a acek 7 sE 103 lo O L acme ha CE bbe a 0 O acvo 1 GE CA fa 0 L WMM Parameters of Station Aifsn CWiMin CWilax Txop ACM AC BE 3 15 M 1023
280. trength of all found Access Points m Channel Channel numbers used by all found Access Points m Security Security type by all found Access Points m Band Wireless band used by all found Access Points m Network Type Network type used by all found Access Points m Select Click Select to configure settings and associate with chosen AP While clicking Select button in the Site Survey Table the ESSID and Security Type will apply in the Wireless General Setup However more settings are needed including Security Key 186 7 2 4 Create Wireless Profile The administrator can configure station profiles via this page Please click on Wireless gt Wireless Profile and follow the below setting Station Profile System Configuration Profile List MAC Address 00 26 CE 01 06 93 Active Profile Name ESSID MAC Address Channel Security Type Delete Edit Profle Name 1 AP Profileo default 44 NONE Delete Edit ESSID Lock to AP MAC Optional Channel Frequency 36 5180MHz w security Policy Security Type NONE v Save m MAC Address The MAC address of the Wireless Station is displayed here Profile Name Set different profiles for quick connection uses m ESSID Assign Service Set ID for the wireless system m Lock to AP MAC This allows the station to always maintain connection to a particular AP with a specific MAC address This is useful as sometimes there can be few identically name
281. trol will enable Ping Watchdog Tool IP Address To Ping specify an IP address of the target host which will be monitored by Ping Watchdog Tool Ping Interval specify time interval in seconds between the ICMP echo requests are sent by the Ping Watchdog Tool Default is 300 seconds Startup Delay specify initial time delay in seconds until first ICMP echo requests are sent by the Ping Watchdog Tool The value of Startup Delay should be at least 60 seconds as the network interface and wireless connection initialization takes considerable amount of time if the device is rebooted Default is 300 seconds Failure Count To Reboot specify the number of ICMP echo response replies If the specified number of ICMP echo response packets is not received continuously the Ping Watchdog Tool will reboot the device 92 Click Save button to save your changes Click Reboot button to activate your changes Without a valid certificate users may encounter the following problem in IE7 when they try to access system s WMI https 192 168 2 254 There will be a Certificate Error because the browser treats system as an illegal website Certificate Error Navigation Blocked Windows Internet Explorer E y El 192 168 2 254 v File Edit View Favorites Tools Help jy Favorites 5 E Free Hotmail gt Certificate Error Navigation Blocked 3 There is a problem with this website s secur
282. twork to the destination host The test is started using the Start button click Stop button to stopped test gt Destination Host Specifies the Destination Host for the finding the route taken by ICMP packets across the network gt MAX Hop Specifies the maximum number of hops max time to live value traceroute will probe 153 6 4 8 Reboot This function allows user to restart system with existing or most current settings when changes are made Click Reboot button to proceed and take around three minutes to complete Reboot o You must be reboot the system after changing settings Rebooting the system will not delete any of your configuration settings Click reboot button to reboot the system A reminder will be available for remaining time to complete If power cycle is necessary please wait till completion of the reboot process Please Wait The System Overview page appears upon the completion of reboot 154 6 5 Access Control List 6 5 1 IP Filter Setup Allows to create deny or allow rules to filter ingress or egress packets from specific source and or to destination IP address on wired LAN or Wireless WAN ports Filter rules could be used to filter unicast or multicast packets on different protocols as shown in the IP Filter Setup Important to note that IP filter rules has precedence over Virtual server rules Please click on Advance gt IP Filter Setup and follow the below setting IP Filter S
283. um Contention Window The value specified here in the Maximum Contention Window is 134 the upper limit in milliseconds for the doubling of the random backoff value This doubling continues until either the data frame is sent or the Maximum Contention Window size is reached Once the Maximum Contention Window size is reached retries will continue until a maximum number of retries allowed is reached Valid values for the cwmax are 1 3 7 15 31 63 127 255 511 or 1024 The value for cwmax must be higher than the value for cwmin v Txop Transmission Opportunity is an interval of time when a WME AP has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity Txop for AP that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network v ACM Admission Control Mandatory ACM only takes effect on AC_VI and AC_VO When you do not click Checkbox it means that the ACM is controlled by the connecting AP If you click Checkbox it means that the Client is in charge Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes The items in this page are for AP s RF advanced settings and will be applied to Repeater AP 135 6 2 3 Site Survey Use this tool to scan and locate WISP Access Points and select one to associate with Please click o
284. umber used to communicate with RADIUS server e Shared secret A secret key used between system and RADIUS server Supports 8 to 64 characters e Session Timeout The Session timeout is in the range of 0 60 seconds The default is O to disable re authenticate service Amount of time before a client will be required to re authenticate 31 gt WEP 802 1X When WEP 802 1x Authentication is enabled please refer to the following Dynamic WEP and RADIUS settings to complete configuration 802 1x WEP Dynamic WEP Enable Authentication RADIUS Server Authentication Server Port 1812 shared Secret Session Timeout 0 v Radius Server Settings e IP Address Enter the IP address of the Authentication RADIUS server e Port By default it s 1812 The port number used to communicate with RADIUS server e Shared secret Asecret key used between system and RADIUS server Supports 8 to 64 characters e Session Timeout The Session timeout is in the range of 0 60 seconds The default is O to disable re authenticate service Amount of time before a client will be required to re authenticate Click Save button to save your changes Click Reboot button to activate your changes 32 3 2 4 Wireless MAC Filter Setup Continue 3 2 3 2 Virtual AP Setup section For each Virtual AP setting the administrator can allow or reject clients to access each Virtual AP MAC Filter Action Only Deny List MAC Add a statio
285. umstances Guard Interval Using Auto option can increase throughput However it can also increase error rate in some installations due to increased sensitivity to radio frequency reflections Select the option that works best for your installation m MCS This parameter represents transmission rate By default Auto the fastest possible transmission rate will be selected You have the option of selecting the speed if necessary Refer to Appendix C MCS Data Rate m Reverse Direction Grant RDG Disable or enable reserve direction grant Default is enabled m A MSDU Aggregated Mac Service Data Unit Select Enable to allow aggregation for multiple MSDUs in one MPDU Default is disabled Auto Block ACK Disable or enable auto block ACK Default is enabled Decline BA Request Disable or enable decline BA request Default is disabled Change these settings as described here and click Save button to save your changes Click Reboot button to activate your changes The items in this page are for AP s RF general settings and will be applied to all VAPs and WDS Links 21 3 2 2 Wireless Advanced Setup To achieve optimal wireless performance it is necessary to tweak advance setting per requirements properly not necessary higher the better or lower The administrator can change the RTS threshold and fragmentation threshold settings for the system Please click on Wireless gt Advanced Setup and follow the below
286. up current configuration restore prior configuration or reset back to factory default configuration can be executed via this page Please click on Utilities gt Profile Setting and follow the below setting Profile Save Profile Save Save Setti Pc sue Load Settings From PC Browse Upload Reset To Factory Defautt Default a In this page you can save your cument configuration restore a previously saved configuration oF reset all of the settings to the factory default settings m Save Settings to PC Click Save button to save the current configuration to a local disk File Download Do you want to save this file or find a program online to open it a Name contig bin Type Unknown File Type From 192 168 2 254 harm your computer If vou do not trust the source do not find a Y While files from the Internet can be useful some files can potentially E program to open this file or save this file What s the risk m Load Settings from PC Click Browse button to locate a configuration file to restore and then click Upload button to upload m Reset To Factory Default Click Default button to reset back to the factory default settings and expect Successful loading message Then click Reboot button to activate 69 4 3 5 Firmware Upgrade Firmware is the main software image that system needs to respond to requests and to manage real time operations Firmware upgrades are sometimes required to include ne
287. urce of events such System or User m Severity Severity level that a specific event is associated such as info m Message Description of the event Click Refresh button to renew the log or click Clear button to clear all the record 78 warning etc Chapter 5 CPE Mode Configuration When CPE mode is chosen the system can be configured as a Customer Premises Equipment CPE This section provides detailed explanation for users to configure in the CPE mode with help of illustrations In the CPE mode functions listed in the table below are also available from the Web based GUI interface OPTION Wireless Advance Utilities Status Profiles Settings System Overview General Setup DMZ Wireless Profile IP Filter Station Statistics Site Survey MAC Filter Extra Info Functions DDNS O DDNS Virtual Server QoS Plot Parental Control N Event Log IS ee Table 5 1 CPE Mode Functions 5 1 External Network Connection 5 1 1 Network Requirement It can be used as an Outdoor Customer Premises Equipment CPE to receive wireless signal over last mile application helping WISPs deliver wireless broadband Internet service to residents and business customers In the CPE mode APO1200 APO1215 is a gateway enabled with NAT and DHCP Server functions The wired clients connected to APO1200 APO1215 are in different subnet from those connected to Main Base Station and in CPE mode it does not accept wireless asso
288. urity with 802 1X WPA and WPA2 m Support QoS Quality of Service amp WMM m Integrated Power over Ethernet PoE Multiple Virtual AP amp Capability of Client Isolation m Business class WLAN Security and Client Authentications m Provide Advanced Wireless Setting m Support Web Management and SNMP MIB II m Over Load Current Protection Client Isolation Through Layer 2 VLAN Technology m Two administrator accounts for manager authorities m QoS for bandwidth management and traffic prioritization 1 5 Specification Wireless Architecture Mode gt Router AP Mode v Wire connection as WAN in this mode the device run as DHCP server to assign IP address to wireless clients out of a private IP address pool behind a NAT v This enables the wireless interconnection of Access Point in an IEEE802 11 network and accept wireless clients at the same time gt AP Mode v Pure AP Mode e t can be deployed as a tradition fixed wireless Access Point e ltallow wireless clients or Stations STA to access v AP WDS Mode e This enables the wireless interconnection of Access Point in an IEEE802 11 network and accept wireless clients at the same time gt WDS Mode v This enables the wireless interconnection of Access Point in an IEEE802 11 network v Itallows a wireless network to be expanded using multiple access point without the need for a wired backbone to link them v This also be referred to as repeater mode v It can t allow wireles
289. vices port gt gt gt gt y y y y Enable HTTP Check to select HTTP Service HTTP Port The default is 80 and the range is between 1 65535 Enable HTTPS Check to select HTTPS Service HTTPS Port The default is 443 and the range is between 1 65535 If you already have an SSL Certificate please click UploadKey button to select the file and upload it Enable Telnet Check to select Telnet Service Telnet Port The default is 23 and the range is between 1 65535 Enable SSH Check to select SSH Service SSH Port Please The default is 22 and the range is between 1 65535 Click GenerateKey button to generate RSA private key The host key footprint gray blank will display content of RSA key Ping Watchdog The ping watchdog sets the APO1200 APO1215 Device to continuously ping a user defined IP address it can be the internet gateway for example If it is unable to ping under the user defined constraints the APO1200 AP01215 device will automatically reboot This option creates a kind of fail proof mechanism Ping Watchdog is dedicated for continuous monitoring of the particular connection to remote host using the Ping tool The Ping works by sending ICMP echo request packets to the target host and listening for ICMP echo response replies If the defined number of replies is not received the tool reboots the device gt gt gt Enable Ping Watchdog con
290. w features or bugs fix It takes around 2 minutes to upgrade due to complexity of firmware To upgrade system firmware click Browse button to locate the new firmware and then click Upgrade button to upgrade Firmware Upgrade Firmware Infomation Firmware Version Cen CPE N5H2 V0 0 4 Beta Version Firmware Date 2009 09 03 09 26 27 Update Firmware g From time to time the product may release new versions of the firmware You can check and download up to date firmware and cick Browser button to locate the file from your local harddisk Upgrade To prevent data loss during firmware upgrade please back up current settings before proceeding Do not interrupt during firmware upgrade including power on off as this may damage system Never perform firmware upgrade over wireless connection or via remote access connection 70 4 3 6 Network Utility The administrator can diagnose network connectivity via the PING and TRACEROUTE utility Please click on Utilities gt Network Utility and follow the below setting Network Utility Ping Result Destination IP Doamin Count 5 ping Traceroute Destination Host MAX Hop 6 Start Stop Ping This utility will help ping other devices on the network to verify connectivity Ping utility using ICMP packets detects connectivity and latency between two network nodes As result of that packet loss and latency time are available in the Result field while running the
291. w the below setting Dynamic DNS Setup DDNS Enable O Enable Disable Serivce Provider Hostname User Name Password Save m Enabled By default it s Disable The mapping domain name won t change when dynamic IP changes The beauty of it is no need to remember the dynamic WAP IP while accessing to it m Service Provider Select the preferred Service Provider from the drop down list including dyndns dhs ods and tzo Hostname Host Name that you register to Dynamic DNS service and export m User Name amp Password User Name and Password are used to login DDNS service Click Save button to save your changes Click Reboot button to activate your changes 83 5 1 4 Configure LAN Setup Here are the instructions for how to setup the local IP Address and Netmask Please click on System gt LAN and follow the below setting LAN Setup LAN IP DHCP Server IP Address 192 168 2 254 DHCP O Enable Disable IP Netmask 255 255 255 0 Save m LAN IP The administrator can manually setup the LAN IP address gt IP Address The IP address of the LAN port default IP address is 192 168 2 254 gt IP Netmask The Subnet mask of the LAN port default Netmask is 255 255 255 0 DHCP Setup Devices connected to the system can obtain an IP address automatically when this service is enabled DHCP Server DHCP Enable Disable Start IP 192 166 2 10 End IP 192 168 2 70 DNS1 IP DNS2 IP WINS I
292. wireless clients can associate with it gt Example 1 Point to Point gt Remote APO1200 Base Station 192 168 2 254 197 168 2 250 Main Base Station 192 168 2 250 as 192 168 2 A gt Example 2 Point to Multi Point Ren a 192 168 2 x Base Station WES 102168 2 250 AN y 10 192 168 2 x Base Station APO1200 WDS 192 168 2 254 132 168 2 251 WC 192 168 2 x Remote Base Station 192 168 2 252 gt Example 3 Multi Point Repeating bridge WDS l WDS Main Remote Base Station E ON Base Station 192 168 2 250 ai 192 168 2 253 Configuration in CPE Mode It can be used as an Outdoor Customer Premises Equipment CPE to receive wireless signal over last mile application helping WISPs deliver wireless broadband Internet service to residents and business customers In the CPE mode APO1200 APO1215 is a gateway enabled with NAT and DHCP Server functions The wired clients connected to APO1200 APO1215 are in different subnet from those connected to Main Base Station and in CPE mode it does not accept wireless association from wireless clients 5 NAT Main 1 Base Station APO1200 192 168 1 250 WIFI WAN LAN 192 168 1 254 192 168 2 254 33 192 168 2 X Configuration in Client Bridge Universal Repeater Mode It can be used as an Client Bridge Universal Repeater to receive wireless signal over last mile applications helping WISPs deliver wireless broad
293. wn list the options are US ETSI JP and NONE m Channel Frequency The channel range will be changed by selecting different country code Below depicts the channel range for different Country Country Channel US 36 40 44 48 52 56 60 64 149 153 157 161 ETSI 36 40 44 48 52 56 60 64 100 104 108 112 116 120 124 128 132 136 140 JP 36 40 44 48 NONE 36 40 44 48 52 56 60 64 100 104 108 112 116 120 124 128 132 136 140 149 153 157 161 m Tx Power You can adjust the output power of the system to get the appropriate coverage for your wireless network Specify digit numbers between 7 to 100 the unit is for your environment If you are not sure which setting to choose then keep the default setting 100 When Band Mode select in 802 11a only mode the HT High Throughput settings should be hidden immediately 20 m HT TxStream RxStream By default it s 2 m Operating Mode By default it s Mixed Mode gt Mixed Mode In this mode packets are transmitted with a preamble compatible with the legacy 802 11a g the rest of the packet has a new format In this mode the receiver shall be able to decode both the Mixed Mode packets and legacy packets gt Green Field In this mode high throughput packets are transmitted without a legacy compatible part m Channel Bandwidth The 20 40 MHz option is usually best The other option is available for special circ
294. wners might experience subsequent collisions When adjustment to longer slot time can t improve performance then RTS CTS could supplement and help improve performance Extra Slot Time Slot time is in the range of 1 255 and set in unit of microsecond The default value is 9 microsecond When you enable Short Slot and set Extra Slot time to 10 the actual Slot Time 9 10 us When you disable Short Slot and set Extra Slot time to 10 the actual Slot Time 20 10 us 22 ACK Timeout ACK timeout is in the range of 1 255 and set in unit of microsecond The default value is 32 microsecond All data transmission in 802 11b g request an Acknowledgement ACK send by receiving radio The transmitter will resend the original packet if correspondent ACK failed to arrive within specific time interval also refer to as ACK Timeout ACK Timeout is adjustable due to the fact that distance between two radio links may vary in different deployment ACK Timeout makes significant influence in performance of long distance radio link If ACK Timeout is set too short transmitter will start to Resend packet before ACK is received and throughputs become low due to excessively high re transmission ACK Timeout is best determined by distance between the radios data rate of average environment The Timeout value is calculated based on round trip time of packet with a little tolerance So if experiencing re transmissions or
295. y y y y y Transmit packets The total transmitted packets of the LAN port 256 Wireless Information Display the detailed receive and transmit statistics of Wireless interface Wireless Informati MAC Address Channel Rate Receive Bytes Recene Packets Tran mit Bytes Transmit Packets 13 MAC Address The MAC address Y Y Y y y y y on 00 11 43 04 TB FA 300 Mbs 0654 of the Wireless Port Channel The current channel on the Wireless port Rate The current Bit Rate on the Wireless port Receive bytes The total received packets in bytes on the Wireless port Receive packets The total received packets on the Wireless port Transmit bytes The total transmitted packets in bytes on the Wireless port Transmit packets The total transmitted packets on the Wireless port DHCP Server Status Users could retrieve DHCP server and DHCP clients IP MAC address via this field DHCP Server Status DHCP start IP End IP DNS1 IP DNS2 IP WINS IP IP Address Enable 192 168 2 10 192 168 2 70 192 166 2 1 25400 MAC Address Expired In none gt IP Address IP addresses to LAN devices by DHCP server gt MAC Address MAC addresses of LAN devices gt Expired In Shows how long the leased IP address will expire 257 8 7 2 Associated Clients Status It displays ESSID on off Status Security Type total number of wireless clients associated with all Virtual AP Wi
296. ystem Manager Privileges There are two system management accounts for maintaining the system namely the root and admin accounts are with different levels of privileges The root manager account is empowered with full privilege to Read amp Write while the admin manager account is Read only The following table display CPE admin account s privileges tne semen o Minne IET O as Tine sere O te a E os a w FE a Advance D S Profile Settings Read Network Utility Read amp Write Administrator Appendix E Enabling UPnP in Windows XP 1 Open the Add Remove Programs control panel and then click on Add Remove Windows Components in the sidebar Scroll down and find Networking Services highlight it and then click Details Windows Components Wizard Windows Components Tou can add or remove componente of Windows sF To add or remove a component click the checkbox 4 shaded box means that only part of the component will be installed To see what s included in a component click Details Components O sat Message Queuing wi MSN Explorer Networking Services 0 3 MB LJ aa Other Network File and Print Services 0 0 MB el A utlank Feness ome Description Contains a vanety of specialized network related services and protocols Total disk space required Fb ME Space available on disk 33156 3 MB 2 Inthe
Download Pdf Manuals
Related Search