VX-AP320NA User Manual
Contents
1. Normally you can leave this at Automatic so that Wireless Stations can use either method Open System or Shared Key If you wish to use a particular method select the appropriate value Open System or Shared Key All Wireless stations must then be set to use the same method Select Hex or ASCII depending on your input method All keys are converted to Hex ASCII input is only for convenience Enter the key values you wish to use The default key selected by the radio button is required The other keys are optional Other stations must have matching key values Use this to generate a key or keys instead of entering them directly Enter a word or group of printable characters in the Passphrase box and click the Generate Key button to automatically configure the WEP Key s 29 VX AP320NA Wireless Access Point User Guide Security Settings WPA PSK Like WEP data is encrypted before transmission WPA is more secure than WEP and should be used if possible The PSK Pre shared Key must be entered on each Wireless station The 256Bit encryption key is derived from the PSK and changes frequently Wireless Access Point E B easic Settings Basic settings radius VAP Name VAP Name 1 access Control SSID Wireless 1 D Advanced Settings Broadcast SSID Enable Disable Elneip Isolation within VAP Disable S Max Station Number 0 642. VAP Rate Limit Max Downstream Rate o Kbps 0 200000 Max Upstream Rate p Kbps 0 200000 Station Rate Limit Max Downstream Rate o Kbps 0 200000 Max Upstream Rate oO Kbps 0 200000 Security Security System WPA PSK x Network Key el Encryption TKIP _ aa Figure 21 WPA PSK Screen Data WPA PSK Screen WPA PSK Network Key Enter the key value Data is encrypted using a 256Bit key derived from this key Other Wireless Stations must use the same key Encryption The encryption method is TKIP Wireless Stations must also use TKIP 30 Security Settings WPA2 PSK This is a further development of WPA PSK and offers even greater security using the AES Advanced Encryption Standard method of encryption Wireless Access Point aa Access Point Setup B sasic Settings Basic settings radius VAP Name VAP Name 1 ej access Control SSID Wireless 1 Advanced Settings Broadcast SSID Enable Disable Ejneip Isolation within VAP Disable w Max Station Number X 0 64 VAP Rate Limit Max Downstream Rate p Kbps 0 200000 Max Upstream Rate fo Kbps 0 200000 Station Rate Limit Max Downstream Rate fo Kbps 0 200000 Max Upstream Rate fo Kbps 0 200000 Security Security System WPA2 PSK v Network Key Encryption AES v Figure 22 WPA2 PSK Screen
3. This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protec tion against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communica tions However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one of the following measures e Reorient or relocate the receiving antenna e Increase the separation between the equipment and receiver e Connect the equipment into an outlet on a circuit different from that to which the receiver is connected e Consult the dealer or an experienced radio TV technician for help To assure continued compliance any changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate this equipment Example use only shielded interface cables when connecting to computer or peripheral devices FCC Radiation Exposure Statement This equipment complies with FCC RF radiation exposure limits set forth for an un
4. 0 means no limit Enter the maximum downstream rate for each wireless station 0 means no limit Max Upstream Rate Security Security System Enter the maximum upstream rate for each wireless station 0 means no limit Choose the security method from the drop down list Refer to the following section for more details Security Settings Select the desired option and then enter the settings for the selected method The available options are None No security is used Anyone using the correct SSID can connect to your network WEP The 802 11b standard Data is encrypted before transmission but the encryption system is not very strong WPA PSK Like WEP data is encrypted before transmission WPA is more secure than WEP and should be used if possible The PSK Pre shared Key must be entered on each Wireless station The 256Bit encryption key is derived from the PSK and changes fre quently WPA2 PSK This is a further development of WPA PSK and offers even greater securi ty using the AES Advanced Encryption Standard method of encryption WPA PSK and WPA2 PSK This method sometimes called Mixed Mode allows clients to use EITHER WPA PSK with TKIP OR WPA2 PSK with AES WPA with Radius This version of WPA requires a Radius Server on your LAN to provide the client authentication according to the 802 1x standard Data transmissions are encrypted using the WPA standard If this option
5. Apply Figure 57 Authentication Screen 12 Select No if you don t want to view the help for EAP Click Finish Remote Access Login for Users 1 Select Start Programs Administrative Tools Active Directory Users and Computers PC and Server Configuration 2 Double click on the user who you want to enable 3 Select the Dial in tab and enable Allow access Click OK alex Properties 4 Terminal Services Profile E mail Addresses General Address Account Profile Telephones Organization Member Of Dialin Environment Sessions Remote control Allow access C Deny access m Remote Access Permission Dial in or VPN Exchange General Exchange Features Control access through Remote Access Policy F Verify Calle ID m r Callback Options No Callback C Always Callback to C Set by Caller Routing and Remote Access Service only connection Define routes to enable for this Dial in Static Routes 2x Figure 58 Dial in Screen 67 VX AP320NA Wireless Access Point User Guide Using 802 1x Mode without WPA This is very similar to using WPA Enterprise The only difference is that on your client you must NOT enable the setting The key is provided for me automatically Instead you must enter the WEP key manually ensuring it matches the WEP key used on the Access Point Wireless Network Properties Network name SSID misslai
6. Mstart A e A Dover aacontr Tada Akca activ activ ihe YQ aS zasem Figure 51 Active Directory Screen Select the Group Policy tab choose Default Domain Policy then click Edit wireless yourdomain tid Properties RRS General Managed By Group Policy Current Group Policy Object Links for wireless vill Group Policy Object Links No Override Disabled 4 Default Domain Policy Group Policy Objects higher in the list have the highest priority This list obtained from rowan wireless yourdomain tld New Add Edit Up Options Delete Properties Dawn T Block Policy inheritance omea a Figure 52 Group Policy Tab Select Computer Configuration Windows Settings Security Settings Public Key Poli cies right click Automatic Certificate Request Settings New Automatic Certificate Request 63 VX AP320NA Wireless Access Point User Guide EZ acon vew e semal Ble o SOS Tree Automatic Certificate Request _ Default Domain Policy swpa dell2k swpa sercomm com tw P g Computer Configuration H Software Settings Windows Settings Sj Scripts Startup Shutdown ic Security Settings amp 8 Account Policies 13 fe Local Policies g Event Log m Restricted Groups i CB system Services E Registry E E File System E E Public Key Policies a Encrypted Data staat Agents a Trusted Root PETE nents New Aut
7. e The Shared Key set on the Security Screen of the Access Point must match the Shared Secret value on the Radius Server e Encryption settings must be correct 57 VX AP320NA Wireless Access Point User Guide 802 1x Server Setup Windows 2000 Server This section describes using Microsoft Internet Authentication Server as the Radius Server since it is the most common Radius Server available that supports the EAP TLS authentication method The following services on the Windows 2000 Domain Controller PDC are also required e dhepd e dns e rras e webserver IIS e Radius Server Internet Authentication Service e Certificate Authority Windows 2000 Domain Controller Setup 1 Run dcpromo exe from the command prompt 2 Follow all of the default prompts ensure that DNS is installed and enabled during installa tion Services Installation 1 Select the Control Panel Add Remove Programs 2 Click Add Remove Windows Components from the left side 3 Ensure that the following components are activated selected e Certificate Services After enabling this you will see a warning that the computer cannot be renamed and joined after installing certificate services Select Yes to select certificate services and continue e World Wide Web Server Select World Wide Web Server on the Internet Information Services IIS component e From the Networking Services category select Dynamic Host Configuration Protocol DH
8. Data WPA2 PSK Screen WPA2 PSK Network Key Enter the key value Data is encrypted using a 256Bit key derived from this key Other Wireless Stations must use the same key Encryption The encryption method is AES Wireless Stations must also use AES 31 VX AP320NA Wireless Access Point User Guide Security Settings WPA PSK and WPA2 PSK This method sometimes called Mixed Mode allows clients to use EITHER WPA PSK with TKIP OR WPA2 PSK with AES Wireless Access Point o Basic Settings O Vitrual APs Basic Settings radius VAP Name VAP Name 1 access Control SSID Wireless 1 D Advanced Settings Broadcast SSID Enable Disable 2 Help Isolation within VAP Disable w Max Station Number 0 64 VAP Rate Limit Max Downstream Rate fo Kbps 0 200000 Max Upstream Rate fo Kbps 0 200000 Station Rate Limit Max Downstream Rate jo Kbps 0 200000 Max Upstream Rate oO Kbps 0 200000 Security Security System WPA PSK and WPA2 PSK v Network Key Encryption TKIP h E Figure 23 WPA PSK and WPA2 PSK Screen Data WPA PSK and WPA2 PSK Screen WPA PSK and WPA2 PSK Network Key Enter the key value Data is encrypted using this key Other Wireless Stations must use the same key Encryption Select the desired encryption method from the list 32 Access Point Setup Security Settin
9. a ae O AP Type management AP Type FMAP FATAP o Auto Config o Config File rina Test E Auto Reboot o Firmware Upgrade Buelp Figure 70 AP Type Screen 79 VX AP320NA Wireless Access Point User Guide Data AP Type Screen Account AP Type Select the AP type as required If FAT AP gt Bridge Mode is selected please refer to the Chapter 7 Access Point Mode for more details 80 Access Point Management Management Screen Account Screen The Account screen allows you to assign a password to the Wireless Access Point This pass word limits access to the configuration interface The default password is password It is recommended that this be changed using this screen Wireless Access Point E ar type Management Admin User Name admin e Account ia pail seas Method Control New Password ol Auto Config Re enter to Confirm o Config File o Ping Test oJ auto Reboot o Firmware Upgrade uelp Cancel Figure 71 Account Screen Data Account Screen Account Admin User Name Enter the login name for the Administrator Change Admin Password If you wish to change the Admin password check this field and enter the new login password in the fields below New Password Enter the desired login password Re enter to Confirm Re enter the desired login password 81 VX AP320NA Wir
10. o Basic Settings Time Settings SNMP Settings Basic SNMP Trap Los Settings EJHeip Username Authentication Protocol None Authentication Key Privacy Protocol None Privacy Key Figure 11 SNMPv3 Screen Data SNMPv3 Screen SNMPv3 User Name Authentication Protocol Authentication Key Privacy Protocol Privacy Key Enter the user name for SNMPv3 Select the authentication protocol used by SNMPv3 Enter the authentication key required by SNMPv3 Select the private protocol as required Enter the private key here 14 SNMP Trap o Basic Settings e Time Settings SNMP Settings Basic SNMPv3 Log Settings Buelp Access Point Setup Wireless Access Point D Trap Server Server 1 0 0 0 0 Server 2 0 0 0 0 Server Port 162 1 65534 Trap Periods 24 hours 1 65535 Trap Threshold Rate of CPU Utilization 80 1 100 Rate of Memory Utilization 80 1 100 Figure 12 SNMP Trap Screen Data SNMP Trap Screen SNMP Trap Server 1 Server 2 Server Port Trap Periods Trap Threshold Rate of CPU Utilization Rate of Memory Utilization Enter the IP address of the server 1 Enter the IP address of the server 2 in case the server 1 is not available Enter the port number for the server Enter the desir
11. Access Point Setup Network IGMP Settings Screen Wireless Access Point PR sas sen e o r settings vuan setttings IGMP Snooping Enable Disable Cancel IGMP Settings IGMP Snooping Figure 41 IGMP Settings Screen Data IGMP Settings Screen This option is only useful if the hubs switches on your LAN support the VLAN standard VX AP320NA Wireless Access Point User Guide Network Bridge Parameters Screen Wireless Access Point es T e 1P settings vuan setttings Ageing Time 300 s 180 3600 Bst e 1cmP settings O Bridge Parameters Buelp Figure 42 Bridge Parameters Screen Data Bridge Parameters Screen Bridge Parameters Ageing Time This value indicates the ageing time on the bridge If it is timeout this station will be removed from the bridge table 54 Chapter 4 PC and Server Configu ration This Chapter details the PC Configuration required for each PC on the local LAN Overview All Wireless Stations need to have settings which match the Wireless Access Point These settings depend on the mode in which the Access Point is being used e Ifusing WEP or WPA PSK it is only necessary to ensure that each Wireless station s settings match those of the Wireless Access Point as described below e For 802 1x modes configuration is much more complex The Radius Server must be configured corr
12. PC the wireless mode is set to Infrastructure If using the Access Control feature the PC s name and address is in the Trusted Stations list If using 802 1x mode ensure the PC s 802 1x software is configured correctly See Chapter 4 for details of setup for the Windows XP 802 1x client If using a different client refer to the vendor s documentation 98 Appendix C About Wireless LANs Overview Wireless networks have their own terms and jargon It is necessary to understand many of these terms in order to configure and operate a Wireless LAN Wireless LAN Terminolog Modes Wireless LANs can work in either of two 2 modes e Ad hoc e Infrastructure Ad hoc Mode Ad hoc mode does not require an Access Point or a wired Ethernet LAN Wireless Sta tions e g notebook PCs with wireless cards communicate directly with each other Infrastructure Mode In Infrastructure Mode one or more Access Points are used to connect Wireless Stations e g Notebook PCs with wireless cards to a wired Ethernet LAN The Wireless Stations can then access all LAN resources Access Points can only function in Infrastructure mode and can communicate only with Wireless Stations which are Note set to Infrastructure mode SSID ESSID BSS SSID A group of Wireless Stations and a single Access Point all using the same ID SSID form a Basic Service Set BSS Using the same SSID is essential Devices with different SSIDs
13. Properties tion menu click Authorize Help Create a new scope Figure 46 DHCP Screen 3 Click Next when the New Scope Wizard Begins 4 Enter the name and description for the scope click Next 5 Define the IP address range Change the subnet mask if necessary Click Next 60 PC and Server Configuration x IP Address Range You define the scope address range by identifying a set of consecutive IP addresses Enter the range of addresses that the scope distributes Start IP address 192 168 0 100 End IP address 192 168 0 200 subnet mask defines how many bits of an IP address to use for the network subnet IDs and how many bits to use for the host ID You can specify the subnet mask by length or as an IP address Lenath 24 Subnet mask 255 255 255 d lt Back Cancel Figure 47 IP Address Screen 6 Add exclusions in the address fields if required If no exclusions are required leave it blank Click Next Change the Lease Duration time if preferred Click Next Select Yes I want to configure these options now and click Next Enter the router address for the current subnet The router address may be left blank if there is no router Click Next 10 For the Parent domain enter the domain you specified for the domain controller setup and enter the server s address for the IP address Click Next New Scope Wizard E x Domain Name and DNS Servers The Domai
14. Time Threshold seconds 60 600 Syslog t Mailalets uae Log Types Email Address for Alert Logs Buelp SSS DS EEE EE Figure 14 Mail Alerts Screen Data Mail Alerts Screen Email Alerts Email Alerts If enabled an E mail will be sent If enabled the e mail address information below must be provided Log Queue Length Enter the desired length of the log queue The default is 20 entries Log Time Threshold Enter the preferred value between 60 and 600 which deter mine how often the log will be emailed to you Normally this can be left at the default value The default is 600 seconds SMTP Mail Server Enter the domain name or IP address of the SMTP Simple Mail Transport Protocol server you use for sending e mails Email Address for Alert Enter the e mail address the log is to be sent to Logs E mail Log Now Press this button to let the log to be e mailed immediately 17 VX AP320NA Wireless Access Point User Guide Log Types Wireless Access Point ee al o Basic Settings Ttime Settings SNMP Settings Log Settings Syslog Mail Alerts Bluelp Unauthorized Login Attempt M Authorized Login Unauthorized Wireless Attempt Authorized Wireless Connection E System Error Messages Web Access and Configuration Changes Firewall Log Save Cancel a Figure 15 Log Types Screen Data Log Types Screen Log Types Log Types Use these checkboxes to
15. aaas Figure 27 802 1x Screen Data 802 1x Screen 802 1x Dynamic WEP Key Select the desired option Size e 64 Bit Keys are 10 Hex 5 ASCII characters e 128 Bit Keys are 26 Hex 13 ASCII characters e 152 Bit Keys are 32 Hex 16 ASCII characters 36 Access Point Setup Wireless Radius Settings Clicking the Radius link on the Wireless menu will result in a screen like the following Wireless Access Point ats Fm Tsien nemo vicis e o Basic Settings E vitruai aps Primary 1P Address b j p f f Radius Port Number 1812 Shared Secret Accounting Server o Access Control Advanced Settings Secondary Ip Address o fo o o Port Number 1812 Buelp Shared Secret Figure 28 Authentication Server Settings Data Authentication Server Screen Authentication Server Primary IP Address Enter the name or IP address of the Radius Server on your network Port Number Enter the port number used for connections to the Radius Server Shared Secret Enter the key value to match the Radius Server Secondary IP Address The Secondary Authentication Server will be used when the Primary Authentication Server is not available 37 VX AP320NA Wireless Access Point User Guide Accounting Server Wireless Access Point o Basic Settings o Vitrual APs Primary 1P Address fo fo fp a 1813 Authentication Port Number Se
16. and WPA2 RADIUS WPA Encryption TKIP w SS Figure 26 WPA and WPA2 with Radius Screen Data WPA and WPA2 with Radius Screen WPA and WPA2 with Radius WPA Encryption Select the desired encryption method from the list 35 VX AP320NA Wireless Access Point User Guide Security Settings 802 1x This uses the 802 1x standard for client authentication and WEP for data encryption If this option is selected e This Access Point must have a client login on the Radius Server e Each user must have a user login on the Radius Server Normally a Certificate is used to authenticate each user See Chapter4 for details of user configuration e Each user s wireless client must support 802 1x e All data transmission is encrypted using the WEP standard You only have to select the WEP key size the WEP key is automatically generated Wireless Access Point Baa SaaS o Basic Settings radius VAP Name VAP Name 1 access Control SSID Wireless 1 J Advanced Settings Broadcast SSID Enable O Disable Elueip Isolation within VAP Disable K Max Station Number o o 0 64 VAP Rate Limit Max Downstream Rate o Kbps 0 200000 Max Upstream Rate o Kbps 0 200000 Station Rate Limit Max Downstream Rate jo Kbps 0 200000 Max Upstream Rate fo Kbps 0 200000 Security Security System 802 1x v Dynamic WEP Key Size 64bit
17. are unable to communi cate with each other However some Access Points allow connections from Wireless Stations which have their SSID set to any or whose SSID is blank null ESS ESSID A group of Wireless Stations and multiple Access Points all using the same ID ESSID form an Extended Service Set ESS Different Access Points within an ESS can use different Channels To reduce interference it is recommended that adjacent Access Points SHOULD use different channels VX AP320NA Wireless Access Point User Guide As Wireless Stations are physically moved through the area covered by an ESS they will automatically change to the Access Point which has the least interference or best perfor mance This capability is called Roaming Access Points do not have or require Roaming capabilities Channels The Wireless Channel sets the radio frequency used for communication e Access Points use a fixed Channel You can select the Channel used This allows you to choose a Channel which provides the least interference and best performance For 802 11g 13 channels are available in the USA and Canada but 1 1channels are available in North America if using 802 11b e Ifusing multiple Access Points it is better if adjacent Access Points use different Chan nels to reduce interference The recommended Channel spacing between adjacent Access Points is 5 Channels e g use Channels and 6 or 6 and 11 e In Infrastructure mode Wire
18. at the default value 41 VX AP320NA Wireless Access Point User Guide DTIM Interval RTS CTS Threshold Guard Interval Preamble Type 802 11b Protection Mode Station Idle Time TX RX Chainmask Enable A MPDU Enable Worldwide Mode Enable WMM Wi Fi Multimedia Support Enable WMM Power Save Enable Link Integrity Enter the preferred setting between 1 and 255 Normally this can be left at the default value Enter the preferred setting between 1 and 2347 Normally this can be left at the default value Select the guard interval manually for Wireless N connections The two options are Short 400ns and Long 800ns Select the desired option The default is Long The Short setting takes less time when used in a good environment The Protection system is intended to prevent older 802 11b devices from interfering with 802 11g transmissions Older 802 11b devices may not be able to detect that the 802 11g transmission is in progress This indicates the time seconds of the station whose node will be deleted from AP if there is no traffic for the link Select the desired TX RX chainmask Enable this setting if you wish to use this feature Enable this setting if you want to use this mode and your Wireless stations also support this mode Check this to enable WMM Wi Fi Multimedia support in the Access Point If WMM is also supported by your wireless clients voice and multimedia traffic will
19. available in 2 4GHz mode Flashing Data is being transmitted or received via the Wireless access point Data includes network traffic as well as user data On Wireless connection is available in 5GHz mode Off Wireless connection is not available in SGHz mode Flashing Data is being transmitted or received via the Wireless access point Data includes network traffic as well as user data Attach the 2 4G antennas here Introduction Rear Panel Console LAN PoE Power Figure 3 Rear Panel Reset Button This button has two 2 functions e Reboot When pressed and released the Wireless Access Point will reboot restart e Reset to Factory Defaults This button can also be used to clear ALL data and restore ALL settings to the factory default values To Clear All Data and restore the factory default values 1 Hold the Reset Button until the Status Red LED blinks TWICE usually more than 5 seconds 2 Release the Reset Button The factory default configuration has now been restored and the Access Point is ready for use Console port This port allows root access to the router via a dumb terminal interface LAN PoE Use a standard LAN cable RJ45 connectors to connect this port to a 10 100 1000BaseT hub switch on your LAN Power port Connect the supplied power adapter 12V here VX AP320NA Wireless Access Point User Guide Wall Mount Template The following image illustrates the mounting slots on t
20. be given a higher priority than other traffic Enable or Disable WMM Power Save feature If enabled the device can detect the plugging or unplugging of the Ethernet cable and start stop the related services correspondingly 42 Access Point Setup User Control Screen Click User Control on the Wireless menu to view a screen like the following Wireless Access Point E o Basic Settings B vitruai APs Wireless Radio Radio 1 2 4G radius User Control Mode Disable v access Gostrol Max Station Number 5 1 256 Max Throughput Mbps 1 100 Parameters Auto Frequency Load Balance WMM Band Select Rate Limitation EjHeip Figure 32 User Control Screen Data User Control Screen User Control Wireless Radio Select the either Radio 1 or Radio 2 for the wireless feature User Control Mode Select the method of controlling the Wireless Stations It can be one of following options e Disable This function is disabled e Users In this mode number of Wireless Stations that can connect this device is limited to the specified value e Flux In this mode if total throughput of the device reaches the specified value the Wireless Stations will refuse to connect the device Max Station Enter the maximum number 1 256 of wireless stations connecting to Number the device Max Enter the desired number between 1 and 100 for the maximum Throughput
21. determine which events are included in the log Checking all options will increase the size of the log so it is good practice to disable any events which are not really required Unauthorized Login Attempt If checked the unauthor ized users who attempted to login to the Access Point are logged Authorized Login If checked this will log the author ized login TO this Access Point Unauthorized Wireless Attempt If checked the unauthorized wireless attempted will be login to the Access Point are logged Authorized Wireless Connection If checked this will log the authorized wireless connection to this Access Point System Error Messages If checked the system error message will be logged Web Access and Configuration Changes If checked the changes of configuration will be logged Firewall Log If checked the firewall message will be logged 18 Access Point Setup Wireless Basic Settings Screen The settings on this screen must match the settings used by Wireless Stations Click Basic Settings on the Wireless menu to view a screen like the following Wireless Access Point a O Basic Settings p3 9 vitruai APs Wireless Radio Radio 1 2 4G Y radius Radio Function Disable access Control Wireless Mode Gaav anced Settings Auto Channel Scan Disable Channel Frequency 6 Ejneip Transmit Data Rate Best 11N Transmit
22. the data on screen Save File Save the log to a file on your pc Clear Log This will delete all data currently in the Log This will make it easier to read new messages 76 Operation and Status Statistics Screen Ethernet Screen Wireless Access Point SESS o Device Info o System Status Packets Received 51 H network status Packets Sent 82 wireless Sitas Bytes Received 5038 L ol n Bytes Sent 71801 Statistics Error Packets Received 0 Wireless Drop Received Packets 0 Buelp Figure 68 Ethernet Screen Data Ethernet Screen Ethernet Packets Received The number of packets received by the Access Point Packets Sent The number of packets sent by the Access Point Bytes Received The number of bytes received by the Access Point Bytes Sent The number of bytes sent by the Access Point Error Packets The number of error packets received Received Drop Received The number of drop packets received Packets 77 VX AP320NA Wireless Access Point User Guide Wireless Screen Wireless Access Point sl Wireless Radio Radio 1 2 4G o Device Info lJ system Status Name VAPO VAP1 Packets Received 0 0 Network Status Packets Sent 0 0 wireless Status Bytes Received 0 0 o Log Bytes Sent 0 0 sR
23. the user name and password Enter the same login name and password as used for the HTTP Web interface The default values are admin for the User Name and password for the Password 3 Once connected you can use any of the commands listed in the following Command Reference Command Reference The following commands are available 102 get aging get authentication get beaconinterval get channel get country get defaultkey get description get dhcp get dhcpserverendip get dhcpserverstartip get dnsserver get dot 1 xdynkeyupdate get dotl xdynkeylife get dotlxkeytype get fragthreshold get gateway get gtkupdate get gtkupdateinterval get http get httpport get https get httpsport get ipaddr get ipmask get isolation get key get keylength get lltd get md5supplicant get md5suppname get mdSsupppassword get mdSsupptype get nativevlanid get ntp get operationmode Appendix D Command Line Interface Display 802 1x Dynamic Key Update Mode 103 VX AP320NA Wireless Access Point User Guide get snmpreadcommu Display SNMP Read Community nity get snmpwritecommu Display SNMP Write Community nity 104 get systemname get telnet get time get timezone get uptime get username get vapname get version get vlan get vlanid get wirelessmode get wirelessseparate get wmm get wmmnoack set 1 lnampdu set 1 lnamsdu set 1 Inguardinterval set 1 Insubchannel set 1 l
24. throughput 43 VX AP320NA Wireless Access Point User Guide Auto Frequency Screen EMM o Basic Settings o Vitrual APs Wireless Radio Radio 1 2 4G radius Auto Frequency Mode Disable access Control Auto Frequency Adjust Interval 8 Seconds 600 10800 Advanced Settings Min Signal Level Interval dBm 90 10 Parameters Load Balance WMM Band Select Rate Limitation EjHeip Save Cancel Figure 33 Auto Frequency Screen Data Auto Frequency Screen Auto Frequency Wireless Radio Select the either Radio 1 or Radio 2 for the wireless feature Auto Frequency If enabled the device can adjust its wireless channel at a specified Mode interval Auto Frequency Specify the interval at which the device will scan and adjust its Adjust Interval wireless channel Min signal Level Enter the desired dBm between 90 and 10 here Interval 44 Access Point Setup Load Balance Screen Wireless Access Point Ol o Basic Settings E vitruat li Load Balance Mode Disable M D radius Load Balance Group o Access Control User Number Interval 1 100 Advanced Settings Parameters Data Flux Interval Kbps 1 102400 User Control CPU Usage Interval 1 100 Auto Frequency WMM Band Select Rate Limitation Ejneip E Figure 34 Load Balance Sc
25. wireless stations Wireless Access Point Ss Bar type Management C Turn IP Management Control On Account Method Allow Following IP Addresses to Manage the Device Deny Following IP Addresses to Manage the Device e auto config Subnet Subnet Mask contio Fite subnetifo fo fo p pss pss fess s5 Pino Test subnet2f0 pP fo p f255 255 ps5 55 oJ auto Reboot o Firmware Upgrade IP subnet 3 bP pP b fp f255 255 jess s55 w subnet4fo pP fo p pss 255 ps5 ps5 Elueip IP subnet 5 p p jp jp ss 255 jess 255 IP subnet 6 bp op fp fb fess p55 f255_ P55 w subnet7fO pP p p fess ps5 ps5 p55 P subnets h fo p pP 255 p55 s5 J255_ N N w U Cancel Figure 73 Control Screen Data Control Screen Turn IP Select the desired option as required Management 7 Control On Enable or Disable the Management Control feature e Select either Allow following IP addresses to Manage the Device or Deny following IP addresses to Manage the Device e Enter the physical IP address and Subnet Mask of each Wireless station 83 VX AP320NA Wireless Access Point User Guide Auto Config To reach this screen select Auto Config in the Administration section of the menu Wireless Access Point a Saas Da type E Management Auto Config Enable Disable O Auto Config FTP Server o Config File User
26. 0 VAP Name 12 N A Wireless 12 Enabled None Disabled 0 VAP Name 13 N A Wireless 13 Enabled None Disabled 0 VAP Name 14 N A Wireless 14 Enabled None Disabled 0 VAP Name 15 N A Wireless 15 Enabled None Disabled 0 VAP Name 16 N A Wireless 16 _ Enabled None Disabled 0 Figure 65 Virtual AP Status Screen Data Virtual AP Status Screen Virtual AP Status Wireless Radio Select the desired band 2 4 GHz or 5 GHz used by this profile Name The name you gave to this profile if you didn t change the name the default name is used SSID Broadcast Indicates whether or not the SSID is broadcast SSID The SSID assigned to this profile Security The security method used by this profile Status Indicates whether or not this profile is enabled or currently used Clients The number of wireless stations currently using accessing this Access Point using this profile If the profile is disabled this will always be zero 74 Operation and Status Wireless Stations Screen g Device Info g System Status Network Status Wireless Status Basic Virtual AP Status Biss Statistics uelp Wireless Access Point eas Wireless Radio Radio 1 2 4G MAC Address Station ID SSID RSSI dbm Status Station ID OutPkts InPkts OutOctets InOctets Figure 66 Wireless Stations Screen Data Wireless Station Screen Station List
27. 7 VX AP320NA Wireless Access Point User Guide Security Settings WEP This is the 802 11b standard Data is encrypted before transmission but the encryption system is not very strong Wireless Access Point o Basic Settings Basic settings radius VAP Name VAP Name 1 access Control SSID Wireless 1 D Advanced Settings Broadcast SSID Enable O Disable Ejueip Isolation within VAP Disable 5 Max Station Number 2 0 64 VAP Rate Limit Max Downstream Rate jo Kbps 0 200000 Max Upstream Rate jo Kbps 0 200000 Station Rate Limit Max Downstream Rate 0 Kbps 0 200000 Max Upstream Rate p Kbps 0 200000 Security Security System WEP v Data Encryption 64bit Authentication Open System WEP Keys Key input Hex 0 9 and A F ASCII Key 1 1234567890 Key 2 O 1234567890 Key 3 O 1234567890 Key 4 O 1234567890 Passphrase Generate Key Figure 20 WEP Screen Data WEP Screen WEP Data Select the desired option and ensure your Wireless stations have the Encryption same setting e 64 Bit Encryption Keys are 10 Hex 5 ASCII characters e 128 Bit Encryption Keys are 26 Hex 13 ASCII characters e 152 Bit Encryption Keys are 32 Hex 16 ASCII characters 28 Access Point Setup Authentication Key Input Key Value Passphrase
28. CP and Internet Authentication Service DNS should already be selected and in stalled 58 PC and Server Configuration Windows Components Wizard E x Windows Components You can add or remove components of Windows 2000 To add or remove a component click the checkbox A shaded box means that only part of the component will be installed To see what s included in a component click Details Components M Mj ccessories and Utilities M EE Certificate Services 1 4 MB O Q Cluster Service 2 5 MB M BP Indexing Service 0 0 MB M Sa Intemet Infarmation Services ISI 1 RMR z Description Message Queuing provides loosely coupled and reliable network communication services Total disk space required 12 7 MB Details Space available on disk 6699 9 MB Does Pec Figure 43 Components Screen 4 Click Next 5 Select the Enterprise root CA and click Next Windows Components Wizard E xj Certification Authority Type There are four types of certification authorities Certification Authority types Description Enterprise root CA Enterprise subordinate CA Active Directory Stand alone root CA Stand alone subordinate CA z J Advanced options lt Back Cancel Figure 44 Certification Screen 6 Enter the information for the Certificate Authority and click Next VX AP320NA Wireless Access Point User Guide Windows Components Wizard CA Identifying Informati
29. Data Rate Best Basic Rate 1 2 5 5 6 9 11 12 18 24 36 48 54 Support Rate 1 2 5 5 M6 9 11 12 18 24 36 48 54 11N MCS o 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Auto Power ble Output Power 1dB 79 Channel Bandwidth Auto 20 40MHz Extension Sub Channel Above Primary Channel Save Cancel Figure 16 Basic Settings Screen Data Basic Settings Screen Operation Wireless Radio Select the either Radio 1 or Radio 2 for the wireless feature Radio Function Enable this to use the wireless feature 19 VX AP320NA Wireless Access Point User Guide Wireless Mode For 5G select the desired option e 802 11a Only 5G only 802 1 1a connections are allowed If you only have 802 1 1a selecting this option may provide a perfor mance improvement over using the default setting e 802 11n Only 5G only 802 11n connections are allowed If you only have 802 1 1n selecting this option may provide a perfor mance improvement over using the default setting e 802 11a and 802 11n 5G this will allow connections by both 802 11a and 802 11n wireless stations For 2 4G select the desired option e 802 11b only 2 4G if selected only 802 11b connections are allowed 802 11g wireless stations will only be able to connect if they are fully backward compatible with the 802 11b standard e 802 11g only 2 4G only 802 11g connections are allowed If you only have 802 11g selecting thi
30. Error Packets Received 0 0 Drop Received Packets is is Ethernet Name VAP2 VAP3 Packets Received 0 0 Packets Sent 0 ia Bytes Received is 0 Bytes Sent 0 0 Error Packets Received 0 0 Drop Received Packets 0 0 Name VAP4 VAPS Packets Received 0 0 Packets Sent 0 0 Bytes Received is is Bytes Sent 0 0 Error Packets Received 0 0 Drop Received Packets 0 0 Name VAP6 VAP7 Packets Received 0 0 Packets Sent 0 0 Bytes Received is ie Bytes Sent 0 0 Error Packets Received 0 is Drop Received Packets 0 0 Figure 69 Wireless Screen Data Wireless Screen VAP0 VAP7 Wireless Radio Select the desired band 2 4 GHz or 5 GHz used by this profile Packets Received The number of packets received by the Access Point Packets Sent The number of packets sent by the Access Point Bytes Received The number of bytes received by the Access Point Bytes Sent The number of bytes sent by the Access Point Error Packets The number of error packets received Received Drop Received The number of drop packets Packets 78 Chapter 6 Access Point Manage ment This Chapter explains when and how to use the Wireless Access Point s Administration Features Overview This Chapter covers the following features available on the Wireless Access Point s Administration menu AP Type Management Auto Config Config File Ping Test Auto Reboot Firmware Upgrade Wireless Access Point
31. K this checkbox when Daylight Saving Time finishes e Use Defined NTP Server If you prefer to use a particular NTP server as the primary server check this checkbox and enter the Server s IP address in the fields provided If this setting is not enabled the default NTP Server is used NTP Server Name IP Address Enter the server name or IP address of the NTP e NTP Server Port Enter the port for the NTP server 12 Access Point Setup System SNMP Settings SNMP Simple Network Management Protocol is only useful if you have a SNMP program on your PC To reach this screen select SVMP in the System section of the menu Basic Screen Wireless Access Point a o Basic Settings time Settings SNMP v1 v2c v3 Enable v SNMP Settings Contact Basic Device Name AP4F2B34 SNMPv3 f SNMP Trap Location Etos Settings Read Only Community public Read Write Community private EjHeip Figure 10 Basic Screen Data Basic Screen Basic SNMP v1 v2 v3 Use this to enable or disable SNMP as required Contact The identification of the contact person Device Name Enter the desired name for the device Location The physical location of this node Read Only Data can be read but not changed community Read Write Data can be read and changed Community 13 VX AP320NA Wireless Access Point User Guide SNMPv3 Wireless Access Point F
32. Name o Ping Test Bato EE Password o Firmware Upgrade Config File Interval Hours EjHeip Check Now _ _ aO Figure 74 Auto Config Screen Data Auto Config Screen Auto Config Auto Config If enabled this AP will perform Auto Configuration FTP Server Enter the address for the FTP server User Name Enter the login name for the FTP server Password Enter the login password for the FTP server Config File Enter the full path of the firmware in the FTP server Interval If enabled the device will check the config file in the time interval Enter the desired time in the field 84 Access Point Management Config File This screen allows you to Backup download the configuration file and to restore upload a previously saved configuration file You can also set the Wireless Access Point back to its factory default settings To reach this screen select Config File in the Management section of the menu Wireless Access Point E ar type Management auto Config Click following button to back up a copy of the current settings into a file o Ping Test o Auto Reboot Restore a previously saved config file to current system o Firmware Upgrade I Browse EjhHeip Click following button to restore settings to factory default Restore to Defaults a Figure 75 Config File Screen Data Config File Screen Backup Back up a copy of the current settings to a file Once
33. SSE Epasic Settings radius VAP Name VAP Name 1 access Control SSID Wireless 2 4G 1 Advanced Settings Broadcast SSID Enable O Disable Isolation within VAP Disable uelp Max Station Number od 0 64 VAP Rate Limit Max Downstream Rate jo Kbps 0 200000 Max Upstream Rate fo Kbps 0 200000 Station Rate Limit Max Downstream Rate bs Kbps 0 200000 Max Upstream Rate b gt Kbps 0 200000 Security Security System None v Save Cancel E Figure 18 Virtual VAP Screen Data Virtual VAP Screen Basic Settings VAP Name Enter a suitable name for this VAP SSID Enter the desired SSID Each VAP must have a unique SSID Broadcast SSID If Disabled no SSID is broadcast If enabled the SSID will then be broadcast to all Wireless Stations Stations which have no SSID or a null value can then adopt the correct SSID for connections to this Access Point Isolation within If enabled then each Wireless station using the Access Point is VAP invisible to other Wireless stations In most business stations this setting should be Disabled Max Station Enter the number between 0 and 64 Number 24 VAP Rate Limit Max Downstream Rate Access Point Setup Enter the maximum downstream rate for the VAP 0 means no limit Max Upstream Rate Station Rate Limit Max Downstream Rate Enter the maximum upstream rate for the VAP
34. Screen Data IP Settings Screen TCP IP IP Type The current IP type is displayed IP Address The IP Address of the Wireless Access Point Subnet Mask The Network Mask Subnet Mask for the IP Address above Gateway Enter the Gateway for the LAN segment to which the Wireless Access Point is attached the same value as the PCs on that LAN segment Primary DNS Enter the IP Address of the DNS Domain Name Servers here These DNS will be used only if the primary DNS is unavailable Secondary DNS The Secondary DNS will be used only if the primary DNS is unavailable 71 VX AP320NA Wireless Access Point User Guide Ethernet This screen is displayed when the Ethernet button is clicked Wireless Access Point LEE I pevice Info E System status Network Status IP Settings Ethernet Status Connected Wireless Status Eo Statistics EJHeip CE T ooN Figure 63 Ethernet Screen Data Ethernet Screen Ethernet Ethernet Status The current Ethernet status is displayed 72 Operation and Status Wireless Status Basic Screen Wireless Access Point See ee Pe vevice Info Le system Status Wireless Radio Radio 1 2 4G L network Status f Wireless Status AP Mode Access Point j Channel Frequency 6 Virtual AP Status Wireless Mode Disabled Wireless Stations
35. Support for WPA is included WPA is more secure than WEP and should be used if possible Both TKIP and AES encryption methods are supported 802 1x Support Support for 802 1x mode is included providing for the industrial strength wireless security of 802 1x authentication and authorization Radius Client Support The Wireless Access Point can login to your existing Radius Server as a Radius client Radius MAC Authentication You can centralize the checking of Wireless Station MAC addresses by using a Radius Server Rogue AP Detection The Wireless Access Point can detect unauthorized Rouge Access Points on your LAN Access Control The Access Control feature can check the MAC address of Wireless clients to ensure that only trusted Wireless Stations can use the Wireless Access Point to gain access to your LAN Password protected Configuration Optional password protection is provided to prevent unauthorized users from modifying the configuration data and settings Advanced Features Command Line Interface If desired the command line interface CLI can be used for configuration This provides the possibility of creating scripts to perform common config uration changes Auto Configuration The Wireless Access Point can perform self configuration by copying the configuration data from another Access Point This feature is enabled by de fault Auto Update The Wireless Access Point can automatically update its firmware by downloa
36. VX AP320NA 11n Dual Band Wireless Access Point User s Guide TABLE OF CONTENTS CHAPTER 1 INTRODUCTION cc ccsscsscssscsscescsssecssecsecnsesssscsessssscscsssseessessesssessessseseoes 1 Features of your Wireless Access Point cscsscsscsssscsssssecssessscssssesssscssssessessessesesessoes 1 Package Content cssccscsssscssssssssscsssssscsssssscesssessssssssscesecseseseessesessssesssssssssessseesesssessoes 3 Physical Details niano i a 4 CHAPTER 2 INSTALLATION ccsscssscsscsssssssesssssecssessescsecssccseesssssscssssssesseesssesessossseseoes 7 Requirements ennenen iinn i iE aia 7 PLOCECULE ssscscsrsssseessccsssesssscencssessessccssesesessescscsssssssseaceceseeseceeseessssesascsescsesseacesssssseases 7 CHAPTER 3 ACCESS POINT SETUP essesesseseeseeoeseeoesereoreesoreesoeeorseeonsereorereoroesorseroreorseeeesee 9 OVENVICW E A EEE E E E EA 9 Setup using a Web Browser e sseesesessesesoeseseeeeesoeeesoeeoeseeoesesoeeeesoroesoreonseeonseseseereoroesoressseeees 9 System Basic Settings Screen sesseseeseseseeseesoroesseeoeseeoesereeeeesoroesorosnsesorseroesereororsoreesseee 11 System Time Settings Screen sessessesesseseseeeeesoroesereoeseeoeseroeeessoroesoreerserorseroesereorersoreeseeee 12 System SNMP Settings sccscssssssssssesssssscssssssssscsssssesessnsssesssssecssesssseseessseseessseeseeees 13 System Log Settings ccscscsscsssessssssessssssstsssesssscssssssese
37. WMM Support Enabled Bos WMM Power Save Statistics Support Enabled EjHeip Figure 64 Basic Screen Data Basic Screen Basic AP Mode The current Access Point mode is displayed Channel Frequency The Channel currently in use is displayed Wireless Mode The current mode e g 802 11g is displayed WMM Support Enabled or Disabled is displayed for the WMM status WMM Power Save Enabled or Disabled is displayed for the WMM Power Save Support status 73 VX AP320NA Wireless Access Point User Guide Virtual AP Status Screen Wireless Access Point o Device Info system Status Network Status Wireless Status Basic Wireless Stations Eoo Statistics E Wireless Radio Radio 1 2 4G Name BSSID SSID eee Security Status Clients VAP Name 1 N A Wireless 1 Enabled None Disabled 0 VAP Name 2 N A Wireless 2 Enabled None Disabled 0 VAP Name 3 N A Wireless 3 Enabled None Disabled 0 VAP Name 4 N A Wireless 4 Enabled None Disabled 0 VAP Name 5 N A Wireless 5 Enabled None Disabled 0 VAP Name 6 N A Wireless 6 Enabled None Disabled 0 VAP Name 7 N A Wireless 7 Enabled None Disabled 0 VAP Name 8 N A Wireless 8 Enabled None Disabled 0 VAP Name 9 N A Wireless 9 Enabled None Disabled 0 VAP Name 10 N A Wireless 10 Enabled None Disabled 0 VAP Name 11 N A Wireless 11 Enabled None Disabled
38. Wireless Radio Select the desired band 2 4 GHz or 5 GHz used by this profile Station ID The ID of each Wireless Station is displayed If the ID is not known unknown will be displayed MAC Address The MAC physical address of each Wireless Station is displayed SSID This displays the SSID used by the Wireless station Because the Wireless Access Point supports multiple SSIDs different PCs could connect using different SSIDs RSSI It displays the RSSI received signal strength indicator of received radio signal Status This indicates the current status of each Wireless Station OutPkts Number of valid Data packets transmitted to Wireless Stations InPkts Number of valid Data packets received from Wireless Stations OutOctets Number of octests transmitted to Wireless Stations InOctets This indicates the current status of each Wireless Station Refresh Button Update the data on screen 75 VX AP320NA Wireless Access Point User Guide Log Screen Wireless Access Point eae o Device Info D System status Current Time 1970 01 01 00 07 58 Jan 1 00 01 01 Syslogd start up network Status Jan 1 00 01 22 auth Authorized Login from 192 168 0 1 wireless Status E Statistics E Figure 67 Log Screen Data Log Screen Data Current Time The system date and time is displayed Log The Log shows details of the connections to the Wireless Access Point Buttons Refresh Update
39. atus B Statistics EHeip E A a T Figure 82 VLAN Screen Data VLAN Screen VLAN VLAN 802 1Q It displays the status Enabled or disabled of VLAN Management VLAN It displays the VLAN ID of Management VLAN ID 94 Appendix A Specifications Wireless Access Point Hardware Specifications LAN port 1 x RJ45 auto sensing 10 100 1000BASE TX Ethernet with 802 3af PoE Antennae 4 external omni antennas Operating Temperature 10 C to 50 C Operating Humidity 10 90 non condensing Power Adapter 12V 1A External Console Port 1 x RJ45 base Console Wireless Interface Standards IEEE 802 1 1a b g n 2 4GHz 5GHz Radio Chains 2x2 Spatial Streams 2 Channelization 20MHz and or 40MHz Frequency Band 2 4 2 484 GHz and 5 15 5 85 GHz Operating Channels US Canada 1 11 Europe China Japan 1 13 5GHz channels 36 40 44 48 52 56 60 64 100 104 108 112 116 120 124 128 132 136 140 149 153 157 161 165 BSSID Up to 16 per Radios 32 total Power Save Supported Wireless Security WEP WPA PSK WPA TKIP WPA2 AES 802 111 RF Power 20dBm at max Receive Sensitivity 91dBm 802 11b 89dBm 802 11a g 83dBm 802 11n Performance 160Mbps per band Connectivity Up to 128 clients per band 256 total 95 VX AP320NA Wireless Access Point User Guide FCC Statement
40. ays of week during wh Framed Protocol The protocol to be used NAS Identifier String identifying the NAS originating the r NAS IP Address IP address of the NAS originating the requ NAS Port Type Type of physical port used by the NAS ori Service Type Type of service user has requested Tunnel T ype Tunneling protocols to be used Windows Groups Windows groups that user belongs to Add Cancel Figure 56 Attribute Screen 9 Click Permitted then OK Select Next 10 Select Grant remote access permission Click Next 65 VX AP320NA Wireless Access Point User Guide 11 Click Edit Profile and select the Authentication tab Enable Extensible Authentication Protocol and select Smart Card or other Certificate Deselect other authentication meth ods listed Click OK Edit Dial in Profile KiE Dial in Constraints IP Multilink Authentication Encryption Advanced Check the authentication methods which are allowed for this connection Vv Extensible Authentication Protocol Select the EAP type which is acceptable for this policy Smart Card or other Certificate x Configure I Microsoft Encrypted Authentication version 2 MS CHAP v2 Microsoft Encrypted Authentication MS CHAP I Encrypted Authentication CHAP F Unenerypted Authentication PAP SPAP Unauthenticated Access Allow remote PPP clients to connect without negotiating any authentication method Cancel
41. controlled environment This equipment should be installed and operated with a minimum distance of 20 centimeters between the radiator and your body This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and 2 this device must accept any interference received including interference that may cause undesired operation This transmitter must not be co located or operating in conjunction with any other antenna or transmitter 96 Appendix B Troubleshooting Overview This chapter covers some common problems that may be encountered while using the Wireless Access Point and some possible solutions to them If you follow the suggested steps and the Wireless Access Point still does not function properly contact your dealer for further advice General Problems Problem 1 Solution 1 Can t connect to the Wireless Access Point to configure it Check the following The Wireless Access Point is properly installed LAN connections are OK and it is powered ON Check the LEDs for port status Ensure that your PC and the Wireless Access Point are on the same network segment If you don t have a router this must be the case If your PC is set to Obtain an IP Address automatically DHCP client restart it You can use the following method to determine the IP address of the Wireless Access Point and then try to con
42. d to have a DHCP Server on your LAN to provide IP addresses to the Wireless clients using this Access Point This AP must be a valid device on your LAN to allow management connections You must assign a fixed IP address which is within the address range used on your LAN but not within the address range used by your DHCP server When you connect in future just connect normally using the IP address you assigned N Re Start your WEB browser In the Address box enter HTTP and the current IP Address of the Wireless ADSL Modem as in this example which uses the Wireless ADSL Modem s default IP Address HTTP 192 168 0 228 When prompted for the User name and Password enter admin for the user name and the current password as set on the password screen The password is the same regardless of the mode Access Point Mode Home Screen If in Access Point mode the home screen will look like the example below Wireless Access Point O Device Info fe system Status Hardware Version V1 0 00S Network Status Firmware Version v1 0 05 wireless Ses Bootloader Version 1 01 Boo Serial Number 1234567890123 J Statistics AP Type FAT AP 1 Device Mode Bridge Buelp a ao Running Firmware Backup Firmware Figure 79 Home Screen Access Point Mode Note that the menu has changed many of the options in Router mode are the same as Bridge mode The screens availabl
43. ding and installing new firmware from your FTP server Radius Accounting Support If you have a Radius Server you can use it to provide accounting data on Wireless clients Syslog Support If you have a Syslog Server the Wireless Access Point can send its log data to your Syslog Server Introduction SNMP Support SNMP Simple Network Management Protocol is supported allowing you to use a SNMP program to manage the Wireless Access Point Package Contents The following items should be included e Wireless Access Point e Two 5G Detachable Antennas e Two 2 4G Detachable Antennas e Quick Start Guide If any of the above items are damaged or missing please contact your dealer immediately VX AP320NA Wireless Access Point User Guide Physical Details Front Panel LEDs Oe OF HOD ONO Status Power Ethernet 2 4GHz 5GHz Antenna Ports Left Side Status Power Ethernet 2 4 GHz 5 GHz Antenna Ports Right Side Figure 2 Front Panel Attach the 5G antennas here On Error condition Off Normal operation Blinking During start up and when the Firmware is being upgraded On Normal operation Off No power On Corresponding LAN hub port is active Off No active connection on the corresponding LAN hub port Flashing Data is being transmitted or received via the corresponding LAN hub port On Wireless connection is available in 2 4GHz mode Off Wireless connection is not
44. e CWMax value must be greater than or equal to CWMin TXOPlimit Transmission opportunity limit TXOPLimit indicates the maximum time which a user can use a channel after a successful contention The greater the TXOPLimit is the longer the user can use the channel The value 0 indicates that the user can send only one packet each time when it uses the channel Band Select Screen Wireless Access Point SSS o Basic Settings o Vitrual APs Radius o Access Control Advanced Settings Parameters User Control Auto Frequency Load Balance WMM Rate Limitation Band Select Function Buelp Figure 36 Band Select Screen Data Band Select Screen Band Select Band Select Function When 2 4G radio and 5G radio are both enabled and both have the same SSIDs this function will force dual band 2 4G amp 5G clients to connect with 5G channel 47 VX AP320NA Wireless Access Point User Guide Rate Limitation Screen Wireless Access Point o Basic Settings o Vitrual APs Rate Limitation Disable v Radius Lowest Rate 1 Mbps access Control Rate Duration 5 Seconds Parameters User Control Auto Frequency Load Balance WMM Band Select Ejneip Cancel Figure 37 Rate limitation Screen Data Rate limitation Screen Rate limitation Rate Limitation If this feature is enabled it will be disconnected when one wireless client s lin
45. e are Device Mode change back to Router mode if desired e System this screen and related sub screens are the same as in Router mode e Wireless this screen and related sub screens are the same as in Router mode e Administration this screen and related sub screens are the same as in Router mode e Status displays current settings and status See the following section for details The following section only describes the screens that are different than those in Router mode 91 VX AP320NA Wireless Access Point User Guide Device Mode Screen This screen is used to change back to Router mode if desired Wireless Access Point SaaS ae O Device Mode ir settings van Settings icme settings stre o Bridge Parameters Device Mode Bridge O Router EJneip Save Cancel Figure 80 Device Mode Screen Data Device Mode Screen Device Mode Select the desired device mode for the router e Router In this mode this device can provide shared Internet Access to all your LAN users Also by default it acts a DHCP Server providing an IP address and related information to all Wireless and LAN users Bridge The device links your Wireless Stations to your wired LAN The Wireless stations and devices on the wired LAN are then on the same network and can communicate with each other without regard for whether they are connected to the network via a Wireless or wired connection Afte
46. ectly and setup of each Wireless station is also more complex For each of the following items each Wireless Station must have the same settings as the Wireless Access Point Mode On each PC the mode must be set to Infrastructure SSID ESSID This must match the value used on the Wireless Access Point The default value is wireless Note The SSID is case sensitive Wireless Each Wireless station must be set to use WEP data encryption Security The Key size 64 bit 128 bit 152 bit must be set to match the Access Point e The keys values on the PC must match the key values on the Access Point Note On some systems the key sizes may be shown as 40bit 104bit and 128bit instead of 64 bit 128 bit and 152bit This difference arises be cause the key input by the user is 24 bits less than the key size used for encryption VX AP320NA Wireless Access Point User Guide Using WPA PSK WPA2 PSK For each of the following items each Wireless Station must have the same settings as the Wireless Access Point Mode On each PC the mode must be set to Infrastructure SSID ESSID This must match the value used on the Wireless Access Point The default value is wireless Note The SSID is case sensitive Wireless Security On each client Wireless security must be set to WPA PSK e The Pre shared Key entered on the Access Point must also be entered on each Wireless client e The Encryp
47. ed hours 1 65535 When Rate of CPU Utilization reaches the threshold then one SNMP trap will be sent out When Rate of Memory Utilization reaches the threshold then one SNMP trap will be sent out 15 VX AP320NA Wireless Access Point User Guide System Log Settings If you have a Syslog Server on your LAN this screen allows you to configure the Access Point to send log data to your Syslog Server Wireless Access Point a o Basic Settings time Settings Syslog Mode Disabled Mi E snme Settings Server Name IP Address Log Settings Log s Syslog Port 514 Mail Alerts Log Types EJHeip ULUL Figure 13 Syslog Settings Screen Data Syslog Settings Screen Syslog Mode Select the desired Option e Disabled Syslog server is not used e Broadcast Syslog data is broadcast Use this option if different PCs act as the Syslog server at different times e Unicast Select this if the same PC is always used as the Syslog server If selected you must enter the server ad dress in the field provided Server Name IP Address Enter the name or IP address of your Syslog Server Syslog Port Enter the port for the Syslog Server Access Point Setup Mail Alerts Wireless Access Point aa eee o Basic Settings e Time Settings Email Alerts Disable snmp Settings Log Queue Length 2 entries 1 500 Log Setti n Log
48. eless Access Point User Guide Method Screen Bar type Management Account Control oJ auto Config l contig File Pins test auto reboot o Firmware Upgrade EJHeip Wireless Access Point E O Enable Wireless Web Access Enable HTTP Admin connections HTTP Port Number 80 O Enable HTTPS secure HTTP Admin connections HTTPS Port Number O Enable Management via SSH Cancel Data Method Screen Method Figure 72 Method Screen Enable Wireless Web Enable this to allow wireless client access the device Access Enable HTTP Enable this to allow admin connections via HTTP If enabled you must provide a port number in the field below Either HTTP or HTTPS must be enabled HTTP Port Number Enter the port number to be used for HTTP connections to this device The default value is 80 Enable HTTPS Enable this to allow admin connections via HTTPS secure HTTP If enabled you must provide a port number in the field below Either HTTP or HTTPS must be enabled HTTPS Port Number Enter the port number to be used for HTTPS connections to this device The default value is 443 Enable Management via SSH If desired you can enable this option If enabled you will able to connect to this AP using a SSH client 82 Access Point Management Control Screen This feature can be used to block access to your LAN by unknown or untrusted
49. essesssessssnscssssssssesssessssseesssssessesssessnssessesssesssceseasssesseesssesenees 55 Using WPA PSK WPA2 PSK cscsscsssssscssscsssessssssssssessssssessessessecesesssscsessssnsseessesseeees 56 Using WPA Enterprise ssesesseseeseeoeseseorersoeeesoesesseeonsereeseseoreesorseseeeorseeeesereorersorsesereesseeoee 57 802 1x Server Setup Windows 2000 Server ssssccscescsssssesseceseesscssssessessessesees 58 Using 802 1x Mode without WPA csscsssscsssscscecsseesescessersscessceseseessssssscessceesessesees 68 CHAPTER 5 OPERATION AND STATUS sesesseeseseeseseseoreesoroeseesesseeoesereesereoreesoesesoeeesseeeee 69 Status Screenin a a a a a a 69 CHAPTER 6 ACCESS POINT MANAGEMENT ccsccsssssssscsssesesessssesesessscsesessssseeeesees 79 OVELVIEW cssscsscssscsecesscsscessssscssssescessesssessecssensesesessssssessscesessnsssosssssscssecsscesesssseseasssesseeees 79 AP A DA T E A EE E EE E E E E 79 Management SCreen ccccscsssscssesssssscsssssssssssscsssssssssssessssssessessessesesesssseseesseseesssssseeees 81 Auto Confis nseni ioari ep EN iE EERE E E ER a sess 84 Config File cscsscssscssessssscssscsscsssssssessesssssesssssssssscsssscesesssessessscsssssssssesesssscseesssessenses 85 Ping Testasin n riots a EEEE SREE E ERE RERA 87 Auto ReDOOL ccsccscccsrressssescrsssresssscesescsesssscccseeesessescsssssesassesesssesssascocsssessesscsesesseessess 88 Firmware Upgrade cccccssssssssscsssss
50. gs WPA with Radius This version of WPA requires a Radius Server on your LAN to provide the client authentica tion according to the 802 1x standard Data transmissions are encrypted using the WPA standard Wireless Access Point SSS o Basic Settings Basic settings VAP Name VAP Name 1 access Control SSID Wireless 1 D Advanced Settings Broadcast SSID Enable O Disable Elneip Isolation within VAP Disable v Max Station Number p 0 64 VAP Rate Limit Max Downstream Rate jo Kbps 0 200000 Max Upstream Rate jo Kbps 0 200000 Station Rate Limit Max Downstream Rate jo Kbps 0 200000 Max Upstream Rate oC Kbps 0 200000 Security Security System WPA RADIUS nal WPA Encryption TKIP Cancel ES Y Figure 24 WPA with Radius Screen Data WPA with Radius Screen WPA with Radius WPA Encryption The encryption method is TKIP Wireless Stations must also use TKIP 33 VX AP320NA Wireless Access Point User Guide Security Settings WPA2 with Radius This version of WPA2 requires a Radius Server on your LAN to provide the client authentica tion according to the 802 1x standard Data transmissions are encrypted using the WPA2 standard Wireless Access Point Sa sasic Settings O Vitrual APs Basic Settings radius VAP Name VAP Name 1 access Control SSID Wirele
51. he bottom of the device Figure 4 Wall Mount Chapter 2 Installation This Chapter covers the physical installation of the Wireless Access Point Requirements Requirements e TCP IP network Ethernet cable with RJ 45 connectors e Installed Wireless network adapter for each PC that will be wirelessly connected to the network Procedure 1 Select a suitable location for the installation of your Wireless Access Point To maximize reliability and performance follow these guidelines e Use an elevated location such as wall mounted or on the top of a cubicle e Place the Wireless Access Point near the center of your wireless coverage area e If possible ensure there are no thick walls or metal shielding between the Wireless Access Point and Wireless stations Under ideal conditions the Wireless Access Point has a range of around 150 meters 450 feet The range is reduced and transmission speed is lower if there are any obstructions between Wireless devices Figure 5 Installation Diagram VX AP320NA Wireless Access Point User Guide Use a standard LAN cable to connect the LAN port on the Wireless Access Point to a 10 100 1000BaseT hub switch on your LAN Connect the supplied power adapter to the Wireless Access Point and a convenient power outlet and power up Check the LEDs e The Status LED should flash and then turn OFF The Power and Ethernet LEDs should be ON For more information refe
52. is selected e This Access Point must have a client login on the Radius Server e Each user must have a user login on the Radius Server e Each user s wireless client must support 802 1x and provide the login data when required e All data transmission is encrypted using the WPA standard Keys are automatically generated so no key input is required WPA2 with Radius This version of WPA2 requires a Radius Server on your LAN to provide the client authentication according to the 802 1x standard Data transmissions are encrypted using the WPA2 standard If this option is selected e This Access Point must have a client login on the Radius Server e Each user must authenticate on the Radius Server This is usually done using digital certificates 25 VX AP320NA Wireless Access Point User Guide Each user s wireless client must support 802 1x and provide the Radius authentication data when required All data transmission is encrypted using the WPA2 standard Keys are automatically generated so no key input is required e WPA and WPA2 with Radius EITHER WPA or WPA2 require a Radius Server on your LAN to provide the client authentication according to the 802 1x standard Data transmissions are encrypted using EITHER WPA or WPA2 standard If this option is selected This Access Point must have a client login on the Radius Server Each user must authenticate on the Radius Server This is usually done using digita
53. ist All Wireless Stations connecting to the device are listed here You can choose some stations from the list and click Add button to add them into Local Database 40 Access Point Setup Wireless Advanced Settings Parameters Screen Clicking the Parameters link on the Wireless menu will result in a screen like the following Wireless Access Point ass tons g Basic Settings e vitruai aps Wireless Radio Radio 1 2 4G Radius Fragmentation Length 2346 256 2346 access Control Beacon Interval 100 ms 40 1000 Advanced Settings DTIM interval 1 1 255 User Control RTS CTS Threshold 2347 1 2347 Auto Frequency Guard Interval Short 400ns Load Balance Preamble Type Short WMM Band Select 802 11B Protection Mode Disable v Rate Limitation Station Idle Time 300 s 30 3600 TX RX Chainmask 2 2 S EJneip Enable A MPDU Enable Worldwide Mode Oo Enable WMM Wi Fi Multimedia Support Enable WMM Power Save M Enable Link Integrity o Figure 31 Parameters Screen Data Parameters Screen Parameters Wireless Radio Select the either Radio 1 or Radio 2 for the wireless feature Fragmentation Length Enter the preferred setting between 256 and 2346 Normally this can be left at the default value Beacon Interval Enter the preferred setting between 20 and 1000 Normally this can be left
54. juelp Save Cancel Figure 35 WMM Screen Data WMM Screen WMM Wireless Radio Select the desired radio option from the list WMM Support Check this to enable WMM Wi Fi Multimedia support This feature is also supported by your wireless clients whose voice and multimedia traffic will be given a higher priority than other traffic WMM Power Save Enable or disable WMM Power Save feature Support WMM EDCA Parameters ACM ACM Admission Control Mandatory is used to restrict stations from using a specific AC No Ack When the No ACK policy is used the recipient does not acknowledge received packets during wireless packet exchange This policy is suitable in the envi ronment where communication quality is fine and interference is weak Also the No ACK policy helps improve transmission efficiency it can cause increased packet loss when communica tion quality deteriorates This is because when this policy is used a sender does not retransmit packets that have not been received by the recipient When the Normal ACK policy is used the recipient acknowl edges each received unicast packet 46 Access Point Setup AIFSN Specify the AIFSN Arbitration Interframe Space of the AC here The idle duration increases as the AIFSN value increases CWmin CWmax CWmin Minimum Contention Windows and CWmax Maxi mum Contention Windows determine the average backoff slots which increases as the two values in creas
55. k rate is lower than the specified lowest rate in a specified duration Lowest Rate Select the lowest rate from the list Rate Duration Choose the desired duration from the drop down list 48 Access Point Setup Network IP Settings Screen Wireless Access Point a e ae vuan settings este D icmr settings o Bridge Parameters IP Settings DHCP Client AC IP Address EE AC DNS Name 1 AC DNS Name 2 EJHeip Save Cancel Figure 38 IP Settings Screen Data IP Settings Screen IP Settings IP Settings Select the desired option from the drop down list e Static Select it if you want to configure one static IP Address for the Access Point You need input following settings IP Address The IP Address of this device e Subnet Mask The Network Mask associated with the IP Address above e Default Gateway The IP Address of your Gateway or Router e Primary DNS Specify a primary DNS here It s necessary for functions like NTP Client E Mail alert and so on e Secondary DNS Specify a secondary DNS here It s optional e DHCP Client Select it if you want the device to obtain an IP address automatically e PPPoE Client This is the most common login method widely used with DSL modems e Username The user name or account name provided by your ISP e Password Enter the password for the login name above Timeout Enter the desi
56. l certificates Each user s wireless client must support 802 1x and provide the Radius authentication data when required All data transmission is encrypted using EITHER WPA or WPA2 standard Keys are automatically generated so no key input is required e 802 1x This uses the 802 1x standard for client authentication and WEP for data encryption If this option is selected This Access Point must have a client login on the Radius Server Each user must have a user login on the Radius Server Each user s wireless client must support 802 1x and provide the login data when re quired All data transmission is encrypted using the WEP standard You only have to select the WEP key size the WEP key is automatically generated 26 Access Point Setup Security Settings None Wireless Access Point aes ton ESS o Basic Settings Basic settings maies VAP Name VAP Name 1 a SSID Wireless 1 L advanced Settings 7 i Broadcast SSID Enable O Disable Enep Isolation within VAP Disable E Max Station Number 0 64 VAP Rate Limit Max Downstream Rate fo Kbps 0 200000 Max Upstream Rate fo Kbps 0 200000 Station Rate Limit Max Downstream Rate jo Kbps 0 200000 Max Upstream Rate jo Kbps 0 200000 Security Security System None y BE a Figure 19 Wireless Security None No security is used Anyone using the correct SSID can connect to your network 2
57. less Stations normally scan all Channels looking for an Access Point If more than one Access Point can be used the one with the strongest signal is used This can only happen within an ESS e Ifusing Ad hoc mode no Access Point all Wireless stations should be set to use the same Channel However most Wireless stations will still scan all Channels to see if there is an existing Ad hoc group they can join WEP WEP Wired Equivalent Privacy is a standard for encrypting data before it is transmitted This is desirable because it is impossible to prevent snoopers from receiving any data which is transmitted by your Wireless Stations But if the data is encrypted then it is meaningless unless the receiver can decrypt it If WEP is used the Wireless Stations and the Wireless Access Point must have the same settings WPA PSK Like WEP data is encrypted before transmission WPA is more secure than WEP and should be used if possible The PSK Pre shared Key must be entered on each Wireless station The 256Bit encryption key is derived from the PSK and changes frequently WPA2 PSK This is a further development of WPA PSK and offers even greater security using the AES Advanced Encryption Standard method of encryption WPA Enterprise This version of WPA requires a Radius Server on your LAN to provide the client authentica tion according to the 802 1x standard Data transmissions are encrypted using the WPA standard If
58. lorer 7 or later Setup Procedure Before commencing install the Wireless Access Point in your LAN as described previously 1 Check the Wireless Access Point to determine its Host Name This is shown on a label on the base or rear and is in the following format APXxxxxx Where xxxxxx is the last 6 Hex characters 0 9 and A F of the MAC address 2 Use aPC which is already connected to your LAN either by a wired connection or another Access Point e Until the Wireless Access Point is configured establishing a Wireless connection to it may be not possible e Ifyour LAN contains a Router or Routers ensure the PC used for configuration is on the same LAN segment as the Wireless Access Point w Start your Web browser In the Address box enter HTTP and the IP Address of the 11N Wireless Access Point as in this example which uses the Wireless Access Point s default IP Address HTTP 192 168 0 228 5 You should then see a login prompt which will ask for a User Name and Password Enter admin for the User Name and password for the Password These are the default values The password can and should be changed Always enter the gt VX AP320NA Wireless Access Point User Guide current user name and password as set on the Administration Management Account screen Wireless Access Point Please log in to continue gt p x Username jadmin Password jeccececee Login Figure 7 Pas
59. n Name System DNS maps and translates domain names used by clients on your network You can specify the parent domain you want the client computers on your network to use for DNS name resolution Parent domain Wireless yourdomain tld To configure scope clients to use DNS servers on your network enter the IP addresses for those servers Server name IP address Add Resolve 192 168 0 250 nee lt Back Cancel Figure 48 DNS Screen 11 If you don t want a WINS server just click Next 12 Select Yes I want to activate this scope now Click Next then Finish 13 Right click on the server and select Authorize It may take a few minutes to complete 61 VX AP320NA Wireless Access Point User Guide Certificate Authority Setup 1 Select Start Programs Administrative Tools Certification Authority 2 Right click Policy Settings and select New Certificate to Issue amp Certification Authority A _ B x action view e gt m 2 e Tree Certification Authority Local GEFs Recovery Agent File Recovery E 9 WirelessC amp Gelpasic EFS Encrypting File System C Revoked Certificates EA Domain Controller Client Authentication Server Authentic E Issued Certificates GAweb Server Server Authentication C Pending Requests EA computer Client Authentication Server Authentic J Failed Requests GAuser Encrypting File System Secure Email Ea sm S g ii Ce
60. n amp Wireless network key WEP This network requires 4 key for the following Data encryption WEP enabled C Network Authentication Shared mode _ The key is provided for me automatically This is a computer to computer ad hoc network wireless access points are not used OK Cancel Figure 59 Properties Screen Note On some systems the 64 bit WEP key is shown as 40 bit and the 128 bit WEP key is shown as 104 bit This difference arises because the key input by the user is 24 bits less than the key size used for encryption 68 Chapter 5 Operation and Status This Chapter details the operation of the Wireless Access Point and the status screens Use the Status link on the main menu to view this screen o System Status Network Status Wireless Status Buo Statistics Buelp Wireless Access Point i cs pameran SEE Service Provider Sercomm E Hardware Version V1 0 00S Firmware Version V1 0 05 Bootloader Version 1 01 Serial Number 1234567890123 AP Type FIT AP Running Firmware Backup Firmware Figure 60 Device Info Screen Data Device Info Screen Access Point Service Provider The name of the service provider will be displayed Hardware Version The version of the hardware currently used Firmware Version The version of the firmware currently installed Bootloader Version The version of the b
61. n like the following Wireless Access Point Pe Bar type E management Firmware File Browse _ o Auto Config o Config File rina Test E auto Reboot 2 Help Figure 78 Firmware Upgrade Screen To perform the Firmware Upgrade 1 Click the Browse button and navigate to the location of the upgrade file 2 Select the upgrade file Its name will appear in the Firmware File field 3 Click the Upgrade button to commence the firmware upgrade ES The Wireless Access Point is unavailable during the upgrade process and must restart when the upgrade Note is completed Any connections to or through the Wireless Access Point will be lost Chapter 7 Access Point Mode This Chapter explains configuration and operation when in Access Point Overview There are two modes available on the Device Mode screen Router In this mode this device can provide shared Internet Access to all your LAN users Also by default it acts a DHCP Server providing an IP address and related infor mation to all Wireless and LAN users Bridge The device links your Wireless Stations to your wired LAN The Wireless sta tions and devices on the wired LAN are then on the same network and can communicate with each other without regard for whether they are connected to the network via a Wire less or wired connection This Chapter describes operation while in Access Point Mode Management Connections You nee
62. nect using the IP address in stead of the name To Find the Access Point s IP Address l 2 Open a MS DOS Prompt or Command Prompt Window Use the Ping command to ping the Wireless Access Point Enter ping followed by the Default Name of the Wireless Access Point e g ping SC003318 Check the output of the ping command to determine the IP address of the Wireless Access Point as shown below 3 PDdosnt Microsoft Windows 2000 Version 5 00 2195 lt C gt Copyright 1985 2000 Microsoft Corp C gt ping sc003318 Pinging sc 3318 192 168 80 51 with 32 bytes of data Reply from 192 168 6 51 bytes 32 time lt i ms TTL 64 Reply from 192 168 6 51 bytes 32 time lt i ms TTL 64 Reply from 192 168 08 51 bytes 32 time lt i ms TTL 64 Reply from 192 168 6 51 bytes 32 time lt i ms TTL 64 Figure 83 Ping If your PC uses a Fixed Static IP address ensure that it is using an IP Address which is compatible with the Wireless Access Point If no DHCP Server is found the Wireless Access Point will default to an IP Address and Mask of 192 168 0 228 and 255 255 255 0 On Windows PCs you can use Control Panel Network to check the Properties for the TCP IP protocol 97 VX AP320NA Wireless Access Point User Guide Problem 2 Solution 2 My PC can t connect to the LAN via the Wireless Access Point Check the following The SSID and WEP settings on the PC match the settings on the Wire less Access Point On the
63. nicast Cancel C aa SES Figure 17 Virtual APs Settings Data Virtual APs Settings Screen VAPs Wireless Radio Select the either Radio 1 or Radio 2 for the wireless feature 22 Access Point Setup VAP List Enable Button Configure Button Disable Button Isolation Isolation among VAPs All available VAPs are listed Up to 16 VAPs Radios can be supported For each VAP the following data is displayed e x If displayed before the name of the VAP this indicates the VAP is currently enabled If not displayed the VAP is currently disabled e VAP Name The current VAP name is displayed e SSID The current SSID associated with this VAP e Security System The current security system e g WPA PSK is dis played Enable the selected VAP Change the settings for the selected VAP Disable the selected VAP Select the desired option from the list If this option is enabled wireless clients using different VAPs different SSIDs are isolated from each other so they will NOT be able to communi cate with each other They will still be able to communicate with other clients using the same profile unless the Wireless Separation setting on the Advanced screen has been enabled 23 VX AP320NA Wireless Access Point User Guide Virtual AP Screen This screen is displayed when you select a VAP on the Virtual AP Settings screen and click the Configure button Wireless Access Point
64. nradioband set 802 11d set acctserver set acctport set acctsecret set acl set active set aging set authentication set beaconinterval set channel set country set defaultkey set description set dhcp set dhcpserverendip set dhcpserverstartip Appendix D Command Line Interface 105 VX AP320NA Wireless Access Point User Guide set groupkeyupdatein Set Group Key Update Interval in Minutes terval 106 set roguesnmp set roguetype set rtsthreshold set security set shortpreamble set sampreadcommu nity set snmpwritecommu nity set snmpmode set snmpmanagemode set snmptrapmode set snmptrapversion set snmpv3username set snmpv3authproto set snmpv3authkey set snmpv3privproto set snmpv3privkey set ssid set ssidsuppress set stp set strictgtkupdate set syslog set syslogport set syslogserver set syslogseverity set systemname set telnet set timezone set username set vlan set vlanid set wirelessmode set wirelessseparate set wmm set wmmnoack Appendix D Command Line Interface Set SNMP Read Community Set SNMP Write Community 107 VX AP320NA Wireless Access Point User Guide factoryrestore Restore to Default Factory Settings apply To make the changes take effect exit Quit the telnet 108
65. omatic Certificate Request 5 Enterprise Trust E 3 IP Security Policies on Active Directory E A Administrative Templates 5 M User Configuration Software Settings E Windows Settings E Administrative Templates gt Create anew Automatic Certificate Request object and add it to the Security Configuration Editor Astart A SG Aecipboardaa rr active directory EPGroup Policy an Policy S4 PAA seem Figure 53 Group Policy Screen 8 When the Certificate Request Wizard appears click Next 9 Select Computer then click Next Automatic Certificate Request Setup Wizard E x Certificate Template Se The next time a computer logs on a certificate based on the template you select is SY provided 4 certificate template is a set of predefined properties for certificates issued to computers Select a template from the following list Certificate templates Name Intended Purposes Client Authentication Server Authenticatior Domain Controller Client Authentication Server Authenticatior Enrollment Agent Computer Certificate Request Agent IPSEC 1 3 6 1 5 5 8 2 2 gt l lt Back Cancel Figure 54 Certificate Template Screen 10 Ensure that your certificate authority is checked then click Next 11 Review the policy change information and click Finish 12 Click Start Run type cmd and press enter Enter secedit refreshpolicy machine policy This command may take a few minutes
66. on Enter information to identify this CA CA name WitelessCA Organization Organization Organizational unit js ystems City Dakland State or province ca Country region jus E mail Jed yourdomain tld CA description Wireless cal Valid for 2 Years x Expires ja 7 2005 6 39 PM am Figure 45 CA Screen 7 Click Next if you don t want to change the CA s configuration data 8 Installation will warn you that Internet Information Services are running and must be stopped before continuing Click Ok then Finish DHCP server configuration 1 Click on the Start Programs Administrative Tools DHCP 2 Right click on the server entry as shown and select New Scope _ D x Action view I e lm X BIEX i l Tree rowan 192 168 0 21 play Statistics Configure the DHCP Server New Scope New Multicast Scope fore a DHCP server can issue IP dresses you must create a scope and thorize the DHCP server Reconcile All Scopes Authorize cope is a range of IP addresses that is Define User Classes signed to computers requesting a Define Vendor Classes namic IP address Authorization is a Set Predefined Options curity precaution that ensures that only thorized DHCP servers run on your All Tasks b Ko view o add a new scope on the Action menu Delete k New Scope Refresh 7 o authorize this DHCP server on the
67. ootloader currently used Serial Number The serial number of the device AP Type The current AP type is displayed Running Firmware The currently running firmware is displayed 69 VX AP320NA Wireless Access Point User Guide System Status This screen is displayed when the System Status button is clicked Wireless Access Point wy e vevice Info Access Point Name AP4F2B34 Network Status MAC Address 00 C0 02 4F 2B 34 E wireless Status Country Domain United States Eos System Up Time 0 Hours 05 Minutes 43 Seconds statistics EJneip A Figure 61 System Status Screen Data System Status Screen Access Point Name The current name will be displayed MAC Address The MAC physical address of the Wireless Access Point Country Domain The region or domain as selected on the System screen System Up Time This indicates how long the system has been running since the last restart or reboot 70 Operation and Status Network Status This screen is displayed when the Network Status button is clicked Wireless Access Point aaa ee o Device Info System status IP Type DHCP Client IP Address 192 168 0 228 as Subnet Mask 255 255 255 0 wireless Status Gateway 192 168 0 1 Ofer Primary DNS 0 0 0 0 statistics Secondary DNS 0 0 0 0 2 Help Figure 62 IP Settings
68. ountry Domain United States v Buelp Cancel Figure 8 Basic Settings Screen Data Basic Settings Screen Basic Settings Access Point It displays the default host name of the device Enter a suitable name Name for this Access Point if required Description If desired you can enter a description for the Access Point Country Domain The country or domain which is matching your current location 11 VX AP320NA Wireless Access Point User Guide System Time Settings Screen Wireless Access Point os oee famea E E o Basic Settings O Time Settings Manually snm settings Daa Etos Settings Time bp bp 7 bp Automatically Current Time 1970 01 01 00 02 24 Enep Time Zone GMT 08 00 Taipei v Automatically adjust clock for daylight saving changes Use Defined NTP Server Yes No NTP Server Name IP Address NTP Server Port 1 65534 Save Cancel Figure 9 Time Settings Screen Data Time Settings Screen TimeZone Time Settings Select either Manually or Automatically e Manually e Date Select the date to match your location e Time Enter the correct time e Automatically e Current Time It displays the current date and time e Time Zone Choose the Time Zone for your location from the drop down list If your location is currently using Day light Saving enable the Automatically adjust for daylight saving changes checkbox You must UNCHEC
69. r changing the mode this device will restart which will take a few seconds The menu will also change depending on the mode you are in Access Point Mode Status Screen In Access Point mode the Status screen looks like the example below Wireless Access Point BESS O Device Info o System Status Hardware Version V1 0 00S Network Status Firmware Version V1 0 05 Wireless Status Bootloader Version 1 01 fore Serial Number 1234567890123 Statistics AP Type FAT AP Device Mode Bridge 2 Help Running Firmware Backup Firmware Figure 81 Device Info Screen Access Point Mode Data Device Info Screen Access Point Mode Device Info Hardware Version The version of the hardware currently used Firmware Version The version of the firmware currently installed Bootloader Version The version of the bootloader currently used Serial Number The serial number of the device AP Type The current AP type is displayed Device Mode The current device mode is displayed Running Firmware The currently running firmware is displayed VX AP320NA Wireless Access Point User Guide VLAN Screen In Access Point mode the VLAN screen looks like the example below Wireless Access Point E o Device Info E System status Network Status IP Settings VLAN 802 1Q Disabled Management VLAN ID VLAN Disabled Ethernet Wireless St
70. r to Front Panel LEDs in Chapter 1 Using PoE Power over Ethernet The Wireless Access Point supports PoE Power over Ethernet To use PoE 1 2 Do not connect the supplied power adapter to the Wireless Access Point Connect one end of a standard category 5 LAN cable to the Ethernet port on the Wireless Access Point Connect the other end of the LAN cable to the powered Ethernet port on a suitable PoE Adapter Connect the unpowered Ethernet port on the PoE adapter to your Hub or switch Connect the power supply to the PoE adapter and power up Check the LEDs on the Wireless Access Point to see it is drawing power via the Ethernet connection PoE Adapter Ethernet To Hub Powered Unpowered Access Point p Figure 6 Using PoE Power over Ethernet Chapter 3 Access Point Setup This Chapter provides details of the Setup process for Basic Operation of your Wireless Access Point Overview This chapter describes the setup procedure to make the Wireless Access Point a valid device on your LAN and to function as an Access Point for your Wireless Stations Wireless Stations may also require configuration For details see Chapter 4 PC and Server Configuration The Wireless Access Point can be configured using your Web Browser Setup using a Web Browser Your Browser must support JavaScript The configuration program has been tested on the following browsers e Chrome e Firefox e Internet Exp
71. red value in seconds for the timeout period Retry Enter the retry times for the PPPoE connection e Auth Type Choose the desired option from the list e MTU Enter the number between 128 and 1492 for MTU AC IP Address Enter the IP address for the AC It s necessary when the IP Settings is Static 49 VX AP320NA Wireless Access Point User Guide AC DNS Name 1 Enter the primary DNS name for the AC AC DNS Name 2 Enter the secondary DNS name for the AC It is optional 50 Access Point Setup Network VLAN Settings Screen Wireless Access Point E IP Settings O VLAN Setttings Enable 802 1Q VLAN o Astr Management VLAN 1 4094 e 1cmp settings o Bridge Parameters Figure 39 VLAN Settings Screen Data VLAN Settings Screen VLAN Settings Enable 802 1Q This option is only useful if the hubs switches on your LAN support VLAN the VLAN standard Management Define the VLAN ID used for management VLAN 51 VX AP320NA Wireless Access Point User Guide Network STP Screen Wireless Access Point ee E ir settings vuan setttings e icmP settings o Bridge Parameters Enable Spanning Tree Protocol C Ei Help Figure 40 STP Screen Data STP Screen STP Enable Spanning Enable this if you want to use this feature Tree Protocol sre O IGMP Settings o Bridge Parameters EJHeip
72. reen Data Load Balance Screen Load Balance Load Balance Mode Enable or disable this function Load Balance Group Specify the group name The feature will only work with the Access Points that are in same group User Number Interval Specify the User Number Interval When user number difference of Access Points reaches the interval the new client will connect to the Access Point with fewer users Data Flux Interval Specify the Data Flux Interval here When data flux difference of Access Points reach the interval the new client will connect to the Access Point with fewer data flow CPU Usage Interval Specify the CPU Usage Interval When CPU usage difference of Access Points reaches the interval the new client will connect to the Access Point with fewer users 45 VX AP320NA Wireless Access Point User Guide WMM Screen Wireless Access Point PR see Tsien Drawn vices hanna e SSS g Basic Settings fe vitruat APs Wireless Radio Radio 1 2 4G Radius WMM Support access Control WMM Power Save Support Advanced Settings WMM EDCA Parameters Parameters User Control Parameters AC VO AC BE AC BK om e oO 5 o Auto Frequency No ACK o o o g Load Balance ae m 5 Ez Bia Band Select CWmin 2 B 4 4 0 15 Rate Limitation CWmax 3 4 10 10 0 15 TXOP Limit 47 94 0 fo 0 255 B
73. rtificate to Issue Authority Code Signing Microsoft Trust List Signi Export List Help Creates a new object in this container Figure 49 Certificate Authority Screen 3 Select Authenticated Session and Smartcard Logon select more than one by holding down the Ctrl key Click OK Select Certificate Template 2 x Select a certificate template to issue certificates User Signature Only Secure Email Clier Smartcard User Secure Email Clier Client Authenticatic Smartcard Logon Client Authenticatic Code Signing Code Signing Trust List Signing Microsoft Trust List Friinllment Anent Cettifinate Popua Bal Cancel Figure 50 Template Screen Authenticated Session 4 Select Start Programs Administrative Tools Active Directory Users and Computers 5 Right click on your active directory domain and select Properties 62 PC and Server Configuration LZ active Directory Users and computers ET EA Console Window Help ale x action vew e gt Om X HE 2 R aY ae Tree Domain Controllers 1 objects Active Directory Users Name Type Description m woane ov Delegate Control Find Connect to Domain Connect to Domain Controller Operations Masters New All Tasks gt Computer New Window From Here Refresh Properties Opens property sheet for the current selection
74. rver access Control Secondary 1P Address fo lo Aa P Advanced Settings Port Number 1813 ux elp Shared Secret Save Cancel Figure 29 Accounting Server Screen Data Accounting Server Screen Accounting Server Primary IP Address Enter the IP address in the following fields if you want this Access Point to send accounting data to the Radius Server Port Number The port used by your Radius Server must be entered in the field Shared Secret Enter the key value to match the Radius Server Secondary IP Address The Secondary Accounting Server will be used when the Prima ry Accounting Server is not available 38 Access Point Setup Wireless Access Control This feature can be used to block access to your LAN by unknown or untrusted wireless stations Click Access Control on the Wireless menu to view a screen like the following Wireless Access Point Eee o Basic Settings B vitruai APs Wireless Radio Radio 1 2 4G Radius Enable Access Control O Access Control Control Method Local Database J Advanced Settings VAP VAP Name 1 Wireless 1 v Control Type Baten Open Allow Following Mac Addresses to Connect to Wireless network Deny Following Mac Addresses to Connect to Wireless network Wireless Stations MAC Address BandWidth List MAC Address Available Wireless Station
75. s Station ID MAC Address Add New Station MAC Address Figure 30 Access Control Screen Data Access Control Screen Wireless Radio Select the either Radio 1 or Radio 2 for the wireless feature Enable Access Enable or Disable the Access Control feature as required Control Control Method Select the desired option as required Local Database The device will use the local MAC address table for Access Control RADIUS Server The Access Point will use the MAC address table located on the external Radius server on the LAN for Access Control Warning Ensure your own PC is in the Trusted Wireless Stations list before enabling this feature 39 VX AP320NA Wireless Access Point User Guide Control Type Wireless Stations MAC Address List Available Wireless Stations There are three options e Open e Allow Following MAC Addresses to Connect to Wireless network It s only used for Access Control with Local Database If selected then clients with MAC Addresses in Local Database can connect to the wireless network e Deny Following MAC Addresses to Connect to Wireless network It s only used for Access Control with Local Data base If selected then clients with MAC Addresses in Local Database cannot connect to the wireless network All Wireless Stations defined in Local Database are listed here Use the Delete button to delete the items from the l
76. s option may provide a per formance improvement over using the default setting e 802 11n only 2 4G only 802 1 1n connections are allowed If you only have 802 1 1n selecting this option may provide a per formance improvement over using the default setting e 802 11b and 802 11g 2 4G this will allow connections by both 802 11b and 802 11g wireless stations e 02 11n and 802 11g 2 4G this will allow connections by both 802 11n and 802 11g wireless stations e Mixed 802 11n 802 11b 802 11g 2 4G this is the default and will allow connections by 802 11n 802 11b and 802 11g wireless stations Auto Channel Scan If Enable is selected the Access Point will select the best available Channel Channel Frequency If you experience interference shown by lost connections and or slow data transfers you may need to experiment with manually setting different channels to see which one is better Transmit Data Rate Select the desired rate from the drop down list as required 11N Transmit Select the desired rate for 802 11N from the list Data Rate Basic Rate It is the rate that the WAP device will advertise to the network for setting up communication with other access points and client stations on the network Support Rate This indicates the rates that the WAP device supports Multiple rates can be selected The WAP device will automatically choose the most efficient rate based on error ra
77. scsscsscssssscssssssssssessesssessessessesesesssseseesssesesessssseeses 89 CHAPTER 7 ACCESS POINT MODE sssessesessssesseeceseeoeseseoreesoroesoeeerseeorsereesereoreesorsesoreeeseeeee 90 OVECLVIEW cssscssessscsecssscsscnsscssssssessessesssessecsssnsesssssssessssssscesessssesessnssecssessscesensssesessssesseeses 90 Management Connections csscsscsscssssssssssssscsssssscssssessssssessessessesesessssnsesssscsesssesseeees 90 Home Screen Ee A AA E T EEE 91 Device Mode Screen s ssccsssssssssssscssscssscsssscsssscsssssssssssessesssessessessecesessssnseesssnseessessenees 92 Status Screen cccccsccsscssscsscssscsssescssesecsssssssscsssssssssssesessssssesssesssssssssceseesssseessesseeees 93 APPENDIX A SPECIFICATIONS cccsssesssssccssssssessesssessecssscsesesssssessessssssessscesesssessesenes 95 Wireless Access POint ccscccscsscsssssscssssssssssssscsssssssssssessssssessessessecesessssnssssssssssssesseses 95 APPENDIX B TROUBLESHOOTING o G APPENDIX C ABOUT WIRELESS LANS Wireless LAN Terminology APPENDIX D COMMAND LINE INTERFACE P N VX AP320NA Copyright 2013 All Rights Reserved Document Version 1 0 All trademarks and trade names are the properties of their respective owners VOEVICW E EAE A A EE A EEE AE eneral Proble So vsccescccsccssaeesedccceccciccasesesacicessceeccccace Ea Ea E Rinas iao deea OALA A AEAEE E A E E E S AE EE OV OL VIEW EA A AA AEAEE E EE COMMAN Reference js isicsssisescece
78. ss 1 D Advanced Settings Broadcast SSID Enable Disable Elueip Isolation within VAP Disable v Max Station Number o 0 64 VAP Rate Limit Max Downstream Rate fo Kbps 0 200000 Max Upstream Rate fo Kbps 0 200000 Station Rate Limit Max Downstream Rate fo Kbps 0 200000 Max Upstream Rate p Kbps 0 200000 Security Security System WPA2 RADIUS WPA Encryption AES v O O O OoOo Figure 25 WPA2 with Radius Screen Data WPA2 with Radius Screen WPA2 with Radius WPA Encryption The encryption method is AES Wireless Stations must also use AES 34 Access Point Setup Security Settings WPA and WPA2 with Radius EITHER WPA or WPA2 require a Radius Server on your LAN to provide the client authenti cation according to the 802 1x standard Data transmissions are encrypted using EITHER WPA or WPA2 standard Wireless Access Point Sa sasic Settings Basic settings radius VAP Name VAP Name 1 access Control SSID Wireless 1 D Advanced Settings Broadcast SSID Enable Disable Elueip Isolation within VAP Disable v Max Station Number o 0 64 VAP Rate Limit Max Downstream Rate fo Kbps 0 200000 Max Upstream Rate fo Kbps 0 200000 Station Rate Limit Max Downstream Rate fo Kbps 0 200000 Max Upstream Rate jo Kbps 0 200000 Security Security System WPA RADIUS
79. sssevesececsesvescissasevesesead sees sedeasavecavacecsesseressissaaesSeees ii Chapter 1 Introduction This Chapter provides an overview of the Wireless Access Point s features and capabilities Congratulations on the purchase of your new VX AP320NA Wireless Access Point The Wireless Access Point links your Wireless Stations to your wired LAN With the Wireless Access Point you can select either 2 4 GHz or 5 GHz radio bands which provides the flexibil ity to manage a graceful transition from networks The Wireless stations and devices on the wired LAN are then on the same network and can communicate with each other without regard for whether they are connected to the network via a Wireless or wired connection a B hS Wireless Stations Wireless 1 as g Wired Lan fa hS Figure 1 Wireless Access Point Features of your Wireless Access Point The Wireless Access Point incorporates many advanced features carefully designed to provide sophisticated functions while being easy to use e Standards Compliant The Wireless Access Point complies with the IEEE802 11g and IEEE802 11n draft 2 0 specifications for Wireless LANs e Supports 11n Wireless Stations The 802 11n Draft standard provides for backward compatibility with the 802 11b standard so 802 11n 802 11a 802 11b and 802 11g Wireless stations can be used simultaneously The Wireless Access Point supports both the 2 4GHz and 5 0GHz 802 11a bands DHCP Clien
80. ssssessssssessscssseseessseseesseeseeses 16 Wireless Basic Settings Screen cscscsscscsssssscssssesssssssssesssssesssesssssessssssesseeseeees 19 Wireless Virtual APs Screeni csscsscssscssscsscsssssscssssessssssesssssscsesesessssssessssssesesseeseeees 22 Wireless Radius Settings csscsssssssssscsscsssssssssssessssssessessecsesesessssnseessssseessesseeees 37 Wireless Access Control cccsscsscssssssssscsssssscssessscssssessesssessessessesesessssesesssssseesseeseeees 39 Wireless Advanced Settings csscsscssssscsscsssssscssssessessseseessessesssesssssseesssssesessssseeees 41 Network IP Settings Screen csscsscscssscsscssessscssssessesssessessessesesesssseseessssesessesseeees 49 Network VLAN Settings Screen cscscsscscsssssscssssessesssessessessesesesssseseesssssesessesseeees 51 Network STP Screeni ccccscscssssssssscsssssssssscsecssssssssssssssssssessessessecesessssesessssesesessesseeees 52 Network IGMP Settings Screenn sccscsscscsssssssssssssssssssssessessecesessssssesssesessssssseees 53 Network Bridge Parameters Screen sscsscssssscsssssscsesssssssessecesessscsesssssesesssseeees 54 CHAPTER 4 PC AND SERVER CONFIGURATION sesssesessesessesceseroesereesereoreesoesesoreoeseeeee 55 OVET VIEW ssccsscssscsscesscsecessssscesssessessesssensessssnsssesesssesscsssssesessssssessncsecssecsecesessssesesesscsseeses 55 Using WEDP csccscssssssssssessecss
81. sword Dialog 6 You will then see the Status screen which displays the current settings and status No data input is possible on this screen See Chapter 5 for details of the Status screen 7 From the menu check the following screens and configure as necessary for your environment Details of these screens and settings are described in the following sections of this chapter 8 Use the Apply and Logout buttons on the menu to apply your changes and exit the Wireless Access Point Setup is now complete Wireless stations must now be set to match the Wireless Access Point See Chapter 4 for details If you can t connect It is likely that your PC s IP address is incompatible with the Wireless Access Point s IP address This can happen if your LAN does not have a DHCP Server The default IP address of the Wireless Access Point is 192 168 0 228 with a Network Mask of 255 255 255 0 If your PC s IP address is not compatible with this you must change your PC s IP address to an unused value in the range 192 168 0 1 192 168 0 254 with a Net work Mask of 255 255 255 0 See Appendix C Windows TCP IP for details for this procedure Access Point Setup System Basic Settings Screen Click Basic Settings on the System menu to view a screen like the following Wireless Access Point O Basic Settings time Settings Access Point Name JAP4F2B34 snm settings i Description Log Settings z C
82. t E auto Reboot o Firmware Upgrade uelp Figure 76 Ping Test Screen Data Ping Test Screen Ping Ping Test Mode Select the desired option from the drop down list Ping IP Address Enter the IP address you wish to ping The IP address can be on your LAN or on the Internet Note that if the address is on the Internet and no connection currently exists you could get a Timeout error In that case wait a few seconds and try again 87 VX AP320NA Wireless Access Point User Guide Auto Reboot If you have a Syslog Server on your LAN this screen allows you to configure the Access Point to send log data to your Syslog Server Wireless Access Point a Bar type Management g Auto Reboot Mode Disable o Auto Config Reboot Interval a I config File 1 1000 rina Test O Auto Reboot o Firmware Upgrade Buelp SSS Figure 77 Auto Reboot Screen Data Auto Reboot Screen Auto Reboot Mode Select the desired Option e Disable Auto Reboot feature is not used e Enable Auto Reboot feature is in use Reboot Interval Enter the desired time for reboot interval Access Point Management Firmware Upgrade The firmware software in the Wireless Access Point can be upgraded using your Web Brows er You must first download the upgrade file and then select Upgrade Firmware in the Management section of the menu You will see a scree
83. t Support Dynamic Host Configuration Protocol provides a dynamic IP address to PCs and other devices upon request The Wireless Access Point can act as a DHCP Client and obtain an IP address and related information from your existing DHPC Server VX AP320NA Wireless Access Point User Guide Upgradeable Firmware Firmware is stored in a flash memory and can be upgraded easily using only your Web Browser PoE Support You can use PoE Power over Ethernet to provide power to the Wireless Access Point so only a single cable connection is required Security Features Virtual APs For maximum flexibility wireless security settings are stored in Virtual AP Up to 16 Virtual APs can be defined and used as any time Multiple BSSIDs Because each Virtual AP has it own SSID and beacon and up to 16 Virtual APs can be active simultaneously multiple SSIDs are supported Different clients can connect to the Wireless Access Point using different SSIDs with different security set tings Virtual APs Isolation If desired PCs and devices connecting to different Virtual APs can be isolated from each other VLAN Support The 802 1Q VLAN standard is supported allowing traffic from differ ent sources to be segmented Combined with the multiple SSID feature this provides a powerful tool to control access to your LAN WEP support Support for WEP Wired Equivalent Privacy is included The 64 Bit 128 Bit and 152 Bit keys are supported WPA support
84. tes and distance of client stations 11N MCS Select the MCS index below The WAP device supports MCS indexes from 0 to 15 which allows a maximum transmission rate of 300 Mbps Auto Power Select the desired option The default is Disable Output Power Select the desired power output Higher levels will give a greater range but are also more likely to cause interference with other devices Can support 1dB 16dB step is 1dB 20 Access Point Setup Channel Select the desired bandwidth from the list Bandwidth Extension Select Above or Below Primary Channel from the list Sub Channel 21 VX AP320NA Wireless Access Point User Guide Wireless Virtual APs Screen Clicking the Virtual APs link on the Wireless menu will result in a screen like the following Wireless Access Point Esmee sem Traore wc nine SSE Basic Settings Radius Virtual AP Settings o Access Control VAP Name SSID Security VAP Name 1 Wireless 2 4G 1 None a D Advanced Settings VAP Name 2 Wireless 2 4G 2 None F VAP Name 3 Wireless 2 4G 3 None VAP Name 4 Wireless 2 4G 4 None VAP Name 5 Wireless 2 4G 5 None EJHeip VAP Name 6 Wireless 2 4G 6 None VAP Name 7 Wireless 2 4G 7 None VAP Name 8 Wireless 2 4G 8 None VAP Name 9 Wireless 2 4G 9 None Configure al Indicates the virtual AP is enabled N k Isolation Isolation among VAPs Isolate U
85. this option is used e The Access Point must have a client login on the Radius Server e Each user must have a user login on the Radius Server 100 Appendix C About Wireless LANs e Each user s wireless client must support 802 1x and provide the login data when required All data transmission is encrypted using the WPA standard Keys are automatically generated so no key input is required 802 1x This uses the 802 1x standard for client authentication and WEP for data encryption If possi ble you should use WPA Enterprise instead because WPA encryption is much stronger than WEP encryption If this option is used e The Access Point must have a client login on the Radius Server Each user must have a user login on the Radius Server Each user s wireless client must support 802 1x and provide the login data when required e All data transmission is encrypted using the WEP standard You only have to select the WEP key size the WEP key is automatically generated 101 Appendix D Command Line Inter face Overview If desired the Command Line Interface CLI can be used for configuration This creates the possibility of creating scripts to perform common configuration changes The CLI requires a Telnet connection to the Wireless Access Point Using the CLI Telnet 1 Start your Telnet client and establish a connection to the Access Point e g Telnet 192 168 0 228 2 You will be prompted for
86. tion method e g TKIP AES must be set to match the Access Point 56 PC and Server Configuration Using WPA Enterprise This is the most secure and most complex system WPA Enterprise mode provides greater security and centralized management but it is more complex to configure Wireless Station Configuration For each of the following items each Wireless Station must have the same settings as the Wireless Access Point Mode On each PC the mode must be set to Infrastructure SSID ESSID This must match the value used on the Wireless Access Point The default value is wireless Note The SSID is case sensitive 802 1x Each client must obtain a Certificate which is used for authentication for Authentication the Radius Server 802 1x Typically EAP TLS is used This is a dynamic key system so keys do Encryption NOT have to be entered on each Wireless station However you can also use a static WEP key EAP MDS the Wireless Access Point supports both methods simultaneously Radius Server Configuration If using WPA Enterprise mode the Radius Server on your network must be configured as follow e It must provide and accept Certificates for user authentication e There must be a Client Login for the Wireless Access Point itself e The Wireless Access Point will use its Default Name as its Client Login name How ever your Radius server may ignore this and use the IP address instead
87. to take effect PC and Server Configuration Internet Authentication Service Radius Setup 1 Select Start Programs Administrative Tools Internet Authentication Service 2 Right click on Clients and select New Client Internet Authentication Service Action View e Hlm 2 Tree Internet Authentication Service Local a C Remot Sf Remot BeTa New view Export List Help Friendly Name Figure 55 Service Screen 3 Enter a name for the access point click Next gt A entered on the Security Settings of the Wireless Access Point Click Finish Right click on Remote Access Policies select New Remote Access Policy Assuming you are using EAP TLS name the policy eap t1s and click Next Click Add CO SIN Enter the address or name of the Wireless Access Point and set the shared secret as If you don t want to set any restrictions and a condition is required select Day And Time Restrictions and click Add Select the type of attribute to add and then click the Add button Attribute types Description Called Station Id Phone number dialed by user Calling Station ld Phone number from which call originated Client Friendly Name Friendly name for the RADIUS client IAS Client IP Address IP address of RADIUS client IAS only Client Vendor Manufacturer of RADIUS proxy or NAS I Day And Time Restrictions Time periods and d
88. you have the Access Point working properly you should back up the settings to a file on your computer You can later restore the Access Point s settings from this file if necessary To create a backup file of the current settings e Click Back up e Ifyou don t have your browser set up to save downloaded files automatically locate where you want to save the file rename it if you like and click Save Restore To restore settings from a backup file 1 Click Browse 2 Locate and select the previously saved backup file 3 Click Restore Restore saved settings from a file 85 VX AP320NA Wireless Access Point User Guide Defaults Revert to factory default settings To erase the current settings and restore the original factory default settings click Restore to Defaults button Note e This will terminate the current connection The Access Point will be unavailable until it has restarted e By default the Access Point will act as a DHCP client and automatically obtain an IP address You will need to deter mine its new IP address in order to re connect 86 Access Point Management Ping Test This screen allows you to perform a Ping These activities can be useful in solving network problems Wireless Access Point Bar type M t a hate contig Ping Test Mode Disable v o Config I contio File Ping IP Address l J J J O Ping Tes
Download Pdf Manuals
Related Search