User Guide
Table Of Contents
- Cambium
- PMP 450 Planning Guide
- Accuracy
- Copyrights
- This document, Cambium products, and 3rd Party Software products described in this document may include or describe copyrighted Cambium and other 3rd Party supplied computer programs stored in semiconductor memories or other media. Laws in the United ...
- Restrictions
- License Agreements
- High Risk Materials
- Safety and regulatory information
- Contents
- List of Figures
- List of Tables
- About This Planning Guide
- PMP support website: http://www.cambiumnetworks.com/support
- Cambium main website: http://www.cambiumnetworks.com/
- Sales enquiries: solutions@cambiumnetworks.com
- Email support: support@cambiumnetworks.com
- Telephone numbers:
- For full list of Cambium support telephone numbers, see:
- http://www.cambiumnetworks.com/support/contact-support
- Address:
- Chapter 1: Planning considerations
- Regulatory planning
- Network migration planning
- Site planning
- Link planning
- Analyzing the RF Environment
- Selecting Sites for Network Elements
- Diagramming Network Layouts
- Grounding and lightning protection
- Configuration options for TDD synchronization
- Data network planning
- Security planning
- Isolating APs from the Internet
- Managing module access by passwords
- Filtering protocols and ports
- Port Lockdown
- Isolating SMs
- Filtering management through Ethernet
- Allowing management from only specified IP addresses
- Configuring management IP by DHCP
- Planning for airlink security
- Planning for RF Telnet Access Control
- Forwarding Downlink PPPoE PADI packets
- Planning for RADIUS integration
- Planning for SNMP security
- Ordering components
- Chapter 2: Legal information
- Cambium Networks end user license agreement
- Acceptance of this agreement
- Definitions
- Grant of license
- Conditions of use
- Title and restrictions
- Confidentiality
- Right to use Cambium’s name
- Transfer
- Updates
- Maintenance
- Disclaimer
- Limitation of liability
- U.S. government
- Term of license
- Governing law
- Assignment
- Survival of provisions
- Entire agreement
- Third party software
- Hardware warranty
- Limit of liability
- Cambium Networks end user license agreement
- Chapter 3: Reference information
PMP 450 Planning Guide
In the Cambium system, NAT supports many protocols, including HTTP, ICMP (Internet Control Message
Protocols), and FTP (File Transfer Protocol). For virtual private network (VPN) implementation, L2TP over
IPSec (Level 2 Tunneling Protocol over IP Security) and PPTP (Point to Point Tunneling Protocol) are
supported.
When NAT is enabled, a reduction in throughput is introduced at the SM (due to processing overhead).
DHCP
DHCP enables a device to be assigned a new IP address and TCP/IP parameters, including a default gateway,
whenever the device reboots. Thus DHCP reduces configuration time, conserves IP addresses, and allows
modules to be moved to a different network within the Cambium system.
In conjunction with the NAT features, each SM provides
• a DHCP server that assigns IP addresses to computers connected to the SM by Ethernet protocol.
• a DHCP client that receives an IP address for the SM from a network DHCP server.
DMZ
In conjunction with the NAT features, a DMZ (demilitarized zone) allows the assignment of one IP address
behind the SM for a device to logically exist outside the firewall and receive network traffic. The first three
octets of this IP address must be identical to the first three octets of the NAT private IP address.
Developing an IP addressing scheme
Network elements are accessed through IP Version 4 (IPv4) addressing.
A proper IP addressing method is critical to the operation and security of a network.
Each module requires an IP address on the network. This IP address is for only management purposes. For
security, you should either
• assign a non-routable IP address.
• assign a routable IP address only if a firewall is present to protect the module.
You will assign IP addresses to computers and network components by either static or dynamic IP addressing.
You will also assign the appropriate subnet mask and network gateway to each module.
Address Resolution Protocol
As previously stated, the MAC address identifies a module in
• communication between modules.
• the data that modules store about each other.
1-122
pmp-0047 (March 2014)