LoopStar™ LPS-20xR Span-Powered Access Point Technical Practice 12A-LPS20xR1 Model xDSL List CLEI Code LPS-200R G.SHDSL 1A(x) WDMFA00A~~ LPS-200R G.
December 20, 2004 SCP-LPS20x-011-012-01H REVISION HISTORY Revision 01 Release Date December 20, 2004 Revisions Made Initial Release. Copyright © 2004 ADC Telecommunications, Inc. All Rights Reserved. ADC is a registered trademark and LoopStar is a trademark of ADC Telecommunications, Inc. No right, license, or interest to such trademarks is granted hereunder, and you agree that you shall assert no such right, license, or interest with respect to such trademarks.
SCP-LPS20x-011-012-01H December 20, 2004 USING THIS TECHNICAL PRACTICE The following style conventions and terminology are used throughout this guide. Element Meaning Bold font Text that you must input exactly as shown (e.g., type 1 for card 1), menu buttons (e.g., ACCEPT SHELF OPTIONS) or menu screen options (e.g., ALARMS screen) that you must select Italic font Variables that you must determine before inputting the correct value (e.g., Password ) Monospace font References to screen prompts (e.g.
December 20, 2004 SCP-LPS20x-011-012-01H Table of Contents Revision History ...................................................................................................................... Using this Technical Practice .................................................................................................. EU Compliance ................................................................................................................. InspectingYour Shipment ..................................
SCP-LPS20x-011-012-01H December 20, 2004 Mounting the Unit .................................................................................................................... Open the Unit .......................................................................................................................... Reference Labels .................................................................................................................... Attach the Ground Wire ........................................
December 20, 2004 SCP-LPS20x-011-012-01H Management Tool .............................................................................................................. Connecting to the LPS-20x for the First Time ......................................................................... Assumptions ........................................................................................................................... Setup .................................................................................
SCP-LPS20x-011-012-01H December 20, 2004 Management ..................................................................................................................... Management Tool ........................................................................................................ SNMP ........................................................................................................................... System Time ..............................................................................
December 20, 2004 SCP-LPS20x-011-012-01H Allowed Addresses ...................................................................................................... Active Interfaces .......................................................................................................... Upstream/Downstream ................................................................................................ Wireless Port ............................................................................................
SCP-LPS20x-011-012-01H December 20, 2004 Set Date and Time (Time Server) ................................................................................ Wireless Overview .................................................................................................................. Wireless Network Parameters ........................................................................................... Network is up or down .................................................................................
December 20, 2004 SCP-LPS20x-011-012-01H WEP ............................................................................................................................. Key 1, 2, 3, 4 .......................................................................................................... Transmission key ................................................................................................... Key format .........................................................................................
SCP-LPS20x-011-012-01H December 20, 2004 Configuring Overlapping Wireless Cells ................................................................................. Performance Degradation and Channel Separation ......................................................... Choosing Channels ........................................................................................................... Channel Availability ................................................................................................
December 20, 2004 SCP-LPS20x-011-012-01H Configure ATM Settings .......................................................................................................... User PVC Parameters ....................................................................................................... VPI ............................................................................................................................. VCI .................................................................................
SCP-LPS20x-011-012-01H December 20, 2004 Overview ........................................................................................................................... Setting up a Wireless Link ................................................................................................. Wireless Link Configuration Parameters ........................................................................... Status .........................................................................................
December 20, 2004 SCP-LPS20x-011-012-01H Signal .......................................................................................................................... Noise ........................................................................................................................... SNR ............................................................................................................................. WEP Security ..................................................................
SCP-LPS20x-011-012-01H December 20, 2004 Tx Discards Wrong SA ................................................................................................ Tx Discards .................................................................................................................. Tx Retry Limit Exceeded .............................................................................................. Tx Multiple Retry Frames ................................................................................
December 20, 2004 SCP-LPS20x-011-012-01H G.SHDSL Stat Parameters ................................................................................................ Operational State ......................................................................................................... Current Bit Rate ........................................................................................................... Annex Type ........................................................................................
SCP-LPS20x-011-012-01H December 20, 2004 Local SNR Margin ........................................................................................................ Remote Line Atten ....................................................................................................... Local LOS .................................................................................................................... Local LOF ........................................................................................
December 20, 2004 SCP-LPS20x-011-012-01H Authentication Method ................................................................................................. NAS Id .......................................................................................................................... Always Try Primary Server First .................................................................................. Primary RADIUS Server ..................................................................................
SCP-LPS20x-011-012-01H December 20, 2004 About Certificate Warning Messages ..................................................................................... Installing a new SSL certificate ............................................................................................... Step 1: Creating SSL Certificates ........................................................................................... Certificate Tools ...........................................................................
December 20, 2004 SCP-LPS20x-011-012-01H Filter ............................................................................................................................. Trace Results ............................................................................................................... Start Trace ................................................................................................................... Stop Trace .......................................................................
SCP-LPS20x-011-012-01H xx December 20, 2004 ADC Telecommunications, Inc.
December 20, 2004 SCP-LPS20x-011-012-01H List of Figures Figure 1. Figure 2. Figure 3. Figure 4. Figure 5. Figure 6. Figure 7. Figure 8. Figure 9. Figure 10. Figure 11. Figure 12. Figure 13. Figure 14. Figure 15. Figure 16. Figure 17. Figure 18. Figure 19. Figure 20. Figure 21. Figure 22. Figure 23. CO-Based DSLAM Deployment .......................................................................... 3 Wi-Fi CO-Based DSLAM Deployment ................................................................
SCP-LPS20x-011-012-01H xxii December 20, 2004 ADC Telecommunications, Inc.
December 20, 2004 SCP-LPS20x-011-012-01H List of Tables Table 1. Table 2. Table 3. Table 4. Table 5. Table 6. Table 7. Table 8. Table 9. Table 10. Table 11. Table 12. Table 13. Table 14. Table 15. Table 16. LPS-20x Versions ................................................................................................... 1 LPS-21x Versions ................................................................................................... 2 G.SHDSL Reach/Rate .............................................
SCP-LPS20x-011-012-01H xxiv December 20, 2004 ADC Telecommunications, Inc.
December 20, 2004 SCP-LPS20x-011-012-01H INTRODUCTION There are several versions of Access Points (APs) and AP/Access Controllers (ACs) available: the LPS-20xR L1A(x) Outdoor and the LPS-20xR L1B(x) Low Profile powered units series (Table 1) and the LPS-21xR L1A(x) Outdoor and the LPS-21xR L1B(x) Low Profile powered units Table 2 on page 2. xDSL is used to indicate G.SHDSL and/or ADSL transport technologies unless otherwise specified. Table 1. LPS-20x Versions xDSL G.SHDSL Outdoor G.
SCP-LPS20x-011-012-01H December 20, 2004 Table 2. LPS-21x Versions xDSL G.SHDSL Outdoor G.
December 20, 2004 SCP-LPS20x-011-012-01H OVERVIEW The LPS-20xR is an outdoor/low profile span-powered Access Point (AP). The LPS-300C Central Office (CO) power module provides span powering to the LPS-20x. Each LPS-300 can power two individual LPS-20xs. There are currently two types of APs available: the LPS-20xR L1A Outdoor series and the LPS-20xR L1B Low Profile series units.
SCP-LPS20x-011-012-01H December 20, 2004 DESCRIPTION WI-FI CO-BASED DSLAM DEPLOYMENT Using existing DSLAMs, a G.SHDSL or ADSL pair is routed to the LPS-300C power card in the HMS-318 power shelf (Figure 2). The LPS-300C is a 3192 double-wide card that supports two powered xDSL pairs per module. A total of 11 LPS-300C cards can be installed in the UL-60950 compliant HMS-318 power shelf for a total of 22 span-powered pairs.
December 20, 2004 SCP-LPS20x-011-012-01H G.SHDSL RATE/REACH G.SHDSL is a symmetrical rate adaptive transport technology and ranges from 72 kb/s to 2.368 Mb/s in 64 kb/s increments over a single twisted pair. The LPS-20x defaults to rate adaptive mode for best link speed. The range on an unimpaired G.SHDSL cable is shown in Table 3. The G.SHDSL attenuation is less than 0.5 dB. Table 3. G.SHDSL Reach/Rate ADC Telecommunications, Inc.
SCP-LPS20x-011-012-01H December 20, 2004 ADSL RATE/REACH ADSL is an asymmetrical rate adaptive transport technology and ranges from 288 kb/s to 8000 kb/s downstream and 128 kb/s to 800 kb/s upstream. The range on an unimpaired ADSL cable (Fast Mode) is shown in Table 4 and (Interleaved Mode) in Table 5. Table 4.
December 20, 2004 SCP-LPS20x-011-012-01H LPS-20X The power function within the LPS-20x removes the line power provided by the LPS-300C and generates the DC voltage for the LPS-20x functions (Figure 3). As shown in Figure 3, the power function is integrated with the xDSL modem circuit board. The ATM function of the modem maps all users to a single Virtual Circuit (VC) with Unspecified Bit Rate (UBR) services. 15-LPS20xR1 Figure 3. LPS-20x Functional Diagram ADC Telecommunications, Inc.
SCP-LPS20x-011-012-01H December 20, 2004 SPECIFICATIONS Table 6 lists the specifications for the LPS-20x. Table 6.
December 20, 2004 SCP-LPS20x-011-012-01H Category Connectors Mounting Item Value xDSL 1/2” terminal nuts Wired Local Area Network (LAN) (Craft Access) 10BaseT RJ-45 Jack Antenna Dual spatial diversity internal, external antennas via dual SMA female jack connectors Two point wall or pole mount requiring no template ADC Telecommunications, Inc.
SCP-LPS20x-011-012-01H Category Physical – Low Profile Physical – Outdoor 10 December 20, 2004 Item Value Height 10.25 in. (26.0 cm.) Width 8.5 in. (21.6 cm.) Depth 3.0 in. (7.62 cm.) Weight 4.0 lbs. (1.81 kg.) Height 10.25 in. (26.0 cm.) Width 8.5 in. (21.6 cm.) Depth 4.8 in. (12.2 cm.) Weight 4.0 lbs. (1.81 kg.) ADC Telecommunications, Inc.
December 20, 2004 SCP-LPS20x-011-012-01H SPAN-POWERED XDSL MODEM INTERFACE - (G.SHDSL) On the network side, the LPS-20x supports one High-Speed Digital Subscriber Line (G.SHDSL) pair. The LPS-20x conforms to the G.SHDSL ITU-T G.991.2, Annex A and Annex B standards. However, by default, the LPS-20x comes up in auto mode, which means it automatically detects and switches to the Annex being used on the pair.
SCP-LPS20x-011-012-01H December 20, 2004 ATM The ATM specifications are listed in Table 7. The LPS-20x provides Unspecified Bit Rate (UBR) service on two Virtual Circuits (VCs) – one User VC and one Management VC. Table 7. LPS-20x ATM Requirements Parameter 12 Specification UNI ATM Forum UNI Version 3.1 and 4.0 Signaling ITU-T Q.2931 ATM Adaptation Layer 5 ITU I.363.5 Cell Delineation and HEC ITU I.432 ATM Cell Format ITU I.
December 20, 2004 SCP-LPS20x-011-012-01H DSL - WIDE AREA NETWORK (WAN) SIDE Transparent bridging is supported. The default for the management IP address is statically defined as 192.168.1.1. ATM INTERNETWORKING REQUIREMENTS (Table 8) Table 8. LPS-20x Internetworking Specifications Parameter Specification Protocol RFC 1483 Bridged Ethernet over ATM Encapsulation Logical Link Control (LLC) or VC-Mux SNMP MANAGEMENT Remote SNMP v2c is supported over all interfaces (user configurable).
SCP-LPS20x-011-012-01H December 20, 2004 SOFTWARE DOWNLOAD GUI METHODS There are three supported methods to download software (under Maintenance\Firmware Updates): • upload an image from a local drive • immediately download an image from a remote server • periodically download an updated image from a remote server SNMP METHOD All variations supported by the Graphical User Interface (GUI) Method are also available via SNMP. See COLUBRIS-MAINTENANCE-MIB for more information.
December 20, 2004 SCP-LPS20x-011-012-01H WI-FI LPS-20X WIRELESS INTERFACE Refer to Table 9 for LPS-20x Wi-Fi specifications. Table 9. LPS-20x Wi-Fi Specifications Parameter Specification Wireless Standard IEEE 802.11B Unlicensed ISM radio band Frequency Band 2.4 GHz to 2.
SCP-LPS20x-011-012-01H December 20, 2004 Parameter Specification Data Rate 11 Mb/s with fallback to 5.5, 2 and 1 Mb/s Transmit Power 23 dBm (200 mW)* 20 dBm (100 mW) (Europe) 17 dBm (50 mW) 13 dBm (20 mW) Antennas Dual internal antennas for receive path spatial diversity with support for external antennas Number of Clients 254 Global Market Requirements Complies with R&TTE Directive, EN 300-328-2 V1.2.1, EN 301 489-1, EN301 486-17 * Used in North America only.
December 20, 2004 SCP-LPS20x-011-012-01H ANTENNA The enclosure supports dual internal dipole antennas for diversity (Table 10). The LPS-20x always transmits on one antenna. However, dual antennas allow diversity in the receive direction. Spatial diversity in the receive path improves overall system performance by switching from one antenna to the other and selecting the antenna offering the best receive signal. The access point electronics makes this selection.
SCP-LPS20x-011-012-01H 18 December 20, 2004 ADC Telecommunications, Inc.
December 20, 2004 SCP-LPS20x-011-012-01H INSTALLATION AND TEST The LPS-20xR can be mounted to either a wall or pole. To ensure the safety of personnel and equipment, observe the following safety rules: Always treat the xDSL pair as if it were live with high voltage present. Follow local practice when installing a xDSL pair because voltages up to ±135 Vdc may be present. DANGER All wiring external to this product should conform to local wiring codes and practices.
SCP-LPS20x-011-012-01H December 20, 2004 MOUNTING THE UNIT Step Action 1 Use the two No. 10 x 1.5-inch wood screws and flat washers provided in the Mounting Kit to attach the unit to the side of the wall or pole (Figure 4). 2 For mounting on stucco or other similar surfaces, use the two No. 10 x 1-inch anchors from the kit. Mount the unit as shown in Figure 4, with all access openings facing down. Refer to Table 6 on page 8 for dimensions.
December 20, 2004 SCP-LPS20x-011-012-01H REFERENCE LABELS During installation, refer to the Reference labels (Figure 5) affixed on the electronics cover. The bottom label (middle section of the Reference Label) identifies the Ground and xDSL Tip and Ring wires. Ground and xDSL Tip and Ring wires 30-LPS20xR1 Figure 5. Reference Labels The reference labels for the following models will look similar to the ones above: LPS-200R L1B(x) (G.
SCP-LPS20x-011-012-01H December 20, 2004 ATTACH THE GROUND WIRE WARNING The ground termination on the unit is also used for the primary gas-tube protectors for the xDSL circuit. Use #10 AWG wire to ensure a good ground connection to the unit. Step Action 1 Route the ground wire through the bottom left rubber grommet of the unit (Figure 6 on page 23). A 10 AWG (25.8 mm) solid copper ground wire is recommended. 2 Use a 216 tool to loosen the nut and the top two washers from the ground lug.
December 20, 2004 SCP-LPS20x-011-012-01H Internal Antennas Behind Cover Internal Antenna Leads Remove XMIT/RECEIVE Cable xDSL Ring xDSL Tip Ground Lug Left Rubber Grommet 20A-LPS20xR1 Figure 6. Attach Frame-Ground Wire and xDSL Tip and Ring Wires, Disconnect Right Internal Antenna ADC Telecommunications, Inc.
SCP-LPS20x-011-012-01H December 20, 2004 USING EXTERNAL ANTENNA(S) Typical single external antenna applications use only the XMIT/RECEIVE antenna connection. The second antenna connection can be used when receive diversity is desired with dual external antennas. The receive-only internal antenna (left cable) should be removed when directional radiation patterns are required for the external antenna application. Consult your appropriate engineering guide.
December 20, 2004 SCP-LPS20x-011-012-01H ATTACH EXTERNAL SMA-TYPE ANTENNA (OPTIONAL) The external antenna mounting kit is an optional kit that can be purchased from ADC (LPS-299 L1). This kit is used when you are connecting an SMA-Type external antenna only. Refer to Product Support on page 177. If the unit is not opened, refer to Open the Unit on page 20. Step Action 1 Disconnect the right internal antenna (XMIT/RECEIVE) cable connections on both ends (Figure 6 on page 23).
SCP-LPS20x-011-012-01H December 20, 2004 SYSTEM STATUS WINDOW AND LEDS The electronics enclosure has a System Status window through which Status LEDs can be viewed. The Status LEDs indicate different system states. The top portion of the reference label provides a guide to what the Status LEDs indicate (Figure 8).
December 20, 2004 SCP-LPS20x-011-012-01H RESET BUTTON WARNING Do not press the reset button for more than 5 seconds. Doing so will cause the LPS-20x to revert to the factory defaults. CAUTION Resetting the LPS-20x deletes all your configuration settings, resets the Administrator username and password to ‘admin’ , and sets the Wireless port and LAN port IP address to 192.168.1.1. The management tool can also be used to restart or reset the LPS-20x.
SCP-LPS20x-011-012-01H December 20, 2004 RESTARTING WARNING Do not press the reset button for more than 5 seconds. Doing so will cause the LPS-20x to revert to the factory defaults. Restarting will drop all active connections. Press and release the button from 1 to <5 seconds to restart the LPS-20x. This is equivalent to cycling the power. The LPS-20x will restart immediately.
December 20, 2004 SCP-LPS20x-011-012-01H INTRODUCTION TO THE WIRELESS ACCESS POINT The LPS-20x wireless Access Point (AP) series are remote units that are designed to work in conjunction with Remote Authenication Dial-In User Service (RADIUS) Servers, access controllers or similar products (Figure 10). The role of the LPS-20x is to extend the wireless network and provide intelligent data forwarding to maintain the security of the network.
SCP-LPS20x-011-012-01H December 20, 2004 SERVICE SENSOR The service sensor enables the LPS-20x to determine if access to the network or a particular server is available. If not, the LPS-20x automatically shuts off its radio transmitter taking down the wireless cell. The service sensor polls the target device approximately every half second. For more details, refer to Service Sensor on page 94.
December 20, 2004 SCP-LPS20x-011-012-01H WIRELESS BRIDGING The LPS-20x wireless bridging feature enables you to use the wireless radio to create point-to-point wireless links with other access points (Figure 12). This feature can be used to extend the reach of a network without additional wiring. LPS-20x LPS-20x Wireless bridge Access Controller LAN 24-LPS20xR1 Internet Figure 12. Wireless Bridging ADC Telecommunications, Inc.
SCP-LPS20x-011-012-01H December 20, 2004 MULTIPLE SSID AND VLAN SUPPORT The LPS-20x provides support for multiple Service Set Identifiers (SSIDs) (Figure 13). This allows the wireless network to be segmented into multiple distinct entities, each with its own SSID. This feature is very useful when combined with Virtual Local Area Network (VLAN) support. For example, in this scenario public and private users share the same infrastructure with complete security.
December 20, 2004 SCP-LPS20x-011-012-01H PLANNING YOUR INSTALLATION OVERVIEW The LPS-20x enables you to extend the coverage of a public access network. One or more LPS-20xs can be installed in conjunction with an access controller (Figure 14). Network Operations Center Access Controller Management station RADIUS server VPN server Secure tunnels protected by IPSec or PPTP Internet LPS-20x LPS-20x LPS-20x 01-LPS21xR1 Figure 14.
SCP-LPS20x-011-012-01H December 20, 2004 LPS-20X The LPS-20x (and the access controller) provide wireless network coverage in a radius of up to 100 meters (300 feet). This is called a wireless cell. To maximize coverage of the cell, the LPS-20x is best installed in an open area with as few obstructions as possible. Try to choose a location that is central to the area being served. The LPS-20x uses radio waves in the 2.4 Ghz band to communicate with client stations.
December 20, 2004 SCP-LPS20x-011-012-01H MANAGEMENT TOOL The management tool is a Web-based interface to the LPS-20x that provides easy access to all configuration functions via WLAN, LAN, or Internet Port. IMPORTANT ! Only one administrator can be logged into the management tool at a given time. If a second administrator logs in while the first is connected, the first administrator may be logged out depending on system configuration (refer to Management|Management Tool|Login override).
SCP-LPS20x-011-012-01H December 20, 2004 MANAGEMENT SCENARIOS The LPS-20x can be managed both locally and remotely for complete flexibility. The following management scenarios are supported: LOCAL MANAGEMENT • A computer connected to the wireless AP via a wireless network card. • A computer directly connected to the LAN port on the LPS-20x. A cross-over Ethernet cable is required. • A computer on the wired LAN that is connected to the LPS-20x.
December 20, 2004 SCP-LPS20x-011-012-01H CONNECTING TO THE LPS-20X FOR THE FIRST TIME Your LPS-20x is factory configured with a static IP address assignment. The address is 192.168.1.1. In order to connect to the LPS-20x, a computer with a WLAN or LAN NIC card is required. It is recommended that you access the LPS-20x via a wireless connection. However, you may also connect via the wired LAN port located on the electronics enclosure.
SCP-LPS20x-011-012-01H December 20, 2004 STARTING THE MANAGEMENT TOOL Most of the screens in this software section were captured using the LPS-202. However, the content of screens remain the same for all LPS-20x (unless otherwise noted). 1. Start your Web browser. 2. In the address box, specify: HTTPS://192.168.1.1. Make sure that you specify HTTPS and not HTTP. 3. Press Enter. You will be prompted to accept an ADC security certificate. Do so to continue.
December 20, 2004 SCP-LPS20x-011-012-01H 5. You will see the home page after you have successfully logged into the system. If this is the first time the AP has been powered up from the factory, a pop-up window will appear asking you to change your password. It is highly recommended that you change your password at this time. You may also change your password under Management|Management Tool. 6. For more information about the LPS-20x, click on More information. The following screen appears.
SCP-LPS20x-011-012-01H December 20, 2004 HOME PAGE PARAMETERS The LPS-20x does not require day-to-day management for successful, efficient operation.The most you will want to do is inquire about status and statistics. CURRENT IP ADDRESS This is the IP assigned to all ports of the LPS-20x. WIRELESS MAC ADDRESS This is the MAC address associated with the LPS-20x. SNMP SYSTEM NAME Identifies the LPS-20x on your network. To set this, go to Management|SNMP.
December 20, 2004 SCP-LPS20x-011-012-01H RESTART Click on this button to restart the LPS-20x. It may take up to 60 seconds for the LPS-20x to become fully operational again. When the DSL light stops flashing, the LPS-20x is fully operational. Resetting does not affect your configuration. Restarting will drop all active connections. ADC Telecommunications, Inc.
SCP-LPS20x-011-012-01H December 20, 2004 MAIN MENU TREE Figure 15 shows the main menu tree of the management tool.
December 20, 2004 SCP-LPS20x-011-012-01H MAIN MENU TREE PARAMETERS The following information is a brief overview of the management tool menu options. For detailed information on each option and its parameters, consult the online help, which is available by clicking the help icon [?] that appears in the top right corner of most boxes. HOME Displays basic status information on the operation of the LPS-20x. For a description of the information on the Home page, refer to Home Page Parameters on page 40.
SCP-LPS20x-011-012-01H December 20, 2004 SECURITY The security menu lets you define all security-related settings. Included in this menu are: RADIUS This is where you define the settings the LPS-20x uses to communicate with external RADIUS servers. Certificates Use this option to manage the SSL certificates used by the LPS-20x.
December 20, 2004 SCP-LPS20x-011-012-01H TOOLS Provides diagnostic tools that can be used to investigate anomalies. Generally, you will use these only under the direction of ADC. These tools also enable you to view the system log. The system log contains a record of all significant events that occur on the LPS-20x. This information is useful when troubleshooting the LPS-20x with the assistance of ADC.
SCP-LPS20x-011-012-01H December 20, 2004 MANAGEMENT TOOL SECURITY The management tool is protected by the following security features. ADMINISTRATOR PASSWORD WARNING Failure to change the user name and password will leave your network at an increased risk of attack. WARNING If you forget the administrator password, the only way to gain access to the management tool is to reset the LPS-20x to factory default settings (refer to Resetting to Factory Defaults on page 28).
December 20, 2004 SCP-LPS20x-011-012-01H ADMINISTRATOR AUTHENTICATION PARAMETERS Authentication Via Choose how the administrator’s username and password are verified. You can choose to store this information on the LPS-20x (local account) or remotely on a RADIUS Server. Using a RADIUS Server enables you to have multiple administrators, each with a unique name and password. To use a RADIUS Server, you must define a RADIUS profile in Security>RADIUS. Username Login name for the administrator.
SCP-LPS20x-011-012-01H December 20, 2004 VALIDATING ADMINISTRATOR LOGINS USING A RADIUS SERVER You can use a RADIUS server to authenticate logins to the management tool. One advantage of this is that it enables you to create several administrator accounts, each with its own username and password. IMPORTANT ! Make sure that the RADIUS profile you select is configured and that the administrator account is defined on a functioning RADIUS server.
December 20, 2004 SCP-LPS20x-011-012-01H CONNECTION SECURITY To maintain the integrity of the configuration settings, only one user can be connected to the management tool at a given time. To prevent the management tool from being locked up by an idle user, two mechanisms are in place: • If a user’s connection to the management tool remains idle for more than ten minutes, the LPS-20x automatically logs the user out.
SCP-LPS20x-011-012-01H December 20, 2004 SECURITY PARAMETERS Allowed Addresses Lets you define a list of IP addresses from which access to the management tool is permitted. To add an entry, specify the IP address and appropriate mask and click Add. When the list is empty, access is permitted from any IP address. Active Interfaces Choose the interfaces through which client stations will be able to access the management tool.
December 20, 2004 SCP-LPS20x-011-012-01H CONFIGURING REMOTE MANAGEMENT SUPPORT If the LPS-20x is installed behind an access controller or RADIUS server, enabling remote access to the management tool requires configuration settings to be defined on the access controller, RADIUS server, and the LPS-20x. This section explains how to accomplish this for the following two scenarios (Figure 16): Scenario 1 Scenario 2 RADIUS Server Access Controller RADIUS Server 20.1 20.4 192.168.20.0 20.2 30.
SCP-LPS20x-011-012-01H December 20, 2004 ON THE ACCESS CONTROLLER Create static NAT mappings To direct management traffic to the proper LPS-20x, you need to create static NAT mappings to redirect HTTPS traffic to the new ports you defined on the LPS-20xs. • Map traffic on port 5002 to IP address 192.168.1.2 and port 443. • Map traffic on port 5003 to IP address 192.168.1.3 and port 443.
December 20, 2004 SCP-LPS20x-011-012-01H FIRMWARE MANAGEMENT Firmware updates can be handled manually, automatically, or with a tool like cURL. IMPORTANT ! When an LPS-20x is restarted, it automatically initializes itself to the default address 192.168.1.1. If the DHCP client is enabled on the Internet port, it takes about 30 seconds after the restart for the DHCP client to request an address.
SCP-LPS20x-011-012-01H December 20, 2004 FIRMWARE UPDATE PARAMETERS Firmware Updates The firmware is special software that controls the operation of the LPS-20x. Periodically, ADC will make new versions of the firmware available. All configuration settings are preserved during the update unless stated otherwise in the release notes for the firmware. Install Firmware Two options are available: Manual and Scheduled. Manual Click the Browse button and then locate a firmware file.
December 20, 2004 SCP-LPS20x-011-012-01H Using cURL It is possible to automate management tasks using a tool like cURL. cURL is a software client that can be used to get/send files to/from a server using a number of different protocols (HTTP, HTTPS, FTP, GOPHER, DICT, TELNET, LDAP or FILE). cURL is designed to work without user interaction or any kind of interactivity. It is available for Windows and LINUX at: http://curl.haxx.se/. You must use version 7.9.8 or higher.
SCP-LPS20x-011-012-01H December 20, 2004 CONFIGURATION FILE MANAGEMENT The configuration file contains all of the settings that customize the operation of the LPS-20x. You can save and restore the configuration file manually, automatically, or with a tool like cURL. IMPORTANT ! When an LPS-20x is restarted, it automatically initializes itself to the current address (default is 192.168.1.1).
December 20, 2004 SCP-LPS20x-011-012-01H Restore Configuration File Enables you to restore a configuration from a previously saved backup. This feature enables you to maintain several configuration files with different settings, which can be useful if you frequently need to alter the configuration of the LPS-20x or if you are managing several LPS-20xs from a central site. USING CURL It is possible to automate management tasks using a tool like cURL.
SCP-LPS20x-011-012-01H December 20, 2004 Resetting the Configuration to Factory Defaults CAUTION Resetting the LPS-20x deletes all your configuration settings, resets the Administrator username and password to ‘admin’ , and sets the Wireless port and LAN port IP address to 192.168.1.1. The management tool can also be used to restart or reset the LPS-20x. 1. Login to the management interface. curl --dump-header cookie.txt -s -m 60 "https://24.28.15.22/goform/ Logout?username=admin&pw=admin" 2.
December 20, 2004 SCP-LPS20x-011-012-01H SYSTEM TIME 1. On Management menu, click System time. The System time configuration page opens. SYSTEM TIME PARAMETERS Set Time Zone and DST Choose the time zone the LPS-20x is located in. You may also enable support for daylight savings time. Set Date and Time (Manually) Use this option to manually set the system date and time.
SCP-LPS20x-011-012-01H December 20, 2004 WIRELESS OVERVIEW Use this screen to gather information on your wireless system. 1. On the Wireless menu, click Overview. WIRELESS NETWORK PARAMETERS Network is up or down Indicates the status of the wireless network. Mode Indicates if the LPS-20x is operating in Access Point or in Point-to-Point mode. SSID Name assigned to the wireless network. Device name The name that identifies the LPS-20x on the wireless network (for information purposes only).
December 20, 2004 SCP-LPS20x-011-012-01H Authorized Applies to client stations using 802.1x only. A value of “Yes” indicates that 802.1x authentication was successful. A value of “No” indicates that 802.1x authentication was unsuccessful. If 802.1x support is not enabled on the LPS20x, this field shows “yes”. Signal Indicates the strength of the radio signal received from the client stations. Signal strength is expressed in dBm. The higher the number, the stronger the signal.
SCP-LPS20x-011-012-01H December 20, 2004 CONFIGURATION – SETTING UP THE WIRELESS LAN 1. On the main menu, click Wireless, then click Wi-Fi. The Wireless configuration page opens. 2. Configure the parameters as described in the sections that follow. 3. Click Save when you are done. ACCESS POINT PARAMETERS Enable this option to activate the wireless access point (default). When this option is disabled, wireless client stations will not be able to connect.
December 20, 2004 SCP-LPS20x-011-012-01H Broadcast WLAN name (SSID) When this option is enabled, the LPS-20x will broadcast its wireless network name (SSID) to all client stations. Most wireless adapter cards have a setting that enables them to automatically discover access points that broadcast their names and automatically connect to the one with the strongest signal. If you disable this option, client stations will have to specify the network name you enter for WLAN name when they connect.
SCP-LPS20x-011-012-01H December 20, 2004 VLAN PARAMETERS VLAN ID Assigns a VLAN ID to the wireless network. The LPS-20x bridges all wireless traffic to the matching VLAN connected to the Internet port. IMPORTANT ! Enabling this feature bypasses all security features that are active on the LPS-20x. Make sure that your VLAN has the appropriate security installed to protect access to the network. WIRELESS PROTECTION PARAMETERS Select the type of protection you want to use for the wireless network.
December 20, 2004 SCP-LPS20x-011-012-01H 802.1x This option enables support for users with 802.1x client software. The LPS-20x supports 802.1x client software that uses EAP-TLS, EAP-TTLS, and PEAP. RADIUS profile Communications with the RADIUS server is handled via the access controller. This setting cannot be changed. WEP encryption Enable the use of dynamic WEP keys for all 802.1x sessions. Dynamic key rotation occurs on key 1, which is the broadcast key. Key 0 is the pairwise key.
SCP-LPS20x-011-012-01H December 20, 2004 WLAN PROFILES The LPS-20x enables you to create multiple wireless networks all sharing the same wireless port. Each network has its own SSID (network name) and configuration settings that are defined in a profile. Up to 16 profiles can be created. To create a wireless profile 1. On the main menu, click Wireless, and then click WLAN profiles. The WLAN profiles page opens. Initially, it displays the default WLAN profile. 2. Click Add New Profile. 3.
December 20, 2004 SCP-LPS20x-011-012-01H ACCESS POINT PARAMETERS Enable this option to activate the wireless access point. When this option is disabled, wireless client stations will not be able to connect. WLAN name (SSID) Specify a name to uniquely identify your wireless network. Each client computer that wants to connect to this profile must use this name. The name is case-sensitive.
SCP-LPS20x-011-012-01H December 20, 2004 WIRELESS PROTECTION PARAMETERS Select the type of protection you want to use for the wireless network. WPA This option enables support for users with WPA client software. Key Source This option determines how the TKIP keys are generated. • RADIUS: The LPS-20x obtains the MPPE key from the RADIUS server. This is a dynamic key that changes each time the user logs in and is authenticated.
December 20, 2004 SCP-LPS20x-011-012-01H WEP Key 1, 2, 3, 4 The number of characters you specify for a key determines the level of encryption the LPS-20x will provide. • For 40-bit encryption, specify 5 ASCII characters or 10 HEX digits • For 128-bit encryption, specify 13 ASCII characters or 26 HEX digits When encryption is enabled, wireless stations that do not support encryption cannot communicate with the LPS-20x.
SCP-LPS20x-011-012-01H December 20, 2004 DNS MANAGEMENT OVERRIDING DYNAMICALLY ASSIGNED DNS SERVERS If required, you can override the DNS servers dynamically assigned by PPPoE or DHCP as follows: 1. In the management tool, click Network, then click DNS. The DNS configuration page opens. 2. Specify the addresses of Server 1 and Server 2. 3. Click Save when you are done. DNS SERVER PARAMETERS Server 1 Specify the IP address of the first DNS server that the LPS-20x will use.
December 20, 2004 SCP-LPS20x-011-012-01H OPERATING FREQUENCY When using multiple units, it is important that each pair of wireless cells that overlap be set to operate on a different channel. This helps to eliminate crosstalk and increase performance. For information on selecting operating frequencies, refer to Configuring Overlapping Wireless Cells on page 72.
SCP-LPS20x-011-012-01H December 20, 2004 CONFIGURING OVERLAPPING WIRELESS CELLS Overlapping wireless cells are caused when two or more access points are within transmission range of each other. This may be under your control (when setting up multiple cells to cover a large location) or out of your control (when your neighbors set up their own wireless networks.). In either case, the problems you face are similar.
December 20, 2004 SCP-LPS20x-011-012-01H The solution to this problem is to set the two networks to different channels with as great a separation as possible in their operating frequencies. This reduces cross-talk and enables client stations connected to each access point to transmit at the same time. CHOOSING CHANNELS For optimum performance when operating in 802.11b mode, choose a frequency that differs from other wireless access points operating in neighboring cells by at least 25 MHz.
SCP-LPS20x-011-012-01H December 20, 2004 Different regions have specified maximum transmit power and channel availability (Table 12). The number of channels available in a particular country are determined by the regulations defined by the local governing body. Table 12.
