Access Point AT-WL2411 ◆ Installation and User’s Guide VERSION 1.
Copyright © 2004 Allied Telesyn, Inc. 960 Stewart Drive Suite B, Sunnyvale, CA 94085 USA All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesyn, Inc. Microsoft is a registered trademark of Microsoft Corporation, Netscape Navigator is a registered trademark of Netscape Communications Corporation.
Electrical Safety and Emission Statement Standards: This product meets the following standards. U.S. Federal Communications Commission Declaration Of Conformity Manufacture Name: Allied Telesyn, Inc. Manufacture Address: 960 Stewart Drive, Suite B Sunnyvale, CA 94085 USA Manufacture Telephone: 408-730-0950 Declares that the product: Access Point Model Numbers: AT-WL2411 This product complies with FCC Part 15B, Class B Limits: This device complies with part 15 of the FCC Rules.
Electrical Safety and Emission Statement Tärkeää: Liite Csisältää tämän laitteen asentamiseen liittyvät käännetyt turvaohjeet. Kun näet -symbolin, katso käännettyä turvaohjetta liitteestä C. Importante: l’Appendice C contiene avvisi di sicurezza tradotti per l’installazione di questa apparecchiatura. Il simbolo , indica di consultare l’Appendice Cper l’avviso di sicurezza nella propria lingua. Viktig: Tillegg C inneholder oversatt sikkerhetsinformasjon for installering av dette utstyret.
Table of Contents Electrical Safety and Emission Statement ............................................................................................................................................... 3 Preface ....................................................................................................................................................................................................................11 How This Guide is Organized .......................................................
Table of Contents Installing the Access Point ............................................................................................................................................................................... 30 Wall-mounting the AT-WL2411.............................................................................................................................................................. 30 Attaching an External Antenna (Optional) ........................................................
AT-WL2411 Version 1.80 Installation and User’s Guide Chapter 6 Configuring the IEEE 802.11b Radio ..................................................................................................................................................... 111 Using One AT-WL2411 in a Simple Wireless Network ......................................................................................................................... 112 Configuring an 802.11b Access Point Parameters .....................................
Table of Contents Chapter 10 Advanced Configuration Commands ....................................................................................................................................................185 Using the Access Point Monitor ...................................................................................................................................................................186 Understanding Access Point Segments ................................................................
AT-WL2411 Version 1.80 Installation and User’s Guide 802.1x Menu Defaults .............................................................................................................................................................................. 217 IEEE 802.11 (b or a) WEP Menu Defaults ........................................................................................................................................... 217 Internal RADIUS Server Menu Defaults.......................................
Preface This guide contains instructions on how to install and configure the AT-WL2411 Access Point. How This Guide is Organized This manual contains the following chapters and appendices: Chapter 1, Product Description, describes the features and components of the access point. Chapter 2, Installation, contains installation and mounting instructions. Chapter 3, Configuration Overview, explains how to access the configuration firmware.
Preface Chapter 10, Advanced Configuration Commands, contains commands for advanced access point users. Appendix A, Default Configuration Settings lists the default firmware settings. Appendix B, Technical Specifications, lists the technical specifications for the access point. Appendix C, Translated Electrical Safety and Emission Information, contains multi-language translations of the warnings and cautions in the manual.
AT-WL2411 Version 1.80 Installation and User’s Guide Document Conventions This document uses the following conventions: Note Notes provide additional information. Warning Warnings inform you that performing or omitting a specific action may result in bodily injury. Caution Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data.
Preface Where to Find Web-based Guides The Allied Telesyn web site at www.alliedtelesyn.com provides you with an easy way to access the most recent documentation and technical information for all of our products. All Allied Telesyn products can be downloaded from the web site in PDF format.
AT-WL2411 Version 1.80 Installation and User’s Guide Contacting Allied Telesyn Technical Support This section provides Allied Telesyn contact information for technical support as well as sales or corporate information. Online Support E-mail and Telephone Support Returning Products You can request technical support online by accessing the Allied Telesyn Knowledge Base from the following web site at kb.alliedtelesyn.com.
Chapter 1 Product Description The AT-WL2411 Access Point forwards data from wireless end devices to the wired Ethernet network. The AT-WL2411 can be used as an access point or as a point-to-point bridge. An access point is connected to a wired network and provides network access for wireless end devices. A point-to-point bridge connects two wired LANs and is often used to provide wireless communications in locations where running cable is difficult, such as across roads or between buildings.
Product Description Hardware Features The following sections describe these hardware features of the AT-WL2411 Access Point: ❑ Status LEDs ❑ 10 Mbps twisted pair Ethernet port ❑ Serial connection management port ❑ Serial connection management cable ❑ 5V DC power supply input port ❑ External AC/DC power adapter Status LEDs The AT-WL2411 features the following status LEDs: ❑ Power ❑ Radio ❑ Wired LAN: Ethernet link and activity ❑ Root/error Figure 1 illustrates the four LEDs on the AT-WL2411.
AT-WL2411 Version 1.80 Installation and User’s Guide Table 1 defines the LEDs for the AT-WL2411 Access Point. Table 1 Status LEDs LED Color Description PWR Green Power is applied to the unit. Radio Green Flashes when a frame is transmitted or received on the radio port. Wired LAN Green Flashes when a frame is transmitted or received on the Ethernet port. Root/error Green Ports Flashes if access point has been configured as root; remains on if an error is detected.
Product Description RJ-45 Port Pinouts Figure 3 illustrates the pin assignments of an RJ-45 connector and port. 8 1 8 1 Figure 3 RJ-45 Connector and Port Pin Assignments Serial Port The serial connection/management port features a DB-9 connector for connecting the access point to your laptop or PC-compatible computer for configuration using the provided management cable.
AT-WL2411 Version 1.80 Installation and User’s Guide Firmware Features The Version 1.
Product Description Network Configurations The AT-WL2411 Access Point supports a variety of network configurations that are explained in this section. A Simple Wireless Network You can use the access point to extend your existing Ethernet network to include wireless end devices. The access point connects directly to your wired network and the end devices form a network that functions as a wireless extension of the wired LAN.
AT-WL2411 Version 1.80 Installation and User’s Guide Using Multiple APs and Roaming End Devices For larger or more complex environments, you can install multiple access points so end devices can roam from one access point to another. Multiple access points establish coverage areas or cells similar to those of a cellular telephone network. End devices can connect with any access point that is within range and belongs to the same network.
Product Description Using APs to Create a Pointto Point Bridge You can use access points to create a wireless or point-to-point bridge between two LANs. You can have a access point wired to a network in one building and have a second access point wired to a network in another building. Wired clients in both buildings can then communicate with each other over the wireless bridge created by the access points.
Chapter 2 Installation This chapter contains the following sections: ❑ Installation Safety Precautions on page 26 ❑ Selecting a Site for the Access Point on page 27 ❑ Verifying Package Contents on page 29 ❑ Installing the Access Point on page 30 ❑ Attaching an External Antenna (Optional) on page 33 ❑ Warranty Registration on page 35 25
Installation Installation Safety Precautions Please review the following safety precautions before you begin to install the access point. Refer to Translated Electrical Safety and Emission Information on page 221 for statements in your language. Warning Power to the access point must be sourced only from the adapter: Europe—EC Use TÜV licensed AC adapter of 5 V DC, min 2.0 A. Other Countries Use a Safety Agency Approved AC adapter of 5 V DC, min 2.0 A.
AT-WL2411 Version 1.80 Installation and User’s Guide Selecting a Site for the Access Point Allied Telesyn recommends that you have Allied Telesyn or other certified providers conduct a site survey to determine the ideal locations for all of your network components. A proper site survey requires special equipment and training. Observe the following requirements when choosing a site for your access point: ❑ If you are installing the access point on a table, be sure that the table is level and secure.
Installation ❑ Microwave ovens operate in the same frequency band as the 802.11b HR radio; therefore, if you use a microwave within range of your Allied Telesyn RF network, you may notice network performance degradation. Both your microwave and your RF network will continue to function, but you may want to consider relocating your microwave out of range of your access point. The access point features an advanced configuration parameter for the 802.11b HR radio called microwave oven robustness.
AT-WL2411 Version 1.80 Installation and User’s Guide Verifying Package Contents Make sure the following items are included in your package. If any item is missing or damaged, contact your Allied Telesyn sales representative for assistance. ❑ One AT-WL2411 Access Point ❑ Mounting bracket ❑ Power supply and AC power cord ❑ Documentation CD Cables Not Included The AT-WL2411 Access Point requires the cables described in Table 2. These cables are not included with the access points.
Installation Installing the Access Point You can install the AT-WL2411 horizontally on a desk or counter, or you can install it vertically to a wall using the wall bracket that ships with it. An optional cubicle bracket is also available for mounting the AT-WL2411 on a cubicle wall. Wall-mounting the AT-WL2411 To install the mounting bracket and AT-WL2411 on a sturdy surface in accordance with local building codes, you need the following tools and materials: ❑ Two #5 or M3 screws.
AT-WL2411 Version 1.80 Installation and User’s Guide 4. Fit the slots on the back of the AT-WL2411 over the hooks on the mounting bracket. 5. Slide the AT-WL2411 up slightly and then press the base of the AT-WL2411 until it clicks into the clip at the bottom of the wallmounting bracket. 6. Using the guidelines below, position the antenna accordingly. See to Figure 8. ❑ Place the antenna at 90° when using the AT-WL2411 horizontally; for instance, on a desk or counter.
Installation 8. To configure the access point or assign it an IP address for remote configuration, attach one end of the RS-232 null-modem management cable to the serial port on the unit and then attach the other end of the cable to the serial port on your computer. For instructions on how to further configure the access point, see Configuration Overview on page 37. 9.
AT-WL2411 Version 1.80 Installation and User’s Guide Attaching an External Antenna (Optional) To attach an external antenna, you must disconnect the built-in antenna and attach an antenna cable directly to the radio card in the access point. For more information about antenna options, contact your local Allied Telesyn representative. To attach an antenna cable to the AT-WL2411, perform the following procedure: 1. Remove the Radio Card Door. Refer to Figure 9. 2.
Installation 5. Attach the antenna cable to the radio by inserting the cable connector into the radio card. 6. Replace the door. The AT-WL2411 is now ready for use.
AT-WL2411 Version 1.80 Installation and User’s Guide Warranty Registration When you have finished installing the access point, register your product by completing the enclosed warranty card and mailing it to Allied Telesyn.
Chapter 3 Configuration Overview The AT-WL2411 Access Point features three different management interfaces: ❑ Using a Serial Connection on page 38 ❑ Using a Web Browser on page 43 ❑ Using a Telnet Session on page 47 Note You must first access the management firmware using a communications program via serial connection to assign the AT-WL2411 an IP address before you can use the other management interface options. To assign an IP Address, refer to Assigning an IP Address on page 41.
Configuration Overview Using a Serial Connection Although the AT-WL2411 Access Point will work directly out of the box, you must assign it an IP Address and define other basic parameters before you can manage it remotely. To perform these initial configurations, you must use a serial connection and a terminal or a communications program (such as HyperTerminal).
AT-WL2411 Version 1.80 Installation and User’s Guide 4. Press Enter when the message Starting system appears on your PC screen. The Login screen shown in Figure 11 is displayed.. Figure 11 Login Screen 5. Type atilan as the user name (default) and press . 6. Then type atilan as the password (default) and press . The Configuration Menu as shown in Figure 12 is displayed.
Configuration Overview 7. To assign the access point an IP address so that you can continue configuration remotely, proceed to the next section Assigning an IP Address on page 41. 8. To continue configuration using the serial connection, use the menu shown in Figure 12. 9. When you have finished your configurations, save you changes by using the Save Configuration option and then reboot the access point to activate your changes.
AT-WL2411 Version 1.80 Installation and User’s Guide Assigning an IP Address The AT-WL2411 will work directly out of the box if you are using a DHCP server to assign it an IP Address. By default, the access point is configured to be a DHCP client. However, if you are not using a DHCP server to assign IP Address, you must assign the access point an IP Address before you can manage it remotely. 1.
Configuration Overview 4. In the 802.11b Radio Menu, configure the parameters. These parameters are described below. (SSID) Network Name The network name. All 802.11b radios must have the same network name to communicate. Frequency The frequency appropriate for your installation. Frequencies range from 2.4 to 2.5 GHz and depend on the specific country. 5. Save the configurations by using the Save Configuration option and reboot the access point to activate your changes.
AT-WL2411 Version 1.80 Installation and User’s Guide Using a Web Browser After you have configured the IP address and other basic network parameters as described in Assigning an IP Address on page 41, you can manage your access point using a Web browser. You must know the IP Address of the access point to manage it remotely. If a DHCP server assigned the IP Address, you must determine the IP Address from the DHCP server. Only one session can be active on the access point at a time.
Configuration Overview Figure 13 Access Point Login Screen 3. Type atilan as both the user name and password (defaults). Note You can change the user name and password from the Security Menu.
AT-WL2411 Version 1.80 Installation and User’s Guide 4. Select Login. The TCP/IP Settings screen as shown in Figure 14 is displayed. Figure 14 TCP/IP Settings Screen You can now configure the AT-WL2411 using the Web browser menus.
Configuration Overview Saving Your Configuration Changes There are two ways to save your configuration settings in a Web browser session: ❑ Submit Changes When you select Submit Changes, the access point updates the current configuration file. The access point does not change the active configuration file. You can see a list of pending changes when you click Save/Discard Changes.
AT-WL2411 Version 1.80 Installation and User’s Guide Using a Telnet Session To establish a Telnet configuration session, perform the following procedure: 1. Go to an MS-DOS prompt and type Telnet IP address, where IPaddress has the form x.x.x.x and x is a number from 0 to 255. Use the IP address assigned to the AT-WL2411 you want to configure. or Open a Telnet program and type open. Press . At the prompt, type the IP address of the AT-WL2411 and press . 2.
Configuration Overview Using SNMP The access point supports SNMP management. Contact your Allied Telesyn representative for information about obtaining a copy of the MIB. The passwords for accessing the SNMP community table are shown below. Configuring the SNMP Community Type of Access MIB Password read only public read/write CR52401 Simple Network Management Protocol (SNMP) community strings are passwords used by SNMP.
AT-WL2411 Version 1.80 Installation and User’s Guide 3. Configure the SNMP community parameters. The SNMP community parameters are explained below. SNMP Read Community Allows read-only access. Defaults to public. SNMP Write Community Allows read/write access. Defaults to CR52401. SNMP Secret Community Allows read/write access to change the community strings. Defaults to Secret. 4. When you are finished, select Submit Changes to save your changes.
Chapter 4 Configuring the Ethernet Network This chapter contains the following sections: ❑ Configuring the TCP/IP Settings on page 52 ❑ Configuring the Ethernet Settings on page 63 ❑ Configuring Ethernet Filters on page 64 51
Configuring the Ethernet Network Configuring the TCP/IP Settings If you are using a DHCP server to automatically assign an IP address to the access point, go to Configuring the Access Point as a DHCP Client in the next section. If you are not using a DHCP server, you need to manually assign some TCP/IP parameters. You should have already configured an IP address for the access point, as described in Assigning an IP Address on page 41. To configure the TCP/IP settings, perform the following procedure: 1.
AT-WL2411 Version 1.80 Installation and User’s Guide IP Subnet Mask Enter the subnet mask that matches the other devices in your network. The subnet mask has the form x.x.x.x, where x is a number from 0 to 225. IP Router Enter the IP Address of the router that will forward packets if the access point will communicate with devices on another subnet. The IP Address has the form x.x.x.x, where x is a number from 0 to 225.
Configuring the Ethernet Network Configuring the Access Point as a DHCP Client You can use a DHCP server to automatically assign an IP Address to your access point; that is, the access point can act as a DHCP client. Note You cannot configure the access point as both a DHCP server and a DHCP client. To configure the access point as a DHCP client, perform the following procedure: 1. From the Main Menu, select TCP/IP Settings. The TCP/IP Settings screen as shown in Figure 17 is displayed.
AT-WL2411 Version 1.80 Installation and User’s Guide 3. In the DHCP Server Name field, enter the name of the DHCP server that the access point is to access for automatic address assignment. If no server name is specified, the access point responds to offers from any server. 4. Select Submit Changes to save your changes. To activate your changes, select Save/Discard Changes from the menu bar and then select Save Changes and Reboot. For help, see Saving Your Configuration Changes on page 46.
Configuring the Ethernet Network To configure the access point as a DHCP server, perform the following procedure: 1. From the Main Menu, select TCP/IP Settings. The TCP/IP Settings screen as shown in Figure 18 is displayed. Figure 18 TCP/IP Settings Screen 2. Verify that the IP Subnet Mask field and IP Router field are configured. For help, see Configuring the TCP/IP Settings on page 52. 3. Select the down arrow on the right side of the DHCP Mode field and choose This AP is a DHCP Server. 4.
AT-WL2411 Version 1.80 Installation and User’s Guide 5. Select DHCP Server Setup. The DHCP Server Setup screen as shown in Figure 19 is displayed. Figure 19 DHCP Server Setup 6. Configure the DHCP server using the following parameters: Low Address The low IP Address in the range of IP Addresses available to the DHCP server for distribution to DHCP clients.
Configuring the Ethernet Network DNS Address 2 The IP address of a Domain Name Server that will be distributed to DHCP clients. You can enter up to two DNS addresses to be delivered to DHCP clients. Lease Time Specifies the duration of the leases that are granted by the DHCP server. Enter the lease time in the format days:hours:minutes. If you set the lease time to 0, infinite leases are granted 7. Select Submit Changes to save your changes and then select here.
AT-WL2411 Version 1.80 Installation and User’s Guide About Network Address Translation (NAT) NAT allows IP addresses to be used by more than one device. The access point can act as a NAT server, which instantaneously rewrites IP addresses and port numbers in IP headers so that packets all appear to be coming from (or going to) the single IP address of the access point instead of the actual source or destination.
Configuring the Ethernet Network To configure the access point as a NAT server, perform the following procedure: 1. From the Main Menu, select TCP/IP Settings. The TCP/IP Settings screen as shown in Figure 16 is displayed. Figure 20 TCP/IP Settings Screen 2. Verify that the IP Address field and IP Subnet Mask field are configured. For help, see Configuring the TCP/IP Settings on page 52. 3. Select the down arrow on the right side of the DHCP Mode field and choose This AP is a DHCP Server. 4.
AT-WL2411 Version 1.80 Installation and User’s Guide Configuring the Access Point to Send ARP Requests ARP requests are multicast packets, which means they are sent to all devices on the network. The access point periodically sends an unsolicited ARP request to the default IP router so that all routers can update their routing tables. This ARP request enables a network management program to learn about the access point on the network by querying routers.
Configuring the Ethernet Network 2. In the Auto ARP Minutes field enter a time period from 1 to 120 minutes. To disable this parameter, set the time period to 0. 3. Select Submit Changes to save your changes. To activate your changes, Select Save/Discard Changes from the menu bar and then select Save Changes and Reboot. For help, see Saving Your Configuration Changes on page 46.
AT-WL2411 Version 1.80 Installation and User’s Guide Configuring the Ethernet Settings Many of the standard Ethernet settings are configured in the TCP/IP Settings screen. For help, see Configuring the TCP/IP Settings on page 52. In the Ethernet Settings screen, you can ❑ Enable or disable the link status check. Enable this parameter if you want the access point to periodically check its Ethernet connection.
Configuring the Ethernet Network Configuring Ethernet Filters You can set both Ethernet and IP tunnel filters, and you can create protocol filters for both predefined and user-defined protocol types. In addition, you can define arbitrary frame filters based on frame content. For help with configuring IP filters, see Configuring IP Tunnel Filters on page 102.
AT-WL2411 Version 1.80 Installation and User’s Guide Figure 22 Address Table Screen 3. You can enter up to 20 MAC addresses. MAC addresses consist of six hex pairs that are separated by spaces, colons, or hyphens. 4. Select Submit Changes to save your changes. To activate your changes, select Save/Discard Changes from the menu bar and then select Save Changes and Reboot. For help, see Saving Your Configuration Changes on page 46.
Configuring the Ethernet Network Using Ethernet Frame Type Filters You can define filters for common networking protocols such as IP, Novell IPX, and 802.2 LLC. You can also set filters that will pass only those Ethernet frame types found on your network. You can set the default action for general and specific frame types. For example, you can set the DIX-Other EtherTypes frame parameter to drop, and then use the subtype menus to pass only those specific DIX types that are used in your radio network.
AT-WL2411 Version 1.80 Installation and User’s Guide 1. From the Main Menu, select Ethernet then Frame Type Filters. The Frame Type Filters screen as shown in Figure 23 is displayed. Figure 23 Frame Type Filters Screen 2. In each frame type field, select the down arrow on the right side of the Action field and set the action to Pass or Drop. 3. In each frame type field, select the down arrow on the right side of the Scope field and set the scope to Unlisted or All.
Configuring the Ethernet Network Note If you set the Scope field to Unlisted for any of the frame types, you must also configure predefined subtype filters or customizable subtype filters. For help, see Using Predefined Subtype Filters on page 69 or Customizing Subtype Filters on page 70. The various frame types are explained below: DIX IP TCP Ports DIX IP UDP Ports SNAP IP TCP Ports SNAP IP UDP Ports Primary Internet Protocol Suite (IP) transport protocols.
AT-WL2411 Version 1.80 Installation and User’s Guide 4. Select Submit Changes to save your changes. To activate your changes, select Save/Discard Changes from the menu bar and then Save Changes and Reboot. For help, see Saving Your Configuration Changes on page 46. Using Predefined Subtype Filters You can configure the access point to pass or drop certain predefined frame subtypes. To configure predefined subtype filters, perform the following procedure: 1.
Configuring the Ethernet Network 3. Select Submit Changes to save your changes. To activate your changes, select Save/Discard Changes from the menu bar and then Save Changes and Reboot. For help, see Saving Your Configuration Changes on page 46. Customizing Subtype Filters You can configure the AT-WL2411 to pass or drop certain customized frame subtypes. You define the action, subtype, and value parameters. Action Set the action to Pass or Drop.
AT-WL2411 Version 1.80 Installation and User’s Guide 1. From the Main Menu, select Ethernet and then Customizable Subtype Filters. The Customizable Subtype Filters screen as shown in Figure 25 is displayed. Figure 25 Customizable Subtype Filters Screen 2. Check or uncheck the boxes under the Allow/Pass field to choose Allow or Pass. 3. Selet the down arrow on the right side of the SubType field and choose the customizable frame subtype. The frame subtype filters and their values are defined below.
Configuring the Ethernet Network DIX-IP-UDP-Port Port value in hexadecimal. DIX-IP-Protocol Protocol number in hexadecimal. DIX-IPX-Socket Socket value in hexadecimal. DIX-EtherType Specify the registered DIX type in hexadecimal. SNAP-IP-TCP-Port Port value in hexadecimal. SNAP-IP-UDP-Port Port value in hexadecimal. SNAP-IP-Protocol Port value in hexadecimal. SNAP-IPX-Socket Socket value in hexadecimal. SNAP-EtherType SNAP type in hexadecimal. To filter on both SNAP type and OUI, use advanced filters. 802.
AT-WL2411 Version 1.80 Installation and User’s Guide Configuring Advanced Filters You can configure advanced filters if you need more flexibility in your filtering. Settings for advanced filters execute after those for other filters; that is, advanced filters are only applied if the frame has passed the other filters.
Configuring the Ethernet Network 4. Select Submit Changes to save your changes. To activate your changes, select Save/Discard Changes from the menu bar then select Save Changes and Reboot. For help, see Saving Your Configuration Changes on page 46. Setting Filter Expressions You can set filter expressions by specifying parameters for packet filters.
AT-WL2411 Version 1.80 Installation and User’s Guide This parameter works with the Action parameter; for example, if the action is set to And, then the next sequence in another expression is processed. Offset Identifies a point inside a bracket where testing for the expression is to start. The range is from 0 to 65535. Mask Applies a data pattern to the packet. If the data pattern in the mask matches the packet, then the specific action is performed.
Chapter 5 Configuring the Spanning Tree This chapter contains the following sections: ❑ Configuring the Spanning Tree Parameters on page 78 ❑ Configuring Global Parameters on page 86 ❑ About IP Tunnels on page 91 ❑ Configuring IP Tunnel Filters on page 102 77
Configuring the Spanning Tree Configuring the Spanning Tree Parameters Access points automatically configure themselves into a self-organized network using a spanning tree topology. As devices are added to or removed from the network, the access points automatically reconfigure to maintain reliable operation. The spanning tree provides efficient, loop-free forwarding of frames through the network and allows rapid roaming of wireless end devices.
AT-WL2411 Version 1.80 Installation and User’s Guide LAN ID (Domain) Enter the LAN ID. All access points must have the same LAN ID to participate in the same spanning tree. The LAN ID can be from 0 to 254. Also, if you assign a LAN ID greater than 15, the AT-WL2411 uses a LAN ID that is the remainder after dividing the LAN ID by 16. For example, if you set the LAN ID to 21 or 37, the access point uses 5. Root Priority Determines if this access point is a candidate to become the root of the spanning tree.
Configuring the Spanning Tree Secondary LAN Bridge Priority Determines when and if the access point can become the designated bridge in a secondary LAN. To become a designated bridge, the AT-WL2411 must have at least one radio configured as a Station node or be the endpoint of an IP tunnel. The access point that meets either one of these requirements and has the highest secondary LAN bridge priority will be the designated bridge. The secondary LAN bridge priority can be a value from 0 to 7.
AT-WL2411 Version 1.80 Installation and User’s Guide About the Root Access Point The root access point is always on the primary LAN and initiates the spanning tree. The root coordinates the network and distributes global system parameters to other access points. The root is elected from a group of access points that are designated as root candidates (access points that are powered on, active, and do not have a root priority of 0). The access point with the highest root priority is the root.
Configuring the Spanning Tree By default, wireless traffic is not bridged to a remote IP subnet. Any access point on a remote subnet that can receive IP hello messages can establish an IP tunnel; therefore, multiple IP tunnels can exist between the root access point and a single remote IP subnet.
AT-WL2411 Version 1.80 Installation and User’s Guide Bridging Layer Functions Some of the significant functions supported at the bridging layer are explained below. Network Organization Access points automatically configure into a self-organized network using a spanning tree topology. As devices are added to or removed from the network, the access points automatically reconfigure to maintain reliable operation.
Configuring the Spanning Tree Switch Support Ethernet switches that do not comply with the 802.1D standard have difficulty handling wireless end devices that roam between different switched segments. The access point provides data link tunneling for switches that do not handle roaming. Using data link tunneling, frames for a given end device always appear on the root access point’s switched segment, regardless of roaming, and the switch’s routing tables remain stable.
AT-WL2411 Version 1.80 Installation and User’s Guide About Secondary LANs and Designated Bridges The access point that is responsible for bridging data between the secondary LAN and the primary LAN is called the designated bridge. In both types of secondary LANs, the designated bridge acts the same. The designated bridge must be an access point that has at least one radio set to Station mode or is the endpoint of an IP tunnel.
Configuring the Spanning Tree Configuring Global Parameters Global parameters are configured on the root access point and on any other access point that is a root candidate (does not have a root priority of 0). The root access point sends these settings to all other access points on the network. You should set the same global parameters for the root access point and its backup candidates. Any global parameters you set on the root access point will override parameters those you set in other access points.
AT-WL2411 Version 1.80 Installation and User’s Guide 2. Configure the Global Flooding parameters. The Global Flooding Parameters are explained below. Multicast Flood Mode Determines the flooding structure for inbound multicast frames with unknown destination addresses. Universal Allows any wireless end device to communicate with any other wireless end device. Hierarchical Allows wireless end devices to communicate with nodes on the primary LAN but not with other wireless end devices.
Configuring the Spanning Tree Disabled Prevents flooding. Unicast Outbound to Terminals If the unicast flood mode is not disabled, this parameter specifies if outbound unicast frames with unknown destination addresses are flooded toward wireless end devices. This parameter only applies to 802.11b radios.
AT-WL2411 Version 1.80 Installation and User’s Guide Configuring Global RF Parameters Use global RF parameters to set various parameters on the access points. If you are configuring the root access point and you set the Set Globally parameter to Enabled, the value for that parameter is set globally for all access points and wireless end devices in the network.
Configuring the Spanning Tree RFC1042/DIX Conversion Determines how the access point will handle the conversion of RFC1042/DIX frames that are received on its 802.11b ports. Enabled Causes frames received on an 802.11b port with a protocol type equal to a value in the “RFC1042 types to pass through” list to be forwarded without conversion. If the frame has a protocol types that is not found in the list, it will be converted to DIX format before it is forwarded. Disabled Causes frames received on an 802.
AT-WL2411 Version 1.80 Installation and User’s Guide About IP Tunnels The physical boundary of a wireless network is usually defined by the presence of an IP router. Multiple independent wireless networks may exist, each with its own LAN ID, root access point, and set of wireless end devices. In this environment, an end device can only operate within the limited coverage area of its own network and cannot roam across IP subnet boundaries.
Configuring the Spanning Tree An IP Tunnels configuration is shown in Figure 32. Host Wireless stations UAP 1 (root) UAP 2 Primary LAN home subnet IP router IP network IP router UAP 3 (Designated Bridge) UAP 4 Secondary LAN remote subnet UAP 5 21XXT028.eps Wireless stations Figure 32 IP Tunnels Configuration A non-root access point can concurrently receive hello messages on its Ethernet port, its radio port, and its IP tunnel port.
AT-WL2411 Version 1.80 Installation and User’s Guide Internet Group Management Protocol (IGMP) IGMP lets you originate multiple IP tunnels using a single IP multicast address. Note that IGMP is independent of IP; it can be used to facilitate multicast for IP or any other application. IP routers only forward multicast packets to those subnets that have IP hosts that participate in the respective IP multicast group.
Configuring the Spanning Tree Originating IP Tunnels The creation of tunnels between the root access point on the home IP subnet and access points on remote IP subnets is controlled by three operational parameters: ❑ Enabled/disabled IP ports. A tunnel can never be established on a disabled IP port. ❑ IP address list ❑ Secondary LAN bridge priority settings An IP tunnel is established when an access point on a remote IP subnet attaches to the root access point through its IP tunnel port.
AT-WL2411 Version 1.80 Installation and User’s Guide Establishing and Maintaining IP Tunnels If the IP tunnel port control is enabled, the root access point sends hello messages to each IP address in its IP address list. An access point on a remote IP subnet automatically establishes an IP tunnel if it receives an IP hello message from the root access point.
Configuring the Spanning Tree Frame Forwarding Any data packet sent through an IP tunnel is addressed to the unicast IP address of the access point at the other end of the tunnel. An access point at the remote end of the tunnel learns the unicast IP address of the root access point by listening to IP hello packets. The root access point learns the unicast IP address of a remote access point when the access point attaches to the network.
AT-WL2411 Version 1.
Configuring the Spanning Tree Inbound Frames Only frame types that are enabled in the Tunnel Filters menu are forwarded, and the frames are only forwarded inbound if the source IP address belongs to the home IP subnet. Frames transmitted by servers or devices that are wired to a remote IP subnet are not forwarded through IP tunnels if the IP address does not belong to the home subnet. Only frames from wireless end devices with IP addresses belonging to the home subnet are forwarded inbound.
AT-WL2411 Version 1.80 Installation and User’s Guide ❑ In the Tunnel Filters screen, configure the filters in root candidates and in other access points that can be attached through an IP tunnel. IP tunnel filters are consistent with Ethernet filters. ❑ For networks using IP networking on end devices, it is recommended that you enable the ARP server capability in the access points. ❑ Determine if you need to enable bridging on remote subnets.
Configuring the Spanning Tree 2. Select the down arrow on the right side of the Mode field and choose Originate if Root to let the access point originate the tunnel if it is functioning as the root access point for the network. a. Choose Disabled if you do not want this access point to participate in IP tunnels. b. Chose Listen to configure access points that are designated bridges or designated bridge candidates for their remote IP subnet to serve as the endpoint of an IP tunnel. 3.
AT-WL2411 Version 1.80 Installation and User’s Guide Configuring IP Address List If you enabled IGMP on the root access point, you will need to enter the Class D IP multicast address in the IP address list. To configure the IP address list, perform the following procedure: 1. From the Main Menu, select IP Tunnels then IP Addresses. The IP Addresses screen as shown in Figure 34 is displayed. Figure 34 IP Addresses Screen 2. If you enabled IGMP, enter the Class D IP multicast address. The default is 224.0.
Configuring the Spanning Tree Configuring IP Tunnel Filters You can set both Ethernet and IP tunnel filters, and you can create protocol filters for predefined protocol types. In addition, you can define arbitrary frame filters based on frame content. For help configuring Ethernet filters, see Configuring Ethernet Filters on page 64. To configure IP tunnel filters, perform the following procedure: 1. From the Main Menu, select IP Tunnels then Tunnel Filters.
AT-WL2411 Version 1.80 Installation and User’s Guide Using IP Tunnel Frame Type Filters The IP port automatically provides some filtering for end devices. You can define permanent IP port filters to prevent unwanted frame forwarding through an IP tunnel.
Configuring the Spanning Tree You can set the default action and scope for general and specific frame types. Allow/Pass Set the action to Allow or Pass. If you select Allow (checked), then all frames of that type are passed. If you select Pass (unchecked), then all frames of that type are dropped. Scope Set the scope to Unlisted or All. If you select All, then all frames of that type are unconditionally passed or dropped, depending on the action you specified.
AT-WL2411 Version 1.80 Installation and User’s Guide The various frame type filters are explained below: DIX IP TCP Ports DIX IP UDP Ports SNAP IP TCP Ports SNAP IP UDP Ports Primary Internet Protocol Suite (IP) transport protocols. DIX IP Other Protocols SNAP IP Other Protocols IP protocols other than TCP or User Datagram Protocol (UDP). DIX IPX Sockets Novell NetWare protocol over Ethernet II frames. SNAP IPX Sockets Novell NetWare protocol over 802.2 SNAP frames. 802.
Configuring the Spanning Tree Note If you set the Scope field to Unlisted for any of the frame types, you must also configure predefined subtype filters or customizable subtype filters. For help, see Using Predefined Subtype Filters on page 106 or Customizing Subtype Filters on page 107. 5. Select Submit Changes to save your changes. To activate your changes, select Save/Discard Changes from the menu bar then Save Changes and Reboot. For help, see Saving Your Configuration Changes on page 46.
AT-WL2411 Version 1.80 Installation and User’s Guide 4. Select Submit Changes to save your changes. To activate your changes, select Save/Discard Changes from the menu bar then Save Changes and Reboot. For help, see Saving Your Configuration Changes on page 46. Customizing Subtype Filters You can define output filters that restrict customized frame subtypes that can pass through an IP tunnel. Frames can be filtered by the DIX, 802.2, or 802.
Configuring the Spanning Tree 2. Select Customizable Subtype Filters. The Customizable Subtype Filters screen as shown in Figure 38 is displayed. Figure 38 Customizable Subtype Filters Screen 3. Select the down arrow on the right side of the Action field and choose Pass or Drop. 4. Select the down arrow on the right side of the SubType field and choose the customizable frame subtype. The frame subtypes and their values are described below. DIX-IP-TCP-Port Port value in hexadecimal.
AT-WL2411 Version 1.80 Installation and User’s Guide SNAP-IP-UDP-Port Port value in hexadecimal. SNAP-IP-Protocol Port value in hexadecimal. SNAP-IPX-Socket Socket value in hexadecimal. SNAP-EtherType SNAP type in hexadecimal. To filter on both SNAP type and OUI, use advanced filters. 802.3-IPX-Socket Socket value in hexadecimal. 802.2-IPX-Socket Socket value in hexadecimal. 802.2-SAP 802.2 SAP in hexadecimal. 5. In the Value field enter the two hex pair. 6. Select Submit Changes to save your changes.
Chapter 6 Configuring the IEEE 802.11b Radio This chapter contains the following sections: ❑ Using One AT-WL2411 in a Simple Wireless Network on page 112 ❑ Using Multiple Access Points and Roaming Wireless End Devices on page 114 ❑ Configuring Point-to-Point Bridges on page 116 ❑ To Configure the 802.11b Radio on page 127 ❑ Configuring 802.
Configuring the IEEE 802.11b Radio Using One AT-WL2411 in a Simple Wireless Network You can use the AT-WL2411 to extend your existing Ethernet network to include wireless end devices. The access point connects directly to your wireless network and the end devices a wireless extension of the wired LAN.
AT-WL2411 Version 1.80 Installation and User’s Guide 5. Decide what level of security you want to implement in your network. For help, refer to Configuring Security on page 135. Host Access Point Ethernet Figure 40 Access Point Network Example Figure 40 illustrates wireless end devices use the access point to communicate with the host and other end devices. Configuring an 802.11b Access Point Parameters The 802.11b parameters are described in Table 3. Table 3 802.
Configuring the IEEE 802.11b Radio Using Multiple Access Points and Roaming Wireless End Devices For larger or more complex environments, you can install multiple access points so wireless end devices can roam from one access points to another. Multiple access points establish coverage areas or cells similar to those of a cellular telephone network. End devices can connect with and access point that is within range and belongs to the same wireless network.
AT-WL2411 Version 1.80 Installation and User’s Guide To install multiple access points with roaming end devices, perform the following procedure: 1. Follow the instructions for installing a simple wireless network on page 112. 2. Configure the LAN ID. For help, refer to Configuring the Spanning Tree Parameters on page 78. 3. Configure one of the access points to be a root access point. 4. If your network has a switch that is not IEEE 802.
Configuring the IEEE 802.11b Radio Configuring Point-to-Point Bridges In your environment, you may have point-to-point bridges, which send data from wireless end devices on a secondary LAN to a primary LAN. This data is sent via a wireless hop. Wireless hops are formed when data from wireless end devices move from one access point to another access point through the radio ports. Figure 42 illustrates a point-to-point bridge configuration. Ethernet Ethernet Host Host 21XXT013.
AT-WL2411 Version 1.80 Installation and User’s Guide You may also need to adjust the flooding parameters. Follow these recommendations when configuring the flooding parameters for a point-to-point bridge: ❑ If there are no wireless end devices on the secondary LAN, the access point on the secondary LAN can use the default flooding settings. To configure the master (in the point-to-point bridge on the primary LAN), perform the following procedure: 1.
Configuring the IEEE 802.11b Radio 5. Select the down arrow on the right side of the Hello Period field and choose a hello period of 1, 2, or 3 seconds then Submit Changes. Your changes are saved. 6. From the Main Menu, select Spanning Tree Settings. The Spanning Tree Settings screen as shown in Figure 44 is displayed. Figure 44 Spanning Tree Settings Screen 7. In the Root Priority field, enter a number other than 0. 8. In the Secondary LAN Bridge Priority field, enter 0. 9.
AT-WL2411 Version 1.80 Installation and User’s Guide To configure the station (in the point-to-point bridge on the secondary LAN), perform the following procedure: 1. From the Main Menu, select the link corresponding to the radio that you are configuring. 2. Select IEEE 802.11b Radio. The IEEE 802.11b Radio screen as shown in Figure 45 is displayed. Figure 45 Wireless Bridging Screen 3. Select the down arrow on the right side of the Node Type field and choose Station.
Configuring the IEEE 802.11b Radio 5. From the Main Menu, select Spanning Tree Settings. The Spanning Tree Settings screen as shown in Figure 46 is displayed. Figure 46 Spanning Tree Settings Screen 120 6. In the Root Priority field, enter 0 or another number lower than the root priority that is set in the master in the access point on the primary LAN. 7.
AT-WL2411 Version 1.80 Installation and User’s Guide To install a point-to-point or a point-to-multipoint bridge, perform the following procedure: 1. Follow the instructions for installing a simple wireless network on page 112. 2. Configure the LAN ID. For help, refer to Configuring the Spanning Tree Parameters on page 78. 3. Configure the station in the point-to-point bridge on the secondary LAN by performing the procedure below: a.
Configuring the IEEE 802.11b Radio a. From the Main Menu, select Spanning Tree Settings. The Spanning Tree Setting screen as displayed. b. In the Root Priority field enter 0. c. In the Secondary LAN Bridge Priority field, enter a number other than zero. d. Select the down arrow on the right side of the Secondary LAN Flooding field and choose Enabled. Figure 48 Spanning Tree Settings Screen 122 5. Select Submit Changes to save your changes.
AT-WL2411 Version 1.80 Installation and User’s Guide a. From the Main Menu, select the link corresponding to the master radio. The radio screen as shown in Figure 49 is displayed. Figure 49 Radio Screen b. Select the down arrow on the right side of the Node Type field and choose Master then Submit Changes. 7.
Configuring the IEEE 802.11b Radio a. From the Main Menu select Spanning Tree Settings. The Spanning Tree Settings screen as shown in Figure 50 is displayed. Figure 50 Spanning Tree Setting Screen b. In the Root Priority field enter a number other than 0. c. In the Secondary LAN Bridge Priority field enter 0. d. Select the down arrow on the right side of the Secondary LAN Flooding field and choose Disabled. 124 8.
AT-WL2411 Version 1.80 Installation and User’s Guide Primary LAN Secondary LAN Host Root Designated Bridge Figure 51 802.11b Bridge In Figure 51 each access point only has one 802.11b radio. Since the designated bridge only has a station radio, wireless end devices can only communicate with the root access point. However, on the secondary LAN can communicate with the primary LAN.
Configuring the IEEE 802.11b Radio Configuring 802.11b Pointto-Point Bridges Parameters The 802.11b Point-to-Point Bridge parameters are described in Table 4. Table 4 Point-to-Point Parameters Screen Parameter Bridge - Secondary Bridge - Primary LAN (Designated LAN (Root) Bridge) IEEE 802.
AT-WL2411 Version 1.80 Installation and User’s Guide To Configure the 802.11b Radio The IEEE 802.11b radio will communicate with other 802.11b radios that have the same SSID (Network Name) and security. For help, refer to Configuring Security on page 135. To configure the 802.11b radio, perform the following procedure: 1. From the Main Menu, select IEEE 802.11b Radio. The IEEE 802.11b Radio screen as shown in Figure 52 is displayed. Figure 52 IEEE 802.11b Radio Screen 2.
Configuring the IEEE 802.11b Radio SSID (Network Name) Enter the network name for this access point. 802.11b radios communicate with other 802.11b radios with the same network name. You need to assign the same network name to the wireless end devices that will connect to the access point. The network name is case sensitive and can be no more than 32 alphanumeric characters. Frequency (Master radio only) Choose the frequency within the 2.4 to 2.
AT-WL2411 Version 1.80 Installation and User’s Guide Table 5 lists the worldwide frequencies for the 802.11b Radio Table 5 Worldwide Frequencies for the 802.11b Radio Channel FCC ETSI 1 2412 2412 2 2417 2417 3 2422 (default) 2422 (default) 4 2427 2427 5 2432 2432 6 2437 2437 7 2442 2442 8 2447 2447 9 2452 2452 10 2457 2457 11 2462 2462 12 - 2467 13 - 2472 14 - - The 802.11b channels that are allowed in a given country may change without notice.
Configuring the IEEE 802.11b Radio Configuring 802.11b Radio Advanced Parameters To configure the 802.11b advanced parameters, perform the following procedure: 1. From the Main Menu, select IEEE 802.11b Radio. The IEEE 802.11b Radio screen is displayed. 2. Select Advanced Configuration. The Advanced Configuration screen as shown in Figure 53 is displayed. Figure 53 Advanced Configuration Screen 3. Configure the advanced parameters.
AT-WL2411 Version 1.80 Installation and User’s Guide Allow Data Rate Fallback Determines if you want the radio to drop to a slower data rate when it has trouble communicating with another radio. Basic Rate Choose the rate at which the access point transmits multicast and beacon frames. In general, higher speeds mean shorter range and lower speeds mean longer range. Do not set this rate higher than the maximum rate at which your end devices can receive multicast frames. You can set this rate to 11, 5.
Configuring the IEEE 802.11b Radio Enable Medium Density Distribution Determines if these access point parameters Enable Medium Reservation, Distance Between APs, Enable Microwave Oven Robustness are distributed to end devices that support this feature. Data/Voice Settings (Master radio only) Choose the setting that optimizes the wireless network. Set to Data Traffic Only if the access point will transmit only data traffic.
AT-WL2411 Version 1.80 Installation and User’s Guide About the Radios The AT-WL2411 Access Point consists of a group of multiport Ethernet bridges. The 802.
Chapter 7 Configuring Security This chapter explains how to use different security solutions to ensure that you have a secure wireless network. This chapter covers these topics: ❑ Understanding Security on page 136 ❑ Enabling Access Methods on page 139 ❑ Enabling Secure IAPP and Secure Wireless Hops on page 141 ❑ Setting Up Logins on page 143 ❑ Configuring WEP 64/128 Security on page 148 ❑ Using an Access Control List (ACL) on page 151 ❑ Configuring 802.
Configuring Security Understanding Security The AT-WL2411 provide many different security features and solutions that you can use to create a secure wireless network. To create a secure wireless network, you need: ❑ Secure your backbone. Only authorized users should be able to communicate with your network. ❑ Keep your data private. Make it difficult for an eavesdropper, such as a rogue access point, to monitor your data. ❑ Authenticate wireless end devices.
AT-WL2411 Version 1.80 Installation and User’s Guide These security features and solutions are listed below in the order of amount of security and ease of use (most basic/least secure to most secure). Allied Telesyn recommends you at least change the default parameters, use basic security (WEP 64/128 security or security ID), and enable secure IAPP and secure wireless hops (Steps 1 through 4). To change the security features, perform the following procedure: 1.
Configuring Security 6. Use a RADIUS server to maintain an Access Control List (ACL), which is a list of MAC addresses of end devices that can connect to the network through access point. 7. Use an 802.1x security solution. 802.1x security provides a framework to authenticate user traffic to a protected 802.11b network. Using 802.1x security provides secure data transmission by enabling secure IAPP, enabling secure wireless hops, and dynamically rotating the WEP keys.
AT-WL2411 Version 1.80 Installation and User’s Guide Enabling Access Methods There are four access methods that you can enable or disable depending on how you want users to be able to configure or manage the access points: ❑ Web browser interface (HTTP or HTTPS) ❑ Telnet session ❑ SNMP management station ❑ Program that uses ICMP echo All access methods are enabled by default. You may want to disable any of these methods that you will not use to prevent access by an unauthorized method.
Configuring Security 3. Enable or disable the access methods that users can use to connect to the access point. These methods are described below. Browser Access Determines if users can use a web browser to configure or manage this access point. Browser access is through either port 80 or port 443. Choose Secure-Only if you want to force users to log in using the secure web browser (HTTPS) interface. Secure-only access is through port 443.
AT-WL2411 Version 1.80 Installation and User’s Guide Enabling Secure IAPP and Secure Wireless Hops Secure IAPP prevents unauthorized AT-WL2411 access points from joining the spanning tree and it encrypts IAPP frames. If you enable secure IAPP, when access points communicate with each other through the radios, they will create secure wireless hops using the Secure Wireless Authentication Protocol (SWAP). SWAP forces access points to authenticate each other using an EAP-MD5 challenge.
Configuring Security 2. Figure 55 802.1x Screen 3. Select the down arrow on the right side of the Authentication field and choose IAPP Only. 4. In the IAPP Secret Key field, enter a secret key. This secret key must be between 16 and 32 bytes. 5. Select Submit Changes to save your changes. To activate your changes, select Save/Discard Changes from the menu bar then Save Changes and Reboot. For help, see Saving Your Configuration Changes on page 46. 6.
AT-WL2411 Version 1.80 Installation and User’s Guide Setting Up Logins To ensure login security for configuring or maintaining the access points, you should either use a password server or immediately change the default user name and password. To use the password server, you must have: ❑ A password server on the network that contains the user name/password database. For help, see Configuring the Access Point to Use a Password Server on page 144. ❑ Access points, which are the RADIUS clients.
Configuring Security Configuring the Access Point to Use a Password Server If you use a password server to manage users who can log in to the AT-WL2411, you need to tell this access point how to communicate with the password server and then you need to configure the password server. To configure the access point to use a password server, perform the following procedure: 1. From the Main Menu, select Security then Passwords. The Passwords screen as shown in Figure 56 is displayed.
AT-WL2411 Version 1.80 Installation and User’s Guide RADIUS Server #1 IP Address Enter the IP address of the password server that you want to use to authenticate user logins. RADIUS Server #1 Secret Key Enter the shared secret key for the password server. You can enter the key from 1 to 32 characters in ASCII or in hexadecimal. To enter a hexadecimal key, it must start with 0x. For example, enter the ASCII key as ABCDE; enter the same hexadecimal key as 0x4142434445.
Configuring Security Changing the Default Login If you are not using a password server to authorize user logins, you should change the default user name and password. To set up logins, perform the following procedure: 1. From the Main Menu, select Security, then Passwords.The Password screen as shown in Figure 56 is displayed. 2. Uncheck the Use RADIUS for Login Authorization box then Submit Changes. 3. Configure the password parameters. The password parameters are described below.
AT-WL2411 Version 1.80 Installation and User’s Guide Allow Service Password If the user enters a login that does not match either the user name and password or the read only password, check this check box to allow the login to be checked against the service password. Allied Telesyn Technical Support may use this service password if they need to troubleshoot this access point. 4. Select Submit Changes to save your changes.
Configuring Security Configuring WEP 64/128 Security Note If you configure WEP 64/128 security for a radio, you cannot also enable 802.1x authentication for that radio. 802.1x security uses rotating WEP keys that are automatically generated. In your 802.11b network, you can configure static WEP keys (for WEP 64 or for WEP 128 security) to provide security between the access points and the wireless end devices. To use static WEP keys, your radios must support WEP encryption.
AT-WL2411 Version 1.80 Installation and User’s Guide 1. From the Main Menu, click Security then IEEE 802.11b Radio. The appropriate radio screen like the one in Figure 57 is displayed. Figure 57 An example of a Radio Screen 2. Check the Enable WEP Encryption box then Submit Changes. 3. Configure the parameters for WEP configuration. To ensure maximum security, configure each WEP key with a different WEP code. The WEP parameters are described below.
Configuring Security WEP Transmit Key Determines which of the four WEP keys this access point uses to transmit data. WEP Key 1 through WEP Key 4 For WEP 64, you enter five ASCII characters or five hex pairs. For WEP 128, you enter 13 ASCII characters or hex pairs. To enter a hexadecimal key, prefix it with 0x. For example, the ASCII key ABCDE is equivalent to 0x4142434445. 4. Select Submit Changes to save your changes.
AT-WL2411 Version 1.80 Installation and User’s Guide Using an Access Control List (ACL) You can use an Access Control List (ACL) to list the MAC addresses that are authorized to communicate with the network through the access point. The end devices do not need any special client software. To use the ACL, you must have ❑ a RADIUS server on the network that contains the ACL. ❑ access points, which are the RADIUS clients. To configure an Access Control List (ACL), perform the following procedure: 1.
Configuring Security 4. Configure the RADIUS server parameters. The RADIUS parameters are described below: ACL Client Authorization Determines if this access point uses an ACL. Click the down arrow on the right side of the field and choose which radio uses an ACL to authenticate end devices. RADIUS Server #1 IP Address Enter the IP address of the RADIUS server that contains the ACL. If you are configuring an access point as a RADIUS server, enter the IP address of the access point.
AT-WL2411 Version 1.80 Installation and User’s Guide 6. Configure the RADIUS server. a. (Optional) If you change the default shared secret key, enter each access point as a RADIUS client and enter the shared secret key. b. Enter the MAC address for each end device radio that is allowed to communicate to the network. For help configuring an external RADIUS server, see the documentation that shipped with your server.
Configuring Security Configuring 802.1x Security The AT-WL2411 can help implement 802.1x security in an 802.11b network. The IEEE 802.1x standard provides an authentication protocol for 802.11 LANs. 802.1x provides strong authentication, access control, and key management, and lets wireless networks scale by allowing centralized authentication of wireless end devices. Allied Telesyn can provide a complete 802.1x security solution. The 802.
AT-WL2411 Version 1.80 Installation and User’s Guide About Secure IAPP and Secure Wireless Hops Secure IAPP prevents unauthorized AT-WL2411 Access Points from joining the spanning tree and it encrypts IAPP frames. If you enable secure IAPP, when access points communicate with each other through the radios, they will create secure wireless hops using the Secure Wireless Authentication protocol (SWAP). SWAP forces access points to authenticate each other using an EAP-MD5 challenge.
Configuring Security Configuring the Access Point as an Authenticator The access point, when acting as an authenticator, receives requests from end devices that want to communicate with the network and forwards these requests to the authentication server. It also distributes the WEP keys to end devices that are communicating with it. Before you configure the access point as an authenticator, the access point should be installed and configured to communicate with the wireless end devices.
AT-WL2411 Version 1.80 Installation and User’s Guide 802.1x Authentication Determines if this access point uses 802.1x security. Click the down arrow on the right side of the field and choose which radio uses 802.1x security to authenticate end devices. IAPP Secret Key Choose IAPP only if you only want to enable secure IAPP and secure wireless hops. Enter a key that the access points use to encrypt and sign security context exchanges.
Configuring Security RADIUS Server #2 Secret Key Enter the shared secret key for the backup RADIUS server. You can enter the key from 1 to 32 characters in ASCII or in hexadecimal. To enter a hexadecimal key, it must start with 0x. For example, enter the ASCII key as ABCDE; enter the same hexadecimal key as 0x4142434445. 4. Select Submit Changes to save your changes. To activate your changes select Save/Discard Changes from the menu bar click then Save Changes and Reboot.
Chapter 8 Access Point Maintenance This chapter contains the following sections: ❑ Monitoring the Access Point on page 160 ❑ Restoring the Default Settings on page 164 ❑ Upgrading the Firmware on page 166 159
Access Point Maintenance Monitoring the Access Point Using a Web browser session, you can view different parameters configured for the AT-WL2411 access point, including port statistics, connections, and a configuration summary. The information on these screens may be needed when you call Allied Telesyn Technical Support. Viewing Access Point Connections The AP Connections screen shows information about the devices in the spanning subtree.
AT-WL2411 Version 1.80 Installation and User’s Guide Viewing Port Statistics The Port Statistics screen shows the total number of frames and bytes that the access point has transmitted and received since it was last booted. To view port statistics, perform the following procedure: 1. From the Main Menu, select Maintenance then Port Statistics. The read-only Port Statistics screen as shown in Figure 61 is displayed.
Access Point Maintenance Viewing the Configuration Summary The Configuration Summary summarizes the major configuration settings and installed hardware for the AT-WL2411. To view the configuration summary, perform the following procedure: 1. From the Main Menu, select Maintenance, then Configuration Summary. The read-only Configuration Summary screen as shown in Figure 62 is displayed. This screen lists each parameter in the AT-WL2411 and its current configuration. 10.10.10.3 255.255.0.
AT-WL2411 Version 1.80 Installation and User’s Guide Viewing Information About the Access Point About this Access Point shows the firmware version, radio versions, and MAC addresses. To view About this Access Point, perform the following procedure: 1. From the Main Menu, select Maintenance then Access Point. The read-only About this Access Point screen as shown in Figure 63 is displayed.
Access Point Maintenance Restoring the Default Settings If you need to restore the access point to the factory default settings. This can be done using the Web browser interface. For a list of the default settings, see Default Configuration Settings on page 209. To restore the default configuration, perform the following procedure: 1. In the menu bar, select Save/Discard Changes. The Changes screen as shown in Figure 63 is displayed. Figure 64 Changes Screen 2. 164 Select Restore Factory Defaults.
AT-WL2411 Version 1.80 Installation and User’s Guide 3. Select Save Changes and Reboot. When the access point is done rebooting, it will use the factory default settings as its active configuration. You may need to reset the IP address and other network parameters.
Access Point Maintenance Upgrading the Firmware The procedures in this section explain how to upgrade the firmware on the AT-WL2411 to Version 1.80. The current access point configuration information, such as IP address, should be retained when the new firmware is installed. However, keeping backup records of configuration settings is recommended.
AT-WL2411 Version 1.80 Installation and User’s Guide 6. Scroll up on the communications software window until you see a section similar to the following: Startup Segment: Data Segment: 7. This startup = 1, This startup = 3, Next startup = 1 Next startup = 3 These are the current startup and data segments. In this example, the active startup segment is 1 and the active data segment is 3.
Access Point Maintenance 11. Transfer the data files to the inactive data segment. a. At the service> prompt, type fx s (where s is the inactive data segment) and press . A series of Cs appears in the command line. b. Select the Transfer Menu tab in your communications program and then Send File. The Send File dialog box appears. c. Browse to the location where the data files are saved. Doubleclick any data file. This file name appears in the Filename field. d.
AT-WL2411 Version 1.80 Installation and User’s Guide Using TFTP via Telnet To upgrade the firmware using a TFTP transfer, you must have a TFTP server installed on your network. When you execute the UPGRADE.DNL script file that is included with the firmware release, a TFTP transfer copies all the startup and data files to the wireless access point. To upgrade the firmware using a TFTP transfer, perform the following procedure: 1. Start your TFTP server. 2. Establish a Telnet session with the AT-WL2411.
Access Point Maintenance Using a Web Browser Interface You can use a Web browser interface to upgrade the access point one at a time. In other words, for each access point you want to upgrade, you will need to establish a Web browser session with it, upgrade the firmware, save the new configuration, and reboot it. To upgrade the access point software, perform the following procedure: 1. Establish a Web browser session with the access point you want to upgrade. 2.
AT-WL2411 Version 1.80 Installation and User’s Guide 5. When the upgrade is complete, select Save Changes and Reboot. When the access point is done rebooting, it is upgraded to the new software. Repeat this procedure for each access point you want to upgrade.
Chapter 9 Troubleshooting This chapter contains troubleshooting information for the following: ❑ LEDs on page 174 ❑ Radio on page 175 ❑ Security on page 177 This chapter also contains the following troubleshooting sections: ❑ Problems During Web Browser Firmware Upgrade on page 179 ❑ Commonly Asked Technical Support Questions on page 180 ❑ Getting Help with Your Installation on page 183 173
Troubleshooting LEDs When the access point is powered ON, the LEDs flash as the access point boots and performs internal diagnostics. Table 7 describes the LED activity during the boot process. Table 7 Boot-up LED Activity Power Radio Wired LAN Root/Error Description ON OFF OFF ON Flash checksum being calculated. ON ON OFF ON Flash checksum failure. ON OFF ON OFF RAM test in progress. ON ON ON OFF RAM test failure. ON OFF OFF OFF Monitor loading in progress.
AT-WL2411 Version 1.80 Installation and User’s Guide Radio LEDs Communication s Program or Telnet If the radio is faulty or the configuration matrix string is incorrect, the LEDs on the access point display the following pattern, as shown in Table 9, after the access point boots. Table 9 Radio LEDs Power Radio Wired LAN Root/Error ON OFF ON ON If you are connected to the access point through a serial connection, an error message also appears on your terminal or PC.
Troubleshooting Radio MAC Ping Radio MAC Ping runs at the MAC sublayer of the Data Link layer, thus allowing you to ping any 802.11b device that is connected to the access point. Radio MAC Ping can help you determine the connectivity and signal strength of an 802.11b radio. To use radio MAC ping, perform the following procedure: 1. From the Main Menu, select Maintenance then AP Connections. The AP Connections screen appears.
AT-WL2411 Version 1.80 Installation and User’s Guide Security This section helps you troubleshoot problems you may have while installing and configuring security in your network. For more help troubleshooting 802.1x security, refer to the documentation for the MobileLAN secure 802.1x security solution, the Odyssey server, and the end devices. Viewing the Security Events Log The access point logs a variety of 802.1x events in its Security Events log.
Troubleshooting General Security Troubleshooting This section provides you with information on getting help with your secure network and some problems and solutions. You enabled secure IAPP in your network, but the access points do not communicate with the root access point. ❑ The root access point is running software release 1.80 or later. All access points must also be running software release 1.80 or later. Upgrade all access points to the same software release as the root access point.
AT-WL2411 Version 1.80 Installation and User’s Guide Problems During Web Browser Firmware Upgrade Each access point on a wired LAN requires approximately three minutes to upgrade (it takes slightly longer for wireless access points). The Web browser screen updates every 30 seconds as the upgrade progresses and shows the final status when all upgrades are complete. If you checked the Reboot selected Access Points after successful upgrade box, the Web browser disconnects.
Troubleshooting Commonly Asked Technical Support Questions Refer to the following table for solutions and answers to common problems and questions concerning the AT-WL2411 unit. Is the access point fully booted? When the access point is fully booted, the Power LED remains steady green and the Wired LAN LED flashes. The Power LED is not ON. The access point may have a hardware problem. Do the following: ❑ Make sure the power cable is firmly plugged into the access point and the power source.
AT-WL2411 Version 1.80 Installation and User’s Guide You cannot connect to the access point using an SNMP management station. Verify that you did not disable the SNMP Access field in the Security screen. The end device cannot connect to the network. ❑ Choose AP Connections from the Maintenance menu and verify that the MAC address of your end device appears on your PC screen. If it does not appear, your device is not communicating with the access point. Check your radio configuration settings.
Troubleshooting You need to verify the WEP keys. You cannot verify the WEP keys. The keys are encrypted after you enter them and are never displayed again. You may need to reconfigure your access points and end devices to reset the WEP keys. You cannot establish an IP tunnel to a access point on a remote subnet. 1. Select TCP/IP Settings and verify that the IP Router (Gateway) address is correct. 2.
AT-WL2411 Version 1.80 Installation and User’s Guide Getting Help with Your Installation The AT-WL2411 Access Point is designed to be easy to install and configure; however, you may need to call Allied Telesyn Technical Support if you have problems. Refer to Contacting Allied Telesyn Technical Support on page 15 for information.
Troubleshooting Figure 67 About this Access Point Screen You should have the information on this screen available when you call Allied Telesyn Technical Support.
Chapter 10 Advanced Configuration Commands This chapter contains the following sections: ❑ Using the Access Point Monitor on page 186 ❑ Using Access Point Monitor Commands on page 188 ❑ Using Service Mode Commands on page 191 ❑ Using Test Mode Commands on page 193 ❑ Using Console Command Mode on page 195 ❑ Using Console Commands on page 196 ❑ Using Sdvars Commands on page 199 ❑ Using TFTP Commands on page 204 185
Advanced Configuration Commands Using the Access Point Monitor The access point monitor is the system software that controls the access point. You can use access point monitor commands to manipulate the access point file segments.
AT-WL2411 Version 1.80 Installation and User’s Guide Entering the Access Point Monitor You can enter the access point monitor only through a connection on the serial port and only during the boot process.
Advanced Configuration Commands Using Access Point Monitor Commands When you are in the access point monitor, the access point prompt uap> appears. You can display a list of access point monitor commands anytime you see the access point prompt. To display access point monitor commands, press a letter or number key on the keyboard, and then press Enter. A list of access point monitor commands appears. Note If you type the letter B (upper or lower case) and press , the access point will reboot.
AT-WL2411 Version 1.80 Installation and User’s Guide B Purpose Deletes the most recent data record and remains in Accumulate mode. If no data exists, a null string is entered. Syntax B FX Purpose Performs a Ymodem batch protocol download of a file into the flash segment that is specified by s. Syntax FX s where s is segment 1, 2, 3, or 4. FD Purpose Displays the flash file system directory, including information about the boot file.
Advanced Configuration Commands SR Purpose The SR command sets the baud rate of the access point. Syntax SR z where z is the baud rate. You must enter the baud rate as a whole number with no commas. For example, to enter a baud rate of 19,200, you must enter 19200. Setting Autobaud Using the SR Command You can use autobaud to let the access point set its baud rate to match the baud rate of your terminal, up to a baud rate of 115,200. To set Autobaud using SR, perform the following procedure: 1.
AT-WL2411 Version 1.80 Installation and User’s Guide Using Service Mode Commands Use service mode to perform certain file functions. Because service mode commands can cause undesirable results if not properly executed, you should contact Allied Telesyn Technical Support for assistance if you are unsure about the proper procedure to use. Refer to Contacting Allied Telesyn Technical Support on page 15 for information. SRVC Use the SRVC command to enter service mode.
Advanced Configuration Commands FFR Purpose Runs a program that is specified by f, from a location specified by s. Syntax FFR f (s) where: f is the program name. s is the optional segment location of the program. Example: To run program access pointBOOT.PRG from segment 1, enter: FFR access pointBOOT.PRG 1 PN Purpose Returns the access point to normal mode from quiet mode. Syntax PN To return the access point to normal mode, perform the following: 1. Reboot the access point. 2.
AT-WL2411 Version 1.80 Installation and User’s Guide Using Test Mode Commands Within the access point monitor, test mode allows you to perform certain test functions. Because the commands can cause undesirable results if not properly executed, you should contact Allied Telesyn Technical Support for assistance if you are unsure about the proper procedure to use. Refer to Contacting Allied Telesyn Technical Support on page 15 for information.
Advanced Configuration Commands To display test mode commands, type any letter or number other than B and press . The test commands appear on the screen. UAP Monitor V4.03 July 17, 2000 uap>test Enter password : ******** test>d --------------------------------------------------------------------”test>“ commands... -------------------------------------------------------------------LT - LED Test | MWW s d ..
AT-WL2411 Version 1.80 Installation and User’s Guide Using Console Command Mode Another way you can access the access point file system is through Console Command mode. Use Console Command mode to upgrade access points using TFTP and Script files. To enter Console Command mode, perform the following procedure: 1. Select Command Console from the Maintenance menu. When you first enter Console Command mode, a list of valid console commands appears.
Advanced Configuration Commands Using Console Commands This section describes the console commands. fb Purpose Use the fb command to make an inactive segment the active segment. Syntax fb boot segment data segment where: boot segment is the name or number of the boot segment to be activated. data segment is the name or number of the data segment to be activated.
AT-WL2411 Version 1.80 Installation and User’s Guide fd Purpose Use the fd command to display the flash file system directory, which includes information about the boot file. Syntax fd Use the fd command to ensure that the correct version of the file is in the active boot segment. Typing fd ab: shows only the files loaded in the active boot segment.
Advanced Configuration Commands fe Purpose Erases the files in a particular segment. To recover the files after they have been erased, you must reload them from another source. Syntax fe segment where segment is the name or number of the segment to be erased. Example To erase the contents of segment 1, enter: fe 1 You can enter ALL instead of a segment name or number if you want to erase segments 1 through 4. Fe ib: erases the contents of the inactive boot segment.
AT-WL2411 Version 1.80 Installation and User’s Guide Using Sdvars Commands Use sdvars commands in Console Command mode to manipulate certain software download variables. Sdvars commands support both GET and SET arguments. You can enter sdvars commands to GET a software download object, and then issue the sdvars command using the SET argument to assign the object a specified value. The sdvars commands are described in this section using the SET argument.
Advanced Configuration Commands sdvars set starttime Purpose Sets the internal variable starttime. Starttime is a countdown time such that when zero is reached, the software download process begins. You set this variable to reflect how long into the future the access point is to begin downloading and executing the script file from the TFTP server. When the timer reaches 0, the access point uses the values in serveripaddress and scriptfilename to get the script file that is to be executed.
AT-WL2411 Version 1.80 Installation and User’s Guide Example Consider the following script file commands: sdvars set fe ab sdvars set TFTP get * sdvars set reboot checkpoint 1 checkpoint 2 access point.prg ab checkpoint 3 When the software download is started, you can use SNMP to query its progress by reading the checkpoint variable. If the variable has a value of 2, you know that the access point is trying to execute the TFTP get statement.
Advanced Configuration Commands sdvars set setactivepointer s Purpose Sets the setactivepointers command to change inactive segments to active segments the next time the access point is rebooted. This command is usually used with the nextpoweruptime command. Syntax sdvars set setactivepointers none/boot/data/both where: none does not change the active segments. The default is none. Also, when the reboot is completed, the access point resets this value to none.
AT-WL2411 Version 1.80 Installation and User’s Guide Example To reboot the access point 2 hours from now, enter: sdvars set nextpoweruptime 00:02:00:00 Note If you need to terminate the reboot, you can do so by setting nextpoweruptime to 0 if it has not already been reached by the countdown. By resetting nextpoweruptime to 0, the timer is stopped so the unit does not reboot.
Advanced Configuration Commands Using TFTP Commands TFTP commands are file transfer commands that you execute when you are in Console Command mode. A access point can act as either a client or server in the TFTP environment. As a server, the access point can service read and write requests from a access point client. As a client, the access point can read files from and write files to any TFTP server on the network. Both the client and server must operate in octet, or 8-bit, mode.
AT-WL2411 Version 1.80 Installation and User’s Guide local filename is the name you wish to call the file on the access point. The name must include a segment number or name followed by a colon. An actual filename is optional. If only the segment name is supplied, the filename is set equal to the filename that is embedded in the file header on the server. Example The following command gets file access point.DNL from a directory on a PC server with IP address 1.2.3.
Advanced Configuration Commands tftp put Purpose Copies a file from a client to the server or to another access point. Syntax tftp put IP address foreign filename local filename where: IP address is the IP address of the server. You can use an asterisk (*) here if you want to use the value in the serveripaddress. foreign filename is the name of the file as it will appear on the server.
AT-WL2411 Version 1.80 Installation and User’s Guide tftp server log Purpose Your access point can function as a TFTP server. You can use the TFTP server log command to save a history of TFTP client requests. Syntax tftp server log The TFTP server log contains useful TFTP server status information. The log begins when you set up the server. You must reboot the access point to clear the log. tftp server start Purpose A access point can obtain files from a TFTP server.
Advanced Configuration Commands The following table lists error messages that can be issued from the TFTP server. These messages are sent to the client and are meant to be read from the client perspective. Error Message Explanation TFTP server only supports octet mode The client is attempting to transfer a file in ASCII mode. The access point TFTP server only supports octet mode, which includes binary and image.
Appendix A Default Configuration Settings TCP/IP Menu Default Settings Parameter Name Range Default IP Address 4 nodes, 0 to 255 0.0.0.0 IP Subnet Mask 4 nodes, 0 to 255 255.255.255.0 IP Router (Gateway) 4 nodes, 0 to 255 0.0.0.
Default Configuration Settings Spanning Tree Settings Menu Defaults Parameter Name Range Default IP Address 4 nodes, 0 to 255 0.0.0.0 IP Subnet Mask 4 nodes, 0 to 255 255.255.255.0 IP Router (Gateway) 4 nodes, 0 to 255 0.0.0.
AT-WL2411 Version 1.
Default Configuration Settings Ethernet Configuration Menu Defaults Parameter Name Range Default Port Type 10/100 Mbps twisted pair 100 Mbps fiber optic 10/100 Mb twisted pair Link Speed Auto select, Auto select 100 Mbps full-duplex, 100 Mbps half-duplex, 10 Mbps full-duplex, 10 Mbps half-duplex Enable Link Status Check Check/Clear Clear Six sets of hexadecimal 00 00 00 00 00 00 Allow/Pass Check/Clear Check Scope Unlisted/All Unlisted Address Table 1 through 20 Frame Type Filters Prede
AT-WL2411 Version 1.80 Installation and User’s Guide Parameter Name Range Default DIX-IP-TCP-Port, DIX-IP-UDP-Port, DIX-IP-Protocol, DIX-IPX-Socket DIX-EtherType, SNAP-IP-TCP-Port, SNAP-IP-UDP-Port, SNAP-IP-Protocol, SNAP-IPX-Socket, SNAP-EtherType, 802.3-IPX-Socket, 802.2-IPX-Socket, 802.
Default Configuration Settings IP Tunnels Menu Defaults Parameter Name Range Default Mode Listen, Originate If Root, Disable Listen Enable IGMP Check/Clear Check Allow/Pass Check/Clear Clear Scope Unlisted/All Unlisted Tunnel Filters Menu Defaults Frame Type Filters Frame Type Filters Predefined Subtype Filters Allow/Pass Check/clear Clear (except Check for NNL) Customizable Subtype Filters 214 Allow/Pass Check/Clear Clear Subtype DIX-IP-TCP-Port, DIX-IP-UDP-Port, DIX-IP-Protocol,
AT-WL2411 Version 1.
Default Configuration Settings Security Menu Defaults Parameter Name Range Default Browser Access Secure-Only (Port Enabled (Port 80/443) 443), Enabled (Port 80/443), Disabled Allow Telnet Access (Port 23) Check/Clear Check Allow SNMP Access (Port 161) Check/Clear Check Allow ICMP Configurations Check/Clear Check Parameter Name Range Default Use RADIUS for Login Authorization Check/Clear Clear User Name 1 to 32 characters atilan Password 1 to 32 characters atilan Read Only Passwo
AT-WL2411 Version 1.80 Installation and User’s Guide 802.1x Menu Defaults Parameter Name IEEE 802.11 (b or a) WEP Menu Defaults Internal RADIUS Server Menu Defaults Range Default 802.1x Authentication Radio, IEEE 802.
Default Configuration Settings IEEE 802.11b Radio Menu Defaults Parameter Name Range Default Node Type Master, Station, Disable Master SSID (Network Name) 0 to 32 characters atilan Frequency Channel 1 to 14, 400 to 2500 MHz Channel 03, 2422 MHz Data Rate 11, 5.5, 2, or 1 Mbps 11 MBits (High) Allow Data Rate Fallback Check/Clear Check Basic Rate 11, 5.
Appendix B Technical Specifications Physical Specifications Dimensions (HxDxW) Weight Recommended Minimum Ventilation on All Sides 9.32 cm x 14.66 cm x 3.53 cm (3.67 in x 5.77 in x 1.39 in) 232 g (0.51 lbs) 5.08 cm (2.
Technical Specifications Other Specifications Architecture Data Rate Filtering Rate Filters (Protocol) Filters (Other) Serial Port Max Data Rate Management Interfaces SNMP Agent Software Upgrades transparent bridge 10 Mbps (Ethernet) 14,880 frames per second Appletalk, NetBEUI, IPX, IP, DECNET IP ARP, Novell RIP, SAP, LSP 115, 200 bps SNMP, Web, Telnet, Serial Connection Version 1 RFC1213,1493, Enterprise MIB Web, TFTP via Telnet, Serial Connection IEEE 802.
Appendix C Translated Electrical Safety and Emission Information Important: This appendix contains multiple-language translations for the safety statements in this guide. Wichtig: Dieser Anhang enthält Übersetzungen der in diesem Handbuch enthaltenen Sicherheitshinweise in mehreren Sprachen. Vigtigt: Dette tillæg indeholder oversættelser i flere sprog af sikkerhedsadvarslerne i denne håndbog. Belangrijk: Deze appendix bevat vertalingen in meerdere talen van de veiligheidsopmerkingen in deze gids.
Translated Electrical Safety and Emission Information Standards: This product meets the following safety standards. U.S. Federal Communications Commission Declaration Of Conformity Manufacture Name: Allied Telesyn, Inc. Manufacture Address: 960 Stewart Drive, Suite B Sunnyvale, CA 94085 USA Manufacture Telephone: 408-730-0950 Declares that the product: Access Point Model Numbers: AT-WL2411 This product complies with FCC Part 15B, Class B Limits: This device complies with part 15 of the FCC Rules.
AT-WL2411 Version 1.80 Installation and User’s Guide $5 Caution: Power cord is used as a disconnection device. To de-energise equipment disconnect the power cord. $6 Lightning Danger Danger: Do not work on equipment or cables during periods of lightning activity. $7 Do not block air vents. $8 Operating Temperature: This product is designed for a maximum ambient temperature of 65 degrees C. $9 All Countries: Install product in accordance with local and National Electrical Codes.
Translated Electrical Safety and Emission Information 7 Ventilationsåbningerne må ikke blokeres. 8 Betjeningstemperatur: Dette apparat er konstrueret til en omgivende temperatur på maksimum 65 grader C. 9 Alle Lande: Installation af produktet skal ske i overensstemmelse med lokal og national lovgivning for elektriske installationer. Eisen: Dit product voldoet aan de volgende eisen.
AT-WL2411 Version 1.80 Installation and User’s Guide 9 Pour Tous Pays: Installer le matériel conformément aux normes électriques nationales et locales. Standardit: Tämä tuote on seuraavien standardien mukainen. 1 Radioaaltojen häirintä EN55022 Luokka B 2 Kestävyys EN55024 3 Sähköturvallisuus EN60950 (TUV), UL1950 (UL/cUL) Turvallisuus 4 Tähtipisteeseen (hub) syötettävän virran pitää tulla ainoastaan sovittimesta.
Translated Electrical Safety and Emission Information Sikkerhetsnormer: Dette produktet tilfredsstiller følgende sikkerhetsnormer. 1 RFI stråling EN55022 Klasse B 2 Immunittet EN55024 3 Elektrisk sikkerhet EN60950 (TUV), UL1950 (UL/cUL) Sikkerhet 4 All strømtilførsel må komme fra adapteren. Europe - EC Benytt TÜV-godkjent AC-adapter på 5 Vdc, 2.0 A (milliampere). 5 Forsiktig: Strømledningen brukes til å frakoble utstyret. For å deaktivisere utstyret, må strømforsyningen kobles fra.
AT-WL2411 Version 1.80 Installation and User’s Guide Estándares: Este producto cumple con los siguientes estándares. 1 Emisión RFI EN55022 Clase B 2 Inmunidad EN55024 3 Seguridad eléctrica EN60950 (TUV), UL1950 (UL/cUL) Seguridad 4 La energía para el dispositivo central o “hub” debe provenir únicamente del adaptador. Europe - EC Utilizar un adaptador de corriente alterna autorizado TÜV de 5 Vdc, 2.0 A. 5 Atencion: El cable de alimentacion se usa como un dispositivo de desconexion.
Glossary ARP (Address Resolution Protocol) The protocol used by TCP/IP networks to relate IP addresses with the physical network addresses of network interfaces. BFSK (Binary Frequency Shift Key) A broadcasting method that lengthens the range but halves the throughput as compared to the QFSK method. bridge A device that expands a local area network by forwarding frames between data link layers associated with two separate physical media types, usually carrying a common protocol.
Glossary data link tunneling An access point encapsulates an Ethernet frame in a data frame and forwards the frame to the next access point on the path to the final destination. Data link tunneling is used to make mobility transparent to the underlying network or to isolate the radio traffic from terminals on an Ethernet segment. Data link tunneling occurs automatically when Ethernet bridging is disabled on the root access point.
AT-WL2411 Version 1.80 Installation and User’s Guide flooding A frame is flooded when the destination location is unknown. The destination location of a multicast frame is never known. Unicast and multicast flooding parameters determine how a flooded frame is forwarded. home IP subnet The IP subnet that contains the wired primary LAN and any wireless extensions of the subnet. IGMP (Internet Group Management Protocol) IGMP is a protocol that allows the access point to have more than eight IP tunnels.
Glossary multicast address A form of broadcast address through which copies of the frame are delivered to a subset of all possible destinations that have a common multicast address. non-bridging secondary LAN A secondary LAN that does not have a designated bridge. A nonbridging secondary LAN is used to connect access points without using wireless hops. outbound frames Frames moving away from the primary LAN.
AT-WL2411 Version 1.80 Installation and User’s Guide remote IP subnet A secondary LAN attached to the network through an IP tunnel. root The access point with the highest root priority becomes the root of the network spanning tree. If the root becomes inactive, the remaining root candidates negotiate to determine which access point becomes the new root. The root can be used to set system-wide flooding and RF parameters. The root is also the only node in the network that can originate IP tunnels.
Glossary SNMP (Simple Network Management Protocol) SNMP is a popular network management protocol in the TCP/IP and SPX/IPX protocol suite. SNMP allows TCP/IP and SPX/IPX sites to exchange configuration and status information. It uses management programs called "agents" to monitor network traffic. SNMP stores the information it collects in the Management Information Base (MIB). Your network administrator can use management software interacting with the MIB to obtain information about network activity.
AT-WL2411 Version 1.80 Installation and User’s Guide wireless bridging A wireless link that connects two wired Ethernet segments. Two access points can be used to provide a point-to-point or wireless bridge between two buildings, so that wired and wireless devices in each building can communicate with devices in the other building.
