User's Guide Part 1
Table Of Contents
- Cambium PTP 700 Series User Guide
- Contents
- About This User Guide
- Contacting Cambium Networks
- Purpose
- Cross references
- Feedback
- Important regulatory information
- Radar avoidance
- USA and Canada specific information
- Renseignements specifiques aux USA et au Canada
- EU Declaration of Conformity
- Application firmware
- Specific expertise and training for professional installers
- Avoidance of weather radars
- External antennas
- Antennas externes
- Ethernet networking skills
- Lightning protection
- Training
- Problems and warranty
- Security advice
- Warnings, cautions, and notes
- Caring for the environment
- Chapter 1: Product description
- Overview of the PTP 700 Series
- Wireless operation
- Ethernet bridging
- TDM bridging
- System management
- FIPS 140-2 mode
- Chapter 2: System hardware
- Outdoor unit (ODU)
- Power supply units (PSU)
- Antennas and antenna cabling
- Ethernet cabling
- PTP-SYNC unit
- GPS receiver
- Network indoor unit (NIDU)
- Chapter 3: System planning
- Typical deployment
- Site planning
- Grounding and lightning protection
- Lightning protection zones
- Site grounding system
- ODU and external antenna location
- ODU ambient temperature limits
- ODU wind loading
- Hazardous locations
- PSU DC power supply
- PSU location
- PTP-SYNC location
- GPS receiver location
- NIDU location
- Drop cable grounding points
- LPU location
- Multiple LPUs
- Radio spectrum planning
- Link planning
- Planning for connectorized units
- Configuration options for TDD synchronization
- Data network planning
- TDM network planning
- Network management planning
- Security planning
- System threshold, output power and link loss
- Data throughput capacity tables
- Chapter 4: Legal and regulatory information
- Cambium Networks end user license agreement
- Definitions
- Acceptance of this agreement
- Grant of license
- Conditions of use
- Title and restrictions
- Confidentiality
- Right to use Cambium’s name
- Transfer
- Updates
- Maintenance
- Disclaimer
- Limitation of liability
- U.S. government
- Term of license
- Governing law
- Assignment
- Survival of provisions
- Entire agreement
- Third party software
- Compliance with safety standards
- Compliance with radio regulations
- Type approvals
- FCC/IC compliance
- FCC product labels
- Industry Canada product labels
- 4.9 GHz FCC and IC notification
- Utilisation de la bande 4.9 GHz FCC et IC
- 5.1 GHz FCC notification
- 5.2 GHz and 5.4 GHz FCC and IC notification
- Utilisation de la bande 5.4 GHz FCC et IC
- 5.8 GHz FCC notification
- 5.8 GHz IC notification
- 5.1 GHz band edge channel power reduction
- 5.2 GHz band edge channel power reduction
- 5.4 GHz band edge channel power reduction
- Réduction de puissance aux bords de la bande 5.4 GHz
- 5.8 GHz band edge channel power reduction
- Réduction de puissance aux bords de la bande 5.8 GHz
- Selection of antennas
- European Union compliance
- Cambium Networks end user license agreement
Chapter 3: System planning Security planning
Planning for RADIUS operation
Configure RADIUS where remote authentication is required for users of the web-based
interface. Remote authentication has the following advantages:
• Control of passwords can be centralized.
• Management of user accounts can be more sophisticated. For example; users can be
prompted by a network manager to change passwords at regular intervals. As another
example, passwords can be checked for inclusion of dictionary words and phrases.
• Passwords can be updated without reconfiguring multiple network elements.
• User accounts can be disabled without reconfiguring multiple network elements.
Remote authentication has one significant disadvantage in a wireless link product such as PTP
700. If the wireless link is down, a unit on the remote side of the broken link may be prevented
from contacting a RADIUS Server, with the result that users are unable to access the web-
based interface.
One useful strategy would be to combine RADIUS authentication for normal operation with a
single locally-authenticated user account for emergency use.
PTP 700 provides a choice of the following authentication methods:
• CHAP
• MS-CHAPv2
Ensure that the authentication method selected in PTP 700 is supported by the RADIUS server.
Note
RADIUS is not permitted in FIPS 140-2 applications. Ensure that the RADIUS feature is
disabled in FIPS 140-2 approved mode.
RADIUS attributes
If the standard RADIUS attribute session-timeout (Type 27) is present in a RADIUS response,
PTP 700 sets a maximum session length for the authenticated user. If the attribute is absent,
the maximum session length is infinite.
If the standard RADIUS attribute idle-timeout (Type 28) is present in a RADIUS response, PTP
700 overrides the Auto Logout Timer with this value in the authenticated session.
If the vendor-specific RADIUS attribute auth-role is present in a RADIUS response, PTP 700
selects the role for the authenticated user according to auth-role. The supported values of auth-
role are as follows:
• 0: Invalid role. The user is not admitted.
• 1: Read Only
• 2: System Administrator
• 3: Security Officer
If the vendor-specific auth-role attribute is absent, but the standard service-type (Type 6)
attribute is present, PTP 700 selects the role for the authenticated user according to service-
type. The supported values of service-type are as follows:
Page 3-57