© Copyright 2009 Compex Systems Pte Ltd All Rights Reserved This document contains information, which is protected by copyright. Reproduction, adaptation or translation without prior permission is prohibited, except as allowed under the copyright laws. Trademark Information Compex® is a registered trademark of Compex, Inc. Microsoft Windows and the Windows logo are the trademarks of Microsoft Corp. NetWare is the registered trademark of Novell Inc.
FCC NOTICE This device has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This device generates uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
Declaration of Conformity Compex, Inc. declares the following: Product Name: Wireless Access Point with PoE Model No.: WPE72NX conforms to the following Product Standards: This device complies with the Electromagnetic Compatibility Directive (89/336/EEC) issued by the Commission of the European Community. Compliance with this directive implies conformity to the following European Norms (in brackets are the equivalent international standards.
Table of Contents Overview the Product ..................................................................................................7 Introduction..................................................................................................................7 Features and Benefits ................................................................................................................8 Operation Modes and Connection Examples .....................................................................
Firmware Upgrade ..................................................................................................................53 Host Name ..............................................................................................................................54 Administrative and Read-only Account ..................................................................................54 Configuration Management ............................................................................................
Overview the Product Introduction The high-performance Wireless Network Access Point (AP) is designed for enterprise and public access applications. Embedded with the Atheros chipset, it boasts network robustness, stability and wider network coverage. Based on 802.11n (Draft 2.0), the access point supports high-speed data transmission of up to 300Mbps.
Features and Benefits Virtual AP (Multiple SSID) Virtual AP implements mSSID (Multi-SSID) This allows a single wireless card to be set up with multiple virtual AP connections with different SSIDs or BSSID (Basic Service Set Identifier) and security modes. Highly Secured Wireless Network The access point supports the highest available wireless security standard: IEEE802.11i compliant. The access point also supports IEEE 802.1x for secure and centralized user-based authentication.
Operation Modes and Connection Examples Access Point Mode The Access Point Mode is the default mode of the device. It enables the bridging of wireless clients to wired network infrastructure. The illustration below shows a typical resources sharing application example using this device. The wireless users are able to access the file server connected to the switch, through the access point in Access Point Mode.
Station Mode In Station mode the device acts as a wireless client. When connected to an access point, it creates a network link between the Ethernet network connected at this client device, and the wireless Ethernet network connected at the access point. In this example the workgroup PCs on the ethernet network connected to the Station device can access the printer across the wireless connection to the access point where the printer is connected.
Router Mode In Router Mode, the device also operates as a router. Either the wireless or Ethernet can be setup as WAN connection to a broadband modem. Wireless as WAN is known as Station + Router mode (or Wireless Routing Client mode) and Ethernet as WAN is known as AP + Router mode (or Gateway mode). Device supports several types of broadband connections Static IP, Dynamic IP and PPPoE. For setup details refer to the respective section.
AP + Router connection example Ethernet is use to connect to the broadband. Wireless is the local network (LAN) sharing the broadband connection. Broadband Internet Access Type: Static IP Address Use Static IP Address you have subscribed a fixed IP or range IP addresses from your ISP. Dynamic IP Address With Dynamic IP Address the device automatically request IP address from modem or ISP. PPP over Ethernet (PPPoE) When using ADSL services provided by your ISP support PPPoE connection.
Panel Views and Description Features 1 Diagnostic LED 2 Signal Strength Status and Indications Flashing duing power-up. Off device is ready.. (low) (higher low) (lower high) LED10 level Indicator 3 Ethernet Port LED LED20 LED30 (high) LED40 Steady ON: Connection is established. OFF: No network connection 4 Power LED Static Light: Power is being supplied to the device. Off: Power is not being supplied to the device. 5 Reset Button • To reboot, press once.
7 DC Jack Range : 5V- 24V DC 8 Antenna External SMA Antenna Install the Hardware Hardware Setup • CAT5/5e Networking Cable. • At least 1 computer installed with a web browser and a wired or wireless network interface adapter. All network nodes installed with TCP/IP and properly configured IP address parameters.
Step 2: Attach the power adapter to the main electrical supply, and connect the power plug into the socket of the access point. Step 3: Turn ON the power supply and power ON your PC. Notice that the LEDs: Power and Port have lighted up. This indicates that connection has been established successfully between your access point and your PC.
Using PoE+ to power up the device The access point is fully compatible with PoE+. This accessory supplies operational power to the wireless AP via the Ethernet cable connection. Users who have already purchased PoE+ and who wish to use it to supply power to the access point may follow the installation procedures shown below: Step 1: Use an RJ45 Ethernet cable to connect one end of the cable to the LAN OUT port of PoE+ and the other end to Ethernet port of the access point.
Step 3: Connect the power adapter supplied with PoE+ to the main electrical supply and the power plug into the socket of the injector. Note: The voltage and current supplied to the power adapter and the PoE+ power adapter are different. Do not interchange the power adapters. Step 4: Turn on your power supply. Notice that the Power LED has lighted up. This indicates that the access point is receiving power through PoE+. Notice also that the corresponding port LEDs have lighted up.
Configure the IP Address After setting up the hardware you need to assign an IP address to your PC so that it is in the same subnet as the access point. For Windows 95/98/98SE/ME/NT Step 1: From your desktop, right-click the Network Neighborhood icon and select Properties. Step 2: Select the network adapter that you are using, then right-click and select Properties. Step 3: Highlight TCP/IP and click on the Properties button. Step 4: Select the Specify an IP address radio button.
Step 5: To verify that the IP address has been correctly assigned to your PC, go to the Start menu, select Run, and enter the command: winipcfg. Select the Ethernet adapter from the drop-down list and click OK. PC is now setup with a proper IP address to communicate with the access point.
For Windows XP/2000 Step 1: Go to your desktop, right-click on the My Network Places icon and select Properties. Step 2: Right-click the network adapter icon and select Properties. Step 3: Highlight Internet (TCP/IP) and click Properties button. Protocol on the Step 4: Select the Use the following IP address radio button. Set the IP address to 192.168.168.X and subnet mask to 255.255.255.0, where X can be any number from 2 to 254.
Step 5: Click on the OK button to close all windows. Step 6: To verify that the IP address has been correctly assigned to your PC, go to the Start menu, Accessories, select Command Prompt, and type the command: ipconfig/all PC is now setup with a proper IP address to communicate with the access point.
Access the Web Interface Access with uConfig The UConfig utility provides direct access to the web interface. Step 1: Click uConfig icon to launch the utility then click Yes button.
Step 2: Select the access point from the products list and click on the Open Web button. To retrieve and display the latest device(s) in the list, click on the Refresh button. Step 3: Do not exit the uConfig program while accessing the web-based interface as this will disconnect you from the device. Click on the OK button.
Step 4: At the login prompt, enter the User Name and Password. The default are : User Name : admin Password : password Step 5: It then opens the device home page. The Status page.
Access with Web Browser Step 1: Launch your Web browser, e.g. Internet Explorer, FireFox, Netscape, etc. If using MS IE, under the Tools tab, select Internet Options. Step 2: Open the Connections tab and in the LAN Settings section disable all the option boxes. Click on the OK button to update the changes. Step 3: At the Address bar type in http://192.168.168.1 and press Enter on your keyboard.
Step 4: At the login prompt, enter the User Name and Password. The default are : User Name : admin Password : password It then opens the device home page. The Status page.
Navigation Main Menu Bar Status : Page displays current status of the device and the statistical information. Basic Wireless : Page contains the controls for a wireless network configuration, while covering basic wireless settings which define operating mode, associating details and data security options. Basic Network : Page covers the configuration of network operating mode, IP settings and network services (i.e. DHCP Server). Advanced Wireless : Page settings for advanced wireless features.
Basic Network Tab Click BASIC NETWORK from the menu bar to open the page as show below. Network Mode: Bridging and Routing Network Mode: Select between Bridge (default) and Router mode. LAN Setup LAN Mode: Static: (default) lets you enter a specific IP address for the device. Default IP address is 192.168.168.1 DHCP Client: when set let device learn the IP address automatically from the network. Netmask: Let you set the class for the IP address set. Default class C and value is 255.255.255.
Gateway: (optional) Enter the gateway IP address of the network the device is connected. Primary DNS IP: (optional) Enter the primary DNS IP address nearest to the gateway router. Secondary DNS IP: (optional) Enter the secondary DNS IP address nearest to the gateway router. DHCP Mode: None: function disabled DHCP Server: Check to enable. Device act IP address distribution server automatically issue IP address and other network information to the DHCP Client request them. DHCP Relay: check to enable.
DHCP Reservations Click Add to enter for each device the IP address and MAC address. All DHCP active lease devices are displayed in the Status tab page from the More Status selection. Domain Name Server Entry The Primary and Secondary DNS IP addresses entry is for device operation to resolve domain name to reach certain servers like internet time server and other services that use domain name. * Note:- Ensure device gateway IP is also set that to allow device to access to internet.
Basic Wireless Tab Under the tab, there is the selection of 4 radios. Fig 2.1 Basic Wireless Tab Currently device support only one 802..11n radio card. Select RADIO 1 to configure. Basic Wireless Tab contains all the wireless setup, which is necessary for the operator to setup the wireless part of the link. Enable the radio Fig 2.2 Enable Radio Checkbox Tick/Untick the checkbox to enable/disable the radio. Basic Wireless Settings All the basic wireless settings can be configured in this page.
Wireless Mode There are 5 modes available. Access Point This mode can be connected to Station mode, and then forwards all the traffic to the network devices connected to the Ethernet devices of the Station. Station: This is a client mode that can be connected to the Access Point mode. It is used to bridge the wireless connection to an Access Point. It forwards all the traffic to/from the network devices to the Ethernet interface.
Access Point Parameters Settings Fig 2.3 Basic Wireless Settings (Access Point/ Access Point WDS) Local AP-ESSID This is the Service Set Identifier used to identify the operator’s wireless LAN. It should be specified while operating in Access Point or Access Point WDS mode. All the client devices within its range will receive broadcast messages from the access point advertising this SSID.
Channel – Frequency This is frequency selection you can set for device to operate on. The frequency range available including 2412-2462MHz, 5180-5240MHz and 5745-5825MHz. Selecting one of these frequencies for operation may affect and delay of 2 minutes or more (possibly up to 10 minutes in some situations) for device to attempt to establish a connection. Auto: When checked, during startup, device automatically select the least interfering channels (or frequency) for the operation.
Station Parameters Settings Fig 2.4 Basic Wireless Settings (Station/Station WDS) This options below are only available in Station, Station WDS and Repeater WDS modes unless otherwise stated. Wireless Mode: Station Remote AP-ESSID This is the Service Set Identifier used by station to seek and connect to the access point of same the SSID identifier.
Country Code Different countries have different power levels and also frequency selections. To ensure device operation follows regulatory compliance rules, the operator should make sure that correct country code where device will be used, is selected. The channel list, output power limits, IEEE 802.11 and Channel Spectrum Width modes will be tuned according to the regulations of the selected country. Station setting must match AP country code setting.
Wireless Security All the wireless security settings are set under this section. The operation of the Keys is the same for ALL the Wireless modes. WPA or WPA2 Authentication Fig 2.7 WPA (Access Point/Access Point WDS/Repeater WDS) WPA PSK PSK (Default) – WPA or WPA2 with Pre-shared Key method. Cipher Type TKIP - Temporal Key Integrity Protocol which uses RC4 encryption algorithm. AES - Advanced Encryption Standard (AES) algorithm. AUTO (Default) – Automatically select between both algorithms.
WPA + EAP Fig 2.8 WPA + EAP EAP – WPA or WPA2 with EAP (Extensible Authentication Protocol) Firmware supported options for clients are: EAP-TTLS and EAP-PEAP Cipher Type TKIP - Temporal Key Integrity Protocol which uses RC4 encryption algorithm. AES - Advanced Encryption Standard (AES) algorithm. AUTO (Default) – Automatically select between both algorithms. Primary Radius Server IP Enter the Primary Radius Server IP address. Secondary Radius Server IP Enter the Secondary Radius Server IP address.
WPA EAP-TTLS and WPA EAP-PEAP Fig 2.8 WPA (Station /Station WDS/Repeater WDS) This apply to the following modes only, when WPA or WPA2, with EAP is selected. Station, Station WDS, Repeater WDS mode. Identity Identification credential used by the wpa-supplicant for EAP authentication. User Name: Identification credential used by the wpa-supplicant for EAP tunneled authentication in unencrypted form.
IEEE802.1x Settings The operation of the Keys is the same for ALL the modes. ** Note: Operating with IEEE802.1x security will limit AP to maximum wireless link speed of 54Mbps only. Fig. 2.8 IEEE802.1X (Access Point/Access Point WDS/ Repeater WDS) This option apply to the following modes only, when WPA EAP or IEEE802.1x . Access Point, Access Point WDS, Repeater WDS modes. Primary Radius Server IP Enter the Primary Radius Server IP that Access Point will use to query server.
WEP Fig 2.6 WEP The operation of the Keys is the same for ALL the modes. ** Note: Operating with WEP security will limit AP to maximum wireless link speed of 54Mbps only. Authentication Type: Open Authentication – (Default) No authentication. Recommend to use this standard option over shared authentication. Shared Authentication – May not be compatible with all Access Point. Not recommended. Key Type: HEX or ASCII option specifies the character format for the WEP key if WEP security method is used.
Virtual Access Point (VAP) Virtual AP (VAP) implements mSSID (Multi-SSID) whereby a single wireless card can be setup with up to 3 virtual SSID of BSSID connections. Each VAP can be set with different security authentication mode. Fig 2.11 Virtual AP (Only Available in Access Point/ Access Point WDS Mode) All VAPs are created from the same radio they all share the same wireless channel, country code, channel spectrum width and transmit power. * Note: Security options like IEEE802.
Advance Wireless Tab Not Advance Wireless Setup Advanced Network Tab Click Advanced Network tab from menu to open the page below. *Note: This tab will not open when in device is in Bridge node.
Spanning Tree Setup Spanning Tree Protocol: Default is disabled. Check on box to enable. Root Priority: Default value is 32768. Smaller value has higher priority. Root Hello Time: Default time is 2 seconds.
Root Forward Delay: Default is 15 seconds Root Maximum Age: Default is 20 seconds Changing to lower time can caused high overheads to the network. NAT Setup NAT: Enabled when in Router mode. Disabled when in Bridge mode. DMZ: Default is disabled. Check on box to enable. DMZ IP Address: Input IP address of the local PC to receive the DMZ packets. Port Forwarding: Default is disabled. Check on box to enable. For configuration refer to Appendix section.
Protocol: Select TCP or UDP the application use. Public Port: select Single or Range of ports application use. From: if single port, enter this box only. If port range, enter starting port number here. To: if single port, leave blank. if port range enter, enter last port number here. Private IP Address: Enter the local IP of the PC running the application Private Port From: If single port, enter same public port number or new port number. If port range, enter only the starting port number.
Firewall Setup Firewall Setup: Default is disabled. Check on box to enable. For configuration refer to Appendix section. Comment: enter a brief name for the service.
Outbound Filtering Setup Filtering Setup: Default is disabled. Check on box to enable. For configuration refer to Appendix section. DNS Redirection: Default is enabled. Check on box to disable. When enabled, router device will act as DNS proxy. PC connected to this router device to set their TCPIP DNS IP to router’s IP address. PC can still setup a valid DNS IP to skip the DNS proxy handling. Dynamic DNS Setup: Default is disabled. Check on box to enable.
Services Tab Click Services tab from menu to open the page below. Services section provides varieties of useful and enhanced functions to help assist device operations.
Ping Watchdog Enable Ping Watchdog: Default is disabled. Check on box to enable. IP Address To Ping: Target IP address do ping test monitor. Ping Interval: Default is 5 seconds (minimum). This is Ping test duration. Startup Delay: Default is 60 seconds(minimum). One time delay after device startup. Failed Count To Reboot: Default is 5. This is the number of ping failure count before device kick in the reboot process. Auto-Reboot Auto-Reboot Mode: Default is disabled. Select By Hour or By Time check.
SNMP Setup Enable SNMP: Default is disabled. Check on box to enable. Read Only Password: Password to query device. Engine ID: Default is 800007e5BD00002704D000007c Enable SNMP Trap: Default is disabled. Check on box to enable. Trap Destination IP: Enter the IP to send the info when trap is triggered. Community: Enter the SNMP community string. NTP Setup Enable NTP Client: Default is disabled. Check on box to enable. Select Your Time Zone: Select from list the country you reside.
Telnet Access Setup Enable Telnet Server: Default is enabled. Remove check on box to disable. Server Port: Default is 23. Enter new preferred port number. SSH Access Setup Enable SSH Server: Default is disabled. Check on box to enable. Server Port: Default is 22. Enter new preferred port number. System Log Setup Enable System Logging: Default is disabled. Check on box to enable. Logging IP /Domain Name: Enter destination IP address of device to receive log. Logging Port: Default is 514.
System Tab The System Page contains Administrative options. This page enables administrator to customize, reboot the device, set it to factory defaults, upload a new firmware, backup or update the configuration and configure administrator’s credentials. Firmware Upgrade Use this section to find out current software version and update the device with the new firmware. The device firmware update is compatible with all configuration settings.
Host Name Host Name is the system wide device identifier. It is reported by SNMP Agent to authorized management stations. Host Name will be represented in popular Router Operating Systems registration screens and discovery tools. Host Name: specifies the system identity. Change button saves the Host Name if activated. Administrative and Read-only Account In this section you can modify the administrator password to protect your device from unauthorized configuration.
Configuration Management Backup Configuration: click Download button to export the current configuration to a file. Upload Configuration: click Browse button to navigate to and select the new configuration file or specify the full path to the configuration file location. Activating the Upload button will transfer new configuration file to the system. New configuration will be effective after the Apply button is activated and system reboot cycle is completed.
Status Page The Status Page displays a summary of link status information, current values of basic configuration settings (depending on operating mode), network settings and traffic statistics of all the interfaces. Status Reporting Main Uptime: displays device up time since boot up. The time is expressed in days, hours, minutes and seconds. Host Name: displays the assigned device host name (ID). System Time: display device current date and time.
LAN Setting LAN MAC: displays the MAC address of the device LAN (Ethernet) interface. LAN Mode: displays the mode used, either static or DHCP client. LAN IP Address: displays the current IP address of the LAN (Ethernet) interface. LAN Gateway IP Address: displays the IP address of the gateway used in LAN. LAN Pri. DNS IP: displays the Primary DNS IP address of the LAN setting. LAN Sec. DNS IP: displays the Secondary DNS IP address of the LAN setting.
Clients Connection Status in AP Status Info All clients connected to AP can be view from AP Status page. Below is an example of a client connection status info. Click to refresh client connection statistics and status page Signals strength at the left and right port of radio card can be view with more accurately while adjusting the antenna to get a more balanced reception.
Station Connection Info Status Info Click to refresh client connection statistics and status page. WLAN Connected Status: MAC Address: displays the MAC address of the current active WLAN card. Signal Strength: displays the received wireless signal level of opposite connected device. TX Rate and RX Rate: displays the current 802.11 data transmission (TX) and data reception (RX) rate while operating in Station mode.
Rx invalid NWID value represents the number of packets received with a different NWID or ESSID - packets which were destined for another access point. It can help to detect configuration problems or identify the adjacent wireless network existence on the same frequency. Rx Invalid Crypt value represents the number of transmitted and received packets which were encrypted with the wrong encryption key and failed the decryption routines.
More Status In More Status option contains some useful tools and additional status pages. Ping Utility – a ping tool to test the connectivity between devices. ARP Table display a list of MAC addresses of the connected devices Bridge Table display a list the devices connect to the bridge interface DHCP Active Lease Table display a list of IPs addresses leased to all computers.
VLAN Tab This setup lets you create virtual local network connection through the device Ethernet only and over wireless connections.
VLAN Management Vlan management lets you control and limit only clients connection of same tag vlan ID group be open AP device web page. * Note:Vlan Management works only in tag vlan pass-through mode. i.e. Vlan Switch is disabled. When Vlan Switch is enabled or configured, Vlan Management function stops operation. Example: Assuming there are 2 VLAN ID groups, 2001 and 2002 setup in AP device. One entry in Vlan Management has Vlan ID 2001 with masquerade IP address 192.168.168.
Appendix I - Network This section provides more detailed explanation on the network operation modes in general. The Network Page allows the administrator to setup bridge or routing functionality. Device can operate in bridge or router mode. The IP configuration as described below is required for device management purposes. IP addresses can either be retrieved from a DHCP server or configured manually. Use the Network menu to configure the IP settings.
Bridge IP Address: The device can be set for static IP or can be set to obtain an IP address from the DHCP server it is connected to. One of the IP assignment modes must be selected: DHCP : choose this option to assign the dynamic IP address, Gateway and DNS address by the local DHCP server. STATIC : choose this option to assign the static IP settings for the bridge interface. IP Address: enter the IP address of the device while Static Bridge IP Address mode is selected.
Bridge mode Firewall Configuration Settings Firewall functionality on bridge interface can be enabled using the "Enable Firewall" option. Bridge Firewall rules can be configured, enabled or disabled while using Firewall configuration window which is opened with the "Configure" button.
Appendix II – Wireless with Router Mode This section provides more details on wireless with router function.
Gateway IP: This is the IP address of the host router which resides on the external network and provides the point of connection to the next hop towards the internet. This can be a DSL modem, Cable modem, or a WISP gateway router. The device will direct all the packets to the gateway if the destination host is not within the local network.
Port Forwarding Settings Port Forwarding: Port forwarding allows specific ports of the hosts residing in the internal network to be forwarded to the external network. This is useful for number of applications such as FTP servers, gaming, etc. where different host systems need to be seen using a single common IP address/port. Port Forwarding rules can be set in Port Forwarding window, which is opened by enabling the Port Forwarding option and activating the Configure button.
Bridge mode Firewall Configuration Settings Firewall functionality on any router interface can be enabled using the "Enable Firewall" option. Router Firewall rules can be configured, enabled or disabled while using Firewall configuration window which is opened with the "Configure" button.
Enable DMZ: The Demilitarized zone (DMZ) can be enabled and used as a place where services can be placed such as Web Servers, Proxy Servers, and E-mail Servers such that these services can still serve the local network and are at the same time isolated from it for additional security. DMZ is commonly used with the NAT functionality as an alternative for the Port Forwarding while makes all the ports of the host network device be visible from the external network side.
Appendix III- Services This section provides more details on the system management services. Ping WatchDog The ping watchdog sets the device to continuously ping a user defined IP address (it can be the internet gateway for example). If it is unable to ping under the user defined constraints, the device will automatically reboot. This option creates a kind of "fail-proof" mechanism. Ping Watchdog is dedicated for continuous monitoring of the particular connection to remote host using the Ping tool.
Location: specify the physical location of the device. NTP Client, Web, Telnet, SSH Server NTP Client: The Network Time Protocol (NTP) is a protocol for synchronizing the clocks of computer systems over packet-switched, variable-latency data networks. It can be used to set the device system time. System Time is reported next to the every System Log entry while registering system events if Log option is enabled.
Appendix IV- VLAN Setup examples A) Tagged Wireless VLAN to Tagged Ethernet VLAN Setup
B) Untagged Wireless VLAN to Tagged Ethernet VLAN setup C) Tagged VLAN Pass-Through AP and Station link No VLAN Setup Required
