UNIFIED ACCESS POINT ADMINISTRATOR’S GUIDE PRODUCT MODEL: DWL-2600AP, DWL-3600AP, DWL-3610AP, DWL-6600AP, DWL-6610AP, DWL-6700AP, DWL-8600AP, DWL-8610AP, DWL-8710AP UNIFIED WIRED & WIRELESS ACCESS SYSTEM RELEASE 6.40 © COPYRIGHT 2016.
Unified Access Point Administrator’s Guide Table of Contents Section 1 - About This Document.............................................................................................9 Document Organization.......................................................................................................................................... 9 Additional Documentation......................................................................................................................................
Unified Access Point Administrator’s Guide Controlling Access by MAC Authentication.......................................................................................................... 58 Configuring a MAC Filter and Station List on the AP..................................................................................... 59 Configuring MAC Authentication on the RADIUS Server............................................................................... 59 Configuring Load Balancing...............
Unified Access Point Administrator’s Guide Viewing the Last Proposed Set of Changes................................................................................................. 109 Configuring Advanced Settings.................................................................................................................... 109 Viewing Wireless Neighborhood Information.....................................................................................................
Unified Access Point Administrator’s Guide List of Figures Figure 1 - Administrator UI Online Help.................................................................................................................... 10 Figure 2 - Web UI Login Prompt............................................................................................................................... 14 Figure 3 - Provide Basic Settings................................................................................................
Unified Access Point Administrator’s Guide Figure 60 - Configure Client QoS DiffServ Class Map Settings............................................................................... 96 Figure 61 - Configure Client QoS DiffServ Policy Map Settings............................................................................. 100 Figure 62 - QoS Configuration Status For Associated Clients...............................................................................
Unified Access Point Administrator’s Guide List of Tables Table 1 - Typographical Conventions....................................................................................................................... 10 Table 2 - Requirements for the Administrator’s Computer........................................................................................ 12 Table 3 - Requirements for Wireless Clients......................................................................................................
Unified Access Point Administrator’s Guide Table 60 - Session Management............................................................................................................................ 107 Table 61 - Channel Assignments............................................................................................................................ 109 Table 62 - Last Proposed Changes....................................................................................................................
Unified Access Point Administrator’s Guide Section 1 - About This Document Section 1 - About This Document This guide describes setup, configuration, administration and maintenance for the D-Link DWL-x600AP Unified Access Point (UAP) on a wireless network.
Unified Access Point Administrator’s Guide Section 1 - About This Document Symbol Example Description Curly Braces {} {Choice1 | Choice2} Indicates that you must select a parameter from the list of choices. Vertical Bars | Choice1 | Choice2 Separates the mutually exclusive choices. Braces within square brackets [{}] [{Choice1 | Choice2}] Indicate a choice within an optional element.
Unified Access Point Administrator’s Guide Section 2 - Getting Started Section 2 - Getting Started The D-Link DWL-x600AP unified access point (UAP) provides continuous, high-speed access between wireless devices and Ethernet devices. It is an advanced, standards-based solution for wireless networking in businesses of any size. The UAP enables wireless local area network (WLAN) deployment while providing state-of-the-art wireless networking features.
Unified Access Point Administrator’s Guide Section 2 - Getting Started Required Software or Component Description Wireless Connection to the Network After initial configuration and launch of the first access point on your new wireless network, you can make subsequent configuration changes through the Administration Web pages using a wireless connection to the internal network.
Unified Access Point Administrator’s Guide Section 2 - Getting Started Dynamic and Static IP Addressing on the AP When you power on the access point, the built-in DHCP client searches for a DHCP server on the network in order to obtain an IP Address and other network information. If the AP does not find a DHCP server on the network, the AP continues to use its default Static IP Address (10.90.90.
Unified Access Point Administrator’s Guide Section 2 - Getting Started •) To use a direct-cable connection, connect one end of an Ethernet straight-through or crossover cable to the network port on the access point and the other end of the cable to the Ethernet port on the PC, as shown in the following figure. You can also use a serial cable to connect the serial port on the AP to a serial port on the administrative computer.
Unified Access Point Administrator’s Guide Section 2 - Getting Started Figure 3 - Provide Basic Settings 5.) Verify the settings on the Basic Settings page. •) Review access point description and provide a new administrator password for the access point if you do not want to use the default password, which is admin. •) Click the Apply button to activate the wireless network with these new settings. Note: The changes you make are not saved or applied until you click Apply.
Unified Access Point Administrator’s Guide Section 2 - Getting Started Basic Settings From the Basic Settings page, you can view various information about the UAP, including IP and MAC address information, and configure the administrator password for the UAP. The following table describes the fields and configuration options on the Basic Settings page. Field Description IP Address Shows the IP address assigned to the AP.
Unified Access Point Administrator’s Guide Section 2 - Getting Started Field Description System Contact Enter the name, e-mail address, or phone number of the person to contact regarding issues related to the AP. System Location Enter the physical location of the AP, for example Conference Room A.
Unified Access Point Administrator’s Guide Section 2 - Getting Started Figure 4 - Command Line Interface (CLI) Connection Configuring the Ethernet Settings The default Ethernet settings, which include DHCP and VLAN information, might not work for all networks. By default, the DHCP client on the UAP automatically broadcasts requests for network information. If you want to use a static IP address, you must disable the DHCP client and manually configure the IP address and other network information.
Unified Access Point Administrator’s Guide Section 2 - Getting Started Action Commands Use DHCP as the connection type set management dhcp-status up set management dhcp-status down Use a Static IP as the connection type set management static-ip Set the Static IP address For example: set management static-ip 10.10.12.221 set management static-mask Set a Subnet Mask For example: set management static-mask 255.255.255.
Unified Access Point Administrator’s Guide Section 2 - Getting Started Using the CLI to Configure 802.1X Authentication Information The following table shows the commands used to configure the 802.1X supplicant information using the CLI. Action Command View 802.1X supplicant settings get dot1x-supplicant set dot1x-supplicant status up Enable 802.1X supplicant set dot1x-supplicant status down Disable 802.1X supplicant set dot1x-supplicant user Set the 802.
Unified Access Point Administrator’s Guide Section 2 - Getting Started Configuring Security on the Wireless Access Point You configure secure wireless client access by configuring security for each virtual access point (VAP) that you enable. You can configure up to 16 VAPs per radio that simulate multiple APs in one physical access point. By default, only one VAP is enabled. For each VAP, you can configure a unique security mode to control wireless client access.
Unified Access Point Administrator’s Guide Section 3 - Viewing Access Point Status Section 3 - Viewing Access Point Status This section describes the information you can view from the tabs under the Status heading on the Administration Web UI.
Unified Access Point Administrator’s Guide Section 3 - Viewing Access Point Status Modify Wireless Settings page. For information about configuring these settings, see “Wireless Settings” on page 37 and “Modifying Radio Settings” on page 40. Viewing Events The Events page shows real-time system events on the AP such as wireless clients associating with the AP and being authenticated. To view system events, click the Events tab.
Unified Access Point Administrator’s Guide Section 3 - Viewing Access Point Status Field Description Persistence Choose Enabled to save system logs to non-volatile memory so that the logs are not erased when the AP reboots. Choose Disabled to save system logs to volatile memory. Logs in volatile memory are deleted when the system reboots. Severity Specify the severity level of the log messages to write to non-volatile memory.
Unified Access Point Administrator’s Guide Section 3 - Viewing Access Point Status Note: To apply your changes, click Apply. Changing some settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity. We recommend that you change AP settings when WLAN traffic is low. If you enabled the Log Relay Host, clicking Apply will activate remote logging.
Unified Access Point Administrator’s Guide Section 3 - Viewing Access Point Status Field Description Total Drop Packets Indicates total number of packets sent (in Transmit table) or received (in Received table) by this AP that were dropped. Total Drop Bytes Indicates total number of bytes sent (in Transmit table) or received (in Received table) by this AP that were dropped. Errors Indicates total errors related to sending and receiving data on this AP.
Unified Access Point Administrator’s Guide Section 3 - Viewing Access Point Status A TSPEC is a traffic specification that is sent from a QoS-capable wireless client to an AP requesting a certain amount of network access for the traffic stream (TS) it represents. A traffic stream is a collection of data packets identified by the wireless client as belonging to a particular user priority.
Unified Access Point Administrator’s Guide Section 3 - Viewing Access Point Status Field Description From Station Shows the number of packets and bytes received from the wireless client and the number of packets and bytes that were dropped after being received. Also shows the number of packets: •) in excess of an admitted TSPEC. •) for which no TSPEC has been established when admission is required by the AP.
Unified Access Point Administrator’s Guide Section 3 - Viewing Access Point Status Field Description AP Detection for Radio To allow the AP radios to perform neighbor AP detection and collect information about neighbor APs, click Enabled. To disable neighbor AP detection on the radios, click Disabled. If you change the AP detection mode, click Apply to save the new settings. Detected Rogue AP List Action Click Grant to move the AP from the Detected Rogue AP List to the Known AP List.
Unified Access Point Administrator’s Guide Field Section 3 - Viewing Access Point Status Description Known AP List Action An AP can appear in the Known AP List if it has been moved from the Detected Rogue AP List by clicking the Grant button or if the MAC address of the AP appears in an AP list that has been imported. To move the AP from the Known AP List to the Detected Rogue AP List, click Delete. Note: The Detected Rouge AP and Known AP lists provide information.
Unified Access Point Administrator’s Guide Section 3 - Viewing Access Point Status appear in the Known AP List. Viewing Managed AP DHCP Information The UAP can learn about D-Link Unified Wireless Switches on the network through DHCP responses to its initial DHCP request. The Managed AP DHCP page displays the DNS names or IP addresses of up to four D-Link Unified Wireless Switches that the AP learned about from a DHCP server on your network.
Unified Access Point Administrator’s Guide Field Section 3 - Viewing Access Point Status Description AP and VAP Status Interface Indicates the name of the Radio or VAP interface. Access Category Indicates Current Access Category associated with this Traffic Stream (voice or video). Status Indicates whether the TSPEC session is enabled (up) or not (down) for the corresponding Access Category. Note: This is a configuration status (does not necessarily represent the current session activity).
Unified Access Point Administrator’s Guide Section 3 - Viewing Access Point Status Field Description TSPEC Statistics Summary for Voice ACM Indicates the total number of accepted and the total number of rejected voice Traffic Streams. TSPEC Statistics Summary for Video ACM Indicates the total number of accepted and the total number of rejected video Traffic Streams.
Unified Access Point Administrator’s Guide Section 3 - Viewing Access Point Status Field Description Multicast Frames Transmitted Count of successfully transmitted MSDU frames where the multicast bit is set in the destination MAC address. Duplicate Frame Count Number of times a frame is received and the Sequence Control field indicates is a duplicate.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Section 4 - Managing the Access Point This section describes how to manage the UAP and contains the following subsections: •) “Ethernet Settings” on page 35 •) “Wireless Settings” on page 37 •) “Modifying Radio Settings” on page 40 •) “Configuring Radio and VAP Scheduler” on page 44 •) “Scheduler Association Settings” on page 46 •) “Virtual Access Point Settings” on page 47 •) “Configuring the Wireless Distribution System (WD
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Field Description Hostname Enter a hostname for the AP. The hostname appears in the CLI prompt. •) The hostname has the following requirements: •) The length must be between 1 – 63 characters. •) Upper and lower case characters, numbers, and hyphens are accepted. •) The first character must be a letter (a – z or A – Z), and the last character cannot be a hyphen.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Wireless Settings Wireless settings describe aspects of the local area network (LAN) related specifically to the radio device in the access point (802.11 Mode and Channel) and to the network interface to the access point (MAC address for access point and Wireless Network name, also known as SSID). To configure the wireless interface, click the Manage > Wireless Settings tab.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Field Description Mode The Mode defines the Physical Layer (PHY) standard the radio uses. Note: The modes available depend on the country code setting and the radio selected. Select one of the following modes for radio 1: •) IEEE 802.11a is a PHY standard that specifies operating in the 5 GHz U-NII band using orthogonal frequency division multiplexing (OFDM). It supports data rates ranging from 6 to 54 Mbps. •) IEEE 802.
Unified Access Point Administrator’s Guide Field Section 4 - Managing the Access Point Description AeroScout™ Engine AeroScout Engine support provides location-based services for wireless networks. Specify Protocol Support whether to enable support for the AeroScout protocol. Options are Enabled or Disabled. The default is Disabled. When enabled, Aeroscout devices are recognized and data is sent to an Aeroscout Engine (AE) for analysis. The AE determines the geographical location of 802.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point information. The DWS-4000 Series switch does not communicate with the AE. AeroScout tags operate only in 802.11b/g mode. Therefore, network administrators who use the AeroScout tags must configure at least one radio on APs that are expected to detect tags in either 802.11b/g or 802.11b/g/n mode. The radios configured in 2.4 GHz IEEE 802.11n mode cannot detect AeroScout tags.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Field Description Mode The Mode defines the Physical Layer (PHY) standard the radio uses. Note: The modes available depend on the country code setting and the radio selected. Select one of the following modes for radio 1: •) IEEE 802.11a is a PHY standard that specifies operating in the 5 GHz U-NII band using orthogonal frequency division multiplexing (OFDM). It supports data rates ranging from 6 to 54 Mbps. •) IEEE 802.
Unified Access Point Administrator’s Guide Field Section 4 - Managing the Access Point Description Short Guard Interval This field is available only if the selected radio mode includes 802.11n. Supported The guard interval is the dead time, in nanoseconds, between OFDM symbols. The guard interval prevents Inter-Symbol and Inter-Carrier Interference (ISI, ICI). The 802.11n mode allows for a reduction in this guard interval from the a and g definition of 800 nanoseconds to 400 nanoseconds.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Field Description RTS Threshold Specify a Request to Send (RTS) Threshold value between 0 and 2347. The RTS threshold indicates the number of octets in an MPDU, below which an RTS/CTS handshake is not performed. Changing the RTS threshold can help control traffic flow through the AP, especially one with a lot of clients. If you specify a low threshold value, RTS packets will be sent more frequently.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Field Description TSPEC Voice ACM Limit Specify an upper limit on the amount of traffic the AP attempts to transmit on the wireless medium using a voice AC to gain access. TSPEC Video ACM Mode Regulates mandatory admission control for the video access category. The options are: •) On — A station is required to send a TSPEC request for bandwidth to the AP before sending or receiving a video traffic stream.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Figure 19 - Scheduler Configuration Field Description Global Scheduler Mode A global switch to enable or disable the scheduler feature. The default is Disable. Scheduler Operational Status Status The operational status of the Scheduler. The range is Up or Down. The default is Down. Reason Provides additional information about the status.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Figure 20 - Scheduler Configuration (Modify Rule) Click Apply to save the new configuration settings. Note: After making any modifications, you must click Apply to apply the changes and to save the settings. Scheduler Association Settings For a Scheduler profile to take effect, you must associate it with at least one radio or VAP interface.
Unified Access Point Administrator’s Guide Field Section 4 - Managing the Access Point Description Radio Scheduler Profile Operational Status 1 or 2 From the menu, select the Scheduler profile to associate with Radio 1 or Radio 2. Scheduler Profile From the menu, select the Scheduler profile to associate with the Radio. Status The operational status of the Scheduler. The range is Up or Down.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Figure 22 - Modify Virtual Access Point Settings The following table describes the fields and configuration options on the VAP page. Field Description RADIUS IP Address Type Specify the IP version that the RADIUS server uses.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Field Description Radio Select the radio to configure. VAPs are configured independently on each radio. VAP You can configure up to 16 VAPs for each radio. VAP0 is the physical radio interface, so to disable VAP0, you must disable the radio. Enabled You can enable or disable a configured network. •) To enable the specified network, select the Enabled option beside the appropriate VAP.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Note: After you configure the VAP settings, you must click Apply to apply the changes and to save the settings. Changing some settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity. We recommend that you change AP settings when WLAN traffic is low.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Field Description WEP Keys You can specify up to four WEP keys. In each text box, enter a string of characters for each key. The keys you enter depend on the key type selected: •) ASCII — Includes upper and lower case alphabetic letters, the numeric digits, and special symbols such as @ and #. •) Hex — Includes digits 0 to 9 and the letters A to F.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point This mode requires the use of an external RADIUS server to authenticate users. The AP requires a RADIUS server capable of EAP, such as the Microsoft Internet Authentication Server. To work with Windows clients, the authentication server must support Protected EAP (PEAP) and MSCHAP V2. You can use any of a variety of authentication methods that the IEEE 802.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Field Description Enable RADIUS FailThrough Select this option to allow the secondary RADIUS server to authenticate wireless clients if the authentication with the primary RADIUS server is unsuccessful, or if the primary RADIUS server is unavailable. Active Server Specify which configured RADIUS server to use as the active RADIUS server.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Field Description Broadcast Key Refresh Rate Enter a value to set the interval at which the broadcast (group) key is refreshed for clients associated to this VAP (the default is 300). The valid range is 0–86400 seconds. A value of 0 indicates that the broadcast key is not refreshed. Table 25 - WPA Personal Note: After you configure the security settings, you must click Apply to apply the changes and to save the settings.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Field Description Cipher Suites Select the cipher suite you want to use: •) TKIP •) CCMP (AES) •) TKIP and CCMP (AES) By default both TKIP and CCMP are selected.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Note: After you configure the security settings, you must click Apply to apply the changes and to save the settings. Configuring the Wireless Distribution System (WDS) The Wireless Distribution System (WDS) allows you to connect multiple UAPs. With WDS, APs communicate with one another without wires in a standardized way.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point •) Both APs participating in a WDS link must be on the same Radio channel and using the same IEEE 802.11 mode. (See “Modifying Radio Settings” on page 40 for information on configuring the Radio mode and channel.) •) When 802.11h is operational, setting up two WDS links can be difficult. To configure WDS on this AP, describe each AP intended to receive handoffs and send information to this AP.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Field Description Characters Required Indicates the number of characters required in the WEP key. The number of characters required updates automatically based on how you set Key Length and Key Type. WEP Key Enter a string of characters. If you selected ASCII, enter any combination of 0 – 9, a – z, and A – Z. If you selected HEX, enter hexadecimal digits (any combination of 0 – 9 and a – f or A – F).
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Configuring a MAC Filter and Station List on the AP The MAC Authentication page allows you to control access to UAP based on MAC addresses. Based on how you set the filter, you can allow only client stations with a listed MAC address or deny access to the stations listed. When you enable MAC Authentication and specify a list of approved MAC addresses, only clients with a listed MAC address can access the network.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point If you use RADIUS MAC authentication for MAC-based access control, you must configure a station list on the RADIUS server. The station list contains client MAC address entries, and the format for the list is described in the following table. RADIUS Server Attribute Description Value User-Name (1) MAC address of the client station. Valid Ethernet MAC Address.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Transitioning Between Modes Every 30 seconds, the D-Link Unified Wireless Switch sends a keepalive message to all of the access points it manages. Each AP checks for the keepalive messages on the SSL TCP connection. As long as the AP maintains communication with the switch through the keepalive messages, it remains in Managed Mode.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Field Description Base IP Port The starting IP port number used by the wireless feature (in a range of 10 consecutive port numbers). Only the first number in the range is configurable. The default value is 57775 (through 57784). Note: When the wireless Base IP Port number is changed on the switch, the wireless feature is automatically disabled and re-enabled.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point Figure 31 - Modify 802.1X Supplicant Authentication Settings Field Description 802.1X Supplicant Click Enabled to enable the Administrative status of the 802.1X Supplicant. Click Disabled to disable the Administrative status of the 802.1X Supplicant.
Unified Access Point Administrator’s Guide Section 4 - Managing the Access Point To create an access list, click the Management ACL tab. Figure 32 - Configure Management Access Control Parameters Field Description Management ACL Mode Enable or disable the management ACL feature. At least one IPv4 address should be configured before enabling Management ACL Mode. If enabled, only the IP addresses you specify will have Web, Telnet, SSH, and SNMP access to the management interface.
Unified Access Point Administrator’s Guide Section 5 - Configuring Access Point Services Section 5 - Configuring Access Point Services This section describes how to configure services on the UAP and contains the following subsections: •) “Web Server Settings” on page 65 •) “Configuring SNMP on the Access Point” on page 66 •) “Setting the SSH Status” on page 68 •) “Setting the Telnet Status” on page 69 •) “Configuring Quality of Service” on page 69 •) “Configuring Email Alert” on page 72 •) “Enabling the T
Unified Access Point Administrator’s Guide Section 5 - Configuring Access Point Services Field Description Generate HTTP SSL Certificate Select this option to generate a new SSL certificate for the secure Web server. This should be done once the access point has an IP address to ensure that the common name for the certificate matches the IP address of the UAP. Generating a new SSL certificate will restart the secure Web server.
Unified Access Point Administrator’s Guide Section 5 - Configuring Access Point Services Figure 34 - SNMP Configuration Field Description SNMP Enabled/ Disabled You can specify the SNMP administrative mode on your network. By default SNMP is enabled. To enable SNMP, click Enabled. To disable SNMP, click Disabled. After changing the mode, you must click Apply to save your configuration changes. Note: If SNMP is disabled, all remaining fields on the SNMP page are disabled.
Unified Access Point Administrator’s Guide Section 5 - Configuring Access Point Services Field Description Hostname, address or subnet of Network Management System Specify the IPv4 DNS hostname or subnet of the machines that can execute get and set requests to the managed devices. The valid range is 1-256 characters. As with community names, this provides a level of security on SNMP settings. The SNMP agent will only accept requests from the hostname or subnet specified here.
Unified Access Point Administrator’s Guide Section 5 - Configuring Access Point Services Field Description SSH Status Choose to either enable or disable SSH access to the AP CLI: •) To permit remote access to the AP by using SSH, click Enabled. •) To prevent remote access to the AP by using SSH, click Disabled. Table 38 - SSH Settings Setting the Telnet Status Telnet is a program that provides access to the DWL-x600AP CLI from a remote host.
Unified Access Point Administrator’s Guide Section 5 - Configuring Access Point Services Figure 37 - Modify QoS Queue Parameters Field Description EDCA Template Possible options are: Default, Optimized for Voice, and Custom. AP EDCA Parameters Queue Queues are defined for different types of data transmitted from AP-to-station: •) Data 0 (Voice) — High priority queue, minimum delay. Time-sensitive data such as VoIP and streaming media are automatically sent to this queue.
