APC500 User Manual 08-2021 / v1.
CONTENTS I. Product Information .............................................................................. 1 I-1. I-2. I-3. I-4. I-5. I-6. I-7. Package Contents ..................................................................................................................2 System Requirements ............................................................................................................3 Hardware Overview ..................................................................................
V-4-4-2. Users Log ......................................................................................................................39 V-4-5. Rogue Devices ......................................................................................................................40 V-4-6. Information ..........................................................................................................................41 V-4-6-1. All Events/Activities .......................................................
V-7-2-1. V-7-2-2. V-7-2-3. Admin .......................................................................................................................101 Date and Time ..........................................................................................................103 Syslog Server ............................................................................................................105 V-7-2-4. I’m Here ......................................................................................
I. Product Information The APC500 supports central management for up to 200 Edimax Pro access points, suitable for SMBs/SMEs. Functions include: L2/L3 AP Management QoS by SSID Batch Setup/Configuration Channel/RF Power/Load Optimization Captive Portal/Guest Policy Local Radius (AAA) Group Firmware Upgrade/Restart Edimax NMS Edimax Pro Network Management Suite (NMS) supports the central management of a group of access points, otherwise known as an AP Array.
I-1. Package Contents 1 2 3 4 5 6 7 8 1. APC500 5. CD 2. Ethernet Cable 6. Quick Installation Guide 3. Console Cable 7. Rack-Mount Kit 4. Power Adapter 8.
I-2. System Requirements - Existing cable/DSL modem & router - Computer with web browser for access point configuration I-3. Hardware Overview A. LEDs C. Eject E. WAN/LAN port B. USB 3.0 A. B. C. D. E. F. G. D. Console G. Reset F. LAN ports Power, status & storage LEDs. USB 3.0 port for system log and save/restore settings. Eject an attached USB device. Connect a management console. WAN/LAN port 0. LAN ports 1 – 3. Reset the controller to factory default settings.
I-4. LED Status LED LED Color LED Status Description Power Blue Status Blue Storage Blue Link/ACT Green Speed Green On Flashing Off On Flashing Off On Flashing Off On Flashing Off On Off The controller is on. The controller is starting up. The controller is off. The controller is working properly. Transferring/receiving data. The controller is offline. USB storage attached. USB activity. No USB storage attached. Active link. Network activity. Inactive link. 1000 Mbps 10/100 Mbps I-5.
I-6. Console/HyperTerminal The controller can be configured via the “Console” port located on the access point’s side panel using a terminal or a PC-based terminal-emulation program (e.g. HyperTerminal). Use a DB9 straight cable to connect the Console (RS-232 serial port) of the APC500 and the RS-232 serial port of a terminal or PC.
I-7. Safety Information In order to ensure the safe operation of the device and its users, please read and act in accordance with the following safety instructions. 1. The controller is designed for indoor use only; do not place the controller outdoors. 2. Do not place the controller in or near hot/humid places, such as a kitchen or bathroom. 3. Do not pull any connected cable with force; carefully disconnect it from the controller. 4. Handle the controller with care.
II. Hardware Installation II-1. Wall Mount The APC500 includes screws to mount your controller to a wall. Remove the rubber feet from the underside of the APC500 by pulling gently before using the wall mount. 1. 2. Identify and mark correct screw positions on your selected wall. Attach the APC500 to your wall using the included screws, as shown in the diagram. 3.Ensure the APC500 is fixed to the wall firmly and oriented correctly, with the controller’s Edimax logo as shown in the diagram.
II-2. Rack Mount The controller can be mounted in a rack which can be placed in a wiring closet with other equipment. To install the switch, please follow these steps: 1.Attach the mounting brackets on the controller’s side panels (one on each side) and secure them with the screws provided. 2.Use the screws provided with your equipment rack to mount the controller on the rack and tighten it.
III. Quick Setup The APC500 supports central management for up to 32 Edimax Pro access points, reducing costs and facilitating efficient remote AP management. APC500 is simple to setup.
The APC500 Controller connects to a network via a switch or directly to a router, and other connected Edimax Pro access points are automatically designated as Managed APs. Using the APC500 you can configure, monitor and manage all Managed APs (up to 32 connected by switches) from the single AP Controller. Ensure you have the latest firmware from the Edimax website for your Edimax Pro products. 1. Connect all APs to a PoE switch which is connected to a gateway/router.
3. Connect the APC500 to the PoE switch (LAN port) or gateway/router (WAN port) and connect the power supply. 4. Connect a computer to the APC500 using an Ethernet cable.
5. Open a web browser and enter the AP Controller’s IP address in the address field. The default IP address is 192.168.2.1 Your computer’s IP address must be in the same subnet as the AP Controller. Refer to V-1. Configuring your IP Address for help. If you changed the AP Controller’s IP address, or if your gateway/router uses a DHCP server, ensure you enter the correct IP address. Refer to your gateway/router’s settings. 6. Enter the username & password to login.
8. Follow the instructions on-screen to complete Steps 1 - 7 and click “Finish” to save the settings. The wizard will help you set up LAN IP address, 2.4GHz & 5GHz SSID and security, administrator name & password, time & date settings and Managed APs.
If any of your Managed APs are not found during Step 5 Select Free APs, reset the Managed AP to its factory default settings. Refer to the AP’s user manual for help. 9. Your APC500 Controller & Managed APs should be fully functional with all of the basic settings configured. Use the top menu to navigate around Edimax Pro NMS (Network Management Suite) settings.
Use Dashboard, Zone Plan, NMS Monitor & NMS Settings to configure Managed APs. Use Local Network & Local Settings to configure your APC500.
IV. Software Layout The top menu features 7 panels: Dashboard, Zone Plan, NMS Monitor, NMS Settings, Local Network, Local Settings & Toolbox. Dashboard The Dashboard panel displays an overview of your network and key system information, with quick links to access configuration options for Managed APs and Managed AP groups. Each panel can be refreshed, collapsed or moved according to your preference.
Zone Plan Zone Plan displays a customizable live map of Managed APs for a visual representation of your network coverage. Each AP icon can be moved around the map, and a background image can be uploaded for user-defined location profiles using NMS Settings Zone Edit. Options can be configured using the menu on the right side and signal strength is displayed for each AP.
NMS Monitor The NMS Monitor panel provides more detailed monitoring information about the AP Array than found on the Dashboard, grouped according to categories in the menu down the left side.
NMS Settings NMS Settings provides extensive configuration options for the AP Array. You can manage each access point, assign access points into groups, manage WLAN, RADIUS, guest network, guest network, users and scheduling settings as well as upgrade firmware across multiple access points. The Zone Plan can also be configured using “Zone Edit”.
Local Network Local Network settings are for your AP Controller. You can configure the IP address and DHCP server of the AP Controller in addition to LAN Port and VLAN settings.
Local Settings Local Settings are for your AP Controller. You can view basic system settings and logs specifically for the AP Controller, as well as other management settings such as date/time, admin accounts, firmware and reset.
Toolbox The Toolbox panel provides two network diagnostic tools: ping and traceroute.
V. Features Descriptions of the functions of each main panel Dashboard, Zone Plan, NMS Monitor, NMS Settings, Local Network, Local Settings & Toolbox can be found below. When using Edimax NMS, click “Apply” to save changes: Screenshots displayed are examples. The information shown on your screen will vary depending on your configuration. V-1. LOGIN, LOGOUT & RESTART It is recommended that you login to the AP Controller to make configurations to Managed APs. LOGIN 1.
Your computer’s IP address must be in the same subnet as the AP Controller. Refer to VI-1. Configuring your IP Address for more help. If you changed the AP Controller’s IP address, or if your gateway/router uses a DHCP server, ensure you enter the correct IP address. Refer to your gateway/router’s settings. If using a DHCP server on the network, it is advised to use your DHCP server’s settings to assign the AP Controller a static IP address. 3. Enter the username & password to login.
V-2. DASHBOARD The dashboard displays an overview of your AP array: Use the blue icons above to refresh or collapse each panel in the dashboard. Click and drag to move a panel to suit your preference.
V-2-1. System Information System Information displays information about the AP Controller: Product Name (model), Host Name, MAC Address, IP Address, Firmware Version, System Time and Uptime (time the access point has been on), CPU Usage & Memory Usage. V-2-2. Devices Information Devices Information is a summary of the number of all devices in the local network: Access Points, Clients Connected, and Rogue (unidentified) Devices.
V-2-3. Managed AP Managed AP displays information about each Managed AP in the local network: Index (reference number), MAC Address, Device Name, Model, IP Address, 2.4GHz & 5GHz Wireless Channel Number, No. of Clients connected to each access point, and Status (connected, connecting or disconnected). The search function can be used to locate a specific Managed AP.
4. Buzzer The Managed AP’s buzzer will sound temporarily to help identify & locate access points. 5. Network Connectivity Go to the “Network Connectivity” panel to perform a ping or traceroute. 6. Restart Restarts the Managed AP. V-2-4. Managed AP Group Managed APs can be grouped according to your requirements. Managed AP Group displays information about each Managed AP group in the local network: Group Name, MAC Address, Device Name, Model, IP Address, No.
1. Disallow Remove the Managed AP from the AP array and disable connectivity. 2. Edit Edit various settings for the Managed AP (refer to V-5-1. Access Point) 3. Blink LED The Managed AP’s LED will flash temporarily to help identify & locate access points. 4. Buzzer The Managed AP’s buzzer will sound temporarily to help identify & locate access points. 5. Network Connectivity Go to the “Network Connectivity” panel to perform a ping or traceroute. 6. Restart Restarts the Managed AP. V-2-5.
V-2-6. Active Users Active Users displays information about each user in the local network via guest portals: Index (reference number), User Name, MAC Address, IP Address, SSID, Creator, Create Time, Expire Time, Usage Percentage, Vendor & Platform of the user device. The search function can be used to locate a specific client.
V-3. ZONE PLAN The Zone Plan can be fully customized to match your network environment. You can move the AP icons and select different location images (upload location images in NMS Settings Zone Edit) to create a visual map of your AP array. Use the menu on the right side to make adjustments and mouse-over an AP icon in the zone map to see more information.
Click and drag an AP icon to move the icon around the zone map. The signal strength for each AP is displayed according to the “Signal” key in the menu on the right side: Location AP Group Search Radio Signal Zoom Transparency Scale Device/Number Select a pre-defined location from the drop down menu. When you upload a location image in NMS Settings Zone Edit, it will be available for selection here. You can select an AP Group to display in the zone map. Edit AP Groups in NMS Settings Access Point.
V-4. NMS MONITOR V-4-1. Access Point V-4-1-1. Managed AP Displays information about each Managed AP in the local network: Index (reference number), MAC Address, Device Name, Model, IP Address, 2.4GHz & 5GHz Wireless Channel Number, No. of Clients connected to each access point, and Status (connected, connecting or disconnected). The search function can be used to locate a specific Managed AP. Type in the search box and the list will update: The Status icon displays the status of each Managed AP.
Or System Security). Incompatible NMS Version Access points must use the same version of Edimax NMS: the managed AP will not be able to make configurations. Please use the AP Controller’s firmware upgrade function (refer to V-5-11. Firmware Upgrade). Please wait while the Managed AP makes Configuring or Orange configurations or while the firmware is Upgrading upgrading. Please wait while Managed AP is Yellow Connecting connecting. Managed AP is connected.
3. Buzzer The Managed AP’s buzzer will sound temporarily to help identify & locate access points. 4. Network Connectivity Go to the “Network Connectivity” panel to perform a ping or traceroute. 5. Restart Restarts the Managed AP. V-4-1-2. Managed AP Group Managed APs can be grouped according to your requirements. Managed AP displays information about each Managed AP in the local network: Index (reference number), MAC Address, Device Name, Model, IP Address, 2.4GHz & 5GHz Wireless Channel Number, No.
(connecting), green (connected) or blue (waiting for approval) for each individual Managed AP. Refer to V-4-1-1. Managed AP: Status Icons for full descriptions. Each Managed AP has “Action” icons with the following functions: 2. Disallow Remove the Managed AP from the AP array and disable connectivity. 3. Edit Edit various settings for the Managed AP (refer to V-5-1. Access Point). 4. Blink LED The Managed AP’s LED will flash temporarily to help identify & locate access points. 5.
V-4-2. WLAN V-4-2-1. Active WLAN Displays information about each SSID in the AP Array: Index (reference number), Name/SSID, VLAN ID, Authentication, Encryption, IP Address and Additional Authentication. To configure encryption and VLANs for Managed APs go to NMS Settings WLAN. The search function can be used to locate a specific SSID.
V-4-2-2. Active WLAN Group WLAN groups can be created according to your preference. Active WLAN Group displays information about WLAN group: Group Name, Name/SSID, VLAN ID, Authentication, Encryption, IP Address and Additional Authentication. The search function can be used to locate a specific Active WLAN Group. Type in the search box and the list will update: V-4-3. Clients V-4-3-1.
V-4-4. Users V-4-4-1. Active Users Displays information about each user in the local network via guest portals: Index (reference number), User Name, MAC Address, IP Address, SSID, Creator, Create Time, Expire Time, Usage Percentage, Vendor & Platform of the user device. The search function can be used to locate a specific client. Type in the search box and the list will update: V-4-4-2.
The search function can be used to locate a specific client. Type in the search box and the list will update: V-4-5. Rogue Devices Rogue access point detection can identify any unauthorized access points which may have been installed in the network. Click “Start” to scan for rogue devices: Unknown Rogue Devices displays information about rogue devices discovered during the scan: Index (reference number), Channel, SSID, MAC Address, Security, Signal Strength, Type, Vendor and Action.
V-4-6. Information V-4-6-1. All Events/Activities Displays a log of time-stamped events for each access point in the Array – use the drop down menu to select an access point and view the log.
V-4-6-2. Monitoring Displays graphical monitoring information about access points in the Array for 2.4GHz & 5GHz: Traffic Tx (data transmitted in MB), Traffic Rx (data received in MB), No. of Clients, Wireless Channel, Tx Power (wireless radio power), CPU Usage and Memory Usage. Use the drop down menus to select an access point and date.
V-5. NMS Settings V-5-1. Access Point Displays information about each access point and access point group in the local network and allows you to edit access points and edit or add access point groups. The search function can be used to locate an access point or access point group.
The “Action” icons enable you to allow or disallow an access point: Select an access point or access point group using the check-boxes and click “Edit” to make configurations, or click “Add” to add a new access point group: The Access Point Settings panel can enable or disable Auto Approve for all Managed APs. When enabled, Managed APs will automatically join the AP Array with the Controller AP. When disabled, Managed APs must be manually approved to join the AP Array with the Controller AP.
Basic Settings Name Description MAC Address AP Group IP Address Assignment IP Address Edit the access point name. The default name is AP + MAC address. Enter a description of the access point for reference e.g. 2nd Floor Office. Displays MAC address. Use the drop down menu to assign the AP to an AP Group. You can edit AP Groups from the NMS Settings Access Point page.
Subnet Mask Default Gateway Primary DNS Secondary DNS VLAN Settings Wired LAN Port VLAN Mode VLAN ID will be assigned to your access point and will replace the default IP address. Specify a subnet mask. The default value is 255.255.255.0 For DHCP users, select “From DHCP” to get default gateway from your DHCP server or “User-Defined” to enter a gateway manually. For static IP users, the default value is blank.
Radio Settings Domain Wireless Band Auto Pilot Auto Pilot Range Set the regulatory domain for the access point’s wireless channels for each frequency. Enable or disable the access point’s 2.4GHz or 5GHz wireless radio. When disabled, no SSIDs on that frequency will be active. Select the wireless standard used for the access point. Combinations of 802.11b, 802.11g, 802.11n & 802.11ac can be selected. Enable/disable auto channel selection.
Auto Pilot Interval Channel Bandwidth BSS BasicRateSet setting (above) will choose a channel. Specify a frequency for how often the auto channel setting will check/reassign the wireless channel. Check/uncheck the “Change channel even if clients are connected” box according to your preference. Set the channel bandwidth or use Auto (automatically select based on interference level). Set a Basic Service Set (BSS) rate: this is a series of rates to control communication frames for wireless clients.
802.11n Protection Enable/disable 802.11n protection, which increases reliability but reduces bandwidth (clients will send Request to Send (RTS) to access point, and access point will broadcast Clear to Send (CTS), before a packet is sent from client.) DTIM Period Set the DTIM (delivery traffic indication message) period value of the wireless radio. The default value is 1. RTS Threshold Set the RTS threshold of the wireless radio. The default value is 2347.
RADIUS Group Access Control Group Guest Network. Assign the access point’s 2.4GHz SSID(s) to a RADIUS group. You can edit RADIUS groups in NMS Settings RADIUS. Assign the access point’s 2.4GHz SSID(s) to a RADIUS group.
Add/Edit Access Point Group Configure your selected access point group. Access point group settings apply to all access points in the group, unless individually set to override group settings. You can use Profile Group Settings to assign the access point group to WLAN, Guest Network, RADIUS and Access Control groups.
Radio Group Settings Domain Set the regulatory domain for the access point’s wireless channels for each frequency. Wireless Enable or disable the access point group’s 2.4GHz or 5GHz wireless radio. When disabled, no SSIDs on that frequency will be active. Band Select the wireless standard used for the access point group. Combinations of 802.11b, 802.11g, 802.11n & 802.11ac can be selected. Auto Pilot Enable/disable auto channel selection.
Channel Bandwidth BSS BasicRateSet channel setting will check/reassign the wireless channel. Check/uncheck the “Change channel even if clients are connected” box according to your preference. Set the channel bandwidth or use Auto (automatically select based on interference level). Set a Basic Service Set (BSS) rate: this is a series of rates to control communication frames for wireless clients. These settings are for experienced users only.
802.11n Protection Enable/disable 802.11n protection, which increases reliability but reduces bandwidth (clients will send Request to Send (RTS) to access point, and access point will broadcast Clear to Send (CTS), before a packet is sent from client.) DTIM Period Set the DTIM (delivery traffic indication message) period value of the wireless radio. The default value is 1. RTS Threshold Set the RTS threshold of the wireless radio. The default value is 2347.
Profile Group Settings WLAN Group Assign the access point group’s 2.4GHz or 5GHz SSIDs to a WLAN Group. You can edit WLAN groups in NMS Settings WLAN. Guest Network Assign the access point group’s 2.4GHz or Group 5GHz SSIDs to a Guest Network Group. You can edit Guest Network groups in NMS Settings Guest Network. RADIUS Group Assign the access point group’s 2.4GHz SSIDs to a RADIUS group. You can edit RADIUS groups in NMS Settings RADIUS. Access Control Assign the access point’s 2.
V-5-2. WLAN Displays information about each WLAN and WLAN group in the local network and allows you to add or edit WLANs & WLAN Groups. When you add a WLAN Group, it will be available for selection in NMS Settings Access Point access point Profile Settings & access point group Profile Group Settings (V-5-1.) The search function can be used to locate a WLAN or WLAN Group.
Add/Edit WLAN WLAN Settings Name/ESSID Description SSID VLAN ID Broadcast SSID Wireless Client Isolation Edit the WLAN name (SSID). Enter a description of the SSID for reference e.g. 2nd Floor Office HR. Select which SSID to configure security settings for. Specify the VLAN ID. Enable or disable SSID broadcast. When enabled, the SSID will be visible to clients as an available Wi-Fi network.
Load Balancing Authentication Method Additional Authentication Load balancing limits the number of wireless clients connected to an SSID. Set a load balancing value (maximum 50). Select an authentication method from the drop down menu. Select an additional authentication method from the drop down menu. Various security options (wireless data encryption) are available. When data is encrypted, information transmitted wirelessly cannot be read by anyone who does not know the correct encryption key.
WEP (Wired Equivalent Privacy) is a basic encryption type. For a higher level of security consider using WPA encryption. Key Length Key Type Default Key Encryption Key 1 – 4 V-5-2-3. IEEE802.1x/EAP Key Length V-5-2-4. Select 64-bit or 128-bit. 128-bit is more secure than 64-bit and is recommended. Choose from “ASCII” (any alphanumerical character 0-9, a-z and A-Z) or “Hex” (any characters from 0-9, a-f and A-F). Select which encryption key (1 – 4 below) is the default key.
Pre-Shared Key V-5-2-5. Please enter a security key/password according to the format you selected above. WPA-EAP WPA Type Encryption Key Renewal Interval Select from WPA/WPA2 Mixed Mode-EAP, WPA2-EAP or WPA-EAP. Select “TKIP/AES Mixed Mode” or “AES” encryption type. Specify a frequency for key renewal in minutes. WPA-EAP must be disabled to use MAC-RADIUS authentication. V-5-2-6.
you select “Use the following password”, enter the password in the field below. The password should match the “Shared Secret” used in V-5-3. RADIUS. Add/Edit WLAN Group When you add a WLAN Group, it will be available for selection in NMS Settings Access Point access point Profile Settings & access point group Profile Group Settings (V-5-1.) WLAN Group Settings Name Edit the WLAN Group name. Description Enter a description of the WLAN Group for reference e.g. 2nd Floor Office HR Group.
V-5-3. RADIUS Displays information about External & Internal RADIUS Servers, Accounts and Groups and allows you to add or edit RADIUS Servers, Accounts & Groups. When you add a RADIUS Group, it will be available for selection in NMS Settings Access Point access point Profile Settings & access point group Profile Group Settings (V-5-1.) The search function can be used to locate a RADIUS Server, Account or Group.
Add/Edit External RADIUS Server Name Description RADIUS Server Authentication Port Shared Secret Session Timeout Accounting Accounting Port Enter a name for the RADIUS Server. Enter a description of the RADIUS Server for reference. Enter the RADIUS server host IP address. Set the UDP port used in the authentication protocol of the RADIUS server. Value must be between 1 – 65535. Enter a shared secret/password between 1 – 99 characters in length.
Add/Edit Internal RADIUS Server Upload EAP Certificate File EAP Certificate File Format EAP Certificate File Displays the EAP certificate file format: PCK#12(*.pfx/*.p12) Click “Upload” to open a new window and select the location of an EAP certificate file to use. If no certificate file is uploaded, the internal RADIUS server will use a self-made certificate. Internal RADIUS Server Name Enter a name for the Internal RADIUS Server.
EAP Internal Authentication Shared Secret Select EAP internal authentication type from the drop down menu. Enter a shared secret/password for use between the internal RADIUS server and RADIUS client. The shared secret should be 1 – 99 characters in length. Session Timeout Set a duration of session timeout in seconds between 0 – 86400.
RADIUS Accounts User Name Add Reset Enter the user names here, separated by commas. Click “Add” to add the user to the user registration list. Clear text from the user name box. User Registration List Select Check the box to select a user. User Name Displays the user name. Password Displays if specified user name has a password (configured) or not (not configured). Customize Click “Edit” to open a new field to set/edit a password for the specified user name (below).
Add/Edit RADIUS Group When you add a RADIUS Group, it will be available for selection in NMS Settings Access Point access point Profile Settings & access point group Profile Group Settings (V-5-1.) RADIUS Group Settings Group Name Edit the RADIUS Group name. Description Enter a description of the RADIUS Group for reference. 2.4GHz RADIUS Enable/Disable primary & secondary RADIUS servers for 2.4GHz. 5GHz RADIUS Enable/Disable primary & secondary RADIUS servers for 5GHz.
V-5-4. Access Control MAC Access Control is a security feature that can help to prevent unauthorized users from connecting to your access point. This function allows you to define a list of network devices permitted to connect to the access point. Devices are each identified by their unique MAC address. If a device which is not on the list of permitted MAC addresses attempts to connect to the access point, it will be denied.
Add/Edit MAC Access Control Add MAC Address Add Reset Enter a MAC address of computer or network device manually e.g. ‘aa-bb-cc-dd-ee-ff’ or enter multiple MAC addresses separated with commas, e.g. ‘aa-bb-cc-dd-ee-ff,aa-bb-cc-dd-ee-gg’ Click “Add” to add the MAC address to the MAC address filtering table. Clear all fields. MAC address entries will be listed in the “MAC Address Filtering Table”. Select an entry using the “Select” checkbox.
Add/Edit MAC Access Control Group When you add an Access Control Group, it will be available for selection in NMS Settings Access Point access point Profile Settings & access point group Profile Group Settings (V-5-1.) MAC Filter Group Settings Group Name Edit the MAC Access Control Group name. Description Enter a description of the MAC Access Control Group for reference.
V-5-5. Guest Network You can setup an additional “Guest” Wi-Fi network so guest users can enjoy Wi-Fi connectivity without accessing your primary networks. The “Guest” screen displays settings for your guest Wi-Fi network. The Guest Network panel displays information about Guest Networks and Guest Network Groups and allows you to add or edit Guest Network and Guest Network Group settings.
Add/Edit Guest Network Guest Network Settings Name/ESSID Edit the Guest Network name (SSID). Description Enter a description of the Guest Network for reference e.g. 2nd Floor Office HR. VLAN ID Specify the VLAN ID. Broadcast SSID Enable or disable SSID broadcast. When enabled, the SSID will be visible to clients as an available Wi-Fi network. When disabled, the SSID will not be visible as an available Wi-Fi network to clients – clients must manually enter the SSID in order to connect.
Isolation Load Balancing Authentication Method Additional Authentication Wireless client isolation prevents clients connected to the access point from communicating with each other and improves security. Typically, this function is useful for corporate environments or public hot spots and can prevent brute force attacks on clients’ usernames and passwords. Load balancing limits the number of wireless clients connected to an SSID. Set a load balancing value (maximum 50).
Rules filtering. Enter IP addresses to be filtered according to the Deny or Allow rule specified above and check the box for each IP address to be filtered. Guest Network Advanced Settings Schedule Group Assign guest SSID to a specified schedule (schedule must be pre-configured in NMS Settings Schedule.
V-5-6. Users User accounts can be created, monitored and managed for use with the controller’s guest portal function. Guest portal settings can be found at V-5-7. Guest Portal (NMS Settings Guest Portal). When a guest portal is enabled, users who connect to the Guest SSID will automatically arrive at the customizable guest portal page. From there a user account login is required to access the network.
The Status icon displays grey (logged out), yellow (expired), red (locked) or green (active) for each user. The Action icons can lock/unlock or revive (an expired) user account. Select a user or user group using the check-boxes and click “Edit” to make configurations, or click “Add” to add new users and groups: You can download and upload user lists as .csv files for convenience.
Add/Edit User User Settings Name Description Password Confirm Password User Group Edit the user account name. Enter a description of the user account name e.g. Guest Portal 1 Specify a password for the account. Confirm the password for the account. Assign the user account to a user group so it can be utilized by the guest portal. Add/Edit User Group User Group Settings Name Edit the user group name. Description Enter a description of the user group name e.g. Front Desk or Guest Users.
V-5-7. Guest Portal Displays information about guest portals and allows you to edit guest portal settings. Guest portals require users to be created at NMS Settings Users. When a guest portal is enabled, users who connect to the Guest SSID will automatically arrive at the customizable guest portal page. From there a user account login is required to access the network. These user accounts are created and grouped at NMS Settings Users, and then selected as the Authentication User Group here.
V-5-7-1. Add/Edit Guest Portal Add a guest portal or edit an existing guest portal for use with the guest network. Guest Portal Settings Name Edit the name of the guest portal for reference. Description Enter a description of the guest portal for reference. Guest Portal Type Select a guest portal type. Refer below for more information about available types. Authentication Select an authentication server: Local Server Database is the default setting.
V-5-7-1-1. Front Desk URL Go to this URL in a web browser and members of the Front Desk User Group can login to create guest accounts, set expiry limits and printout tickets. Guest Portal Type Dynamic must be selected to use Front Desk. 1. Login with an account from the Front Desk User Group (NMS Settings Users). 2. The Guest Account Wizard allows you to setup a new user account and configure the valid period & SSID, or upload a bulk guest list in .csv format. Click Next to continue.
3. A summary of the new account(s) is displayed with quick links to print tickets for individual or all new accounts. 4. The Guest Account Monitor displays all guest accounts along with status and quick action icons to print, revive expired accounts or lock/unlock (disable/enable) accounts. Yellow: Red: Grey: Green: Expired Locked Logged out Active Mouseover a status or action icon for a description, and use the arrows to reorder the list according to S/N or Status.
V-5-7-1-2. Front Desk Printout Edit and preview the content of the Front Desk printout in the text box using the variables listed in the Definition Table. E.g. (USERNAME) will display on the printout as the specified username. Guest Portal Type Dynamic must be selected to use Front Desk.
V-5-7-1-3. Guest Portal Type Four types of guest portal are available from the drop down menu: Free Redirects users to the specified landing page, with no user login required. Service Level Agreement Requires users to accept terms and conditions, with no user login required. Static Users Requires user login and accept terms and conditions. Users must be created in Edimax NMS at NMS Settings Users. Front Desk is not used. Dynamic Users Requires user login and accept terms and conditions.
V-5-7-1-4. Guest Portal Customization Guest portal customization varies according to guest portal type. Click Edit to make changes. Login Portal Settings Header Image Logo Image Title Message Background Color Terms of Use Select an 800 x 200 header image. Select a 200 x 50 logo image. Enter a title message for the guest portal page. Specify a background color as a HEX value. Enter your terms of use.
V-5-8. Zone Edit Zone Edit displays information about zones for use with the Zone Plan feature and allows you to add or edit zones. The search function can be used to find existing zones. Type in the search box and the list will update: Make a selection using the check-boxes and click “Edit” or click “Add” to add a new zone.
Add/Edit Zone Upload Zone Image Choose File Click to locate an image file to be displayed as a map in the Zone Plan feature. Typically a floor plan image is useful. Zone Setting Name/Location Enter a name of the zone/location. Description Enter a description of the zone/location for reference. Members Assign access points to the specified zone/location for use with the Zone Plan feature.
V-5-9. Schedule You can define schedules according to day, start time and end time - and group multiple schedules together into schedule groups. Schedule groups can be assigned to WLANs, WLAN Groups & Guest Network at NMS Settings WLAN and NMS Settings Guest Network. Add/Edit Schedule Use the checkboxes and drop-down menus to setup your schedule.
Add/Edit Schedule Group WLAN Group Settings Name Edit the schedule group name. Description Enter a description of the schedule group for reference. Members Select individual schedules to include in the schedule group using the checkboxes.
V-5-10. Device Monitoring Device monitoring enables you to specify and monitor the status any IP devices on the network such as IP cameras. The description and status of each device is displayed in the table. Add or Edit IP devices by entering the IP address.
V-5-11. Firmware Upgrade Firmware Upgrade allows you to upgrade firmware to Access Point Groups. First, upload the firmware file from a local disk or external FTP server: locate the file and click “Upload” – you can set a timeout limit for the upload as desired. The table below will display the Firmware Name, Firmware Version, NMS Version, Model and Size.
V-5-12. Advanced V-5-12-1. System Security Configure the NMS system name and security key for communication between AP Controller and Managed APs. V-5-12-2. Date & Time Configure the date & time settings of the AP Array. The date and time of the access points can be configured manually or can be synchronized with a time server. Date and Time Settings Local Time Set the access point’s date and time manually using the drop down menus.
NTP Time Server Use NTP Server Name Update Interval Time Zone Time Zone The access point also supports NTP (Network Time Protocol) for automatic time and date setup. Enter the host name or IP address of the time server if you wish. Specify a frequency (in hours) for the access point to update/synchronize with the NTP server. Select the time zone of your country/ region. If your country/region is not listed, please select another country/region whose time zone is the same as yours.
V-6. Local Network V-6-1. Network Settings V-6-1-1. LAN-Side IP Address The “LAN-side IP address” page allows you to configure your AP Controller on your Local Area Network (LAN). You can enable the access point to dynamically receive an IP address from your router’s DHCP server or you can specify a static IP address for your access point, as well as configure DNS servers. You can also set your AP Controller as a DHCP server to assign IP addresses to other devices on your LAN.
Subnet Mask Default Gateway Primary DNS Address Secondary DNS Address DHCP Client IP Address Subnet Mask Default Gateway Primary DNS Address Secondary DNS Address replace the default IP address. Specify a subnet mask. The default value is 255.255.255.0 For DHCP users, select “From DHCP” to get default gateway from your DHCP server or “User-Defined” to enter a gateway manually. For static IP users, the default value is blank. For static IP users, the default value is blank.
DHCP Server IP Address Subnet Mask IP Address Range Domain Name Lease Time Default Gateway Primary DNS Address Secondary DNS Address Specify the IP address here. This IP address will be assigned to your access point and will replace the default IP address. Specify a subnet mask. The default value is 255.255.255.0 Enter the start and end IP address of the IP address range which your access point’s DHCP server will assign to devices on the network. Enter a domain name.
IP Address Add V-6-1-2. to be assigned a static IP address. Specify the IP address to assign the device. Click to assign the IP address to the device. LAN Port Settings The “LAN Port” page allows you to configure the settings for your AP Controllers wired LAN (Ethernet) ports. Wired LAN Port Enable Speed & Duplex Flow Control 802.3az Identifies LAN port 0 - 4. Enable/disable specified LAN port. Select a speed & duplex type for specified LAN port, or use the “Auto” value.
V-6-1-3. VLAN The “VLAN” (Virtual Local Area Network) page enables you to configure VLAN settings. A VLAN is a local area network which maps workstations virtually instead of physically and allows you to group together or isolate users from each other. VLAN IDs 1 – 4095 are supported. VLAN IDs in the range 1 – 4095 are supported. VLAN Interface Wired LAN Port/Wireless VLAN Mode VLAN ID Identifies LAN port 1 or 2 and wireless SSIDs (2.4GHz or 5GHz).
V-7. Local Settings V-7-1. System Settings V-7-1-1. System Information The “System Information” page displays basic system information about the access point. System Model Product Name Uptime Boot From Version MAC Address Management VLAN ID IP Address Displays the model number of the access point. Displays the product name for reference, which consists of “AP” plus the MAC address. Displays the total time since the device was turned on.
Default Gateway DNS DHCP Server Displays the IP address of the default gateway. IP address of DNS (Domain Name Server) IP address of DHCP Server. Wired LAN Port Settings Wired LAN Port Specifies which LAN port (1 or 2). Status Displays the status of the specified LAN port (connected or disconnected). VLAN Mode/ID Displays the VLAN mode (tagged or untagged) and VLAN ID for the specified LAN port. See V-6-1-3. VLAN Refresh Click to refresh all information.
V-7-1-2. Log This information is useful for network administrators. Displays a detailed information log of users and activity on the network: ID, Date and Time of entry, Category of entry, Severity, Users, Event/Activities details. When the log is full, old entries are overwritten. Save Clear Refresh Click to save the log as a file on your local computer. Clear all log entries. Refresh the current log.
V-7-2. Management V-7-2-1. Admin You can change the password used to login to the browser-based configuration interface here. It is advised to do so for security purposes. If you change the administrator password, please make a note of the new password. In the event that you forget this password and are unable to login to the browser based configuration interface, see V-7-3-4. Factory Default for how to reset the access point.
configuration interface and must be between 4-32 alphanumeric characters (case sensitive). Advanced Settings Product Name HTTP Port HTTPS Port Management Protocol SNMP Version SNMP Get Community SNMP Set Community SNMP Trap SNMP Trap Community SNMP Trap Manager Edit the product name according to your preference consisting of 1-32 alphanumeric characters. This name is used for reference purposes. Specify a HTTP port for management. Specify a HTTPS port for management.
Simple Network Management Protocol. SNMPv1, v2 & v3 protocol supported. SNMPv2 can be used with community based authentication. SNMPv3 uses user-based security model (USM) architecture. V-7-2-2. Date and Time You can configure the time zone settings of your access point here. The date and time of the device can be configured manually or can be synchronized with a time server. Date and Time Settings Local Time Set the access point’s date and time manually using the drop down menus.
Time Zone Time Zone Select the time zone of your country/ region. If your country/region is not listed, please select another country/region whose time zone is the same as yours.
V-7-2-3. Syslog Server The system log can be sent to a server, attached to USB storage or sent via email. Syslog Server Settings Transfer Logs Check/uncheck the box to enable/disable the use of a syslog server, and enter a host name, domain or IP address for the server, consisting of up to 128 alphanumeric characters. Copy Logs to Check/uncheck the box to enable/disable Attached USB Device copying logs to attached USB storage.
account name. When authentication is used above, enter the password. Password V-7-2-4. I’m Here The access point features a built-in buzzer which can sound on command using the “I’m Here” page. This is useful for network administrators and engineers working in complex network environments to locate the access point. The buzzer is loud! Duration of Sound Sound Buzzer Set the duration for which the buzzer will sound when the “Sound Buzzer” button is clicked.
V-7-3. Advanced V-7-3-1. LED Settings The access point’s LEDs can be manually enabled or disabled according to your preference. Power LED Diag LED V-7-3-2. Select on or off. Select on or off. Update Firmware The “Firmware” page allows you to update the system firmware to a more recent version. Updated firmware versions often offer increased performance and security, as well as bug fixes. You can download the latest firmware from the Edimax website.
From from your local computer. Firmware Update File Click “Browse” to open a new window to locate and select the firmware file in your computer. Update Click “Update” to upload the specified firmware file to your access point.
V-7-3-3. Save/Restore Settings The access point’s “Save/Restore Settings” page enables you to save/backup the access point’s current settings as a file to your local computer or a USB device attached to the access point, and restore the access point to previously saved settings. Save / Restore Settings Using Device Select “Using your PC” to save the access point’s settings to your local computer.
V-7-3-4. Factory Default If the access point malfunctions or is not responding, then it is recommended that you reboot the device (see V-7-3-5.) or reset the device back to its factory default settings. You can reset the access point back to its default settings using this feature if the location of the access point is not convenient to access the reset button. Factory Default Click “Factory Default” to restore settings to the factory default. A pop-up window will appear and ask you to confirm.
V-8. Toolbox V-8-1. V-8-1-1. Network Connectivity Ping Ping is a computer network administration utility used to test whether a particular host is reachable across an IP network and to measure the round-trip time for sent messages. Destination Address Execute V-8-1-2. Enter the address of the host. Click execute to ping the host. Trace Route Traceroute is a diagnostic tool for displaying the route (path) and measuring transit delays of packets across an IP network.
VI. Appendix VI-1. Configuring your IP address The AP Controller uses the default IP address 192.168.2.1. In order to access the browser based configuration interface, you need to modify the IP address of your computer to be in the same IP address subnet e.g. 192.168.2.x (x = 3 – 254). The procedure for modifying your IP address varies across different operating systems; please follow the guide appropriate for your operating system. In the following examples we use the IP address 192.168.2.
VI-1-1. Windows XP 1. 2. Click the “Start” button (it should be located in the lower-left corner of your computer), then click “Control Panel”. Double-click the “Network and Internet Connections” icon, click “Network Connections”, and then double-click “Local Area Connection”. The “Local Area Connection Status” window will then appear, click “Properties”. Select “Use the following IP address”, then input the following values: IP address: 192.168.2.10 Subnet Mask: 255.255.255.0 Click ‘OK’ when finished.
114
VI-1-2. Windows Vista 1. 2. Click the “Start” button (it should be located in the lower-left corner of your computer), then click “Control Panel”. Click “View Network Status and Tasks”, then click “Manage Network Connections”. Right-click “Local Area Network”, then select “Properties”. The “Local Area Connection Properties” window will then appear, select “Internet Protocol Version 4 (TCP / IPv4)”, and then click “Properties”.
116
VI-1-3. Windows 7 1. Click the “Start” button (it should be located in the lower-left corner of your computer), then click “Control Panel”. 2. Under “Network and Internet” click “View network status and tasks”. 3. Click “Local Area Connection”.
4. Click “Properties”.
5.Select “Internet Protocol Version 4 (TCP/IPv4) and then click “Properties”. 6. Select “Use the following IP address”, then input the following values: IP address: 192.168.2.10 Subnet Mask: 255.255.255.0 Click ‘OK’ when finished.
120
VI-1-4. Windows 8 1. From the Windows 8 Start screen, you need to switch to desktop mode. Move your curser to the bottom left of the screen and click. 2. In desktop mode, click the File Explorer icon in the bottom left of the screen, as shown below.
3. 4. Right click “Network” and then select “Properties”. In the window that opens, select “Change adapter settings” from the left side.
5. Choose your connection and right click, then select “Properties”.
6. Select “Internet Protocol Version 4 (TCP/IPv4) and then click “Properties”. 7. Select “Use the following IP address”, then input the following values: IP address: 192.168.2.10 Subnet Mask: 255.255.255.0 Click ‘OK’ when finished.
VI-1-5. Mac 1. Have your Macintosh computer operate as usual, and click on “System Preferences” 2. In System Preferences, click on “Network”. 3. Click on “Ethernet” in the left panel. 4. Open the drop-down menu labeled “Configure IPv4” and select “Manually”.
5. Enter the IP address 192.168.2.10 and subnet mask 255.255.255.0. Click on “Apply” to save the changes.
VII. Best Practice VII-1. How to Create and Link WLAN & Access Point Groups You can use NMS to create individual SSIDs and group multiple SSIDs together into WLAN groups. You can then assign individual access points to use those WLAN group settings and/or group multiple access points together into access point groups, which you can also assign to use WLAN group settings. Follow the example below to: A. Create a WLAN group. B. Create an access point group. C.
2. Enter an SSID name and set authentication/encryption and click “Apply”: 3. The new SSID will be displayed in the WLAN panel.
4. Enter a name for the SSID group and check the boxes to select which SSIDs to include within the group. Click “Apply” when done. 5. The new WLAN group will be displayed in the WLAN Group panel.
B. 1. Go to NMS Settings Access Point and click “Add” in the Access Point Group Panel: 2. Enter a Name and then scroll down to the Group Settings panel and use the << button to add selected access points into your group from the box on the right side. Click “Apply” when done.
3. The new access point group will be displayed in the Access Point Group panel.
C. 1. Go to NMS Settings Access Point and select an access point group using the checkboxes in the Access Point Group panel. Click “Edit”: 2. Scroll down to the Profile Group Settings panel and check the “Override Group Settings” box for WLAN Group (2.4GHz and/or 5GHz). Select your WLAN group from the drop-down menu and click “Apply”: 3. Repeat for other access point groups according to your preference.
COPYRIGHT Copyright Edimax Technology Co., Ltd. all rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language or computer language, in any form or by any means, electronic, mechanical, magnetic, optical, chemical, manual or otherwise, without the prior written permission from Edimax Technology Co., Ltd. Edimax Technology Co., Ltd.
Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
EU Declaration of Conformity English: This equipment is in compliance with the essential requirements and other relevant provisions of Directive 2014/30/EU. Français: Cet équipement est conforme aux exigences essentielles et autres dispositions de la directive 2014/30/EU. Čeština: Toto zařízení je v souladu se základními požadavky a ostatními příslušnými ustanoveními směrnic 2014/30/EU. Polski: Urządzenie jest zgodne z ogólnymi wymaganiami oraz szczególnymi warunkami określonymi Dyrektywą UE 2014/30/EU.
Declaration of Conformity We, Edimax Technology Co., Ltd., declare under our sole responsibility, that the equipment described below complies with the requirements of the European R&TTE directives. Equipment: AP Controller Model No.
Notice According to GNU General Public License Version 2 This product includes software that is subject to the GNU General Public License version 2. The program is free software and distributed without any warranty of the author. We offer, valid for at least three years, to give you, for a charge no more than the costs of physically performing source distribution, a complete machine-readable copy of the corresponding source code.
1. You may copy and distribute verbatim copies of the Program’s source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program.
5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6.
