User guide

ManualsBrandsEnterasys ManualsComputer equipment802.11

P/N 9034563

Enterasys

Wireless

Standalone 802.11n AP

User Guide

Firmware Version 7.12.01.xxxx

Summary of content (152 pages)

PAGE 1
Enterasys® Wireless Standalone 802.11n AP User Guide Firmware Version 7.12.01.
PAGE 2
PAGE 3
Notice Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and its web site without prior notice. The reader should in all cases consult Enterasys Networks to determine whether any such changes have been made. The hardware, firmware, or software described in this document is subject to change without notice.
PAGE 4
Enterasys Networks, Inc. Software License Agreement This document is an agreement (“Agreement”) between You, the end user, and Enterasys Networks, Inc. on behalf of itself and its Affiliates (“Enterasys”) that sets forth your rights and obligations with respect to the software contained in CD‐ROM or other media.
PAGE 5
. PROTECTION AND SECURITY. In the performance of this Agreement or in contemplation thereof, You and your employees and agents may have access to private or confidential information owned or controlled by Enterasys relating to the Licensed Materials supplied hereunder including, but not limited to, product specifications and schematics, and such information may contain proprietary details and disclosures.
PAGE 6
9. UNITED STATES GOVERNMENT RESTRICTED RIGHTS. The Licensed Materials (i) were developed solely at private expense; (ii) contains “restricted computer software” submitted with restricted rights in accordance with section 52.227‐19 (a) through (d) of the Commercial Computer Software‐Restricted Rights Clause and its successors, and (iii) in all respects is proprietary data belonging to Enterasys and/or its suppliers.
PAGE 7
Contents About This Guide Who Should Use This Guide .............................................................................................................................ix How to Use This Guide ......................................................................................................................................ix Related Documents ............................................................................................................................................
PAGE 8
Radio and Antenna Configuration ................................................................................................................ 4-15 Configuring Common Radio Properties ................................................................................................. 4-17 Configuring Individual Radio Settings .................................................................................................... 4-19 Configuring WLAN Policies .....................................................
PAGE 9
Chapter B: SNMP Traps and MIBs SNMP Traps ...................................................................................................................................................B-1 SNMP MIBs ....................................................................................................................................................B-2 MIB-II (RFC1213) .....................................................................................................................................
PAGE 10
viii
PAGE 11
About This Guide This guide describes how to configure and manage the Enterasys Wireless Standalone 802.11n AP. For information about the CLI (Command Line Interface) set of commands used to configure and manage the AP, refer to the Enterasys Wireless Standalone 802.11n AP CLI Reference Guide. Who Should Use This Guide This guide is a reference for users and administrators who are responsible for configuring and managing the AP.
PAGE 12
Related Documents Related Documents The manuals listed below can be obtained from the World Wide Web in Adobe Acrobat Portable Document Format (PDF) at the following site: http://www.enterasys.com/support/manuals • Enterasys Wireless Standalone 802.11n AP Installation Instructions • Enterasys Wireless Standalone 802.
PAGE 13
Getting Help Getting Help For additional support related to the AP or this document, contact Enterasys Networks using one of the following methods: World Wide Web www.enterasys.com/services/support/ Phone 1-800-872-8440 (toll-free in U.S. and Canada) or 1-978-684-1000 For the Enterasys Networks Support toll-free number in your country: www.enterasys.com/services/support/contact/ Internet mail support@enterasys.com To expedite your message, please type [Wireless] in the subject line.
PAGE 14
Getting Help xii About This Guide
PAGE 15
1 Introduction This chapter introduces the Enterasys Wireless Standalone 802.11n Access Point (AP) and provides an overview of the AP’s applications, features, and policy. Standalone AP Overview Refer to page... About the Enterasys Wireless Standalone 802.11n AP 1-1 Applications 1-2 Features 1-2 About the Enterasys Wireless Standalone 802.11n AP The Enterasys Wireless Standalone 802.
PAGE 16
Applications Applications The Enterasys Wireless Standalone 802.
PAGE 17
2 Configuring Your Network Proper configuration of a wireless network requires an understanding of the AP’s components and security features. The following sections discuss some network options focused around the use of the Enterasys Wireless Standalone 802.11n AP. The AP’s network management, security, and authentication abilities are also discussed. For information about... Refer to page...
PAGE 18
Wireless Networking Concepts A wireless infrastructure can be used for access to a central database, or for connection between mobile workers, as shown in Figure 2‐1. Figure 2-1 Infrastructure Wireless LAN Infrastructure Wireless LAN for Roaming Wireless PCs The BSS defines the communications domain for each AP and its associated wireless clients. The BSS ID is a 48‐bit binary number based on the AP’s wireless MAC address, and is set automatically and transparently as clients associate with the AP.
PAGE 19
Wireless Networking Concepts Figure 2-2 Infrastructure Wireless LAN for Roaming Infrastructure Wireless Bridge The IEEE 802.11 standard defines a Wireless Distribution System (WDS) for bridge connections between BSS areas (APs). The AP uses WDS to forward traffic on links between units. The AP supports WDS links on either the 5 GHz (802.11a/n) or 2.4 GHz (802.11b/g/n) bands and can be used with various external antennas to offer flexible deployment options.
PAGE 20
About Clustering Figure 2-3 Infrastructure Wireless Bridge Network Core 802.11 b/g/n Radio AP Link Bridge AP Root AP 802.11 b/g/n Radio AP Link 802.11 a/n Radio Bridge Link 802.11 b/g/n Radio AP Link Bridge AP Bridge AP About Clustering The AP can operate in a cluster setup. A cluster is a group of wireless APs configured to communicate with each other. Mobile users (MU) can seamlessly roam between the APs participating in the cluster. The Enterasys Wireless Standalone 802.
PAGE 21
RADIUS Authentication • MU statistic history • Pre‐authentication A cluster forms when APs operating within the same subnet are configured with the same cluster ID (shared secret). A cluster AP can exist at any point in your network. Each cluster member periodically (30 seconds) sends a secure SIAPP multicast message to update other cluster members.
PAGE 22
About Quality of Service • Wi‐Fi Protected Access version 1 (WPA v.1) – A security protocol with Temporal Key Integrity Protocol (TKIP) that provides pre‐shared Master Key management, and a WEP 128‐bit cipher. • Wi‐Fi Protected Access version 2 (WPA v.2) – A security protocol with Advanced Encryption Standard (AES) that provides pre‐shared Master Key management, and an AES 128‐bit cipher.
PAGE 23
3 Getting Started with your Enterasys Wireless Standalone 802.11n AP Before you can begin using the AP, you must complete some preliminary steps. This section discusses the initial process of starting the AP, accessing the interface, and first time configuration. For information about... Refer to page...
PAGE 24
IP Address Assignment and Acquisition IP Address Assignment and Acquisition The APs are shipped from the factory with a default IP address — 192.168.1.20. The default IP address simplifies the first‐time IP address configuration process for APs. If the AP fails to acquire an IP address through DHCP, it returns to its default IP address. This behavior ensures that only one AP at a time can use the default IP address on a subnet. When the AP is powered‐on, the following occurs: 1.
PAGE 25
Managing the AP ############################ 2010-04-06 14:33:18 ########################## IP Address Cluster MAC Address AP Name 192.168.7.252 1 00:1A:E8:14:22:D0 N/A 192.168.7.176 1 00:1A:E8:14:10:BA N/A 192.168.7.236 2 00:12:CF:73:70:3D 00000012CF73702D 192.168.7.254 1 00:1A:E8:14:10:7D N/A 192.168.7.173 1 00:1A:E8:14:11:B9 N/A 192.168.7.
PAGE 26
Managing the AP • • The secured web interface accessed through a web browser (the focus of this guide). The AP supports the following web browsers: – Internet Explorer v7.0 and 8.0 – Firefox v3.4 and 3.5 An SNMP manager, such as Enterasys Networks NetSight management applications. For information about configuring SNMP management, see “Configuring SNMP” on page 4‐4.
PAGE 27
Understanding the Browser Interface To log in to the AP: Enter the User Name and Password, then click Login. You are now logged‐in to the AP as an administrator. Notes: Enterasys Networks strongly recommends that you change your password the first time you log in. The Web session will time out after 60 minutes (1 hour) of non-activity. Understanding the Browser Interface The browser interface provides a way to configure, manage, and monitor the standalone AP.
PAGE 28
Understanding the Browser Interface Figure 3-1 3-6 User Interface Page Getting Started with your Enterasys Wireless Standalone 802.
PAGE 29
Understanding the Browser Interface Understanding the Page Banners The banner that displays across the top of each page provides general AP information and links to display online help and to logout from the user interface. Figure 3‐2 shows the contents of the top banner. Figure 3-2 Top Banner of the Standalone AP User Interface Table 3‐1 describes the contents of the top banner.
PAGE 30
Understanding the Browser Interface Table 3-2 Contents of the Bottom Banner (continued) Field/Link Description BootROM Displays the BootROM version of the AP. WDS uplink Displays only for child APs that participate in a WDS. Navigating Through the Standalone AP User Interface The main user interface window contains both a navigation tree in the left pane and a page content area in the right pane.
PAGE 31
Configuring the Standalone AP for the First Time • Configuration Expanding the Configuration link provides a listing of all folders and pages from which you can configure AP behavior and settings. • Tools Expanding the Tools link provides a listing of all folders and pages from which you can manage configuration files and users, perform firmware upgrades, and troubleshoot or reboot the AP.
PAGE 32
Configuring the Standalone AP for the First Time Changing the Password The admin account on the standalone AP comes with the factory default password new2day. Enterasys Networks recommends changing the password the first time you log on and regularly thereafter. To display the password settings, navigate to Tools > Users > admin. The user management settings display in the right pane. Field 3-10 Description User Name Identifies the user account. The default is admin.
PAGE 33
Configuring the Standalone AP for the First Time To configure the AP password: 1. Enter the following information in the specified fields: a. Enter the Old Password. b. Enter the New Password. c. Re‐enter the new password in the Confirm New Password field. 2. Click Save to save your changes. The new password entered replaces the previously used password. The software automatically logs you out of the user interface. 3. Log into the user interface using the new password.
PAGE 34
Configuring the Standalone AP for the First Time Field Description Upgrade Firmware File Enter the filename and location of the firmware image to install or click Browse to navigate to the file. Browse Click to browse for the location of the firmware file to install. Download and Reboot Click to download the firmware image from the location specified in the File field. Clicking this button causes the AP to reboot. To update the AP firmware: 1. Click Browse to open a navigation window. 2.
PAGE 35
Configuring the Standalone AP for the First Time To display the IP address settings, navigate to Configuration > LAN > General. The General LAN configuration settings display in the right pane. Field Description General AP Name Enter a unique name that identifies the AP. The default value is the AP’s serial number. AP Contact/Description Enter a brief description that helps identify the access point. Ethernet Port Ethernet Speed Select the Ethernet Speed from the drop-down menu.
PAGE 36
Configuring the Standalone AP for the First Time Field Description Management VLAN Tagged Select to use VLAN tagging. When you enable VLAN tagging, the AP inserts the VLAN ID in the data packet header to identify which VLAN the packet belongs to. If selected, you must enter a value in the VLAN ID field. VLAN Tagged is disabled by default. Note: Changing this setting will cause the AP to reboot. VLAN ID If the VLAN Tagged checkbox is selected, enter the ID of the VLAN on which the AP will operate.
PAGE 37
Configuring the Standalone AP for the First Time Field Description LED LED Mode Select the LED Mode from the drop-down menu. You can select one of the following modes: • Off — Only displays LED fault patterns. LEDs are off when the AP is fault free and initialization is finished. • Normal — (default) LEDs function normally. • Identify — All LEDs blink simultaneously. • WDS Signal Strength — LEDs are used to indicate the WDS signal strength as a bar-graph (VU-meter).
PAGE 38
Creating a WLAN Policy Creating a WLAN Policy This section discusses how to set up a WLAN policy. You must create at lease one WLAN policy for the AP to be operational and able to transfer data. Policies are applied through WLAN services. For more information, see “Configuring WLAN Policies” on page 4‐28. To create a new WLAN policy, navigate to Configuration > WLAN Policies, and select . The WLAN policy settings display in the right pane.
PAGE 39
Creating a WLAN Service Field Description Undo Click to display the most recently saved values for the settings on this screen. Factory Defaults Click to display the factory defaults on this screen.The factory defaults are not applied until you click Save. To configure a WLAN policy: 1. Enter a meaningful name for the policy. 2. (Optional) Enable VLAN tagging by selecting the VLAN Tagged checkbox and entering the VLAN ID. 3. Click Save to save your changes.
PAGE 40
Creating a WLAN Service Field Description Service Name Enter the name of the WLAN service. You can change this field only if you are adding a new WLAN service. The default service name is newService00. SSID Enter the SSID of the WLAN service. The software automatically populates the SSID field with the default service name. Enable This Service on Radio 1 (a/n) Select to enable/deselect to disable the WLAN service on Radio 1. The WLAN service is enabled on Radio 1 by default.
PAGE 41
Creating a WLAN Service Configuring the Radios You are required to configure very few radio settings for basic operation, such as the country of operation, identifying installed external antennas (AP3640 only), and the radio modes for Radio 1 and Radio 2. The default settings for each radio are sufficient to enable the AP to be operational. To display the WLAN Radios configuration, navigate to Configuration > WLAN Radios. The Common radio tab displays in the right pane.
PAGE 42
Creating a WLAN Service 4. Select the Radio 1 tab. The settings for Radio 1 display. 5. Select the Radio Mode. 6. Click Save to save your changes. 7. Select the Radio 2 tab and repeat Step 5 and Step 6. For more detailed information about radio configuration, go to “Radio and Antenna Configuration” on page 4‐15. 3-20 Getting Started with your Enterasys Wireless Standalone 802.
PAGE 43
4 Configuring the Enterasys Wireless Standalone 802.11n AP This chapter discusses the configuration process for the Enterasys Wireless Standalone 802.11n AP in the following sections: For information about... Refer to page...
PAGE 44
Configuring the LAN Settings Configuring General LAN Settings General LAN parameters that can be set include the APʹs name, Ethernet speed, IP address, VLAN association, LED mode, NTP address, and SNMP options. To display the general LAN settings, navigate to Configuration > LAN > General. The general LAN configuration displays in the right pane. Field Description General AP Name Enter a unique name that identifies the AP. The default value is the AP’s serial number.
PAGE 45
Configuring the LAN Settings Field Description Management VLAN Tagged Select to use VLAN tagging. When you enable VLAN tagging, the AP inserts the VLAN ID in the data packet header to identify which VLAN the packet belongs to. If selected, you must enter a value in the VLAN ID field. VLAN Tagged is disabled by default. Note: Changing this setting will cause the AP to reboot. VLAN ID If the VLAN Tagged checkbox is selected, enter the ID of the VLAN on which the AP will operate. The default value is 1.
PAGE 46
Configuring the LAN Settings Field Description Network Time Protocol (NTP) NTP Server Address Enter the IP address of the NTP Server. If you do not identify an NTP server, the logs timestamp displays “uptime” for the AP. Function Buttons Save Click to save your changes. Undo Click to display the most recently saved values for the settings on this screen. Factory Defaults Click to display the factory defaults on this screen.The factory defaults are not applied until you click Save.
PAGE 47
Configuring the LAN Settings To display the SNMP settings, navigate to Configuration > LAN > General. Select the Enable SNMP checkbox, then click Configure SNMP. The SNMP configuration dialog displays. Field Description SNMPv3 Configuration Context String Displays the SNMP context string used to identify this AP to an SNMP client. This field is read-only and defaults to an empty string. Engine ID: Displays the AP’s MAC address. This field is read-only. SNMP User User Name Displays the user name.
PAGE 48
Configuring the LAN Settings Field Description Authentication Password Enter a privacy key for encryption. The key must be between 8 and 32 characters. The default password is password. Unmask Click to display the value entered in the Authentication Password field. Privacy Protocol Select the encryption type from the drop-down menu. Select either: • DES (default). A DES encryption key is 56 bits long. • AES. An AES encryption key is 128 bits long. AES provides high-security encryption.
PAGE 49
Configuring the LAN Settings Notes: • You must configure the AP for 802.1x authentication before the AP is connected to an 802.1x enabled switch port. • If the switch port to which the AP is connected to is not 802.1x enabled, the 802.1x authentication will not take effect. To display 802.1x PEAP authentication settings, navigate to Configuration > LAN > 802.1x. The LAN 802.1x configuration displays in the right pane.
PAGE 50
Configuring the LAN Settings To configure 802.1x PEAP authentication: 1. Enter the Username and Password. 2. Click Unmask to view and proofread the entry in the Password field. 3. Click Save to save your changes. Configuring LLDP This section discusses how to configure LLDP. LLDP is a protocol that allows a network device to broadcast its information on a local network to other network devices.
PAGE 51
Configuring the LAN Settings Field Description LLDP Enable Select to enable or disable the AP from broadcasting LLDP information. LLDP is disabled by default. Announcement Interval[s] Enter the time (in seconds) between successive LLDP packets that the AP advertises. If changes to the AP’s configuration do not impact the LLDP information, the AP sends a new LLDP packet according to this announcement interval setting. You can enter an interval between 5 and 32,768 seconds. The default interval is 30.
PAGE 52
Configuring RADIUS Authentication Configuring RADIUS Authentication If you plan to use a RADIUS server to authenticate wireless clients, you must identify the RADIUS server to the AP. A RADIUS server must be specified for some WLAN service security options. This section discusses how to configure the AP to use RADIUS servers for authentication. The AP supports up to two RADIUS servers that are shared by all WLAN services (SSIDs) — a primary and secondary (for redundancy).
PAGE 53
WLAN Global Configuration Field Unmask Description Click to display the value entered in the Shared Secret field. Authentication Number of Tries Enter number of times (1-10) the AP tries to contact the RADIUS server. The default number of tries is 3. Timeout (s) Enter the timeout, in seconds (1-10 seconds) for retries. The default timeout is 3 seconds. Port Enter the port number on the RADIUS server that the AP should use when sending its RADIUS request messages.
PAGE 54
WLAN Global Configuration To display the access control list, navigate to Configuration > WLAN Global > ACL. The ACL configuration displays in the right pane. Field Filter Configuration Description Select the MAC address filter method: • Deny Listed MAC addresses (default) — The entries listed in the MAC address list are denied access. • Allow Only Listed MAC Addresses — The entries listed in the MAC address list are the only clients allowed access.
PAGE 55
WLAN Global Configuration To configure an access control list: 1. Select the Filter Configuration. 2. Enter a valid MAC Address. If the MAC address is valid, the Right Arrow button activates. 3. Click the Right Arrow button to move the MAC address in the MAC Address field to the MAC Address List. 4. Repeat step 2 and step 3 to add additional MAC addresses to the MAC Address List. 5.
PAGE 56
WLAN Global Configuration To display WLAN Global QoS settings, navigate to Configuration > WLAN Global > QoS. The QoS configuration displays in the right pane. Field Description Flexible Client Access Fairness Policy Select a policy from the drop-down menu. Choices range from 100% packet fairness to 100% airtime fairness. The default fairness policy is 100% Packet.
PAGE 57
Radio and Antenna Configuration Field Description Function Buttons Save Click to save your changes. Undo Click to display the most recently saved values for the settings on this screen. Factory Defaults Click to display the factory defaults on this screen.The factory defaults are not applied until you click Save. To configure WLAN Global QoS settings: 1. (Optional) In the Flexible Client Access area, change the Fairness Policy. 2.
PAGE 58
Radio and Antenna Configuration Figure 4-1 Enterasys Wireless Standalone 802.11n AP Baseband Figure 4‐1 illustrates the following: 4-16 • The AP has two radios — Radio 1 and Radio 2. • Radio 1 supports the 5 GHz radio, with radio modes a and a/n. • Radio 2 supports the 2.4 GHz radio, with radio modes b, b/g, and b/g/n. • Radio 1 and Radio 2 are connected to all three antennas — EA1, EA2, and EA3. Configuring the Enterasys Wireless Standalone 802.
PAGE 59
Radio and Antenna Configuration Configuring Common Radio Properties This section describes how to configure radio properties that are shared by both radios, such as the country of operation, AP environment, and antenna types. Note: If this AP is a WDS parent AP, the settings on the WLAN Radios Common tab are read-only to prevent child APs from losing their connection. To display the common properties shared by both of AP radios, navigate to Configuration > WLAN Radios.
PAGE 60
Radio and Antenna Configuration Field Description Left Antenna Type (AP3640 only) Select the external antenna connected to the Left Antenna input from the drop-down menu. The default is No Antenna. Caution: Selecting the wrong antenna may cause permanent damage to the AP. Note: The antenna and country selected determines the available channel list and the maximum transmitting power for the country selected. Note: Changing this setting will cause the AP to reboot.
PAGE 61
Radio and Antenna Configuration Note: The antenna you select determines the available channel list and the maximum transmitting power for the country in which the AP is deployed. 4. (Optional) Select the Use Broadcast for Disconnection checkbox. 5. Click Save to save your changes. Configuring Individual Radio Settings This section discusses the configuration for Radio 1 and Radio 2. Some settings are not available for both radios.
PAGE 62
Radio and Antenna Configuration Field Channel Width Description Select the channel width. The AP can use two channels at the same time to create a 40MHz wide channel. To achieve a 40MHz channel width, the AP employs channel bonding — two 20MHz channels at the same time. Channel bonding improves the effective throughput of the wireless LAN. When selecting Channel Width, the following options are available: • 20MHz (default) – Allows 802.11n clients to use the primary channel (20MHz) and non-802.
PAGE 63
Radio and Antenna Configuration Field Channel Plan Description Define a channel plan for the AP to be used when auto is selected in the Channel drop-down menu. A channel plan allows you to limit which channels are available for use during an ACS scan. For example, you may want to avoid using specific channels because of low power, regulatory domain, or radar interference. Select one of the following: • All (Radio 1 only) — ACS will scan all the channels for an operating channel.
PAGE 64
Radio and Antenna Configuration Field Description Max % of Non-Unicast Traffic Enter the maximum percentage of time that the AP will transmit non-unicast packets (broadcast and multicast traffic) for each configured Beacon Period. For each non-unicast packet transmitted, the system calculates the airtime used by each packet and drops all packets that exceed the configured maximum percentage.
PAGE 65
Radio and Antenna Configuration Advanced Radio Configuration This section discusses the advanced radio configuration. Advanced radio configuration is available for maximum customization but is not required. To display the advanced radio configuration, navigate to Configuration > WLAN Radios, and select either the Radio 1 or Radio 2 tab in the right pane. The configuration for the selected radio displays. Click Advanced.... The advanced radio configuration dialog displays.
PAGE 66
Radio and Antenna Configuration Field Description Dynamic Radio Management Dynamic Channel Selection (DCS) Select the DCS mode. DCS allows the AP to monitor traffic and noise levels on the channel on which the AP is currently operating. DCS can operate in two modes or be disabled: • Monitor Mode – When DCS is enabled in monitor mode and traffic or noise levels exceed the configured DCS thresholds, an alarm is triggered and an information log is generated.
PAGE 67
Radio and Antenna Configuration Field Description 11b Settings (Radio 2 only) Preamble Select a preamble for 11b-specific (CCK) rates: Short or Long. • Select Short if compatibility with early 11b clients is not required. • Select Long (default) if compatibility with early 11b clients is required. To avoid problems with wireless communication, all APs, network adapters, and other wireless devices should use the same preamble. High network traffic areas should use a Short preamble.
PAGE 68
Radio and Antenna Configuration Field Description 40MHz Protection Channel Offset Select a 20MHz channel offset if the deployment is using channels that are 20MHz apart (for example, using channels 1, 5, 9, and 13) or a 25MHz channel offset (default) if the deployment is using channels that are 25MHz apart (for example, using channels 1, 6, and 11).
PAGE 69
Radio and Antenna Configuration 3. Change the 11b Settings: • 4. (Optional) Change the Preamble. Change the 11g Settings: • (Optional) Change the Protection Mode, Protection Rate, and/or Protection type. Note: The overall throughput is reduced when Protection Mode is enabled, due to the additional overhead caused by the RTS/CTS. The overhead is minimized by setting Protection Type to CTSto-Self and Protection Rate to 11 Mbps.
PAGE 70
Configuring WLAN Policies Configuring WLAN Policies A policy associates an AP with a particular VLAN to logically group APs. By using VLANs, you can control traffic patterns and react quickly to client roaming. This section discusses how to set up a WLAN policy. You can create up to sixty‐four WLAN policies. Policies are applied to the AP through WLAN services. To display the WLAN policy settings, navigate to Configuration > WLAN Policies, and select the policy you want to edit or select .
PAGE 71
Configuring WLAN Services Field Description Delete Click to delete the WLAN policy. Undo Click to display the most recently saved values for the settings on this screen. Factory Defaults Click to display the factory defaults on this screen.The factory defaults are not applied until you click Save. To configure a WLAN policy: 1. Enter a meaningful name for the policy. 2. (Optional) Enable VLAN tagging by selecting the VLAN Tagged checkbox and entering the VLAN ID. 3.
PAGE 72
Configuring WLAN Services . Field Description Service Name Enter the name of the WLAN service. You can change this field only if you are adding a new WLAN service. The default service name is newService00. SSID Enter the SSID of the WLAN service. The software automatically populates the SSID field with the default service name. Enable This Service on Radio 1 (a/n) Select to enable/deselect to disable the WLAN service on Radio 1. The WLAN service is enabled on Radio 1 by default.
PAGE 73
Configuring WLAN Services Field Description Process Client IE Requests Select to enable/deselect to disable the AP to accept IE requests sent by clients via Probe Request frames and responds by including the requested IE’s in the corresponding Probe Response frames. By default this option is disabled. It is recommended to enable this option. Function Buttons Save Click to save your changes. Delete Click to delete the WLAN service.
PAGE 74
Configuring WLAN Services • WPA‐Authentication, Authorization and Accounting (AAA) —Privacy using a RADIUS server to authenticate clients credentials. WPA‐AAA, like WPA‐PSK, is a security solution that adds authentication to enhanced WEP encryption and key management. Configuring Static WEP To display Static WEP privacy settings, navigate to Configuration > WLAN Services, and select the service you want to edit or select . Select the Security tab.
PAGE 75
Configuring WLAN Services Field Description Undo Click to display the most recently saved values for the settings on this screen. Factory Defaults Click to display the factory defaults on this screen.The factory defaults are not applied until you click Save. To configure Static WEP privacy: 1. (Optional) Change the WEP Key Length. 2. Enter the WEP Key. Click Unmask to view and proofread the key. 3. Click Save to save your changes.
PAGE 76
Configuring WLAN Services Field Description Authentication and Accounting NAS Identifier Enter the identifier for the Network Access Server (NAS). The NAS identifier is a RADIUS attribute that identifies the server responsible for passing information to designated RADIUS servers and then acting on the response returned. NAS IP Address Enter the IP address of the Network Access Server. Authentication Primary RADIUS Server Select the primary RADIUS server.
PAGE 77
Configuring WLAN Services Configuring WPA-PSK To display WPA‐PSK privacy settings, navigate to Configuration > WLAN Services, and select the service you want to edit or select . Select the Security tab. Select WPA‐PSK from the Privacy drop‐down menu. The WPA‐PSK configuration displays. Field Description Privacy Privacy Select the security mode for the WLAN service from the drop-down menu. Privacy is set to None by default.
PAGE 78
Configuring WLAN Services Field Description Function Buttons Save Click to save your changes. Delete Click to delete the WLAN service. Undo Click to display the most recently saved values for the settings on this screen. Factory Defaults Click to display the factory defaults on this screen.The factory defaults are not applied until you click Save. To configure WPA‐PSK privacy: 1. Select one or both of the WPA version checkboxes. 2. (Optional) Change the Broadcast Re‐Key Interval(s). 3.
PAGE 79
Configuring WLAN Services Field Description Privacy Privacy Select the security mode for the WLAN service from the drop-down menu. Privacy is set to None by default. WPAv1 Select WPA v1 to use encryption by temporal key integrity protocol (TKIP). WPAv1 is disabled by default. WPAv2 Select WPA v2 to use encryption by advanced encryption standard with counter-mode/CBC-MAC protocol (AES-CCMP). WPA. WPAv2 is enabled by default.
PAGE 80
Configuring WLAN Services Field Description SSID Select to include the SSID of the AP in VSA attributes. Vendor Specific Attributes (VSA) provide information on the identity of the specific AP that is handling the wireless device, enabling the provision of location-based services. The SSID of the AP is not included in VSA attributes by default. Function Buttons Save Click to save your changes. Delete Click to delete the WLAN service.
PAGE 81
Configuring WLAN Services Configuring Quality of Service (QoS) for a WLAN Service To display QoS settings for a WLAN service, navigate to Configuration > WLAN Services, and select the service you want to edit or select . Select the QOS tab. The QoS configuration displays. Field Description Enable Priority For Legacy Clients Enables your service to support legacy devices. This value is enabled by default.
PAGE 82
Configuring WLAN Services Field Description Function Buttons Save Click to save your changes. Delete Click to delete the WLAN service. Undo Click to display the most recently saved values for the settings on this screen. Factory Defaults Click to display the factory defaults on this screen.The factory defaults are not applied until you click Save. To configure QoS for a WLAN service: 1. 2.
PAGE 83
5 Configuring WDS A Wireless Distribution System (WDS) enables you to expand the wireless network by interconnecting APs through wireless links in addition to the traditional method of interconnecting APs through a wired network. This chapter discusses the WDS capabilities of the AP, deployment options, and how to create and configure a WDS. For information about... Refer to page...
PAGE 84
About WDS Figure 5-1 Simple WDS Configuration Root Wireless AP Satellite Wireless AP Client Devices Wireless Repeater Configuration In Wireless Repeater configuration, a Repeater AP is installed between the Root AP and the Satellite AP. The Repeater AP relays the user traffic between the Root AP and the Satellite AP. This increases the WLAN range. The Repeater Wireless AP can also communicate with client devices. The Figure 5‐2 illustrates the Wireless Repeater configuration.
PAGE 85
WDS WLAN Services Wireless Bridge Configuration In Wireless Bridge configuration, the traffic between two APs that are connected to two separate wired LAN segments is bridged via WDS link. You may also install a Repeater AP between the two APs connected to two separate LAN segments.
PAGE 86
WDS WLAN Services Figure 5-4 Deployment Example • The rectangular enclosure denotes an office building • The solid arrows point towards Preferred Parents. • The four Wireless APs — Minoru, Yosemite, Bjorn and Lancaster — are within the confines of the building and are connected to the wired network. • The dotted arrows point towards Backup Parents. WDS Setup with a Single WDS Service Deploying the WDS in Figure 5‐4 on page 5‐4 using a single WDS service results in the following structure.
PAGE 87
WDS WLAN Services Figure 5-5 WDS Setup with a Single WDS Service Lancaster Minoru Lon Urso Dove Theodore Client Devices The tree will operate as a single WDS entity. It will have a single WDS SSID and a single pre‐ shared key for WDS links. This tree will have multiple roots. For more information, see “Multi‐ Root WDS Topology” on page 5‐8. WDS Setup with Multiple WDS Services You can also deploy the same WDS in Figure 5‐4 on page 5‐4 using two WDS services.
PAGE 88
Key Features of WDS Figure 5-6 WDS Setup with Multiple WDS Services WDS 2 WDS 1 Lancaster Minoru Lon Urso Theodore Dove Client Devices Key Features of WDS Some key features of WDS are: • Tree‐Like Topology • Radio Channels • Multi‐Root WDS Topology • Automatic Discovery of Parent and Backup Parent APs • Link Security Tree-Like Topology The APs in WDS configuration can be regarded as nodes, and these nodes form a tree‐like structure.
PAGE 89
Key Features of WDS If a parent AP fails or stops to act as a parent, the child APs will attempt to discover their backup parents. If the backup parents are not defined, the child APs will be left stranded. The following figure illustrates the parent‐child relationship between the nodes in a WDS topology. Figure 5-7 Parent-Child Relationship between APs in WDS Configuration Root Wireless AP • Root Wireless AP is the parent of Repeater Wireless AP 1.
PAGE 90
Key Features of WDS Radio Channels The radio channel on which the child AP operates is determined by the parent AP. An AP may connect to its parent AP and children APs on the same radio, or on different radios. Similarly, an AP can have two children operating on two different radios. When an AP is connecting to its parent AP and children APs on the same radio, it uses the same channel for both the connections. Multi-Root WDS Topology A WDS topology can have multiple Root APs.
PAGE 91
Before Configuring WDS Services Link Security The WDS link is encrypted using Advance Encryption Standard (AES). Note: The keys for AES are configured prior to deploying the Repeater or Satellite APs. Before Configuring WDS Services Before you start configuring the WDS APs, you must ensure the following: • The APs that are part of the wired WLAN are connected to the wired network. • The wired AP(s) that will serve as the Root AP(s) of the proposed WDS topology are operating normally.
PAGE 92
Configuring a WDS Service Configuring a WDS Service To configure the WDS, you must identify and mark the Preferred Parents, Backup Parents and the Child APs in the proposed WDS topology before starting the configuration process. To display the WDS Services settings, select Configuration from the left pane and expand the WDS Services node. Select the WDS service you want to edit or select . The WDS Services configuration displays in the right pane.
PAGE 93
Configuring a WDS Service Field Radio 1 (a/n) Role Description Select the role of radio 1. Options include: • None (default) - WDS service is not activated on this radio. • Child - This radio will serve as a Child only. • Parent - This radio will serve as a Parent only. • Both - The radio will serve as both Child and Parent. Radio 2 (b/g/n) Role Select the role of radio 2. Options include: • None (default) - WDS service is not activated on this radio. • Child - This radio will serve as a Child only.
PAGE 94
Deploying the WDS Deploying the WDS Once all of the APs that will participate in the WDS are configured, you can physically place the APs in their intended location and power them on. Each AP is equipped with WDS signal strength mode. WDS signal strength mode displays the strength of the signal between parent and child AP using the APs LEDs, allowing you to position each AP’s antennas without having to log in to each AP.
PAGE 95
6 Viewing Wireless Access Point Information This chapter describes how to display information about the AP. For information about... Refer to page...
PAGE 96
Viewing AP Logs To access the AP General Information view, navigate to Status > Information. General information about the AP displays in the right pane. To refresh the view, click Refresh or select the Auto Refresh checkbox located in the top right corner of pane. The information on the page refreshes every 15 seconds. Viewing AP Logs The Logs view displays the contents of the flash‐based log file in an easy‐to‐read format. Each log entry is displayed on a separate line.
PAGE 97
Viewing AP Logs To access the AP Log view, navigate to Status > Logs. The Log list displays in the right pane. • Filter the type of events displayed by selecting or deselecting the appropriate check boxes next to Show Events. By default, all types of events are displayed. • Click Clear Selected Logs to delete the logs selected next to Show Events. • To refresh the view, click Refresh or select the Auto Refresh checkbox located in the top right corner of pane.
PAGE 98
Viewing LAN Status Information Viewing LAN Status Information The LAN Status view displays information about the LAN — such as Ethernet speed, MAC address, IP address, Subnet Mask, Gateway, DHCP Lease Time Left, and receive and transmit statistics. To access the LAN status view, navigate to Status > LAN. LAN status information displays in the right pane. 6-4 • To refresh the view, click Refresh or select the Auto Refresh checkbox located in the top right corner of pane.
PAGE 99
Viewing WLAN Radio Information Viewing WLAN Radio Information The AP provides informative views for both radios. The following sections discuss the WLAN Radio views. Viewing General Information for a Radio You can view general status information for each radio — such as Channel, Channel Width, Tx Power, 11n Protection state, number of services, and the number of clients. To access the general status view for a radio, navigate to Status > WLAN Radios, expand the desired Radio node, and select General.
PAGE 100
Viewing WLAN Radio Information Viewing Statistics for a Radio You can view detailed statics for each radio. To access the Statistics view for a radio, expand Status from the left pane, expand the WLAN Radios node, expand the desired Radio node, and select Statistics. Statistics for the selected radio display in the right pane. 6-6 • To refresh the view, click Refresh or select the Auto Refresh checkbox located in the top right corner of pane. The information on the page refreshes every 15 seconds.
PAGE 101
Viewing General Information about a WLAN Service Viewing General Information about a WLAN Service The WLAN Service General Information view displays basic status information for a WLAN service, such as Service Name, SSID, Default Policy, VLAN ID, and Number of Clients. To access the general status view for a WLAN service, expand Status from the left pane, expand the WLAN Services node, expand the desired WLAN service node, and select General.
PAGE 102
Viewing General Information about a WLAN Policy Viewing General Information about a WLAN Policy The WLAN Policy General Information view displays basic status information for a WLAN policy, such as Policy Name, VLAN ID, Number of Services, and Number of Clients. To access the general information view for a WLAN policy, navigate to Status > WLAN Policies, expand the desired policy node, and select General. General status for the selected policy displays in the right pane.
PAGE 103
Viewing WLAN Clients Information Viewing WLAN Clients Information The AP provides you with several client view options. Depending on the type of information you seek, you can view all clients connected to the AP or you can view clients by Radio, Policy, or Service. Viewing All Clients The WLAN Clients status view displays information for all connected WLAN clients — such as Host or User, IP address, MAC address, BSSID, Status, Radio, Service, and Policy.
PAGE 104
Viewing WLAN Clients Information Viewing Clients by Radio Each WLAN Radio provides you with information about the clients connected — such as Host or User, IP address, MAC address, BSSID, Status, Service, and Policy. To access the client status view for a radio, navigate to Status > WLAN Radios, expand the desired radio node, and select Clients. Client status for the selected radio displays in the right pane.
PAGE 105
Viewing WLAN Clients Information Viewing Clients by WLAN Service Each WLAN service provides you with information about the clients using the selected service — such as Host or User, IP address, MAC address, BSSID, Status, Radio, and Policy. To access the client status view for a WLAN service, navigate to Status > WLAN Services, expand the desired WLAN service node, and select Clients. Client status for the selected WLAN service displays in the right pane.
PAGE 106
Viewing WLAN Clients Information Viewing Clients by WLAN Policy Each WLAN policy provides you with information about the clients using the selected service — such as Host or User, IP address, MAC address, BSSID, Status, Radio, and Service. To access the client status view for a WLAN policy, navigate to Status > WLAN Policies, expand the desired policy node, and select Clients. Client status for the selected policy displays in the right pane.
PAGE 107
Viewing WDS Services Information Viewing WDS Services Information The WDS Services Information view displays information about the status of WDS APs for a selected WDS — such as AP name, IP address, MAC address, Radio, and Relationship, as well as various statistics. To access the WDS Services Information view for a WDS, navigate to Status > WDS Services, and select the desired WDS service. Information about the selected WDS service displays in the right pane.
PAGE 108
Viewing WLAN Cluster Information Viewing WLAN Cluster Information The WLAN Cluster information view displays information about the cluster — such as AP name, IP address, MAC address, Radio BSSIDs, and clients. To access the WLAN Cluster information view, navigate to Status > WLAN Cluster. Information about the cluster displays in the right pane. To refresh the view, click Refresh or select the Auto Refresh checkbox located in the top right corner of pane.
PAGE 109
A Troubleshooting For information about... Refer to page... Rebooting the AP A-1 Restoring the AP to Factory Default Settings A-4 Exporting and Importing Configuration A-2 LED Behavior A-5 Rebooting the AP To display the reboot now option, navigate to Tools > Debug. The Debug tools display in the right pane. Enterasys Wireless Standalone 802.
PAGE 110
Exporting and Importing Configuration Field Description Save AP Trace Save Click to save a zipped file that contains the AP’s log, a crash report, and a core dump file. Reboot Now Reboot Now Click to power cycle the AP. Click Reboot Now. The AP logs you out and reboots. Exporting and Importing Configuration APs are configured with default settings from the factory. You can modify an AP’s running configuration and export it to a text file.
PAGE 111
Exporting and Importing Configuration Field Description Include Users and Passwords Deselect this checkbox if you do not want to include user accounts and passwords in the configuration file. Export Click to export the configuration file. Upon clicking Export, the AP creates a new tab in your Web browser or opens a new browser window (depending on your browser configuration) that displays the APs configuration in text format.
PAGE 112
Restoring the AP to Factory Default Settings Restoring the AP to Factory Default Settings To display the restore factory default option, navigate to Tools > Configuration. The Configuration tools display in the right pane. To restore the AP to factory default settings: A-4 1. Under Restore Factory Defaults, click Restore. A dialog instructs you that this action will cause the AP to reboot. 2. Click OK. The AP logs you out and reboots with default settings.
PAGE 113
LED Behavior LED Behavior The AP has four front‐panel status LEDs, as displayed in Figure A‐1. Figure A-1 AP LEDs LED Initialization Display When power is first applied, the AP LEDs display the initialization status. When the AP is powered on and when it boots, you can follow its progress through the initialization process by observing the LED sequence as displayed in the following tables.
PAGE 114
LED Behavior Table A-3 LED Patterns for Errors during Initialization LED 1 LED 2 LED 3 LED 4 State Blink Red Table A-4 Solid Green Off Reset to factory defaults Blink Red Table A-4 Off Blink Green Failed 802.
PAGE 115
LED Behavior WDS Signal Strength Mode LED Behavior This section displays the LED patterns for the AP when LED Mode is set to WDS Signal Strength. For more information about setting the LED mode, see“Configuring General LAN Settings” on page 4‐2.
PAGE 116
LED Behavior A-8 Troubleshooting
PAGE 117
B SNMP Traps and MIBs This chapter provides the SNMP traps and MIBs supported by the AP. For information about... Refer to page... SNMP Traps B-1 SNMP MIBs B-2 SNMP Traps Table B-1 SNMP Traps Generic Trap # Name Description 0 Cold Start The AP performs a power on. 1 Warm Start The AP has re-initialized. 2 Link Down When the radio is admin enabled but turned off due to radar detection.
PAGE 118
SNMP MIBs SNMP MIBs MIB-II (RFC1213) Field Range Description sysDescr Read-only printable char Contact/description field sysObjectID Read-only OID The vendor’s authorative identification of the network management subsystem contained in the entity. This gives a value of “1.3.6.1.4.1.4329.15.1.2.9" for AP3630 and “1.3.6.1.4.1.4329.15.1.2.10" for AP3640.
PAGE 119
SNMP MIBs Field Range Description etsysPolicyProfilePortVid (0|1..4094|4095) • 0 - no tagging. • 1-4094 - tagged with specified vlanId • 4095 - no tagging etsysPolicyProfileRulePrecedence Octet String Hardcode to hex "\x01\x02\x03\x04\x05\x06\x07\x08\x0c\ x0d\x0e\x0f\x10\x11\x12\x13\x15\x16\x1 9\x1a\x1b\x1c\x1f" etsysPolicyProfileIndex integer The profile index number Enterasys Wireless Standalone 802.
PAGE 120
SNMP MIBs B-4 SNMP Traps and MIBs
PAGE 121
C Regulatory Information Warning: Warnings identify essential information. Ignoring a warning can lead to problems with the application. This appendix provides regulatory information for the HiPath Wireless AP3630 and AP3640 models. Notes: Throughout this appendix, the term ‘Wireless AP’ refers to the AP models AP3630 and AP3640. Specific AP models are only identified in this appendix where it is necessary to do so.
PAGE 122
Wireless APs 3630 and 3640 • This device must accept any interference received, including interference that may cause undesired operation. This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a residential and business environment.
PAGE 123
Wireless APs 3630 and 3640 FCC RF Radiation Exposure Statement The Wireless AP complies with FCC RF radiated exposure limits set forth for an uncontrolled environment. End users must follow the specific operating instructions for satisfying RF exposure compliance. This device has been tested and has demonstrated compliance when simultaneously operated in the 2.4 GHz and 5 GHz frequency ranges. This device must not be co‐located or operated in conjunction with any other antenna or transmitter.
PAGE 124
Wireless APs 3630 and 3640 Canada Industry Canada Compliance Statement This digital apparatus does not exceed the Class B limits for radio noise emissions from digital apparatus as set out in the interference‐causing equipment standard entitled “Digital Apparatus,” ICES‐003 of Industry Canada.
PAGE 125
Wireless APs 3630 and 3640 External Antennas The AP3640 external antenna AP can also be used with certified external antennas. However, in order to comply with the local laws and regulations, an approval may be required by the local regulatory authorities. For a list of approved external antennas, see “AP3640 Approved External Antennas” on page C‐12.
PAGE 126
Wireless APs 3630 and 3640 Declaration of Conformity in Languages of the European Community English Hereby, Enterasys, declares that this Radio LAN device is in compliance with the essential requirements and other relevant provisions of Directive 1999/5/EC. Finnish Valmistaja Enterasys vakuuttaa täten että Radio LAN device tyyppinen laite on direktiivin 1999/5/EY oleellisten vaatimusten ja sitä koskevien direktiivin muiden ehtojen mukainen.
PAGE 127
Wireless APs 3630 and 3640 New Member States requirements of Declaration of Conformity Estonian Käesolevaga kinnitab Enterasys seadme Radio LAN device vastavust direktiivi 1999/5/EÜ põhinõuetele ja nimetatud direktiivist tulenevatele teistele asjakohastele sätetele. Hungary Alulírott, Enterasys nyilatkozom, hogy a Radio LAN device megfelel a vonatkozó alapvetõ követelményeknek és az 1999/5/EC irányelv egyéb elõírásainak.
PAGE 128
Wireless APs 3630 and 3640 Radio transceiver • R&TTE Directive 1999/5/EC • ETSI/EN 300 328 (2.4 GHz) • ETSI/EN 301 893 (5 GHz) Other • IEEE 802.11a (5 GHz) • IEEE 802.11b/g (2.4 GHz) • IEEE 802.11n (AP3630, AP3640) • IEEE 802.3af (PoE) RoHS • European Directive 2002/95/EC External Antennas The AP3640 external antenna AP can also be used with certified external antennas.
PAGE 129
Wireless APs 3630 and 3640 Caution: Please follow the instructions in this user guide to properly configure the Wireless AP. • Each Wireless AP is configured with a default group of settings. There is the ability to change these settings. The user or installer is responsible to ensure that each Wireless AP is properly configured. • The software within the Wireless AP will automatically limit the allowable channels and output power determined by the selected country code.
PAGE 130
Wireless APs 3630 and 3640 Table C-1 European spectrum usage rules Country 5.15-5.25 (GHz) Channels: 36,40,44,48 5.25-5.35 (GHz) Channels: 52,56,60,64 5.47-5.725 (GHz) Channels: 100,104,108,112,116, 132,136,140 2.4-2.
PAGE 131
Wireless APs 3630 and 3640 Certifications of Other Countries The Wireless APs have been certified for use in various other countries. Once the correct country code is selected, the Wireless AP automatically uses the proper frequencies and power outputs for that country code. It is the responsibility of the end user to select the proper country code for the country the device will be operated within or run the risk violating local laws and regulations.
PAGE 132
Wireless APs 3630 and 3640 AP3640 Approved External Antennas The AP3640 external antenna APs can be used with certified external antennas. However, in order to comply with the local laws and regulations, an approval may be required by the local regulatory authorities. The following optional antennas have been tested and approved for use with the external antenna models.
PAGE 133
D Glossary Term Definition AAA Authentication, Authorization and Accounting. A system in IPbased networking to control what computer resources users have access to and to keep track of the activity of users over a network. Access Point (AP) A wireless LAN transceiver or ‘base station’ that can connect a wired LAN to one or many wireless devices. ACS Automatic Channel Selection. ADDBA Add Block Acknowledgement. Ad-hoc mode An 802.
PAGE 134
D-2 Glossary Term Definition asynchronous Asynchronous transmission mode (ATM). A start/stop transmission in which each character is preceded by a start signal and followed by one or more stop signals. A variable time interval can exist between characters. ATM is the preferred technology for the transfer of images. BSS Basic Service Set. A wireless topology consisting of one Access Point connected to a wired network and a set of wireless devices. Also called an infrastructure network. See also IBSS.
PAGE 135
Term Definition Device Server A specialized, network-based hardware device designed to perform a single or specialized set of server functions. Print servers, terminal servers, remote access servers and network time servers are examples of device servers. DHCP Dynamic Host Configuration Protocol. A protocol for assigning dynamic IP addresses to devices on a network. With dynamic addressing, a device can have a different IP address every time it connects to the network.
PAGE 136
D-4 Glossary Term Definition Dynamic WEP The IEEE introduced the concept of user-based authentication using per-user encryption keys to solve the scalability issues that surrounded static WEP. This resulted in the 802.1X standard, which makes use of the IETF's Extensible Authentication Protocol (EAP), which was originally designed for user authentication in dial-up networks. The 802.1X standard supplemented the EAP protocol with a mechanism to send an encryption key to a Wireless AP.
PAGE 137
Term Definition Fit, thin and fat APs A thin AP architecture uses two components: an access point that is essentially a stripped-down radio and a centralized management controller that handles the other WLAN system functions. Wired network switches are also required. A fit AP, a variation of the thin AP, handles the RF and encryption, while the central management controller, aware of the wireless users' identities and locations, handles secure roaming, quality of service, and user authentication.
PAGE 138
D-6 Glossary Term Definition HTTPS Hypertext Transfer Protocol over Secure Socket Layer, or HTTP over SSL, is a Web protocol that encrypts and decrypts user page requests as well as the pages that are returned by the Web server. HTTPS uses Secure Socket Layer (SSL) as a sublayer under its regular HTTP application layering. (HTTPS uses port 443 instead of HTTP port 80 in its interactions with the lower layer, TCP/IP.
PAGE 139
Term Definition IPsec IPsec-ESP IPsec-AH Internet Protocol security (IPSec) Internet Protocol security Encapsulating Security Payload (IPsecESP). The encapsulating security payload (ESP) encapsulates its data, enabling it to protect data that follows in the datagram.Internet Protocol security Authentication Header (IPsecAH). AH protects the parts of the IP datagram that can be predicted by the sender as it will be received by the receiver.
PAGE 140
D-8 Glossary Term Definition MIB Management Information Base is a formal description of a set of network objects that can be managed using the Simple Network Management Protocol (SNMP). The format of the MIB is defined as part of the SNMP. A MIB is a collection of definitions defining the properties of a managed object within a device. Every managed device keeps a database of values for each of the definitions written in the MIB.
PAGE 141
Term Definition NTP Network Time Protocol, an Internet standard protocol (built on top of TCP/IP) that assures accurate synchronization to the millisecond of computer clock times in a network of computers. Based on UTC, NTP synchronizes client workstation clocks to the U.S. Naval Observatory Master Clocks in Washington, DC and Colorado Springs CO.
PAGE 142
D-10 Glossary Term Definition OSPF Open Shortest Path First, an interior gateway routing protocol developed for IP networks based on the shortest path first or linkstate algorithm. Routers use link-state algorithms to send routing information to all nodes in an internetwork by calculating the shortest path to each node based on a topography of the Internet constructed by each node.
PAGE 143
Term Definition push-to-talk (PTT) The push-to-talk (PTT) is feature on wireless telephones that allows them to operate like a walkie-talkie in a group, instead of standard telephone operation. The PTT feature requires that the network be configured to allow multicast traffic. A PTT call is initiated by selecting a channel and pressing the ‘talk’ key on the wireless telephone. All wireless telephones on the same network that are monitoring the channel will hear the transmission.
PAGE 144
Term Definition Segment In Ethernet networks, a section of a network that is bounded by bridges, routers or switches. Dividing a LAN segment into multiple smaller segments is one of the most common ways of increasing available bandwidth on the LAN. SLP Service Location Protocol. A method of organizing and locating the resources (such as printers, disk drives, databases, e-mail directories, and schedulers) in a network.
PAGE 145
Term Definition SSH Secure Shell, sometimes known as Secure Socket Shell, is a Unix-based command interface and protocol for securely getting access to a remote computer. SSH is a suite of three utilities slogin, ssh, and scp - secure versions of the earlier UNIX utilities, rlogin, rsh, and rcp. With SSH commands, both ends of the client/ server connection are authenticated using a digital certificate, and passwords are protected by being encrypted. SSID Service Set Identifier.
PAGE 146
D-14 Glossary Term Definition Switch In networks, a device that filters and forwards packets between LAN segments. Switches operate at the data link layer (layer 2) and sometimes the network layer (layer 3) of the OSI Reference Model and therefore support any packet protocol. LANs that use switches to join segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet LANs.
PAGE 147
Term Definition TSN Transition Security Network. A subset of Robust Security Network (RSN), which provides an enhanced security solution for legacy hardware. The Wi-Fi Alliance has adopted a solution called Wireless Protected Access (WPA), based on TSN. RSN and TSN both specify IEEE 802.1x authentication with Extensible Authentication Protocol (EAP). Tunnelling Tunnelling (or encapsulation) is a technology that enables one network to send its data via another network's connections.
PAGE 148
D-16 Glossary Term Definition VPN Virtual Private Network. A private network that is constructed by using public wires to connect nodes. These systems use encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted. VSA Vendor Specific Attribute, an attribute for a RADIUS server defined by the manufacturer.(compared to the RADIUS attributes defined in the original RADIUS protocol RFC2865).
PAGE 149
Term Definition WPA Wireless Protected Access, or Wi-Fi Protected Access is a security solution adopted by the Wi-Fi Alliance that adds authentication to WEPs’ basic encryption. For authentication, WPA specifies IEEE 802.1x authentication with Extensible Authentication Protocol (EAP). For encryption, WPA uses the Temporal Key Integrity Protocol (TKIP) mechanism, which shares a starting key between devices, and then changes their encryption key for every packet.
PAGE 150
D-18 Glossary
PAGE 151
Index Numerics Infrastructure for Roaming 2-2 Infrastructure Wireless LAN 2-1 Infrastructure Wireless LAN for Roaming Wireless PCs 2-2 802.11e 4-39 802.1X 4-6, A-5 802.3af 3-1, C-2, C-4, C-8, C-11 A P Antenna Configuration 4-15 Selection 4-18 Authentication 802.
PAGE 152
Index-2