802.
Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiated radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
R&TTE Compliance Statement This equipment complies with all the requirements of DIRECTIVE 1999/5/CE OF THE EUROPEAN PARLIAMENT AND THE COUNCIL OF 9 March 1999 on radio equipment and telecommunication terminal equipment and the mutual recognition of their conformity (R&TTE). The R&TTE Directive repeals and replaces in the directive 98/13/EEC (Telecommunications Terminal Equipment and Satellite Earth Station Equipment) as of April 8,2000.
Table of Contents 1. Introduction ......................................................................................................................... 1 1.1. Overview................................................................................................................... 1 1.2. Features.................................................................................................................... 1 1.3. LED Definitions ......................................................................
3.5.2.2. MAC-Address-Based Access Control ................................................ 31 3.5.3. IEEE 802.1x/RADIUS ................................................................................... 33 3.6. Advanced Settings.................................................................................................. 35 3.6.1. Packet Filters................................................................................................ 35 3.6.1.1. Ethernet Type Filters .............................
1. Introduction 1.1. Overview The Access Point modular WLAN access point (AP) enables 802.11n or 802.11g client computers to access the resources on an Ethernet network wirelessly or wired. It conveniently fits into standard wall outlets and only takes a few minutes to install and configure for use.
Repeater. When the Access Point is in AP/Bridge mode, it can communicate with other APs or wireless bridges via WDS (Wireless Distribution System). Therefore, a Access Point can wirelessly forward packets from wireless clients to another Access Point. Then the second Access Point forwards the packets to the Ethernet network. Wireless Client Isolation. When the Access Point is in AP/Bridge mode, wireless-to-wireless traffic can be blocked so that the wireless clients cannot see each other.
z HTTP-based. Upgrading firmware by HTTP (HyperText Transfer Protocol). Configuration Backup. The configuration settings of the Access Point can be backed up to a file via TFTP or HTTP for later restoring. Configuration Reset. Clears current configuration settings and restores to factory-default values. Management Browser-based Network Manager for configuring and monitoring the Access Point via a Web browser. The management protocol is HTTP (Hyper Text Transfer Protocol)-based. SNMP.
A. WAN: Green, solid when connected, flashing when data activity B. Wireless: Green, solid when on, flashing when wireless data activity C. RJ-45 LAN port Amber, solid when LAN connection Green, solid when LAN connection, flashing when activity 2. First-Time Installation and Configuration 2.1. Power The Access Point is powered using PoE (Power over Ethernet). The Access Point automatically selects the suitable power supply. To power the AP by PoE: 1.
the wall. 4. Fasten the Access Point main housing to the wall box with screws provided. 5. Line-up and push the faceplate cover onto the main housing until it snaps securely into place. 2.3. Connecting a Managing Computer To configure the Access Point using the Advanced option, a managing computer with a Web browser is needed. NOTE: If you are using the browser, Opera, to configure the Access Point, click the menu item File, click Preferences...
2.4. Configuring the AP After the IP addressing issue is resolved, launch a Web browser on the managing computer. Then, go to “http://AP IP to access the Web-based Network Manager login page. TIP: The Access Point can be reached by its host name using a Web browser. For example, if the Access Point is named “AP”, you can use the URL “http://AP” to access. 2.4.1.
Once you have successfully logged in, the Home page opens. side for Setup. Click on the main manual on left hand Fig. 3. The Home page 2.4.2. Selecting Mode The Access Point supports two operational modes: AP/Bridge. This mode provides both Access Point and Static LAN-to-LAN Bridging functionality. The static LAN-to-LAN bridging function is supported through Wireless Distribution System (WDS). AP Client. This mode is for Dynamic LAN-to-LAN Bridging.
There are two types of wireless links as specified by the IEEE 802.11 standard. STA-AP. This type of wireless link is established between an IEEE 802.11 Station (STA) and an IEEE 802.11 Access Point (AP). An STA is usually a client computer (PC or PDA) with a WLAN network interface card (NIC). The AP Client mode is actually an STA. WDS. This type of wireless link is established between two IEEE 802.11 Access Point’s. Wireless packets transmitted along the WDS link comply with the IEEE 802.
Fig. 5. TCP/IP settings. 1. Click on TCP/IP from the side menu and select Addressing. 2. When you have finished making changes, click Save or Save & Restart. 2.4.4. Configure IEEE 802.11 Settings The Network Manager utility allows the user to configure IEEE 802.11n-related communication settings, including Regulatory domain, Channel number, and Network name (SSID) of the Access Point.
Fig. 6. IEEE 802.11n communication settings 1. Click on IEEE 802.11 from the side menu, and then select Communication. 2. When you have finished, scroll to the bottom of the screen and click either Save or Save & Restart. 2.4.5. Review and Apply Settings On the Summary page, you can review all the settings you have made. Changes are highlighted in red. If they are OK, click Restart to restart the Access Point for the new settings to take effect. Fig. 7. Settings changes are highlighted in red.
TIP: Since the Home page shows the current settings and status of the AP, it can be saved or printed within the Web browser for future reference. NOTE: Allow 7 seconds for the Access Point to complete its restart process. 2.5. Setting up Client Computers The TCP/IP and IEEE 802.11n-related settings of wireless client computers must match those of the Access Point in order for a wireless link to be established. 2.5.1. Configure IEEE 802.
2.6. Confirm Settings of the Access Point and Client Computers After configuring the Access Point and setting up client computers, it is recommended that all settings are checked and confirmed. 2.6.1. Checking if the IEEE 802.11n-Related Settings Work To check if a wireless client computer can associate with the AP: 1. Launch the configuration/monitoring utility provided by the vendor of the installed WLAN NIC. 2.
3.1. Overview To enter, simply click on the “Advanced” option on the Home page after login. Fig. 8. The Summary page 3.1.1. Menu Structure The left side of the screen contains a menu for you to carry out commands. Here is a brief description of the menu options: z Home. Click this tab to return to the Home page. z Summary. Click this tab to view a screen with at-a-glance status information. z Status. Click this tab to access the following settings: z Wireless Clients.
z z z TCP/IP. Click this tab to access the following settings: Addressing. Modify IP address settings of the Access Point. DHCP Server. Modify settings for the DHCP (Dynamic Host Configuration Protocol) server. IEEE 802.11. Click this tab to access the following settings: Communication. Modify basic IEEE 802.11n/b/g settings of the Access Point to work properly with wireless clients. Security. Modify security settings for authenticating wireless users and encrypting wireless data.
Fig. 10. Settings have been changed. 3.1.3. Home and Refresh Commands At the bottom of a status page, there are two buttons—Home and Refresh. Clicking Home brings you back to the Summary page. Clicking Refresh updates the shown status information. Fig. 11. Home and Refresh buttons 3.2. Viewing Status 3.2.1. Associated Wireless Clients On this page, the status information of each associated client, including its MAC address, IP address, user name (if the client has been IEEE 802.
Fig. 12. Status of associated wireless clients 3.2.2. Current DHCP Mappings On this screen, all the current static or dynamic DHCP mappings are shown. A DHCP mapping is a correspondence relationship between an IP address assigned by the DHCP server and a computer or device that obtains the IP address. A computer or device that acts as a DHCP client is identified by its MAC address. Fig. 13.
Fig. 14. System log 3.2.4. Link Monitor When the Access Point is in AP Client mode, use the Link Monitor feature to monitor the link quality and signal strength of the connection. Larger values mean better wireless connectivity to the Access Point. Fig. 15. Link monitor NOTE: The values are updated every 20 seconds. 3.3. General Operations 3.3.1. Specifying Operational Mode Fig. 16. Operational mode settings The Access Point supports two operational modes: AP/Bridge.
In either mode, the Access Point forwards packets between its Ethernet interface and wireless interface for wired hosts on the Ethernet side and wireless host(s) on the wireless side. There are 2 types of wireless links as specified by the IEEE 802.11 standard. STA-AP. This type of wireless link is established between an IEEE 802.11 Station (STA) and an IEEE 802.11 Access Point (AP). An STA is usually a client computer (PC or PDA) with a WLAN network interface card (NIC).
3.3.3. Managing Firmware Firmware management operations for the Access Point include firmware upgrade, configuration backup, configuration restore, and configuration reset. Firmware upgrade, configuration backup, and configuration restore can be achieved via HTTP or TFTP. Fig. 18. Firmware management protocol setting The HTTP method is suggested since it is more user friendly.
Fig. 21. Configuration restore by HTTP To restore configuration of the Access Point by HTTP: 1. Click Browse and then select a correct configuration .hex file. You have to make sure the file name is the AP’s MAC address. The firmware file path will be shown in the Firmware file name text box. 2. Click Restore to upload the configuration file to the Access Point 3.3.3.3.
address of the computer, open a Command Prompt, and type IpConfig, then press the Enter key. 8. Trigger the firmware upgrade process by clicking Upgrade. Fig. 24. TFTP Server. NOTE: After the dialog box of the TFTP server program appears, be sure to specify the working folder within which the downloaded firmware files reside. NOTE: Make sure the Accept read requests check box of TFTP Server is selected.
3.3.3.4. Backing up and Restoring Configuration Settings by TFTP Fig. 25. Configuration backup/restore To back up configuration of the Access Point by TFTP: 1. Get a computer that will be used as a TFTP server and as a managing computer to trigger the backup process. 2. Connect the computer and one of the LAN Ethernet switch port with a normal Ethernet cable. 3. Configure the IP address of the computer so that the computer and the Access Point are in the same IP subnet. 4.
7. Within the Configuration Backup/Restore section, specify the IP address of the computer, which acts as a TFTP server. If you don’t know the IP address of the computer, open a Command Prompt, and type IpConfig, then press the Enter key. 8. Trigger the restoring process by clicking Restore. The Access Point will then download the configuration backup file from the TFTP server. NOTE: Make sure the file is a valid configuration backup file for the Access Point.
3.4.2. DHCP Server 3.4.2.1. Basic The Access Point can automatically assign IP addresses to client computers by DHCP. From this screen, you can specify the Default gateway, Subnet mask, Primary DNS server, and Secondary DNS server settings that will be sent to a client at its request. Additionally, you can specify the first IP address that will be assigned to the clients and the number of IP addresses available for allocation. Fig. 28. Basic DHCP server settings.
To always assign a static IP address to a specific DHCP client: 1. Specify the MAC address of the DHCP client and the IP address to be assigned to it. Then, give a description for this mapping. 2. Select the corresponding Enabled check box. 3.5. Configuring IEEE 802.11 Related Settings 3.5.1. Communication 3.5.1.1. Basic Basic IEEE 802.
3.5.1.2. Link Integrity Fig. 31. Link integrity settings When the Ethernet LAN interface is detected to be disconnected from the wired network, all currently associated wireless clients are disassociated by the Access Point and no wireless client can associate with the Access Point. The detection mechanism is based on pinging the IP address specified in Reference host. 3.5.1.3. Association Control Fig. 32.
Fig. 34. Wireless Distribution System By WDS, two or more LAN segments can be connected wirelessly. As illustrated in Fig. 35, a pair of wireless LAN-to-LAN bridges is used to connect two LAN segments. Since the Access Point is WDS-enabled, it can be used as a wireless bridge. Fig. 35. LAN-to-LAN bridging NOTE: A Access Point can have up to 6 WDS links to other APs or wireless bridges. Fig. 36. Wireless Distribution System settings To enable a WDS link: 1.
2. Select the corresponding Enabled check box. For example, assume you want two Access Point’s with MAC addresses 00-02-65-01-62-C5 and 00-02-65-01-62-C6 to establish a WDS link between them. On Access Point 00-02-65-01-62-C5, set the peer MAC address of port 1 to 00-02-65-01-62-C6 and on AP 00-02-65-01-62-C6, set the peer MAC address of port 1 to 00-02-65-01-C5.
3.5.2. Security IEEE 802.11g security settings include SSID broadcasts, Wireless client isolation, Security mode, , MAC-Address-Based Access Control. TABLE OF SECURITY SETTING DEFINITIONS SSID The network name SSID Broadcasts Enable or Disable SSID broadcast. Enabling this feature broadcasts the SSID across the network. Wireless Client Isolation When the Access Point is in AP/Bridge mode, wireless-to-wireless traffic can be blocked so that the wireless clients cannot see each other.
3.5.2.1. Selecting Wireless Security Mode For security reasons, it’s highly recommended that the security mode be set to options other than Open System. When the security mode is set to Open System, no authentication and data encryption will be performed. Additionally, you can disable the SSID broadcasts functionality so that a wireless client computer with an “any” SSID cannot associate with the AP. Fig. 38. Basic IEEE 802.
which are associated with different APs, is still allowed. Choose from up to 7 security modes: z Open System. No authentication, no data encryption. z Static WEP. WEP (Wired Equivalent Privacy) keys must be manually configured. z Static TKIP (WPA-PSK). Only TKIP (Temporal Key Integrity Protocol) mechanism of WPA (Wi-Fi Protected Access) is enabled.
set to exclusive, entries in the table are not permitted to associate with the Access Point. Fig. 40. MAC-address-based access control settings To deny wireless clients’ access to the wireless network: 1. Select Enabled from the Functionality drop-down list. 2. Set the Access control type to exclusive. 3. Specify the MAC address of a wireless client to be denied access, and then click Add. 4. Repeat Steps 3 for other wireless clients. To grant wireless clients’ access to the wireless network: 1.
Fig. 42. Sample MAC ACL file To download a MAC ACL file from a TFTP server: 1. Specify the IP address of the TFTP server in the TFTP server IP address text box. 2. Specify the name of the MAC ACL file on the TFTP server in the MAC ACL file name text box. 3. Click Download. 3.5.3. IEEE 802.1x/RADIUS IEEE 802.1x Port-Based Network Access Control is a new standard for solving some security issues associated with IEEE 802.
Fig. 43. How IEEE 802.1x and RADIUS works An access point supporting IEEE 802.1x can be configured to communicate with two RADIUS servers. When the primary RADIUS server fails to respond, the wireless access point will try to communicate with the secondary RADIUS server. You can specify the length of timeout and the number of retries before communicating with the secondary RADIUS server after failing to communicate with the primary RADIUS server. An IEEE 802.
3.6. Advanced Settings 3.6.1. Packet Filters The Access Point Web-Based Network Management provides layer 2 (Ethernet Type Filters), layer 3 (IP Protocol Filters), and layer 4 (TCP/UDP Port Filters) filtering capabilities. The configuration processes for the filters are similar. Functionality: Sets the filtering as enabled or disabled. Policy for matched packets: Choose to discard or to pass a matched packet. To enable a filtering rule: Select the check box to the left of the rule to enable. 3.6.1.1.
Fig. 46. IP protocol filters settings A source (destination) IP address range is determined by performing an AND operation on the source (destination) IP address field and the source (destination) subnet mask field. For example, if the source IP address field is 192.168.0.1 and the source subnet mask field is 255.255.255.0, the resultant source IP address range is 192.168.0.0 to 192.168.0.255. 3.6.1.3.
When the UPnP functionality is enabled, you can see the Access Point in My Network Places of Windows XP. The Access Point can be given a friendly name that will be shown in My Network Places. Double-clicking the Access Point icon in My Network Places will launch the default Web browser for you to configure the AP. 3.6.2.2.
Fig. 50. SNMP settings To specify a trap target: 1. Type the IP address of the target host. 2. Type the Community for the host. 3. Select the corresponding check box next to the IP address text box.
Appendix A: Default Settings TIP: Press the Default (SF-Reset, or Soft-Reset) switch on the housing of a powered-on Access Point to reset the configuration settings to factory-default values. Setting Name Global User Name Password IEEE 802.11g Regulatory Domain Channel Number SSID SSID Broadcasts Transmission Rate Transmit Power MAC Address Default Value root root FCC (U.S.) 1 Wireless Enabled Auto High See the label on the accompanying PCMCIA card or the label on the housing of the AP.
Appendix B: Troubleshooting Check the following first: z Verify that Access Point is powered-on and any Ethernet cables are connected firmly to the RJ-45 jacks of the Access Point. z Verify that the LED ALV of the Access Point is blinking to indicate the Access Point is working. z Check that the types of Ethernet cables are correct. Recall that there are two types—normal and crossover. B-1: Wireless Settings Problems z The wireless client computer cannot associate with the Access Point.
B-2: TCP/IP Settings Problems Fig. 51. Communication stages for a client to reach its correspondent host For a wireless client computer to communicate with a correspondent host on the Internet by the host’s domain name (e.g. http://www.wi-fi.com), it first sends a DNS request to a DNS server on the Internet. The DNS request travels first to the AP, then the Access Point relays this request to the default gateway of the client computer.
Point match. z z Are the IP address of the client computer and the IP address of the Access Point in the same IP subnet? Use WinIPCfg.exe or IPConfig.exe to see the current IP address of the client computer. Make sure the IP address of the client computer and the IP address of the Access Point are in the same IP subnet. TIP: If you forget the current IP address of the AP, use Wireless Router/AP Browser to get the information (see Appendix B-3).