User's Manual
Table Of Contents
- Chapter 1 Introduction
- Chapter 2 Mesh Point CLI and Administrative Access
- Chapter 3 Networking and Radio Configuration
- 3.1 Network Interfaces
- 3.2 Network Bridging
- 3.2.1 Bridging Configuration
- 3.2.2 FastPath Mesh Bridging
- 3.2.3 Fine-tuning FastPath Mesh Network Performance
- 3.2.3.1 Selecting the FastPath Mesh Multicast Transmit Mode
- 3.2.3.2 Setting the FastPath Mesh Packet Interval
- 3.2.3.3 Setting the FastPath Mesh Transmit Control Level
- 3.2.3.4 Setting Multicast Video Clamping Thresholds
- 3.2.3.5 Setting Mesh Routing Reactivity
- 3.2.3.6 Setting Mesh Packet Time To Live
- 3.2.3.7 Viewing Current Mesh Performance Parameters
- 3.2.3.8 Frame Processor Parameters
- 3.2.4 STP Bridging
- 3.3 Global Radio Settings
- 3.4 Individual Radio Settings
- 3.4.1 Radio Band, Short Preamble, Guard Interval
- 3.4.2 Channel Selection
- 3.4.3 Distance, Beacon Interval, Noise Immunity
- 3.4.4 Network Type, Antenna Gain, Tx Power
- 3.4.5 MIMO
- 3.4.6 STBC
- 3.4.7 Channel Lock and Other Channel Selection Features
- 3.4.8 DFS, TDWR, and Channel Exclusion
- 3.4.9 Radio BSS Settings
- 3.4.9.1 BSS Radio, BSS Name and SSID
- 3.4.9.2 WDS Bridging or AP Infrastructure Configuration
- 3.4.9.3 BSS State, SSID Advertising and Drop Probe Requests
- 3.4.9.4 BSS STA Idle Timeout and 802.11g-Only Settings
- 3.4.9.5 BSS Unicast Transmission Rate Settings
- 3.4.9.6 BSS WMM QoS Setting
- 3.4.9.7 BSS Fragmentation and RTS Thresholds
- 3.4.9.8 BSS DTIM Beacon Countdown
- 3.4.9.9 BSS VLANs Settings
- 3.4.9.10 BSS Fortress Security Zone
- 3.4.9.11 FastPath Mesh BSS Cost Offset
- 3.4.9.12 BSS Multicast Settings
- 3.4.9.13 Bridging MTU and Beacon Encryption
- 3.4.9.14 BSS Description
- 3.4.9.15 BSS Wi-Fi Security Configuration
- 3.4.10 Antenna Tracking / Rate Monitoring
- 3.4.11 ES210 Mesh Point STA Settings and Operation
- 3.4.11.1 STA Radio, Name, SSID and SSID Roaming
- 3.4.11.2 STA State
- 3.4.11.3 STA Unicast Transmission Rate Settings
- 3.4.11.4 STA Background Scanning
- 3.4.11.5 STA WMM QoS Setting
- 3.4.11.6 STA Fragmentation and RTS Thresholds
- 3.4.11.7 STA Multicast Rate
- 3.4.11.8 STA Description
- 3.4.11.9 STA Wi-Fi Security Configuration
- 3.4.11.10 Editing or Deleting a STA Interface Connection
- 3.4.11.11 Establishing a STA Interface Connection
- 3.4.11.12 ES210 Station Access Control Lists
- 3.5 Local Area Network Configuration
- 3.6 Time and Location Configuration
- 3.7 GPS and Location Configuration
- 3.8 DHCP and DNS Services
- 3.9 Ethernet Interfaces
- 3.10 Quality of Service
- 3.11 VLANs Implementation
- 3.12 ES210 Mesh Point Serial Port Settings
- 3.13 Mesh Viewer Protocol Settings
- Chapter 4 Network Security, Authentication and Auditing
- 4.1 Fortress Security Settings
- 4.1.1 Operating Mode
- 4.1.2 FIPS Settings
- 4.1.3 MSP Encryption Algorithm
- 4.1.4 Encrypted Data Compression
- 4.1.5 MSP Key Establishment
- 4.1.6 MSP Re-Key Interval
- 4.1.7 Key Beacon Interval
- 4.1.8 Fortress Legacy Devices
- 4.1.9 Encrypted Zone Cleartext Traffic
- 4.1.10 Encrypted Zone Management Settings
- 4.1.11 Authorized Wireless Client Management Settings
- 4.1.12 Turning Mesh Point GUI Access Off and On
- 4.1.13 SSH Access to the Mesh Point CLI
- 4.1.14 Blackout Mode
- 4.1.15 Allow Cached Credentials
- 4.1.16 Fortress Access ID
- 4.2 Digital Certificates
- 4.3 Access Control Entries
- 4.4 Internet Protocol Security
- 4.5 Authentication and Timeouts
- 4.5.1 Authentication Servers
- 4.5.2 Internal Authentication Server
- 4.5.2.1 Basic Internal Authentication Server Settings
- 4.5.2.2 Certificate Authority Settings
- 4.5.2.3 Global User and Device Authentication Settings
- 4.5.2.4 Local 802.1X Authentication Settings
- 4.5.2.5 OCSP Authentication Server Settings
- 4.5.2.6 OCSP Cache Settings and Management
- 4.5.2.7 Internal Authentication Server Access Control Lists
- 4.5.3 User Authentication
- 4.5.4 Client Device Authentication
- 4.5.5 Session Idle Timeouts
- 4.6 ACLs and Cleartext Devices
- 4.7 Remote Audit Logging
- 4.8 Wireless Schedules
- 4.1 Fortress Security Settings
- Chapter 5 System Options, Maintenance and Licensing
- Chapter 6 System and Network Monitoring
- Index
- Glossary
Fortress ES-Series CLI Guide: Networking and Radio Configuration
55
NOTE: Settings for
ChannelLock
and ChannelScan do
not affect the channel
scanning behavior of an
configured STA inter-
face, which must chan-
nel scan to find an AP
with which to associate.
3.4.7 Channel Lock and Other Channel Selection
Features
When ChannelLock is set to
enable
(default is
disable
) and at
least one BSS is configured, the radio will not switch from the
currently configured channel, regardless of settings or activity
that would ordinarily trigger a channel switch. The Mesh Point
ignores WDS-related channel scanning and remote WDS peer
channel change requests. Radar events that occur while on a
DFS channel cause the radio to be disabled, rather than to
select an alternate channel.
NOTE: When
enabled, Chan-
nel Lock takes prece-
dence over any other
channel selection func-
tion, except for channel
scanning on configured
STA interfaces. Settings
for the remaining chan-
nel selection functions
do not appear in show
radio output.
When ChannelLock is
enabled
, the Channel Scanning,
Reunification, and Lonely Node features are
disabled
, and the
Ignore Remote Channel Change Request feature is
enabled
.
You cannot change these settings, and these parameters do
not appear in the output for
show radio.
When
ChannelScan is set to
enable
(the default), WDS-related
channel scanning occurs under any of the following conditions:
a WDS-enabled BSS exists and the Mesh Point is booting
a WDS BSS is administratively disabled, then re-enabled
the radio is administratively disabled and re-enabled
the lonely node feature is enabled
When Channel Scanning is
disabled
(explicitly, or via Channel
Lock
), Reunification and Lonely Node are also disabled.
The
IgnoreRequest setting of
enable
causes the Mesh Point
to drop remote channel-change requests. When set to
disable
(the default), remote channel change requests from compatible
peers are processed and if the channel isn’t excluded, the
Mesh Point changes to the requested channel. If the channel is
excluded, a channel change request for an alternate channel is
sent. When Channel Lock is enabled,
IgnoreRequest is also
enabled.
When Reunification is
enabled
(default), during WDS-related
channel scanning, a remote channel change request is sent to
unselected channels in order to unify disjoint networks. For
example, during WDS-related channel scanning, a Mesh Point
with a WDS-enabled BSS with SSID “bravo” discovers a
compatible “bravo” network on channels 149 and 165. Based
on channel precedence, the Mesh Point chooses one of these
two frequencies for operation. It then sends a remote channel
change request to the unselected channel so that all Mesh
Points can operate on a common channel. When Channel Lock
is enabled or Channel Scanning is disabled, Reunification is
disabled.
When the
LonelyNode setting is
enable
(default), the Mesh
Point scans periodically to select an alternate channel with
compatible peers. The Lonely Node
Timeout setting