LevelOne User Manual WAB-7400 Dual Radio PoE Mesh Access Point Ver. 1.0.
Table of Content Table of Content 1 1 4 Introduction 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 2 3 Features & Benefits Package Contents Safety Guidelines WAB-7400 Description Mounting Install Guide System Requirements Applications Network Configuration 5 6 6 6 7 10 10 12 Understanding the Hardware 15 2.1 2.2 15 16 Hardware Installation IP Address Configuration LevelOne Mesh Web-based Interface 3.1 3.1.1 3.1.2 3.1.3 3.2 3.2.1 3.2.2 3.2.3 3.3 3.3.1 3.3.2 3.3.3 3.4 3.4.1 3.4.2 3.4.3 3.5 3.5.1 3.6 3.6.1 3.
.7 3.7.1 3.8 3.8.1 3.8.2 3.8.3 3.8.4 3.9 3.9.1 3.9.2 3.9.3 3.9.4 3.9.5 3.10 Login Setup 58 Login Setup > RADIUS.......................................................................................58 Tools 60 Tools > Ping.........................................................................................................60 Tools > Ifconfig ...................................................................................................60 Tools > Route................................................
Revision History Revision 1.
1 Introduction LevelOne WAB-7400 Dual Radio PoE Mesh AP is designed with IEEE802.11a/b/g standards and addressed on providing high performance mesh network. The product encased in the IP-65 protection enclosure and delivers the maximum scalability, high reliability at outdoor environment. Compared with expensive T1/E1 leased lines, the Mesh network offers a cost-effective last-mile connection. LevelOne WAB-7400 Dual Radio PoE Mesh AP provides wireless connection over self-adaptation mesh backhaul (5GHz).
1.1 Features & Benefits Features Benefits Dual Radio for independent Backhaul and local Allow operators to set up at both 2.4GHz for long access range and 5GHz to reduce the frequency interference.
1.2 Package Contents Open the package carefully, and make sure that none of the items listed below are missing. Do not discard the packing materials, in case of return; the unit must be shipped in its original package. WAB-7400 Dual Radio PoE Mesh Access Point PoI-2000 Power over Ethernet Injector CD manual / Utility Mounting kit 1.3 Safety Guidelines In order to reduce the risk of fire, electric shock and injury, please adhere to the following safety guidelines.
1.5 Mounting Install Guide Make sure the following accessories are included in your WAB-7400 package.
Step 1: Fix the U type clip holder as picture 1 & 2. Step 2: Assemble the clip holder shown as 3~6. Step 3: Mount the WAB-7400 equipped with the holder on the pole shown as 7~9.
Option 2: Pole Mounting Step 1: Fix the U type clip holder as picture 1~5. Step 2: Equip the metal plate on the bottom case of WAB-7400 shown as 6.
Step 3: Assemble the holder to the bottom enclosure shown as 7. Step 4: Mount the WAB-7400 equipped with the holder on the pole shown as 8~9. Option 3: Wall Mounting Screws 1.6 System Requirements The following are the minimum system requirements in order configure the device. PC/AT compatible computer with a Ethernet / Wireless interface. Operating system that supports HTTP web-browser 1.7 Applications The wireless LAN products are easy to install and highly efficient.
flexibility of wireless LANs: a) Difficult-to-wire environments There are many situations where wires cannot be laid easily. Historic buildings, older buildings, open areas and across busy streets make the installation of LANs either impossible or very expensive. b) Temporary workgroups Consider situations in parks, athletic arenas, exhibition centers, disaster-recovery, temporary offices and construction sites where one wants a temporary WLAN established and removed.
1.8 Network Configuration To better understand how the wireless LAN products work together to create a wireless network, it might be helpful to depict a few of the possible wireless LAN PC card network configurations. The wireless LAN products can be configured as: a) Ad-hoc (or peer-to-peer) for departmental or SOHO LANs. b) Infrastructure for enterprise LANs.
c) Wi-Fi Mesh Networks A Wireless Mesh Network constructed from WiFi Technology alleviates a number of roaming challenges from laptops, IP phones, PDAs, and IP base devices: No geographical limitations – User can take a handheld or laptop computer anywhere without losing the connection in their home No physical connection required – Mobile IP connects automatically and obtains local IP router information Supports security – Authentication is performed to ensure that rights are being protected Access Anytime
14
2 Understanding the Hardware 2.1 Hardware Installation a) Plug one end of the Ethernet cable into the AP port of the PoE Injector and the other end into the Bridge/AP. b) Place one end of another Ethernet cable into the Network port of the PoE injector and another end into your PC/Notebook. c) Insert the DC-inlet of the power adapter into the port “DC-IN” and the other end into the power socket on the wall.
This diagram depicts the hardware configuration 2.2 IP Address Configuration This device can be configured as a Bridge or Access Point. The default IP address of the device is 192.168.0.1. In order to log into this device, you must first configure the TCP/IP settings of your PC/Notebook. a) In the control panel, double click Network Connections and then double click on the connection of your Network Interface Card (NIC). You will then see the following screen.
c) Select Internet Protocol (TCP/IP) and then click on the Properties button. This will allow you to configure the TCP/IP settings of your PC/Notebook. d) Select Use the following IP Address radio button and then enter the IP address and subnet mask. Ensure that the IP address and subnet mask are on the same subnet as the device. For Example: Device IP address: 192.168.0.1 PC IP address: 192.168.0.10 PC subnet mask: 255.255.255.
3 LevelOne Mesh Web-based Interface Web-based configuration interface is accessible with computer with TCP/IP capability and web browser (e.g. Mozilla or IE).To access web-based configuration interface, enter https://192.168.0.1/. In the browser URL/Location field. You will see an authentication page display as shown in Figure 3.1.1. Figure 3.1.1: Windows authentication page Type “admin” in User Name and Password field, then click OK button.
LevelOne Mesh page has nine main menus: System, Network, Security, Services, QoS, System Management, Login Setup, Tools and Status. Each main menu also will have its submenu.
HTTPD Internal webserver settings SNMP SNMP settings Syslog Server Syslog Server settings Firmware Firmware maintenance Trap Trap settings Configuration Configuration management NMS Addresses Network Management System notifying settings.
3.1 System 3.1.1 System > System WAB-7400 is a layer 2 mesh network that supports gateway and relay operation mode. Figure 4.1.1 illustrates the system information configuration page. Figure 4.1.1: System Information Configuration page System Information Configuration page contains the following parameters: Name: Name of the device. Location: Location name that device located. Contact Name: Name of the contact person for consulting about the device.
3.1.2 System > Advance In this advance feature, networking conntrack and some wireless fine tune done. Figure 4.2.1 illustrates the advance configuration page. Figure 4.2.1: Advance configuration page Advance configuration has the following parameters: Maximum Session: maximum connection tracking session, a higher value is desired to support large number of local users.
TCP Finished Wait Timeout: TCP finished wait timeout TCP Last Ack Timeout: Last acknowledgement timeout TCP SYN Receive Timeout: TCP SYN receive timeout TCP SYN Sent Timeout: TCP SYN sent timeout TCP Time Wait Timeout: TCP Time wait timeout UDP Timeout: UDP timeout UDP Stream Timeout: UDP stream timeout Radio 1 distance: Desired operating distance for radio 1 ( usually refer to mesh radio ) Radio 2 distance: Desired operating distance for radio 2 ( usually refer to client
Figure 4.3.2: Advance configuration page Figure 4.3.3: Advance configuration page Click on the Reset link on the navigation drop-down menu. This option allows you to restore the device back to the factory default settings. Click on the Default button. Figure 4.3.4: Advance configuration page Click on the Restore link on the navigation drop-down menu. This option allows you to restore the configuration from a file that is stored on a local disk.
Figure 4.3.5: Configuration page Click on the Reboot link on the navigation drop-down menu. This option allows you to reboot the device in order for the current settings to take effect.
3.2 Network 3.2.1 Network > WLAN This device will form a wireless mesh network with other device provided the correct configuration. Figure 5.1.1 illustrates the wireless settings of the mesh. Figure 5.1.1: Network - WLAN configuration page MAC: Displays the MAC address of the wireless interface. Mode: WLAN 1 defined as ADHOC mode. ADHOC mode will bring the wireless device to adhoc mode where no AP is required.
Band: Select a wireless band from the drop-down list: 802.11a, 802.11b, or 802.11g. ESSID: The SSID is a unique named shared amongst all the points of the wireless network. The SSID must be identical on all points of the wireless network and cannot exceed 32 characters Frequency: Select a frequency/channel from the drop-down list. The channels available are based on the country’s regulation.
in order to combat fading and interference. Click on “Diversity” drop down button to select “Card Default”, “Enable” or “Disable”. Tx Antenna: Click on “Tx antenna” drop down button to select “Diversity”, “Card Default”, “Port 1”, or “Port 2”. Rx antenna: Click on “Rx antenna” drop down button to select “Diversity”, “Card Default”, “Port 1”, or “Port 2” Base Datarate max Tx power: Default output power of the device.
TKIP (Temporal Key Integrity Protocol) provides per-packet key generation and is based on WEP. AES (Advanced Encryption Standard) is a very secure block based encryption. Note that, if the bridge uses the AES option, the bridge can associate with the access point only if the access point is also set to use only AES. The device negotiates the cipher type with the access point, and uses AES when available. 802.1x: This option works with a RADIUS Server to authenticate wireless clients.
Secondary DNS address. Domain: Specify the Domain name of network. Gateway: IP address of router or nodes that serves as an entrance to another network, and vice-versa. Edit this field to match your ISP settings or leave it unchanged to use defaults from your ISP. “Save Changes” button to save any changes made. New settings are active after the device reboot. Network Time Protocol (NTP) is a protocol for synchronizing the system clocks over data networks. Figure 5.2.
Figure 5.2.3: NTP – add or edit page NTP add or edit page contains the following parameters: Server: Specify the name of IP address of the NTP server. Min Poll: Specify the minimum number of times that the device should poll the server. Max Poll: Specify the maximum number of times that the device should poll the server. Comments: You may include comments or a description. Active: Choose to enable or disable the NTP Server entry.
3.2.3 Network > Routing Routing refers to selecting paths in a network along which to send data. Figure 5.3.1 illustrates the route configuration page. Figure 5.3.1: Routing configuration page Route contains the following parameters: Routes List: Display list of routes. “Add” button to add new entry to the routes. “Edit” button to edit current selection. “Delete” button to delete current selection. Figure 5.3.2 illustrates the add or edit page for route entry. Figure 5.3.
Comments: Enter the interface comments. Active: Enable to disable this interface. “Save Changes” button to save any changes made. Please reboot to enable new settings.
3.3 Security 3.3.1 Security > MSSID In this section you may configure the SSID, beacon interval, RTS threshold, fragmentation threshold, DTIM interval, data rate, security type, and 802.1x. Figure 6.2.1 and Figure 6.2.2 illustrate the MSSID configuration page. Figure 6.1.1: MSSID configuration page Click on the Edit button to modify the default values. Figure 6.1.2: MSSID configuration page ESSID: The SSID is a unique named shared amongst all the points of the wireless network.
mode is enabled, you must enter the Wireless Network Name (SSID) on the client manually to connect to the network. Beacon Interval: Beacons are packets sent by a wireless Access Point to synchronize wireless devices. Specify a Beacon Period value between 20 and 1000. The default value is set to 100 milliseconds. RTS Threshold: Packets over the specified size will use the RTS/CTS mechanism to maintain performance in noisy networks and preventing hidden nodes from degrading the performance.
format is provided so you can enter a string that is easier to remember. The ASCII string is converted to HEX for use over the network. Four keys can be defined so that you can change keys easily. A default key is selected for use on the network. WPA (Wi-Fi Protected Access) was designed to improve upon the security features of WEP (Wired Equivalent Privacy). The technology is designed to work with existing Wi-Fi products that have been enabled with WEP.
Figure 6.2.1: MAC access configuration page Active: Choose to enable or disable the MAC address filter feature. Type: Choose to allow or deny access for the MAC addresses. Click on the Save Changes button to store and changes and then reboot the device in order for the changes to take effect. MAC Access List: Click on the Add button to insert a MAC address. Figure 6.2.2: MAC access configuration page MAC: Specify the MAC address. Type: Select Allow or Deny.
3.3.3 Security > VLAN A Virtual LAN is a network of computers that behave as if they are connected to the same wire even though they may actually be physically located on different segments of a LAN. VLANs are configured through software rather than hardware, which make them extremely flexible. One of the biggest advantages of VLANs is that when a computer is physically moved to another location, it can stay on the same VLAN without any hardware reconfiguration. Figure 6.3.1 and Figure 6.3.
Netmask: Specify the subnet mask for the IP address. Routed: Select if the VLAN is routed through the routing table or NAT. Comments: You may include comments or a description. Active: Choose to enable or disable this VLAN entry. Click on the Save Changes button to store and changes and then reboot the device in order for the changes to take effect.
3.4 Services 3.4.1 Service > DHCP Relay For a dynamic network, WAB-7400 is able to forward the DHCP request to a backend DHCP server when operating in layer 2 mode. Figure 7.1.1 illustrates the configuration page for DHCP Relay. Figure 7.1.1 DHCP Relay Settings DHCP Relay contains the following parameters: Active: Enable or disable DHCP Relay feature. Port: Port to listen for DHCP packet. Default value is 67.
Figure 7.1.2 illustrates to add or edit configuration page. Figure 7.1.2 Server or Interface configuration page. The add or edit configuration page contains the following parameters. Type: Server IP or interface list Interface Name: Once the “type” drop down menu is changed to interface, interface name selection drop down menu will appear for the users to make selection on the interface where the DHCP server can be reach. The interface also must include the interface where the client can be reach.
3.4.2 Service > System Watchdog Linux kernel watchdog will constantly monitor the integrity of the system. During system locked up, kernel watchdog will trigger a system reboot to recover the system from failure. Figure 7.2.1 illustrates the Linux kernel watchdog configuration page. Figure 7.2.1: System watchdog configuration page Linux kernel watchdog configuration page contains the following parameters: Active: Enable or disable this service.
SSHD configuration page contains the following parameters: Active: Enable or disable this service. Port: Specify the TCP/IP port that the SSHD will listen for incoming connection. Click on the Save Changes button to store and changes and then reboot the device in order for the changes to take effect.
3.5 QoS 3.5.1 QoS > WMM Wireless Multimedia Extensions (WME), also known as Wi-Fi Multimedia (WMM) is a Wi-Fi Alliance interpretability certification, based on the IEEE 802.11e draft standard. It provides basic Quality of service (QoS) features to IEEE 802.11 networks. WMM prioritizes traffic according to 4 AC (Access Categories), however it does not provide guaranteed throughput. It is suitable for simple applications that require QoS, such as Wi-Fi Voice over IP (VoIP) phone. Figure 8.1.
Figure 8.1.2: WME - edit page WME – edit page contains the following parameters: Interface: Specify the interface for WMM. Comments: Optional comments for this entry. Active: Enable or disable WME. CWMIN: Minimum contention window. This parameter is input to the algorithm that determines the initial random backoff wait time (window) for retry of a transmission.
TX OP LIMIT: Transmission Opportunity is an interval of time when a WME AP/station has the right to initiate transmissions onto the wireless medium (WM). This value specifies (in milliseconds) the Transmission Opportunity (TXOP); that is, the interval of time when the WMM AP/station as the right to initiate transmissions on the wireless network.
3.6 System Management 3.6.1 System Management > HTTPD Web-based configuration management is done through the secure HTTP. Figure 9.1.1 illustrates the HTTPD server configuration page. Figure 9.1.1: HTTPD server configuration page HTTPD server configuration page contains the following parameters: Active: Enable or disable HTTPD server. Port: Enter the HTTPD port number. Username: Enter the HTTPD username. Password: Enter the HTTPD password.
“Apply” button to save any changes made. Please reboot to enable new settings. Click on the Save Changes button to store and changes and then reboot the device in order for the changes to take effect. “Add” button to add entry to the access control table. “Edit” button to edit current selection. “Delete” button to edit current selection. Figure 9.1.2 illustrates the HTTPD access control configuration page. Figure 9.1.
Figure 9.2.1: SNMP configuration page SNMP configuration page contains the following parameters: Active: Enable or disable SNMP management. Version: Select “v1 or v2c”, “v3”, or “all” SNMP version. Port: Enter the SNMP port number. v2 Read Community: Enter the v2 Read Community. Reconfirm v2 Read Community: Re-enter v2 Read Community to verify. v2 Read-write Community: Enter the v2 Read-write Community.
v3 Read Username: Enter the v3 Read Username. v3 Read-write Username: Enter the v3 Read-write Username. v3 Password: Enter the v3 Password. Reconfirm v3 Password: Re-enter v3 Password for verification. v3 Passphrase: Enter the v3 Passphrase. Reconfirm v3 Passphrase: Re-enter v3 Passphrase for verification. Access control: Enable or disable SNMP access control.
Device: Click on “Device” drop down menu to select device. For example, WAN, MESH, VLAN0…… Using: Click on “Using” drop down menu to select “Device” or “Network”. Comments: Enter comments for this entry. Active: Click on “Active” drop down menu to enable or disable this entry. Click on the Save Changes button to store and changes and then reboot the device in order for the changes to take effect. 3.6.
This page also displays the current firmware version and its release date. Figure 9.4.1 illustrates the Firmware upgrade configuration page. Figure 9.4.1: Firmware configuration page Ensure that you have downloaded the appropriate firmware from the vendor’s website. Click on the Browse button to select the firmware and then click on the Upload button. Note: Please do not power off the device during the firmware upgrade as they may cause permanent damage to the device. 3.6.
Figure 9.5.1: Trap configuration page Trap configuration page contains the following parameters: Active: Enable or disable trap report. Configuration: Enable or disable report on configuration issue. Security: Enable or disable security trap report. Wireless: Enable or disable wireless trap report. Operational: Enable or disable operational trap report. Flash: Enable or disable flash trap report. Tftp: Enable or disable tftp trap report.
“Delete” button to edit current selection. Figure 9.5.2 illustrates the configuration page for add or delete trap server. Figure 9.5.2: Trap server – add or edit page Trap server: add or edit page contain the following parameter: IP: Enter destination IP to send trap. Community: Enter community of trap. Reconfirm Community: Re-enter community to confirm it. Version: SNMP Version. Comments: Enter Trap comments. Active: Enable or disable this entry.
Figure 9.6.1: Configuration – Upload new webserver page Upload New Webserver Certificate: Click on the Browse button to select the certificate and then click on the Upload button. Manage RSA: Click on the Manage RSA button to upload a private RSA key. Figure 9.6.2 illustrates the Manage RSA configuration page. Figure 9.6.2: Configuration – Manage RSA page Upload Key-Pair: Click on the Browse button to select the certificate and then click on the Upload button.
Figure 9.6.3: Configuration – Manage X509 page Local Certificate: Click on the Browse button to select the certificate and then click on the Upload button. Remote Certificate: Click on the Browse button to select the certificate and then click on the Upload button. 3.6.7 System Management > NMS Addresses NMS address is used for the system to report back to Network Management System located outside of the network. Figure 9.7.1 illustrates the NMS server address configuration page. Figure 9.7.
NMS address configuration page contains the following parameters: NMS Address List: List of NMS server. “Add” button to add entry to the NMS address list. “Edit” button to edit current selection. “Delete” button to edit current selection. Click on the Save Changes button to store and changes and then reboot the device in order for the changes to take effect. Figure 9.7.2 illustrates the NMS address configuration page for add or edit. Figure 9.7.
3.7 Login Setup 3.7.1 Login Setup > RADIUS Remote Authentication Dial In User Service (RADIUS) is an AAA (Authentication, Authorization and Accounting) protocol for applications such as network access or IP mobility. RADIUS client will verify authentication push by RADIUS server. Figure 10.1.1 illustrates the RADIUS client configuration page. Figure 10.1.1: RADIUS client configuration page RADIUS client configuration page contains the following parameters : Active: Enable or disable RADIUS client.
“Edit” button to edit current selection. “Delete” button to edit current selection. Click on the Save Changes button to store and changes and then reboot the device in order for the changes to take effect. Figure 10.1.2 illustrates the add or edit page for RADIUS entry. Figure 10.1.2: RADIUS server – add or edit page RADIUS server: add or edit page contain the following parameter: Server Name: Enter the RADIUS server name.
3.8 Tools 3.8.1 Tools > Ping Figure 11.1.1 illustrates the ping page. Figure 11.1.1: Ping page Ping page contains the following parameters: Ping: Enter the IP address to ping. Number of pings: Enter the number of pings to send. “Ping” button to ping and display output of ping command. “Output” text area display result of the ping command. 3.8.2 Tools > Ifconfig Ifconfig page is used to collect verbose information about device network interfaces. Figure 11.2.1 illustrates the ifconfig page.
Figure 11.2.1: Ifconfig page Ifconfig page contains the following parameters: “Ifconfig” button to call ifconfig command. “Output” text area to display the output of the command. 3.8.3 Tools > Route Route page is used to collect information about device’s routing table. Figure 11.3.1 illustrates the route page. Figure 11.3.1: Route page Route page contains the following parameters: “Route” button to display output of route command. “Output” text area display result of the route command.
3.8.4 Tools > TFTP Figure 11.4.1 illustrates the TFTP page. Figure 11.4.1: TFTP page TFTP contains the following parameters: TFTP to: Enter the destination IP address of remote TFTP server. Operation: Select “put”, “get” or “get and reboot” file to remote TFTP server. File Name: Enter the File Name to put or get. Type of File – Select “config”, “firmware”, “ipsec x509 local”, “ipsec x509 remote”, or “ipsec rsa” file. Execute button to perform directed action.
3.9 Status 3.9.1 Status > System Click on the Status link on the navigation drop-down menu. This option displays the system uptime, CPU speed, free RAM, and firmware version. Figure 12.1.1 illustrates the system status page. Figure 12.1.1: System Status page 3.9.2 Status > Interfaces Click on the Interfaces link on the navigation drop-down menu. This option displays the details of the WAN, MESH, and VLAN0 interface. Figure 12.2.1 illustrates the interface page.
Figure 12.2.2: WAN Interface page Click on the Get Details button for the MESH and VLAN0 interface. This section displays the hardware MAC address, IP type, IP address, broadcast address, netmask, MTU, and Tx/Rx packet information. On the wireless interface it displays the ESSID, 802.11 band, frequency, MAC address, data rate, tx output power, encryption key, and QoS. Figure 12.2.3 illustrates the MESH and VLAN0 interface page. Figure 12.2.3: MESH and VLAN0 Interface page 3.9.
the current status of the following services: NTP client, SSHD, SNMP server, Syslog server, and web servers. Figure 12.3.1 illustrates the status of each service running in the device. Figure 12.3.1: Services page 3.9.4 Status > System Log Click on the System Log link on the navigation drop-down menu. This option displays the list of events by date and time. Click on the Get Log button to view the output. Figure 12.4.1 illustrates the system log page. Figure 12.4.1: System Log page 3.9.
Figure 12.5.1: Neighbor Status page Neighbor Status page contains the following parameters: List of Neighbors: display a list of connected neighbor. : display the MAC table of the selected entry. View All Macs: display all the MAC currently visible to the device.
3.10 Help Help page provide links to specific help related to configuration and some description according to each submenu of the configuration.
4 Appendix A – FCC Interference Statement Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter.
5 Appendix B – GPL Software Agreement This product incorporates open source code into the software and therefore falls under the guidelines governed by the General Public License (GPL) agreement. Adhering to the GPL requirements, the open source code and open source license for the source code are available for free download at http://global.level1.com.
