NETKROM OUTDOOR AP/BRIDGE MODELS User`s Manual
Contents
1. 137 Securty Configuration URL ALTERING The access point supports URL Filtering which allows you to easily set up rules to block objectionable web sites from your LAN users TO CONAGURE URL ALTERING Step 1 Under the Securty Configuration command menu click on URL Filtering Security Configuration Packet Filtering gt URL Filtering Firewall Confiquration Firewall Logs URL Filter Configuration WEL Filter Type Disabled Change Step 3 Select Block or Allow and then click on the Apply button The default is Disabled which allows all websites to be accessed When you will be retumed to the page shown above then click the Add button Add a new URL Filter Host Name www objectablewebsites com Gea eo Step 2 You may now define the URL Filter Type by clicking the Change button Select URL Filtering Type Mo Entenn l access nestnicteon Block user speciesd websites only slow al other wengited low uber specihed wetted only block all Appiy For the Host Name field input the web site address that you wish to block Then click the Add button to complete your setup 138 Secunty Configuraton FIREWALL C ONAGURATION More than just a NAT firewall there is a powerful Stateful Packet Inspection SPI firewall option that can be activated on the access point Stateful Inspection compares certain key parts of the packet to a database of trusted information before allowing it2. To enable Remote Management entera port number which isnot being used by other applications in the network Please take note that it is recommended to use a different port number other than port 80 because some ISP block port number 80 NOTE NOT In view of preventing unauthonzed management from a remote location please remember to replace the default password with a new one You are also advised to change this password from time to time to guard against malicious attackers 118 Advanced Configuration PARALLEL BROADBAND ONLY SUPPORTED BY GATEWAY The access point is equipped with the exclusive Parallel Boadband technology to provide scalable Intemet bandwidth with Load Balancing and Fail Over Redundancy By installing multiple units of the access point cascaded using Parallel Broadband you may balance the Intemet traffic generated from your pnvate network over multiple broadband connections providing the network with aggregated bandwidth In the event of a particular broadband connection failing The access point in cascade will use the remaining functional broadband channels giving you an added peace of mind with its Fail Over Redundancy capability Parallel Broadband Load Balancing amp Fail Over Redundancy 3x Cable ADSL modems To implement Parallel Broadband you will need to install two or more access points in the network each connected to its broadband Intemet service account There is
3. e By entering the IP address of Access point in the address bar of Intemet Explorer You need to assign an IP address to your PC such as 192 168 168 x where x can take any value from 2 to 254 so that it isin the same subnet as Access point ACCESS TO THE VVEB INTERFACE WTH UC ONHG The powerful uConfig utility has been designed to give you direct access to the Web interface Step 1 Insert the Product CD into your CD ROM dnive The CD will run automatically Step 2 From the Utlities section select to install the uConfig utility to your hard disk 18 Access to Web based Interface Step 3 When the utility has been installed double click on the uConfig icon The following screen will appear click on the Yes button to proceed TEA is wContig utility should be run only in one to one nection with a uContig compatible device your PC is connected to other IP devices in the network Config may not work properby o you want to proceed Step 4 Select Wireless AG Access Point in the Products List section and click on the Open Web button To retneve and display the latest device s in the list click on the Refresh button Intel R PRO 100 00 11 11 8C 43 6C 192 168 168 62 255 255 255 0 Intel R PRO 100 00 11 11 8C 43 6C 192 168 1 7 255 255 255 0 Intel R PRO 100 00 11 11 8C 43 6C 10 0 0 5 255 0 0 0 0 0 0 0 192 168 1 1 192 168 168 62 20 0 0 255 0 0 0 10 0 0 5 192 168 168 62 20 10 0 0 5 256 255 25
4. To clear the values that you had entered in the field click on the Reset button Click on the Apply button and reboot your access point HowTo SETUP WPA PSK WPA2 PSK WPA PSK AUTO Only available in Access Point mode The guidelines below will help you to set up the access point for using WPA PSK Please follow the steps below if you have activated WPA PSK WPA2 PSK or WPA PSK AUTO secunty modes At the WPAI1 2 PSK Setup page WPA1 2 PSK Setup Key String Type Hexadecimal 64 hex digits Passphrase 8 63 ascii characters WPA PSK 11111111 Cipher Type AUTO vl GTK Update seconds 60 9999 81 WLAN Security Step 1 Specify the key entry type by selecting either e Passphrase Alphanumeric characters e Hexadecimal Step 2 Fill in the WPA PSK Pre Shared network Key If you are using the Passphrase format your entry can consist of a minimum of 8alphanumenc charactersora maximum of 63 alohanumenc characters Otherwise when using the Hexadecimal format your entry MUST consist of 64 hexadecimal characters Step 3 For WPA PSK Set the Cipher Type to TKIP WPA replaces WEP with a strong encryption technology called Temporal Key Integnty Protocol TKIP with Message Integnty Check MIC For WPA2 PSK Set the Cipher Type to AES Advanced Encryption Standard AES isa stronger symmetnc 128 bit block data encryption technique AES is a requirement of WPA2 under the IE
5. option to define a different DHCP Gateway IP Address which will be allocated as the Default Gateway of the DHCP client The 30 Common Configuraton DHCP client will thus receive its dynamic IP address from the access point but will access to the Intemet or to the other LAN through the Default Gateway defined by the DHCP Gateway IP Address For instance if the access point is used in Access Point Client mode and connects to an Intemet gateway X a PC wired to the access point will be unable to obtain a dynamic IP address directly from X But if you can enable the DHCP server of the access point and set the IP address of X as the DHCP Gateway IP Address the PC will then obtain its IP address from the access point and access the Intemet through X Always use these DNS servers Enable this checkbox if you want the access point to only use the DNSserver s you have specified below Primary DNS IP Address The IP address of the DNS server is usually provided by your ISP Secondary DNS IP Address This optional field is reserved for the IP address of a secondary DNS server DHC P Server If you disable the DHCP server you will need to manually configure the TCP IP parameters of each computer in your network 31 Common Configuraton TO VIEW THE ACTIVE DHC P LEASES The following will guide you to a page display of the active IP address leases that have been allocated by the builtin DHCP se
6. The Auto Detect checkbox is ticked Password by default The WAN IP entry box is EE Feet Baa blank by default These default settings should be applied if the dynamic WAN IP connection is used F Auto Detect Forinstance If your ISP connection service uses the dynamic WAN IP tick the Auto Detect checkbox to let the DtDNS server leam your curent WAN IP address Enter your DtDNS account Usemame and Password However if you are using a fixed WAN IP connection enter the IP address in the WAN IP field Then un tick the Auto Detect checkbox Then the access point will update the DtDNS server using that WAN IP entered in its field Step 4 Then click on the Add button 132 Advanced Configuration Step 5 Dynamic DNS List In our example while the new Domain Hame Update Status domain name cool 3d game com penzes oninepeopie ner is being added to the lit the EE will Add Fietesh message Waiting in queue be displayed under the Update Status column of the Dynamic DNS List table 133 Chapter 8 Secunty Configuration This chapter descnbes the secunty configuration mainly found in the Wireless Routing Clientand Gateway modes PAC KET ALTERING As part of the comprehensive secunty package found on the access point you may perform IP packet filtering to selectively allow disallow certain applications from connecting to the Intemet TO CONAGURE PAC KETRAILIERING Step 1 Under the S
7. button and the screen on the left will appear Rule Name Entera unique name to identify this firewall rule Disposition This parameter determines whether the packets obeying the rule Policy should be accepted or denied by the firewall Choose between Accept or Deny Protoc ols Usersare allowed to select the type of data packet from TCP UDP ICMP IGMP or ALL Note If users select either ICMP or IGMP they are required to make further selection in the ICMP Types or IG MP Types respectively 140 Secunty Configuraton ICMP Types IGMP Types This IP protocol is used to report errs in IP packet routing ICMP serves as a fom of flow control although ICMP messages are neither guaranteed to be received or transmitted Determines whether an IP node a host or a router isavailable on the network unreachable be delivered Informs the host to lower the rate at which t sends datagrams because of congestion Indicates that the Time to Live TIL of an IP datagram hasexpired Problem one the ICMP parameter Request packet Request packet Information that is from the ICMP data packet This IP protocol is used to establish host memberships in particular multicast groups on a single network The mechanisms of the protocol allow a host to infom its local router using Host Membership Reports Report packet Query packet Message packet This parameter allows you to specify workstation s generating the data pac
8. Adapter Access point Chapter 2 Hardware Installaton WARNINGS e Do not work on the system or connect or disconnect cables dunng penods of lightning activity e Do not locate the antenna near overhead power lines or other electric light Or power circuits or where it can come into contact with such circuits When installing the antenna take extreme care not to come into contact with such Circuits asthey may cause senous injury or death e Only trained and qualified personnel should be allowed to install replace or service this equipment e To meet regulatory restrictions the radio and the extemal antenna must be professionally installed The network administrator or other IT professional resoonsble for installing and configunng the unit is a suitable professional installer Following installation access to the unit should be password protected by the network administrator to maintain regulatory compliance e The outdoor access point and PoE injector can be damaged by incorect power application Read and carefully follow the installation instructions before connecting the system to its power source 10 Hardware Installation PAC KAGE CONTENTS Take a moment to ensure you have all of the following parts in your Outdoor Waterproof Unit installation kit before you begin installing the product If any parts are missing please contact your local vendor or contact us at 305 4182232 KITCONTAINS 1 Aimet Outdoor A
9. Intemet requests amving at the access point s WAN interface based on their TCP ports to specific PCs in the pnvate network If you require more information on this function please referto the NAT Technology Primer on the Product CD Step 1 Under the CONHGURATION command menu click on NAT You will find the Advanced NATOptons available near the bottom of the page Advanced NAT Options Diaz E F on Forearsing F Fprwanht Step 2 Click the Port Forwarding button to configure Virtual Servers based on Port Forwarding Step 3 Hit the Add button on the Port Port Forward Entries Forward Entries page Server Type Protocol Public Port Private IP Private Port i 110 Advanced Configuration Add Port Forward Entry Step 4 On the following Add Port Forward Known Server Entry screen you can set up a Virtual T Server for a Known Server type by Private IP Address selecting from a drop down menu OR you can define a Custom Server E E For a more detailed explanation Server Type please refer to the NAT Technology PEO a i Pimer found on the Product CD Public Port Single x From TOS Private IP Address Private Port From a Crea y Known Server Server Type Select from the drop down list of known server types HTIP FIP POP3 or Netmeeting Private Specify the LAN IP address of your server PC running within Address the private network Custom Server Server Type Define a
10. Refers to the types of algonthm such as WEP TKIP etc being used by the access point Signal Describes the strength of the signal received in percentage NOTE NOTE The pumpose of using Site Survey is to scan and display all access points based on the curent secunty setting of your access point For instance the following information supplied by the Site Survey according to the secunty setting is explained e lf the secunty mode is set to None or WEP the scan will show all available access points that have no secunty or WEP sec unity e If the secunty mode is set to WPA PSK the scan will show all available access points having all types of secunty from no secunty WEP security to WPA PSK sec unity 46 Common Configuration SHOW LINK INFORMATION ONLY FOR CUENTMODE AND WIRELESS ROUTING CLIENTMODE Step 1 To view the connection status when the access point client is linked to another access point click on the Show Link Information button WLAN Basic Setup The Current oer Mode Client Mode Change ESSID Wireless G AP Site Survey Wireless Profile Country NO_ COUNTRY _SETANA 802 11b gmmed Tx Rate Fully Auto Apply ink Information Show Link Information The Link Information table illustrates the following data Link Information State Scanning ff ff ff ff ff fF Current Channel 11 TxRate 1Mbps Signal Strength 6 This table describes the parameters tha
11. Server This is the IP address of the SMTP server through which the message would be sent out Take note that you are encouraged to use your ISP s SMTP server e UserName This is the mail account users name that should be entered if authentication is required e Password This is the mail account users password that should be entered if authentication is required e Email address of Sender This is the email address of the sender from whom the message will appear to come Step 4 By default the checkbox next to Needs Authentication is not ticked This option allows you to specify whether the SM TP server requires authentication Step 5 Then click on the Apply button 122 Advanced Configuration STATIC ADDRESS TRANSLATION ONLY SUPPORTED BY WIRELESS ROUTING CUIENTAND GATEWAY If you use a notebook for work at the office it is probable that you also bring it home to connect to the Intemet and retrieve emails or surf the web Since it Is most likely that your office s and your home s broadband shanng network subnets are differently configured you would have to struggle with reconfigunng your TCP IP settings each time you use the notebook in a different place The access point provides the Static Address Translation SAT feature to enable its usersto bypass this hassle Let s say that the IP address of your notebook is set to 203 120 12 47 at the workplace but the access point which is connecting your home network to
12. Step 1 Under the CONHGURATION command menu click on Bandwidth Control and you will be brought to the following screen Enable Disable Bandwidth Control Bandwidth Control Status Enable Disable appi j WAN Bandwidth Control Setup Upload Download Bandwidth Setting Download Total Ratetkbith 0 Upload Total Rate kbit 0 Apply LAN Bandwidth Control Setup Pleats irer Rae cad Rate ibe PIMAC Address 114 Advanced Configuration Step 2 By default Bandwidth Contol is disabled Select Enable followed by clicking the Apply button Enable Disable Bandwidth Control Bandwidth Control Status Enable Disable TO CONHGURE WAN BANDWIDTH C ONTROL SETIING The access point can allow you to limit the entire throughput by configunng the Upload Download Bandwidth Setting option These values should be set to a positive integer indicating the maximum number of kilobytes transferred per second that will be allowed The value of zero means unlimited Forexample if you configure the Upload Total Rate to be 640kb sec 80KB sec then the access point will send out packets by this speed no matter how many Clients users are connected to it Step 1 Under the CONHGURATION command menu click on Bandwidth Control to select WAN Bandwidth Contol Setup Step 2 The values for the Download Total WAN Bandwidth Control Setup Rate and Upload Total Rate Bandwidth Control are preset to Upload Download
13. ain Electrical Supply Power Supply U on oms UTP Cable xw Ethernet DC Power 13 Hardware Installation Step 1 Connect your UIP or FIP Outdoor cat 5 Ethemet cable with waterproof connector to the RJ 45 connector on the outdoor access point Then connect the otherend of the cable to the PoE injector Forthe Netkrom PoE the recommended length of the RJ 45 Category 5 cable is up to 150 feet or 50 meters enclosure nut 1 Remove the thin enclosure nut N from the feedthru assembly This can be discarded Loosen the ern p compression nut completely 2 Insert the RJ 45 connector thru feedthru assembly the feedthmu assembly i compression nut 3 Tighten the compression nut loosely to the feedthru assembly 4 Screw the entire feedthru i l p 45 ECSho assembly into the RJ 45 EC S housing gt R using which isalready mounted in the e enclosure There should be a rubber gasket between the two assemblies Tighten the feedthru assembly to create a seal 14 Hardware Installation 5 The final step isto tighten the compression nut until the gaskets are tight around the Cat5 cable Always push the cable toward the connector while tightening to ensure good strain relief of cable to connector Step 2 Connect the extemal antenna to the N Female connector of the access Connect the RJ 45 Ethemet cable attached to the Netkrom PoE Injectorto a switch or PC you will us
14. and pac ket URL filtering Product Overview WHEN TO USE WHICH MODE The access point is versatile in the sense that it may operate in seven different types of modes Access Point Mode Client Mode Point to Point Point to Multiple Point Wireless Routing Client Gateway and Wireless Adapter This section presents a brief outline of the different network applications that canbe accommodated through the different modes of the access point ACCESS POINTMODE This is the default mode of your access point The Access Point mode enables you to bndge wireless clients to access the wired network infrastructure and to communicate with each other In the example above the wireless users will be able to access the file server connected to the switch through the access point in Access Point mode Product Overview ACCESS POINTCUENTMODE In Access Point Client mode the access point acts asa wireless client that can operate wirelessly with another access point to perform bridging between two Fast Ethemet networks The Access Point client cannot communicate directly with any other wireless device Access Point Client In the example above the workgroup PCs will be able to access the PCs connected to the access point in Access Point Client mode Product Overview POINTTO POINTMODE In Point to Point mode the access point allows point to point communication between different buildings It enables you to bndge wireless clients tha
15. i i Bandwidth Setting zero The value of zero indicates Download Total Rate kbit 0 no limit and is the default Key in Upload Total Rate kbit 0 the desired values followed by Apply clicking the Apply button 115 Advanced Configuration TO CONAGURE LAN BANDWIDTH C ONTROL SETIING The access point can allow you to limit the LAN users throughput by configunng the Bandwidth Control Rule Step 1 Under the CONHGURATION command menu click on Bandwidth Control to select LAN Bandwidth Control Setup Step 2 Click Add to create the LAN Bandwidth Control Setup bandwidth rule for LAN user Step 3 Click Add to create the rule Add Bandwidth Control Entry for LAN users bandwidth control Bandwidth Control Rule Rule Name Committed Rate kbit Ceil Rate kbit Rule type Download By IF Address IP MAC Address Add Cancel 116 Advanced Configuration This table descnbesthe parameters that can be modified in the Add Bandwidth Contol Entry page Parameters Description Rule Name The rule describes the type of bandwidth traffic to be controlled and of a specification of what action to take when that bandwidth traffic isencountered Committed Rate kbit This is the minimum bandwith rate at which a user can get the throughput Ceiling Rate kbit This isthe capped bandwith rate to limit a user s throughput Rule Type This is the type of rule depending on which IP or MAC addr
16. j Reset settings gt Backup the Machine s configuration gt Restore the Machine s configuration path and file name CADocuments and Settings config cfg EE Click on the Restore button and the sytem will prompt you to reboot your device 151 System Utulities REBOOT SYSTEM Most of the changes you make to the system s settings require a system reboot before the new parameters can take effect Step 1 Click on Reboot System from the SYSTEM TOOLS menu Step 2 Click on the Reboot button Reboot System Reboot now Step 3 Wait for the system to reboot and the login page will be displayed Rebooting The machine is rebooting Please wait for about 30 seconds until login page is displayed http 192 168 168 1 152 System Utulities CHANGE PASSWORD It is recommended that you change the default login password which is case sensitive and isset by default to password Step 1 Click on Change Password from the SYSTEM TOOLS menu Step 2 Key in the Current Password The factory default is password Enter the new password in the New Password field as well as in the Confirm Password field Step 3 Click on the Apply button to update the changes Change Password Current Password eesceece New Password eeceee Confirm Password eeccce Apply 153 System Utlities LOGOUT To exit the Web interface follow the next few steps Step 1 Click on L
17. pnvate network by using different TCP ports to identify requests coming from different PCs NATis enabled by default Due to NAT computers in the private LAN behind the access point will not be directly accessible from the Intemet However employing virtual Servers lets you host Intemet servers behind the NATby way of IP Port Forwarding as well as De Militanzed Zone hosting To leam more about NAT and its complementary technologies please tum to the NAT Technology Primer found on the Product CD Step 1 Under the CONAGURATION command menu click on NAT NAT is enabled by default To disable it click Disable Enable Disable NAT NAT Status Enable to Step 2 Click Apply to effect the setting NOTE Important Do NOT disable NAT unless absolutely necessary Disabling NAT will disable broadband Intemet shanng effectively 107 Advanced Configuration TO CONAGURE VIRTUAL SERVERS BASED ON De MILITARIZED ZONE DMZ Host Having gone through the NAT Technology Pnmer on the Product CD you would now have a good understanding of how DMZ works to make a specific PC in an NAT enabled network directly accessible from the Intemet When NAT is enabled an Intemet request from a client within the pnvate network first goes to the access point receiving a request the access point keeps track of which client is using which port number Since any reply from Intemet goes to the access point first the access point f
18. taken by the SPI firewall You can choose which type of packets to log from the Mrewall Configuration To VIEW RREWALLLOGS Step 1 Under the SECURITY CONHGURATION command menu click on Firewall Logs Step 2 FUOWaN Log Click the Refresh button to see new infomation captured in the log Information Time Action Protocol Source Destination Source oie Address Address Port peice 143 Chapter 9 System Utlities USING THE SYSTEM TOOLS MENU PING UILTy This feature lets you determine whether your access point can Communicate ping with another network host This feature is available only for the Wireless Routing Clientand Gateway modes Step 1 Select Ping Utlity under the SYSTEM TOOLS command menu Step 2 sien Enter the IP address of the target host where the target host you want the access point to ping to Step 3 To ping the access point click Start Ping Return Message Step 4 The Ping messages will be displayed 144 System Utulities SYSTEM IDENTITY If your network operates with several access points you would find it useful to have a means of identifying each individual device You can define the System Identty of your access point to be uniquely identifiable as follows Step 1 Click on System Identity from the SYSTEM TOOLS menu System Identity System Name Wireless LAN Access Point System Contact unknown System Location unknown Step 2 Enter a unique
19. the Intemet is using an IP address of 192 168 168 1 You have enabled SAT on your router and want to access the Intemet without changing the IP address of the notebook as you have to use it at work again on the next day Since it is still set to the TCP IP settings used in your office the notebook will then try to contact the IP address of your office s gateway to the Intemet When the access point finds that the notebook is trying to contact a device which lies in a different subnet from that of the home network it would then inform the notebook that the gateway to the Intemet isin fact itself Access Point Once the notebook has been informed that the gateway to the Intemet is the access point it will contact the latter Access Point to access the Intemet without any change to its TCP IP settings required NOTE For SATto function propery 1 The IP address of the notebook should belong to a different subnet from the LAN IP address of your access point 2 The lt Default Gateway gt in the TCP IP settings of your notebook should NOT be left blank 123 Advanced Configuration Step 1 Under the Home User Features command menu click on Static Address Translation Static Address Translation DAS Redirection Dynamic DNS Setup UPoP Configuration Step 2 You may then choose to Enable or Enable Disable Static Address Translation Disable Static Address Translation amp Enable Disable here followed by clicki
20. the Machine s configuration gt Restore the Machine s configuration path and file name Browse Step 3 The system will prompt you to reboot your device Click on the Reboot button to proceed 149 System Utlities BAC KUP YOUR SETIINGS Step 1 Click on Backup or Reset Settings from the SYSTEM TOOLS menu Step 2 If you want to back up the curent settings of your access point onto your hard disk drive click on the Backup button Backup or Reset Settings Erase the Machine s configuration restore its factory default settings gt Backup the Machine s configuration gt Restore the Machine s configuration path and file name Browse Restore Step 3 Next save your configuration file to your local disk File Download Do you want to save this file Name config cfg Type Unknown File Type 7 52 KB From 192 168 168 1 While files from the Internet can be useful some files can potentially harm your computer If you do not trust the source do not save this file What s the tisk 150 System Utulities RESTORE YOUR SETTINGS Step 1 Click on Backup or Reset Settings from the SYSTEM TOOLS menu Step 2 If you want to store back the settings that you had previously saved click on the Browse button Proceed to the folder where you saved your configuration file Backup or Reset Settings Erase the Machine s configuration restore its factory default R
21. through Common hacker attacks like IP Spoofing Port Scanning Ping of Death and SynFlood can be easily thwarted with the access point s SPI firewall TO CONAGURE SPI FIREWALL The following steps explain the configuration of the access point s SPI firewall As incorect configuration to the firewall can result in undesrable network behavior you are advised to carefully plan your firewall secunty rules Step 1 Under the Securnty Configuration command menu click on Firewall Configuration P URL Filtering gt Firewall Configuration Firewall Logs Firewall Configuration Ste p 2 eee First enable the firewall You can ee er eee eee choose among the Default Low cows OTE Pacius Cea Default Medium or Default High secunty options for convenient setup LJ TEP Pockets O UGP Pockets Denied Ll ICMF Packets L IGMP Packets Daptitgi Paley Rare eae ieee ae Step 3 Then you may choose the type of network activity information you wish to log for reference Data activity ansing from different types of protocol can be recorded 139 Securty Configuration The packet types that you have selected in the Accepted section will be displayed in the firewall log if they are detected by the firewall This also appliesto the Denied section Add a new Firewall rule Step 4 You may add more firewall rules for specific secunty purposes Click on the Add radio button at the screen Shown above followed by the Edit
22. value in seconds IP Address i i Network after which the access point wil Mash Username disconnect from the ISP after the last Intemet activity A value of 0 will disable idle timeout Password VPM Server idle Timeout 30 3600 0 disabled Status Disconnected Refresh Status IP Address Net wort Mask Gateway IP Address Apply Emul Notification 69 Common Configuraton SNMP SETUP Simple Network Management Protocol SNMP is a set of communication protocols that separates the management architecture from the architecture of the hardware devices Step 1 Click on SNMP from the CONHGURATION menu SNMP Setup Step 2 Select Enable from the SNMP State drop down list The default Read Password is set to public while the default Read Wite Password is private Step 3 Click on the Apply button 70 Common Configuraton STP SETUP ONLY AVAILABLE IN ACCESS POINT POINTTO POINTAND POINT TO MULTIPLE POINTMODES Spanning Tree Protocol SIP is a link management protocol that helps to prevent undesirable loops occurs in the network For an Ethemet network to function properly only one active path can exist between two stations If a loop exists in the network topology duplication of messages will occur and this might confuse the forwarding algonthm and allow duplicate frames to be forwarded Before Implementing STP AP 3 71 Common Configuraton In s
23. wireless clients information you need to change to Access Point mode 61 Common Configuraton WAN Setup ONLY SUPPORTED BY WIRELESS ROUTING CLIENTAND GATEWAY A correct WAN Setup allows you to successfully share your Intemet connection among the wired and wireless clients of the access point To do so you need to identify the type of broadband Intemet access you are subscnbed to If you are using e Cable Intemet where your ISP dynamically assigns a WAN IP address to you refer to WAN Setup Cable Intemet with Dynamic IP Assignment e Cable Intemet where your ISP provides you with a fixed WAN IP address or a range of fixed IP addresses refer to WAN Setup Cable Intemet with Static IP Assignment e ADSL Intemet that requires standard PPP over Ethemet PPPoE for authentication refer to WAN Setup ADSL Intemet using PPP over Ethemet PPPoE e ADSL Intemet that requires standard Point to Point Tunneling Protocol PPTP for authentication refer to WAN Setup ADSL Intemet using Point to Point Tunneling Protocol PPTP WAN Setup Cable Intemet with Dynamic IP Assignment The access point is pre configured to support a WAN type that dynamically obtains an IP address from the ISP However you may venfy the WAN settings with the following steps Step 1 Under CONHAGURATION on the command menu click on WAN Setup Configu Management Port WLAN Setup Wok Setup Routing NAT Bandwidth Control Remote Manageme
24. with appropnate values to suit the needs of your network Management Port Setup IP Address 192 168 168 1 Network Mask 255 255 255 0 Management Gateway IP DHCP Start IP Address 192 168 168 100 DHCP End IP Address 192 168 168 254 DHCP Gateway IP Address 192 168 168 DHCP Lease Time 3600 seconds O Always use these DNS servers Primary DNS IP Address Secondary DNS IP Address DHCP Server Enable Disable Advanced DHCP Server Options Show Active Dhcp Leases Dhcp Server Reservations Step 2 Click on the Apply button to save yournew parameters This table descnbes the parameters that can be modified in the Management Port Setup page 29 Common Configuraton Parameters _ Description IP Address When the DHCP server of the access point is enabled unless you set a different DHCP Gateway IP Address this LAN IP Address would be allocated asthe Default Gateway of the DHCP client The IP address of your Access point is set by default to 192 168 168 1 Network Mask The Network Mask serves to identify the subnet in which your Access point resides The default network mask is 255 255 255 0 Management Gateway IP Optional As a bridge Access Point the access point does not usually communicate with devices on other IP subnets However the Management Gateway here acts as the equivalent of the Default Gateway of a PC to allow the access point to communicate with d
25. your network and they will communicate with each other and assign each new user to the access point that has the smallest load so that there isapproximately the same number of users on each access point NOTE Important If you have only one unit of the access point you DO NOT need to implement the Parallel Broadband feature for broadband Intemet sharing 120 Advanced Configuration EMAIL NOTIHCATION The access point provides this feature to notify you by email when there isa change in the WAN IP address that was supplied to you earlier WAN PPPoE Setup WAN Type Username Password On Demand ide Timeout 0 disabled Always On Reconnect Tene Factor 20 Status Connecting IP Address Network Mask Default Gateway Prmary ONS Secondary ONS Step 1 Under the CONAGURATION command menu click on WAN PPPoE Setup or WAN PPIP Setup and you will be brought to the following screen Step 2 Click on the Email Notification button Email Notification Email Notification Emad address of Rocener IP aGdress of Mail Server User Hama Password Emad address of Gender Status L Enable i Dirabla SU Tere atgm Apply Back Pagitesh e ee ab Step 3 Click on the Enable button and key in the following fieldsas described below 121 Advanced Configuration e Email address of Receiver This isthe email address of the receiverto whom the message would be sent e IP address of Email
26. 2 Go to your network adapter icon nght click and select to Properties Step 3 Highlight Intemet Protocol TCP IP and click on Properties button My Network Places icon and select LAN or High Speed Internet J ocal 4Fea Connection Disable l aia Status Repair Bridge Connections Create Shortcut Rename Properties 4 Local Area Connection Properties p General Authentication Advanced Connect using E Realtek RTL8139 Family PCI Fast Ett This connection uses the following items NWLink NetBIOS a a N wLink IP SPX NetBIOS Compatible Transport Prot cms internet Protocol TCP IP Install Description Transmission Control Protocol Internet Protocol The default wide area network protocol that provides communication across diverse interconnected networks C Show icon in notification area when connected Notify me when this connection has limited or no connectivity 161 TCP IP Configuration Ste p 4 Internet Protocol TCPAP Properties Select the radio button for Use the iia following IP address Enter the IP Hera obiny Cireneees ach EEEN AEE a A Address and Subnet Mask as Resa SS 192 168 168 X and 255 255 255 0 So where Xcan be any number from 2 a 7s to 254 except for 1 In this example Subnet mask 255 255 255 0 we are using 192 168 168 160 as the Default gateway static IP Address Use the following DNS server addresses Pre
27. 5 255 127 0 0 1 127 0 0 1 20 10255255255 205255255255 05 19 1AA 1AA A an Products List Current Selected 1 Product Model Wireless AG Access Wireless LAN Acces O0 80 45 3e 26 66 192 168 168 1 19 Access to Web based Interface Step 5 Do not exit the uConfig program while accessing to the web based interface This will disconnect you from the device Click on the OK button to proceed Warning The selected product is on different subnet uConfig will change the system settings to enable access to the product s Web Interface Do not close uConfig while accessing the product s Web Interface doing so will break the connection After finishing the product configuration press the lt ExitUconfig gt link on the product s Web Interface uConfig will then close automatically Step 6 At the login page press the LOGIN button to enter the configuration page The default password Is password Wireless G Access Point Management Please enter your password LERE EEEE Forgot your password see the User s Guide for instructions 20 Access to Web based Interface Step 7 You will then reach the home page of your access point s web based interface A Wireless LAN Access Point Maxthon Browser File Edit View Favorites Groups Options Tools Window Help D 60 0 2 H A Ok 29 7B Address http 192 168 1 1 en main asp Wireless LAN Acc Wireless G Access lt Poin
28. AN Basic Setup The Current Mode Point to Mutaple Point Change The Current Mode Point to Multiple Point ESSID Witheless 3 AP ESSID Wireless AG Wireless Profile S02 V1 b g mod Wireless Profile 802 11a v Peer MACs Peer MACs Peer MAC List Country NO_COUNTRir_SET4MA ii Country UNITED STATES US Channel SmartSelect Channel Sri elect w Tx Rate Fulhy Auto Tx Rate Fully Auto Apply Apply AIR BR500G GH AIR BR500AG To create a new peer MAC click on the Peer MAC List button The page will appear Please take note that PIMP stands for Point to Multiple Point PtMP Configuration Link No Hardware Address Comments Click on Add and then you are prompted to key in Hardware Address and Comment Common Configuration Add WDS Entry Hardware Address MM MM KM MM MM MX Comment This table descnbes the parameters that can be modified in the WLAN Basic Setup page Parameters Desc nption The Current Mode The default operating mode of the access point is the Access Point mode The access point can operate in 7 modes Access Point Client Point to Point Point to Multiple Point Wireless Routing Client Gateway Wireless Adapter You can toggle the mode by clicking on the Change button ESSID Enter a preferred name for the wireless network Your wireless clients must be configured with the same ESSID This case sensitive entry can consi
29. AP WPA2 with AES encryption technique 165 Technical Specifications IP Routing static Routing NAT and Port Forwarding Wireless Routing Client and Gateway mode only WDS Wireless Distribution System PPPoE Client Wireless Routing Client and Gateway mode only PPTP for VPNs Network 802 1d Spanning Tree Protocol Network SNMP support Advanced DHCP Server and Client Features Bandwidth Control Pseudo VLAN technology Proprietary Long Distance Algorithm for ACK and CTS timeout adjustment support Firewall and Packet URL Filtering Wireless Routing Client and Gateway mode only Load Balancing amp Fail Over Redundancy Gateway mode only Antenna alignment and RSSI Signal levels Link Site Survey parameters Radio and Ethernet Traffic Statistics Management Web and utility Windows based Antenna Connector Anemale Power Power over Ethernet PoE AC 110 220 DC 12V Dimensions L X i WxH 10 x 7 1 x 2 25 254 x 180 x 57mm Weight 5 2 Lb 2 4 Kg include PoE Injector Mounting Brackets and accessories Humidity 10 90 Operating Temperature 30 70 degree C Operating Electromagnetic FCC Part 15 class B CE Mark ETSI 300 328 Compatibility 166
30. D to be set and follow steps 6 7 to accomplish the setup 63 Common Configuraton Step 4 Steps 4 5 are for those who need to Clone their Ethemet adapters MAC address In the WAN Setup found under the CONAGURATION command menu you will see the Advanced WAN Options Click MAC Clone to continue Step 5 Simply click on the Clone button so that your access point clones the ISP recognized MAC address of your Ethemet adapter Please remember to click Reboot System under SYSTEM TOOLS and hit the Reboot button to let the settings take effect Step 6 Steps 6 7 are for those who need to set up the System Name in System Identity so that your ISP can authenticate itasa valid DHCP Client ID Click on System Identity under the SYSTEM TOOLS command menu Advanced WAN Options MAC Address Cloning Link Speed amp Duple x WAN MAC Clone Current MAC O0 80 45 37 91 9d Factory Default Remote MAC O0 01 80 0e 86 37 Gone Reset Back Take note If required you may reset the access point s MAC address to its factory default by clicking Reset on that same page Ping Utility System Identity Set System s Clock Firmware Upgrade 64 Common Configuraton System Identity Step 7 On the following screen key in the ISP assigned DHCP Client ID as the System Name You may also like to key in a preferred Systems Contact person and the System Location of the access point Click th
31. DNG Dynamic DNS Service Provider Zing net w WAN IF configured to handle email for your domain Select Backup Mail Exchangerto enable thisservice 130 Advanced Configuration Step 6 Click on the Add button to save the new addition Step 7 The new domain is added to the Dynamic DNS list table Step 8 It will appear as a hyperink which you can click to go back to the Dynamic DNS Edit page From this page you Can update any of the parameters delete the domain name or reset all parameters to be blank again Dynamic DNS List Domain Hanit Update Spats B Coding mwrodingegm HLI 1 i Adi I Baotesh Dynamic DNS Edit Provider 2MyDNS Dynamic DNS Service Provider Domain Name people onlinepeople net WAN IP E Auto Detect Usernarne tester Password eeeeee Widcard YES ONO A Mail Exchanger ann_tey powemetic com si Backup M l anA Exchanger gt JNO Save Reset Detate Back Feoet jalata Back e 131 Advanced Configuration To select DIDNS as DDNS Service Provider Step 1 Under the Choice column in the table of Choice DDNS Provider Choice DDNS Provider Provider Marre Registar Mow check the radio button next to the 2 BONS Dynamic ONG Bente Provider Bealser Onling DDNS Then click on the Next A button to proceed Cay Bees Dts Riogisinn gning Step 2 Dynamic DNS Add Enter your Domain Name Provider DIONS Step 3 E
32. EB BASED INTERFACE 012002 18 Access to the Web interface with UCONfig ssssssnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn 18 Venty the IP address of the Access Point with NpFind sssssssssssssssssssseeeeeees 22 Manual access to web based interface via Intemet Explorer 0000000 23 CHAPTER 4 COMMON CONAGURATION ccccstsseeettsee 2O Management Port SQUID ei iisinsiiscisesceviin sin cacitsenesecenecendeciwtsesestunstncecsunenssewccssindsun 28 Setting Up VOU LAN minpsossss donn onora 29 To view the active DHCP ICASES ccssscccscccceeeeeeessssssssssseeeeeeeeeeeeesesssssseees 32 To reserve specific IP addresses for predetermined DHCP clients 33 WAN SEUD iria aAa a aaa ENEAN 36 To configure the Basic setup of the wireless MOE ee ccccceeeeeeesseeseees 38 To configure the Secunty setup of the wireless MOdE cccccccceeeseeeeees 52 To configure the Advanced setup of the wireless mode essees 52 Sa UISHC S E EE A EA AAE PE A ON EEA E OE A ETE 55 WAN Se Ui aia i aaa aaa aaa 62 only supported by Wireless Routing Client and Gateway ssssssssssssssssee 62 SNMP Seip ana a iea ai a a i ANA 70 Table of Contents SIP Se UDa aaa Eaa aa araa aa A a a AERE 71 Only available in Access Point Point to Point and Point to Multiple Point MOISSET AAAA 71 MAC Alte nnas aaa aaa aaa Aaa aeea iaa 75 How w setup WEP ioiai aa aa aai anaa 80 How to set up WPA PSK WPA2 PSK WPA PSK AUTO Only availa
33. EE 802 111 standard For WPA PSK AUTO Set the Cipher Type to Auto to allow the access point to automatically detect the cipher type to use Step 4 Enter the GTK Group Transient Key Updates This is the length of time after which the access point will automatically generate a new shared key to secure multicast broadcast traffic among all stations that are communicating with it By default the value is 600 seconds 82 WLAN Security Step 5 Press the Apply button and reboot your system after which your settings will become effective How To setup 802 1x RADIUS ONLY AVAILABLE IN ACCESS POINTMODE The guidelines below will help you to set up the access point for using 802 1x RADIUS At the IEEE 802 1x Setup page IEEE 802 1X Setup Primary RADIUS Server IP 0 0 0 0 Secondary RADIUS Server IP 0 0 0 0 Authentication Port 1812 Accounting Port 1813 Shared Secret Key eccccee Broadcast Key Rotation seconds 600 60 9999 Key Length 64 bits v Step 1 Key in the IP address of the Primary RADIUS Server in your WLAN You can optionally add in the IP address of a Secondary RADIUS Server if any The RADIUS authentication server MUST be in the same subnet as the access point Step 2 By default the value for Authentication Port number is 1812 You can leave this value as it is This value must be set to be the same as the one in the RADIUS server 83 WLAN Security Step 3 By default th
34. NETKROM OUTDOOR AP BRIDGE MODELS AIR BR500G GH AIR BR500AG Users Manual May 06 v1 36 CHAPTER 1 PRODUCT OVERVIEW sssssssnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn L AE NUPOGLIG CONN asrina aaa Aa a suntan aaa Aaaa aAa 1 Features and Benefits csscccssccssccnscenssecssenseenssenssennsesseenssenssennsenneeenssenseensesessenns 2 When to use which mode ss ss1s21s25255255 5555 3 ACCES PO INE MO GC rer a Aaa AEE TAUA EAIN 3 AccessPoint Client Mode sactnctic cians sesduvctusutuvctunuivvaderaduvatunatetainiaduvatnintuvertirelin 4 PONCIOPONCMO QO erene a e e e a a etaeta 5 Point to Multiple point Mode ssssssssssrrsssssssnrrrrssnerrnrnnrsnnrrnrnnnesnrrnnnnnnssernrrnnnne 6 Wireless Routing Client Mode sssssssssssessssrrrrrssssrnrnnrsserrnrnnrnenrnrnnrssnrnrnnnsenenne 7 Gateway IMO Ce Ani a a a a a a a aa E a EAT AAA AE EE E 8 WIC leS A Cia DUCT CC te sia tevtiec cn aE E E E A 9 CHAPTER 2 HARDWARE INSTALLATION cssssccseseeeetseesees LO Wamo asa ciavc de cede cceu cous Saud a a wavewsusseuiabowscausdaus a aA Na 10 Pa Ka GG C ONE ING siana aaae aa e aaora a aiaa 11 Setup Fegule ments vi vs asics vce dec aa aaa aa a aaaea a a EEL APANE Aaaa aE 12 Outdoor ap instalatonS sssssssssnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnna 13 Mounting ap in the pole OF COWL ceeeesssseceeeessesseeeeeeessssseeeeeeeesssseseaees 17 CHAPTER 3 ACCESS TO W
35. Redirection gt Dynamic DNS Setup Step 2 You may then choose to Enable or Disable Dynamic DNS _ her followed by clicking the Apply button Note Dynamic DNS is disabled by default Enable Disable Dynamic DNS Dynamic DHS Status Enable Disable TO MANAGE Dynamic DNS List DDNS Step 1 Under the Home User Features command menu click on Dynamic DNS Setup Step 2 If you have already created a list Soe ner earlier click on the Refresh button to update the list Benin Aarme Update Status 128 Advanced Configuration Step 3 To add a new Dynamic DNS to the list click on the Add button and you will see the Choice DDNS Provider page appear There are two default providers which you can use The following parameters are explained below e Choice Choice DDNS Provider Prodi Mame Rogier M w ZONE mamii OE Biro Provdar Bebe stor Onli MONS Epes urli Hea Back g This allows you to check the radio button of your preferred DDNS provider e ProviderName This isthe name of your preferred DDNS provider e Register Now This allows you to go to the website of your preferred DDNS provider where you Can register youraccount There are two DDNS providers that are pre defined for you Please note that you need to be connected to the Intemet to register your DDNS account To select 2MyDNS Dynamic DNS Service Provider as DDNS Service Provider Step 1 Under the Choice column i
36. S in your access point CREATE A CLIENTIN A WDS Step 1 From WLAN Setup under Configuration click on Advanced which shows the WLAN Advanced Setup page Step 2 Go to the Extended Features section and click on the WDS Configuration button WLAN Advanced Setup Beacon Interval 100 100 20 1000 Data Beacon Rate DTIM 1 1 1 16384 RTS CTS Threshold 512 512 1 2312 Frag Threshold 2346 2346 256 2346 Transmit Power Maximum v Extended Features Wireless Pseudo VLAN WDS Configuration Long Distance Parameters Step 3 As illustrated on the WDS Setup the WDS feature is disabled by default Click on the Change button WDS Configuration WDS Status Disable 98 Wireless Extended Features Step 4 From the Enable Disable WDS page select Enable and click on the Apply button Enable Disable Enable Disable WDS Enable the wireless wds function Disable the wireless wds function Step 5 Click on the Add button to create a MAC addressof a client AP No WDS Status WDS Configuration Enable Hardware Address Step 6 Fill up the Hardware Address field with the wireless MAC address of the device to include in your WDS using the format xx xx xx xx xx xx where xcan take any hexadecimal value 0 9 ora f Add WDS Entry Hardware Address 00 80 45 e5 0c 05 xx xX RK KX KK KX Click on the Add bu
37. You may here leave both the From as well as the To fields blank Here the rule will apply to all IP addresses 4c At the Destination Port drop down list select either Add a new Packet Filter rule Buule Bharti IP Address Ary Prom T Destination Port Any Prom Te 3 Day of the Week i Any rari i To 2 Fo Tine cf the Day Aare Fram T bh 00 23 mm 00 89 hh erin hh mm as Cancel Hai IP Address From 192 168 168 lt To 192 168 168 IP Address From 192 168 168 TO 192 168 168 IP Address Any From 192 168 168 TO 192 168 168 Destination Port From z To 135 Securty Configuration A Range of TCP ports In this case you will have to define From which port To which port yourrule applies A Single TCP port Here you need only specify the source port in the From field Any IP port You may here leave both the From as well as the To fields blank Here the rule will apply to all ports 4d From the Day of the Week drop down list select whether the rule should apply to A Range of days Here you will have to select From which day To which day Any day In this case you may skip both the From as well as the To drop down fields 4e At the Time of the Day drop down list you may also choose to apply the rule to A Range of time In which cas
38. access network or Prevent PCs listed from accessing network respectively Step 5 Click on the Apply button to update the changes NOTE When Mac Filtenng isenabled with the Allow PCs listed to access network policy the Mac Address list cannot be empty ADD ANOTHER MAC ADDRESS TO THE MAC ADDRESS LIST Follow the procedures mentioned in Step 2 to Step 3 717 Common Configuration Epi DELETE A MAC ADDRESS FROM THE MAC ADDRESS List Step 1 Click on the MAC address in the table as shown below MAC Address Filtering MAC Filtering Disable Allow PCs listed to access network Prevent PCs listed from accessing network MAC Address List Apply Add Back she ee Notice that there is a column labeled Activation in the MAC Address List When a tick is present this shows that action will be taken either to allow or prevent network access forthe PC holding the cornesponding MAC address Step 2 From the Edit MAC Address page Click on the Delete button to remove the MAC address or Click on the Save button after you have edited the entry Edit MAC Address MAC Address 00 60 45 e5 0d 05 Xx xXX XX KK KK KX Comment AFI Seve Beee Conca 78 Chapter 5 WAN Sec unity This section illustrates how to make your WLAN more secure All the nodes in your network MUST share the same wireless settings to be able to communicate We will illustrate how to configure each type of
39. and select Properties Step 2 Go to your network adapter icon nght click and select Properties LAM or High Speed Internet ocal 4Fea Connection Disable Status Repair Bridge Connections Create Shortcut Rename Properties 23 Access to Web based Interface Step 3 Highlight Intemet Protocol TCP IP and click on the Properties button 4 Local Area Connection Properties General Authentication Advanced Connect using E9 Realtek RTLS139 Family PCI Fast Ett This connection uses the following items ME NWLink NetBIOS a N wLink IPxSFPX NetBIOS Compatible Transport Prot Internet Protocol TCP IP Description Transmission Control Protocol Internet Protocol The default wide area network protocol that provides communication across diverse interconnected networks C Show icon in notification area when connected Notify me when this connection has limited or no connectivity Step 4 Select the radio button for Use the following IP address Enter the IP Address and Subnet Mask as 192 168 168 x and 255 255 255 0 where x can be any number from 2 to 254 except 1 In this example we are using 192 168 168 160 asthe static IP Address Internet Protocol TCP IP Properties General You can get IP settings assigned automatically if your network supports this capability Otherwise you need to ask your network administrator for the appropriate IP setti
40. ar Configuration WDS In a star configuration WDS links are established between one root Access point and several satellite wireless APs positioned to increase the area covered Ben Cable ADSL Wireless AP pee eiA 9 _Wireless AP 0 gt ee at ae he item ee ee on 9 a e Wireless AP ra 4 x z 7 4 Re SS a j a J a p S N i tt me ga p b l Ta 2 E 3 a gt aah Met Beiter me Wireless AP gt gt i re a 9 gy 7 l oe A i ra 5 N r 7 a a oo ee oe Here the root Wireless AP connects to the wired network and maintains three WDS links while each satellite Wireless AP Access Point maintain a WDS link for Communication with the root 96 Wireless Extended Features Chain Configuration WDS A chain configuration WDS spansan area in length forinstance a long comdor Satellite access points are chained together starting from a root access point The access point at either end of the chain will have only one WDS link enabled while the access points in the middle will have two WDS links configured to associate with the neighboring Access point upward and downward in the chain WDS Chain Configuration Root Wireless AP Wireless AP f p Wireless AP 9 Cable ADSL 9 ae jaiii p a ar Wireless AP 4 iie 9 ag Pie wee oi i s 4 97 Wireless Extended Features The following steps will guide you in setting up WD
41. ble in Access Point MOUE snceiievecstacteinciscuvsucetashassestusunsudsusaaviswnadguvnucviduhadcetiavheswanensavace 81 How to set up 802 1x RADIUS Only available in Access Point mode 83 How to set up WPA EAP WPA2 EAP WPA EAP AUTO Only Access Point mode supports WPA2 EAP and WPA EAP AUTO ssssssssssnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn 85 Access Control The Wireless Pseudo VLAN Only in Access Point mode PAET E EA DEA EN EEIE AEE AEE E EAE EAE E A E 88 Wireless Pseudo VLAN Per Node 20 cc ccccccccecssssssssssnseeeeeeeeeeeeeeeesssssssssssneaeees 89 Wireless Pseudo VLAN Per GrOUp sssssssssssssserrrnrssssnrrnnrssernnrnnnssnnrnrnnnnsrnrnnnnnnnee 92 Wireless Setup The Wireless Distributed System WDS Only in Access PONDO ronen a a A anata 96 LONG Distance Para Mete Srnie ie Nacnemataneeatets 102 CHAPTER 7 ADVANCED CONAGURATION ssssssssnnnssnnnnsnn LOS Routing only supported by Wireless Routing Client and Gateway 105 To configure Static Routing of The ACCESS POINt eeeeeesseeeeeeesessstenees 106 NAT only supported by Wireless Routing Clientand Gateway s s s 107 To configure Virtual Servers based on De Militanzed Zone DMZ Host 108 To configure Virtual Servers based On Port Forwarding sesser 110 To configure Virtual Servers based On IP Forwarding cccccccceeesesstteees 112 Bandwidth Control only supported by Wireless Routing Client and Gale Way r E E T E E E E E E E E 114 To enable or d
42. bscribe to an ADSL service using PPP over Ethemet PPPOE authentication you can set up your access point s WAN type as follows For example you may configure an account whose usemame is guest as described below Select WAN Type Static IP Address Dynamic IFP ddress PPP over Ethemet PPTP LAgaly Cancel Hetp Step 3 For Usemame key in your ISP assigned account name e g guest for this example followed by your account Password Step 4 Select Always On if you want your access point to always maintain a connection with the ISP Otherwise you may select On Demand The access point will then connect to the ISP automatically when it receives Intemet requests from the PCsin your network Step 1 Under CONHAGURATION on the command menu click on WAN Setup Step 2 Access the Select WAN Type page and choose PPP over Ethemet before clicking the Apply button You will then be brought to the following page requinng your inputs WAN PPPoE Setup WAN TETE Change Type Change Usemanme Password O On Demand iy Always On Idle Timeout 0 disabled 30 seconds Reconnect Time Factor J seconds Status Connecting Refresh Status IP Address Network Mask Default Gateway Primary ONS Secondary ONS Appby Email Mothioaton Help 67 Common Configuraton The Idle Timeout setting is associated with the On Demand option allowing you to specify the value in second
43. ccess Point 2 Mounting bracket include 2 stainless steel U Bolt 2 Brackets and 4 screw nuts 3 PoEInjector 4 100 240v Power supply 5 Rj 45 Waterproof Connector System 6 CDROM 11 Hardware Installation SETUP REQUIREMENTS Before starting please venfy that the following is available e CAT5 5e or FIP Outdoor Ethemet cable from the Outdoor AP to PoE Injector e Atleast one computer is installed with a Web browser and a wired or wireless network interface adapter e TCP IP protocol is installed and IP address parameters are propeny configured on all your network s nodes Important e Configure and venfy the outdooraccess point operations first before you mount the unit in a remote location e You may need to installa lightning arestorto protect your outdoor Access Point from the lightning e For choosing the best location for your outdoor access point choose an elevated location where trees buildings and large steel structures will not obstruct the antenna signals and which offers maximum line of sight propagation with the users e Select an appropnate antenna to improve range and orcoverage and the access point also lets you fine tune parameters such asthe transmit power to achieve the best results 12 Hardware Installation OUTDOOR AP INSTALLATIONS The diagram below shows the overall setup of Outdoor Access Point OUTDOOR a High Gain Antenna J RF Coaxial Cable Adapter
44. command with this new path and firmware name In ourexample CA EP54G1A FIP i 192 168 168 1 PUT 541Axxx img The recovery process will now take place You can check the diagnostic LED to monitor the progress of the recovery process When firmware restoration hascompleted reboot the access point and it will be ready to operate 157 Appendix Il TC P IP Configuration Once the hardware has been set up you need to assign an IP address to your PC so that it will be in the same subnet as the access point By default the access point s IP address is 192 168 168 1 and its subnet mask is 255 255 255 0 You need to configure your PC s IP address to 192 168 168 xxx and its subnet mask is 255 255 255 0 where xx can be any number from 2 to 254 excluding 1 Simply follow the procedures stated below to configure the TCP IP settings of your PC FOR VWANDOWS 95 98 98SE ME NT Please note the following instructions are based on Windows 98 Step 1 From your desktop click on Network Neighborhood icon and select Properties Step 2 Choose the network adapter that you are using nght click and select Properties 158 TCP IP Configuration Ste p 3 Network Hig h lig ht the T P IP a nd C li C k on Configuration Identification Access Control Properties button The following network components are installed E Client for Microsoft Networks if Realtek RTL8139 Family PCI Fast Ethernet Controller File and printe
45. d aO 49 7B Address http 192 168 1 1 en main asp Wireless LAN Acc Wireless G Access lt Point Wireless LAN Access Point lechnclogies CONFIGURAI N Management Port WLAN Setup STP Setup SNMP Setup The current operation mode is Access Point Ping Utility System Identity Set System s Clock Firmware Upgrade Backup or Reset Settings Reboot System Change Password Logout About System Welcome please choose an option from the configuration menu gt Welcome please choose an option from the configuration menu 0 3 Baka 10 0 0 2 Obytes 112M 1 5 27 Common Configuraton Chapter 4 Common Configuration This chapter illustrates the following features which are available in ALL the operating modesof your access point unless stated otherwise e Management Port WLAN Basic Setup WLAN Sec unity SIP Setup SNMP MAC Filtering Antenna Alignment MANAGEMENT PORT SETUP This section shows you how to customize the parameters of your access point to suit the needs of your network It also explains how to make use of the built in DHCP server of your access point 28 Common Configuration SETIING UP YOUR LAN You can opt to adjust the default values of your access point and customize them to your network settings Step 1 Click on Management Portfrom the CONHGURATION menu In the Management Port Setup page refer to the table below to replace the default settings of Access point
46. ddresses so that the router can connect to this number mode of the access points County Choose the County where you are located Channel This option allows you to select a frequency channel for the wireless communication This parameter is only available in the Access Point Point to Point and Point to Multiple Point modes 42 Common Configuraton Tx Rate Allow you to choose the rate of data transmission from 1Mbps to Fully Auto AIR BR500G GH and from 6Mbps to Fully Auto AIR BR500AG Closed System The access point will not broadcast its WLAN name ESSID when Closed system is enabled By default Closed system is disabled Channel Survey A list of channels that are detected by your access point In the WLAN Information such as frequency channel MyQuality NeighQuality APCount and Recommendation can be found in the listing The Access Point and Gateway modes support this feature 43 Common Configuration SC AN FOR SITE SURVEY ONLY FOR CUENTMODE AND WIRELESS ROUTING CLIENTMODE Step 1 In the Mode Setup page click on the Site Survey button WLAN Basic Setup The Current ranm Mode Client Mode Change Wireless pr 1 Profile 802 11 b g mmed Country NO_OCOUNTRY_SE T MA we Tx Rate Fully Auto Apply Link Information Show Information The Site Survey provides a list of the MAC addresses BSSID and SSID of neighbounng access points detected the C
47. do VLAN Node 2 89 Wireless Extended Features The following steps demonstrate how to set up a Wireless Pseudo VLAN per Node Step 1 From WLAN Setup under Configuration click on Advanced which shows the WLAN Advanced Setup page Step 2 Go to the Extended Features section and click on the Wireless Pseudo VLAN button WLAN Advanced Setup Beacon Interval 100 100 20 1000 Data Beacon Rate DTIM 1 1 1 16384 RTS CTS Threshold 512 12 1 2312 Frag Threshold 2346 2346 256 2346 Transmit Power Maximum Extended Features Wireless Pseudo VLAN WDS Configuration Long Distance Parameters Step 3 The Wireless Pseudo VLAN function is disabled by default Click on the Change button to make your selection of the type of Pseudo VLAN to implement 90 Wireless Extended Features Step 4 Select the Pernode radio button and click on the Apply button Select Wireless Pseudo VLAN Type Disable Per node Per group The Wireless Pseudo VLAN has configured as Per node Wireless Pseudo VLAN Per node 91 Wireless Extended Features WIRELESS PSEUDO VLAN PER G ROUP The access point can configure up to 32 groups of wireless clients identified by their MAC address Whenever a wireless client requests network access the access point will first venfy whether its MAC address Is present in any of the Pseudo VLAN groups If it is th
48. e you have to specify the time in the format HH MM where HH may take any value from 00 to 23 and MM any value from 00 to 59 Destination Port Single From 25 To Destination Port Avy From Ta Day of the Week Range From er To Day of the Week From To i Time of the Day From i To Time of the Day From To Range hh 00 23 mm 00 59 08 00 hh mm 21 30 ihh mim ery hh 00 23 mm 00 59 ihh mm hh mm 136 Secunty Configuraton Anytime Here you may leave both From and To fields blank Step 5 Click on the Apply button to make the new rule effective The Filtering Configuration table will then be updated Add a new Packet Filter rule Rule Mame IF Address From T Destinator Port From To Day oF the Week From Da Time of the Day From lo i Blocks Ary 192 168 1668 192 168 168 Single 27015 27015 Ranga aon Fii ka Range hh 00 23 mm 00 52 07 00 hh nim 18 00 hh mm Step In this example let us say we would like to block an application caled CS from all PCs any IP address within the network fom Monday to Friday Jam to 6pm and this application is using the port number 27015 Therefore for a rule we name BlockCS and add the entres depicted on the left Clicking on the Add button will make your packet filter rule effective
49. e Apply button to complete Please remember to click Reboot System under SYSTEM TOOLS and hit the Reboot button to let the settings take effect 65 Common Configuration WAN Setup Cable Intemet with Static IP Assignment If you have an ISP that leasesa static WAN IP for your subscnption you will need to configure your access point s WAN type accordingly For example if the ISP provided you with the following setup information you can set up your WAN as descnbed below IP Address l 203 120 12 240 Network Mask 255 255 255 0 Gateway IP Address l 203 120 12 2 Step 1 Under CONAGURATION on the command menu click on WAN Setup Step 2 Select WAN Type Access the Select WAN Type page and choose Static IP Address before Static IP Address clicking the Apply button You will Dynamic IP gt Address then be brought to the following O PPP over Ethemet pepe page requinng your inputs Ka Lcencet Help Step 3 Fill in the information provided by your WAN Static Setup ISP in the IP Address Network Mask and Gateway IP Address fields WAN Type Static Grange before clicking the Apply button a Network Mask 255 065 255 0 Gateway IP 203 120 12 2 Address i 3 Fall i Please remember to click Reboot System under SYSTEM TOOLS and hit Apply G73 the Reboot button to let the settings take effect 66 Common Configuration WAN Setup ADSL Intemet using PPP over Ethemet PPPoE If you su
50. e IP packets to another network access point This feature is very useful for a network with more than one access point NOTE Important You do NOT need to set any routing information if you are simply configuring the access point for broadband Intemet shanng Improper routing configuration will cause undesired effect The diagram below illustrates a case in which you have two routers in the network Router A is used for broadband Intemet sharing while Router B connects to a remote office You may then define a static routing entry in the access point to re route the packets to the remote office Static Routing 56K analog modem 56K analog J Access point modem abbr he 168 1 modem Router B p Router A 172 168 168 254 Workstations Wireless Clients aul Subnet 192 188 100 0 In this network the main office of subnet 192 168 168 0 contains two routers the 105 Advanced Configuration office is connected to the Intemet via the access point 192 168 168 1 and to the remote office via Router A 192 168 168 254 The remote office residesona subnet 192 168 100 0 You may add a static routing entry into the access point s routing tables so that IP packets from the clients in the main office with a destination IP address of 192 168 100 X where X is any number from 2 to 254 will be routed to Router B which actsasthe gateway to that subnet TO CONAGURE SATC ROUTING OF THE ACCESS POINT With an und
51. e access point will grant it access to the wired system resources and to all other wireless clients belonging to the same Pseudo VLAN group only Wireless AP Pseudo VLAN o Cable ADSL modem Pseudo VLAN Group 3 92 Wireless Extended Features The following steps demonstrate how to set up Wireless Pseudo VLAN Groups CREATE A CUENTIN A PSEUDO VLAN GROUP Step 1 From the Select Wireless Pseudo VLAN Type page select Pergroup and click on the Apply button Select Wireless Pseudo VLAN Type Disable Per node Per group Step 2 Click on the Add button to create a client in the Wireless Pseudo VLAN group Wireless Pseudo VLAN Per group Hardware Address Add Step 3 Select a group number from the Group drop down list Add Wireless Pseudo VLAN Entry Group group 01 ddi Cancel Hardware Address 00 80 45 e5 0d 05 XX XX XX XX XX XXJ 93 Wireless Extended Features Step 4 Fill in the Hardware Address field with the MAC address of the client in the format X XX XX XX XX XX Where x is any value within the range 0 9 ora f Step 5 Click on the Add button to update the changes The Pseudo VLAN group hasbeen added to the list as shown below Wireless Pseudo VLAN Per group Hardware Address 00 80 45 e5 0d 05 Add NOTE NOTE z2 A clent can be a member of more than one Pseudo VLAN group For instance
52. e another resulting in low level of data secunty Due to the redundant paths found in this network broadcast packets will be duplicated and forwarded endlessly resulting ina broadcast stom AP 1 p B Notebook 1 AP 2 AP 3 A se l Notebook 2 ens Notebook 4 wo AL Notebook 3 AP 4 AP 5 i Scenario 2 With SIP No Pseudo VLAN When SIP is enabled extra redundant network paths between APs will be disabled hence preventing multiple active network paths in between any two APs 73 Common Configuration If one of the APs is down the SIP algonthm will reactivate one of the redundant paths so that the network connection will not be lost All wireless users will be able to communicate with each other if they are associated to the APs which are in the same WDS zone Scenano 3 With SIP and Pseudo VLAN In this example both SIP and Pseudo VLAN Per Node are implemented in this network When Pseudo VLAN Per Node is activated the wireless users will be unable to accessone another 74 Common Configuration Notebook 1 7 y Fam m i r k i i r Mh t ie gt i Notebook 4 AP 4 Step 1 Click on SIP Setup from the CONAGURATON menu Step 2 Select Enable from the SIP State radio button and click on the Apply button to update the changes Spanning Tree Protocol Setup Status Enable Disable MAC FALTERING MAC Filtenng acts asa secunty measure by controll
53. e to configure the access point PoE Injector To Antenna 15 Hardware Installation Connect the power adapter supplied in the Netkrom PoE kit to the main electncal supply and the power plug into the socket of the injector Now tum on your power supply Notice that the POWER LED has lighted up This indicates that the access point is receiving power through the Netkrom PoE Injector and that connection between your access point and your network has been established Note Please use the power adapter provided in the package Using a power adapter with a different voltage rating willdamage this product Main Electrical Supply 110 220v Power Supply To Antenna PoE Injector To Switch or PC 16 Hardware Installation MOUNTING AP IN THE POLE OR TOWER Outdoor Access Point device can be mounted on the pole or tower as shown in following 1 Mount the bracket to the pole with the U bolts 2 Attach the radio to the bracket which was mounted on the pole with the supplied nuts and U bolts 3 Tighten the U bolts and nuts with hand tools Antenna Pole Mast Outdoor AP Nuts j U Bolt Bracket To Ant To PoE Injector 17 Chapter 3 Access to Web based Interface There are two methods to access to the web based Interface of your access point e Through our U lity uConfig You can access to the web based interface directly without the need to assign a different IP addressto your PC
54. e value for Accounting Port number is 1813 You can leave this value asit is This value must be set to be the same asthe one in the RADIUS server Step 4 Enter the Shared Secret Key in the field provided Step 5 By default the Broadcast Key Rotation is set as 600 seconds You may leave this value asits default setting Step 6 Select the length of each encryption key e 64 bit 10 hexadecimal or 5 ASCII Text e 128 bit 26 hexadecimal or 13 ASCII Text Step 7 Press the Apply button and reboot your system after which your settings will become effective 84 WLAN Security HowTo sTuP WPA EAP WPA2 EAP WPA EAP AUTO ONLY ACCESS POINTMODE SUPPORTS VWPA2 EAP AND WPA EAP AUTO The guidelines below will help you to set up the access point for using WPA EAP Please follow the steps below if you have selected the WPA or WPA1 EAP WPA2 EAP or WPA EAP AUTO At the WPAI1 2 EAP Setup page WPA1 2 EAP Setup Primary RADIUS Server IP Secondary RADIUS Server IP Authentication Port Accounting Port Shared Secret Key Cipher Type GTK update seconds 60 9999 UTO Step 1 Key in the IP address of the Primary RADIUS Serverin your WLAN You can optionally add in the IP address of a Secondary RADIUS Server if any The RADIUS authentication server MUST be in the same subnet as the access point Step 2 By default the value for Authentication Port number is 1812 You can either leave this value as it is or ke
55. eccceeeeeeeeeeeeeeeeeeseeeeeeeeeeeeeeeeennaeeeness 158 Table of Contents FOr WING OWS XP 2000 cccccccceeeseeeeeeeeeeeeeeeeseeueeeeeueeseeeeeeeueeeeeseeaeeaeeeneeneseenees 161 APPENDIX Ill PANEL VIEWS amp DESC RIPTIONG 2 c0ceccenees 163 APPENDIX IV TEC HNIC AL SPEC IACATIONSG cscscseeseneneees 165 Chapter 1 Product Overview INTRO DUCTION The AIRNET54Mb Outdoor AP Bndge seres isa high performance Access Point and Bridge designed for enterprises and outdoor users It iscompatible with IEEE 802 11a b g and supports high speed data transmission up to 54Mb Housed in a waterproof casing AIRNET 54Mb Outdoor AP Bndge senes is designed to withstand any extreme climatic conditions making it the ideal solution for outdoorapplications The AIRNET 54Mb Outdoor AP Bndge senes has the ability to operate in 7 different modes and can be used in a wide vanety of wireless applications like Point to Point Point to Multipoint Wireless ISP Hot Soot and Mesh Network applications The integrated WDS Wireless Distnbution System feature creates a virtually larger wireless network infrastructure by linking up other access points Perfect for applications requinng high bandwidth at a fraction of the cost of T1 El1 leased line with the additional advantage of zero monthly recuming cost from the service camer Typical usages include bndging satellite offices comorate LANs school campus as well as wireless Intemet services at distanc
56. ecurty Configuration command menu click on Packet Filtering Security Configuration URL Filtering Firewall Configuration Firewall Logs Step 2 You must first choose the Packet Filter Type by clicking on the Packet Filter Type Disabled Cha nge button Packet Filter Configuration Step 3 Select from three choices Disabled Select Packet Filtering Type Sent Discarded then click on the Apply button The defa ult is Disabled Disabled All IF packets will be sent Sent AIP packets willbe sent except for irin those matching one or more ot the rules wh IC h a llows a Il p ac ke ts to b e se nt All JF packets will be discarded except Orecarded for those matching one or mone of the rules App 134 Secunty Configuraton Packet Filter Configuration Destination Day of the Time of the Portis week Day Packet Filter Type Sent Rule Kame IP Address es Add Step 4 Click on the Add button and you will be able to define the details of your Packet Filter Rule from the screen on the nght 4a Enter Rule Name for this new packet filtering rule For example BlockCS 4b From the IP Address drop down list select whether to apply the rule to A Range of IP addresses In this case you will have to define From which IP address To which IP address your range extends A Single IP address Here you need only specify the source IP address in the From field Any IP address
57. ended for outdoor long distance connection 37 Common Configuration TO CONAG URE THE BASIC SETUP OF THE WIRELESS MODE The following will guide you to configure the basic setup of the wireless mode you have selected Step 1 Click on WLAN Setup from the CONHGURATION menu You will see the sub menus expanded under WLAN Setup Click on Basic The default operating mode of the access point isthe Access Point mode WLAN Basic Setup WLAN Basic Satup The Cum nt a A KERA Woie ACCESS Hoan Change The Current Mode acoess Pont Change ESSID Wireless G AP ESSI mere ee EE Wireless Profil Profite Country PO COUNTRY _SET4hA Country r Charmi Cmatiolgrt w i Channa BA 11g riimi Channel Surni T Rote Fully Aut Tx Rote Fl Closed z a ri oe ey oe Aa a 2 ee Closed Sytem i ft System diable onable aya disable enable Apphy A IR BR500G GH 38 Common Configuration Step 2 Optional Change Curent mode If you wish to change the curent mode of your access point click on Change select your Operaton Mode and click on the Apply button to access the setup page of your selected mode Then you are prompted to reboot the access point so asto effect the mode setting WLAN Operation Mode Operation Mode Access Point Step 3 Enter the parameters in their respective fields click on the Apply button and reboot your device to let yourchangestake effect Note that the WLAN Basic Setup page
58. erstanding of how adding a static routing entry can facilitate a network setup such as the one descnbed above here is how you may configure the access point Step 1 Under the CONAGURATION command menu click on Routing to be brought to the System Routing ORES Table shown on the nght Initially 127 0 0 0 the table will contain the default eee routing entnes built into Access point System Routing Table Network Mask Gateway 255 255 255 255 255 255 255 0 255 255 255 0 Stic Floutin g Tabie Step 2 Static Routing Table Destination Neryark Mask Gateway Ada Back k Step 3 You may specify the Destination IP Address Destinaton Net Mask and Gateway IP Address here For this example they are 192 168 100 0 255 255 255 0 and 192 168 168 254 respectively Hit the Add button to finish When the entry is added it is Click on the Static Routing Table button above On this page click the Add button Static Routing Table 132 166 100 0 255 255 255 0 132 166 160 254 tagell Cancel Destination IF Address Destinaton Wet Mask Gateway IP Address 106 Advanced Configuration reflected in the Static Routing Table Static Routing Table Destination Network Mask Gateway 92 168 100 Of 3255 255 255 0 192 168 168 25 s NAT ONLY SUPPORTED BY WIRELESS ROUTING CUIENTAND GATEWAY The basic purpose of NAT is to share a single public IP address when there are multiple PCs in the
59. es up to 25 miles or 40 Km using 1 watt amplifier The Aimet 54Mb Outdoor Bridge High Power also represents the perfect solution for bridging networks that are impossible to connect using wired altematives including networks separated by difficult terains railroads or bodies of water The AIRNET 54Mb Outdoor AP Bndge seres is based in Atheros eXtended Range XR chipset and provides powerful features such as High Power higher throughput Long Range Parameter Settings high secunty 64 128 152 WEP and WPA2 DHCP Server Spanning Tree Protocol Web based Configuration and QOS feature which allows media files to be delivered over the network more efficiently Designed for outdoor use the AIRNET 54Mb Outdoor AP Bndge seres is able to draw power through Cat 5 Ethemet cable from our DC injector This ensures that power is available wherever you need it without the need of expensive electncal work often associated with outdoor installations Product Overview FEATURES AND BENEATS Outdoorand Waterproof Design Full IEEE 802 1la b g compatibility allows interoperation among multiple vendors High speed data transfer rate up to 54Mbps WDS Wireless Distribution System Long Range Para meter Settings Power over Ethemet PoE Supports 64 128 152 WEP WPA and WPA2 SNMP Web base Management System and Windows based utility Supports Atheros extended Range XR technology Spanning Tree Protocol DHCP Server Bandwidth control SPI Firewall
60. ess to use to download orupload a users throughput IP MAC Address This is the type of address to be chosen depending on the rule type For instance if you may want to limit an entirely machine address ora user by his routers MAC address you can specify the MAC address using that field in the same way that you can limit by IP address Step 4 After you have completed the parameters click Add so that the new tule is added in the entry list shown in Step 1 To add more new bandwidth rules repeat Step 1 through 3 NOTE The sum of Committed Rate of the rules should never exceed the corresponding Total Rate 117 Advanced Configuration REMOTE MANAGEMENT ONLY SUPPORTED BY WIRELESS ROUTING CUENTAND GATEWAY The advanced network administrator will be delighted to know that remote management is supported on the access point With this feature enabled you willbe able to access the access point s web based configuration pages from anywhere on the Intemet and manage yourhome office network remotely To SETUP REMOTE MANAGEMENT Only two simple steps are required to set up remote management for the access point Step 1 Remote Management Under the CONAGURATION command menu click on Remote permeke HITE jg G disabled Management and you will be m brought to the following screen Step 2 By default Remote Management is disabled To disable Remote Management just enter 0 for Remote Http Port
61. etup under Configuration click on Advanced which shows the WLAN Advanced Setup page Step 2 Go to the Extended Features section and click on the Long Distance Parameters button WLAN Advanced Setup Beacon Interval 100 100 20 1000 Data Beacon Rate DTIM 1 4 1 16384 RTS CTS Threshold 512 512 1 2312 Frag Threshold 2346 2346 256 2346 Transmit Power Maximum v Extended Features l Long Distance Parameters 102 Wireless Extended Features Step 3 As illustrated on the Long Distance Parameters Setup page the Outdoor feature isdisabled by default Select Enable from the pull down menu Long Distance Parameters outbaar Enable By SlotTimefus g ACKTimeOut us 18 CTSTimeOut us 18 Note Enter the distance of the client from the AP a set for recommended parameters for SlotTime AKCTimeoOut and CTSTimedut will be computed You can use the recommended parameters or make your own fine tunings Changes made will only take effect after rebooting Apply Step 4 The access point can automatically calculate the values of the parameters to input based on the distance between your access point and the other wireless device Enter the distance in meters and click on Show Reference Data Long Distance Parameters Enable x Outdoor Distance meter 103 Wireless Extended Features Step 5 You can enter the parameters according to the recommended val
62. evices on different subnets For instance if you want to access the access point from the Intemet or from a router on the LAN you can set the IP address of the access point asthe Management Gateway IP The Management Gateway IP address of your access point is set to nil by default The next two fields DHCP Start IP Address and DHCP End IP Address allow you to define the range of IP addresses from which the DHCP Server can assign an IP address to the LAN DHC P Start IP This is the firt IP address that the DHCP server will assign The Address value that you input here should belong to the same subnet as your access point For example if the IP address and network mask of your access point are 192 168 168 1 and 255 255 255 0 respectively the DHCP Start IP Address should be 192 168 168 X where X can take any value from 2 to 254 It is pre set to 192 168 168 100 DHC P End IP This is the last IP address that the DHCP server can assign It Address should also belong to the same subnet as your access point For instance if the IP address and network mask of youraccess point are 192 168 168 1 and 255 255 255 0 respectively the DHCP End IP Address should be 192 168 168 X where X can take any value from 2 to 254 It is pre set as 192 168 168 254 DHCP Gateway Address IP _ Description Though usually the DHCP server also acts as the Default Gateway of the DHCP client the access point gives you the
63. ferred DNS server Alternate DNS server OK Cancel Step 5 Click on OKto close all windows Step 6 Next in order to check if the IP address has been comnectly assigned to your PC go to Start menu Accessones select Command Prompt and type the command ipconfig all co CS WINDOWS system3 icmd _exe Ci Documents and Settings Administrator gt ipceonf ig all findows IP Configuration Hogt HERE a s aadada nai gt winxp rilrrtipJ Primary Dne Suffix Hao d Lis T ay pe IP Routing Enabled gt a a z WINS Proxy Enabled a Ethernet adapter Local Area Connection Lonnection speciFfic DAS suf fix Description e ts Realtek RILS139 Family PCI Fa Physical Addressee s a BEB bE BE fb T7 Dhep Enabled s s o Ho F Addressee gt s ee se ee el el le DE Subnet zk P Address ATA lea TA 2 es es O E O O E O el Default Gateway 19 DHS Seruers a es es se we ew ee I Your PC is now ready to communicate with your access point 162 Appendix lll Panel Views amp Descriptions Front View of Access Point N Female Connector Waterproof RJ 45 Connector Back View of Access Point Mounting bracket Bottom View of Access Point Board 163 Panel View amp Descnptions 11 Name Reset Push button To reboot pressonce To reset password press and hold the button for 5 seconds The DIAG l
64. for the Client mode is different from that of the Access Point mode WLAN Basic Setup WLAN Basic Setup fa The Current ms LUTE tant Moda Changa Mod Client Mode od ESSID Wireless G AP Sita Survey 7 ESSID Wireless AG Site Survey Wireless saa aie ie Wireless FF Profile creat NENG maaa aTe 802 11a x Country NO_COUNTRY_SET MA Country UNITED STATES US Tx Rate Fully Auto Tx Rate Fully Auto v Apply Link Information Link Information e r ire Show Link momat Show Link Information A IR BR500G GH A R BR500AG If you wish to set the access point in the Pointto Point mode click on Change to select Point to Point and then you will see the page below Common Configuration WLAN Basic Setup WLAN Basic Setup The Curent Moe Point to Pont The Current Mode Point to Point ESSIG Wireless G AP ESSID Wireless AG Wireless Profile 802 1 Tig mand Wireless Profile 802 118 v ie HR XR H diia Peer MAC RRRA XX XX XX SORRY aan Panamai ba E L aa Country UNITED STATES US Channel SmartSelect x Tx Rate Fully Auto Channel Somer elesct we Ts Rate Fully Anto Apply AIR BR500G GH AIR BR500AG If you wish to set the access point in the Point to Multiple Point mode click on Change to select Point to Multiple Point and then you will see the page below WLAN Basic Setup WL
65. han channels Auth Authentication Alg Algonthm used and the strength of the Signal received 44 Common Configuration Site Survey Besid 5510 Chan Auth WEA PSK PSN PSK WFA 0080453065bd wpe A 6 PSK TEIP 008045003472 PMD 28G Online 6 006045015403 wp54 1C 1 WPA J 00804521877 npiBa tang EAP TKIP 0086045350918 OPEN NONE 006045003480 OMEGA 1 OPEN NONE 0oe04500345d Anyl OPEN NONE 00045240675 Any OPEN NONE 006045358661 npag OPEN NONE Apply Retesh Back Site Survey on the 2 4 Ghz frequency band Step 2 To connect the access point client to one of the access points detected Select the radio button coresponding to the access point you want to connect to Step 3 Click on the Apply button to effect the change and retum to the setup page Step 4 Click on the Refresh button to update this screen This table descnbes the read only parameters of neighbounng access points that can be viewed from the Site Survey page 45 Common Configuraton Parameters _ Descnption Bssid In an infrastructure wireless network the BSSID refers to the wireless MAC addressof the access point SSID Refers to the network name that uniquely identifies the network to which the access point is connected Chan Refers to the channel being used for transmission Auth Refers to the types of authentication such as WPA WPA PSK etc being used by the access point Alg
66. hort the main purpose of activating SIP is to prevent looping when you have redundant paths in the network Without activating SIP redundant topology will cause broadcast storming To establish path redundancy SIP createsa tree that spansall of the devicesin an extended network forcing redundant paths into a standby or blocked state but establishing the redundant links as a backup in case the active link Should fail If SIP costs change or if one network segment in the SIP becomes unreachable the spanning tree algonthm reconfigures the spanning tree topology and re establishnes the connection by activating the standby path Without spanning tree in place it is possible that more than one connection may be simultaneously live which could result in an endless loop of traffic on the LAN Spanning Tree Protocol operation is transparent to end stations which are unaware whether they are connected to a single LAN segment ora switched LAN of multiple segments After Implementing STP The path with the smallest cost will be used and extra redundant paths will be disabled 72 Common Configuraton To explain the effect of SIP amp Pseudo VLAN on the wireless clients we will compare 3 separate scenanos Scenario 1 No SIP No Pseudo VLAN Refeming to the illustration below if the Spanning Tree Protocol SIP and Pseudo VLAN are not implemented in a network all clients Notebook 1 2 3 amp 4 can accessto on
67. if a client is a member of wireless Pseudo VLAN groups 01 and 02 it will be able to communicate with the other clients in both groups 94 Wireless Extended Features ADD ANOTHER CLIENTIN A PSEUDO VLAN GROUP Follow the procedures mentioned in Steps 3 5 You can create up to 32 members per Wireless Pseudo VLAN group Eom DELETE A CLUIENTIN A PSEUDO VLAN GROUP Step 1 Click on the MAC address in the table as shown below Wireless Pseudo VLAN Per group Hardware Address 00 80 45 e5 0d 05 Add Step 2 From the Edit Wireless Pseudo VLAN Entry page Click on the Delete button to remove the client from the group or Click on the Save button after you had edited the entry Edit Wireless Pseudo VLAN Entry Group group 01 Hardware Address 00 80 45 e6 0d 05 xx xx xK xX KK XX ai 95 Wireless Extended Features VWRELESS Setup THE VWirReLESS DisiRiputep System WDS Only in Access Point mode A wireless distribution system links up several access points creating a wider network in which mobile users can roam while still staying connected to the available network resources In a WDS the access point can drive a cell of wired and wireless clients while at the same time connecting to other access points This requires the operational frequency channel to be the same within the cell controlled by your access point as well as for its wireless links to the other access points St
68. ight will flash fast for about 5 flashes sec before releasing the button To restore the factory default settings pressand hold the button for more than 10 seconds The DIAG light will flash slowly for about 10 flashes sec before releasing the button 164 Appendix IV Technical Specifications Ethernet Port Operating Frequency Channel AIR BR500AG Ethernet 10 100Base TX RJ 45 802 11b g 2 400 2 497 GHz 802 11a ee me 5 15 5 35 amp 5 725 5 850 Programmable for different country regulations GHz US 9 15 5 35 GHz amp 9 47 5 725GHz Europe RF Modulation 802 11b DSSS DBPSK DQPSK CCK 802 11a g OFDM BPSK QPSK 16 QAM 64 QAM RF Output Power 20dBm 23dBm 20dBm 802 11b 95dB 1Mbps 94dB 2Mbps 92dB 5 5Mbps 90dB 11Mbps Sensitivit 802 11a g 90dB 6Mbps 89dB 9Mbps 87 12Mbps 85dB 18Mbps Y 82dB 24Mbps 79dB 36Mbps 76dB 48Mbps 74dB 54Mbps Data Rate 54 48 36 24 18 12 11 5 5 2 1Mbps Access Point RF Operation Mode Client mode Point to Point Point to Multiple Point Wireless Routing Client Wireless Adapter Gateway p to 10 miles 16 Km Up to 15 miles 24 K gore miles 32 Km with Range with 24dBi i 24dBi Parabolic Grid Paabde Gidanienna Parabolic Dish antenna in antenna 5GHz WEP 64 128 152 bit Data Security Mac Address Filtering IEEE 802 1x TLS TTLS PEAP WPA PSK and WPA E
69. ing the users accessing to the network through their MAC address You can either keep a list of MAC address coresponding to users who are allowed to access the network or to keep a list of MAC address cormesponding to users who are forbidden from network access 75 Common Configuration Step 1 Click on MAC Filtering from the CONHGURATION menu Enable the function of MAC Filtering MAC Address Filtering MAC Filtering O allow Pts listed to access network Prevent PCs listed from accessing network MAC Address List Step 2 Click on the Add button to create a client in the MAC Address List Step 3 In the Mac Address field enter the wireless MAC address of the client in the format XX XX XX XX XX XX Where x can take any value in the range 0 9 or a f After that you can enter the text in the Comment field to describe the MAC Address you just added Click on the Apply button Add MAC Address MAC Address 00 60 45 e5 0c 05 WW NX MK MM MM M Comment AF1 Apply Cancel 76 Common Configuration Notice that the MAC Address hasbeen added to the list MAC Address Filtering MAC Filtering Disable Allow PCs listed to access network Prevent PCs listed from accessing network MAC Address List E Step 4 Next you can choose whether you wish to allow or to prevent network access for the users in the MAC address list Simply click on the radio button besides Allow PCs listed to
70. ion IN CUENTMODE Click on WLAN Setup from the CONHGURATION menu You will see the sub menus expanded under WLAN Setup Click on Statistics 00 80 45 37 86 dd Statistics Authentication Type Encryption Open System No Authentication Deauthentication Association Disassociation Reassociation 0 0 0 0 0 MSDU Data Multicast Management Control Errors Receive 0 0 0 2122 Transmit 0 In Client mode you are not allowed to view other wireless clients statistics To view other wireless clients information you need to change to Access Point mode 5 Common Configuration IN POINTTO POINTMODE Click on WLAN Setup from the CONHGURATION menu You will see the sub menus expanded under WLAN Setup Click on Statistics 00 80 45 02 56 0d Statistics Authentication Type Encryption Open System No Authentication Deauthentication Association Disassociation Reassociation 0 0 0 0 ia MSDU Data Multicast Management Control Errors Receive 0 0 Transmit In Point to Point mode you are not allowed to view other wireless clients statistics To view other wireless clients infomation you need to change to Access Point mode 58 Common Configuration IN POINT TO MULTIPLE POINTMODE Click on WLAN Setup from the CONHGURATION menu You will see the sub menus expanded under WLAN Setup Click on Statistics 00 80 45 37 86 dd Statistics Authentication Type Encryption Open System No Authentication Deauthenticatio
71. isable Bandwidth CONntol sssssssssssrrrrsseserrrnrsserrrrrnrssernne 114 To configure WAN Bandwidth Control Setting sessssssssserrrrsssrrrrrrrsssesn 115 To configure LAN Bandwidth Control Setting s esssssssesserrrrsssrrrrrrrsssrrn 116 Remote Management only supported by Wireless Routing Client and Gate Way e E E E E E EEE 118 To setup Remote Management eienenn aaie 118 Parallel Broadband only supported by Gate way ssssssssssssssssssssssssessneees 119 To enable Parallel Boadband on the Access POIN1E eee eee eeeeceeeeeees 120 Table of Contents Email Nouta tOM Oaa Oo aAa Eaa 121 Static Address Translation only supported by Wireless Routing Client and Gate Way A E E E 123 DNS Redirection only supported by Wireless Routing Client and Gateway suauuisdutusedudeuunsdheasuuddebsassuuGbannsstudutdeaubbusubatuduidddanauadususddnisvansuikcseudduveuneuusuaussseedaweuate 125 To enable disable DNS RECIPE CtiON ccssccccceceeesssssteeeeeessssssseeeeeeesssssnees 127 Dynamic DNS Seti vsiiisiscidasissndetsnstecedecenuiGustenans cudesaandieoundeusvaceosesundeansedeseuntee 127 To enable disable Dynamic DNS Setup cccccssscccssssseeeesssseeeesssseeeeess 128 To manage Dynamic DNS List DDNS ccccccccceccssssseeeeessssssteeeeesesssseees 128 CHAPTER 8 SEC URITY CONAGURATION c scsettseeeeetseees 134 Pac Ket PING ING esna aaa aa aa ea aa aa aa aa aaa aaa 134 To configure Packet Filttenng sssss
72. kets Users can either set a single IP addressorseta range 141 Secunty Configuraton Destination IP Source Port Destination Port Check Options Check TIL of IP addresses This parameter lets you specify the set of workstations that receive the data packets Users can either set a single IP address or seta range of IP addresses You can control requests for using a specific application by entering its port number here Users can either set a single port numberora range of port numbers This parameter determines the application from the specified destination port Users can either set a single port number ora range of port numbers This parameter refers to the options in the packet header The available selection optionsare abbreviated as follows SEC Security LSRR Loose Source Routing Timestamp Timestamp RR Record Route SID Stream Identifier SSRR Strict Source Routing RA Router Alert This parameter would let you screen packets according to their Time To Live TIL value available options are 1 Equal 2 Less than 3 Greater than 4 Not equal 142 Securty Configuration FIREWALL LOGS When the access point s SPI firewall is in operation valuable traffic pattems in your network will be captured and stored into the Firewall Logs From these logs you can extract detailed infomation about the type of data traffic the time the source and destination address port as well as the action
73. n Association Disassociation Reassociation 0 0 0 0 0 MSDU Data Multicast Management Control Errors Receive 0 0 0 2122 0 0 Transmit 0 0 In Point to Multiple Point mode you are not allowed to view other wireless clients statistics To view other wireless clients information you need to change to Access Point mode 59 Common Configuration IN VWRELESS ROUTING CLIENTMODE Click on WLAN Setup from the CONHGURATION menu You will see the sub menus expanded under WLAN Setup Click on Statistics 00 80 45 37 91 9d Statistics Authentication Type Encryption Open System No Authentication Deauthentication Association Disassociation Reassociation 0 0 0 0 0 MSDU Data Multicast Management Control Errors Receive 0 0 0 0 Transmit 0 0 0 In Wireless Routing Client mode you are not allowed to view other wireless clients statistics To view other wireless clients information you need to change to Access Point mode 60 Common Configuration IN GATEWAY MODE Click on WLAN Setup from the CONHGURATION menu You will see the sub menus expanded under WLAN Setup Click on Statistics 00 80 45 37 91 9d Statistics Authentication Type Encryption Open System No Authentication Deauthentication Association Disassociation Reassociation 0 0 0 0 0 MSDU Data Multicast Management Control Errors Receive 0 0 0 0 Transmit 0 0 0 In Gateway mode you are not allowed to view other wireless clients statistics To view other
74. n the Choice DDNS Provider check the radio button next to the 2MyDNS DNS Service Provider Then click on the Next button to proceed Step 2 Enter your Domain Name Step 3 The Auto Detect checkbox is ticked by default The WAN IP entry box is blank by default These default settings should be applied if the dynamic WAN IP connection is used Choice DDNS Provider Provider Maer Aagrshis Morar TONE Dreri DHE Briny Prier Erari aoine DONE Regirie Ondine rJ l Rack Dynamic DNS Add Proweder JbyQW8 Dynan Dii Service Provider ap qj ore 129 Advanced Configuration For instance If your ISP connection service uses the dynamic WAN IP tick the Auto Detect checkbox to let the DDNS server leam your curent WAN IP address Enter your DDNS account Usemame and Password However if you are using a fixed WAN IP connection enter the IP address in the WAN IP field Then un tick the Auto Detect checkbox Then the access point will update the DDNS server using that WAN IP entered in its field Step 4 Optional If you enable the wildcard service your hostname would be allowed multiple identities For example if you register mydomain 2mydns net users looking for www mydomain 2mydns net or fto mydomain 2mydns net can still reach your hostname Step 5 Optional In the Mail Exchanger field enter the Static WAN IP address of the mail server Domai Marna Dynamic DNS Add Provider 2My
75. name forthe server type you wish to configure Protocol Select either TCP or UDP protocol type from the dropdown list Public Port Select whether to define a single port ora range of public port numbers to accept From Starting public port number To Ending public port number If the Public Port type is Single this field will be ignored IP Specify the IP address of your server PC running within the Address private network Private PortFrom Starting private port number The ending private port number will be calculated automatically according to the public port range 111 Advanced Configuration Asan example if you want to set up Port Forward Entries a web serverona PC with IP address of 192 168 168 55 select HTIP as we Protocol Publie Port PrivaieIP Private Port Server Type and enter Ile 80 192 165 168 355 80 192 168 168 55 as the Private IP Land Beek Address Click on the Add button You will see the entry reflected ason the nght TO CONAG URE VIRTUAL SERVERS BASED ON IP FORWARDING When you have subscribed for more than one IP address from your ISP you may define Virtual Servers based on IP Forwarding for which all Intemet requests regardless of ports are forwarded to defined computers in the pnvate network If you require more information of its function please refer to the NAT Technology Pnhmer on the Product CD Here are the stepsto set it up Step 1 Under the CONHAGURATION command me
76. name in the System Name field Step 3 Fill in the name of a person to contact in the System Contactfield Step 4 Fill up the System Location field If there are multiple devices in your network or building this entry might help to identify the device location Step 5 Click on the Apply button to effect the changes 145 System Utlities SET SYSIEM S CLOCK Step 1 Click on Set System s Clock from the SYSTEM TOOLS menu System Time Setting Current Router Time on 2000 21 22 14 _ and Time Zone GMT 0O7 00 Proposed Router Time 07 04 2005 00 Select to Change the Time Zone for the Router Location GMT 07 00 Mountain Time US amp Canada v Auto Time Setting SNTP Enable Disable time nistgov Time Servers cesium mtk nao ac jp v e g time nist gov ns arc nasa gow Step 2 Select the appropriate time zone from the Select to Change the Time Zone forthe Router Location drop down list Step 3 Enable the Auto Time Setting SNTP radio button SNIP stands for Simple Network Time Protocol and is used to synchronise computer clocks Step 4 Fill in the Time Servers field and click on the Apply button to effect the changes 146 System Utulities FIRMWARE UPG RADE You can check the types and version of your firmware by clicking on About System from the HELP menu To begin with ensure that you have downloaded the latest fimware onto your local hard disk d
77. ng the Apply button Note SAT is disabled by eeey default 124 Advanced Configuration DNS REDIRECTION ONLY SUPPORTED BY WIRELESS ROUTING CUENTAND GATEWAY When you enter a URL in your Intemet browser the browser requests for a name to IP address translation from the Domain Name System DNS servers to be able to locate the web server The DNS server in tum looks for the answer in its local cache and if an appropnate entry is found sends back this cached IP address to the browser Otherwise it would have to contact other DNS servers until the query can be resolved When you enable the DNS Redirection feature DNS requests from the LAN clients willbe processed by Access point Unless in the access point s LAN Setup you have already assigned a specific DNS server which should always be used the access point would contact the DNSserver allocated by your ISP to resolve DNS requests When DNS Redirection is enabled the DNS server used by the access point would ovemde the one defined in the TCP IP settings of the LAN clients This allows the access point to direct DNS requests from the LAN to a local orto a closer DNS server it knows of thus improving response time The DNS Redirection feature also provides better control to the network administrator In case of a change in DNS servers the latter can just indicate the IP address of the actual DNS server in the access point s LAN Setup and enable DNS Redirection without havi
78. ng to re configure the DNS settings of each LAN client 125 Advanced Configuration e The access point contacts the Web server pekealed by DNS server A When communication is established between the Web server and the access roint the webpage will appear in your rowser Z Web server 7 hosting the website Type a URL in the a ie Webbrowser i e dl Another DNS server B a The access point asks DNS Server contacted by DNS server A A for the IP address of the server hosting the website that you want to access d DNS Server A returns the IP address b 5 5 DNS Server A does not have the IP address of the web of the Web server to the access point server and contacts another ONS server to find the answer DNS server B would then search its cache or would in turn contact other DNS servers to return a reply to DNS Server A DNS server A contacted by the access point NOTE For Intemet access please do NOT leave the DNS Server field of the PC s TCP IP Properties blank Simply key in any legal IP address for it e g 10 10 10 10 even though you do not have the exact DNSIP address 126 Advanced Configuration TO ENABLE DISABLE DNS REDIRECTION Step 1 Under the Home User Features Command menu click on DNS Redirection Static Address Translation t DNS Redirection Dynamic DNS Setup UPoP Configuration Step 2 Enable Disable DNS Redirection y choose Enable or Disable f
79. ngs Obtain an IP address automatically Use the following IP address IP address 192 168 168 160 Subnet mask 255 255 255 0 Default gateway Use the following DNS server addresses Preferred DNS server Alternate DNS server Access to Web based Interface Step 5 Click on the OK button to close all windows Step 6 Next in order to check if the IP address has been comectly assigned to your PC go to Start menu Accessories select Command Prompt and type the command ipconfig all co CS WINDOWS system3s cmd exe Ci Documents and Settings Administrators ipeonf ig all Windows IP Conf igurat ion Host Mame Prinary Dna Suffix Hao d Lis ij Ly pe mi IP Routing Enabled gt z WINS Proxy Enabled amp Ethernet adapter Local Area Connection Lonnection speciFfic DAS suff ix Description amp Realtek RILS139 Family PCI Fast Ethe Phys ical Addrese a a a a a BEB BB BE Bb 37 Diep Enabled lt We P AOOPOSE ss es es ee ee le s 192 Subnet Aagsk a ah yaar aa i 25 P Address a a a n ee ee SUNG TA se E E E O O S ll Um EO EID oe Da Default Gateway s gt 192 168 88 2 DMS Serpyers a a saaa a a 165 211 100 888 Lbb ai Hd HH Your PC is now ready to configure your access point Step 7 Launch you
80. no restriction to the type of broadband Intemet accounts they are connected to whether Cable or ADSL You may thus have one Access point connected to Cable Intemet and anotherto an ADSL line When these access points operate in the Gateway mode using Parallel Broadband you need to configure them by firstly enabling Parallel Broadband thus enabling the WDS and finally setting these access points to the same ESSID 119 Advanced Configuration TO ENABLE PARALLEL BROADBAND ON THE ACCESS POINT Before you begin ensure that each of the access point within the network is propery configured to connect to its individual broadband Intemet account Then ensure that either e each access point is connected to an Ethemet port in the network as illustrated above or e the access points are interconnected by WDSor e the accesspoints are wired to each other Finally you are ready to access the web based configuration of each of your access point to enable the Parallel Boadband feature You will have to enable all the DHCP servers in all access points before enabling Parallel Broadband Please note that you need to interconnect all access points Step 1 Under the CONHGURATION command menu click on Parallel Broadband Step 2 Next simply select Enable and click Parallel Broadband Enable Disable the Apply button to make the C ha nges effective Status Enable Disable Apph Step 3 Repeat this for the other access points in
81. nt SAMP Setup 62 Common Configuraton Step 2 On the WAN Dynamic Setup screen that follows venfy that the WAN Type reads Dynamic DHCP in red colour Otherwise click on the Change button WAN Dynamic Setup WAN Type Dynamic DHCP Change IP Address Retresh Network Mask Gateway IP Address Primary DNS Secondary ONS Step 3 Simply select Dynamic IP Address and hit the Apply button Select WAN Type Static IP Address Dynamic IP Address PPP over Ethernet PPTP Apply Cancel Help Please remember to click Reboot System under SYSTEM TOOLS and hit the Reboot button to let the settings take effect Note There are exceptional cases where additional configuration is required before an IP address will be allocated by your ISP to the access point Certain ISPs log the MAC address of the first device used to connect to the broadband channel and will not release a WAN IP address unless the MAC address matches the one in their log Therefore if yours is not a new Cable Intemet subscription i e your PC was formeny connected directly to your cable modem refer to steps 4 5 to clone the approved MAC address onto the access point Certain ISPs require authentication through a DHCP Client ID before releasing a public IP address to you The access point uses the System Name in the System Identity asthe DHCP Client ID Therefore if this is the case refer to your ISP for the comect DHCP Client I
82. nu click on NAT You will find the Advanced NAT Options available near the bottom of the page Advanced NAT Options Step 2 Click the IP Forwarding button to configure Virtual Servers based on IP Forwarding Step 3 At the next screen Add IP Forward Add IP Forward Entry Entry you have to specify a Private IP Address and a Public IP Address In haia 192 168 168 55 Publie IP Actress 21318713101 this example we would like all requests for 213 18 213 101 to be forwarded to a PC with Private IP Address 192 168 168 55 112 Advanced Configuration Step 4 Click the Add button to continue Step 5 The IP Forward Entries page will reflect your new addition IP Forward Entries Private IP Public IP 192 168 168 55 213 18 2 13 101 h NOTE For step 3 above please ensure that you have subscribed to the Public IP Address you intend to forward from 113 Advanced Configuration BANDWIDTH CONTROL ONLY SUPPORTED BY WIRELESS ROUTING CUENTAND GATEWAY The access point is designed to support simple bandwidth management that makes use of the Bandwidth Control This feature gives the administrator the choice to manage the bandwidth control of subscnbers in case of massive data transfer which causes slowdown problems when surfing the Intemet TO ENABLE OR DISABLE BANDWIDTH C ONTROL Only two simple steps are required to enable or disable bandwidth control for the access point
83. ogoutfrom the SYSTEM TOOLS menu Step 2 Click the LOGIN button to access your access point s configuration interface again Wireless G Access Point Management Please enter your password eecccece Forgot your password see the User s Guide for instructions 154 System Utulities USING THE HELP MENU ABOUT SYSTEM The About System page displays a summary of your system configuration information Support technicians might require specific information about your system data when they are troubleshooting your configuration You can use the information displayed in this page to quickly find the data they need to resolve your system problem Step 1 Click on About System from the HELP menu The System Information page will supply information conceming your access point s configuration settings System Information Device System Up Tine BICS Loader Version Firmware Version NetWork Mode Wireless Hardware Address WLAN name ESSID Operating frequency Operating Channel Secunty mode Management Port Hardware Address IP Address Network Mask DHCP Server 0 Days 00 24 54 2 0 build 0027 1 00 build 0706 Inherent Bridge 00 60 45 37 86 dd Wireless G AP 2457MHz 10 WPA PSE 4UTO 00 80 45 37 86 dc 192 168 168 1 255 255 255 0 Disable 155 Appendix I Rrnware Recovery This section demonstrates how to reload the firmware to the access point Should the sy
84. or the Status of DNS Redirection Status Enable Disable Aa Step 3 Complete the setup by clicking the Apply button DYNAMIC DNS SETUP It is difficult to remember the IP addresses used by computers to communicate on the Intemet It gets even more complicated when ISPs change your public IP address regulary as isthe case when the Intemet connection type is Dynamic IP or PPPoE with Dynamic IP If you are doing some web hosting on your computer and are using Dynamic IP Intemet users would have to keep up with the changing IP address before being able to access your computer When you sign up for an account with a Dynamic Domain Name Service DDNS provider the latter will register your unchanging domain name e g MyName Domain com You can configure your access point to automatically contact your DDNS provider whenever the access point detects that its public IP address has changed The access point would then log on to your account and update it with its latest public IP address 127 Advanced Configuration If someone typesin your address MyName Domain com into their web browser this request would go to the DDNS provider which would then re direct that request to your computer no matter what IP address it has been curently assigned by your ISP TO ENABLE DISABLE DYNAMIC DNS SETUP Step 1 Under the Home User Features command menu click on Dynamic DNS Setup Home User Features Static Address Translation ONS
85. our settings will become effective 87 Wireless Extended Features Chapter 6 Wireless Extended Features This section illustrates how to configure the wireless extended features To start with follow the common preliminary steps described below ACCESS CONTROL THE WIRELESS PSEUDO VLAN ONLY IN ACCESS POINTMODE A VLAN is a group of PCs or other network resources that behave as if they were connected to a single network segment although they may be physically located on different segments of a LAN Those stations which are assigned to the same VLAN share network resources and bandwidth as if they were connected to the same segment Conversely only the stations within the same VLAN can accesseach other A Wireless Pseudo VLAN acts by segregating a single wireless LAN into multiple VLANs so that communication is possible only among wireless clients within the same VLAN When operating in the Access Point mode Access point allows you to define Wireless Pseudo VLAN Per Node and Wireless Pseudo VLAN Per Group 88 Wireless Extended Features WIRELESS PSEUDO VLAN PER NODE When implemented this mode isolates each wireless client into its own pseudo VLAN Wireless clients can therefore access resources on the wired network but are unable to see each otheroraccesseach others data Wireless AP f Cable ADSL modem a Internet amp Fast Ethernet Z ado WEP i j Per eet N m z r Soy py Noe FAN Pseu
86. r Web browser Underthe Tools tab select Intemet Options Yahoo Singapore Microsoft Internet Explorer Fie Edit view Favorites Mail and News Q Back x Synchronize Windows Update Address 2 http fisq yahoo com Windows Messenger Yahoo Messenger Show Related Links Internet Options 25 Access to Web based Interface Step 8 Open the Connections tab and in the LAN Settings section disable all the option boxes Click on the OK button to update the changes Local Area Network LAN Settings Automatic configuration Automatic configuration may override manual settings To ensure the use of manual settings disable automatic configuration C Automatically detect settings F Use automatic configuration script L Proxy server go Use a proxy server for your LAN These settings will not apply to dial up or YPN connections Ca Step 9 At the Address bar enter http 192 168 168 1 and press Enter on your keyboard Step 10 At the login page click on the LOGIN button to enter the configuration pages Wireless G Access Point Management Please enter your password seeseses Forgot your password see the User s Guide for instructions 26 Access to Web based Interface You will then reach the home page of youraccess point s Web interface A Wireless LAN Access Point Maxthon Browser SEE File Edit View Favorites Groups Options Tools Window Help D 0 2 h
87. r sharing for Microsoft Networks Add Remove Properties Primary Network Logon Client for Microsoft Networks File and Print Sharing Description TCP IP is the protocol you use to connect to the Internet and wide area networks Ste p 4 TCP IP Properties 21x Select the radio button for Bindings Advanced Netios Specify an IP address DNS Configuration Gateway WINS Configuration IP Address POIR Se ae CARDS OE ny See 0 bis ee Enter the IP Address and Subnet Kaasar Se Pe cine ule Wes ha Mask as 192 168 168 X and the space below 255 255 255 0 where X can be any number from 2 to 254 C Obtain an IP address automatically except for 1 In this example we _ Specily an IP are using 192 168 168 100 as the static IP Address Males st Mask 159 TCP IP Configuration Step 5 l In orderto check if the IP address a has been assigned corectly to Reatek RTL8139 Family PCI Fas your PC simp ly go to the Start Adapter Address 00 80 45 EA A4 A2 menu select Run and enter the r E ioe a SubnetMask 255 255 255 0 command winipcfg Default Gateway 192 168 168 116 Select your respective Ethemet Hoe o gt Adapter from the drop down list and click OK Now your PC is now ready to communicate with your access point 160 TCP IP Configuration FOR VANDOWS XP 2000 Step 1 Go to your desktop nght click on Properties Step
88. rive Step 1 Click on Firmware Upgrade from the SYSTEM TOOLS menu Firmware Upgrade L Browse Upgrade Firmware path and file name Step 2 Click on the Browse button to locate the file Step 3 Click on the Upgrade button 147 System Utulities Follow the instructions given during the upgrading process Firmware Upgrade Upgrading firmware now please wait 50 seconds and don t turn off the power until see the Firmware Upgrade Successfully page reboot to effect all changes BURNING FLASH Please keep current upgrade page I 7 Step 4 You need to reboot the system after the finmware upgrade Firmware Upgrade Firmware upgrade successfully reboot now NOTE The fimware upgrade process must NOT be intemupted otherwise the device might become unusable 148 System Utulities BAC KUP OR RESET SETTINGS You may choose to save the curent configuration profile to make a backup of it onto your hard disk to restore an earlier profile saved on file or to reset the access point back to its default settings RESET YOUR SETTINGS Step 1 Click on Backup or Reset Settings from the SYSTEM TOOLS menu Step 2 To discard ALL the configuration you have made and restore the access point to its initial factory settings click on Reset button Backup or Reset Settings Erase the Machine s configuration restore its factory default R Reset settings gt Reset Backup
89. rom the port number in the reply packet knows to which client to forward the reply If the access point doesnot recognize the port number it will discard the reply When using DMZon a PC any reply not recognized by the access point will be forwarded to the DMZenabled PC instead Step 1 Under the CONHAGURATION command menu click on NAT You will find the Advanced NAT Options available near the bottom of the page Step 2 Click the DMZ button to configure Virtual Servers based on De Militanzed Zone host 108 Advanced Configuration Step 3 On the NAT DMZ IP Address page you have to define the Private IP Address of the DMZ host In this example we keyed in the private IP Leen Les address for the PC we wish to place within the DMZ 192 168 168 55 NAT DMZ IP Address Private IF Address 192 168 163 55 Enter 0 0 0 0 as the Private IP Address and it will disable DMZ Remember to click the Apply button NOTE NOTE 1 When you enable DMZ the Static IP Address configuration is recommended for the DMZhost Otherwise if the address is allocated by DHCP it may change and DMZ will not function propeny Zz DMZ allows the host to expose ALL of its parts to the Intemet The DMZ host is thus susceptible to malicious attacks from the Intemet 109 Advanced Configuration TO CONAIGURE VIRTUAL SERVERS BASED ON PORT FORWARDING Virtual Server based on Port Forwarding is implemented to forward
90. rver of Access point Step 1 Click on Management Portfrom the CONHGURATION menu Step 2 Go to the Advanced DHCP Server Options section click on the Show Active DHCP leases button Advanced DHCP Server Options Show Active Dhcp Leases Dhcp Server Reservations The DHCP Active Leases table displays e The HostName of the DHCP client e The IP Address that hasbeen allocated to the DHCP client e Its Hardware MAC Address e The date and time at which the IP address leased expires DHCP Active Leases Host Name IP Address Hardware Address Lease Expired Time NOTE NOTE a l Invalid date and time displayed in the Lease Expired Time column indicates that the clock of youraccess point has not been propeny set Please refer to the SYSTEM TOOLS section for more details on how to set the system clock 32 Common Configuration TO RESERVE SPECIAC IP ADDRESSES FOR PREDETERMINED DHC P CUENTS Making an IP address reservation lets you inform the DHCP server to exclude that specific address from the pool of free IP addresses it draws on for dynamic IP address allocation For instance if you set up a publicly accessible FIP HTIP server within your pnvate LAN while that server would require a fixed IP address you would still want the DHCP server to dynamically allocate IP addresses to the rest of the PCson the LAN The following shows you how to reserve a particular IP address Step 1 From the Advanced DHCP Server Op
91. s after which the access point will disconnect from the ISP after the last Intemet activity A value of 0 will disable idle timeout Reconnect Time Factor is associated with the Always on option and specifies the maximum time the access point will wait before re attempting to connect with your ISP Hit the Apply button and Rebootthe access point WAN Setup ADSL Intemet using PPTP If you subscribe to an ADSL service using Point to Point Tunneling Protocol PPTP authentication you can set up your access point s WAN type from the steps that follow For example if the ISP provided you with the following set up information you can setup your WAN asdescnbed below IP Address 203 120 12 47 Network Mask 255 255 255 0 VPN Server 203 120 12 15 Step 1 Under CONAGURATION on the command menu click on WAN Setup Step 2 Select WAN Type Access the Select WAN Type page and choose PPIP before clicking the Sea ee Apply button You will then be Dynamic IP Address brought to the following page PPP over Ethernet q PPTP requinng your inputs Step 3 Fill in the information provided by your ISP in the IP Address Network Mask and VPN Server fields followed by clicking the Apply button Please remember to click Reboot System under SYSTEM TOOLS and hit the Reboot button to let the settings Common Configuraton take effect WAN PPTP Setup The Idle Timeout setting allows you WAN Type PPTP Change to specify the
92. secunty mode individually To start with follow the common preliminary steps descnbed below to select the most appropnate secunty approach for protecting your wireless communications Step 1 Click on WLAN Setup from the CONHGURATION menu to select Securty Step 2 Make a selection from the Securty Mode drop down menu The Securty Mode is set to NONE by default Click on the Apply button WLAN Security Setup Security Mode NONE WPA EAP AUTO 79 WLAN Security HOWTO SETUP WEP The guidelines below will help you to set up your access point for using WEP At the WEP Setup page WEP Setup Key String Type Hex 0 9 a f A F Length 10 or 26 Ascii O 9 a z A Z Length 5 or 13 Transmission key Key 1 vi Key 1 64Bit SSA Key 2 Regkey 3 TRY 4 Key 2 64Bit O Isp Key 3 64Bit O 128Bit Key 4 64Bit O 128Bit Rese Step 1 Specify the key entry type by selecting either e Use Hexadecimal e Use ASCII Step 2 Select the Transmission Key from the pull down menu Key 1 Key 2 Key 3 Key 4 The access point lets you define up to four different transmission keys It defines a set of shared keys for network secunty You must enter at least one WEP key to enable secunty using a shared key 80 WLAN Security Step 3 Select the length of each encryption key e 64 bit WEP 10 hexadecimal or 5 ASCII Text e 128 bit WEP 26 hexadecimal or 13 ASCII Text
93. ssssrrrrssssserrrresserrnrnnsssnrrnrnnnssnnrnnnnnenenne 134 URL PANS NG esna ea aaraa snc CE eaaa aa aE a aaa aa aS 138 To c nfigure URL Fite ning isesi denies 138 PIE Wall Configuration sssssssnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn 139 To configure SPI FiIreWall oo ceeeeesesssseeeeeeeesssseeseeeeessssseesseeeeeeeessssaaees 139 PAS Worl LOGS nicin e Eaa Oaa ueeuecnusauubuavescuussuusiusineusnes 143 To view Firewall LOG Siccciciszececcnttetenerseticar ventssautincaieebiavelerievasaien nde 143 Using the SYSTEM TOOLS Menu ssscsssccsssssssseeeeeeessnssseeeeeeesennssseeseenssnnssseeeeeens 144 PG NEY ina E 144 Nera ENUN n etree reverence annie eras 145 CENIE C10 CK seats nccrten eat eter taal tata orale a 146 FIntAWale Upgrade asn e ee ete 147 Backup or Reset SettingS a scis cans eicuvscncececadadedccrcnenteussocnccedcavessatccenecenemuccnsnss 149 FREDO Sy SECs sees eas rhc a a eee demearecneds 152 change Pa Wo emerrercemerrne teeere cement cerecrer cre et terrrrer tt reertrrrreer trtccr tree 153 POC OU Ae Ai ie AT AIGA AS eee eos tert ena aerstuneedeeereededes 154 Using h HAP men sacia cd ccs tuwane eis cwadeuacsecd ccveustundueveceusueusdesddecceusauss 155 PD OU SY SEC Mi nonuns ndama casbeteeesausteces a 155 APPENDIX HRMWARE REC OVERY c ssscssssseenseeensesersssass LOO APPENDIX Il TC P IP CONHG URATO N ssssnnnnnnnnnnnnnnnnnnnnnnnnn LOO For Windows 95 98 98SE ME NT cccccsccc
94. st of a maximum of 32 characters Site Survey A lit of wireless devices that are detected by your access point in the WLAN Infomation such as MAC address channel SSID algonthm and signal strength can 41 Common Configuraton be found in the listing This feature is supported by the Access Point Client and Wireless Routing Client modes Wireless Profile A selection of network environment types in which to operate the access point e 802 11a only only for AIR BR500AG This mode supports wireless A clients with data rates of up to 54 Mbpsin the frequency range of 5 8 Ghz e 802 11b only Available for AIR BR500G GH and AG This mode supports wireless B clients with data rates of up to 11Mbpsin the frequency range of 2 4GHz e 802 11b g mixed Available for AIR BR500G GH and AG This mode supports both wireless B and G clients e 802 11g only Available for AIR BR500G GH and AG This mode supports wirelessG clients that offer transmission rates of up to 54Mbps in the 2 4GHz frequency band Peer Mac Only in This mode can support more than one access point This Point to Point feature allows you to create a new peer MAC for mode another access point so that the router operating in the access point mode can connect to another access point Peer MACs Only This mode can support up to 15 access points This in Point to feature allows you to create up to 15 peer MAC Multiple Point a
95. stem fail to launch propery In such cases the access point will automatically switch to loader mode and the diagnostic LED will light up and remain ON The table below illustrates the behavior of the diagnostic LED Ys Accesspoint State Diagnostic LED 1 State Conupted firmware access point Blinks very fast automatically switches to loader mode Recovery in progress Suc cessful recovery Blinks very slowly Before starting check the status of the diagnostic LED against the table above to confirm whether firmware failure hasoccunred Step 1 Powerthe access point off and disconnect it from the network Step 2 Use a MDI cable to connect the LAN port of the access point to the LAN port of your computer Step 3 Power the access point on and then start up your computer You are recommended to set your computer s IP address to 192 168 168 100 and its network mask to 255 255 255 0 Step 4 Insert the Product CD into the CD dnive of your computer 156 Firmware Recovery Step 5 From the Start menu click Run and type cmd When the command prompt window appears type in the following command XA recovery TFIP i 192 168 168 1 PUT image_name IMG where X refers to your CD dnve and image_name IMG to the firmware filename found in the Recovery folderof the Product CD Step 6 If you have downloaded a newer firmware and have saved it in your local hard disk as C EP54G1A 541Axxx IMG then replace the
96. t Wireless LAN Access Point lechnclogies Management Port WLAN Setup STP Setup SNMP Setup The current operation mode is Access Point Ping Utility System Identity Set System s Clock Firmware Upgrade Backup or Reset Settings Reboot System Change Password Logout About System Welcome please choose an option from the configuration menu gt Welcome please choose an option from the configuration menu Listo o s 10 0 0 2 Obytes 112M 21 Access to Web based Interface VERIFY THE IP ADDRESS OF THE ACCESS POINTWITH NPA ND Another utility program NpRind intended to help you venfy the IP address of your product Follow the next stepsto check the IP address of your access point Step 1 Insert the Product CD into the CD ROM dnve It will automatically run Step 2 Click on Utilities and select NpFind program to run it The screen will then display the IP address of the device detected gt Npfind Router JAP Name WirelessG AFI IP Address 192 168 168 1 E 22 Access to Web based Interface MANUAL ACCESS TO WEB BASED INTERFACE VIA INTERNET EXPLORER For this method you need to assign an IP addressto your PC so that it belongs to the same subnet as your access point In this example we are using Windows XP for illustration For Windows 98 98SE 2000 NT ME kindly refer to Appendix Il TCP IP Configuration Step 1 Go to your desktop nght click on My Network Places icon
97. t are miles or kilometers apart while unifying the networks _ Point to Point Point to Point In the example above you may configure two access points AP to perfom transparent bridging between two buildings Product Overview POINTTO MULTIPLE POINT MODE In Point to Multiple Point mode this mode is similar to that of the Point to Point mode But the access point located at one facility isable to connect to up to 8 access points AP installed in any direction from that facility fl Point to Multiple Point on Via j Point to Multiple Point CENTRAL SITE Point to Multiple Point Point to Multiple Point Point to Multiple gt Poi y The above illustration describes how this mode operates Product Overview WIRELESS ROUTING CUENTMODE An application of this mode would be for the Ethemet port of the Wireless Routing Client to be used for connection with other devices on the network while access to the Intemet would be achieved through wireless Communication with wireless ISP Hh Wireless Router Client Wireless ISP Base Station Public IP address is transmitted wirelessly The above illustration describes how this mode operates Product Overview GATEWAY MODE Or put it more simply Broadband Intemet sharing in a wireless network Since the access point supports several types of broadband connections the first step in setting up the access point asa Broadband Intemet Gatewa
98. t can be viewed from the Link Information page State Refers to the MAC address of the BSS AP to which the access point client is connected Curent Channel The channel that is being presently used for transmission Tx Rate The rate of data transmission in Mbps Signal Stength Given in percentage showing the intensity of the signal received 47 Common Configuration SCAN FOR CHANNEL SURVEY AVAILABLE FOR ACCESS POINT MODE AND GATEWAY MODE Channel Survey providesa list of all channels that are supported by the access point This feature will show relative interference of all channels and recommend the least congested channel When the users want to scan for and find the best channel they can use Channel Survery Step 1 In the Mode Setup page click on the Channel Survey button WLAN Basic Setup he c Change Haas urent Access Point Change ESSID Wireless G AP Wireless Profile Country NO_COUNTRY_SET NA w Channel SmatSeleci Channel Survey Ny 0211 b a mice ig Tx Rate Fully Auto Closed System disable enable Apply The Channel Survey provides a list of the Freq frequency and Channel of the access point detected the APCount MyQuality your access point s interference from your access point s channel signal recieved and NeighQuality interference from the neighbounng access points channel Signals received 48 Common Configuration Channel Sur
99. tal number of access points operating at the current channel NeighQuality Refers to the interference having a RSSI value caused by the neighbounng channels Recommendation Means that you can recommend the best preferably least congested channel 50 Common Configuraton ANTENNA ALIGNMENT AVAILABLE FOR ALL MODES The Antenna Alignment feature in the access point is designed to precisely align the antenna over such a long distance so that the connectivity communication between your access point and another remote or neighbouring access point could be improved as indicated by higher signal strength Step 1 Click on WLAN Setup from the CONHGURATION menu You will see the sub menus expanded under WLAN Setup Click on Antenna Alignment The Antenna Alignment page can act as a diagnostic tool to check the communication with a remote device The remote AP MAC Address is preset to all zeros by default Antenna Alignment S j 00 00 00 0000 00 Remote AP MAC Addressioption DWR MAR KM Hote MAC adaress wil be used entered otherwise SSID wil be used Step 2 If you wish to specify the MAC address of the remote AP key in the field next to Remote AP Address option followed by executing the Start button Then the pop up status screen will show up allowing you to monitor the signal strength received from the remote access points If there is no specified AP with Antenna Alignment ts MAC address you ha
100. that can be modified in the WLAN Advanced Setup page Parameters Desc nption Beacon Interval The Beacon Interval is the amount of time between Only in Access beacon transmissions A beacon is a guidance signal Point mode sent by the access point to announce its presence to otherdevicesin the network Before a client enters the powersave mode it needs the beacon interval to know when to wake up to receive the beacon and leam whether there are buffered frames at the access point Data Beacon Rate The Data Beacon Rate DIM determines how often the DTM beacon contains a delivery traffic indication message Only in Access DIM The DIM identifies which clients in power save Point mode mode have data frames waiting for them in the access point s buffer If the beacon penod is set at 100 default value and the data beacon rate is set at 1 default value then the access point sends a beacon containing a DTM every 100 Kusecs 1 Kusec equals 1 024 usec RIS CTS Threshold The RIS CTS Threshold value determines the minimum size of a packet in bytes that would tngger the RIS CTS mechanism 53 Common Configuraton Frag Threshold The Frag Threshold value indicates the maximum size that a packetcan reach without being fragmented This value extends from 256 to 2346 bytes where a value of O indicates that all the packets should be transmitted using RTS Transmit Power The Transmit Po
101. tion shows how to perfom the following functions Basic This function performsa basic setup of the wireless modes of operation Access Point mode Access Point Client mode and other operating modes Sec unity This function performs data encryption and protection forthe access point Kindly referto Chapter 5 on WLAN Security for details Advanced This function furthers the basic configuration of the access point by setting the system s additional parameters Wireless Pseudo VLAN WDS Configuration and Long Distance Parameters Kindly referto Chapter 6 on Wireless Extended Features for details Statistics This function uses the Scan Feature to monitor and interpret the statistics data collected MAC Filtering only applicable to Access Point mode MAC Filtering acts as a secunty measure by restricting the users accessing to the network through theirMAC address Antenna Alignment It is a tool for aligning outdoor antenna between 2 access points over long distances The signal level can be checked from the web page and also from the DIAG LED indicator The DIAG LED indicates the signal strength asdescnbed below _ Signal Strength _ Status of DIAG LED Above 20dBm Stays tumed ON 36 Common Configuraton Between 19 and 17 dBm Flashes 6 times Between 17 and 14 dBm Flashes 3 times Between 13 and 10 dBm Flashes ONCE Below 10dBm Tums O FF NOTE The signal strength of below 10dBm is not recomm
102. tions section click on the DHCP Server Reservations button Advanced DHCP Server Options Show Active Dhcp Leases Dhep Server Reservations Step 2 Click on Add button DHCP Server Reservations IP Address Hardware Address Step 3 Fill in The host portion of the IP Address to reserve The Hardware Address in pairs of two hex values Press the Apply button to make yournew entry effective Common Configuration DHCP Server Reservations IP Address 192 168 168 20 Hardware Address 00 80 45 e5 0d 05 XX XX XX XX XX XX The DHCP Server Reservations page will then be refreshed to illustrate the Currently reserved IP addresses DHCP Server Reservations IP Address Hardware Address 192 168 168 20 00 80 45 e5 0d 05 DELETE DHC P SERVER RESERVATION If you do not need the DHCP server to reserve an IP address anymore you can delete the DHCP Server Reservation Step 1 Click on the reserved IP address that you wish to delete e g 192 168 168 20 DHCP Server Reservations DB Add re Hardware Address 192 168 168 20 00 80 45 e5 0d 05 Step 2 Click on the Delete button 34 Common Configuration DHCP Server Reservations IP Address 199 168 168 20 Hardware Address 00 80 45 e5 0d 05 xx XX XX KX KX K Sad ere The DHCP Server Reservations table will then be refreshed to reflect your changes 35 Common Configuraton WLAN Setup This sec
103. tton to update the table 99 Wireless Extended Features Step 7 From the WDS Configuration page notice that the MAC Address has been added to the table asshown below WDS Configuration WDS Status Enable AP No Hardware Address 01 00 80 45 e5 0d 05 Add NOTE NOE To configure WDS all your access points must use the same channel and secunty mode and both access points at opposite endsofa WDS link must have each other s wireless MAC address ADD ANOTHER CLIENTIN A PSEUDO VLAN GROUP Follow the procedures mentioned in Step 5 to Step 7 100 Wireless Extended Features Eom DELETE A CLIENTIN A WDS Step 1 Click on the MAC address in the table as shown below WDS Configuration WDS Status Enable AP No Hardware aggre O1 00 80 4S5 e5 0d 05 Step 2 From the Edit WDS Entry page Click on the Delete button to remove the client from the WDS or Click on the Save button after you have edited the entry Edit WDS Entry Hardware Address 00 80 45 e5 Od 05 xx xx XX XK XX XX 101 Wireless Extended Features LONG DISTANCE PARAMETERS This setup allows the access point to calculate and display suggested values for certain parameters to use to ensure that wireless communication takes place efficiently and effortlessly between physically distant APs The following steps demonstrate how to configure the Long Distance Parameters Step 1 From WLAN S
104. ues in the pop up window click on the Apply button to update the changes This table descnbes the parameters that can be modified in the Long Distance Parameters page Parameters Description Outdoor The Outdoor parameter is disabled by default If set to Enable the Outdoor parameters will be configured for outdoor communication over short or long distances as specified Distance This parameter determines the distance between your access point and the remote access point It should be entered in meters Slot Time Time is sotted and each unit of time is called one slot time ACK Timeout This parameter determines the timeout allowed for the sending client to receive the acknowledgment response from the receiving client If no acknowledgment packet is received within this penod the sender will assume the receiver has not received the packet and will attempt to re send CTS Timeout This Clear to Send time is the time the wireless sender will wait for a CTS packet signaling that the channel is idle and it can start data transmission If no CTS packet is received within this penod the sender will assume the channel is busy and will wait before trying to send again 104 Chapter 7 Advanced Configuration ROUTING ONLY SUPPORTED BY WIRELESS ROUTING CUIENTAND GATEWAY The access point allows the network administrator to add a static routing entry into its routing table so that the access point can re rout
105. ve keyed in the screen below will No specified AP available around show on the nght To abort or key in the MAC address of the L_Stop_ other available remote AP click on the Stop button 51 Common Configuraton NOTE NOTE l If no MAC address is entered the Antenna Alignment tool will make use of the SSID to align the antenna Please make sure that the corect SSID is entered If more than one access point AP Share the same SSID the Antenna Alignment too will show the strongest signal AP TO CONAGURE THE SECURITY SETUP OF THE WIRELESS MODE Kindly refer to Chapter 5 on WLAN Security for details on setting the different secunty modes of the access point TO CONAGURE THE ADVANCED SETUP OF THE WIRELESS MODE The following will guide you to configure the advanced setup of the wireless mode you have selected Step 1 Click on WLAN Setup from the CONHAGURATION menu to expand into the four sub menus From here click on Advanced Step 2 In the WLAN Advanced Setup page enterthe parameters Step 3 Click on the Apply button to update the changes 52 Common Configuration WLAN Advanced Setup Beacon Interval 100 20 1000 Data Beacon Rate DTIM 1 1 16384 RTS CTS Threshold 512 1 2312 Frag Threshold 2346 2346 256 2346 Transmit Power Maximum vi Extended Features Wireless Pseudo VLAN WDS Configuration Long Distance Parameters This table describes the parameters
106. vey Status Freq Channel MyQuality APCount NeighQuality Recommendation 2437 6 0 oo 2447 a 23 2452 9 9 g Recommended 130 194 oO 2462 2417 2432 2457 2412 2442 1 om Ooo fg iah 4 0 198 hy al ta 2422 n Ww e U e es a oO Oo GB 2427 Retesh Back Channel Survey on the 2 4 Ghz frequency band Please take note that the MYQuality and NeighQuality are RSSI values If the value is higher which means that you receive the stronger signal strength from several APs it indicates that the higher interference from these APS willoccuras well The value of zero indicates no interference Step 2 To connect the access point client to one of the channels detected select the radio button coresponding to the channel you want to connect to Step 3 Click on the Apply button to effect the change and retum to the setup page Step 4 Click on the Refresh button to update this screen This table descnbes the read only parameters of all channels that can be viewed from the Channel Survey page 49 Common Configuration Parameters Desc nption Freq Refers to the frequency of the channel at which your access point is operating Channel Refers to the channel of the access point being used for transmission depending on its ongin of country MyQuality Refers to the interference having a RSSI value caused by the curment channel at which your access point is operating APC ount Refers to the to
107. wer drop down list lets you pick from a range of transmission power For details on how to configure Wireless Pseudo VLAN WDS and Long Distance Para meters kindly referto Chapter 6 on Wireless Extended Features NOTE NOTE The values illustrated in the examples are suggested values for their respective parameters 54 Common Configuration SIATISIICS The following shows you the information on the wireless device that is connected to the WLAN IN ACCESS POINTMODE Step 1 Click on WLAN Setup from the CONHGURATION menu You will see the sub menus expanded under WLAN Setup Click on Statistics Wireless clients that are connected to the WLAN are shown in the WLAN Sta tion List Step 2 Click on the Refresh button to get the latest information on the availability of wireless clients in the wireless network WLAN Station List MAC Address RSSI TxRate 00 80 45 37 86 dd 1 36Mbps Refresh Step 3 To check the details on individual wireless client click on the MAC Address in the WLAN Station List The following screen will show the statistic s of the selected wireless client 55 Common Configuration 00 80 45 37 86 dd Statistics Authentication Type Encryption Open System No Authentication Deauthentication Association Disassociation Reassociation 0 0 0 0 0 MSDU Data Multicast Management Control Errors Receive 0 0 0 2122 0 0 Transmit 0 0 0 11 0 0 56 Common Configurat
108. y in a different Authentication Port but it MUST match the comesponding port of the RADIUS server 85 WLAN Security Step 3 By default the value for Accounting Portis 1813 You can leave this value as it is This value must be set to be the same asthe one in the RADIUS server Step 4 Enter the Shared Secret Key used to validate client server RADIUS communications Step 5 Select the length of each encryption key e 64 bit 10 hexadecimal or5 ASCII Text e 128 bit 26 hexadecimal or 13 ASCII Text Step 6 For WPA EAP Set the Cipher Type to TKIP WPA replaces WEP with a strong encryption technology called Temporal Key Integnty Protocol TKIP with Message Integnty Check MIC For WPA2 EAP Only in Access Point mode Set the Cipher Type to AES Advanced Encryption Standard AES is a symmetnc 128 bit block data encryption technique It is a requirement of WPA2 under the IEEE 802 111 standard For WPA EAP AUTO Only in Access Point mode Set the Cipher Type to Auto to allow the access point to automatically detect the ciphertype to use 86 WLAN Security Step 7 Enter the GTK Group Transient Key Updates This is the length of time after which the access point will automatically generate a new Shared key to secure multicast broadcast traffic among all stations that are communicating with it By default the value is 600 seconds Step 8 Press the Apply button and reboot your system after which y
109. y is to identify the type of broadband Intemet access you are subscnbed to Cable DSL Modem Gateway Static IP address Use this type of connection if you have subscribed to a fixed IP address orto a range of fixed IP addresses from your Intemet Service Provider Dynamic IP address When powered using this type of connection the access point requests for an IP address which will be automatically assigned to it by your Intemet Service Provider This type of connection applies for instance to e Singapore Cable Vision subscribers e HOME Cable Service users Product Overview PPP over Ethemet PPPoE Select this type of connection if you are using ADSL services in a country utilising standard PPP over Ethemet for authentication For instance If you are in Germany which uses T 1 connection or If you are using SingNet Broadband or Pacific Intemet Broadband in Singapore PPIP Select this type of connection if you are using ADSL services in a country utilising PPTP connection and authentication WIRELESS ADAPTER MODE Simila dy to the Access Point Client mode the access point used in this mode is able to communicate wirelessly with another access point to perform transparent bridging between two networks However here the Wireless Adapter connects a single wired workstation only No client software or drivers are required while using this mode Siaa p Cable DSL Modem or _ Router l i Wireless i
Download Pdf Manuals
Related Search