Moxa AirWorks AWK-5232 User`s Manual
Contents
1. 1 3 AWK 5232 Introduction coor state peenpin Green TP port s 1000 Mbps link is active Blinking Data is being transmitted at 1000 Mbps Off TP port s 1000 Mbps link is inactive ATTENTION When the LEDs for STATE Green FAULT WLAN1 and WLAN2 all light up simultaneously and blink at one second intervals it means the system has failed to boot This may be due to improper operation or uncontrollable issues such as an unexpected shutdown during a firmware update To recover the firmware refer to Firmware Recovery in Chapter 7 Beeper The beeper signals that the system is ready with two short beeps Reset Button The RESET button is located on the top panel of the AWK 5232 You can reboot the AWK 5232 or reset it to factory defaults by pressing the RESET button with a pointed object like a straightened paper clip e System reboot Hold the RESET button down for under 5 seconds and then release e Reset to factory default Hold the RESET button down for over 5 seconds until the STATE LED starts blinking green Release the button to reset the AWK 5232 RESET button Relay Digital Output The AWK 5232 has one relay output which consists of the 2 terminal block contacts on the top panel as shown below These relay contacts are used to forward notifications of system failure and user configured events The two wires attached to the relay contacts form an open circuit when a u2. HS Advanced Settings VLAN Settings A DHCP Server HS Packet Filters 3 MAC Filters A IP Protocol Filters 3 TCP UDP Port Filters RSTP Settings A SNMP Agent Storm Protection 3 Link Fault Pass Through a Auto Warning Settings Ey System Log System Log Event Types FEY Syslog 3 Syslog Event Types Syslog Server Settings HS E mail 2 E mail Event Types E mail Server Settings Jg Relay Relay Event Types Ey Trap 3 Trap Event Types SNMP Trap Receiver Settings E N Status al a m if IM BE mM E E E E m O PRRPRPRR S Wireless Status Associated Client List DHCP Client List System Log Relay Status DI and Power Status RSTP Status aintenance Console Settings Ping Firmware Upgrade Config Import Export Load Factory Default Password Misc Settings ave Configuration Restart Logout Getting Started A quick overview of the AWK 5232 s status Basic settings for administering the AWK 5232 Essential settings related to establishing a TT q l wireless network Advanced features to support additional network management and secure wired and wireless communication These advanced functions are all optional Application oriented device management functions to set up events traps and reactions via relay warning e mail and SNMP notification These functions are all optional Real time status information to monito
3. 5 Click Next to select additional tasks 2 Setup AWE Search Utility Select Additional Tasks Which additional tasks should be performed Select the additional tasks you would like Setup to perform while installing AWE Search Utility then click Next Additional icons Create a Quick Launch icon 6 Click Next to proceed with the installation The installer then displays a summary of the installation options 4 3 AWK 5232 Software I nstallation Configuration El Setup AWK Search Utility ala Ready to Install Setup le now ready to begin installing AWE Search Utility on your computer Click Install to continue with the installation or click Back if you want to review or change any settings Destination location C Program Flesko a MLS E Search Utility Start Menu folder AWE Search Utility Install Cancel 7 Click Install to begin the installation The setup window will report the progress of the installation To change the installation settings click Back and navigate to the previous screen 8 Click Finish to complete the installation of AWK Search Utility 2 Setup AWE Search Utility Completing the AWK Search Utility Setup Wizard Setup has finished installing AWE Search Utility on your computer The application may be launched by selecting the installed icons Click Finish to exit Setup Configuring AWK Search Utility The Broadcast Search function is
4. Bridge priority 32768 v Hello time 2 1 10 seconds Forwarding delay 15 4 30 seconds Max age 20 6 40 seconds No Enable RSTP Port Priority Port Cost Edge Port 1 LAN1 128 v 200000 2 LAN 2 128 v 200000 3 WLAN 1 Master 128 v 2000000 4 WLAN 2 Slave 128 vw 2000000 RSTP status This field will appear only when selected to operate STP RSTP It indicates whether this AWK 5232 is the Root of the Spanning Tree the root is determined automatically or not 3 28 AWK 5232 Web Console Configuration Bridge priority Numerical value You can increase the bridge priority by selecting a lower 32768 selected number A higher bridge priority brings a greater chance of by user being established as the root of the Spanning Tree topology Hello time Numerical value input The root of the Spanning Tree topology periodically sends out a 2 Seconds by user hello message to other devices on the network to check if the 1 10 seconds topology is healthy Hello time indicates how often the root sends hello messages Forwarding delay Numerical value input The amount of time this device waits before checking to see if it 15 seconds by user Should change to a different topology 4 30 seconds Max age Numerical value input As a non root role if the device has not received a hello 20 seconds by user message from the root longer than Max age it will 6 40 seconds reconfigure itself as a root Once two or more d
5. AWK 5232 Web Console Configuration Trap Event Types Trap Event Types E P z lt m Event Cold start Warm start Power 1 transition n gt Off Power 1 transition Off gt On Power 2 transition n gt Off Power 2 transition Off gt On PoE transition On gt Off PoE transition Off gt On Configuration changed Console authentication failure DI 1 transition On gt Off DI 1 transition Off gt On DI 2 transition On gt Off DI 2 transition Off gt On LAN 1 link On LAN 1 link Off LAN 2 link On LAN 2 link Off 531 5E 55 gt h 5 gt 555 SNMP Trap Receiver Settings SNMP traps are defined in SMIv1 MIBs SNMPv1 and SMIv2 MIBs SNMPv2c The two styles are basically equivalent and it is possible to convert between the two You can set the parameters for SNMP trap receivers through the web page SNMP Trap Receiver Settings 1st Trap version vi ist Trap server IP name ist Trap community 2nd Trap version 2nd Trap server IP name 2nd Trap community alert 1st 2nd Trap version SNMP trap defined in SNMPv1 V1 SNMP trap defined in SNMPv2 lst 2nd Trap server P name IP address or host Enter the IP address or name of the trap server used by your None name network 3 37 AWK 5232 Web Console Configuration lst 2nd Trap community Max 31 characters Use a community string match with a maximum of 31 alert characters for authenticatio
6. a Cattinac All information on this page are active values System info Disabling Telnet and Browser Access If you are connecting the AWK 5232 to a public network but do not intend to use its management functions over the network then we suggest disabling both Telnet Console and Web Configuration Please run Maintenance gt Console Settings to disable them as shown in the following figure Console Settings HTTP console Enable Disable HTTPS console Enable Disable Telnet console C Enable Disable SSH console e Enable Disable Submit 9 0 6 References This chapter provides more detailed information about wireless related technologies The information in this chapter can help you administer your AWK 5232s and plan your industrial wireless network better The following topics are covered in this chapter O 0 000 Beacon DTI M Fragment RTS Threshold STP and RSTP gt The STP RSTP Concept gt Differences between RSTP and STP AWK 5232 References Beacon A beacon is a packet broadcast by the AP to keep the network synchronized A beacon includes the wireless LAN service area the AP address the Broadcast destination address a time stamp Delivery Traffic Indicator Maps DTIM and the Traffic Indicator Message TIM Beacon Interval indicates the frequency interval of AP DTIM Delivery Traffic Indication Map DTIM is contained in beacon frames It is used to indicate that broadcast
7. e a 3 38 NTS FS o Sta S erra orenean c c eae en eeu C AAAA ENAA AEAEE EAEE 3 38 Associated Client List for Redundant AP AP or Master mode only c 3 38 DnGr Client Estero AROS ONIY 003 j3 a O 3 39 SVS ONT EOD oria AO 3 39 Relay Stali A AS 3 40 Brand POWE ALU Siener a ea ln eR RRRA EE ASR TERE EA R ASR AE E areca EEEE EEA 3 40 Relay Statis sakii eaa aa a a aae a a a AAA 3 40 WIGIILETTG NES uta A E AARAA ATATA AAAA 0016 14A6 001134 141063014 3 41 CONSOIS SEMINGS c tua c n t AA NAAA AA ODE DE bi 3 41 A OOOO EEE E E e tds 3 41 LAA GI s Are UDALA A 51A Phu tua 3 42 Conta MPO EXPO s14 o ado o co do o o to 12v E tea l g 04429402 10011401 9400 ie nicas 3 42 He Man nrg er reer eee rere ee 3 42 EDSSWOT 2615so c0 5654s61fne saSosoboesaeso b pana sang b n hoa h h i song iu h Annies Atk IRAn 3 2 9015 9V 3 358 AAA e eo Ne ee a aaa dae 3 43 MISC SO s2 6 5 4 O a 3 43 Save CONT UEA ION candatidtesedide teint e a tadedad a lin db ed let VSE EENEN E AE 3 43 Re A ES 3 44 LOGOUT san loss O 3 45 4 Software Installation CGnTiGUFGLIOHD ccc cczrcrccrccrcrrecrrcrrrrecrsesrrrsrrrserearsrrsssaswssEssssisi slasi sissiisiaasla WiSi 4 1 OV GRVICW t0 6skkb in Dvh 0t vices wie ieee a aaa aaa aa aaa aa s0 0sbs240s190501ips6 4030503050105 08 5a a Dos 4 2 ANE O amp s a sa a_ G aa 4 2 MSEMO AWE
8. in 802 11n mode Open For security reasons it is highly recommended that the security mode should be set to the options other than Open System When the security mode is set to Open System no authentication or data encryption will be performed WEP According to the IEEE802 11 standard WEP can be used for authentication and data encryption confidentiality Shared or Shared Key authentication type is used if WEP authentication and data encryption are both needed Normally Open or Open System authentication type is often used when WEP data encryption is run with authentication When WEP is enabled as a security mode the length of a key so called WEP seed can be specified as 64 128 bits which is actually a 40 104 bit secret key with a 24 bit initialization vector The AWK 5232 provides 4 entities of WEP key settings that can be selected to use with Key index The selected key setting specifies the key to be used as a send key for encrypting traffic from the AP side to the wireless client side All 4 WEP keys are used as receive keys to decrypt traffic from the wireless client side to the AP side The WEP key can be presented in two Key type HEX and ASCII Each ASCII character has 8 bits so a 40 bit or 64 bit WEP key contains 5 characters and a 104 bit or 128 bit key has 13 characters In hex each character uses 4 bits so a 40 bit key has 10 hex characters and a 128 bit key has 26 characters SSID Security mode Authen
9. A 3 4 NetWork SOINS insano irc tle aa E E aE a a D a a UTA 3 4 TNE SOUMO 70 Ca a ang eens C an ca 3 5 Wireless S GUEINGS O ORI 3 6 Operation Modest ai cis 3 6 WES VEAN ZA AAA A oa ade 3 9 Enabling Non Redundant Single RF AP ener cnn rn rr rr rr 3 9 WEAN 5 CUITV G CUEING S dat tae tase mea ane 3 12 Advanced Wireless S CUNAS dida iad 3 19 WLAN Certification Settings for EAP TLS in Redundant Client Client or Slave mode only 3 22 AVANCES d S ENO ar a Meet tne ae ASAS SAA een oca eee ba 3 22 USIRO VICO SULAN an 2n5 net not 0001s0ais010i001010080085009001000180008050005n0501ieni0rtpeigpdotied0a010 01100 18085000505 1805 s n sa 06 3 23 COYITIGTIT TTCT vIFtUAal LAN odiada 3 24 DHCP Server for AP Client operation mode s AP mode only cha 3 25 PACKS E FIS Si A A ana a laa le A A O 3 26 RSTP Settings for Master r Slave mode OnIV its iia 3 28 A TT n1 c6 c0 211201 22017150 00667 sa state sleseoserharie lens e0 tale ocise cna aia ia na aaa neni 0071008110 10152181401 3 30 LONE VO EC CHO Nutria oo tdt detal dad dadas 3 31 Link Fault Pass Through for Client Slave mode only HH nh kh r 3 32 AUTON AIN OS CEN St E AAA A AA E AAA LENA OA AA 3 32 Sl A ON 3 32 SY SOG cece aoa E ae cata eee eee eee ea Og a tc 3 33 IN 3 34 A ae er ee O A A ee 3 36 AO 3T ong ac i hong ah Dra Ta DET oh hi oh eo a ha h ae re NAN E ON AATE as AN ENAN EN pe 3 36
10. AWK 5232 Restart 1 Warning Click Restart to discard changes and reboot AWK 5232 US directly Click Save and Restart to apply all setting changes and reboot AWK 5232 US Restart SaveandRestart If you run the Restart function without changing any configurations or saving all your changes you will see just one Restart button on your screen Restart 11 Warning Clicking Restart will disconnect all Ethernet connections and reboot AWK 5232 US Restart You will not be able to run any of the AWK 5232 s functions while the system is rebooting 3 44 AWK 5232 Web Console Configuration Logout Logout helps users disconnect the current HTTP or HTTPS session and go to the Login page For security reasons we recommend you logout before quitting the console manager Logout Click Logout button to defalut Login page Logout 3 45 4 Software I nstallation Configuration The following topics are covered in this chapter O Overview O AWK Search Utility gt Installing AWK Search Utility gt Configuring AWK Search Utility AWK 5232 Software I nstallation Configuration Overview The Documentation amp Software CD included with your AWK 5232 is designed to make the installation and configuration procedure easy and straightforward This auto run CD includes AWK Search Utility to broadcast search for all AWK s accessible over the network the AWK 5232 User s Manual and Quick In
11. AWK 5232 can be powered by DC power input or PoE Power over Ethernet Plus The AWK 5232 will use whichever power source you choose ATTENTION Do NOT use either an EEE802 3af PoE Injector NOR a PSE Power Sourcing Equipment Use only an EEE802 3at compliant PSE for PoE Power over Ethernet Plus device Step 2 Connect the AWK 5232 to a notebook or PC Since the AWK 5232 supports MDI MDI X auto sensing you can use either a straight through cable or crossover cable to connect the AWK 5232 to a computer If the LED indicator on AWK 5232 s LAN port lights up it means the connection is established Step 3 Set up the computer s IP address Set an IP address on the same subnet as the AWK 5232 Since the AWK 5232 s default IP address is 192 168 127 253 and the subnet mask is 255 255 255 0 you should set the IP address of the computer to 192 168 127 xxx After you select Maintenance gt Load Factory Default and click the Submit button the AWK 5232 will be reset to factory default settings and the IP address will be also reset to 192 168 127 253 Step 4 Use the web based manager to configure AWK 5232 Open your computer s web browser and type http 192 168 127 253 in the address field to access the homepage of the web based Network Manager Before the homepage opens you will need to enter the user name and password as shown in the following figure For first time configuration enter the default username and password and then
12. Configuration Configuration setting changes Restart without saving configuration non volatile The system reboots and volatile memory Save memory Restart initialize with the settings flash memory _ in falsh memory Save and Restart After you click on Save Configuration in the left menu box the following screen will appear Click Save if you wish to update the configuration settings in the flash memory at this time Alternatively you may choose to run other functions and put off saving the configuration until later However the new setting changes will remain in the non volatile memory until you save the configurations Save Configuration If vou have submitted any configuration changes you must save the changes and restart the system before they take effect Click Save to save the changes in 4WK 5222 US s memory Click Restart to activate new settings In the navigation panel Restart If you submitted configuration changes you will find a blinking string in the upper right corner of the screen After making all your changes click the Restart function in the left menu box One of two different screens will appear If you made changes recently but did not save you will be given two options Clicking the Restart button here will reboot the AWK 5232 directly and all setting changes will be ignored Clicking the Save and Restart button will apply all setting changes and then reboot the
13. Daylight saving time is enabled the following parameters can be shown e The Starts at parameter allows users to enter the date that daylight saving time begins e The Stops at parameter allows users to enter the date that daylight saving time ends e The Time offset parameter indicates how many hours forward the clock should be advanced Time server 1 2 The 1st 2nd time IP or Domain address of NTP time server The 2nd time will be None server IP Name used if the 1st NTP server fails to connect Query period Query period time This parameter determines how often the time is updated from 600 seconds 1 9999 seconds the NTP server Wireless Settings The essential settings for wireless networks are presented in this function group Settings must be properly set before establishing your wireless network Operation Mode The AWK 5232 supports three operation modes that are used for different wireless network applications 3 6 AWK 5232 Web Console Configuration Wireless Redundancy In traditional architectures most vendors only provide a single RF AP and Client in which the AP connects one or more Clients to the network Since the AP and Client are connected by a single RF connection if the RF connection is disconnected the system or network behind the Client will be disconnected too Client With the new wireless redundancy technology you can set up a redundant wireless connection between a redundant clie
14. IP address Po Maximum number of users Client lease time 1 10 days Static DHCP mapping No Llartive IP address MAC address oO o oO D fF Ww M DHCP server AP only Enables AWK 5232 as a DHCP server Disable DHCP server function Default gateway Factory Default IP address of a default The IP address of the router that connects to an outside None gateway network Subnet mask Setting Description Factory Default Identifies the type of sub network e g 255 255 0 0 for a 3 25 AWK 5232 Web Console Configuration a Class B network or 255 255 255 0 for a Class C network LF Primary Secondary DNS server IP address of Primary The IP address of the DNS Server used by your network After None Secondary DNS server entering the DNS Server s IP address you can use URL as well The Secondary DNS server will be used if the Primary DNS server fails to connect Start I P address Factory Default IP address Indicates the IP address which AWK 5232 can start assigning None Maximum number of users 1 999 Specifies how many IP address can be assigned continuously None Client lease time 1 10 days The lease time for which an IP address is assigned The IP 10 days address may go expired after the lease time is reached Packet Filters The AWK 5232 includes various filters for IP based packets going through LAN and WLAN interfaces You can set these filters as
15. If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one of the following measures e Reorient or relocate the receiving antenna e Increase the separation between the equipment and receiver e Connect the equipment into an outlet on a circuit different from that to which the receiver is connected e Consult the dealer or an experienced radio TV technician for help FCC Caution To assure continued compliance example use only shielded interface cables when connecting to computer or peripheral devices Any changes or modifications not expressly approved by the party 1 2 AWK 5232 Supporting Information responsible for compliance could void the user s authority to operate this equipment This transmitter must not be co located or operated in conjunction with any other antenna or transmitter FCC Radiation Exposure Statement This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment This equipment should be installed and operated with a minimum distance of 20 cm between the radiator amp your body This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and 2 this device must accept any interference received including interference t
16. Improve network performance and reduce latency e Increase security e Secure network restricts members to resources on their own VLAN e Clients roam without compromising security VLAN Workgroups and Traffic Management The AP assigns clients to a VLAN based on a Network Name SSID The AP can support up to 9 SSIDs per radio interface with a unique VLAN configurable per SSID The AP matches packets transmitted or received to a network name with the associated VLAN Traffic received by a VLAN is only sent on the wireless interface associated with that same VLAN This eliminates unnecessary traffic on the wireless LAN conserving bandwidth and maximizing throughput In addition to enhancing wireless traffic management the VLAN capable AP supports easy assignment of wireless users to workgroups In a typical scenario each user VLAN represents a department workgroup for example one VLAN could be used for a marketing department and the other for a human resource department In this scenario the AP would assign every packet it accepted to a VLAN Each packet would then be identified as marketing or human resource depending on which wireless client received it The AP would insert VLAN headers or tags with identifiers into the packets transmitted on the wired backbone to a network switch Finally the switch would be configured to route packets VLAN 3 from the marketing department to the appropriate VLAN 2 Floor 3 1 A VLAN corporat
17. Note This option is not supported under 802 11n Advance Encryption System is enabled Provides TKIP broadcast key and TKIP AES unicast key for some legacy AP clients This option is rarely used Note This option is available in Redundant AP AP or Master mode only and cannot support AES enabled clients Primary Secondary RADIUS server IP The IP address of Specifies the delegated RADIUS server for EAP None RADIUS server Primary Secondary RADIUS port Factory Default Port number Specifies the port number of the delegated RADIUS server 1812 Primary Secondary RADIUS shared key Description Factory Default Max 31 characters The secret key shared between AP and RADIUS server None Key renewal 60 86400 seconds Specifies the time period of group key renewal 3600 seconds 1 minute to 1 year WPA WPA2 Enterprise for Redundant Client Client or Slave mode In a client role the AWK 5232 can support three EAP methods or EAP protocols EAP TLS EAP TTLS and EAP PEAP corresponding to WPA WPA Enterprise settings on the AP side WLAN 1 WLAN Security Settings SSID MOA 1 Security mode VHhAz WPA type Enterprise v Encryption method EAP protocol Encryption method TKIP Temporal Key Integrity Protocol is enabled TKIP Note This option is not supported under 802 11n AES Advance Encryption System is enabled 3 16 AWK 5232 Web Console Configuration EAP Protocol TLS Specifi
18. The AWK 5232 s two DC power inputs make the power supply more reliable and it can be powered via PoE for easier deployment Package Checklist Moxa s AWK 5232 is shipped with the following items If any of these items is missing or damaged please contact your customer service representative for assistance e 1 AWK 5232 e 4 Swivel type Antennas 2 dBi RP SMA 2 4 5 GHz e 1 Quick Installation Guide e 1 Software CD e 1 Moxa Product Warranty Booklet e 1 Cable Holder with a Screw e Protective Caps NOTE The above items come with the AWK 5232 standard version The package contents may vary in a customized version Product Features e IEEE 802 11a b g n compliant e Three in one design AP Bridge Client e Dual RF design for redundant wireless communication e Advanced wireless security gt 64 bit and 128 bit WEP WPA WPA2 gt SSID Hiding IEEE 802 1X RADIUS gt Packet access control amp filtering e STP RSTP support for redundancy of system networking e Dedicated antenna selection e Free firmware update for more advanced functions e RS 232 console management e 2DI 1DO for on site monitoring and warming e Operating temperature ranges from 40 to 75 C T model e Power input by redundant 24 VDC power inputs or EEE802 3at Power over Ethernet Plus e DIN Rail or wall mounting ability e IP30 protected high strength metal housing 1 2 AWK 5232 Introduction Product Specifications ATTENTION A The AWK 5232 is NOT
19. a firewall to help enhance network security MAC Filter The AWK 5232 s MAC filter is a policy based filter that can allow or filter out IP based packets with specified MAC addresses The AWK 5232 provides 8 entities for setting MAC addresses in your filtering policy Remember to check the Active check box for each entity to activate the setting MAC Filters Enable Disable Policy Drop No active Name MAC address Enable Disables MAC filter Policy Only the packets fitting the entities on list can be allowed Drop Any packet fitting the entities on list will be denied 3 26 AWK 5232 Web Console Configuration ATTENTION Be careful when you enable the filter function Drop no entity on list is activated all packets are allowed Accept no entity on list is activated all packets are denied IP Protocol Filter The AWK 5232 s IP protocol filter is a policy based filter that can allow or filter out IP based packets with specified IP protocol and source destination IP addresses The AWK 5232 provides 8 entities for setting P protocol and source destination IP addresses in your filtering policy Four IP protocols are available All ICMP TCP and UDP You must specify either the Source IP or the Destination IP By combining IP addresses and netmasks you can specify a single IP address or a range of IP addresses to accept or drop For example IP address 192 168 1 1 and netmask 255 255 255 2
20. and multicast frames buffered by the AP will be delivered shortly Lower settings result in more efficient networking while preventing your PC from dropping into power saving sleep mode Higher settings allow your PC to enter sleep mode thus saving power Fragment A lower setting means smaller packets which will create more packets for each transmission If you have decreased this value and experience high packet error rates you can increase it again but it will likely decrease overall network performance Only minor modifications of this value are recommended RTS Threshold RTS Threshold 256 2346 This setting determines how large a packet can be before the Access Point coordinates transmission and reception to ensure efficient communication This value should remain at its default setting of 2 346 When you encounter inconsistent data flow only minor modifications are recommended STP and RSTP The STP RSTP Concept Spanning Tree Protocol STP was designed to help reduce link failures in a network and provide protection from loops Networks that have a complicated architecture are prone to broadcast storms caused by unintended loops in the network The STP protocol is part of the IEEE802 1D standard 1998 Edition bridge specification Rapid Spanning Tree Protocol RSTP implements the Spanning Tree Algorithm and Protocol defined by EEE802 1w 2001 standard RSTP provides the following benefits e The topology of a bridged n
21. established Please refer to the following section for more details Communications Testing After installation you can run a sample test to make sure the AWK 5232 and wireless connection are functioning normally Two testing methods are explained in the following sections Use the first method if you are using only one AWK 5232 device and use the second method if you are using two or more AWK 5232s Testing Method for one AWK 5232 If you are only using one AWK 5232 you will need a second notebook computer equipped with a WLAN card Configure the WLAN card to connect to the AWK 5232 NOTE the default SSID is MOXA_ 1 and change the IP address of the second notebook B so that it is on the same subnet as the first notebook A which is connected to the AWK 5232 After configuring the WLAN card establish a wireless connection with the AWK 5232 and open a DOS window on Notebook B At the prompt type ping lt IP address of notebook A gt and then press Enter see the figure below A Reply from IP address response means the communication was successful A Request timed out response means the communication failed In this case recheck the configuration to make sure the connections are correct 2 3 AWK 5232 Getting Started SSID MOXA 1 IP 192 166 127 253 Notebook B Notebook A IP 192 165B 127 1 IP 182 168 127 2 Testing Method for two or more AWK 5232s If you have two or more AWK 5232s you will ne
22. for Data Bits None for Parity and 1 for Stop Bits AWK 5232 Property Communication Parameter Terminal File Transfer Capturing COM Options Forts Baud Rate Data Bits Parity Stop Bits Flaw Control ATSACTS SON4OFF 4 Click on the Terminal tab and select VT100 or ANSI for Terminal Type Click on OK to continue 5 The Console login screen will appear Log into the RS 232 console with the login name default admin COMI Output State CTA ON OFF RTS ON C OFF Other Console Configurations Property Communication Parameter Terminal File Transfer Capturing Terminal Type vT10n ARSI DunbTemnagcio Da umb Terminal Option nh Terminal Transmit Send Enter Rey As Receive CR Translation LF Translation and password default root if no new password is set En FComm RA AAA AL a A alaale 5 28 E COM8 115200 None 8 1 T100 WE 5232 15 OTR att t sz3z 0001 login RTS 6 The AWK 5232 s device information and Main Menu will be displayed Please follow the description on me Ready screen and select the administration option you wish to perform En PComm Terminal Emulator COM8 115200 None 8 1 Y 1100 Profile Edit Port Manager Window Help a GA elel size BY COM8 115200 None 1 1100 LAN Hac Address Serial Ma Firmware Version ANE 5232 05 O00 90 E8 00 03 3E 2 L 2 1 0 Build 1105
23. in TTLS and PEAP you can use an anonymous user name for the outer authentication while the true user name is shown only through the encrypted channel Remember not all client software supports anonymous altercation Confirm this with the network administrator before you enable identity hiding in TTLS and PEAP WLAN 1 WLAN Security Settings SSID Moana 1 Security mode VhAmz WPA type Enterprise 4 Encryption method TKIP EAP protocol TTL5 MS CHAF Ww2 PAP CHAP MS CHAP User name mS CHAP TTLS inner authentication Anonymous name TTL Inner Authentication Password Authentication Protocol is used MS CHAP V2 CHAP Challenge Handshake Authentication Protocol is used MS CHAP Microsoft CHAP is used MS CHAP V2 Microsoft CHAP version 2 is used Anonymous Factory Default Max 31 characters A distinct name used for outer authentication None User name amp Password Factory Default User name and password used in inner authentication None PEAP There are a few differences in the inner authentication procedures for TTLS and PEAP TTLS uses the encrypted channel to exchange attribute value pairs AVPs while PEAP uses the encrypted channel to start a second EAP exchange inside of the tunnel The AWK 5232 provides MS CHAP V2 merely as an EAP method for inner authentication 3 18 AWK 5232 WLAN 1 WLAN Security Settings SSID Security mode WPA type Encryption method EAP protocol Inner EAP p
24. in the following table You can check the box for Enable log to enable the grouped events All default values are enabled checked Details for each event group can be found on the System log Event Types table on page 3 31 3 33 AWK 5232 Web Console Configuration Syslog Event Types Event group Enable log System related events e MNetwork related events Iw Config related events e Power events Iw DI events Iw Syslog Server Settings You can configure the parameters for your Syslog servers in this page Syslog Server Settings Syslog server 1 su Syslog port 514 Syslog server 2 FO Syslog port 514 Syslog server 3 FO Syslog port 514 Syslog server 1 2 3 IP address Enter the IP address of the 1st 2nd 3rd Syslog Server Syslog port Port destination Enter the UDP port of the corresponding Syslog server 514 1 to 65535 E mail E mail Event Types Check the box for Active to enable the event items All default values are deactivated unchecked Details for each event item can be found on the System log Event Types table on page 3 39 3 34 AWK 5232 Web Console Configuration E mail Event Types Event _ Active Cold start L Warm start L Power 1 transition On gt 0ff L Power 1 transition Off gt On L Power 2 transition On gt 0ff L Power 2 transition Off gt On L PoE transition On gt Off L PoE transition Off gt On L Configuration changed L Console auth
25. key are the minimum requirements for authentication and encryption The following parameters can be configured on the SNMP Agent page A more detailed explanation of each parameter is given below the following figure SMP Agent Enable Disable Read community public 7o Write commnuity private s lt CisS SNMP agent version Iwi vec Admin auth type No Auth Admin privacy key Disable 7 Privacy key Private MIB information Device object ID enterprise 8691 15 1 Enable 3 30 AWK 5232 Web Console Configuration Enables SNMP Agent Disable Disables SNMP Agent Read community for V1 V2c V3 or V1 V2c Read Community Use a community string match with a maximum of 31 characters for authentication This means that the SNMP agent can access all objects with read only permissions using this community string Write community for V1 V2c V3 or V1 V2c Read Write Use a community string match with a maximum of 31 private Community characters for authentication This means that the SNMP agent can accesses all objects with read write permissions using this community string SNMP agent version V1 V2c V3 or Select the SNMP protocol version used to manage the switch V1 V2c V1 V2c or V3 only Admin auth type for V1 V2c V3 and V3 only Setting MD5 Provide authentication based on the HMAC MD5 algorithms 8 character passwords are the minimum requirement for authenticatio
26. seconds Current local time shows the AWK 5232 s system time when you open this web page You can click on the Set Time button to activate the update after setting up the date and time parameters An Updated string will appear to indicate that the change is complete Local time settings will be immediately activated in the system without running Save and Restart 3 5 AWK 5232 Web Console Configuration NOTE The AWK 5232 has a real time clock RTC Users are strongly recommended to update the Local time for the AWK 5232 after initial setup or long term shutdown especially when the network does not have an Internet connection for accessing the NTP server or there is no NTP server on the LAN Current local time User adjustable time The date and time parameters allow configuration of the local None time with immediate activation yyyy mm dd hh mm ss format 24 hour format Time zone User selectable time The time zone setting allows conversion from GMT Greenwich GMT Greenwich zone Mean Time to local time Mean Time ATTENTION Changing the time zone will automatically adjust the Current local time You should configure the Time zone before setting the Current local time Daylight saving time Enable Disable Daylight saving time also know as DST or summer time Disable involves advancing clocks usually 1 hour during the summer time to provide an extra hour of daylight in the afternoon When
27. the firmware image file and click Firmware Upgrade and Restart to start the firmware upgrade After the progress bar reaches 100 the AWK 5232 will reboot itself When upgrading your firmware the AWK 5232 s other functions are forbidden Firmware Upgrade Select update image Browse Firmware Upgrade and Restart ATTENTION Please make sure the power source is stable when you upgrade your firmware An unexpected power breakup may damage your AWK 5232 Config mport Export You can back up or restore the AWK 5232 s configuration with Config Import Export In the Config I mport section click Browse to specify the configuration file and click Config Import button to begin importing the configuration Config Import Select configuration file Browse Contig Import In the Config Export section click the Config Export button and save the configuration file onto your local storage media The configuration file is a text file and you can view and edit it with a general text editing tool Config Export Config Export Load Factory Default Use this function to reset the AWK 5232 and roll all settings back to the factory default values You can also reset the hardware by pressing the reset button on the top panel of the AWK 5232 3 42 AWK 5232 Web Console Configuration Load Factory Default Reset to Factory Default Click Activate to reset all settings including the console password to the factory default
28. values The system will be restarted immediately Activ ate Password You can change the administration password for each of the AWK 5232 s console managers by using the Password function Before you set up a new password you must input the current password and reenter the new password for confirmation For your security do not use the default password root and remember to change the administration password regularly Password Current password asse New password ERT Confirm password asseesa Misc Settings Additional settings to help you manage your AWK 5232 are available on this page Misc Settings Reset button e Always enable Disable after 60 sec Reset button Always enable The AWK 5232 s Reset button works normally Always enable Disable after 60 sec The AWK 5232 s Reset button will become invalid 60 seconds after the AWK 5232 completes booting Save Configuration The following figure shows how the AWK 5232 stores the setting changes into volatile and non volatile memory All data stored in volatile memory will disappear when the AWK 5232 is shutdown or rebooted unless they are y Because the AWK 5232 starts up and initializes with the settings stored in flash memory all new changes must be saved to flash memory before restarting the AWK 5232 This also means the new changes will not work unless you run either the Save Configuration function or the Restart function 3 43 AWK 5232 Web Console
29. when long distance transmission is required A high gain antenna installed at a fixed antenna connector can also improve performance EAPOL Version setting Description Factory Dea 1 EAPOL version 1 was standardized in the 2001 version of 1 E AAA WMM Enable Disable WMM is a QoS standard for WLAN traffic Voice and video data Enable will be given priority bandwidth when enabled with WMM supported wireless clients Note WMM will always be enabled under 802 11n mode Full 11a channel support Enable Disable Enabling this option allows users to select 5GHz channels from Disable both licensed and unlicensed bands 3 21 AWK 5232 Web Console Configuration WLAN Certification Settings for EAP TLS in Redundant Client Client or Slave mode only When EAP TLS is used a WLAN Certificate will be required at the client end to support WPA WPA2 Enterprise The AWK 5232 can support the PKCS 12 also known as Personal Information Exchange Syntax Standard certificate formats that define file formats commonly used to store private keys with accompanying public key certificates protected with a password based symmetric key WLAN Certificate Settings Import for EAP TLS in Client mode only Current status Certificate issued to Certificate issued by Certificate expiration date Current Status displays information for the current WLAN certificate which has been imported into the AWK 5232 Nothing will be shown if no certi
30. 009 06 18 19h 11m 01s LAN 1 link off 212 2009 06 198 19h 11m 08s LAN 2 link on 213 2009 06 18 19h 11m 39s RSTP topology changed Export Log Relay Status The status of user configurable events can be found under Relay Status The status will refresh every 5 seconds if the Auto refresh box is checked If an event is triggered it will be noted on this list System administrators can click Acknowledge Event when he has acknowledged the event and addressed it Relay Status Auto refresh Relay Status Power 1 transition On gt Off Acknowledge Event Power 2 transition n gt D ff Acknowledge Event PoE transition n gt Off Acknowledge Event DI 1 transition On gt Off Acknowledge Event DI 1 transition Off gt On Acknowledge Event DI 2 transition On gt Off 4cknowledge Event DI 2 transition Off gt On Acknowledge Event LAN 1 link On Acknowledge Event LAN 1 link Off Acknowledge Event LAN 2 link On Acknowledge Event LAN 2 link Off Acknowledge Event DI and Power Status The status of power inputs and digital inputs is shown on this web page The status will refresh every 5 seconds if the Auto refresh box is checked 3 40 AWK 5232 Web Console Configuration Din and Power status M Auto refresh Input status On Off Power 1 status Qin Power 2 status Sit PoE status OF DI 1 status O DI 2 status Off Maintenance Maintenance functions provide the adminis
31. 0903 il System Info Settings 2 Network Settings 3 Time Settings 4 Maintenance Si Restart tq Quit ey in your selection State OPEN NOTE mm A CTS DER El m Ready desired formatting options To modify the appearance of the PComm Terminal Emulator window select Edit gt Font and then choose the AWK 5232 Other Console Configurations ATTENTION If you unplug the RS 232 cable or trigger DTR a disconnection event will be evoked to enforce logout for network security You will need to log in again to resume operation Configuration by Telnet and SSH Consoles You may use Telnet or SSH client to access the AWK 5232 and manage the console over a network To access the AWK 5232 s functions over the network from a PC host that is connected to the same LAN as the AWK 5232 you need to make sure that the PC host and the AWK 5232 are on the same logical subnet To do this check your PC host s IP address and subnet mask njio ho NOTE The AWK 5232 s default IP address is 192 168 127 253 and the default subnet mask is 255 255 255 0 for a Class C network If you do not set these values properly please check the network settings of your PC host and then change the IP address to 192 168 127 xxx and subnet mask to 255 255 255 0 Follow the steps below to access the console utility via Telnet or SSH client 1 From Windows Desktop run Start gt Run and then use Telnet to access the AWK 5232 s IP address fro
32. 55 refers to the sole IP address 192 168 1 1 IP address 192 168 1 1 and netmask 255 255 255 0 refers to the range of IP addresses from 192 168 1 1 to 192 168 255 Remember to check the Active check box for each entity to activate the setting IP Protocol Filters Enable Disable Policy Drop No I Active Protocol Source IP Source netmask Destination IP Destination netmask Enable Enables IP protocol filter Disable Disables IP protocol filter Policy Only the packets fitting the entities on the list can be allowed Drop Any packet fitting the entities on the list will be denied ATTENTION Be careful when you enable the filter function Drop no entity on list is activated all packets are allowed Accept no entity on list is activated all packets are denied TCP UDP Port Filter The AWK 5232 s TCP UDP port filter is a policy based filter that can allow or filter out TCP UDP based packets with a specified source or destination port The AWK 5232 provides 8 entities for setting the range of source destination ports of a specific protocol In addition to selecting TCP or UDP protocol you can set either the source port destination port or both The end port can be left empty if only a single port is specified Of course the end port cannot be larger then the start port 3 2 AWK 5232 Web Console Configuration The Application name is a text string that describes the corre
33. 5S232 192 162 1 2Z Netmask of AWRK 5232 255 255 252 0 Gateway of AWR S232 192 168 40 142 IP address of TFTP server 255 255 252 0 l Start to firmware upgrade using the above network setting immediately z Change the network settings Enter your selection l Z enter for abort 1 Select 0 in the sub menu to load the firmware image via LAN and then enter the file name of the firmware to start the firmware recovery 7 4 AWK 5232 Supporting Information Load method select 0 Load from LAN l Load from serial with modem q Abort Please select item Please input file name Default file name AWK 5232 ronm User Input file name AWE 5232 1 0 ron Technical Support Contact I nformation Customer satisfaction is our number one concern and to ensure that customers receive the full benefit of our products Moxa Internet Services has been set up to provide technical support driver updates product information certification status installation guide and user s manual updates The following services are provided e E mail for technical support Support moxa com Worldwide Support usa moxa com The Americas e World Wide Web WWW Site for product information http www moxa com 7 5
34. A and WPA2 for better compatibility Personal versions of WPA WPA2 also know as WPA WPA PSK Pre Shared Key provides a simple way of encrypting a wireless connection for high confidentiality A Passphrase is used as a basis for encryption methods or cipher types ina WLAN connection The passphrases should be complex and as long as possible The number of ASCII characters of the Passphrase must be at least 8 and can go up to 63 For security reason this passphrase should be disclosed to the relevant users only and changed regularly SSID Moxa 1 Security mode WPA type Encryption method Passphrase Key renewal 60 86400 seconds 3 14 AWK 5232 Web Console Configuration WPA Type Provides Pre Shared Key enabled WPA and WPA2 Provides enterprise level security for WPA and WPA2 Encryption method Temporal Key Integrity Protocol is enabled TKIP Note This option is not supported under 802 11n Advance Encryption System is enabled Provides TKIP broadcast key and TKIP AES unicast key for some legacy AP clients This option is rarely used Note This option is available in Redundant AP AP or Master mode only and cannot support AES enabled clients Passphrase 8 63 characters Master key to generate keys for encryption and decryption Key renewal for Redundant AP AP or Master mode only 60 86400 seconds Specifies the time period of group key renewal 3600 seconds 1 minute to 1 year NOTE The value f
35. AP TTLS It is usually much easier to re use existing authentication systems such as a Windows domain or Active Directory LDAP directory or Kerberos realm rather than creating a parallel authentication system As a result TTLS Tunneled TLS and PEAP Protected EAP are used to support the use of so called legacy authentication methods TTLS and PEAP work in a similar way First they establish a TLS tunnel like EAP TLS and validate whether the network is trustworthy with digital certificates on the authentication server This step is run to establish a tunnel that protects the next step or inner authentication so it is sometimes referred to as the outer authentication Then the TLS tunnel is used to encrypt an older authentication protocol that authenticates the user for the network As you can see digital certificates are still needed for the outer authentication in a simplified form Only a small number of certificates are required which can be generated by a small certificate authority Certificate reduction makes TTLS and PEAP much more popular than EAP TLS AWK 5232 Web Console Configuration The AWK 5232 provides some non cryptographic EAP methods including PAP CHAP MS CHAP and MS CHAP V2 These EAP methods are not recommended for direct use on wireless networks However they may be useful as inner authentication methods with TTLS or PEAP Because the inner and outer authentications can use distinct user names
36. Determines how large a packet can be before the Access Point 2346 256 to 2346 coordinates transmission and reception to ensure efficient communication NOTE You can refer to the related glossaries in Chapter 5 for detailed information about the above mentioned settings By setting these parameters properly you can better tune the performance of your wireless network Noise protection Enable Disable Adjusts the interference coping capability of the wireless signal This option should be enabled for communication distance under 500 meters and should be disabled for communication distances over 500 meters Transmission enhancement Enable Disable This setting can enhance communication by strengthening the Disable AWK 5232 s transmission power It is quite useful for long distance transmission or countering environmental interference The user must carefully evaluate and measure the transmission power of the entire system to ensure it stays below the regulative limit In addition that RF type 802 11a mode cannot be used if this function is enabled NOTE Make sure the same Transmission distance parameters are set in both AP and Client When this parameter is greater than 500 an optimal algorithm will be enabled to support long distance transmission Note that Transmission enhancement only supports 802 11b g n mode 802 11a mode is not supported Transmission enhancement is also recommended to enable communication at both ends
37. Ee GS S Address e https 7192 168 127 253 home asp 2 Warning messages will pop out to warn users that the security certificate was issued by a company they have not chosen to trust Security Alert Ed Information you exchange with this site cannot be viewed or changed by others However there 13 a problem with the site s security certificate D The security certificate was issued by a company you have not chosen to trust View the certificate to determine whether you want to bust the certifying authority The security certificate date is valid The security certificate has a valid name matching the name of the page you are trying to view Do pou want to proceed Yes View Certificate 3 Select Yes to accept the certificate issued by Moxa IW and then enter the AWK 5232 s web browser interface secured via HTTPS SSL You can see the protocol in URL is https Then you can use the menu tree on the left side of the window to open the function pages to access each of AWK 5232 s functions MOXA AWK 3121 JP 192 168 127 253 Microsoft Internet Explorer m x File Edit View Favorites Tools Help ae Ey D i R mL Back gt x 2 A Search S Favorites E2 DI ES 3 Address a https 192 168 127 253 home asp Eso Links Total Solution for Industrial Wireless Networking SJ Main Menu a Overview C1 Overview HE Basic Settings Wireless Settings a du nm n
38. Moxa AirWorks AWK 5232 User s Manual First Edition October 2011 www moxa com product O 2011 Moxa Inc All rights reserved Moxa AirWorks AWK 5232 User s Manual The software described in this manual is furnished under a license agreement and may be used only in accordance with the terms of that agreement Copyright Notice Trademarks 2011 Moxa Inc All rights reserved The MOXA logo is a registered trademark of Moxa Inc All other trademarks or registered marks in this manual belong to their respective manufacturers Disclaimer Information in this document is subject to change without notice and does not represent a commitment on the part of Moxa Moxa provides this document as is without warranty of any kind either expressed or implied including but not limited to its particular purpose Moxa reserves the right to make improvements and or changes to this manual or to the products and or the programs described in this manual at any time Information provided in this manual is intended to be accurate and reliable However Moxa assumes no responsibility for its use or for any infringements on the rights of third parties that may result from its use This product might include unintentional technical or typographical errors Changes are periodically made to the information herein to correct such errors and these changes are incorporated into new editions of the publication Technical Support Contact I nf
39. S SS CMT ea ao 4 2 Conigurng AWK Search NIU IU ces 4 4 Di Other COHSOIE CGHHDUfGEIOHS ii i1142621122122 2222i1212x2xistx xesiaS1xSs6xss5sssxSaxsSsxxsasiswdSsi30s3 43808 89889305088s82983 0x9xx484 5 1 RS 232 Console Configuration 115200 None 8 1 VT10 HT nh nha 5 2 Configuration by Telnet and SSH CO SO CS uc do ko chon to cio 5 4 Configuration by Web Browser with HTTPS S9 ixs 54500 666615600140180410944091241608 124350010080006 8 6444204cedsdei999 4 20A 0i 5 4 Disabling Telnet and Browser ACOSO A A NES a0 5 5 gt ROTOS A ias 6 1 RR CANAS 6 2 A A aU 3401 6 2 O 6 2 A A A ee PE uen eue vew Da we IN ne ene er Ge ene 6 2 O AA eee eee eee ee eee ee eee Tec er eee here rn Ca een ere eee ern Cec nt 6 2 TASS EARSTE SE ONCE D nr ceca recedes A EEEE EEEE Cate ase ust e task AAAA 6 2 Differences between AS TP and ST ticctcenecuctsentcuetcuatsnetaun tien teucksued Ceweeuctseasway DO 6 3 Ta SUPPOFING THIOFIHNGEIONziriiiriiiairiziiiiiiiiiiiiiiiiiiiiiiiaiiiiiiiariiiiiiiiaasssrraaseaszEEESAEEEITSSSSEESIIESISEEEEEEISSSESEIS86E862 7 1 PRO CHG TAS USES MAA tl 7 2 Doe DECIA ONO C ONORI Laan xxx fnfsesisladsoxaosdsdstnlsdsdsinbsddsxdsdsd edad edad eda dadadedada a a b b4 a E BA e AEEA 7 2 Federal Communication Commission Interference Statemenf nen 7 2 RSTTE Compliance Statene arraian are eal iden oran 7 3 FIr Ware RGCOIVGE V610 66v dtsuu chi u CAINEA A MA AS NEENAKE M E Shin duiukdtij
40. TP RSTP protocol to increase the reliability across the entire network In addition SNMP support can ease the network management via SNMP protocols 3 22 AWK 5232 Web Console Configuration Using Virtual LAN Setting up Virtual LANs VLANs on your AWK series increases the efficiency of your network by dividing the LAN into logical segments as opposed to physical segments In general VLANs are easier to manage The Virtual LAN VLAN Concept What is a VLAN A virtual LAN commonly known as a VLAN is a group of hosts with a common set of requirements that communicate as if they were attached to the same broadcast domain regardless of their physical location A VLAN has the same attributes as a physical LAN but it allows for end stations to be grouped together even if they are not located on the same network switch Network reconfiguration can be done through software instead of physically relocating devices VLANs now extend as far as the reach of the access point signal Clients can be segmented into wireless sub networks via SSID and VLAN assignment A Client can access the network by connecting to an AP configured to support its assigned SSID VLAN Benefits of VLANs VLANs are used to conveniently efficiently and easily manage your network in the following ways e Manage adds moves and changes from a single point of contact e Define and monitor groups e Reduce broadcast and multicast traffic to unnecessary destinations e
41. These relay contacts are used to indicate user configured events and system failure The two wires attached to the relay contacts form an open circuit when a user configured event is triggered If a user configured event does not occur the relay circuit will remain closed For safety reasons the relay circuit is kept open when the AWK 5232 is not powered Relay Event Types Trap You can check the box for Active to enable the event items All default values are deactivated unchecked Details for each event item can be found in the System log Event Types table on page 3 31 Relay Event Types Event Active Power 1 transition On gt 0ff F Power 2 transition On gt 0ff L PoE transition On gt Off F DI 1 transition On gt Off L DI 1 transition Off gt On F DI 2 transition On gt Off L DI 2 transition Off gt On L LAN 1 link On F LAN 1 link Off F LAN link On L L LAN 2 link Off Traps can be used to signal abnormal conditions notifications to a management station This trap driven notification can make your network more efficient Because a management station usually takes care of a large number of devices that have a large number of objects it will be overloading for the management station to poll or send requests to query every object on every device It would be better if the managed device agent could notify the management station by sending a message known as a trap for the event
42. V3 SNMP V1 and SNMP V2c use a community string match for authentication which means that SNMP servers access all objects with read only or read write permissions using the community string public private default value SNMP V3 which requires you to select an authentication level of MD5 or SHA is the most secure protocol You can also enable data encryption to enhance data security The AWK 5232 s MIB can be found in the software CD and supports reading the attributes via SNMP Only get method is supported SNMP security modes and security levels supported by the AWK 5232 are shown in the following table Select the security mode and level that will be used to communicate between the SNMP agent and manager Protocol Setting on UI Authentication Data Version web page Type Encryption SNMP V1 V2c Read Community string Use a community string match for V1 V2c Community authentication V1 V2c Community string Write Read Use a community string match for authentication Community SNMP V3 No Auth Use account with admin or user to access objects Provides authentication based on HMAC MD5 or HMAC SHA algorithms 8 character passwords are the minimum requirement for MD5 or SHA Authentication based on MD5 or SHA authentication MD5 or SHA Authentication Data encryption Provides authentication based on based on MD5 or HMAC MD5 or HMAC SHA algorithms SHA and data encryption key 8 character passwords and a data encryption
43. a portable mobile device and should be located at least 20cm away from the human body The AWK 5232 is NOT designed for the general public To safely deploy the AWK 5232s within a wireless network a well trained technician is required for installation Functional Design LED Indicators The LEDs on the front panel of the AWK 5232 allow you to quickly identity device status and wireless settings o coir stete Description Front Panel LED Indicators System Green HH He jor Powers not ping supplies from power mp2 SS ee O O O Blinking Cannot get an IP address from the DHCP server interval 1 sec Off There is no error condition STATE Green Red Software Ready Blinking Green The AWK has been located by AWK Search Utility interval 1 sec Red Booting or Error condition Green Amber WLAN 1 functions in Client mode Blinking Green WLAN1 s data communication is running in Client mode WLANI functions in AP Bridge mode Blinking Amber WLAN1 s data communication is running in AP Bridge mode WLANI is not in use Green Amber WLAN2 function is in Client mode Blinking Green WLAN2 s data communication is running in Client mode WLAN2 function is in AP Bridge mode Blinking Amber WLAN2 s data communication is running in P AP Bridge mode TP Port LAN1 LAN2 LED Indicators Port I nterface Amber On TPportsi0 100Mbpslinkisacive for FP port s 10 100 Mbps link is inactive
44. click on the Login button MOXN Moxa AWK 5232 EU Username admin Password Login goahead WEBSERVER AWK 5232 Getting Started NOTE NOTE Default user name and password Username admin Password root For security reasons we strongly recommend changing the default password To do so select Maintenance gt Password and then follow the on screen instructions to change the password After you click Submit to apply changes you can see that the web page is refreshed and the string Update and a blinking reminder will be shown on the upper right corner of web page as follow re Plinlo Das NI ie os x s Ne UCR MHOStart LO activate Mew SOtungs Total Solution for Industrial Wireless Networking 3 Main Menu Ga Overview System Info Settings Updated To make the changes effective click Restart and then Save and Restart after you change the settings About 30 seconds are needed for the AWK 5232 to complete its restart process Step 5 Select the operation mode for the AWK 5232 By default the AWK 5232 s operation mode is set to Wireless redundancy You can change the setting in Wireless Settings gt Operation mode if you would like to use the Wireless bridge or AP Client mode instead Detailed information about configuring the AWK 5232 s operation can be found in Chapter 3 Step 6 Test communications We will describe 2 test methods to make sure the network connection has been
45. connect to AP If wireless is disconnected AWK restarts auto negotiation on Ethernet port but always stays in the link failure state Once the wireless connection is recovered AWK will try to recover the Ethernet link System log will indicate the link fault pass through events in addition to the original link up down events Link Fault Pass Through for Client Slave mode only Link Fault Pass Through Enable Disable Link Fault Pass Through Enables Link Fault Pass Through Disable Disables Link Fault Pass Through Auto Warning Settings Since industrial grade devices are often located at the endpoints of a system these devices will not always know what is happening elsewhere on the network This means that these devices including wireless APs or clients must provide system maintainers with real time alarm messages Even when system administrators are out of the control room for an extended period they can still be informed of the status of devices almost instantaneously when exceptions occur In addition to logging these events the AWK 5232 supports different approaches to warn engineers automatically such as SNMP trap e mail and relay output It also supports two digital inputs to integrate sensors into your system to automate alarms by email and relay output System Log System Log Event Types Detail information for grouped events is shown in the following table You can check the box for Enable log to enable the gro
46. d Only supports the IEEE 802 11g standard B G Mixed Supports IEEE 802 11b g standards but 802 11g may operate at a slower speed if when 802 11b clients are on the network 3 10 AWK 5232 Web Console Configuration G N Mixed Supports EEE 802 11g n standards but 802 11n may operate at a slower speed if 802 11g clients are on the network B G N Mixed Supports IEEE 802 11b g n standards but 802 11g n may operate at a slower speed if 802 11b clients are on the network 568z N Only 2 4GHz Only supports the 2 4 GHz IEEE 802 11n standard FI Only supports the IEEE 802 11a standard A A N Mixed Supports IEEE 802 11a n standards but 802 11n may operate at a slower speed if 802 11a clients are on the network N Only 5GHz Only supports the 5 GHz IEEE 802 11n standard Channel for AP mode only Available channels vary The AWK 5232 plays the role of wireless AP 6 in B G N Mixed with RF type Moge Channel Width for any 11N RF type only Setting Description Faactory Default 20 MHz Select your channel width If you are not sure which option to 20 MHz 20 40 MHz use select 20 40MHz Auto Channel bonding If 20 40 MHz is set the channel bonding 40 MHz will be automatically enabled if the connection target supports this feature SSID Max of 31 characters he SSID of a client and the SSID of the AP must be identical for MOXA_ RF number the client and AP to be able to communicate with each other SSID b
47. d has not been set and then click Login to continue MOXN Moxa AWK 5232 EU Username admin Password goahead WEBSERVER You may need to wait a few moments for the web page download onto your computer Please note that the Model name and IP address of your AWK 5232 are both shown on the title of the web page This information can help you identify multiple AWK 5232s You can use the menu tree on the left side of the window to open the function pages to access each of AWK 5232 s functions AWK 5232 Web Console Configuration EJ Main Menu HO Overview Basic Settings Wireless Settings E Advanced Settings E Auto Warning Settings 3 Status ae Maintenance Save Configuration fo Restart 239 Logout Overview All information on this page are active values System Info Model name Device name Serial No System up time Firmware version Device Info Device MAC address IP address Subnet mask Gateway 802 11 Info Country code Operation mode l AWK 5232 EU AWK 5232_ 0000 O O days 00h 02m 14s 1 0 Build 11061403 00 90 E8 00 02 F1 192 168 127 253 255 255 295 0 EU Wireless redundancy Redundant Wirel AP WLAN 1 AP V ao In the following paragraphs we will go through each of the AWK 5232 s management functions in detail You can also get a quick overview of these functions in the Function Guiding Map section of Chapter 2 NOTE The model name of t
48. e DHCP Client List shows all the clients that require and have successfully received IP assignments You can click the Refresh button to refresh the list DHCP Client List MAC IP 1 O0 13 ce el ee ef 192 168 127 2 Select all Refresh You can press Select all button to select all content in the list for further editing Select All Print Select all Refresh System Log Triggered events are recorded in System Log You can export the log contents to an available viewer by clicking Export Log You can use the Clear Log button to clear the log contents and the Refresh button to refresh the log 3 39 AWK 5232 Web Console Configuration System log 196 2009 06 18 16h 31m 52s Power 1 transition Off gt On Al 187 2009 06 18 16h 32m 16s LAN 1 link on 1198 2009 06 18 16h 32m 17s LAN 2 link on 1199 2009 06 18 16h 32m 33s RSTP topology changed 200 2009 06 19 16h 32m 335 LAN 1 link off 201 2009 06 18 16h 32m 345 LAN 2 link off 202 2009 06 18 16h 32m 43s LAN 1 link on 203 2009 06 18 16h 32m 45s LAN 2 link on 204 2009 06 18 16h 33m 135 RSTP topology changed 205 2009 06 19 16h 33m 53s RSTP topology changed 206 2009 06 18 16h 34m 31s RSTP topology changed 207 2009 06 18 16h 35m 09s RSTP topology changed 208 2009 06 18 19h 10m 17s System cold start l 209 2009 06 18 19h 10m 17s Power 1 transition Off gt Cin 210 2009 06 18 19h 10m 53s LAN 1 link on 211 2
49. e resources such as printers and servers gsi0 3 PIE 2 Packets from the human resource department could be Y j floor ssl 2 restricted to a gateway that allowed access to only the a wK Internet A member of the human resource department a g poor could send and receive e mail and access the Internet Je ma A ii but would be prevented from accessing servers or hosts g on the local corporate network 3 23 AWK 5232 Web Console Configuration Configuring Virtual LAN VLAN Settings To configure the AWK s VLAN use the VLAN Setting page to configure the ports YLAN Settings for 4P Master Slave mode only Management YLAN ID Port PVID YLA Tagged Please use comma to separate multiple VLAN tags AAA Management VLAN ID VLAN ID Set the management VLAN of this AWK ranges from 1 to 4094 Trunk Port LAN o This port is the LAN port on the AWK Yes sd This is a wireless port for the specific SSID This field will refer to the SSID that you have created If more SSIDs have been created new rows will be added Port PVID VLAN ID ranging from 1 Set the port s VLAN ID for devices that connect to the port The 1 to 4094 port can be a LAN port or WLAN ports VLAN Tagged A comma seperated list Specify which VLANs can communicate with this specific VLAN of VLAN IDs Each of the VLAN IDs range from 1 to 4094 3 24 AWK 5232 Web Console Configuration NOTE The VLAN feature can al
50. ed a second notebook computer B equipped with an Ethernet port Use the default settings for the first AWK 5232 connected to notebook A and change the second or third AWK 5232 connected to notebook B to Client mode Then configure the notebooks and AWK 5232s properly Client AP a Bn _ JP 1 92 68 1 27 2513 PING h n SSID MOXA _1 _ ae Notebook B Notebook A IP 192 168 127 1 IP 192 168 127 2 After setting up the testing environment open a DOS window on notebook B At the prompt type ping lt IP address of notebook A gt and then press Enter A Reply from IP address response means the communication was successful A Request timed out response means the communication failed In this case recheck the configuration to make sure the connections are correct Function Guiding Map The management functions are categorized in a tree and shown in the left field of the web based management console You can efficiently locate the function you need with the following guide AWK 5232 Main Menu Overview HS Basic Settings 2 System Info Settings A Network Settings 3 Time Settings Ag Wireless Settings 2 Operation Mode OS WLAN 1 Basic Wireless Settings WLAN Security Settings 3 Advanced Wireless Settings WLAN Certificate Settings EY WLAN 2 Basic Wireless Settings A WLAN Security Settings Advanced Wireless Settings WLAN Certificate Settings
51. eless Bridge mode s Master page Descriptions of other operation modes can be found in the Basic Wireless Settings section Enabling Non Redundant Single RF AP Wireless Redundancy mode s Redundant AP The AWK 5232 can be configured as a single RF AP by entering Add SSID the status will initially appear as inactive but after entering the new SSID and hitting Save the status will change from inactive to active Showing that the WLAN is ready to operate as an access point in non redundant AP mode see figure on next page 3 9 AWK 5232 Web Console Configuration Basic Wireless Settings Multiple SSID Status SSID Operation Mode Action Active MOXA_1 Redundant AP Inactive AP Save Cancel Cesse y WLAN WLAN Wireless Bridge Mode s Master You can set the virtual AP function in Wireless Bridge AP mode Master setting Click Add SSID enter the name for the SSID then click Save Basic Wireless Settings Multiple SSID Status SSID Operation Mode Action Active MOXA_1 AP Edit Inactive AP Save Cancel EE Basic Wireless Setting The following figure shows the Basic Wireless Settings page The parameters and options are described as follows Operation mode AP RF type B G N Mixed x Channel 6 SSID MOXA 1 SSID broadcast 2 Enable Disable Submit RF type Setting Description Factory Default Bo Only supports the IEEE 802 11b standard B G N Mixe
52. ement gt R amp TTE Compliance Statement O Firmware Recovery O Technical Support Contact Information AWK 5232 Supporting Information About This User s Manual This manual is mainly designed for but no limited to the following hardware and firmware for the AWK 5232 e Hardware Rev e Firmware Ver You are strongly recommended to visit Moxa s website http www moxa com and find the latest product datasheet firmware QIG Quick Installation Guide UM User s Manual and related information NOTE You can find out the hardware revision number of AWK 5232 on the side label The firmware version number can be seen on the Overview page as follow System Info Model name Device name Serial No System up time Firmware version AWK 5232 EU AWK 5232 2222 2222 O days 00h 02m 20s 1 0 Build 11092116 DoC Declaration of Conformity Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation
53. entication failure L DI 1 transition n gt Off L DI 1 transition Off gt On L DI 2 transition n gt Off L DI 2 transition Off gt On L LAN 1 link On F LAN 1 link Off F LAN link On C LAN 2 link Off F E mail Server Settings You can set up to 4 e mail addresses to receive alarm emails from the AWK 5232 The following parameters can be configured on the E mail Server Settings page In addition a Send Test Mail button can be used to test whether the Mail server and e mail addresses work well More detailed explanations about these parameters are given after the following figure E mail Server Settings Mail server SMTP oF User name FT Password _ From e mail address PO To e mail address 1 POF To e mail address 2 PO To e mail address 3 PF To e mail address 4 PO Submit Send Test Mail Mail server SMTP IP address The IP Address of your email server None User name amp Password Setting Description Factory Default Sa User name and password used in the SMTP server None AWK 5232 Web Console Configuration From e mail address Max 63 characters Enter the administrator s e mail address which will be shown in None the From field of a warning e mail To E mail address 1 2 3 4 Max 63 characters Enter the receivers e mail addresses Relay The AWK 5232 has one relay output which consists of 2 terminal block contacts on the AWK 5232 s top panel
54. es Transport Layer Security protocol TLS TTLS Specifies Tunneled Transport Layer Security PEAP Specifies Protected Extensible Authentication Protocol or Protected EAP Before choosing the EAP protocol for your WPA WPA2 Enterpise settings on the client end please contact the network administrator to make sure the system supports the protocol on the AP end Detailed information on these three popular EAP protocols is presented in the following sections EAP TLS TLS is the standards based successor to the Secure Socket Layer SSL It can establish a trusted communication channel over a distrusted network TLS provides mutual authentication through certificate exchange EAP TLS is also secure to use You are required to submit a digital certificate to the authentication server for validation but the authentication server must also supply a certificate You can use WLAN 1 2 gt WLAN Certificate Settings to import your WLAN certificate and enable EAP TLS on the client end WLAN 1 WLAN Security Settings SSID Momo 1 Security mode Wt Pe WPA type Encryption method TKIP EAP protocol TLS M Certificate issued to HA Certificate issued by HA Certificate expiration date HA You can check the current certificate status in Current Status if it is available Certificate issued to shows the certificate user Certificate issued by shows the certificate issuer Certificate expiration date indicates when the certificate gets invalid E
55. ess AWK 5232 s IP address Identifies the AWK 5232 on a TCP IP network 192 168 127 253 Subnet mask AWK 5232 s subnet Identifies the type of network to which the AWK 5232 is 255 255 255 0 mask connected e g 255 255 0 0 for a Class B network or 255 255 255 0 for a Class C network Gateway AWK 5232 s default The IP address of the router that connects the LAN to an None gateway outside network Primary Secondary DNS server IP address of Primary The IP address of the DNS Server used by your network After None Secondary DNS server entering the DNS Server s IP address you can input the AWK 5232 s URL e g http ap11 abc com in your browser s address field instead of entering the IP address The Secondary DNS server will be used if the Primary DNS server fails to connect Time Settings The AWK 5232 has a time calibration function based on information from an NTP server or user specified Date and Time information Functions such as Auto warning can add real time information to the message Time Settings Date YYYY MM DD Time HH MM SS Current local time 2009 f o1 y 23 16 58 EN set ime Time zone GMT 06 00 Central Time US amp Canada Daylight saving time M Enable Starts at lapr y ist y sun y foo E loo HH MIM Stops at Joct y llast y sun y foo foo HH MM Time offset 01 00 Time serwer 1 time nist gov Time server 2 Query period 600 600 9999
56. etwork will be determined much more quickly compared to STP e RSTP is backward compatible with STP making it relatively easy to deploy For example gt Defaults to sending 802 1D style BPDUs if packets with this format are received gt STP 802 1D and RSTP 802 1w can operate on the LAN ports and WLAN ports AP and WDS1 WDS8 of the same AWK 5232 This feature is particularly helpful when the AWK 5232 connects to older equipment such as legacy switches 6 2 AWK 5232 References Differences between RSTP and STP RSTP is similar to STP but includes additional information in the BPDUs that allow each bridge to confirm that it has taken action to prevent loops from forming when it decides to enable a link to a neighboring bridge Adjacent bridges connected via point to point links will be able to enable a link without waiting to ensure that all other bridges in the network have had time to react to the change The main benefit of RSTP is that the configuration decision is made locally rather than network wide allowing RSTP to carry out automatic configuration and restore a link faster than STP 6 3 7 Supporting Information This chapter presents additional information about this manual and product You can also learn how to contact Moxa for technical support The following topics are covered in this chapter O About This User s Manual O DoC Declaration of Conformity gt Federal Communication Commission Interference Stat
57. evices on the network are recognized as a root the devices will renegotiate to set up a new Spanning Tree topology Enable RSTP Enable disable Enables or disables the port as a node on the Spanning Tree Disable unchecked topology Port priority Numerical value Increase this port s priority as a node on the Spanning Tree 128 selected by user topology by inputting a lower number Port cost Enable Disable Input a higher cost to indicate that this port is less suitable as a 20000 node for the Spanning Tree topology Edge port Checked unchecked Sets a port which no BPDU expectedly goes through as an unchecked except edge port WLAN1 2 ports NOTE We recommend you set an edge port for the port which is connected to a non STP RSTP sub network or an end device PLC RTU etc as opposed to network equipment This can prevent unnecessary waiting and negotiation of STP RSTP protocol and accelerate system initialization When an edge port receives BPDUs it can still function as an STP RSTP port and start negotiation Setting an edge port is different from disabling STP RSTP on a port If you disable STP RSTP a port will not deal with STP RSTP BPDUs at all 3 29 AWK 5232 Web Console Configuration Port Status Port Status indicates the current Spanning Tree status of this port Use Forwarding for normal transmission or Blocking to block transmission SNMP Agent The AWK 5232 supports SNMP V1 V2c
58. ew A Weg AWK 5232 US 192 168 127 253 00 90 E8 19 17 9B 255 255 255 0 1 0 Build 11090604 System Info Device Info 802 11 Info Model name AWK 5232 US Device name AWK 5232_2222 Device location IP configuration Static x IP address 192 168 127 253 Subnet mask 255 255 255 0 Gateway Device description Serial No 2222 System up time 0 days 00h 00m 38s Firmware version 1 0 Build 11090604 Primary DNS server Secondary DNS server Jf OK X Cancel The three advanced options Search Connection and Miscellaneous are explained below 4 8 AWK 5232 Software I nstallation Configuration Search Retry count default 5 Indicates how many times the search will be retried automatically Retry interval ms The time lapsed between retries Advanced Options search Connection Misc Retry count 5 Retry interval ma 1 O00 Connection Connection timeout secs Use this option to set the waiting time for the Default Login Locate Assign IP Upload Firmware and Unlock to complete Upgrade timeout secs Use this option to set the waiting time for the connection to disconnect while the firmware is upgrading Use this option to set the waiting time for the Firmware to write to flash Advanced Options Search Connection Misc Connection timeout secs 0 Upgrade timeout secs 500 MISC Search on start Checkmark this box if you would like the
59. ficate is available Certificate issued to shows the certificate user Certificate issued by shows the certificate issuer Certificate expiration date indicates when the certificate gets invalid You can import a new WLAN certificate in Import WLAN Certificate by following these steps in order 1 Input the corresponding password or key in the Certificate private password field Then click Submit to set the password 2 You can see the password displayed in the Certificate private password field Then click on the Browse button in Select certificate key file and select the certificate file 3 Click Upload Certificate File to import the certificate file If it succeeds you can see the information uploaded in Current Certificate f it fails you may need to return to step 1 to set the password correctly and then import the certificate file again Step 1 Certificate private password Submit Step 2 Select certificate key file Browse Upload Certificate File NOTE The WLAN certificate will remain after the AWK 5232 reboots Even though it is expired it can still be seen on Current Certificate Advanced Settings Several advanced functions are available to increase the functionality of your AWK 5232 and wireless network system The DHCP server helps you deploy wireless clients efficiently Packet filters provide security mechanisms such as firewalls in different network layers Moreover the AWK 5232 can support S
60. hat may cause undesired operation FCC 15 407 e Within the 5 15 5 25 GHz band U NII devices will be restricted to indoor operations to reduce any potential for harmful interference to co channel MSS operations R amp TTE Compliance Statement This equipment complies with all the requirements of DIRECTIVE 1999 5 CE OF THE EUROPEAN PARLI AMENT AND THE COUNCIL OF 9 March 1999 on radio equipment and telecommunication terminal equipment and the mutual recognition of their conformity R amp TTE The R amp TTE Directive repeals and replaces in the directive 98 13 EEC Telecommunications Terminal Equipment and Satellite Earth Station Equipment as of April 8 2000 Safety This equipment is designed with the utmost care for the safety of those who install and use it However special attention must be paid to the dangers of electric shock and static electricity when working with electrical equipment All guidelines of this and of the computer manufacturer must therefore be allowed at all times to ensure the safe use of the equipment EU Countries Intended for Use The ETSI version of this device is intended for home and office use in Austria Belgium Denmark Finland France with Frequency channel restrictions Germany Greece Ireland Italy Luxembourg Portugal Spain Sweden The Netherlands and United Kingdom The ETSI version of this device is also authorized for use in EFTA member states Norway and Switzerland EU Countries Not I nte
61. he AWK 5232 is shown as AWK 5232 XX where XX indicates the country code The country code represents the AWK 5232 version and which bandwidth it uses We use AWK 5232 US as an example in the following figures The country code of model name on the screen may vary if you are using a different version band AWK 5232 NOTE Overview For security reasons you will need to log back into the AWK 5232 after the 5 minute time out The Overview page summarizes the AWK 5232 s current status The information is categorized into several groups System Info Device info and 802 11 I nfo Overview All information on this page are active values System Info Model name Device name Serial No System up time Firmware version Device Info Device MAC address IP address Subnet mask Gateway 802 11 Info Country code Operation mode Channel RF type SSID AWK 5232 EU AWK 5232_0000 0 O days 00h 02m 14s 1 0 Build 11061403 00 200 E8 00 02 F1 192 168 127 253 290 200 200 0 EU Wireless redundancy Redundant AP WLAN 1 6 B G N Mixed MOXA 1 3 3 Wireless redundancy Redundant AP WLAN 2 11 B G N Mixed MOxA _2 AWK 5232 Web Console Configuration Basic Settings The Basic Settings group includes the most commonly used settings required by administrators to maintain and control the AWK 5232 System I nfo Settings The System Info items especially Device name and Device description are displayed and included on
62. ial console connection method which requires using a short serial cable to connect the AWK 5232 to a PC s COM port can be used if you do not know the AWK 5232 s IP address It is also convenient to use serial console configurations when you cannot access the AWK 5232 over Ethernet LAN such as in the case of LAN cable disconnections or broadcast storming over the LAN ATTENTION Do not use the RS 232 console manager when the AWK 5232 is powered at reversed voltage ex 48VDC even though reverse voltage protection is supported If you need to connect the RS 232 console at reversed voltage Moxa s TCC 82 isolator is your best solution We recommend using Moxa PComm Lite Terminal Emulator which can be downloaded free of charge from Moxa s website Before running PComm Terminal Emulator use an RJ 45 to DB9 F or RJ 45 to DB25 F cable to connect the AWK 5232 s RS 232 console port to your PC s COM port generally COM1 or COM2 depending on how your system is set up After installing PComm Terminal Emulator take the following steps to access the RS 232 console utility 1 From the Windows desktop open the Start menu and start PComm Terminal Emulator in the PComm Lite group 2 Select Open under Port Manager to open a new connection En FComm Terminal Emulator Profile POLEO Help 3 The Communication Parameter page of the Property window opens Select the appropriate COM port for Console Connection 115200 for Baud Rate 8
63. low wireless clients to manage the AP If the VLAN Management ID matches a VLAN ID then those wireless clients who are members of that VLAN will have AP management access CAUTION Once a VLAN Management ID is configured and is equivalent to one of the VLAN IDs on the AP all members of that User VLAN will have management access to the AP Be careful to restrict VLAN membership to those with legitimate access to the AP DHCP Server for AP Client operation mode s AP mode only DHCP Dynamic Host Configuration Protocol is a networking protocol that allows administrators to assign temporary IP addresses to network computers by leasing an IP address to a user for a limited amount of time instead of assigning permanent IP addresses The AWK 5232 can act as a simplified DHCP server and easily assign IP addresses to your wireless clients by responding to the DHCP requests from the client ends The P related parameters you set on this page will also be sent to the client You can also assign a static P address to a specific client by entering its MAC address The AWK 5232 provides a Static DHCP mapping list with up to 16 entities Be reminded to check the Active check box for each entity to activate the setting You can check the IP assignment status under Status gt DHCP Client List DHCP Server for AP mode only DHCP server Enable Default gateway areca Subnet mask Primary DNS server Po Secondary ONS server Po Start
64. m the Windows Run window You may also issue the telnet command from the MS DOS prompt Hun ki E4 w Type the name of a program folder document or Internet resource and Windows will open it for you Open telnet 132 168 127 253 y Cancel Browse When using SSH client ex PuTTY please run the client program ex putty exe and then input the AWK 5232 s IP address specifying 22 for the SSH connection port 32 PuTTY Can l x Category E Session Basic options for your PuT Ty session Es Terminal specify the destination you wantto connectto Keyboard Host Hame for IF address Bell 132 160 127 253 a E f Connection type E C Baw Telnet Rlogin SSH Serial H Appearance 2 The Console login screen will appear Please refer to the previous paragraph RS 232 Console Configuration and for login and administration Configuration by Web Browser with HTTPS SSL To secure your HTTP access the AWK 5232 supports HTTPS SSL encryption for all HTTP traffic Perform the following steps to access the AWK 5232 s web browser interface via HTTPS SSL 1 Open your web browser and type https lt AWK 5232 s IP address gt in the address field Press Enter to establish the connection 5 4 AWK 5232 Other Console Configurations 3 https 7 192 168 127 253 home asp Microsoft Internet Explorer File Edit View Favorites Tools Help Back Y A Seach Favoiles Media lt 4
65. n Provides authentication based on HMAC SHA algorithms 8 character passwords are the minimum requirement for authentication Admin private key for V1 V2c V3 and V3 only DES based data encryption AES based data encryption Private Key A data encryption key is the minimum requirement for data encryption maximum of 63 characters Private MIB Information Device Object ID Also know as OID This is the AWK 5232 s enterprise value It is fixed Storm Protection In general one host should not be allowed to occupy unlimited bandwidth particularly when the device malfunctions For example so called broadcast storms could be caused by an incorrectly configured topology or a malfunctioning device Storm Protection Storm protection Enable Disable Multicast amp flooding Enable Disable 3 31 AWK 5232 Web Console Configuration Storm Protection Enable Disable Enable or disable Broadcast Storm Protection globally for Enable multicast packets Multicast and flooding Enable Disable If you enable Storm Protection the Multicast and flooding Disable option will show up You can Enable or Disable Broadcast Storm Protection globally for unknown multicast and unknown unicast packets Link Fault Pass Through for Client Slave mode only This function means if Ethernet port is link down wireless connection will be forced to disconnect Once Ethernet link is recovered AWK will try to
66. n Status Wireless Status The status for 802 11 info parameters such as Operation mode and Channel are shown on the Wireless Status page The status will refresh every 5 seconds if the Auto refresh box is checked Certain values for 802 11 info may not appear with different operation modes For example Current BSSID and RSSI are not available in Redundant AP AP or Master modes It is helpful to use the continuously updated information option on this page such as RSSI to monitor the Signal strength of the AWK 5232 in Redundant Client Client or Slave modes Wireless Status Auto refresh Show status of WLAN 1 SSID MOxA_1 802 11 info Operation mode 4P Cliant Client WLAN 1 Channel Mot connected RF type B G Mixed SSID Mona 1 Security mode OFEN Current BSSID Py fs Signal strength angli Transmission rate HA Transmission power Full Associated Client List for Redundant AP AP or Master mode only Associated Client List shows all the clients that are currently associated to a particular AWK 5232 You can click Select all to select all the content in the list for further editing You can click Refresh to refresh the list 3 38 AWK 5232 Web Console Configuration Associated Client List for Redundant AP AP or Master mode only Show clients for WLAN 1 SSID MO A_ 1 WLAN 1 SSID MOXA 11 WLAN 2 SSID MOXA 2 DHCP Client List for AP mode only When you enable the DHCP server th
67. n you switch to Wireless Redundancy mode you will see an additional WLAN Security Setting overview page Please click on Edit to modify WLAN security settings WLAN Security Settings Multiple SSID Status SSID Operation Mode Security Mode Action Active MOXA 1 AP OPEN Edit The AWK 5232 provides four standardized wireless security modes Open WEP Wired Equivalent Privacy WPA Wi Fi Protected Access and WPA2 Several types of security models are available in AWK 5232 by selecting Security mode and WPA type e Open No authentication no data encryption e WEP Static WEP Wired Equivalent Privacy keys must be manually configured e WPA WPA2 Personal also known as WPA WPA2 PSK You need to specify the Pre Shared Key in the Passphrase field which will be used by the TKIP or AES engine as a master key to generate keys that actually encrypt outgoing packets and decrypt incoming packets e WPA WPA2 Enterprise also called WPA WPA2 EAP Extensible Authentication Protocol In addition to device based authentication WPA WPA2 Enterprise enables user based authentication via IEEE802 1X The AWK 5232 can support three EAP methods EAP TLS EAP TTLS and EAP PEAP 3 12 AWK 5232 Web Console Configuration SSID Moma 1 Security mode Security mode Setting BeempMm ra amp ewBeRauh PA WPA2 Fully supports EEE 802 11i with TKIP AES 802 1X in 802 11a b g mode supports IEEE 802 11i with AES 802 1X
68. nded for Use None Potential Restrictive Use France only channels 10 11 12 and 13 CE Warning This is a class B product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures Firmware Recovery When the LEDs of FAULT and STATE all light up simultaneously and blink at one second interval it means the system booting has failed It may result from some wrong operation or uncontrollable issues such as an unexpected shutdown during firmware update The AWK 5232 is designed to help administrators recover such damage and resume system operation rapidly You can refer to the following instructions to recover the firmware Connect to the AWK 5232 s RS 232 console with 115200bps and N 8 1 You will see the following message shown on the terminal emulator every one second 7 3 AWK 5232 Press Press Press Press Press Press Press Press Press Press Press Press Press Press Ctrl C and the following message will appear Ctrl C Ctrl C Ctrl C Ctrl C Ctrl C Ctrl C Ctrl C Ctrl C Ctrl C Ctrl C Cer 1 E Ctrl C Ctrl C ta to ta to ta t ta t t t ta t ta enter enter enter ent ar enter enter Bentler enter Bentler enter enter enter Bentler Firmware Firmware Firmware Firmware Firmware Firmware Firmware Firmware Firmware Firmware Firmware Firmware Firmware Recovery Recovery Recovery Recove
69. nloc Upgrade DO Import Refresh Refresh All Exit No Model name IP address Device MAC address Overview AWK 5232 US 192 168 127 253 00 90 E8 19 17 9B 255 255 255 0 1 0 Build 11090604 System Info Device Info 802 11 Info Model name AWIK 5232 US Device name AWK 5232_2222 Device location Device description Serial No 2222 System up time 0 days 00h 00m 38s Firmware version 1 0 Build 11090604 Click Locate to cause the selected device to beep AA oe AA AS IE File Edit Function Tools Help A sont Ex LL bed k ee x P u E E e See Ta ee All eu No Modelname IP address Device MAC address Subnet mask Firmware version ef 1 AWK 5232 US 192 168 127 253 00 90 E8 19 17 9B 255 255 255 0 1 0 Build 11090604 System Info Device Info 802 11 Info Model name AWK 5232 US Device name AWK 5232_2222 Device location Device description i m Locating Serial No 2222 Model AWK 5232 US System up time 0 days 00h 00m 38s IP 192 168 127 253 Firmware version 1 0 Build 11090604 00 90 E8 19 17 9B Netmask 255 255 255 0 Make sure your AWK is unlocked before using the search utility s icons setting The AWK will unlock automatically if the password is set to the default Otherwise you must enter the new password manually Go to Tools gt AWK login Options to manage and unlock additional AWKs 4 6 AWK 5232 Software I nstallation Configu
70. nsole for information on how to use the web console 4 7 AWK 5232 Software I nstallation Configuration PD AWK Search Utility P o x File Edit Function Tools Help 2 x a 4 E E 2 nu nu F Search Search Ex Locate eb Telnet Assign IP Unlock Upgrade Export Import Refresh Refresh All Exit No Modelname IP address Device MAC address of Awk 5232U5S 00 90 8 19 17 98 255 255 255 0 System Info Device Info 802 11 Info Model name AWK 5232 US Device name AWK 5232_2222 Device location Device description Serial No 2222 System up time 0 days 00h 00m 38s Firmware version 1 0 Build 11090604 Click on Telnet if you would like to use telnet to configure your AWKs File Edit Function Tools Help 2 x 4 P ES E 2 a nv TL Search Search Ex Locate Web Telr Assign IP Unlock Upgrade Export Import Refresh Refresh All Exit ie Awk 7 253 00 30 E8 13 17 3B 255 255 255 0 System Info Device Info 802 11 Info Model name AWK 5232 US Device name AWK 5232_2222 Device location Device description Serial No 2222 System up time O days 00h 00m 38s Firmware version 1 0 Build 11090604 Click Assign IP to change the IP setting _ A e TH a xs File Edit Function Tools Help x a ES 2 nu mu F Search Search Ex Locate Web Telnet Assign IP Unlock Upgrade Export Import Refresh Refresh All Exit No Modelname IP address Device MAC address Overvi
71. nt device and a redundant AP device The redundant structure involves using the AWK 5232 s two RF modules to set up two independent wireless connections between the redundant client and redundant AP devices If either of the two wireless connections fails the other wireless connection will continue transmitting packets between the redundant client and redundant AP devices In addition to carrying one or more redundant clients standard single RF clients can also associate with the redundant AP One of the biggest advantages of the AWK 5232 s wireless redundancy mode is that you can expect zero data loss Redundant AP Fe Redundant AP Pe Fedundant Redundant 4 la Client Client 3 AWK 5232 Web Console Configuration The following figure shows the Wireless Redundancy operation mode Operation mode Wireless redundancy WLAN Operation mode Redundant AP se WLAN Radiunaari client WLAN Operation mode Setting Description Faactory Default Redundant AP AP with Dual RF redundancy capable of serving dual RF clients Redundant AP Redundant Client Dual RF redundant clients can join dual RF redundant APs Wireless Bridge A bridge is a network component that connects two networks AWK 5232 s bridge operation is based on the AP master and Client Slave concept Both sides of the connection must have the same RF type SSID and security settings For single RF mesh networks the conventional setup i
72. or key renewal instructs the wireless AP how often it should change the encryption keys Usually the security level will be higher if you set this value shorter so that the encryption keys are changed more often Default value is 3600 seconds 6 minutes Longer time periods can be considered if traffic is not so busy WPA WPA2 Enterprise for Redundant AP AP or Master mode By selecting WPA type as Enterprise you can use EAP Extensible Authentication Protocol a framework authentication protocol used by 802 1X to provide network authentication In these Enterprise level security modes a back end RADIUS Remote Authentication Dial In User Service server is needed if IEEE 802 1X functionality is enabled in WPA WPA2 The IEEE 802 1X protocol also offers the possibility of carrying out an efficient connection authentication in a large scaled network It is not necessary to exchange keys or pass phrases WLAN 1 WLAN Security Settings SSID MOA 1 Security mode WPA type Encryption method Primary RADIUS server IP pes Primary RADIUS server port Primary RADIUS shared key Po Secondary RADIUS server IP fe Secondary RADIUS server port Secondary RADIUS shared key PF OS Key renewal 60 86400 seconds 3 15 AWK 5232 Web Console Configuration WPA Type Provides Pre Shared Key enabled WPA and WPA2 Personal Provides enterprise level security for WPA and WPA2 Encryption method Temporal Key Integrity Protocol is enabled TKIP
73. ormation Moxa Americas Toll free 1 888 669 2872 Tel 1 714 528 6777 Fax 1 714 528 6778 Moxa Europe Tel 49 89 3 70 03 99 0 Fax 49 89 3 70 03 99 99 www moxa com su ort Moxa China Shanghai office Toll free 800 820 5036 Tel 86 21 5258 9955 Fax 86 21 5258 5505 Moxa Asia Pacific Tel 886 2 8919 1230 Fax 886 2 8919 1231 Table of Contents 1 TH FOOUCEIOTriririiecdioiiiaeriitrbioriiceiieetieeittciceCeeiCScecevkttssesektleeoeseeteasdss9og9358540601309338522824040408039834076438549821u2942 1 1 SW A PEE PA gBAga xa 1 2 Package C E K E2 1111101116 11ay 120x314 1014i196112a1215154i220 1125150194 oe td 1 2 Product FOUR EKE EEEIEE A AN aeaa a 1 2 Product SSC IE CEU OIG ees cocoa 1 3 Funcional Desig Waar aaa ese de eae loradada le ladarala la dasataidedele lada 1 3 A Gan Stet bi t0 tet 2 A s 6 6 1 1111 11 111 133 1 3 OO 1 4 Ro ee OS 1 4 Relay A DIGIA OIE OE sa v32 cn ee ene ence EAE AE a a a eoon 1 4 Antenn asns a tenet cnet a a a e e kee ekrk kekeke kekek dda qu n aaa aa a aa 1 5 2s GGLTLIHTXO SEAT abs 2 1 Firsttime Installation ana Contiquration ni 2 2 COMMUNICATION TESTO i6 nin rin O ANG EBEA tb 2 3 E AO Eo 2 4 3 Web Console ContTigUFA ION iii A A A Aa 3 1 CONTIUELION DY WED BROWSE a eN tel ee 3 2 BAVE VI ERE E eee ee EE TE delata dd ltd tb titi tb 3 3 BSC 0 atte we renee ae es a eee Oah 3 4 SYSTEM AO SENGS see ea pee E ea eee en eles seen eae Si N EA
74. r wired wireless network performance advanced services and device management functions Functions to maintain the AWK 5232 and diagnose the network On demand functions to support the operations of web based console management 3 Web Console Configuration In this chapter we will explain each web management page of the web based console configuration Moxa s easy to use management functions will help you set up your AWK 5232 as well as establish and maintain your wireless network easily The following topics are covered in this chapter O Configuration by Web Browser O Overview O Basic Settings gt System Info Settings gt Network Settings gt Time Settings O Wireless Settings gt Operation Mode gt WLAN1 WLAN2 gt Enabling Non Redundant Single RF AP gt WLAN Security Settings gt Advanced Wireless Settings gt WLAN Certification Settings for EAP TLS in Redundant Client Client or Slave mode only O Advanced Settings gt Using Virtual LAN gt Configuring Virtual LAN gt DHCP Server for AP Client operation mode s AP mode only Packet Filters RSTP Settings for Master or Slave mode only SNMP Agent Storm Protection VV VV Y Link Fault Pass Through for Client Slave mode only O Auto Warning Settings System Log Syslog E mail Relay V VY VY WV Trap a Status gt Wireless Status gt Associated Client List for Redundant AP AP or Master mode only DHCP Client Lis
75. ration File Edit Function Tools Help 2 LAN Utility Login Options P E 2 uy amp uy Search Search AWK Login Options Telnet Assign IP Upgrade Export Import Refresh Refresh All Exit No Modelname Advanced Options e MAC address Overview AWK 5232 Customize List View E8 19 17 255 255 255 0 1 0 Build 11090604 System Info Device Info 802 11 Info Model name AWK 5232 US Device name AWK 5232_2222 Device location Device description Serial No 2222 System up time 0 days 00h 00m 38s Firmware version 1 0 Build 11090604 i Use the scroll down list to select the MAC addresses of those AWKs you would like to manage and then click Add Key in the password for the AWK device and then click OK to save If you return to the search page and search for the AWK again you will find that the AWK will unlock automatically ATTENTION For security purposes we suggest you can change the AWK search utility login password instead of using default AWE Login Options Found awk devicelsl 132 168 127 253 00 30 E8 00 40 01 Last IP Device MAC address Username Default admin 192 168 127 253 00 90 8 00 40 01 famin Delete vf OK XA Cancel To modify the configuration of the highlighted AWK click on the Web icon to open the web console This will take you to the web console where you can make all configuration changes Refer to Chapter 3 Using the Web Co
76. roadcast for AP mode only Enable Disable SSID can be broadcast or not AWK 5232 Web Console Configuration NOTE If your device uses redundant Client Client or Slave mode you can find an additional Site Survey button on basic wireless settings page The button supports site survey and pops up a dialog box listing the information for available APs as shown in the following figure You can click on the SSID of an entity and bring the value of its SSID onto the SSID field of the Basic Wireless Settings page Clicking on the Refresh button will re scan and update the table Operation mode Client RF tyne B G N Mixed Channel 6 SSID MOXA _1 Site Survey SSID broadcast 2 Enable Disable E http 192 168 127 253 Site Survey Microsoft Internet Explorer Site Survey No al 2 3 4 5 6 ty 8 J MAC address Channel Mode Signal Home 00 18 84 81 CD 9A BSS WEP 2000 FON_AP 00 18 84 81 CD 99 BSS OPEN 000 default DO 15 F2 A2 07 64 BSS OPEN 000 BLW 54PM 00 90 CC D6 B5 20 BSS WEP 000 BLW 54PM 00 90 CC D6 BC EC BSS OPEN 2000 ZyXEL 00 19 CB 41 48 9A BSS WEP 2000 00 16 01 8C 11 7F BSS OPEN anll HJ Wireless 00 16 01 ED DO 61 BSS WEP 000 default 00 40 05 56 9D B1 BSS WEP 000 H o hpsetup 52 BC 90 E2 84 14 Ad Hoc OPEN 2000 Refresh Close r Internet WLAN Security Settings The following figure shows the WLAN1 2 Security Settings page The parameters and options are described as follows NOTE Whe
77. rotocol Anonymous name User name Password Inner EAP protocol MS CHAP V2 Anonymous WiPAS TKIP Moss 1 wpa2 Enterprise PEAP w MS CHAP V2 MIS LH L TT E Po Web Console Configuration Factory Default Microsoft CHAP version 2 is used MS CHAP V2 Factory Default Max 31 characters A distinct name used for outer authentication None User name amp Password Advanced Wireless Settings User name and password used in inner authentication None Additional wireless related parameters are presented in this section to help you set up your wireless network in detail WLAN 1 Advanced Wireless Settings Transmission rate Multicast Rate Guard interval Transmission power Beacon interval DTIM interval Fragmentation threshold RTS threshold Noise protection Transmission enhancement Antenna WMM Full 11a channel support Submit Transmission Rate Auto M 8 ns Full ll 100 40 1000ms 1 1 15 2346 256 2346 2346 256 2346 Enable Disable Auta Enable Disable Description Factory Default The AWK 5232 senses and adjusts the data rate automatically Available rates Users can manually select a target transmission data rate 3 19 AWK 5232 Web Console Configuration NOTE NOTE Multicast Rate Available rates You can set a fixed multicast rate for the transmission of 6M broadcast and multicast packets on a per radio ba
78. ry Recovery Recovery Becowery Recovery Recovery Recovery Recovery Recovery Recovery Process Process Process Process Process Process Process Process Process Process Process Process Process Supporting Information Press Ctrl C and the following message will appear Press Ctrl C to enter Firmware Recovery Process Press Ctrl C to enter Firmware Recovery Process IP address of AMEK 5232 192 168 40 155 Netmask of AWK S22 2 255 255 252 000 Gateway of AIIE bzzzZ 197 168 433 254 IP address of TFTP server 192 1638 40 142 l Start to firmware upgrade using the above network setting immediately 2 Change the network settings Enter your selection 1 2 enter for abort Enter 2 to change the network setting Specify where the AWK 5232 s firmware file on the TFTP server and press y to write the settings into flash memory 1 Start to firmware upgrade using the above network setting immediately Change the network settings Enter your selection 1 2 enter for abort Z of AWE 5232 132 168 1 2 of TFTP server 192 168 1 1 Netmask of AWE 5232 255 255 252 0 Gateway of AUIE 5Z3zZ 192 168 1 254 Update RedBoot non volatile configuration continue y n Y IP address IP address AWK 5232 restarts and the Press Ctrl C to enter Firmware Recovery Process message will reappear Press Ctrl C to enter the menu and select 1 to start the firmware upgrade process IP address of AWR S
79. s to use WDS to establish a static bridge link In this case the APs at both ends of the WDS link must be configured manually with each other s MAC addresses The performance of a single RF bridge will be poor if more nodes are added The AWK 5232 s dual RF bridge concept is different from using a single RF because the AWK 5232 has dual RFs and offer users a cascade link to bridge the two ends without narrowing down the throughput Operation mode WLAN 1 Operation mode AP e WLAN 2 Operation mode 3 8 AWK 5232 Web Console Configuration WLAN 1 WLAN 2 Operation mode Master Master can build a connection with a Slave that has the same AP for WLAN 1 RF type SSID and security settings Master for WLAN 2 Slave Slave can build a connection with a master that has the same RF type SSID and security settings AP Client AP Client mode provides a more flexible topology to allow the user to configure the 2 RF module for an AP or Client Operation mode AP Client ka WLAN 1 Operation mode AF e WLAN 2 Operation mode AP e AP ap lado WLAN1 OR WLANE WLAN2 AP Client Matching Table for AP Client s WLANs WLAN 1 WLAN 2 Allowable Setting WLAN1 WLAN2 Some applications already have existing Clients in the environment The AWK 5232 not only can carry dual RF clients but also single RF or existing Clients to the Ethernet LAN This function is available in Wireless Redundancy mode s Redundant AP or Wir
80. search function to start searching for devices after you log in to the AWK search Utility Advanced Options Search Connection Misc Search on start 4 9 5 Other Console Configurations This chapter explains how to access the AWK 5232 for the first time In addition to HTTP access there are four ways to access AWK 5232 serial console Telnet console SSH console and HTTPS console The serial console connection method which requires using a short serial cable to connect the AWK 5232 to a PC s COM port can be used if you do not know the AWK 5232 s IP address The other consoles can be used to access the AWK 5232 over an Ethernet LAN or over the Internet The following topics are covered in this chapter O RS 232 Console Configuration 115200 None 8 1 VT100 O Configuration by Telnet and SSH Consoles O Configuration by Web Browser with HTTPS SSL O Disabling Telnet and Browser Access AWK 5232 Other Console Configurations ATTENTION E You CANNOT connect to the AWK 5232 by two or more of these console configurations simultaneously 2 You can connect to the AWK 5232 simultaneously by web browser and serial Telnet SSH console However we strongly suggest that you do NOT use more than one connection method at the same time Following this advice will allow you to maintain better control over the configuration of your AWK 5232 RS 232 Console Configuration 115200 None 8 1 VT100 NOTE The ser
81. ser configured event is triggered If a user configured event does not occur the relay circuit will remain closed For safety reasons the relay circuit is kept open when the AWK 5232 is not powered The AWK 5232 s relay status is Summarized as follows Power Status Off 1 4 AWK 5232 Introduction Antennae units mm in oTo o0 e O O in O 67 5 2 66 74 55 2 94 The AWK 5232 supports 802 11 a b g n with 2x2 MIMO technology and a dual RF solution Antennas 1A and 1B are the MIMO antennas associated with RF1 and 2A and 2B are the MIMO antennas associated with RF2 1 5 2 Getting Started This chapter explains how to install Moxa s AirWorks AWK 5232 for the first time to quickly set up your wireless network and test whether the connection is running well With this function guide you will gain access to the functions you need easily The following topics are covered in this chapter O First time Installation and Configuration O Communication Testing O Function Guiding Map AWK 5232 Getting Started First time Installation and Configuration A NOTE Before installing the AWK 5232 make sure that all items in the Package Checklist are in the box In addition you will need access to a notebook computer or PC equipped with an Ethernet port The AWK 5232 has a default IP address that you must use when connecting to the device for the first time Step 1 Select the power source The
82. sis This parameter can be useful in an environment where multicast video streaming is occurring in the wireless medium providing the wireless clients are capable of handling the configured rate Guarding Interval Guarding Interval Guarding interval is used to ensure that distinct transmissions 800ns do not interfere with one another You can select the guarding interval manually for Wireless N connections The two options are Short 400ns and Long 800ns RF type 2 4 GHz Auto Specifies wireless signal coverage by automatically selecting Full the strength of Tx power Each antenna port s Tx power at Full e US model 18 dBm e EU model 16 dBm e JP model 18 dBm RF type 5 GHz Auto Specifies wireless signal coverage by automatically selecting Full the strength of Tx power Each antenna port s Tx power at Full e US model 14 dBm e EU model 16 dBm e JP model 14 dBm Beacon Interval for AP Master mode only Beacon Interval Indicates the frequency interval of the beacon 100 ms 40 to 1000 ms DTI M Interval for AP Master mode only Data Beacon Rate Indicates how often the AWK 5232 sends out a Delivery Traffic 1 1 to 15 Indication Message 3 20 AWK 5232 Web Console Configuration Fragmentation threshold Fragment Length Specifies the maximum size a data packet before splitting and 2346 256 to 2346 creating another new packet RTS threshold RTS CTS Threshold
83. sponding entity with up to 31 characters Remember to check the Active check box for each entity to activate the setting TCP UDP Port Filters Enable Disable Policy Drop No fictive Source port Destination port Protocol Application name 1 C Eo o ES EO bE ke Eo 2 E sn TCP 3 Ho ES eE eA E Enable Enables TCP UDP port filter Disables TCP UDP port filter Policy Any packet fitting the entities on list will be denied Accept Only the packets fitting the entities on list can be allowed ATTENTI ON Be careful when you enable the filter function Drop no entity on list is activated all packets are allowed Accept no entity on list is activated all packets are denied RSTP Settings for Master or Slave mode only AWK 5232 supports IEEE802 1D Spanning Tree Protocol and IEEE802 1w Rapid STP standards In addition to eliminating unexpected path looping STP RSTP can provide a backup path recovery if a wired wireless path fails accidentally The reliability and availability can increase because this fail over function AWK 5232 s STP RSTP feature is disabled by default To be completely effective you must enable RSTP STP on every AWK 5232 connected to your network The following figures indicate which Spanning Tree Protocol parameters can be configured A more detailed explanation of each parameter is given below the figure RSTP Settings for Master or Slave mode only
84. stallation Guide AWK Search Utility Installing AWK Search Utility 1 Click the INSTALL UTILITY button in the AWK Installation CD auto run window to install AWK Search Utility Once the program starts running click Yes to proceed 2 Click Next when the Welcome screen opens to proceed with the installation i Setup AWK Search Utility Jia Ex Welcome to the AWK Search Utility Setup Wizard This will install AWE Search Utility on pour computer Iki recommended that you close all other applications before Continuing Click Nest to continue or Cancel to exit Setup T Setup AWE Search Utility Select Destination Location Where should AE Search Utility be installed q y Setup will instal AWE Search Utility into the following folder To continue click Next IF you would like to select a different folder click Browse C Program Files MoxaiaweE WME Search Utility Al least 2 5 MB of free disk space is required 4 Click Next to create the program s shortcut files to the default directory or click Browse to select an alternate location 4 2 AWK 5232 Software I nstallation Configuration A Setup AWE Search Utility Select Start Menu Folder Where should Setup place the program s shortcuts l m Setup will create the program s shortcuts in the following Start Menu folder To continue click Nest IF you would like to select a different folder click Browse AWK Search Utility
85. t for AP mode only V WV System Log Yy Relay Status DI and Power Status Maintenance Console Settings Ping Firmware Upgrade Config Import Export Load Factory Default Password VV YV Y Y V Y Misc Settings Save Configuration Restart Logout AWK 5232 Web Console Configuration Configuration by Web Browser NOTE Moxa AWK 5232 s web browser interface provides a convenient way to modify its configuration and access the built in monitoring and network administration functions The recommended web browser is Microsoft Internet Explorer 5 5 or 6 0 with JVM Java Virtual Machine installed To use the AWK 5232 s management and monitoring functions from a PC host connected to the same LAN as the AWK 5232 you must make sure that the PC host and AWK 5232 are on the same logical subnet Similarly if the AWK 5232 is configured for other VLAN settings you must make sure your PC host is on the management VLAN The Moxa AWK 5232 s default IP is 192 168 127 253 Follow the steps below to access the AWK 5232 s web based console management 1 Open your web browser ex Internet Explorer and type the AWK 5232 s IP address in the address field Then press Enter to establish the connection 5 about blank Microsoft Internet Explorer E x File Edit View Favorites Tools Help 2 The Web Console Login page will open Enter the password Username is set as admin the default password is root if a new passwor
86. the Overview page SNMP information and alarm emails Setting System Info items makes it easier to identify the different AWK 5232s connected to your network System Info Settings Device name lap_01 1 Device location Area 32 5th Floor Device description No 11 of ABC supporting system Device contact sale Sasi ies John Davis sysop abc com Device name Max 31 Characters This option is useful for specifying the role or application of AWK 5232_ lt Serial different AWK 5232 units No of this AWK 5232 gt Device location Max 31 Characters To specify the location of different AWK 5232 units Device description Max 31 Characters Use this space to record more detailed description of AWK 5232 Device name Max 31 Characters To provide information about whom to contact in order to None resolve problems Use this space to record contact information of the person responsible for maintaining this AWK 5232 Network Settings The Network Settings configuration allows you to modify the usual TCP IP network parameters An explanation of each configuration item is given below Network Settings IP configuration IP address Subnet mask Gateway Primary DNS server E Secondary ONS server Po 3 4 AWK 5232 Web Console Configuration IP configuration DHCP The AWK 5232 s IP address will be assigned automatically by Static the network s DHCP server Set up the AWK 5232 s IP address manually IP addr
87. tication type Key type HEx Key length 64 bits Key index WEP key 1 A WEP key 2 WEP key 3 A WEP key 4 es 3 13 AWK 5232 Web Console Configuration Authentication type Data encryption is enabled but no authentication Data encryption and authentication are both enabled Key type Factory Default Specifies WEP keys in hex decimal number form HEX Specifies WEP keys in ASCII form Key length Setting Description Factory Default 64 bits Uses 40 bit secret keys with 24 bit initialization vector 64 bits 128 bits Uses 104 bit secret key with 24 bit initialization vector Key index 1 4 Specifies which WEP key is used WEP key 1 4 ASCII type A string that can be used as a WEP Seed for RC4 encryption None 64 bits 5 chars engine 128 bits 13chars HEX type 64 bits 10 hex chars 128 bits 26 hex chars WPA WPA2 Personal WPA Wi Fi Protected Access and WPA2 are significantly improved encryption methods of WEP WPA is a security standard based on 802 11i draft 3 while WPA2 is based on the fully ratified version of 802 11i The initial vector is transmitted encrypted and enhanced with its 48 bits twice as long as WEP The key is regularly changed so that true session is secured Even though AES encryption is only included in the WPA2 standard it is widely available in the WPA security mode of some wireless APs and clients as well The AWK 5232 also supports AES algorithms in WP
88. trator with tools to manage the AWK 5232 and wired wireless networks Console Settings You can enable or disable access permission for the following consoles HTTP HTTPS Telnet and SSH connections For more security we recommend you only allow access to the two secured consoles HTTPS and SSH Console Settings HTTP console Enable Disable HTTPS console Enable Disable Telnet console Enable Disable SSH console e Enable Disable Submit Ping helps to diagnose the integrity of wired or wireless networks By inputting a node s IP address in the Destination field you can use the ping command to make sure it exists and whether or not the access path is available Ping Destination 192 168 253 2 Ping If the node and access path are available you will see that all packets were successfully transmitted with no loss Otherwise some or even all packets may get lost as shown in the following figure Ping Destination Ping PING 192 168 127 2 192 168 127 2 56 data bytes 192 168 127 2 ping statistics 4 packets transmitted O packets received 100 packet loss 3 41 AWK 5232 Web Console Configuration Firmware Upgrade The AWK 5232 can be enhanced with more value added functions by installing firmware upgrades The latest firmware is available at Moxa s download center Before running a firmware upgrade make sure the AWK 5232 is off line Click the Browse button to specify
89. uped events All default values are enabled checked The log for system events can be seen in Status gt System Log 3 32 AWK 5232 Web Console Configuration System log Event Types Event group Enable log System related events Network related events Config related events Power events 2322727 DI events System related events Event is triggered when System restart warm start The AWK 5232 is rebooted such as when its settings are changed IP address subnet mask etc Network related events Event is triggered when LAN 1 or LAN 2 link on The LAN port is connected to a device or network LAN 1 or LAN 2 link off The port is disconnected e g the cable is pulled out or the opposing device shuts down Client joined left for WLAN 1 or WLAN 2 A wireless client is associated or disassociated WLAN 1 or WLAN 2 connected to AP The AWK 5232 is associated with an AP for Redundant Client Client or Slave mode WLAN 1 or WLAN 2 disconnected The AWK 5232 is disassociated from an AP for Redundant Client Client or Slave mode 5232 i ia PoE E event istriggeredwnen SSS Syslog This function provides the event logs for the Syslog server The function supports up to three configurable Syslog servers and Syslog server UDP port numbers When an event occurs the event will be sent as a Syslog UDP packet to the specified Syslog servers Syslog Event Types Detail information for the grouped events is shown
90. used to locate all AWK 5232 APs that are connected to the same LAN as your computer After locating an AWK 5232 you will be able to change its IP address Since the Broadcast Search function searches by TCP packet and not IP address it doesn t matter if the AWK 5232 is configured as an AP or Client In either case APs and Clients connected to the LAN will be located regardless of whether or not they are part of the same subnet as the host 1 Start the AWK Search Utility program When the Login page appears select the Search AWK only option to search for AWKs and to view each AWK s configuration Select the AWK management option to assign IPs upgrade firmware and locate devices 4 4 AWK 5232 Software I nstallation Configuration AWE Search Utility Login AWE management Password uf OK 2 Cancel 2 Open the AWK Search Utility and then click the Search icon AWK Search Utility File Edit Function Tools Help amp B jag Ff Search Ex Locate Web Telnet Assign F Unlock Upgrade IP address Device MAC address The Searching window indicates the progress of the search amp nM FL Exit Refresh Refresh All 3 Whenthe search is complete all AWKs that were located will be displayed in the AWK Search Utility window 4 5 AWK 5232 Software I nstallation Configuration File Edit Function Tools Help TL a E dE l Search Search Ex Locate Web Assign IP J
91. vkifivtldddkddlda Di ita AA AA A AS 7 3 PEGCAMICAlSUDOOFE Contact TTTFOFITTOLIOfiT7is6isssiis606s00s0ia00x0050550a9a0000180x0x60300x813043 4304a00x01a0 0100a0050 5805 x8i00006 4E0l006i116 aR 7 5 1 Introduction Moxa AirWorks AWK 5232 with dual RF wireless capability allows wireless users to access network resources more reliably The AWK 5232 is rated to operate at temperatures ranging from 0 to 60 C for standard models and 40 to 75 C for extended temperature models and is rugged enough for any harsh industrial environment The following topics are covered in this chapter O Overview Package Checklist Product Features Product Specifications 0 000 Functional Design gt LED Indicators gt Beeper gt Reset Button gt Relay Digital Output gt Antenna AWK 5232 Introduction Overview The AWK 5232 Industrial a b g n Wireless AP Bridge Client is an ideal wireless solution for connecting mobile equipment connected over a TCP IP network in hard to wire situations The AWK 5232 provides faster throughput than standard 802 11g devices and at temperatures ranging from 0 to 60 C for standard models to 40 to 75 C for wide temperature models making the AWK 5232 series rugged enough for any industrial environment With two independent RF modules the AWK 5232 supports a great variety of wireless configurations and applications and the redundant wireless connections increase the reliability of the entire wireless network
Download Pdf Manuals
Related Search