EAP200_v1.00_EN_Manu..
Contents
1. SSID MAC Address Channel Rate Signal Security Setup Connect DO 00 1F 04 00 2E 56 j DA d None Connect 00 5 DB 1F 04 00 2E 56 1 54 49 done Connect Figure 62 Site Survery Page lf Universal Repeater function is enabled the system can scan and display all surrounding available access points APs The administrator can then select an AP to for connection to extend its wireless service coverage on this page SSID The SSID Service Set ID of the AP found in this system s coverage area MAC Address The MAC address of the respective AP Channel The channel number currently used by the respective AP or repeater Rate The transmitting rate of the respective AP Signal The encryption type used by the respective AP Y WW WW Y Setup Connect o Connect Click Connect to associate with the respective AP directly no further configuration is required Cip 893 00 0E 2E 7C AA 6E 1 54 4 None o Setup Click Setup to configure security settings for associating with the respective AP WEP Click Setup to configure the WEP setting for associating with the target AP Cip wep 00 11 A3 08 09 56 6 54 40 WEP The following configuration box will then appear at the bottom of the screen Security settings configured here must be the same as the target AP 58 Copyright 4IPNET INC Z ters a EAP200 Enterprise Access Point ENGLISH Note If you set WEP security for Universal Repeater the security of AP will2. User s Manual EAP200 v1 00 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH Copyright amp Disclaimer Copyright The contents of this publication may not be reproduced in any part or as a whole stored transcribed in an information retrieval system translated into any language or transmitted in any form or by any means mechanical magnetic electronic optical photocopying manual or otherwise without the prior written permission of 4IPNET INC Disclaimer AIPNET INC does not assume any liability arising out the application or use of any products or software described herein Neither does it convey any license under its parent rights not the parent rights of others 4IPNET further reserves the right to make changes in any products described herein without notice The publication is subject to change without notice Trademarks AIPNET 4ipnet is a registered trademark of 4IPNET INC Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective Owners Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH Table of Contents L 0 2 OS x ROM ne E E oe ren nC ne ee nee 4 E We 4 1 2 Document enn e e ieirik EE IN ENN ekr EEE EI EINE Erini 4 Eo Picke COnN E 5 2 DVSlem Overview and Getinge Ol le Ca ceuscnssesseneasssenessvsrmensmeseniveemecsmenceimeneenseneeieornennees 6 DA bei ele ELO ee
3. INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 4 4 Reboot This function allows the administrator to restart the EAP200 safely The process shall take about three minutes Click Reboot to restart the system Please wait for the blinking timer to complete its countdown before accessing the system s Web Management Interface again The System Overview page will appear after reboot successfully Occasionally it is necessary to reboot the EAP200 to ensure that parameter changes are submitted Change Password j Backup amp Restore System Upgrade Reboot Home gt Utilities gt Reboot Reboot the System Reboot may take several minutes to complete The Admin Login Page willbe shown after system boots up Figure 69 Reboot Page 70 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 5 status This page is used to view the current condition and state of the system and includes the following functions Overview Associated Clients Repeater and Event Log 7 5 1 Overview The System Overview page provides an overview of the system status for the administrator Overview Associated Clients d Repeater d Event Log Home gt Status gt System Overview System Overview gP System Radio Status System Name EAP200 MAC Address 00 1F D4 03 22 20 Firmware Version Band 802 11b g Build Number Channel 6 Location TX Power 18 dBm Site EN A Device Tim
4. until the administrator re Enables the listed MAC A VAP Overview General VAP Config d Security Repeater Advanced Y Access Control Site Survey h Home gt AP gt Access Control Access Control Settings Profile Name VAP 1 v Maximum Number of Clients E Range 1 32 Access Control Type MAC ACL Allow List wall No MAC Address State 1 Disable O Enable 2 Disable O Enable 3 Disable O Enable 4 Disable Enable 5 Disable Enable Figure 59 MAC Allow List O e h 55 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH gt MAC ACL Deny List When selecting MAC ACL Deny List all client devices are granted with access to the system except those listed in the Deny List denied MAC addresses The administrator can allow any denied MAC address to connect to the system temporarily by checking Disable WAP Overview d General VAP Config d Security Repeater d Advanced Access Control Site 5urvey 4 1 1 gt i Home gt AP gt Access Control Access Control Settings Profile Name VAP 1 M Maximum Number of Clients Range 1 32 Access Control Type MAC ACL Deny List ka No MAC Address State 1 fs Disable Enable 2 fs Gi Disable Enable 3 l Disable Enable A Ir Disable Enable 5 Se il Disable Enable Figure 60 Deny List 56 Copyright 4IPNET INC 4ipnet
5. 57 Advanced Wireless Settings Page e RTS Threshold Enter a value between 1 and 2346 RTS Request to Send Threshold determines the packet size at which the system issues a request to send RTS before sending the framet to prevent the hidden node problem The RTS mechanism will be activated if the data size exceeds the value provided A lower RTS Threshold setting can be useful in areas where many client devices are associating with EAP200 or in areas where the clients are far apart and can detect only EAP200 but not each other e Fragmentation Threshold Enter a value between 256 and 2346 The default is 2346 A packet size larger than this threshold will be fragmented sent with several pieces instead of one chunk before transmission A smaller value results in smaller frames but allows a larger number of frames in transmission A lower Fragment Threshold setting can be useful in areas where communication is poor or disturbed by a serious amount of radio interference e DTIM Period Input the DTIM Interval that is generated within the periodic beacon at a specified frequency Higher DTIM will let the wireless client save energy more but the throughput will be lowered e Broadcast SSID Disabling this function will prevent the system from broadcasting its SSID If broadcast of the SSID is disabled only devices that have the correct SSID can connect to the system e Wireless Station Isolation By enabling this function all stations associated wit
6. Edit Figure 43 VAP Overview Page 4 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH e State The hyperlink showing Enable or Disable connects to the VAP Configuration page alee Overview Genera VAP Config d Security Repeater Advanced Access Control Site Survey 4 1 Home gt AP gt VAP Config VAP Configuration Profile Name VAP Disable Enable Profile Name VAP 1 ESSID EAP200 1 VLAN ID Disable Enable VLAN ID M 1 4094 Figure 44 VAP Overview Page State e Security Type The hyperlink showing the security type connects to the Security Settings Page Cem K VAP Overview d General d WAP Config Security d Repeater Advanced Access Control Site Survey A Home gt AP gt Security Security Settings Profile Name VAP 1 Figure 45 VAP Overview Page Security Type 42 Copyright 4IPNET INC Z ters a EAP200 Enterprise Access Point ENGLISH e MAC ACL The hyperlink showing Allow or Disable connects to the Access Control Settings Page Seee EE GE GN TN N VAP Overview d General VAP Config y Security d Repeater Y Advanced h Access Control Site Survey N Home gt AP gt Access Control Access Control Settings Profile Name VAP 1 X Ran
7. Group Key to be renewed the time unit is in seconds 49 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH gt WPA RADIUS If this option is selected the RADIUS authentication and data encryption will be both enabled VAP Overview General VAP Config Security Repeater Y Advanced V Access Control Site Survey Home AP Security Security Settings Profile Name VAP 1 v Security Type WPA RADIUS v Cipher Suite TKIP WPA v Group Key Update Period 600 second s Primary RADIUS Server Host W Domain Name IP Address Authentication Port 1812 k Secret Key Accounting Service Disable Enable Accounting Port 1812 i Accounting Interim Update Interval rf second s ae SERO meep k Domain Name IP Address Figure 54 Security Settings WPA RADIUS gt WPA Settings o Cipher Suite Select an encryption method from TKIP WPA AES WPA TKIP WAP2 AES WAP2 or Mixed o Group Key Update Period The time interval for the Group Key to be renewed the time unit is in seconds gt RADIUS Server Settings Primary Secondary o Host Enter the IP address or domain name of the RADIUS server o Authentication Port The port number used by the RADIUS server Specify a port number or use the default 1812 o Secret Key The secret key for the system to communicate with the RADIUS server o Accounting Service Enabling this option allows ac
8. IP pairs to issue ARP request Other network nodes can still send their ARP requests however if their IP appears in the static list with different MAC their ARP requests will be dropped to prevent eavesdropping If any settings are made please click SAVE to save the configuration before leaving this page 66 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 4 Utilities The administrator can maintain the system on this page Change Password Backup amp Restore System Upgrade and Reboot 7 4 1 Change Password To protect the Web Management Interface from unauthorized access it is highly recommended to change the administrator s password to a secure password Only alpha numeric characters are allowed and it is also recommended to make use of a combination of both numeric and alphabetic characters Change Password Backup amp Restore System Upgrade Y Reboot Home Utilities gt Change Password Change Password Name admin Old Password enee New Password DT Leg Pr T 9 hs Ee E Re enter New Password LAAL Figure 65 Change Password Page The administrator can change password on this page Enter the original password admin and new password and then re enter the new password in the Re enter New Password field Click SAVE to save the new password 6 7 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 4 2 Ba
9. If only restricted access of certain MAC addresses is desired skip to the Step3 MAC restriction can be coupled with wireless security to provide extra protection First click on the corresponding cell in the column labeled Security Type This hyperlink will direct the user to the following Security Settings page VAP Overview General VAP Config Security Repeater Advanced Access Control V Site Survey Home gt AP gt Security Security Settings Profile Name VAP 1 v Security Type None M Figure 24 Security Settings Page VAP 1 as shown for example Select the desired Security Type from the drop down menu which includes None WEP 802 1X WPA PSK and WPA RADIUS 24 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH e None Authentication is not required and data is not encrypted during transmission when this option is selected This is the default setting as shown in the following figure VAP Overview General WAP Config 4 Security Repeater Advanced Access Control Site Survey A Home gt AP gt Security Security Settings Profile Name VAP 1 v Security Type None v Figure 25 Security Settings None e WEP WEP Wired Equivalent Privacy is a data encryption mechanism with key length selected from 64 bit 128 bit or 152 bit VAP Overview General VAP Config Security Repeater Advanced ji Access Control Site Survey
10. Manual EAP200 Enterprise Access Point ENGLISH On each configuration page the user may Click SAVE to save the changes but the user must reboot the system upon the completion of Note al configurations for the changes to take effect Upon clicking SAVE the following message will appear Some modification has been saved and will take effect after Reboot All online users will be disconnected during reboot or restart 35 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 1 System Upon clicking on the System button users can work on this section for general configurations of the devices e g Time Setup Network Configurations and System Logs This section includes the following functions General Network Interface and Management 7 1 1 General t General Network Interface Management Home gt System gt Genera System Information Name EAP200 a Description Location Time Device Time 2000 01 04 04 48 39 Time O Enable NTP Manually set up Set Date Baar Y Month Bay Set Time our Mir Y Kac Figure 36 System Information Page e System Information For maintenance purpose it is highly recommended to have the following information stated as clearly as possible gt Name The system name used to identify this system gt Description Further information about the system e g device model firmware versio
11. The number of online clients 2 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 5 2 Associated Clients The administrator can remotely oversee the status of all associated clients on this page When a low SNR is found here the administrator can tune the corresponding parameters or investigate the settings of associated clients to improve network communication performance Overview Y Associated Clients WOS List Event Log Home gt Status Wireless Clients Associated Client Status Client List Associated VAP ESSID MAC Address SNR dB Idle Time secs Disconnect Figure 71 Associated Client Status Page e Associated VAP The name of a VAP Virtual Access Point that the client is associated with e ESSID The Extended Service Set ID which the client is associated with e MAC Address The MAC address of associated clients e SNR The Signal to Noise Ratio of respective client s association e Idle Time Time period that the associated client is inactive the time unit is in second e Disconnect Upon clicking Kick the client will be disconnected with the system Le Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 5 3 Repeater The system supports 3 options of Repeater types including status of MAC Address SNR TX Rate TX Count and TX Errors Overview j Associated Clients Repeater Event Log X Home Statu
12. User s Manual EAP200 Enterprise Access Point ENGLISH gt RADIUS ACL Authenticate incoming MAC addresses by an external RADIUS When RADIUS ACL is selected all incoming MAC addresses will be authenticated by an external RADIUS Please note that each VAP s MAC ACL and its security type shown on the Security Settings page share the same RADIUS configuration VAP Overview d General VAP Config d Security N Repeater Advanced Access Control Site Survey A Home gt AP gt Access Control Access Control Settings Profile Name VAP 1 Maximum Number of Clients eee 992 Access Control Type RADIUS ACL M Primary RADIUS Server Hotel These settings will also apply to security settings which use RADIUS Server for this VAP Hast Domain Name IP Address Authentication Port 1812 01 65535 Secretkey Secondary RADIUS Server Yost ss Authentication Port Secret Key Figure 61 RADIUS ACL 5 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 2 8 Site Survey Sit Survey is a useful tool to provide information about the surrounding wireless environment available APs are shown with their respective SSID MAC Address Channel Rate setting Signal reading and Security type The administrator can click Setup or Connect to configure the wireless connection according to the mentioned readings when Repeater Type is Universal Repeater
13. for configuration Firewall List Service S Adva nced Home gt Firewall gt Firewall List Layer 2 Firewall Settings Enable Layer 3 Firewall Disable Enable No State Action Name EtherType Remark Setting 1 d DROF CDP and VTP IEEE 8023 Del Ed In My 2 C DROP STP BPDU IEEE 8023 Del Ed In My a L DROP GARP PEF 8023 Del Ed In My 4 F DROP RIP IPv4 Del Ed In Mv 3 C DROP HSRP IPv4 Del Ed In My 6 d DROF OSPF IPw 4 Del Ed In My H Del Ed In My 3 Del Ed In My g Del Ed In My 10 Del Ed In My First Prey Next Last total 20 Figure 63 Firewall List Page 60 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH From the overview table each rule is designated with the following field e No The numbering will decide the priority to let system carry out the available firewall rules in the tables e State The check marks will enable the respective rules e Action DROP denotes a block rule ACCEPT denotes a pass rule Name It shows the name of rule EtherType It denotes the type of traffics subject to this rule Remark It shows the note of this rule e Setting 4 actions are available Del denotes to delete the rule Ed denotes to edit the rule In denotes to insert a rule and Mv denotes to move the rule gt gt To delete a specific rule Del in Setting column of firewall list will lead to the following page for removal confirmation After SAVE button is clicked
14. is not required and data is not encrypted during transmission when this option is selected This is the default setting as shown in the following figure VAP Overview d General d VAP Config Security Repeater d Advanced V Access Control V Site Survey N Home AP Security Security Settings Profile Name VAP 1 M Security Type None v Figure 50 Security Settings None e WEP WEP Wired Equivalent Privacy is a data encryption mechanism based on a 64 bit 128 bit or 152 bit shared key algorithm f VAP Overview N General N WAP Config Y Security Repeater 1 Advanced N Access Control Site Survey Home gt AP gt Security Security Settings Profile Name Security Type WEP ka Note The WEP keys are global setting for all virtual APs The key value will apply to all VAPs 802 11 Authentication Open System Shared Key Auto WEP Key Length 64 bits 128 bits 152 bits WEP Key Format ASCII Hex WEP Key Index WEP Keys Figure 51 Security Settings WEP 47 Copyright 4IPNET INC APM hna EAP200 Enterprise Access Point ENGLISH 802 11 Authentication Select from Open System Shared Key or Auto WEP Key Length Select from 64 bit 128 bit 152 bit key length WEP Key Format Select from ASCII or Hex format for the WEP key WEP Key Index Select a key index from 1 4 The WEP key index is a number that specifies Y VV WV which WEP key will be used for the encryptio
15. on the hyperlink corresponding with intended VAP in the MAC ACL column the user will be brought to the Access Control Settings page 6 VAP Overview General N VAP Config j Security Repeater N Advanced Access Control Site Survey Home AP Access Control Access Control Settings Profile Name VAP 1 sl Maximum Number of Clients 32 E Range 1 323 Access Control Type Disable Access Control v Figure 30 Access Control Settings Page Please choose among Disable Allow Deny and RADIUS ACL from the drop down menu of Access Control Type 1 Disable Access Control This means that there is no restriction for client devices to access the system 2 MAC ACL Allow List This means that only the client devices identified by their MAC addresses listed in the Allow List allowed MAC addresses are granted with access to the system The administrator can temporarily block any allowed MAC address by checking Disable until the administrator re Enables the listed MAC VAP Overview General N VAP Config j Security N Repeater Advanced Access Control Site Survey A i Home gt AP gt Access Control Access Control Settings Profile Name VAP 1 v Maximum Number of Clients Range 1 32 Access Control Type 11 MAC ACL Allow List No MAC Address State 1 Se Disable Enable 2 a Disable Enable 3 a Disable Enable 4 Disable Enable 5 Ps Disable Enable Figur
16. service this field will help the administrator identify which event is from this EAP200 Process name Indicate the event generated by the running instance Description Description of the event To save the file locally click SAVE LOG to clear all of the records click CLEAR 75 Copyright 4IPNET INC e 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 6 Online Help The Help button is at the upper right corner of the display screen Click Help for the Online Help window and then click the hyperlink of the relevant information needed fHome Logout Help Figure 74 Online Help Corner Online Help Windows Internet Explorer a Sy E ttps 192 168 11 fhelp htmlstap File Edit View Favorites Tools Help K d BB earzoo Online Help Organization of the Configuration Web system Wireless Firewall Utilities Status System Information VAP Overview Firewall List Network General Overview Service Clients Management VAP Config Advanced oystem Upgrade Repeater Security Reboot Event Log Repeater Advanced Access Contral olte Survey Figure 75 Online Help Page P N V10020100415 76 Copyright 4IPNET INC
17. to the EAP200 as well as specify particular MAC addresses that can or cannot access the device VAP Overview General VAP Contig Secu rity Y Repeater 4 Advanced Access Control Site Survey 4 Home gt AP gt Access Control Access Control Settings Profile Name VAP 1 si Maximum Number of Clients ER st Range 1 32 Access Control Type Disable Access Control v Figure 58 Access Control Settings Page e Maximum Number of Clients EAP200 supports various methods of authenticating clients for wireless LAN access The default policy is unlimited access without any authentication required To restrict the station number of wireless connections simply change the Maximum Number of Stations to a desired number For example while the number of stations is set to 20 only 20 stations are allowed to connect to the specified VAP 54 Copyright 4IPNET INC EE EAP200 Enterprise Access Point ENGLISH e Access Control Type The administrator can restrict the wireless access of client devices based on their MAC addresses gt Disable Access Control When Disable is selected there is no restriction for client devices to access the system gt MAC ACL Allow List When selecting MAC ACL Allow List only the client devices identified by their MAC addresses listed in the Allow List allowed MAC addresses are granted with access to the system The administrator can temporarily block any allowed MAC address by checking Disable
18. 802 11g 802 11n or select Disable if the wireless function is not required e Short Preamble The short preamble with a 56 bit synchronization field can improve WLAN transmission efficiency Select Enable to use Short Preamble or Disable to use Long Preamble with a 128 bit synchronization field e Short Guard Interval available when Band is 802 119 802 11n The guard interval is the space between symbols characters being transmitted to eliminate inter symbol interference In order to further boost throughput with 802 11n short guard interval is half of what it used to be please select Enable to use Short Guard Interval or Disable to use normal Guard Interval e Channel Width available when Band is 802 119 802 11n Double channel bandwidth to 40 MHz is supported to enhance throughput e Channel Select the appropriate channel from the drop down menu to correspond with your network settings for example Channel 1 11 is available in North American and Channel 1 13 in Europe or choose the default Auto e Max Transmit Rate The maximum wireless transmit rate can be selected from the drop down menu The system will use the highest possible rate when Auto is selected e Transmit Power The signal strength transmitted from the system can be selected among Auto Highest High Medium Low and Lowest from the drop down menu e ACK Timeout It indicates a period of time that the system waits for an Acknowledgement frame sent back from a station witho
19. DS links to its peer APs Security Type None WEP or WPA PSK can be configured to decide which encryption to be used for WDS connections respectively Please fill in remote peer s MAC address and click SAVE to proceed if setting revision is necessary CLEAR button is used to clear the contents in the above WDS connection list A VAP Overview General Y VAP Config Security be peater Advanced Access Control Y Site Survey Home gt Wireless gt Repeater Config Repeater Settings WDS Profile RF Card WDS Link 1 Y wps Disable 2 MAC Address as Security type None M Figure 56 Repeater Settings WDS ei Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 2 6 Advanced The advanced wireless settings for the EAP200 s VAP Virtual Access Point profiles allow customization of data transmission settings The administrator can tune the following parameters to improve network communication performance if a poor connection occurs VAP Overview N General VAP Co nfig Secu rity Repeater Y Advanced Access Control Site Survey Home AP Advanced Advanced Wireless Settings Profile Name VAP 1 v RTS Threshold 2346 1 2346 Fragment Threshold 12346 256 2346 DTIM period 1 1 15 Broadcast SSID Disable Enable Wireless Station Isolation Disable Enable WMM Disable Enable IAPP Disable Enable Figure
20. Ed Ed Ed Ed Ed In In In In In In In In In My My My Mv Mv Mv My My Mv Copyright 4IPNET INC 4ipnet 7 3 2 Service User s Manual EAP200 Enterprise Access Point ENGLISH The administrator can add or delete firewall service here the services in this list will become options to choose in firewall rule when EtherType is IPv4 EAP200 provides a list of rules to block or pass traffics of layer 3 or above protocols These services are available to choose from drop down list of layer2 firewall rule edit page with Ether Type to be IPv4 The first 28 entries are default services and the administrator can add delete any extra desired services There are 28 firewall services available in default settings these default services cannot be deleted but can be disabled If changes are made please click SAVE to save the settings before leaving this page e E 7 Firewall List Y Service Advanced Home gt Firewall gt Service Config No Pe LU fc 10 Name ALL ALL TCP ALL UDP ALL ICMP FTP HTTP HTTPS POPS oMTP DHCP Firewall Service Description Delete ALL TCP Source Port 0 65535 Destination Port 0 65535 UDP Source Port 0 65535 Destination Port 0 65535 ICMP TCP UDP Destination Port 20 21 TCP UDP Destination Port 80 TCP UDP Destination Port 443 TCP Destination Part 110 TCP Destination Port 25
21. GLISH Step 3 Configure the AP s Wireless General Settings Click on the Wireless icon followed by the General tab On this page we only need to choose the Band and Channel that we wish to use gt L eh a System AF Firewall Utilities Status WAP Overview General VAP Config d Security V Repeater 1 Advanced d Access Control H Site Survey A Home gt AP General General Settings Band 802 11b 802 11g v Short Preamble Disable Enable Channel 6 Max Transmit Rate Auto wi Ei Ga CT D Er Transmit Power ACK Timeout 0 255 O Auto Unit 4 micro seconds Beacon Interval 1100 100 500ms Figure 17 Wireless General Settings Page On this page select the Band with which the AP is to broadcast its signal The rest of the fields are optional and can be configured at another time Click SAVE if any changes have been made 18 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH Step 4 Configuring Wireless Coverage VAP 1 To setup the AP s wireless access refer to the following VAP 1 configuration other VAP configuration can refer to the same setup steps as done for VAP 1 Click on the Overview tab to proceed eS N e 5 System AP Firewall Utilities Status WAP Overview General d VAP Config d Security d Repeater d Advanced 1 Access Control Site Survey A 1 Home gt AP gt VAP Overview VAP Overview VAP No ESS
22. Home AP Security Security Settings Profile Name VAP 1 v Security Type WEP ka Note The WEP keys are global setting for all virtual APs The key value will apply to all VAPs 802 11 Authentication Open System Shared Key Auto WEP Key Length 64 bits 128 bits 152 bits WEP Key Format Gi ASCI Hex WEP Key Index WEP Keys Figure 26 Security Settings WEP 802 11 Authentication Select from Open System Shared Key or Auto WEP Key Length Select from 64 bit 128 bit 152 bit key length WEP Key Format Select from ASCII or Hex format for the WEP key WEP Key Index Select a key index from 1 through 4 The WEP key index is a number that specifies which WEP key is used for the encryption of wireless frames during data transmission Y Y V VY gt WEP Keys Provide the pre defined WEP key value the system supports up to 4 sets of WEP keys 25 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH e 802 1X When 802 1X Authentication is selected RADIUS authentication and enhanced dynamic WEP are provided VAP Overview Y General Y VAP Config Security Repeater Y Adwanced Access Control Y Site Survey Home gt AP gt Security Security Settings Profile Name VAP 1 s Security Type 802 1X v Dynamic WEP Disable Enable WEP Key Length 64 bits 128 bits Rekeying Period 300 second s Primary RADIUS Server Ho
23. ID State Security Type MAC ACL Advanced Settings 1 EAP2O0 1 Enabled None Disabled Edit 2 EAP200 2 Enabled None Disabled Edit 3 EAD 200 2 Enabled None Disabled Edit 4 EAP200 4 Enabled None Disabled Edit 5 EAD 200 5 Enabled None Disabled Edit 6 EAD 200 6 Enabled None Disabled Edit 7 EAD 200 7 Enabled None Disabled Edit B EAP200 8 Enabled None Disabled Edit Figure 18 Virtual AP Overview Page On this page click the hyperlink in the row and column that corresponds with VAP 1 s State This will bring up the following page L X e System AF Firewall Utilities Status ba h N NAP Config Security d Repeater Advanced Access Control A Site Survey A cl VAP Overview d General Home gt AP gt VAP Config VAP Configuration Profile Name VAP Disable Enable Profile Name VAP 1 ESSID EAP200 1 VLAN ID Disable Enable vianip ki 4004 Figure 19 VAP Configuration Page VAP 1 shown Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH The desired VAP profile can be selected from the drop down menu of Profile Name and VAP 1 configuration will serve as an example for all other VAPs Before proceeding further please make sure that the VAP field is Enable afterwards enter an ESSID to represent the WLAN associated with AP s VAP 1 It is suggested that Profile Name is used to describe what this particular VAP will be used for otherwise
24. INKING SLOWLY LED BLINKING QUICKLY WES Success LED ON constantly for 5 LED ON constantly for 5 seconds seconds weer Fail LED LEDOFF LED LEDO V USB LED Disabled for future usage m er Copyright 4IPNET INC EE EAP200 Enterprise Access Point ENGLISH 2 4 Hardware Installation Please follow the steps mentioned below to install the hardware of EAP200 1 Place the EAP200 at the best location The best location for EAP200 is usually at the center of your intended wireless network 2 Connect the EAP200 to your network device Connect one end of the Ethernet cable to LAN port of EAP200 and the other end of the cable to a switch a router or a hub EAP200 is then connected to your existing wired LAN network 3 There are two ways to supply power over to EAP200 a Connect the DC power adapter to the EAP200 power socket b EAP200 LAN port is capable of transmitting DC currents Connect an IEEE 802 3af compliant PSE device e g a PoE switch to the LAN port of EAP200 with the Ethernet cable Now the Hardware Installation is complete Please only use the power adapter supplied with the EAP200 package Using a different power adapter may damage this system To double verify the wired connection between EAP200 and you switch router hub please also check the LED status indicator of the respective network devices 10 Copyright 4IPNET INC Z ters a EAP200 Enterprise Access Point ENGLISH 2 5 Access Web Man
25. Ol AIP Wet 5 TTT 6 22 Ve OLGA AE TOPO rea E EAE T EA EEEE EOE E 7 2 3 Hardware eh Ee 8 Pes RENE EN EE 10 2 5 Access Web Management Mit CI ET 11 3 Connect your AP to your Network 15 EE L lt Te ts AaS ebro Grate occa E 21 Pe CCU OU H EE 23 6 Create a WDS ateliers 32 7 Web Management Interface Copnbheuraton sss eee ee 34 e e E o o EEE EAE EE 36 ga es E E 5 NEE 36 TRSN WOLI E 38 g EW Ee E E 39 EF od EEN 41 c ON a E SEEE EEEE 41 PEPA T 44 TANAP GST e e EE 46 TDSC E RE 47 ag Se AT EE 51 TONO O EE 52 ETE Ee d E 54 EE 58 T NAVE OW UE 60 MT E EE 60 EE 65 TP PAY Te a E E E E A E E 66 EIO 67 PAM Cain e ere E E E 67 e DERUD Ce ROO ira A AAEN ANENE ANEO NETON 68 7 4 3 System Ol 0S 24 2 6 EE 69 2 Copyright 4IPNET INC ng H 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH TT E DE WRC NOOK WEE 70 EE 71 EE EE EE 71 OT NS SO TE E 73 Tt CE E 74 e Eh E Ee seeen tthe yes als seals oe ee talstnb ern de os See sale anos eaten E E E 75 TOONS E e BE 76 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 1 Before You Start 1 1 Preface This manual is intended for system integrators field engineers and network administrators to set up 4ipnet s EAP200 802 11n b g 2 4GHz MIMO Access Point in their network environments It contains step by step procedures and visual examples to guide MIS staff or individuals with basic network system knowledge to complete the insta
26. P gt VAP th rerview Home gt VAP Overview VAP No ESSID State Security Type 1 EAP200 1 Enabled None 2 EAP200 2 Enabled None 3 EAP200 3 Enabled None 4 EAP200 4 Enabled None 5 EAP200 5 Enabled None S EAP200 6 Enabled None 7 EAP200 7 Enabled None S EAD200 9 Enabled None ei B Utilities Status Site Survey MAC ACL Advanced Settings Disabled Edit Disabled Edit Disabled Edit Disabled Edit Disabled Edit Disabled Edit Disabled Edit Disabled Edit Figure 22 VAP Overview Page On the VAP Overview page check the table to confirm the VAP State If itis Enabled skip to Step 2 If not click on it to proceed with VAP Configuration for that particular VAP 23 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH i VI T Ee VAP Overview Y General Y VAP Config 7 Security N Repeater VW Advanced 1 Access Control Y Site Survey Home gt AP gt VAP Config VAP Configuration Profile Name VAP 1 si VAP Disable Di Enable Profile Name IVAP 1 ESSID EAP200 1 VLANID Disable Enable VLAN ID Kr 1 4094 Figure 23 VAP Configuration Page VAP 1 as shown for example Select Enable for the VAP field and click SAVE Click the Overview tab to return to the previous table to begin the next step Step 2 Configure Security Settings for your VAP The following instructions will guide the user to set up wireless security with a specific VAP
27. P 4 OE 1F D4 03 22 20 EAP200 4 None 0 Subnet Mask 255 255 255 0 VAP 5 12 1F D4 03 22 20 EAP200 5 None 0 Gateway 192 168 1 254 VAP 6 16 1F D4 03 22 20 EAP200 6 None 0 VAF 7 1A 1FD4 03 22 20 EAP 200 7 None A VAP 8 1E 1F D4 03 22 20 EAP200 8 None 0 Figure 12 Web Management Interface Main Page System Overview FS Copyright 4IPNET INC APM hna EAP200 Enterprise Access Point ENGLISH From here click on the System icon to arrive at the following page On this Page you can make entries to the Name Description and Location fields as well as set the device s time H e S ATG AP Firewall Utilities Status General Network Interface N Management A Home gt System gt General System Information Name EAP200 D Description sd Location Time Device Time 2000 01 03 05 41 24 Time Zone GMT 08 00 Taipei Time Enable NTP Manually set up Figure 13 System Information Page There are two methods of setting up the time Manual indicated by the option Set Date amp Time and NTP The default is Manual and requires individual setup every time the system starts up Simply choose a time zone and set the time accordingly When finished click SAVE Time Zone GMT 08 00 Taipei ka Time O Enable NTP Manually set up Set Date lest month Mbay Set Time Bour un sec Figure 14 Manually Time Setup The alternative is NTP Upon selecting NTP unde
28. UDP Destination Port 67 68 First Prey Next Last total 28 Add Figure 64 Firewall Service Page 65 Copyright 4IPNET INC hg H 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 3 3 Advanced Advanced firewall settings are used to supplement the firewall rules providing extra security enhancement against DHCP and ARP traffics traversing the available interfaces of system Firewall List Y Service Y Advanced Home Firewall Advanced Advanced Firewall Settings Trust Interface Tivapi Jvap2 Eivapz mvaa Elvaps Elvape Dlvap7 vara Mlwosi Mlwos2 lwos3 lwpsa4 kl LAN DHCP Snooping Gei Disable Enable ARP Inspection Disable Enable Trust List Broadcast Disable Enable Static Trust List Disable Enable Trust Interface Each interface can be checked individually to mark as trusted interfaces security enforcements on DHCP ARP like DHCP snooping and ARP inspection will be carried out on non trusted interfaces DHCP Snooping When enabled DHCP packets will be validated against possible threats like DHCP starvation attack in addition the trusted DHCP server IP MAC can be specified to prevent rouge DHCP server ARP Inspection When enabled ARP packets will be validated against ARP spoofing o Trust List Broadcast can be enabled to let other AP with L2 firewall feature learn the trusted MAC IP pairs to issue ARP requests o Static Trust List can be used to add MAC or MAC
29. agement Interface 4ipnet EAP200 supports web based configuration Upon the completion of hardware installation EAP200 can be configured through a PC by using its web browser such as Mozilla Firefox 2 0 and higher or Internet Explorer version 6 0 and higher The default values of the EAP200 s LAN IP Address and Subnet Mask are IP Address 192 168 1 1 Subnet Mask 255 255 255 0 gt EAP200 Windows Internet Explorer G G ra cnaeopaa Mozilla Firefox File Edit History Bookmarks Tools Help View File Edit View Favorites Tools Help C A 2 w d earo Figure 6 Example of entering EAP200 s default IP Address into a web browser http 192 168 1 1 y e To access the web management interface WMI connect the administrator PC to the LAN port of EAP200 via an Ethernet cable Then set a static IP Address on the same subnet mask as the EAP200 in TCP IP settings of your PC such as the following example IP Address 192 168 1 100 Subnet Mask 255 255 255 0 Please note that the IP Address used should not overlap with the IP Addresses of gt Note sie any other device within the same network e Launch the web browser on your PC and enter the IP Address of the EAP200 192 168 1 1 at the address field and then press Enter The following Administrator Login Page will then appear Enter admin for both the Username and Password fields and then click Login 11 Copyright 4IPNET INC Use
30. also change to WEP and use the _ same settings WEP Key Type Open Shared Auto WEP Key Length 64 bits 128 bits 152 bits WEP Key Format ASCH Hex WEP Key Index WEP Keys WPA PSK Click Setup to configure the WPA PSK setting for associating with the target AP Cip psk OA 1F D4 39 10 74 11 54 52 WPA PSK The following configuration box will then appear at the bottom of the screen Information provided here must be consistent with the security settings of the target AP Pre shared Cipher TKIP Pre shared Key Type PSK Hex L 64 chars Gei Passphrase L 8 63 chars 59 Copyright 4IPNET INC hg H 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 3 Firewall The system provides an added security feature Layer2 Firewall in addition to typical AP security Layer2 Firewall offers a firewall function that is tailored specifically for Layer2 traffics providing another choice of shield against possible security threats coming from going to WLAN AP interfaces hence besides firewall policies configured on gateways this extra security feature will assist to mitigate possible security breach This section provides information in the following functions Firewall Settings Service and Advanced Firewall Settings 7 3 1 Firewall List It provides an overview of firewall rules in the system 6 default rules with up to total 20 firewall rules are available
31. and system reboot the rule will be removed Firewall List Service 4 Advanced A Home gt Firewall Firewall List Layer 2 Firewall Settings Remove rule 1 gt gt To edit a specific rule Ed in Setting column of firewall list will lead to the following page for detail configuration From this page the rule can be edited from scratch or an existing rule for revision 6 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH Service N Advanced Firewall List Home Firewall List gt Rule Config Layer 2 Firewall Configuration Rule ID 1 Rule name CDP and WTP s EtherType Interface From To vapi zi DSAP SSAP aa Type 2000 tie IPv4 0800 ES i Address Mask Destination MAC address 01 00 0C CC CC CC Mask Action Block Pass gt Rule ID The numbering of this specific rule will decide its priority among available firewall rules in vv VY Y the table Rule name The rule name can be specified here EtherType The drop down list will provide the available types of traffics subject to this rule Interface It can indicate inbound outbound direction with desired interfaces Service when EtherType is IPv4 Select the available upper layer protocols services from the drop down list DSAP SSAP when EtherType is IEEE 802 3 The value can be further specified for the fields in 802 2 LLC frame header Type w
32. ckup amp Restore This function is used to backup and restore the EAP200 settings The EAP200 can also be restored to factory defaults using this function It can be used to duplicate settings to other access points backup settings of this system and then restore on another AP Change Password h Backup amp Restore System Upgrade h Reboot Home Utilities gt Config Save amp Restore Configuration Backup amp Restore Reset to Default Backup System Settings Figure 66 Backup amp Restore Page e Reset to Default gt Click Reset to load the factory default settings of EAP200 A pop up Page will appear to reconfirm the request to reboot the system Click OK to proceed Message from webpage rd This action will reboot the system Do you want bo continue Figure 67 Reboot Confirmation Prompt gt Awarning message as displayed below will appear during the reboot period The system power must be kept turn on before the completion of the reboot process gt The System Overview page will appear upon the completion of reboot e Backup System Settings Click Backup to save the current system settings to a local disk such as the hard disk drive HDD of a local computer or a compact disc CD e Restore System Settings Click Browse to search for a previously saved backup file and then click Upload to restore the settings The backup file will replace the active configuration file currently running on the system After n
33. connecting to a specific VAP with the same VLAN ID Enter a value between 1 and 4094 for the VLAN ID if the option is enabled 39 Copyright 4IPNET INC APM hna EAP200 Enterprise Access Point ENGLISH e SNMP Configuration By enabling SNMP function the administrator can obtain the system information remotely SNMP Configuration Disable Enable Community String Trap Disable Enable Figure 41 SNMP Configuration Fields gt Enable Disable Enable or Disable this function gt Community String The community string is required when accessing the Management Information Base MIB of the system o Read Enter the community string to access the MIB with Read privilege o Write Enter the community string to access the MIB with Write privilege gt Trap When enabled events on Cold Start Interface UP amp Down and Association amp Disassociation can be reported to an assigned server o Enable Disable Enable or Disable this function o Server IP Address Enter the IP address of the assigned server for receiving the trap report e System Log By enabling this function specify an external SYSLOG server to accept SYSLOG messages from the system remotely Y Vv Y WV system Log Disable Enable SYSLOG Server IP Server Port eu SYSLOG Level Figure 42 System Log Fields Enable Disable Enable or Disable this function Server IP The IP address of the Syslog server that will receive the reported ev
34. counting of login and logouts through the RADIUS server o Accounting Port The port number used by the RADIUS server for accounting purposes Specify a port number or use the default 1813 o Accounting Interim Update Interval The system will update accounting information to the RADIUS server every interval period 50 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 2 5 Repeater To extend wireless network coverage EAP200 supports either WDS or Universal Repeater as options of repeater types selecting None will turn off this function gt Universal Repeater lf Universal Repeater is selected please provide the SSID of upper bound AP for uplink connection Security Type None WEP or WPA PSK can be configured for this Repeater connection Please note the security type configured here shall follow upper bound AP s for intended connection VAP Overview General d VAD Config A A L A 4 A Security Repeater Advanced Access Control Site Survey Home gt Wireless gt Repeater Config Repeater Settings Repeater Type Universal Repeater v The SSID of Upper Bound AP INIA k Current wireless channel of the system is set at 6 Repeater connection may fail if the system is set to connect to upper AP with different channels Security Type None Figure 55 Repeater Settings Universal Repeater gt WDS lf WDS is selected EAP200 can support up to 4 W
35. e System Up Time 0 days 0 04 49 ap AP Status Profle seen mmm S s VAP 1 00 1F D4 03 22 20 EAP200 1 None 0 LAN Interface i VAP 2 06 1F D4 03 22 20 EAP200 2 None 0 MAC Address ae VAP 3 OA 1F D4 03 22 20 EAP200 3 None 0 IP Address 192 168 1 1 VAP 4 OE 1F D4 03 22 20 EAP200 4 None 0 Subnet Mask 255 255 255 0 VAP 5 12 1F D4 03 22 20 EAP200 5 None 0 Gateway 192 168 1 254 VAP 6 16 1F D4 03 22 20 EAP200 6 None 0 VAP 7 1A 1F D4 03 22 20 EAP200 7 None 0 VAP 8 1E 1F D4 03 22 20 EAP200 8 None 0 Figure 70 System Overview Page Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH Table 3 Status Page s Organizational Layout System Name The system name of the EAP200 The present firmware version of the EAP200 The present firmware build number of the Build Number EAP200 System The location of the EAP200 The site of the EAP200 The system time of the EAP200 The time that the system has been rebooted in System Up Time operation MAC Address The MAC address of the LAN Interface LAN Interface IP Address The IP address of the LAN Interface SubnetMask The Subnet Mask of the LAN Interface The Gateway of the LAN Interface MAC Address The MAC address of the RF Card Radio Status The channel specified Transmit Power level of RF card Profile Name The profile name of AP Fab Extended Service Set ID Security Type Security type of the Virtual AP Online Clients
36. e 31 MAC ACL Allow List 27 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH An empty Allow List means that there are no allowed MAC addresses Make sure at least the MAC of the modifying system is included e g network administrator s computer 3 MAC ACL Deny List This means that all client devices are granted with access to the system except those listed in the Deny List denied MAC addresses The administrator can allow any denied MAC address to connect to the system temporarily by checking Enable WAP Overview d General d WAP Config d Security N Repeater d Adva need Access Control 1 Site Survey A V 1 1 i 1 V iT i L Home gt AP gt Access Control Access Control Settings Profile Name VAP 1 Maximum Number of Clients 32 zf Range 1 32 Access Control Type MAC ACL Deny List ka No MAC Address State 1 E Disable O Enable 2 CY Disable Enable 3 Lf Disable O Enable 4 lt 7 Disable Enable 5 EF Disable Enable Figure 32 MAC ACL Deny List 30 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 4 RADIUS ACL Authenticate incoming MAC addresses by an external RADIUS server When RADIUS ACL is selected all incoming MAC addresses will be authenticated by an external RADIUS server Please note that each VAP s MAC ACL and its secur
37. eater Advanced Access Control Site Survey d N j A Tam A VAP Overview General VAP Config Security Home gt AP gt Security Security Settings Profile Name VAP 1 v Security Type WPA PSK ka Cipher Suite TKIP WPA v Pre shared Key Type PSK Hex 64 chars Passphrase 8 63 chars Pre shared Key Group Key Update Period 600 second s Figure 28 Security Settings WPA PSK gt Cipher Suite Select an encryption method from TKIP WPA AES WPA TKIP WAP2 AES WAP2 or Mixed gt Pre shared Key Type Select a pre shared key type PSK Hex or Passphrase gt Pre shared Key Enter the key value for the pre shared key the format of the key value depends on the key type selected gt Group Key Update Period The time interval for the Group Key to be renewed the time unit is in seconds 2 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH e WPA RADIUS Authenticate users by RADIUS and provide WPA data encryption a j A l l NM Y GE VAP Overview General VAP Config Security 1 Repeater Advanced Y Access Control Y Site Survey Home gt AP gt Security Security Settings Profile Name VAP 1 M Security Type WPA RADIUS lt Cipher Suite TKIP WPA si Group Key Update Period 600 second s dann OS eee ee N Domain Name IP Address Authentication Port 1812 i Secretkey Acc
38. ents Server Port The port number of the Syslog server Syslog Level Select the desired level of received events from the drop down menu AQ Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 2 AP This section includes the following functions VAP Overview General VAP Configuration Security Repeater Advanced Access Control and Site Survey EAP200 supports up to eight Virtual Access Points VAPs Each VAP can have its own settings e g ESSID VLAN ID security settings etc With such VAP capabilities different levels of service can be configured to meet network requirements 7 2 1 VAP Overview An overall status is collected on this page including ESSID State Security Type MAC ACL and Advanced Settings where EAP200 features 8 VAPs with respective settings In this table please click on the hyperlink to further configure each individual VAP 7 A 7 7 E f i i VAP Overview General Y VAP Config Y Security Repeater Advanced Access Control Y Site Survey Home gt AP gt VAP Overview VAP Overview VAP No ESSID State Security Type MAC ACL Advanced Settings 1 EAP200 1 Enabled None Disabled Edit 2 EAP 200 2 Enabled None Disabled Edit 3 EAP 200 3 Enabled None Disabled Edit 4 EAP200 4 Enabled None Disabled Edit 5 EAP200 5 Enabled None Disabled Edit D EAP200 6 Enabled None Disabled Edit H EAP200 7 Enabled None Disabled Edit D EAP200 8 Enabled None Disabled
39. es the wireless communication fast secure and easy It Supports business grade security such as 802 1X and Wi Fi Protected Access WPA and WPA2 By pushing a purposely built button the 4ipb WES Press n Connect feature makes it easy to bridge wireless links of multiple EAP200s for forming wider wireless network coverage EAP200 also features multiple ESSIDs with VLAN tags and multiple Virtual APs great for enterprise applications such as separating the traffics of different departments using different ESSIDs The PoE LAN port can receive power from Power over Ethernet PoE sourcing device Its metal case is IP50 anti dust compliant which means that EAP200 is well suited to WLAN deployment in industrial environments Internet i N WHG Controller Ly Wy ESA Figure 1 Wired and Wireless Network Layout with EAP200s Internal Wireless Network Public Wireless Network Copyright 4IPNET INC La 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 2 2 Deployment Topology DHCP Server d Auther fc ation 192 168 1 1 Ry 7 Serves gw ie Tt 14 Wrolets Laptop e mme 197 148 1 19 Pia eben ga d O Woles Laptop WDSLink A Fe R d We yt w gs K Si e c ME A Su 19 M t ai iar 1 19 192 1680 07 107 1481 18 Wired Detktopt Whed Deiciops 072 168 1 03 Wireless Laptop m d k LS U KS iL ar Gar Mi ar Gal Wired Dotktops Figure 2 Common Network Layout with EAP200
40. etwork parameters have been reset restored the network settings of the administrator PC may need to be changed to ensure that the IP address of the administrator PC is on the same subnet mask as the EAP200 68 Copyright 4IPNET INC APM hna EAP200 Enterprise Access Point ENGLISH 7 4 3 System Upgrade The EAP200 provides a web firmware upload upgrade feature The administrator can download the latest firmware from the website and save it on the administrator s PC To upgrade the system firmware click Browse to choose the new firmware file you downloaded onto your PC and then click Upload to execute the process There will be a prompt confirmation message appearing to notify the administrator to restart the system after a successful firmware upgrade Please restart the system after upgrading the firmware Change Password Y Backup amp Restore Systern Upgrade Reboot Home Utilities gt system Upgrade System Upgrade Current Version Current Build Number Figure 68 System Upgrade Page e tis recommended to check the firmware version number before proceeding further Please make sure you have the correct firmware file Note e Firmware upgrade may sometimes result in the loss of some data Please ensure that all necessary settings are written down before upgrading the firmware e During firmware upgrade please do not turn off the power This may permanently damage the system 69 Copyright 4IPNET
41. ge 1 32 Access Control Type Disable Access Control L Maximum Number of Clients Figure 46 VAP Overview Page MAC ACL e Advanced Settings The advanced settings hyperlink connects to the Advanced Wireless Settings Page ee Overview General VAP Config Security Repeater Home gt AP gt Advanced es ng d k L Advanced Access Control d Site Survey A d k Advanced Wireless Settings Profile Name RTS Threshold sti 2346 Fragment Threshold 256 2346 DTIM period sti 15 Broadcast SSID Disable Enable Wireless Station Isolation Disable Enable WMM Disable Enable IAPP Disable Enable Figure 47 VAP Overview Page Advanced Settings 43 Copyright 4IPNET INC hg H 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 2 2 General AP s general wireless settings can be configured here VAP Overview Y General VAP Config Security Repeater Y Advanced Access Control Site Survey Home gt AP General General Settings Band 802 11b 802 11g Short Preamble Disable Enable Channel E Max Transmit Rate Auto v Transmit Power Auto sc ACK Timeout 10 Lu 255 O Auto Unit 4 micro seconds Beacon Interval 100 t100 500ms Figure 48 AP General Settings Page e Band Select an appropriate wireless band 802 11b 802 11g 802 11b 802 11g
42. gs in order to ensure that your PC functions properly in its real network environments 14 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 3 Connect your AP to your Network The following instructions depict how to establish the wireless coverage of your network The AP will connect to the network through its LAN port and provide wireless access to your network After having prepared the EAP200 s hardware for configuration set the TCP IP settings of administrator s computer to have a static IP Address of 192 168 1 10 and Subnet Mask of 255 255 255 0 Step 1 Configuring the AP s System Information gt Enter the AP s default IP Address 192 168 1 1 into the URL of a web browser gt Login via using Username admin and Password admin The WMI appears as shown below g gt System AP Y ee Firewall Utilities Status i Overview Associated Clients N Repeater d Event Log h Home gt Status gt System Owerview system Overview g gt System Radio Status System Name EAP200 MAC Address 00 1F D4 03 22 20 Firmware Version Band 802 11b g Build Number Channel 6 Location TX Power 18 dBm Site EN A Device Time System Up Time 0 days 0 04 49 gt AP Status D sss eem Se Gs VAP 1 O0 1F D4 03 22 20 EAP2OO 1 None U LAN Interface VAP 2 06 1F 04 03 22 20 EAP2O0 2 None 0 MAC Address ee VAP 3 OA 1F D4 03 22 20 EAP200 3 None 0 IP Address 192 168 1 1 VA
43. h the system are isolated and can only communicate with the system 52 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH WMM The default is Disable Wi Fi Multimedia WMM is a Quality of Service QoS feature that prioritizes wireless data packets based on four access categories voice video best effort and background Applications without WMM and applications that do not require QoS are assigned to the best effort category which receives a lower priority than that of voice and video Therefore WMM decides which data streams are more important and assigns them a higher traffic priority This option works with WMM capable clients only lt To receive the benefits of WMM QoS gt The application must support WMM WMM shall be enabled on EAP200 WMM shall be enabled in the wireless adapter on dente computer IAPP IAPP Inter Access Point Protocol is a protocol by which access points share information about the stations that are connected to them By enabling this function the system will automatically broadcast information of associated wireless stations to its peer access points This will help wireless stations roam smoothly among IAPP enabled access points in the same wireless LAN 53 Copyright 4IPNET INC APM hna EAP200 Enterprise Access Point ENGLISH 7 2 7 Access Control On this page the network administrator can restrict the total number of clients connected
44. hen EtherType is IEEE802 3 The field can be used to indicate the type of encapsulated traffics VLAN ID when EtherType is 802 1 Q The VLAN ID is provided to associate with certain VLAN tagging traffics Priority when EtherType is 802 1 Q It denotes the priority level with associated VLAN traffics Encapsulated Type when EtherType is 802 1 Q It can be used to indicate the type of encapsulated traffics Opcode when EtherType is ARP RARP This list can be used to specify the ARP Opcode in ARP header Source MAC Address Mask indicates the source MAC IP Address Mask indicates the source IP address when EtherType is IPv4 ARP IP MAC amp MASK indicate the ARP payload fields Destination MAC Address Mask indicates the destination MAC IP Address Mask indicates the destination IP address when EtherType is IPv4 ARP IP MAC amp MASK indicate the ARP payload fields Action The rule can be chosen to be Block or Pass 62 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH gt Remark The note of this rule can be specified here When the configuration for firewall rule is provided please click SAVE and Reboot system to let the firewall rule take effort gt gt To insert a specific rule In in Setting column of firewall list will lead to the following page for detail configuration with rule ID for the current inserted rule From this page the rule can be edited form scratch or f
45. iguration of each Virtual Access Point with settings such as Profile Name ESSID and VLAN ID VAP Overview Y General Y VAP Config Security Repeater Advanced Y Access Control Y Site Survey Home gt AP gt VAP Config VAP Configuration Profile Name VAP 1 v VAP 1 Disable Enable Profile Name VAP 1 e O OS ESSID Eap200 1 sid VLAN ID Disable Enable VLAN ID 1 4094 Figure 49 VAP Configuration Page To enable specific VAP select the VAP from the drop down list of Profile Name The basic settings of each VAP are collected in the profile as follows e VAP Enable or Disable this VAP e Profile Name The profile name of specific VAP for identity management purposes e ESSID ESSID Extended Service Set ID serves as an identifier for clients to associate with the specific VAP It can be coupled with different service level like a variety of wireless security types e VLAN ID EAP200 supports tagged VLANs virtual LANs To enable VLAN function each VAP shall be given a unique VLAN ID with valid values ranging from 1 to 4094 46 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 2 4 Security EAP200 supports various wireless authentication and data encryption methods in each VAP profile With this the administrator can provide different service levels to clients The security type includes None WEP 802 1X WPA PSK and WPA RADIUS e None Authentication
46. ity type shown on the Security Settings page share the same RADIUS configuration MAP Overview U General VAP Config d Security d Repeater Advanced Y Access Control Site Survey N i Home gt AP gt Access Control Access Control Settings Profile Name VAP 1 Maximum Number of Clients st Range 1 32 Access Control Type RADIUS ACL v Primary RADIUS Server Note These settings will also apply to security settings which use RADIUS Server for this VAP Host Le g Domain Name IP Address 3 Authentication Port 1812 1 65535 Secondary RADIUS Server eet fs Authentication Part Secret Key Figure 33 RADIUS ACL Click SAVE and Reboot upon completing the related configurations to take effect er Copyright 4IPNET INC bg H 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 6 Create a WDS Bridge between two APs WDS link creation will assist to extend network coverage where running wires is not an option effectively transferring the traffics to the other end of WLAN LAN through the EAP200 Since this is a peer to peer connection both EAP200s will be configured by the same way Step 1 Make sure the Band and Channel are matched between the WDS peers In order to create a valid WDS link the two EAP200s must be configured to use the same channel and band for their wireless settings Click the AP icon and then General tab to go to the following page System A Fire
47. leave it as default VLAN ID can be chosen at another time Click SAVE to save all changes up to this point and Reboot the system to apply these revised settings Congratulations After reboot the AP can start to work with these revised settings 20 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 4 Adding Virtual Access Points EAP200 possesses the feature of multi ESSID namely it can behave as multiple virtual access points providing different levels of services from the same physical AP device Please click on the AP icon to review the VAP Overview page System AP Firewall Utilities Status WAP Overview General VAP Contig N Security Repeater V Advanced Access Control N Site Survey Home gt AP gt VAP Overview VAP Overview VAP No ESSID State Security Type MAC ACL Advanced Settings 1 EAD200 1 Enabled None Disabled Edit 2 EAP200 2 Enabled None Disabled Edit 3 EAP200 3 Enabled None Disabled Edit 4 EAP200 4 Enabled None Disabled Edit 5 EAP200 5 Enabled None Disabled Edit 6 EAP200 6 Enabled None Disabled Edit 7 EAD200 7 Enabled None Disabled Edit S EAD200 9 Enabled None Disabled Edit Figure 20 VAP Overview Page To proceed with specific VAP configuration click on the corresponding cell in the State column and the row of the VAP the particular VAP s Configuration page will then appear for further configuration 21 Copyright 4IPNET INC 4ipnet User
48. lect the appropriate Hour Min and Sec from the drop down menu Unless either Internet connection or NTP server may become unavailable it is recommended to use NTP server for time synchronization because system time needs to be reconfigured upon reboot 37 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 1 2 Network Interface On this page the network settings of the device can be configured fields with a red asterisk i e IP Address Netmask Gateway and Primary DNS Server are mandatory General Y Network Interface Management Home gt System gt Network Interface Network Settings Mode Static DHCP IP Address is Default Gateway R Primary DNS Server P Alternate DNS Server eg Layer STP Disable Enable Figure 39 Network Settings Page Mode Determine the way to obtain the IP address by DHCP or Static gt Static The administrator can manually set up the static LAN IP address All required fields are marked with a red asterisk O O O O O IP Address The IP address of the LAN port Netmask The Subnet mask of the LAN port Default Gateway The Gateway IP address of the LAN port Primary DNS Server The IP address of the primary DNS Domain Name System server Alternate DNS Server The IP address of the substitute DNS server gt DHCP This configuration type is applicable when the system is connected to a network wi
49. llation 1 2 Document Conventions A Represents essential steps actions or messages that should not be ignored vue Contains related information that corresponds to a topic Indicates that clicking this button will save the changes you made but you must reboot the system upon the completion of all configuration settings for the changes to take effect Indicates that clicking this button will clear what you have set before the settings are applied Copyright 4IPNET INC 4ipnet 1 3 Package Content The standard package of EAP200 includes Aipnet EAP200 Quick Installation Guide QIG CD ROM with User s Manual and QIG Console Cable Ethernet Cable Power Adapter DC 12V Antenna Screw Pack Ground Cable x1 x1 x1 x1 x1 x1 x2 x1 x1 User s Manual EAP200 Enterprise Access Point ENGLISH It is recommended to keep the original packing materials for possible future shipment when repair or maintenance is required Any returned product should be packed in its original packaging to prevent damage during delivery Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 2 System Overview and Getting Started 2 1 Introduction of 41pnet EAP200 The 4ipnet EAP200 Enterprise Access Point embedded with 802 11 n b g 2 4GHz MIMO radio in dust proof metal housing is designed for wireless connectivity in enterprise or industrial environments of all dimensions EAP200 mak
50. mply click on the Logout button at the upper right hand corner of the interface to return to the Administrator Login Page Click OK to logout y Hone Logout Help Figure 9 Logout Message from webpage E 7 Ra j Are vou sure to logoff Cancel Figure 10 Logout Prompt For security reasons it is strongly recommended to change the administrator s password upon the completion of all configuration settings 13 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH Please follow the following steps to change the administrator s password Hi H e C System AP Firewall Utilities Status Change Password Backup amp Restore d System Upgrade i Reboot A Home gt Utilities gt Change Password Change Password Name admin Old Password Sa up to 32 characters Re enter New Password Figure 11 Change Password Page gt Click on the Utilities main menu button and then select the Change Password tab gt Enter the old password and then a new password with a length of up to 32 characters and retype it in the Re enter New Password field Congratulation Now 4ipnet s EAP200 is installed and configured successfully It is strongly recommended to make a backup copy of configuration settings After the EAP200 s network configuration is completed please remember to change the IP Address of your PC Connection Properties back to its original settin
51. n and active date gt Location The information on geographical location of the system for the administrator to locate the system easily Time gt Device Time Display the current time of the system gt Time Zone Select an appropriate time zone from the drop down list box gt Time Synchronize the system time by NTP server or manual setup 36 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 1 Enable NTP By selecting Enabled NTP EAP200 can synchronize its system time with the NTP server automatically While this method is chosen at least one NTP server s IP address or domain name must be provided Time Device Time 2000 01 03 04 32 49 Time Zone GMT 08 00 Taipei Time Enable NTP Manually set up NTP Server 2 Figure 37 NTP Time Configuration Fields Generally networks would have a common NTP server internal or external If there is use that one otherwise locate a nearby NTP server on the web 2 Manually set up By selecting Manually set up the administrator can manually set the system date and time Time Device Time 2000 01 03 04 32 49 Time Zone GMT 08 00 Taipei Time O Enable NTP Manually set up Set Date Bear Y Month Hay Set Time E leur lu R Figure 38 Manual Time Configuration Fields Set Date Select the appropriate Year Month and Day from the drop down menu Set Time Se
52. n of wireless frames during data transmission gt WEP Keys Provide the pre defined WEP key value the system supports up to 4 sets of WEP keys e 802 1X When 802 1X Authentication is selected RADIUS authentication and Dynamic WEP are provided MAP Overview General VAP Config Security Repeater Advanced Access Control Y Site Survey Home gt AP gt Security Security Settings Profile Name VAP 1 v Security Type 11802 Ly v Dynamic WEP Disable Enable WEP Key Length 64 bits 128 bits Rekeying Period 300 second s Page ere eege ee Domain Name IP Address Authentication Port 1812 i Secret Key Accounting Service Gi Disable Enable Accounting Port 1813 N Accounting Interim Update Interval lec second s Secondary RADIUS Server Host Domain Name IP Address Figure 52 Security Settings 802 1X Authentication 48 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH gt Dynamic WEP Settings o Dynamic WEP For 802 1X security tyoe Dynamic WEP is always enabled to automatically generate WEP keys for encryption o WEP Key Length Select from 64 bit or 128 bit key length o Re keying Period The time interval for the dynamic WEP key to be updated the time unit is in second gt RADIUS Server Settings Primary Secondary o Host Enter the IP address or domain name of the RADIUS server o Authentication Port The p
53. n the field labeled Layer2 STP This will prevent data from looping or a broadcast storm Click SAVE when completed and then Reboot to allow updated settings to take effect 33 Copyright 4IPNET INC EE EAP200 Enterprise Access Point ENGLISH 7 Web Management Interface Configuration This chapter will guide the user through the EAP200 s detailed settings The following table shows all the User Interface UI functions of 4ipnet s EAP200 Enterprise Access Point The Web Management Interface WMI is the page where the status is displayed control is issued and parameters are configured In the Web Management Interface there are two main interface areas Main Menu and Working Area The Working Area occupies the major area of the WMI displayed in the center of the interface It is also referred to as the configuration page The Main Menu on the top of the WMI allows the administrator to traverse to various management functions of the system The management functions are grouped into branches System AP Firewall Utilities and Status Table 1 EAP200 s Function Organization OPTION FUNCTION General System Network Interface Management VAP Overview General VAP Configuration Security Repeater Advanced Access Control Site Survey Firewall List a a ae tissue bre _ amp Restore Sater Daae Upgrade mm Serie Associated Clients Repeater Event Log 34 Copyright 4IPNET INC 4ipnet User s
54. ort number used by the RADIUS server Specify a port number or use the default 1812 o Secret Key The secret key for the system to communicate with the RADIUS server o Accounting Service Enabling this option allows accounting of login and logouts through the RADIUS server o Accounting Port The port number used by the RADIUS server for accounting purposes Specify a port number or use the default 1813 o Accounting Interim Update Interval The system will update accounting information to the RADIUS server every interval period e WPA PSK WPA PSK Wi Fi Protected Access Pre shared Key is a pre shared key authentication method a special mode of WPA VAP Overview General VAP Config Y Security Repeater Advanced Y Access Control Y Site Survey Home gt AP gt Security Security Settings Profile Name VAP 1 v Security Type WPA PSK ei Cipher Suite TKIP WPA Pre shared Key Type PSK Hex 64 chars Passphrase 8 63 chars Pre shared Key Group Key Update Period 600 second s Figure 53 Security Settings WPA PSK gt Cipher Suite Select an encryption method from TKIP WPA AES WPA TKIP WAP2 AES WAP2 or Mixed gt Pre shared Key Type Select a pre shared key type PSK Hex or Passphrase gt Pre shared Key Enter the key value for the pre shared key the format of the key value depends on the key type selected gt Group Key Update Period The time interval for the
55. ounting Service Gi Disable Enable Accounting Port 1813 TF Accounting Interim Update Interval E seconds Secondary RADIUS Server Host k Domain Name IP Address Figure 29 Security Settings WPA RADIUS gt WPA Settings o Cipher Suite Select an encryption method from TKIP WPA AES WPA TKIP WAP2 AES WAP2 or Mixed o Group Key Update Period The time interval for the Group Key to be renewed the time unit is in seconds gt RADIUS Server Settings o Host Enter the IP address or domain name of the RADIUS server o Authentication Port The port number used by the RADIUS server Specify a port number or use the default 1812 o Secret Key The secret key for the system to communicate with the RADIUS server o Accounting Service Enabling this option allows accounting of login and logouts through the RADIUS server o Accounting Port The port number used by the RADIUS server for accounting purposes Specify a port number or use the default 1813 o Accounting Interim Update Interval The system will update accounting information to the RADIUS server every interval period When these configurations are finished and MAC restriction is not needed click SAVE and then Reboot the system Otherwise click on the Overview tab and proceed with the next step 28 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH Step 3 Configuring MAC ACL Access Control List Clicking
56. r s Manual EAP200 Enterprise Access Point ENGLISH Ss N w SA password l Login FA e Figure 7 Administrator Login Page e After a successful login into EAP200 a System Overview page of the Web Management Interface WMI will appear Z i GE REL Se eee ERTER ey eth Overview 5 Associated Chen ST Lae ha dl pn e ed Kee Sa gl n ne eeh hie Home gt Status gt System Overview gP System System Name Firmware Version Build Number Location Site Device Time System Up Time EAP200 EN A D days 0 04 49 9 LAN Interface MAC Address IF Address Subnet Mask Gateway 1E 1F D4 03 22 20 192 168 1 1 255 255 255 0 192 168 1 254 Firewall Utilities l Status System Overview SC Radio Status MAC Address 00 1F D4 03 22 20 Band 802 11b g Channel 6 TX Power 18 dBm j Di AP Status SS Profile Security Online Name BSSID ESSID Type Clients VAP 1 00 1F D4 03 22 20 EAP200 1 None 0 VAP 2 06 1F D4 03 22 20 EAP200 2 None 0 VAP 3 OA 1F D4 03 22 20 EAP200 3 None o VAP 4 0E 1F D4 03 22 20 EAP200 4 None 0 VAP 5 12 1F D4 03 22 20 EAP200 5 None 0 VAP 6 16 1F D4 03 22 20 EAP200 6 None o VAP 7 14 1F D4 03 22 20 EAP200 7 None o VAP 8 1E 1F D4 03 22 20 EAP200 8 None 0 Figure 8 The Web Management Interface System Overview Page 12 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH e To logout si
57. r the Time field the configuration changes to allow up to two NTP servers Simply enter a local NTP server s IP Address if available or search online for an NTP server nearest you Set the time zone and click SAVE 16 Copyright 4IPNET INC e H 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH Time Zone GMT 08 00 Taipei ka Time 1 Enable NTP O Manually set up Figure 15 NTP Setup Step 2 Configuring the AP s Network Settings While still on this Page click on the Network Interface tab to begin configuration of the network settings yA AP Firewall Utilities Status A i General Network Interface Management Home gt System gt Network Interface Network Settings Mode static DHCP IP Address 192 168 1 1 ze Netmask 255 255 255 0 Default Gateway 192 168 1 254 Primary DNS Server 192 168 1 254 Alternate DNS Server Layer STP Disable Enable Figure 16 Network Settings Page lf the deployment decides the AP will be getting dynamic IP Addresses from the connected network set Mode to DHCP otherwise set Mode to Static and fill in the required fields marked with a red asterisk IP Address Netmask Gateway and Primary DNS Server with the appropriate values for the network Click SAVE when you are finished to save changes that have been made 17 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point EN
58. rom an existing rule for revision Firewall d s Service Adva noed Home gt Firewall List gt Rule Config Layer 2 Firewall Configuration LA Rule ID EtherType E v Interface From To Service ALL wi IP Address Mask 0 0 0 0 0 v Dee F Action Block Pass Remark gt gt To move a specific rule MV in Setting column of firewall list will lead to the following page for reordering confirmation After SAVE button is clicked and system reboot the order of rules will be updated Firewall List Service Advanced T Home gt Firewall gt Move rule Move Rule ID 1 Move to Before After ID 1 20 Please make sure all desired rules state of rule are checked and saved in overview page the rule will be enforced upon system reboot 63 Copyright 4IPNET INC 4ipnet Home gt Firewall gt Firewall List No LA 10 User s Manual EAP200 Enterprise Access Point ENGLISH Layer 2 Firewall Settings Enable Layer 2 Firewall Disable Enable State N NJ NMN D Action DROP DROP DROP DROP DROP DROP Name CDP and VTP STP BPDU GARP RIP HSRP OSPF EtherType Remark IEEE_8023 IEEE 8023 IEEE_8023 IPv4 IPv4 IPv4 First Prev Next Last L total 20 64 Setting Del Ed In Mv Del Del Del Del Del Del Del Del Del Ed Ed Ed Ed
59. s This above deployment scenario illustrates a deployment example using three access points AP 1 AP 2 and AP 3 e Three EAP200 systems construct a network comprising of wired and wireless segments e AP 2 plays the role of a wireless bridge e Al devices share the same DHCP server 192 168 1 1 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 2 3 Hardware Description This section depicts the hardware information including all panel description Connector Panel 7 6 S d 4 3 Figure 3 EAP200 Connector Panel 1 een pye aaae e ear Sea tm ome Press and hold for more than 10 seconds to reset to factory default configurations H DC 12V Attach the power socket here 12V 1 5A Attach the power adapter here Antenna Panel Figure 4 EAP200 Antenna Panel Antenna Connector Attach the antennas here The system supports one RF interface with two SMA connectors Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH LED Panel Aipnet EAP200 Enterprise Access Point Figure 5 EAP200 LED Panel U Power LED LED ON indicates power on OFF indicates power off LAN LED LED ON indicates LAN cable connected OFF indicates no connection BLINKING indicates transmitting data M WLAN LED LED ON indicates wireless ready J WDS LED LED ON indicates WDS ready WES LED To indicate WES status wes gae ooo WES Start LED BL
60. s gt Repeater Information Repeater Information WDS Link Status Item Status MAC Address RSSI TX Rate TX Count TX Error Encryption 1 Disabled N A N A N A N A N A E Disabled N A N A N A N A N A 3 Disabled N A N A N A N A N A 4 Disabled N A N A N A N A N A Figure 72 WDS Link Status Page e WDS Link Status The table will indicate the link status of all WDS interfaces VW Y VV Y Status The status of the WDS link either Enabled or Disabled MAC Address The MAC Address of the WDS peer RSSI Received Signal Strength Indication a measurement of received radio signal over WDS link TX Rate The transmit rate of the WDS link TX Count The accumulative number of transmission counts TX Errors The accumulative number of transmission errors 74 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 5 4 Event Log The Event Log provides the records of system activities The administrator can monitor the system status by checking this log Overview Associated Clients Y WOS List Event Log Home gt Status gt Event Log Event Log Figure 73 Event Log Page In the log each line represents an event record in each line there are 4 fields Date Time The time amp date when the event happened Hostname Indicates which host recorded this event Note that all events on this page are local events so the hostname in this field is always the same However in remote SYSLOG
61. s Manual EAP200 Enterprise Access Point ENGLISH gt gt e S System At Firewall Utilities Status VAP Overview General Y VAP Config Security Repeater Advanced d Access Control 4 site Survey Home gt AP gt VAP Config VAP Configuration Profile Name VAP 1 v VAP Disable Enable Profile Name VAP 1 ESSID EAP200 1 VLAN ID Disable Enable VLAN ID beg 1 4094 Figure 21 VAP Configuration Page VAP 1 shown Please select the desired VAP profile from the drop down menu of Profile Name Choose Enable for the VAP field Pick a descriptive Profile Name and an appropriate ESSID for clients to associate to A VLAN ID can be provided to indicate the traffics through this particular VAP Doing so may allow further management control e g access rights and Internet usage etc of each VAP with a management gateway Click SAVE and then Reboot for the changes to take effect 22 Copyright 4IPNET INC 4ipnet 5 Secure Your AP User s Manual EAP200 Enterprise Access Point ENGLISH Different VAP may require different level of security These instructions will guide the user through setting up different types of security for a particular VAP Simply repeat the following steps for other VAP with security requirement Step 1 Ensure the intended VAP is Enabled Firewall gw i System AF WAP Overview General Y VAP Config Security Repeater l Advanced Access Control A
62. st A Domain Name IP Address Authentication Port 1812 k Secret Key Accounting Service Disable Enable Accounting Port EE 13 i Accounting Interim Update Interval i second s a es eS es k Domain Name IP Address Figure 27 Security Settings 802 1X Authentication gt Dynamic WEP Settings O Dynamic WEP For 802 1X security type Dynamic WEP is always enabled to automatically generate WEP keys for encryption WEP Key Length Select from 64 bit or 128 bit key length Rekeying Period The time interval for the dynamic WEP key to be updated the time unit is in second gt RADIUS Server Settings O O Host Enter the IP address or domain name of the RADIUS server Authentication Port The port number used by the RADIUS server Specify a port number or use the default 1812 Secret Key The secret key for the system to communicate with the RADIUS server Accounting Service Enabling this option allows accounting of login and logouts through the RADIUS server Accounting Port The port number used by the RADIUS server for accounting purposes Specify a port number or use the default 1813 Accounting Interim Update Interval The system will update accounting information to the RADIUS server every interval period 26 Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH e WPA PSK Provide shared key authenticaiton in WPA data encryption Rep
63. th the presence of a DHCP server all related IP information required will be provided by the DHCP server automatically Layer 2 STP If the EAP200 is set up to bridge other network components this option can be enabled to prevent undesired loops because broadcasting storm may occur in a multi switch environment where broadcast packets are forwarded in an endless loop between switches Moreover a broadcast storm may consume most of available system resources in addition to available bandwidth Thus enabling the Layer 2 STP can lower such undesired occurrence and derive the best available data path for network communication Copyright 4IPNET INC 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 1 3 Management The management services e g VLAN for Management SNMP and System log can be configured here General d Network Interface Management Home gt System gt Management Services Management Services YLAN for Management Disable Enable VLANID 1 4094 SNMP Configuration e Disable Enable Community String Trap Disable Enable system Log e Disable Enable Server Port i Syslog Level Emor Figure 40 Management Services Page e VLAN for Management When it is enabled management traffics from the system will be tagged with a VLAN ID In other words administrator who wants to access the WMI must send management traffics with the same VLAN ID such as
64. ut retransmission In other words upon timeout if the Acknowledgement frame is still not received the frames will be retransmitted This option can be used to tune network performance for extended coverage for regular indoor deployment please keep the default Setting 44 Copyright 4IPNET INC 4ipnet from the access point User s Manual EAP200 Enterprise Access Point ENGLISH e Beacon Interval ms The entered amount of time indicates how often the beacon signal will be sent Due to RF regulation in different nations available values in the above table will differ Table 2 RF Configurations under normal circumstances in certain countries ER 802 11b Associated AP s SSID 802 119 Associated AP s SSID 802 11b 802 119 Associated AP s SSID 802 119 802 11n Associated AP s SSID Short Preamble Disable Enable Disable Enable Disable Enable Disable Enable Auto 1 11 13 or 14 Auto 1 11 or 13 Auto 1 11 13 or 14 Auto 1 11 or 13 45 Max Transmit Rate 1M 2M 5 5M 11M 6M 9M 12M 18M 24M 36M 48M 54M 1M 2M 5 5M 6M 9M 11M 12M 18M 24M 36M 48M 54M 1M 2M 5 5M 6M 9M 11M 12M 18M 24M 36M 48M 54M MCS0 15 Transmit Power Auto Lowest Low Medium High Highest Copyright 4IPNET INC hg H 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH 7 2 3 VAP Configuration This section provides conf
65. wall Utilities status 4 0 s Y LES VAP Overview Y General VAP Config Security Repeater Advanced Access Control Site Survey Home gt AP gt General General Settings Band 802 11b 802 119 Y Short Preamble Channel Max Transmit Rate Transmit Power ACK Timeout Beacon Interval Disable Enable e M b D E E CT O Na 0 255 O Auto Unit 4 micro seconds 100 NI 100 500ms Figure 34 Wireless General Settings Page Please make sure both APs are using the same Band and Channel in order to establish a successful WDS link Click SAVE if any changes have been made 32 Copyright 4IPNET INC ng H 4ipnet User s Manual EAP200 Enterprise Access Point ENGLISH Step 2 Prevent Loops if Connecting Many APs When many APs are linked in this manner undesired loops may form to lower overall WLAN performance To prevent such occurrence please make sure Layer 2 STP is enabled To turn on this feature please click on the System and then Network Interface tab General Network Interface Management A Home System Network Interface Network Settings Mode Static DHCP IP Address 192 168 1 1 Netmask 255 255 255 0 Default Gateway 192 168 1 254 Primary DNS Server 192 168 1 254 Alternate DNS Server El Layer STP Disable Enable Figure 35 Network Settings Page Please select Enable i
Download Pdf Manuals
Related Search
EAP200_v1.00_EN_Manu..