Moxa AWK-5222-EU WLAN access point
Contents
1. A ATTENTION Please make sure the power source is stable when you upgrade your firmware An unexpected power breakup may damage your AWK 5222 Config Import Export You can back up or restore the AWK 5222 s configuration with Config Import Export In the Config Import section click Browse to specify the configuration file and click Config Import button to begin importing the configuration Config Import Select configuration file Browse Contig Import In the Config Export section click the Config Export button and save the configuration file onto your local storage media The configuration file is a text file and you can view and edit 1t with a general text editing tool Config Export Config Export 3 53 AWK 5222 User s Manual Other Console Configurations Load Factory Default Use this function to reset the AWK 5222 and roll all settings back to the factory default values You can also reset the hardware by pressing the reset button on the top panel of the AWK 5222 Load Factory Default Reset to Factory Default Click Activate to reset all settings including the console password to the factory default values The system will be restarted immediately Activate Password You can change the administration password for each of the AWK 5222 s console managers by using the Password function Before you set up a new password you must input the current password and reenter the new password for confirma2. MAC IF le 00 13 c0e el ee ef 192 168 12 2 Select all Refresh Y ou can press Select all button to select all content in the list for further editing Select All Print Select all Refresh system Log Triggered events are recorded in System Log You can export the log contents to an available viewer by clicking Export Log You can use the Clear Log button to clear the log contents and the Refresh button to refresh the log System log 196 2009 06 18 16h 31m 52s Power 1 transition Off gt On A 197 2009 06 18 16h 32m 165 LAN 1 link on 1198 2009 06 18 16h 32m 17s LAN 2 link on 199 2009 06 18 16h 32m 33s RSTP topology changed 200 2009 06 18 16h 32m 335 LAN 1 link off 201 2009 06 18 16h 32m 345 LAN 2 link off 202 2009 06 18 16h 32m 43s LAN 1 link on 203 2009 06 18 16h 32m 45s LAN 2 link on 204 2009 06 18 16h 33m 135 RSTP topology changed 205 2009 06 18 16h 33m 535 RSTP topology changed 206 2009 06 18 16h 34m 31s5 RSTP topology changed 207 2009 06 18 16h 35m 09s RSTP topology changed 206 2009 06 18 19h 10m 17s System cold start 209 2009 06 18 19h 10m 17s Power 1 transition Off gt On 210 2009 06 18 19h 10m 53s5 LAN 1 link on 211 2009 06 18 19h 11m 01s LAN 1 link off 212 2009 06 18 19h 11m 08s LAN 2 link on 213 2009 06 18 19h 11m 39s RSTP topology changed ExportLog Clear Log Refresh 3 50 AWK 5222 User s Manual Relay Status Other Console Config
3. EAPOL version 1 v Transmission Rate Setting Factory Default AWK 5222 will sense and adjust the Auto data rate automatically transmission data rate Transmission Power Setting Factory Default Specifies wireless signal coverage by Full Auto automatically selecting the strength of Tx power Equivalent to 100 of maximum Tx power Equivalent to 75 of maximum Tx power Equivalent to 50 of maximum Tx power Equivalent to 25 of maximum Tx power Beacon Interval for Redundant AP AP Master mode only Setting Factory Default Beacon Interval This value indicates the frequency interval 100 ms 40 1000 ms of the beacon DTIM Interval for Redundant AP AP Master mode only Setting Factory Default l Data Beacon Rate This value indicates how often the 1 16384 AWK 5222 sends out a Delivery Traffic Indication Message 3 27 AWK 5222 User s Manual Other Console Configurations Fragment threshold Setting Factory Default Fragment Length This parameter specifies the maximum size 2346 256 2346 a data packet before splitting and creating another new packet RTS threshold Setting Factory Default RTS CTS Threshold This setting determines how large a packet 2346 256 2346 can be before the Access Point coordinates transmission and reception to ensure efficient communication A NOTE You can refer to the related glossaries in Chapter 5 for more detailed information about the
4. Product Specifications WLAN Standards Spread Spectrum and Modulation Operating Channels Central Frequency Security Protocol General Protocols AP only Protocols Data Rates Transmit Power Receiver Sensitivity Interface Default Antenna IEEE 802 1 1a g b for Wireless LAN IEEE 802 111 for Wireless Security IEEE 802 3u for 10 100BaseT X IEEE 802 3af for Power over Ethernet IEEE 802 1D for Spanning Tree Protocol IEEE 802 1w for Rapid STP DSSS with DBPSK DQPSK CCK OFDM with BPSK QPSK 16QAM 64QAM US 2 412 to 2 462 GHz 11 channels 5 18 to 5 24 GHz 4 channels EU 2 412 to 2 472 GHz 13 channels 5 18 to 5 24 GHz 4 channels 64 bit and 128 bit WEP encryption WPA WPA2 Personal or Enterprise IEEE 802 1X RADIUS TKIP and AES Proxy ARP DNS HTTP HTTPS IP ICMP SNTP TCP UDP RADIUS SNMP RTP PPPoE DHCP ARP BOOTP DHCP dynamic VLAN Tags for 802 1 X Clients STP RSTP IEEE 802 1D w 802 11b 1 2 5 5 11 Mbps 802 1 1a g 6 9 12 18 24 36 48 54 Mbps 802 11b 1to 11 Mbps Typ 18 1 5 dBm 802 11g 6to 24 Mbps Typ 18 1 5 dBm 36 to 48 Mbps Typ 16 1 5 dBm 54 Mbps Typ 15 1 5 dBm 802 11a 6to 24 Mbps Typ 16 1 5 dBm 36 to 48 Mbps Typ 14 1 5 dBm 54 Mbps Typ 13 1 5 dBm 802 11b 92 dBm 1 Mbps 90 dBm 2 Mbps 88 dBm 5 5 Mbps 84dBm 11 Mbps 802 1lg 87 dBm 6 Mbps 86 dBm 9 Mbps 85 dBm 12 Mbps 82dBm 18 Mbps 80 dBm 24 Mbps 76 dBm 36 Mbps 72dBm
5. Setting Factory Default Query period time This parameter determines how often 600 seconds 1 9999 seconds the time is updated from the NTP server 3 7 AWK 5222 User s Manual Other Console Configurations Wireless Settings The essential settings for wireless networks are presented in this function group Settings must be properly set before establishing your wireless network Operation Mode The AWK 5222 supports three operation modes that are used for different wireless network applications Wireless Redundancy In traditional architectures most vendors only provide a single RF AP and Client in which the AP connects one or more Clients to the network Since the AP and Client are connected by a single RF connection if the RF connection is disconnected the system or network behind the Client will be disconnected too Client Client Client 3 8 AWK 5222 User s Manual Other Console Configurations With the new wireless redundancy technology you can set up a redundant wireless connection between a redundant client device and a redundant AP device The redundant structure involves using the AWK 5222 s two RF modules to set up two independent wireless connections between the redundant client and redundant AP devices If either of the two wireless connections fails the other wireless connection will continue transmitting packets between the redundant client and redundant AP devices In addition to carryin
6. 48 Mbps 70 dBm 54 Mbps 802 1la 87 dBm 6 Mbps 86 dBm 9 Mbps 85 dBm 12 Mbps 82dBm 18 Mbps 80 dBm 24 Mbps 76 dBm 36 Mbps 72dBm 48 Mbps 70 dBm 54 Mbps 2dBi dual band Omni directional antenna 1 3 AWK 5222 User s Manual Antenna Connector Connection Alarm Contact Digital Input Console LAN Port LED Indicators Power Input Voltage Input Current Input Current 24VDC Overload Current Protection Reverse Polarity Protection Mechanical Dimensions Weight Installation Casing Environment Operating Temperature Storage Temperature Ambient Relative Humidity Regulatory Approvals Safety EMC Environmental EMC compliancy Introduction RP SMA male 10 pin Removable Terminal Block 1 relay output capacity 1A 24VDC 2 electrically isolated inputs 3 to 30V for state 0 OFF 13 to 30V for state 1 ON Max input current 8 mA RS 232 RJ45 type 10 100BaseT X auto negotiation speed PWR1 PWR2 PoE FAULT STATE BRIDGE MODE WLANI1 WLAN 2 10M 100M 12 to 48 VDC redundant dual DC power inputs or 48 VDC Power over Ethernet IEEE 802 3af 12 to 48 VDC 0 3 A 1 6 A Present 62 05 x 135 x 105 mm 2 44 x 5 31 x 4 13 in 880 g DIN rail or Wall Mounting with optional wall mounting kit IP30 protection aluminum case Standard models O to 60 C 32 to 140 F Wide Temp Models 40 to 75 C 40 to 167 F 40 to 85 C 40 to 185 F 5 to
7. Advanced Options Search Connection Misc Search on start E Cancel gt Other Console Configurations This chapter explains how to access the AWK 5222 for the first time In addition to HTTP access there are four ways to access AWK 5222 serial console Telnet console SSH console and HTTPS console The serial console connection method which requires using a short serial cable to connect the AWK 5222 to a PC s COM port can be used if you do not know the AWK 5222 s IP address The other consoles can be used to access the AWK 5222 over an Ethernet LAN or over the Internet In this chapter we cover the following topics RS 232 Console Configuration 115200 None 8 1 VT100 Configuration by Telnet and SSH Consoles Configuration by Web Browser with HTTPS SSL Disabling Telnet and Browser Access DODD AWK 5222 User s Manual Software Installation Configuration A ATTENTION 1 You CANNOT connect to the AWK 5222 by two ore more of these console configurations simultaneously 2 You can connect to the AWK 5222 simultaneously by web browser and serial Telnet SSH console However we strongly suggest that you do NOT use more than one connection method at the same time Following this advice will allow you to maintain better control over the configuration of your AWK 5222 RS 232 Console Configuration 115200 None 8 1 VT100 The serial console connection method which requires using a short serial cable
8. Console Settings to disable them as shown in the following figure Overview All information on this page are active values System info Console Settings HTTP console C Enable Disable HTTPS console Enable Disable Telnet console Enable Disable SSH console Enable Disable Submit 5 6 6 References This chapter provides more detailed information about wireless related technologies The information in this chapter can help you administer your AWK 5222s and plan your industrial wireless network better The following topics are covered Beacon DTIM Fragment RTS Threshold STP and RSTP gt The STP RSTP Concept gt Differences between RSTP and STP OUUUD AWK 5222 User s Manual References Beacon DTIM A beacon is a packet broadcast by the AP to keep the network synchronized A beacon includes the wireless LAN service area the AP address the Broadcast destination address a time stamp Delivery Traffic Indicator Maps DTIM and the Traffic Indicator Message TIM Beacon Interval indicates the frequency interval of AP Delivery Traffic Indication Map DTIM is contained in beacon frames It is used to indicate that broadcast and multicast frames buffered by the AP will be delivered shortly Lower settings result in more efficient networking while preventing your PC from dropping into power saving sleep mode Higher settings allow your PC to enter sleep mode thus saving power
9. which consists of the 2 terminal block contacts on the top panel as shown below These relay contacts are used to forward system failure and user configured events The two wires attached to the relay contacts form an open circuit when a user configured event is triggered If a user configured event does not occur the relay circuit will remain closed For safety reason the relay circuit is kept open when the AWK 5222 is not powered The AWK 5222 s relay status is summarized as follows Power Status AWK 5222 User s Manual Introduction Antenna Position A Position B If you need to improve the performance of the Mainl and Main2 antennas you can connect additional antennas to the side panel of the AWK 5222 using an antenna cable Position A AUX1 and Position B AUX2 The default antenna for the AWK 5222 is a 2 dBi dual band omni directional antenna RP SMA male 2 Getting Started This chapter explains how to install Moxa s AirWorks AWK 5222 for the first time and quickly set up your wireless network and test whether the connection is running well With the function guide you can find out the functions you need easily In this chapter we cover the following topics LJ First time Installation and Configuration LJ Communication Testing Q Function Guiding Map AWK 5222 User s Manual Getting Started First time Installation and Configuration Before installing the AWK 5222 make sure that all items in the
10. which means that the WLAN is ready to operate in the operation mode you are setting For AP functionality settings click on Edit as described below Status SSID Operation Mode Action Active MOXA_1 Master Disabled MOXA_1_1 AP S5ID1_2 cae WLANs with same color must have identical RF type SSID and security settings After Edit is selected you can select Enable or Disable in AP functionality WLAN 1 Basic Wireless Settings AP functionality Enable Disable WLAN operation mode AF OC Hhin E idiwoed AP functionality Setting Factory Default Master can only serve a single slave Disable Master can serve single RF clients 3 14 AWK 5222 User s Manual Other Console Configurations Basic Wireless Setting The following figure shows the Basic Wireless Settings page The parameters and options are described as follows A NOTE Please note that WLAN 1 s RF type supports 802 11b g mode only 802 11a mode is not available WLAN 2 s RF type does support 802 11a b g WLAN operation mode AF RF type B G Mixed v Channel SSID E SSID broadcast Enable Disable RF type T Supports IEEE802 11a standard only B G Mixed B SupportsIEEES02 11b standard only B G Mixed Supports both IEEE 802 11b g standards but 802 11g s throughput may suffer when 802 11b clients are on the network Channel for Redundant AP AP or Master mode only Setting Factory Default Avail
11. 1272 2 4 AWK 5222 User s Manual Getting Started Testing Method for two or more AWK 5222s If you have two or more AWK 5222s you will need a second notebook computer B equipped with an Ethernet port Use the default settings for the first AWK 5222 connected to notebook A and change the second or third AWK 5222 connected to notebook B to Client mode Then configure the notebooks and AWK 5222s properly Client vos M IP 192 168 127 252 NE r 192 168 127 253 pus PING a MOXA 1 a um Notebook B Notebook A en IP 192 168 127 1 IP 192 168 127 2 wy After setting up the testing environment open a DOS window on notebook B At the prompt type ping lt P address of notebook A gt and then press Enter A Reply from IP address response means the communication was successful A Request timed out response means the communication failed In this case recheck the configuration to make sure the connections are correct Function Guiding Map The management functions are categorized in a tree and shown in the left field of the web based management console You can efficiently locate the function you need with the following guiding map 2 5 AWK 5222 User s Manual Getting Started A quick overview of the AWK 5222 s status SY Main Menu E Overview 3 Basic Settings i System Info Settings Y Network Settings 4 Time Settings BY Wireless Settings J Operation Mode Sy WLAN 1 E Basic W
12. Amber AP Bridge mode WLAN is not in use WLAN 2 function is in Client mode Te WLAN2 s data communication is running in Blinking Green mqs Client mode Green Amber WLAN2 function is in AP Bridge mode Blinking WLAN2 s data communication is running in Amber AP Bridge mode WLAN is not in use TP Port LAN1 LAN2 LED Indicators Port Interface 10M Yellow 100M Green AWK 5222 User s Manual Introduction A ATTENTION When the LEDs for STATE Green FAULT WLAN1 and WLAN2 all light up simultaneously and blink at one second intervals 1t means the system failed to boot This may be due to improper operation or uncontrollable issues such as an unexpected shutdown during firmware update To recover the firmware refer to Firmware Recovery in Chapter 6 Beeper The beeper signals that the system is ready with two short beeps Reset Button The RESET button is located on the top panel of the AWK 5222 You can reboot the AWK 5222 or reset it to factory default settings by pressing the RESET button with a pointed object such as an unfolded paper clip e System reboot Hold the RESET button down for under 5 seconds and then release e Reset to factory default Hold the RESET button down for over 5 seconds until the STATE LED starts blinking green Release the button to reset the AWK 5222 RESET button 1 6 AWK 5222 User s Manual Introduction Relay Digital Output The AWK 5222 has one relay output
13. Auto and two AUX and enables the diversity function for reducing multipath effect MAIN 1 and MAIN 2 Diversity function is disabled Only MAIN 1 and 2 antenna is in use AUX 1 and AUX 2 Diversity function 1s disabled Only AUX 1 and 2 antenna is in use EAPOL Version Setting Factory Default 1 EAPOL version 1 was standardized in the 2001 1 AS version of 802 1X which is much more commonly implemented 802 1X 2004 Turbo Roaming for AP Client operation mode s Client mode only Setting Factory Default Enable Disable Moxa s Turbo Roaming can enable rapid Disable handover when the AWK 5222 as a client roams among a group of APs When Turbo Roaming is enabled RF type and Scan channels will be shown as follows RF type shows the current RF type which this client is using now You can set up Scan channels for the APs among which this client is going to roam There are three Scan channels available Please note that the Scan channels may need to be modified when the RF type is changed For example channel 36 is not available in B G or B G Mix mode Turbo roaming i Enable RF type B G Mixed Scan channels 1 y Not scanning y Not scanning y WLAN Certification Settings for EAP TLS in Redundant Client Client or Slave mode only 3 29 AWK 5222 User s Manual Other Console Configurations When EAP TLS is used a WLAN Certificate will be required at the client end to support WPA WPA2 Enterpris
14. Disable HTTPS console e Enable Disable Telnet console te Enable Disable SSH console Enable Disable Submit Ping helps to diagnose the integrity of wired or wireless networks By inputting a node s IP address in the Destination field you can use the ping command to make sure it exists and whether or not the access path is available Ping Destination 192 168 253 2 Ping If the node and access path are available you will see that all packets were successfully transmitted with no loss Otherwise some or even all packets may get lost as shown in the following figure Ping Destination Ping PING 192 168 127 2 192 168 127 2 56 data bytes 197 168 127 2 ping statistics 4 packets transmitted O packets received 100 packet loss 3 52 AWK 5222 User s Manual Other Console Configurations Firmware Upgrade The AWK 5222 can be enhanced with more value added functions by installing firmware upgrades The latest firmware is available at Moxa s download center Before running a firmware upgrade make sure the AWK 5222 is off line Click the Browse button to specify the firmware image file and click Firmware Upgrade and Restart to start the firmware upgrade After the progress bar reaches 100 the AWK 5222 will reboot itself When upgrading your firmware the AWK 5222 s other functions are forbidden Firmware Upgrade Select update image PT Browse Firmware Upgrade and Restart
15. Firmware Recovery Process Press Ctrl C to enter Firmware Recovery Process Press Ctrl C to enter Firmware Recovery FProcess Press Ctrl C to enter Firmware Recovery Process Press Ctrl C to enter Firmware Recovery Proces Press Ctrl C and the following message will appear Press Ctrl C to enter Firmware Recovery Process Press Ctrl C to enter Firmware Becovery Process IF address of AME 5222 1392 168 40 155 Netmask of AWE 52 222 7 558_ 255_2752_0 Gateway af AWE 522Z2 192 168 435 254 IF address of TFTP server 197 168_ 40_ 142 1 Start to firmware upgrade using the above network setting immediately Change the network settings Enter your selection 1 2 enter for abort Enter 2 to change the network setting Specify where the AWK 5222 s firmware file on the TFTP server and press y to write the settings into flash memory l Start to firmware upgrade using the above network setting immediate ls Change the network settings Enter your selection Kl Z enter for abort 2 IP address of AME 5222 192 168 1 2 IP address of TFTP server 192 168 1 1 Netmask of AWR S 22 55 255 2 52 0 Gateway af AWH S222 192 168 1 254 Update BedBoot non volatile configuration continue y ni y AWK 5222 User s Manual Supporting Information AWK 5222 restarts and the Press Ctrl C to enter Firmware Recovery Process message will reappear Press Ctrl C t
16. Modelname _ IP address Device MAC address Overview AWK 6222 US 192 168 127 253 00 90 E8 00 46 09 255 255 255 0 1 0 Build 09051817 System info Device info 802 11 info Model name AWK 5222 US Device name AWK 5222 0009 Serial No 9 System up time 1 days 19h 18m 28s Firmware version 1 0 Build 09051817 Click Locate to cause the selected device to beep 4 6 AWK 5222 User s Manual Software Installation Configuration AWE Search Utility File Edit Function Tools Help Search Search Ex Locate Mi Assign IP Unloci Upgrade Refresh Refresh All Exit ES AY No Modelname _ IP address Device MAC address Overview CS a1 AWK 5222 US 192 168 127 253 00 90 E 8 00 46 09 255 255 255 0 1 0 Build 09051817 System info Device info 802 11 info Model name AWK 5222 US Locate Device name AWK 5222 0009 Serial No 9 Locating Model AWK 5222 U5 System up time 1 days 19h 18m 28s Firmware version 1 0 Build 09051817 IP 192 168 127 253 00 90 E8 00 46 09 Netmask 255 255 255 0 Make sure your AWK is unlocked before using the search utility s icons setting The AWK will unlock automatically if the password is set to the default Otherwise you must enter the new password manually Go to Tools gt AWK login Options to manage and unlock additional AWKs AWK Search Utility SEE File Edit Function Tools Help pf Utility Login Options IE J E 7 F
17. Unlock Exit ca Search Search ARA e Refresh Refresh All No Modelname dvanced Options MAC address Overview Customize List View 8 00 40 01 255 255 255 0 1 0 Build 09060100 System info Device info 802 11 info Model name AWK 5222 US Device name AWK 5222 0001 Serial No 1 System up time D days 00h 59m 55s Firmware version 1 0 Build 09060100 4 7 AWK 5222 User s Manual Software Installation Configuration Use the scroll down list to select the MAC addresses of those AWKs you would like to manage and then click Add Key in the password for the AWK device and then click OK to save If you return to the search page and search for the AWK again you will find that the AWK will unlock automatically A ATTENTION For security purposes we suggest you can change the AWK search utility login password instead of using default AWE Login Options Found awk devicels 392168127 253 00 90 E9 00 40 01 Last IP Device MAC address Username C cE 192 166 127 253 00 90 E8 00 40 01 admin Delete wf OK x Cancel 4 8 AWK 5222 User s Manual Software Installation Configuration To modify the configuration of the highlighted AWK click on the Web icon to open the web console This will take you to the web console where you can make all configuration changes Refer to Chapter 3 Using the Web Console for information on how to use the web console 0 AWK Search Utility Fil
18. User s Manual Other Console Configurations Enabling Non Redundant Single RF AP Wireless Redundancy mode s Redundant AP This AP functionality can be set to Enable or Disable on the basic wireless settings page If AP functionality is set to Enable the Status will appear as Active which means that the WLAN is ready to operate in the operation mode you are setting For AP functionality settings click on Edit for the AP operation mode as described on the following page Status SSID Operation Mode Action Active MOXA_1 Redundant AP Disabled MOXA_1_1 AP SUTA WLANI LANZ eo A __ ssini 2 LA ssi A SD2 gt i n SSID1_2 yy as ee SsID1 eee SSIDZ ee loved i ke e e e e a u LAN 1 LAN WLANs with same color must have identical RF type SSID and security settings After Edit is selected you can select Enable or Disable in AP functionality WLAN 1 Basic Wireless Settings AP functionality Enable Disable WLAN operation mode AF OC Hhinn DI hiia AP functionality Setting Factory Default Disable Redundant AP cannot serve Disable non redundant Clients Enable Redundant AP can server non redundant Clients 3 1 AWK 5222 User s Manual Other Console Configurations Wireless Bridge Mode s Master You are allowed to edit this AP functionality to Enable or Disable on the basic wireless settings page If AP functionality is set to Enable the Status will appear as Active
19. WPA Enterprise settings on the AP side WLAN 1 WLAN Security Settings O Ena E HE SSID Security mode WPA we WPA type Encryption method TKIP EAP protocal Encryption method Setting Factory Default TKIP Temporal Key Integrity Protocol is TKIP enabled 3 22 AWK 5222 User s Manual Other Console Configurations AES Advance Encryption System is enabled EAP Protocol Setting Factory Default protocol Specifies Tunneled Transport Layer Security PEAP Specifies Protected Extensible Authentication Protocol or Protected EAP Before choosing the EAP protocol for your WPA WPA2 Enterpise settings on the client end please contact the network administrator to make sure the system supports the protocol on the AP end Detailed information on these three popular EAP protocols is presented in the following sections EAP TLS TLS is the standards based successor to the Secure Socket Layer SSL It can establish a trusted communication channel over a distrusted network TLS provides mutual authentication through certificate exchange EAP TLS is also secure to use You are required to submit a digital certificate to the authentication server for validation but the authentication server must also supply a certificate You can use WLAN 1 2 gt WLAN Certificate Settings to import your WLAN certificate and enable EAP TLS on the client end 3 23 AWK 5222 User s Manual Other Console Config
20. Welcome screen opens to proceed with the installation 15 Setup AWE Search Utility Sek Welcome to the AWK Search Utility Setup Wizard This will install AME Search Utility on your computer kis recommended that you close all other applications before continuing Click Nest to continue or Cancel to exit Setup Cancel 4 2 AWK 5222 User s Manual Software Installation Configuration 3 Click Next to install program files to the default directory or click Browse to select an alternate location iG Setup AWE Search Utility Select Destination Location Where should AWE Search Utility be installed Setup will install AWE Search Utility into the following folder To continue click Nest IF you would like to select a different folder click Browse C Program Files Moxa awk AWE Search Utility Atleast 25 MB of free disk space i required 4 Click Next to create the program s shortcut files to the default directory or click Browse to select an alternate location iS Setup AWE Search Utility Select Start Menu Folder Where should Setup place the program s shortcuts no FA Setup will create the program s shortcuts in the following Start Menu folder To continue click Nest IF you would like to select a different folder click Browse aK Search Utility 4 3 AWK 5222 User s Manual Software Installation Configuration 5 Click Next to select additional tas
21. disconnected e g the cable is pulled out or the opposing device shuts down LAN 1 or LAN 2 link off Client joined left for WLAN 1 or WLAN 2 for Redundant AP AP or Master mode WLAN 1 or WLAN 2 connected to AP for Redundant Client Client or Slave mode WLAN 1 or WLAN 2 disconnected for Redundant Client Client or Slave mode Config related events Event is triggered when Configuration Changed A configuration item has been changed Configuration file import via Web Console A wireless client is associated or disassociated The AWK 5222 is associated with an AP The AWK 5222 is disassociated from an AP 3 42 AWK 5222 User s Manual Other Console Configurations Syslog This function provides the event logs for the Syslog server The function supports up to three configurable Syslog servers and Syslog server UDP port numbers When an event occurs the event will be sent as a Syslog UDP packet to the specified Syslog servers Syslog Event Types Detail information for the grouped events is shown in the following table You can check the box for Enable log to enable the grouped events All default values are enabled checked Details for each event group can be found on the System log Event Types table on page 3 31 Syslog Event Types Event group Enable log System related events MNetwork related events Config related events Power events aa Ma a I DI events Syslog Server Setti
22. enable the filter function Drop no entity on list 1s activated all packets are allowed Accept no entity on list is activated all packets are denied 3 35 AWK 5222 User s Manual Other Console Configurations RSTP Settings for Master or Slave mode only AWK 5222 supports IEEE802 1D Spanning Tree Protocol and IEEE802 1w Rapid STP standards In addition to eliminating unexpected path looping STP RSTP can provide a backup path recovery if a wired wireless path fails accidentally The reliability and availability can increase because this fail over function AWK 5222 s STP RSTP feature is disabled by default To be completely effective you must enable RSTP STP on every AWK 5222 connected to your network The following figures indicate which Spanning Tree Protocol parameters can be configured A more detailed explanation of each parameter is given below the figure RSTP Settings for Master or Slave mode only RSTP status _ e Bridge priority an Pa oO co 4 Hello time 1 10 seconds Forwarding delay 4230 seconds hh em ho alla Max age 20 6 40 seconds No Enable RSTP Port priority Port cost lEdge port Status MET 5 a 2 Lan 5 D ea a a e a RSTP status This field will appear only when selected to operate STP RSTP It indicates whether this AWK 5222 is the Root of the Spanning Tree the root is determined automatically or not Bridge priority Setting F
23. field to access the homepage of the web based Network Manager Before the homepage opens you will need to enter the user name and password as shown in the following figure For first time configuration enter the default user name and password and then click on the Login button Moxa AMWK 3222 U5 Lisemame admin Password Login WEBSERVER A NOTE Default user name and password User Name admin Password root For security reasons we strongly recommend changing the default password To do so select Maintenance gt Password and then follow the on screen instructions to change the password A NOTE After you click Submit to apply changes you can see that the web page is refreshed and the string Update and a blinking reminder will be shown on the upper right corner of web page as follow J Main Menu E Overview System Info Settings Updated To make the changes effective click Restart and then Save and Restart after you change the settings About 30 seconds are needed for the AWK 5222 to complete its restart process 2 3 AWK 5222 User s Manual Getting Started Step 5 Select the operation mode for the AWK 5222 By default the AWK 5222 s operation mode is set to Wireless redundancy You can change the setting in Wireless Settings gt Operation mode if you would like to use the Wireless bridge or AP Client mode instead Detailed information about configuring the AWK 5222 s operation c
24. interference that may cause undesired operation FCC 15 407 e Within the 5 15 5 25 GHz band U NII devices will be restricted to indoor operations to reduce any potential for harmful interference to co channel MSS operations 7 3 AWK 5222 User s Manual Supporting Information R amp TTE Compliance Statement This equipment complies with all the requirements of DIRECTIVE 1999 5 CE OF THE EUROPEAN PARLIAMENT AND THE COUNCIL OF 9 March 1999 on radio equipment and telecommunication terminal equipment and the mutual recognition of their conformity R amp TTE The R amp TTE Directive repeals and replaces in the directive 98 13 EEC Telecommunications Terminal Equipment and Satellite Earth Station Equipment as of April 8 2000 Safety This equipment is designed with the utmost care for the safety of those who install and use it However special attention must be paid to the dangers of electric shock and static electricity when working with electrical equipment All guidelines of this and of the computer manufacturer must therefore be allowed at all times to ensure the safe use of the equipment EU Countries Intended for Use The ETSI version of this device is intended for home and office use in Austria Belgium Denmark Finland France with Frequency channel restrictions Germany Greece Ireland Italy Luxembourg Portugal Spain Sweden The Netherlands and United Kingdom The ETSI version of this device is also authorized for use
25. the Auto refresh box is checked Certain values for 802 11 info may not appear with different operation modes For example Current BSSID and RSSI are not available in Redundant AP AP or Master modes It is helpful to use the continuously updated information option on this page such as RSSI to monitor the signal strength of the AWK 5222 in Redundant Client Client or Slave modes Wireless Status Auto refresh Show status of WLAN 1 SSID MOXA_1 807 11 info Operation mode SP Clreant Client WLAN 1 Channel Mot connected RF type B G Mixed SSID Mono 1 Security mode OFEN Current BSSID HS Signal strength angil Transmission rate HA Transmission power Full Associated Client List for Redundant AP AP or Master mode only Associated Client List shows all the clients that are currently associated to a particular AWK 5222 You can click Select all to select all the content in the list for further editing You can click Refresh to refresh the list Associated Client List for Redundant AP AP or Master mode only Show clients for WLAN 1 SSID MOxA4A_1 WLAN 1 SSID MOXA 1 WLAN 2 SSID MOXA 2 3 49 AWK 5222 User s Manual Other Console Configurations DHCP Client List for AP mode only When you enable the DHCP server the DHCP Client List shows all the clients that require and have successfully received IP assignments You can click the Refresh button to refresh the list DHCP Client List
26. 14m 19s l Firmware version 1 0 Build 09042201 1 Save Configuration RAT E Sea Device info pm R Device MAC address 00 90 E8 00 46 13 aa IP address 192 168 127 253 Subnet mask Aaa la Gateway In the following paragraphs we will go through each of the AWK 5222 s management functions in detail You can also get a quick overview of these functions in the Function Guiding Map section of Chapter 2 NOTE The model name of the AWK 5222 is shown as AWK 5222 XX where XX indicates the country code The country code represents the AWK 5222 version and which bandwidth it uses We use AWK 5222 US as an example in the following figures The country code of model name on the screen may vary if you are using a different version band AWK 5222 NOTE For security reasons you will need to log back into the AWK 5222 after the 5 minute time out 3 3 AWK 5222 User s Manual Other Console Configurations Overview The Overview page summarizes the AWK 5222 s current status The information is categorized into several groups System info Device info and 802 11 info Overview All information on this page are active values System info Model name AVE S 222 US Device name Awk 5222_0001 Serial No 1 System up time O days 00h 02m 30s Firmware wersion 1 0 Build 09060100 Device info Device MAC address 00 90 E8 00 40 01 IP address 192 168 127 253 Subnet mask 255 29595 2550 Gateway 807 11 info Country code LIS r Wi
27. 2 1 w can operate on the LAN ports and WLAN ports AP and WDS1 WDS8 of the same AWK 5222 This feature is particularly helpful when the AWK 5222 connects to older equipment such as legacy switches 6 2 AWK 5222 User s Manual References Differences between RSTP and STP RSTP is similar to STP but includes additional information in the BPDUs that allow each bridge to confirm that it has taken action to prevent loops from forming when it decides to enable a link to a neighboring bridge Adjacent bridges connected via point to point links will be able to enable a link without waiting to ensure that all other bridges in the network have had time to react to the change The main benefit of RSTP is that the configuration decision is made locally rather than network wide allowing RSTP to carry out automatic configuration and restore a link faster than STP 6 3 7 Supporting Information This chapter presents additional information about this manual and product You can also learn how to contact Moxa for technical support The following topics are covered Q About This User s Manual LI DoC Declaration of Conformity gt Federal Communication Commission Interference Statement gt R amp TTE Compliance Statement Q Firmware Recovery LJ Technical Support Contact Information AWK 5222 User s Manual Supporting Information About This User s Manual This manual is mainly designed for but no limited to the following hardw
28. 3 4 5 6 7 3 5 default 00 40 05 56 9D B1 BSS WEP H o hpsetup 32 BC 90 E2 84 14 Ad Hoc OPEN Refresh Close Internet WLAN Security Settings The following figure shows the WLAN 1 2 Security Settings page The parameters and options are described as follows NOTE When you switch to Wireless Redundancy mode you will see an additional WLAN Security Setting overview page Please click on Edit to modify WLAN security settings 3 16 AWK 5222 User s Manual Other Console Configurations WLAN 1 Security Setting Selection Status SSID Operation Mode Security Mode Action Active MOXA_1 Redundant AP OPEN Disabled MOXA_1_1 AP OPEN The AWK 5222 provides four standardized wireless security modes Open WEP Wired Equivalent Privacy WPA Wi Fi Protected Access and WPA2 Several types of security models are available in AWK 5222 by selecting Security mode and WPA type e Open No authentication no data encryption e WEP Static WEP Wired Equivalent Privacy keys must be manually configured e WPA WPA2 Personal also known as WPA WPA2 PSK You need to specify the Pre Shared Key in the Passphrase field which will be used by the TKIP or AES engine as a master key to generate keys that actually encrypt outgoing packets and decrypt incoming packets WPA WPA2 Enterprise also called WPA WPA2 EAP Extensible Authentication Protocol In addition to device based authentication WPA WPA2 Enterprise enables u
29. 8 eration Mod od duessaees 3 8 WEAN Dy NW LIN Z e ot aa seed Sa cate ec nile aah cae eis tile alate lean ae eaaankes 3 12 Enabling Non Redundant Single RF AP 0 ee ceceecseeecceeeeeeeeeeeeeeeeeesssesseseeeeeeeeess 3 13 WEAN Se CU IVS CIN See aod aac od aio alii 3 16 Advanced Wireless Settings wis cist ahs Men esi ee ie A eas 3 26 WLAN Certification Settings for EAP TLS in Redundant Client Client or Slave HOGS OMNI iio ina 3 29 PRON ANCE SC MMOS a o eo 3 31 DHCP Server for AP Client operation mode s AP mode only 3 31 Pieke LP A A A learn ahaa 3 33 RSTP Settings for Master or Slave mode OM y ooooooooonnnnnonooonononcncnnnnnnnnnnonoss 3 36 SS A A OA 3 38 SLOT o A A N lar neateent scouted 3 40 AUO Warns SUING ll Ed 3 4 SUSTO orson A sient anbew we anmaaaciarsoemaaetie 3 41 A a raaatealacanine cone a T A N 3 43 2 II A A Mo o o 0 E E AE E A E A E AET 3 44 EA N N E 3 46 A TS AS 3 47 ai oil N 3 49 IVC A stone A cae Se ctare E 3 49 Associated Client List for Redundant AP AP or Master mode only 3 49 DHCP Client List for AP mode Only Huasonic Antica 3 50 By Se LO ie E a O cansieacanaiad 3 50 Chapter 4 Chapter 5 Chapter 6 Chapter 7 IRC VANS GAL US atletico rienda jui 3 51 Drand POW Cr Stas soga dais 3 51 NMamitenanco nociones 3 52 Consoles SUMING S dd ds 3 52 PI atea alis sawboaaneastotirnaasieantcuks S cesiones 3 52 Pit are Upradena all aliada
30. 8 127 253 00 90 E8 00 46 09 255 255 255 0 1 0 Build 09051817 System info Device info 802 11 info WLAN1T WLAN2 Country code US WLAN1 Operation mode WIRELESS_REDUK edie 192 16862 TRF 253 WLAN1 Channel 6 WLAN1 RF type B G Mixed WLAN1 SSID Gateway z gt MOxA_1 z Primary DNS server IP configuration Subnet mask 2 O O Secondary DNS server The three advanced options Search Connection and Miscellaneous are explained below Search Retry count default 5 Indicates how many times the search will be retried automatically Retry interval ms The time lapsed between retries Advanced Options search Connection Misc Retry count 5 Retry interval me 1000 4 10 AWK 5222 User s Manual Software Installation Configuration Connection Connection timeout Secs Use this option to set the waiting time for the Default Login Locate Assign IP Upload Firmware and Unlock to complete Upgrade timeout secs Use this option to set the waiting time for the connection to disconnect while the firmware is upgrading Use this option to set the waiting time for the Firmware to write to flash Advanced Options Search Connection Mise Connection timeout secs 1 0 Upgrade timeout secs 500 Misc Search on start Checkmark this box if you would like the search function to start searching for devices after you log in to the AWK search Utility
31. 95 non condensing EN60950 1 UL60950 1 EN301 489 1 17 FCC Part 15 EN55022 55024 IEC61000 6 2 4 EN50155 EN50121 1 4 Please check Moxa s website for the most up to date certification status Warranty 5 years Details See http www moxa com warranty AWK 5222 User s Manual Introduction A ATTENTION The AWK 5222 is NOT a portable mobile device and should be located at least 20cm away from the human body The AWK 5222 is NOT designed for the general public To deploy AWK 5222s and establish a wireless network safely a well trained technician is required for installation Functional Design LED Indicators The LEDs on the front panel of AWK 5222 allow you to identity the status and wireless settings quickly Front Panel LED Indicators System Power is being supplied from power input 1 PWR1 Green Power is not being supplied from power input L Power is being supplied from power input 2 Green Power is not being supplied from power input Off gt Amber Power is being supplied via PoE Power is not being supplied via PoE Red server interval 1 sec Software Ready Green Red Blinking Green The AWK has been located by AWK Search UtilityGnterval sec Booting or Error condition WLAN functions in Client mode ST WLANI s data communication is running in Blinking Green mq Client mode WLAN1 Green Amber WLANl functions in AP Bridge mode Blinking WLANI s data communication is running in
32. AP There are a few differences in the inner authentication procedures for TTLS and PEAP TTLS uses the encrypted channel to exchange attribute value pairs AVPs while PEAP uses the encrypted channel to start a second EAP exchange inside of the tunnel The AWK 5222 provides 3 25 AWK 5222 User s Manual Other Console Configurations MS CHAP V2 merely as an EAP method for inner authentication WLAN 1 WLAN Security Settings SSID Security mode WPA type Encryption method EAP protocal Inner EAP protocol Anonymous name User name Password Inner EAP protocol MOA 1 WIPAS Wt PEAP Enterprise TKIP MS CHA4P y2 Setting Factory Default MS CHAP V2 Microsoft CHAP version 2 is used MS CHAP V2 Anonymous Setting Factory Default Max 31 characters A distinct name used for outer None authentication User name amp Password Setting Factory Default User name and password used in None inner authentication Advanced Wireless Settings Additional wireless related parameters are presented in this section to help you set up your wireless network in detail 3 26 AWK 5222 User s Manual Other Console Configurations WLAN 1 Advanced Wireless Settings Transmission rate Transmission power Beacon interval 100 40 1000ms DTIM interval 1 115 Fragmentation threshold 2562346 RTS threshold 256 2346 Transmission distance 500 10000m Transmission enhancement Antenna
33. Fragment A lower setting means smaller packets which will create more packets for each transmission If you have decreased this value and experience high packet error rates you can increase it again but it will likely decrease overall network performance Only minor modifications of this value are recommended RTS Threshold RTS Threshold 256 2346 This setting determines how large a packet can be before the Access Point coordinates transmission and reception to ensure efficient communication This value should remain at its default setting of 2 346 When you encounter inconsistent data flow only minor modifications are recommended STP and RSTP The STP RSTP Concept Spanning Tree Protocol STP was designed to help reduce link failures in a network and provide protection from loops Networks that have a complicated architecture are prone to broadcast storms caused by unintended loops in the network The STP protocol is part of the TEEE802 1D standard 1998 Edition bridge specification Rapid Spanning Tree Protocol RSTP implements the Spanning Tree Algorithm and Protocol defined by IEEE802 1w 2001 standard RSTP provides the following benefits e The topology of a bridged network will be determined much more quickly compared to STP e RSTP is backward compatible with STP making it relatively easy to deploy For example Defaults to sending 802 1D style BPDUs if packets with this format are received STP 802 1D and RSTP 80
34. K 5222 s URL e g http ap11 abc com in your browser s address field instead of entering the IP address The Secondary DNS server will be used if the Primary DNS server fails to connect Time Settings A The AWK 5222 has a time calibration function based on information from an NTP server or user specified Date and Time information Functions such as Auto warning can add real time information to the message Time Settings Date YYYY MM DD Time HH MM SS Current local time 2009 f o1 f 23 16 58 19 Set Time Time zone GMT 06 00 Central Time US amp Canada v Daylight saving time MV Enable Starts at Apr y ist y Sun gt foo loo HH MM Stops at loct y last y Sun y loo loo HH MM Time offset 01 00 Time server 1 ltime nist gov Time server 2 Query period 600 600 9999 seconds Current local time shows the AWK 5222 s system time when you open this web page You can click on the Set Time button to activate the update after setting up the date and time parameters An Updated string will appear to indicate that the change is complete Local time settings will be immediately activated in the system without running Save and Restart NOTE The AWK 5222 has a real time clock RTC Users are strongly recommended to update the Local time for the AWK 5222 after initial setup or long term shutdown especially when the network does not have an Internet connection for accessin
35. Moxa AirWorks AWK 5222 User s Manual First Edition June 2009 www moxa com product MOXA 2009 Moxa Inc All rights reserved Reproduction without permission is prohibited Moxa AirWorks AWK 5222 User s Manual The Moxa software described in this manual is furnished under a license agreement and may be used only in accordance with the terms of that agreement Copyright Notice Copyright 2009 Moxa Inc All rights reserved Reproduction without permission is prohibited Trademarks MOXA is a registered trademark of Moxa Inc All other trademarks or registered marks in this manual belong to their respective manufacturers Disclaimer Information in this document is subject to change without notice and does not represent a commitment on the part of Moxa Moxa provides this document as is without warranty of any kind either expressed or implied including but not limited to its particular purpose Moxa reserves the right to make improvements and or changes to this manual or to the products and or the programs described in this manual at any time Information provided in this manual is intended to be accurate and reliable However Moxa assumes no responsibility for its use or for any infringements on the rights of third parties that may result from its use This product might include unintentional technical or typographical errors Changes are periodically made to the information herein to correct such error
36. Package Checklist are in the box In addition you will need access to a notebook computer or PC equipped with an Ethernet port The AWK 5222 has a default IP address that you must use when connecting to the device for the first time Step 1 Select the power source The AWK 5222 can be powered by DC power input or PoE Power over Ethernet The AWK 5222 will use whichever power source you choose NOTE The ITE unit is to be connected only to PoE networks without routing to the outside plant Step 2 Connect the AWK 5222 to a notebook or PC Since the AWK 5222 supports MDI MDI X auto sensing you can use either a straight through cable or crossover cable to connect the AWK 5222 to a computer If the LED indicator on AWK 5222 s LAN port lights up it means the connection is established Step 3 Set up the computer s IP address Set an IP address on the same subnet as the AWK 5222 Since the AWK 5222 s default IP address is 192 168 127 253 and the subnet mask is 255 255 255 0 you should set the IP address of the computer to 192 168 127 xxx A NOTE After you select Maintenance gt Load Factory Default and click the Submit button the AWK 5222 will be reset to factory default settings and the IP address will be also reset to 192 168 127 253 2 2 AWK 5222 User s Manual Getting Started Step 4 Use the web based manager to configure AWK 5222 Open your computer s web browser and type http 192 168 127 253 in the address
37. Save and Restart After you click on Save Configuration in the left menu box the following screen will appear Click Save if you wish to update the configuration settings in the flash memory at this time Alternatively you may choose to run other functions and put off saving the configuration until later However the new setting changes will remain in the non volatile memory until you save the configurations Save Configuration If you have submitted any configuration changes you must save the changes and restart the system before they take effect Click Save to save the changes in AWE 5S222 US5 s memory Click Restart to activate new settings in the navigation panel Restart If you submitted configuration changes you will find a blinking string in the upper right corner of the screen After making all your changes click the Restart function in the left menu box One of two different screens will appear If you made changes recently but did not save you will be given two options Clicking the Restart button here will reboot the AWK 5222 directly and all setting changes will be ignored Clicking the Save and Restart button will apply all setting changes and then reboot the AWK 5222 Restart Ht Warning Click Restart to discard changes and reboot AWK 5222 U65 directly Click Save and Restart to apply all setting changes and reboot AYWK 5222 U5 Save and Restart 3 55 AWK 5222 User s Manual Other Consol
38. WK 5222 provides a Static DHCP mapping list with up to 16 entities Be reminded to check the Active check box for each entity to activate the setting You can check the IP assignment status under Status gt DHCP Client List DHCP Server for AP mode only Enable af Disable DHCP server Default gateway Subnet mask Primary DNS server fs Secondary ONS server Start IP address HA Maximum number of users A Client lease time 1 10 days Static DHCP mapping No lactive IP address MAC address 1 D 2 D LO 3 pg Lo 4 oO LO DHCP server AP only 3 31 AWK 5222 User s Manual Other Console Configurations Setting Factory Default Enables AWK 5222 as a DHCP server Disable Disable DHCP server function Default gateway Setting Factory Default IP address of a default The IP address of the router that connects None gateway to an outside network Subnet mask subnet mask Identifies the type of sub network e g None 255 255 0 0 for a Class B network or 255 255 255 0 for a Class C network Primary Secondary DNS server Setting Factory Default IP address of Primary The IP address of the DNS Server used Secondary DNS server by your network After entering the DNS Server s IP address you can use URL as well The Secondary DNS server will be used if the Primary DNS server fails to connect Start IP address Setting Factory Default IP address Indicates the IP address w
39. able channels vary AWK 5222 plays a role of wireless 6 in B G Mixed mode with RF type AP SSID Setting Factory Default Max 31 Characters The SSID of a client and the SSID of MOXA_1 for WLAN1 the AP must be identical for them to MOXA 2 for WLAN2 communicate with each other SSID broadcast for Redundant AP AP or Master mode only Setting Factory Default Enable Disable SSID can be broadcast or not 3 15 AWK 5222 User s Manual Other Console Configurations NOTE If your device uses redundant Client Client or Slave mode you can find an additional Site Survey button on basic wireless settings page The button supports site survey and pops up a dialog box listing the information for available APs as shown in the following figure You can click on the SSID of an entity and bring the value of its SSID onto the SSID field of the Basic Wireless Settings page Clicking on the Refresh button will re scan and update the table Operation mode Client RF type Channel SSID broadcast Enable Disable 3 http 192 168 127 253 Site Survey Microsoft Internet Explorer Site Survey MAC address Channel Mode Home 00 18 84 81 CD 9A al BSS WEP 2 o FON_AP 00 18 84 81 CD 99 BSS OPEN default 00 15 F2 A2 07 6A BSS OPEN BLW 54PM 00 90 CC D6 B5 20 BSS WEP BLYW S4PM 00 90 CC D6 BC EC BSS OPEN ZyXEL 00 19 CB 41 48 94 BSS WEP a oo bots each la ll gt BSS OPEN HJ Wireless 00 16 01 ED DO 61 BSS WEP al 2
40. above mentioned settings By setting these parameters properly you can better tune the performance of your wireless network Transmission distance Setting Factory Default Distance or max range The distance specifies the transmission for transmission distance or max range between two AWK 500 10000m devices This parameter should be set properly especially for long distance communication Transmission enhancement Setting Factory Default Enable Disable This setting can enhance communication by Disable strengthening the AWK 5222 s transmission power It is quite useful for long distance transmission or countering environmental interference The user has to carefully evaluate and measure the transmission power of whole system and make sure it is still below the regulative limitation A NOTE Make sure the same Transmission distance parameters are set in both AP and Client sides and both Master and Slave When this parameter is more than 500 an optimal algorithm will be 3 28 AWK 5222 User s Manual Other Console Configurations enabled to support long distance transmission Transmission enhancement is also recommended to enable communication at both ends when long distance transmission is required A high gain antenna installed at a fixed antenna connector can also improve performance Select Antenna at MAIN or AUX Antenna Setting Factory Default The AWK 5222 uses four antennas two MAIN Auto
41. actory Default Numerical value You can increase the bridge priority by 32768 selected selecting a lower number A higher bridge by user priority brings a greater chance of being established as the root of the Spanning Tree topology Hello time Setting Factory Default Numerical value input The root of the Spanning Tree topology 2 seconds by user periodically sends out a hello message to 1 10 seconds other devices on the network to check if the topology is healthy Hello time indicates how often the root sends hello messages 3 36 AWK 5222 User s Manual Other Console Configurations Forwarding delay Setting Factory Default Numerical value input The amount of time this device waits before 15 seconds by user checking to see if it should change to a different 4 30 seconds topology Setting Factory Default Numerical value input As a non root role if the device has not 20 seconds by user received a hello message from the root longer 6 40 seconds than Max age it will reconfigure itself as a root Once two or more devices on the network are recognized as a root the devices will renegotiate to set up a new Spanning Tree topology Enable RSTP Setting Factory Default Enable disable Enables or disables the port as a node on the Disable Spanning Tree topology unchecked Port priority Setting Factory Default Numerical value Increase this port s priority as a node on
42. always know what is happening elsewhere on the network This means that these devices including wireless APs or clients must provide system maintainers with real time alarm messages Even when system administrators are out of the control room for an extended period they can still be informed of the status of devices almost instantaneously when exceptions occur In addition to logging these events the AWK 5222 supports different approaches to warn engineers automatically such as SNMP trap e mail and relay output It also supports two digital inputs to integrate sensors into your system to automate alarms by email and relay output system Log System Log Event Types Detail information for grouped events is shown in the following table You can check the box for Enable log to enable the grouped events All default values are enabled checked The log for system events can be seen in Status gt System Log System log Event Types Event group Enable log System related events Metwork related events Config related events Power events a lt 1 4 41 4 DI events 3 41 AWK 5222 User s Manual Other Console Configurations System related events Event is triggered when System reser wam send The AWK 5222 is rebooted such as when its settings y are changed IP address subnet mask etc Network related events Event is triggered when LAN 1 or LAN 2 link on The LAN port is connected to a device or network The port is
43. an be found in Chapter 3 Step 6 Test communications We will describe 2 test methods to make sure the network connection has been established Please refer to the following section for more details Communication Testing After installation you can run a sample test to make sure the AWK 5222 and wireless connection are functioning normally Two testing methods are explained in the following sections Use the first method if you are using only one AWK 5222 device and use the second method if you are using two or more AWK 5222s Testing Method for one AWK 5222 If you are only using one AWK 5222 you will need a second notebook computer equipped with a WLAN card Configure the WLAN card to connect to the AWK 5222 NOTE the default SSID is MOXA_1 and change the IP address of the second notebook B so that it is on the same subnet as the first notebook A which is connected to the AWK 5222 After configuring the WLAN card establish a wireless connection with the AWK 5222 and open a DOS window on Notebook B At the prompt type ping lt P address of notebook A gt and then press Enter see the figure below A Reply from IP address response means the communication was successful A Request timed out response means the communication failed In this case recheck the configuration to make sure the connections are correct SSID MOXA 1 IP 192 168 127 253 Notebook B Notebook A IP 192 168 1271 IP 192 168
44. are and firmware for the AWK 5222 e Hardware Rev 1 0 e Firmware Ver 1 0 You are strongly recommended to visit Moxa s website http www moxa com and find the latest product datasheet firmware QIG Quick Installation Guide UM User s Manual and related information A NOTE You can find out the hardware revision number of AWK 5222 on the side label MOXAN Model Type AWK 5222 MN AWK 5222 EU LLU A 0 1 Production S N TZHI01065029 MAC Address 00 90 E8 17 19 54 MOXA A GELF E pa va ou be e E A e The firmware version number can be seen on the Overview page as follow All information on this page are active values System info Model name AWE S222 U5 Device name AWK SPS2 0013 Serial No 13 System up time O days 06h 02m 04s Firmware version 1 0 Build 09042201 7 2 AWK 5222 User s Manual Supporting Information DoC Declaration of Conformity Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee tha
45. are required which can be generated by a small certificate authority Certificate reduction makes TTLS and PEAP much more popular than EAP TLS The AWK 5222 provides some non cryptographic EAP methods including PAP CHAP MS CHAP and MS CHAP V2 These EAP methods are not recommended for direct use on wireless networks However they may be useful as inner authentication methods with TTLS or PEAP Because the inner and outer authentications can use distinct user names in TTLS and PEAP you can use an anonymous user name for the outer authentication while the true user name is shown only through the encrypted channel Remember not all client software supports anonymous altercation Confirm this with the network administrator before you enable identity hiding in TTLS and PEAP 3 24 AWK 5222 User s Manual Other Console Configurations WLAN 1 WLAN Security Settings SSID MOA 1 Security mode YUPa2 WPA type Encryption method TKIP EAP protocol TTLS MS LHAP VWe W PAP o CHAF M5 CH4p User name 1MIS CH Ap 40 TTLS inner authentication Anonymous name TTL Inner Authentication Setting Factory Default Password Authentication Protocol is MS CHAP V2 used Protocol is used Anonymous Setting Factory Default Max 31 characters A distinct name used for outer None authentication User name amp Password Setting Factory Default User name and password used in None inner authentication PE
46. ate private password Submit Step 2 Select certificate key file Browse Upload Certificate File 3 30 AWK 5222 User s Manual Other Console Configurations A NOTE The WLAN certificate will remain after the AWK 5222 reboots Even though it is expired it can still be seen on Current Certificate Advanced Settings Several advanced functions are available to increase the functionality of your AWK 5222 and wireless network system The DHCP server helps you deploy wireless clients efficiently Packet filters provide security mechanisms such as firewalls in different network layers Moreover the AWK 5222 can support STP RSTP protocol to increase the reliability across the entire network In additional SNMP support can ease the network management via SNMP protocols DHCP Server for AP Client operation mode s AP mode only DHCP Dynamic Host Configuration Protocol is a networking protocol that allows administrators to assign temporary IP addresses to network computers by leasing an IP address to a user for a limited amount of time instead of assigning permanent IP addresses The AWK 5222 can act as a simplified DHCP server and easily assign IP addresses to your wireless clients by responding to the DHCP requests from the client ends The IP related parameters you set on this page will also be sent to the client You can also assign a static IP address to a specific client by entering its MAC address The A
47. e The AWK 5222 can support the PKCS 12 also known as Personal Information Exchange Syntax Standard certificate formats that define file formats commonly used to store private keys with accompanying public key certificates protected with a password based symmetric key WLAN Certificate Settings Import for EAP TLS in Client mode only Current status Certificate issued to Certificate issued by Certificate expiration date Current Status displays information for the current WLAN certificate which has been imported into the AWK 5222 Nothing will be shown if no certificate is available Certificate issued to shows the certificate user Certificate issued by shows the certificate issuer Certificate expiration date indicates when the certificate gets invalid You can import a new WLAN certificate in Import WLAN Certificate by following these steps in order 1 Input the corresponding password or key in the Certificate private password field Then click Submit to set the password 2 You can see the password displayed in the Certificate private password field Then click on the Browse button in Select certificate key file and select the certificate file 3 Click Upload Certificate File to import the certificate file If it succeeds you can see the information uploaded in Current Certificate If it fails you may need to return to step 1 to set the password correctly and then import the certificate file again Step 1 Certific
48. e Configurations If you run the Restart function without changing any configurations or saving all your changes you will see just one Restart button on your screen Restart Ht Warning Clicking Restart will disconnect all Ethernet connections and reboot AWK 5222 U5 You will not be able to run any of the AWK 5222 s functions while the system is rebooting Logout Logout helps users disconnect the current HTTP or HTTPS session and go to the Login page For security reasons we recommend you logout before quitting the console manager Logout Click Logout button to defalut Login page Logout 3 56 4 Software Installation Configuration In this chapter we cover the following topics LI Overview Q AWK Search Utility gt Installing AWK Search Utility gt Configuring AWK Search Utility AWK 5222 User s Manual Software Installation Configuration Overview The Documentation amp Software CD included with your AWK 5222 is designed to make the installation and configuration procedure easy and straightforward This auto run CD includes AWK Search Utility to broadcast search for all AWK s accessible over the network the AWK 5222 User s Manual and Quick Installation Guide AWK Search Utility Installing AWK Search Utility 1 Click the INSTALL UTILITY button in the AWK Installation CD auto run window to install AWK Search Utility Once the program starts running click Yes to proceed 2 Click Next when the
49. e Edit Function Tools Help 2 a x P r qu Search Search Ex Locate We Telnet Assign IP Upgrade Refresh Refresh All Exit No Modelname IP address Device MAC address Overview Py AWK 5222 US 192 168 127 253 00 90 E8 00 46 09 255 255 255 0 1 0 Build 09051917 System info Device info 802 11 info WLANT WLAN2 Country code US WLAN1 0 peration mode WIRELESS_REDURN WLAN1 Channel 6 WLAN1 AF type B G Mixed WLAN1 SSID MOXA_1 y Click on Telnet if you would like to use telnet to configure your AWKs AWK Search Utility File Edit Function Tools Help Le 2 amp 2 Z E a F Search Search Ex Locate Web Telnet Assign IP Upgrade Refresh Refresh All Exit No Modelname _ IP address Device MAC address Overview ETA 192 168 127 253 00 90 E9 00 46 09 255 255 2550 1 0 Build 09051817 System info Device info 802 11 info WLANT WLAN2 Country code US WLAN1 Operation mode WIRELESS REDUK WLAN1 Channel 6 WLAN1 FRF type B G Mixed WLAN1 SSID MOxA_1 v 4 9 AWK 5222 User s Manual Software Installation Configuration Click Assign IP to change the IP setting AWE Search Utility File Edit Function Tools Help au Upgrade Refresh Refresh All Exit A w x Search SearchEx Locate Web Telnet Assign IP No Modelname _ IP address Device MAC address Overview a AWK 5222 US 192 16
50. e Moxa AWK 5222 s default IP is 192 168 127 253 Follow the steps below to access the AWK 5222 s web based console management 1 Open your web browser ex Internet Explorer and type the AWK 5222 s IP address in the address field Then press Enter to establish the connection 3 about blank Microsoft Internet Explorer E O x File Edit View Favorites Tools Help 3 zack y x EB A a Search S 2 Favorites eb 2 The Web Console Login page will open Enter the password User Name is set as admin the default password is root if a new password has not been set and then click Login to continue Moxa AWK o222 US Lsem anne admiri Password Login You may need to wait a few moments for the web page download onto your computer Please note that the Model name and IP address of your AWK 5222 are both shown on the title of the web page This information can help you identify multiple AWK 5222s 3 2 AWK 5222 User s Manual Other Console Configurations You can use the menu tree on the left side of the window to open the function pages to access each of AWK 5222 s functions E Main Menu A verview 19 Overview fa a Basic settings All information on this page are active values Ai Wireless Settings System info HO Advanced Settings Model name AMK 3222 115 FL Auta Warning Settings Device name AWK 5222 0013 421 Status Serial No 13 HE Maintenance ELE up EA O days 00h
51. en telnet 192 168 127 253 When using SSH client ex PuTTY please run the client program ex putty exe and then input the AWK 5222 s IP address specifying 22 for the SSH connection port iS PuTTY Configuration l x Category E Session Basic options for your Pul Ty session Lagging T E Terminal Specify the destination you wantto connect to Keyboard Host Hame or IF address 2 Bell f 92 168 127 253 a E Cee Connection type Po C Raw Telnet Rlogin 8 SSH Serial Appearance 2 The Console login screen will appear Please refer to the previous paragraph RS 232 Console Configuration and for login and administration Configuration by Web Browser with HTTPS SSL To secure your HTTP access the AWK 5222 supports HTTPS SSL encryption for all HTTP traffic Perform the following steps to access the AWK 5222 s web browser interface via HTT PS SSL 1 Open your web browser and type https lt AWK 5222 s IP address gt in the address field Press Enter to establish the connection 3 https 221 32 168 127 253 home asp Microsoft Internet Explorer File Edit View avalos Tools Help JMi 9 WS a al Address ES https 192 168 127 253 home asp 5 5 AWK 5222 User s Manual Software Installation Configuration 2 Warning messages will pop out to warn users that the security certificate was issued by a company they have not chosen to trust Security Alert
52. fault 8 63 characters Master key to generate keys for encryption and decryption Key renewal for Redundant AP AP or Master mode only Setting Factory Default 60 86400 seconds Specifies the time period of group 3600 seconds 1 minute to year key renewal A NOTE The value for key renewal instructs the wireless AP how often it should change the encryption keys Usually the security level will be higher if you set this value shorter so that the encryption keys are changed more often Default value 1s 3600 seconds 6 minutes Longer time periods can be considered if traffic is not so busy WPA WPA2 Enterprise for Redundant AP AP or Master mode By selecting WPA type as Enterprise you can use EAP Extensible Authentication Protocol a framework authentication protocol used by 802 1 X to provide network authentication In these Enterprise level security modes a back end RADIUS Remote Authentication Dial In User Service server is needed if IEEE 802 1 X functionality is enabled in WPA WPA2 The IEEE 802 1 X protocol also offers the possibility of carrying out an efficient connection authentication in a large scaled network It is not necessary to exchange keys or pass phrases 3 20 AWK 5222 User s Manual Other Console Configurations WLAN 1 WLAN Security Settings SSID Moxa 1 Security mode WPAZ we WPA type Encryption method Primary RADIUS server IP Primary RADIUS server port Primary RADIUS s
53. from the AWK 5222 The following parameters can be configured on the E mail Server Settings page In addition a Send Test Mail button can be used to test whether the Mail server and e mail addresses work well More detailed explanations about these parameters are given after the following figure E mail Server Settings Mail server SMTP PO User name A Password II From e mail address VEAS To e mail address 1 o To e mail address 2 To e mail address 3 A To e mail address 4 A Submit Send Test Mail Mail server SMTP IP address The IP Address of your email server User name amp Password User name and password used in the None SMTP server From e mail address Max 63 characters Enter the administrator s e mail address which will be shown in the From field of a warning e mail To E mail address 1 2 3 4 Max 63 characters Enter the receivers e mail addresses 3 45 AWK 5222 User s Manual Other Console Configurations Relay The AWK 5222 has one relay output which consists of 2 terminal block contacts on the AWK 5222 s top panel These relay contacts are used to indicate user configured events and system failure The two wires attached to the relay contacts form an open circuit when a user configured event is triggered If a user configured event does not occur the relay circuit will remain closed For safety reasons the relay circuit is kept open when the AWK 5222 is not p
54. g a single RF because the AWK 5222 has dual RFs and offer users a cascade link to bridge the two ends without narrowing down the throughput Operation mode Wireless bridge WLAN 1 Operation mode WLAN 2 Operation mode Master Slave Master Slave WLANs with same color must have identical RF type SSID and security settings WLAN I WLAN 2 Operation mode Setting Factory Default Master Master can build a connection with a AP for WLAN 1 Slave that has the same RF type Master for WLAN 2 SSID and security settings Slave Slave can build a connection with a master that has the same RF type SSID and security settings 3 11 AWK 5222 User s Manual Other Console Configurations AP Client AP Client mode provides a more flexible topology to allow the user to configure the 2 RF module for an AP or Client Operation mode OP Cllent WLAN 1 Operation mode AP he WLAN 2 Operation mode AF w AF Client Matching Table for AP Client s WLANs WLAN 1 WLAN 2 Allowable Setting Allow AP AP Not Allow WLAN1 WLAN2 Some applications already have existing Clients in the environment The AWK 5222 not only can carry dual RF clients but also single RF or existing Clients to the Ethernet LAN This function is available in Wireless Redundancy mode s Redundant AP or Wireless Bridge mode s Master page Descriptions of other operation modes can be found in the Basic Wireless Settings section 3 12 AWK 5222
55. g one or more redundant clients standard single RF clients can also associate with the redundant AP One of the biggest advantages of the AWK 5222 s wireless redundancy mode is that you can expect zero data loss Redundant AP Redundant AP Redundant A Client Redundant A Client 3 9 AWK 5222 User s Manual Other Console Configurations The following figure shows the Wireless Redundancy operation mode Operation mode WLAN Operation mode Redundant 4P WALAMS with same color must have identical RF type 5510 and security settings WLAN Operation mode Setting Factory Default Redundant AP AP with Dual RF redundancy capable Redundant AP of serving dual RF clients Redundant Client Dual RF redundant clients can join dual RF redundant APs 3 10 AWK 5222 User s Manual Other Console Configurations Wireless Bridge A bridge is a network component that connects two networks AWK 5222 s bridge operation 1s based on the AP master and Client Slave concept Both sides of the connection must have the same RF type SSID and security settings For single RF mesh networks we can use WDS to establish a static bridge link In this case the APs at both ends of the WDS link must be configured manually with each other s MAC addresses The performance of a single RF bridge will be poor if more nodes are added The AWK 5222 s dual RF bridge concept is different from usin
56. g the NTP server or there is no NTP server on the LAN Current local time 3 6 AWK 5222 User s Manual Other Console Configurations Setting Factory Default User adjustable time The date and time parameters allow None configuration of the local time with yyyy mm dd hh mm ss immediate activation format 24 hour format Time zone Setting Factory Default User selectable time The time zone setting allows GMT Greenwich Mean zone conversion from GMT Greenwich Time Mean Time to local time A ATTENTION Changing the time zone will automatically adjust the Current local time You should configure the Time zone before setting the Current local time Daylight saving time Enable Disable Daylight saving time also know as Disable DST or summer time involves advancing clocks usually 1 hour during the summer time to provide an extra hour of daylight in the afternoon When Daylight saving time is enabled the following parameters can be shown e The Starts at parameter allows users to enter the date that daylight saving time begins e The Stops at parameter allows users to enter the date that daylight saving time ends e The Time offset parameter indicates how many hours forward the clock should be advanced Time server 1 2 Setting Factory Default The 1st 2nd time server IP or Domain address of NTP time None server The 2nd time will be used if the Ist NTP server fails to connect Query period
57. hared key Secondary RADIUS server IP fs Secondary RADIUS server port Secondary RADIUS shared key Po Key renewal 60 86400 seconds WPA Type Setting Factory Default Personal Provides Pre Shared Key enabled Personal WPA and WPA2 Enterprise Provides enterprise level security for WPA and WPA2 Encryption method Setting Description Factory Default enabled enabled Mixed Provides TKIP broadcast key and TKIP AES unicast key for some legacy AP clients This option is rarely used This option is available in Redundant AP AP or Master mode only and cannot support AES enabled clients Primary Secondary RADIUS server IP Setting Factory Default The IP address of Specifies the delegated RADIUS None RADIUS server server for EAP Primary Secondary RADIUS port Setting Factory Default Port number Specifies the port number of the 1812 delegated RADIUS server 3 21 AWK 5222 User s Manual Other Console Configurations Primary Secondary RADIUS shared key Setting Factory Default Max 31 characters The secret key shared between AP None and RADIUS server Key renewal Setting Factory Default 60 86400 seconds Specifies the time period of group 3600 seconds 1 minute to year key renewal WPA WPA2 Enterprise for Redundant Client Client or Slave mode In a client role the AWK 5222 can support three EAP methods or EAP protocols EAP TLS EAP TTLS and EAP PEAP corresponding to WPA
58. he AWK 5222 a convenient yet reliable solution for any industrial wireless application Package Checklist Moxa s AWK 5222 is shipped with the following items If any of these items is missing or damaged please contact your customer service representative for assistance 1 AWK 5222 2 Swivel type Antennas 2dBi RP SMA 2 4 amp 5GHz 1 Quick Installation Guide 1 Software CD 1 Moxa Product Warranty Booklet 1 Cable Holder with a Screw 2 Protective Caps A NOTE The above items come with the AWK 5222 standard version The package contents may vary in different a customized version Product Features TEEE802 11a b g Compliant Three in one design AP Bridge Client Dual RF design for redundant wireless communication Advanced Wireless Security gt 64 bit and 128 bit WEP WPA WPA2 gt SSID Hiding TEEE 802 1X RADIUS gt Packet access control amp filtering STP RSTP support for redundancy of system networking Long distance transmission support Turbo Roaming enables rapid handover Client mode Dedicated antenna selection Free firmware update for more advanced functions RS 232 console management 2DI 1DO for on site monitoring and warming 1 2 AWK 5222 User s Manual Introduction e Operating temperature ranges from 40 to 75 C T model e Power input by redundant 24 VDC power inputs or IEEE802 3af Power over Ethernet e DIN Rail or wall mounting ability e P30 protected high strength metal housing
59. hich None AWK 5222 can start assigning Maximum number of users Setting Factory Default 1 999 Specifies how many IP address can be None assigned continuously Client lease time Setting Factory Default 1 10 days The lease time for which an IP address is 10 days assigned The IP address may go expired after the lease time is reached 3 32 AWK 5222 User s Manual Other Console Configurations Packet Filters The AWK 5222 includes various filters for IP based packets going through LAN and WLAN interfaces You can set these filters as a firewall to help enhance network security MAC Filter The AWK 5222 s MAC filter is a policy based filter that can allow or filter out IP based packets with specified MAC addresses The AWK 5222 provides 8 entities for setting MAC addresses in your filtering policy Remember to check the Active check box for each entity to activate the setting MAC Filters Enable Disable Policy Drop No active Name MAC address Enable Setting Factory Default Enables MAC filter Disables MAC filter Policy Setting Factory Default Accept Only the packets fitting the entities on list Drop can be allowed Drop Any packet fitting the entities on list will be denied A ATTENTION Be careful when you enable the filter function Drop no entity on list 1s activated all packets are allowed Accept no entity on list is activated all pac
60. in EFTA member states Norway and Switzerland EU Countries Not Intended for Use None Potential Restrictive Use France only channels 10 11 12 and 13 CE Warning This is a class B product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures Firmware Recovery When the LEDs of FAULT and STATE all light up simultaneously and blink at one second interval it means the system booting has failed It may result from some wrong operation or uncontrollable issues such as an unexpected shutdown during firmware update The AWK 5222 is designed to help administrators recover such damage and resume system operation rapidly You can refer to the following instructions to recover the firmware 7 4 AWK 5222 User s Manual Supporting Information Connect to the AWK 5222 s RS 232 console with 115200bps and N 8 1 You will see the following message shown on the terminal emulator every one second Press Ctrl C to enter Firmware Recovery Process Press Ctrl C to enter Firmware Recovery Process Press Ctrl C to enter Firmware RBecovery Proces Press Ctrl C to enter Firmware Recovery Process Press Ctrl C to enter Firmware Recovery Process Press Ctrl C to enter Firmware Recovery FProcess Press Ctrl C to enter Firmware Recovery Process Press Ctrl C to enter Firmware Recovery Proces Press Ctrl C to enter
61. ing for the management station to poll or send requests to query every object on every device It would be better if the managed device agent could notify the management station by sending a message known as a trap for the event b P z m m bjb bik fp fig l l fe Mi MA AWK 5222 User s Manual Other Console Configurations SNMP Trap Receiver Settings SNMP traps are defined in SMIv1 MIBs SNMPv1 and SMIv2 MIBs SNMPv2c The two styles are basically equivalent and it is possible to convert between the two You can set the parameters for SNMP trap receivers through the web page SNMP Trap Receiver Settings 1st Trap version 1st Trap server IP name ist Trap community 2nd Trap version 2nd Trap server IP name 2nd Trap community alert Ist 2nd Trap version Setting Factory Default SNMP trap defined in SNMPv1___ V1 SNMP trap defined in SNMPv Ist 2nd Trap server IP name Setting Factory Default IP address or host name Enter the IP address or name of the None trap server used by your network Ist 2nd Trap community Setting Factory Default Max 31 characters Use a community string match with a alert maximum of 31 characters for authentication 3 48 AWK 5222 User s Manual Other Console Configurations Status Wireless Status The status for 802 11 info parameters such as Operation mode and Channel are shown on the Wireless Status page The status will refresh every 5 seconds if
62. ireless Settings i WLAN Security Settings E Advanced Wireless Settings Y WLAN Certificate Settings 3 WLAN 2 E Basic Wireless Settings i WLAN Security Settings E Advanced Wireless Settings iJ WLAN Certificate Settings SY Advanced Settings 4 DHCP Server SY Packet Filters Y MAC Filters E IP Protocol Filters ig TCP UDP Port Filters Y RSTP Settings E SNMP Agent i Storm Protection Y Auto Warning Settings S System log E System Log Event Types 3 Syslog Y Syslog Event Types i Syslog Server Settings 3 E mail i E mail Event Types i E mail Server Settings S Relay i Relay Event Types 3 Trap E Trap Event Types E SNMP Trap Receiver Settings Status Wireless Status Associated Client List DHCP Client List System log Relay Status DI and Power Status A Maintenance Console Settings Ping Firmware Upgrade Config Import Export Load Factory Default Password CEE ELECEE Misc Settings Y Save Configuration Y Restart ZA Logout TL El l Basic settings for administering the AWK 5222 Essential settings related to establishing a wireless network Advanced features to support additional network management and secure wired and wireless communication These advanced functions are all optional Application oriented device management functions to set up events traps and reactions via relay warning e mail and SNMP notification These functions are all optional Real time status information t
63. kets are denied 3 33 AWK 5222 User s Manual Other Console Configurations IP Protocol Filter The AWK 5222 s IP protocol filter is a policy based filter that can allow or filter out IP based packets with specified IP protocol and source destination IP addresses The AWK 5222 provides 8 entities for setting IP protocol and source destination IP addresses in your filtering policy Four IP protocols are available All ICMP TCP and UDP You must specify either the Source IP or the Destination IP By combining IP addresses and netmasks you can specify a single IP address or a range of IP addresses to accept or drop For example IP address 192 168 1 1 and netmask 255 255 255 255 refers to the sole IP address 192 168 1 1 IP address 192 168 1 1 and netmask 255 255 255 0 refers to the range of IP addresses from 192 168 1 1 to 192 168 255 Remember to check the Active check box for each entity to activate the setting IP Protocol Filters Enable Disable Policy Drop No Active Protocol Source IP Source netmask Destination IP Destination netmask ES ES 2 DoD Of a Jp ff 7 2 o hoff mur UP EE Setting Factory Default Enables IP protocol filter Disable Disables IP protocol filter Policy Setting Factory Default Accept Only the packets fitting the entities on the Drop list can be allowed Drop Any packet fitting the entities on the list will be denied A ATTENTION Be careful when you enable
64. ks A Setup AWE Search Utility Select Additional Tasks Which additional tasks should be performed Select the additional tasks you would like Setup to perform while installing AWE Search Utility then click Ment Additional icons Create a Quick Launch icon 6 Click Next to proceed with the installation The installer then displays a summary of the installation options iG Setup AWE Search Utility Heady to Install Setup le now ready to begin installing AWE Search Utility on your computer Click Install to continue with the installation or click Back if you want to review or change any settings Destination location C Program Files orata RAWE Search Utility Start Menu folder AWE Search Utility Install Cancel 4 4 AWK 5222 User s Manual Software Installation Configuration 7 Click Install to begin the installation The setup window will report the progress of the installation To change the installation settings click Back and navigate to the previous screen 8 Click Finish to complete the installation of AWK Search Utility A Setup AWE Search Utility Completing the AWK Search Utility Setup Wizard Setup has finished installing AME Search Utility on pour computer The application may be launched by selecting the Installed icons Click Finish to exit Setup Configuring AWK Search Utility The Broadcast Search function is
65. lect an authentication level of MD5 or SHA is the most secure protocol You can also enable data encryption to enhance data security The AWK 5222 s MIB can be found in the software CD and supports reading the attributes via SNMP Only get method is supported SNMP security modes and security levels supported by the AWK 5222 are shown in the following table Select the security mode and level that will be used to communicate between the SNMP agent and manager SEES oa e LOE er oe Method Version noe Encryption V1 V2c Read l l Use a community string match for i Community string No ey Community authentication SNMP V1 V2c Use a community string match for Write Read Community string No authentication Community Use account with admin or user to access objects Provides authentication based on Authentication HMAC MDS or HMAC SHA MD5 or SHA based on MD5 or algorithms 8 character passwords are SHA the minimum requirement for authentication Provides authentication based on HMAC MD5 or HMAC SHA Authentication Dak algorithms and data encryption key MD5 or SHA based on MDS or 8 character passwords and a data SHA encryption key encryption key are the minimum requirements for authentication and encryption 3 38 AWK 5222 User s Manual Other Console Configurations The following parameters can be configured on the SNMP Agent page A more detailed explanation of each parameter is given below the following fig
66. n 115200 for Baud Rate 8 for Data Bits None for Parity and 1 for Stop Bits Property Property Communication Parameter Terminal File Transfer Capturing Communication Parameter Terminal File Transfer Capturing COM Options Terminal Type vn o Ports 20 k ARSI VT100 Baud Rate Dumb Terminal Option rana Data Bits Transmit Parity T Local Echo Stop Bits send Enter Kep As Receive RTS CTS DTA ON OFF CR Translation No Changed FT ONOFF ATS ON OFF LF Translation No Changed 4 Click on the Terminal tab and select VT100 or ANSD for Terminal Type Click on OK to continue 5 The Console login screen will appear Log into the RS 232 console with the login name default admin and password default root if no new password is set E COMA4 115200 None 8 1 ANSI AWE 5222 05 LWE S2 22_0013 login admin RTs Password a Ready AWK 5222 User s Manual Software Installation Configuration 6 The AWK 5222 s device information and Main Menu will be displayed Please follow the description on screen and select the administration option you wish to perform EM COM4 115200 None 8 1 AHSI E ES Pe AWK S222 U5 LAN HAC Address 00 20 ES 00 46 13 Serial No Ls Firmware Version 1 0 Build O39042701 System Info Settings Network Settings Time Settings Maintenance Restart Quit To modify the appearance of the PComm Termi
67. n HMAC SHA algorithms 8 character passwords are the minimum requirement for authentication Admin private key for V1 V2c V3 and V3 only Setting Factory Default No data encryption DES based data encryption Disable AES based data encryption Private Key A data encryption key is the minimum requirement for data encryption maximum of 63 characters Private MIB Information Device Object ID Also know as OID This is the AWK 5222 s enterprise value It is fixed Storm Protection In general one host should not be allowed to occupy unlimited bandwidth particularly when the device malfunctions For example so called broadcast storms could be caused by an incorrectly configured topology or a malfunctioning device Storm Protection Storm protection Enable Disable Multicast amp flooding O Enable Disable Storm Protection Setting Factory Default Enable Disable Enable or disable Broadcast Storm Enable Protection globally for multicast packets Multicast and flooding Setting Factory Default Enable Disable If you enable Storm Protection the Multicast and flooding option will show up You can Enable or Disable Broadcast Disable Storm Protection globally for unknown multicast and unknown unicast packets 3 40 AWK 5222 User s Manual Other Console Configurations Auto Warning Settings Since industrial grade devices are often located at the endpoints of a system these devices will not
68. nal Emulator window select Edit gt Font and then choose the desired formatting options A ATTENTION If you unplug the RS 232 cable or trigger D PR a disconnection event will be evoked to enforce logout for network security You will need to log in again to resume operation Configuration by Telnet and SSH Consoles You may use Telnet or SSH client to access the AWK 5222 and manage the console over a network To access the AWK 5222 s functions over the network from a PC host that is connected to the same LAN as the AWK 5222 you need to make sure that the PC host and the AWK 5222 are on the same logical subnet To do this check your PC host s IP address and subnet mask A NOTE The AWK 5222 s default IP address is 192 168 127 253 and the default subnet mask is 255 255 255 0 for a Class C network If you do not set these values properly please check the network settings of your PC host and then change the IP address to 192 168 127 xxx and subnet mask to 255 255 255 0 5 4 AWK 5222 User s Manual Software Installation Configuration Follow the steps below to access the console utility via Telnet or SSH client 1 From Windows Desktop run Start gt Run and then use Telnet to access the AWK 5222 s IP address from the Windows Run window You may also issue the telnet command from the MS DOS prompt Hun m4 Ed 1 Type the name of a program folder document or Internet resource and Windows will open it for pou Op
69. ng as WEP The key is regularly changed so that true session is secured Even though AES encryption is only included in the WPA2 standard it is widely available in the WPA security mode of some wireless APs and clients as well The AWK 5222 also supports AES algorithms in WPA and WPA2 for better compatibility Personal versions of WPA WPA2 also know as WPA WPA PSK Pre Shared Key provides a simple way of encrypting a wireless connection for high confidentiality A Passphrase is used as a basis for encryption methods or cipher types in a WLAN connection The passphrases should be complex and as long as possible The number of ASCII characters of the Passphrase must be at least 8 and can go up to 63 For security reason this passphrase should be disclosed to the relevant users only and changed regularly SSID Moxa 1 Security mode WPA Y WPA type Encryption method Passphrase Key renewal 60 86400 seconds WPA Type Setting Factory Default WPA and WPA2 Provides enterprise level security for WPA and WPA2 Encryption method Setting Factory Default enabled Advance Encryption System is enabled Mixed Provides TKIP broadcast key and TKIP AES unicast key for some 3 19 AWK 5222 User s Manual Other Console Configurations legacy AP clients This option is rarely used This option is available in Redundant AP AP or Master mode only and cannot support AES enabled clients Passphrase Setting Factory De
70. ngs You can configure the parameters for your Syslog servers in this page Syslog Server Settings Syslog server 1 E Syslog port 514 Syslog server 2 II Syslog port 514 Syslog server 3 CA Syslog port 514 Syslog server 1 2 3 Setting Factory Default IP address Enter the IP address of the 1st 2nd None 3rd Syslog Server Syslog port Setting Factory Default Port destination Enter the UDP port of the 514 1 to 65535 corresponding Syslog server 3 43 AWK 5222 User s Manual Other Console Configurations E mail E mail Event Types Check the box for Active to enable the event items All default values are deactivated unchecked Details for each event item can be found on the System log Event Types table on page 3 31 E mail Event Types Event Active Cold start F Warm start F Power 1 transition On gt Off F Power 1 transition Off gt On F Power 2 transition On gt Off F Power 2 transition Off gt On F PoE transition On gt Off F PoE transition Off gt On F Configuration changed F Console authentication failure F DI 1 transition On gt Off F DI 1 transition Off 0n F DI 2 transition On gt Off F DI 2 transition Off 0n F LAN 1 link On F LAN 1 link Off LAN 2 link On F LAN 2 link Off C 3 44 AWK 5222 User s Manual Other Console Configurations E mail Server Settings You can set up to 4 e mail addresses to receive alarm emails
71. nnnnnnns 7 3 Rec PTE Compliance Stade Mestalla 7 4 PUP Tw al RECO VE A A A AAA eee aea acer cheno 7 4 Technical Support Contact Information ooooonnnnnnnncnnnnnnnnnnnnnnnnononnnonnnnnnnnnnnnnnnnnnonnnnnnnnnnnnnnnnnnnnnss 7 6 1 Introduction Moxa AirWorks AWK 5222 with dual RF wireless capability allows wireless users to access network resources more reliably The AWK 5222 is rated to operate at temperatures ranging from O to 60 C for standard models and 40 to 75 C for extended temperature models and is rugged enough for any harsh industrial environment In this chapter we cover the following topics Overview Package Checklist Product Features Product Specifications DODODOO Functional LED Indicators Beeper Reset Button Relay Digital Output Antenna V VvVv yv Y AWK 5222 User s Manual Introduction Overview The AWK 5222 Access Point Bridge and AP Client is ideal for applications that need a more reliable solution and are hard to wire too expensive to wire or use mobile equipment that connects to a TCP IP network The AWK 5222 can operate at temperatures ranging from 0 to 60 C for standard models and 40 to 75 C for extended temperature models and is rugged enough for any harsh industrial environment Installation is easy with either DIN Rail mounting or wall mounting in distribution boxes The DIN rail wall mounting ability wide operating temperature range and IP30 housing with LED indicators make t
72. o enter the menu and select 1 to start the firmware upgrade process IF address of AWK S222 1L92 168_ 1 z2 Wetmask of AME 5222 7 258 258 _ 252 _0 Gateway of AWH S 22 19 165 40 142 IP address of TFTP server 55_ 255_ 252 0 l Start to firmware upgrade using the above network setting immediately Change the network settings Enter your selection l Z enter for aborti 1 Select 0 in the sub menu to load the firmware image via LAN and then enter the file name of the firmware to start the firmware recovery Load method select O Load from LAN l Load from serial with modem Please select item O Please input file name Default file name AWR S222 ro0m User Input file name ANME 5222 1 0 ron Technical Support Contact Information Customer satisfaction is our number one concern and to ensure that customers receive the full benefit of our products Moxa Internet Services has been set up to provide technical support driver updates product information certification status installation guide and user s manual updates The following services are provided e E mail for technical support support moxa com Worldwide support usa moxa com The Americas e World Wide Web WWW Site for product information http www moxa com
73. o monitor wired wireless network performance advanced services and device management functions Functions to maintain the AWK 5222 and diagnose the network On demand functions to support the operations of web based console management 3 Web Console Configuration In this chapter we will explain each web management page of the web based console configuration Moxa s easy to use management functions will help you set up your AWK 5222 as well as establish and maintain your wireless network easily In this chapter we cover the following topics Configuration by Web Browser Overview Basic Settings Wireless Settings Advanced Settings Auto Warning Setting Status Maintenance Save Configuration Restart Logout DOUUWUODUWUOOUWOUOL AWK 5222 User s Manual Other Console Configurations Configuration by Web Browser Moxa AWK 5222 s web browser interface provides a convenient way to modify its configuration and access the built in monitoring and network administration functions The recommended web browser is Microsoft Internet Explorer 5 5 or 6 0 with JVM Java Virtual Machine installed A NOTE To use the AWK 5222 s management and monitoring functions from a PC host connected to the same LAN as the AWK 5222 you must make sure that the PC host and AWK 5222 are on the same logical subnet Similarly 1f the AWK 5222 1s configured for other VLAN settings you must make sure your PC host is on the management VLAN Th
74. owered Relay Event Types You can check the box for Active to enable the event items All default values are deactivated unchecked Details for each event item can be found in the System log Event Types table on page 3 31 Relay Event Types Event Active Power 1 transition On gt Off F Power 2 transition On gt Off F PoE transition On Off a DI 1 transition On gt Off F DI 1 transition Off gt On F DI 2 transition On gt 0ff F DI 2 transition Off gt On F LAN 1 link On F LAN 1 link Off LAN 2 link On F d LAN 2 link Off 3 46 AWK 5222 User s Manual Trap Trap Event Types Trap Event Types Event Cold start Warm start Power 1 transition On gt Off Power 1 transition Off gt On Power 2 transition On gt Off Power 2 transition Off gt On PoE transition On gt Off PoE transition Off gt On Configuration changed Console authentication failure DI 1 transition On gt Off DI 1 transition Off gt On DI 2 transition On gt Off DI 2 transition Of gt 0On LAN 1 link On LAN 1 link Off LAN 2 link On LAN 2 link Off 3 47 Other Console Configurations Traps can be used to signal abnormal conditions notifications to a management station This trap driven notification can make your network more efficient Because a management station usually takes care of a large number of devices that have a large number of objects it will be overload
75. reless redundancy Redundant Wireless redundancy Redundant Operation mode AP WLAN 1 AP WLAN 2 Channel 6 11 RF type B G Mixed BG Mixed SSID oa 1 Mona 2 Basic Settings The Basic Settings group includes the most commonly used settings required by administrators to maintain and control the AWK 5222 System Info Settings The System Info items especially Device name and Device description are displayed and included on the Overview page SNMP information and alarm emails Setting System Info items makes it easier to identify the different AWK 5222s connected to your network System Info Settings Device name JAP_O11 Device location Area 22 5th Floor Device description No 11 of ABC supporting system Device contact SEO John Davis sysop abc com Device name Setting Factory Default Max 31 Characters This option is useful for specifying AWK 5222 lt Serial No of the role or application of different this AWK 5222 gt AWK 5222 units Device location Setting Factory Default Max 31 Characters To specify the location of different None AWK 5222 units 3 4 AWK 5222 User s Manual Other Console Configurations Device description Setting Factory Default Max 31 Characters Use this space to record more detailed None description of AWK 5222 Device name Setting Factory Default Max 31 Characters To provide information about whom None to contact in order to resolve problems Use this space
76. s and these changes are incorporated into new editions of the publication Technical Support Contact Information www moxa com support Moxa Americas Moxa China Shanghai office Toll free 1 888 669 2872 Toll free 800 820 5036 Tel 1 714 528 6777 Tel 86 21 5258 9955 Fax 1 714 528 6778 Fax 86 10 6872 3958 Moxa Europe Moxa Asia Pacific Tel 49 89 3 70 03 99 0 Tel 886 2 8919 1230 Fax 49 89 3 70 03 99 99 Fax 886 2 8919 1231 Chapter 1 Chapter 2 Chapter 3 Table of Contents INrOdUC CUON Reemsees tense sede ess ame slits a te eee ene o aN eee Sane a ere nee ree 1 1 A auacu a otbencenn ca soudeast ante 1 2 Packase Checklist a didas 1 2 Product NS A E ses aaieatecd E ade we eanideabesmnd oeadiaaseatacaanss 1 2 PROGUCE S PCCIICAUIONS purple iodo 1 3 Pu ctional DESTA A AT A T E ven 1 5 LEDS dalt 1 5 DE PE ais 1 6 GA AAA A odoiastesensantes 1 6 Relay Dita OIDO id dias 1 7 PRIM A O adate ean NE 1 8 GETING Started miii 2 1 First time Installation and Configuration snesen ne a A Eaa 2 2 Communication Leste Ns 2 4 FUNCIONA ME oan eaewa tee sinceseeddarede aang eames aor 2 5 Web Console Configuration sccccssssssccssnssescsenseesccnnseeecennseeeeeesseseees 3 1 COniie uration BY Web LOW Ser oso liado 3 2 a T 3 4 DATES EUA o ciales 3 4 SA A less cneaua lame N 3 4 ING CW OTK ELA eater ae caer a tla ee ceg 3 5 Ann OR OE Saal tases macabecgsdearoomaaneaokens 3 6 AGT Ws A O ne FOI NNN a eer One NNT ot 3
77. s 3 53 Conti import EXPO tilda ia cs 3 53 Edad Factory Dti dci 3 54 PASS WONG ierann AA 3 54 Mise SCUIIOS usa aos 3 54 Save COM C UTA ON aci tea dede vanscahan umndoneanaws NE T A 3 55 Relan AAA see keen teed ch tee she Conca oh dee shade ce edch sea kes Oonuces oh dase shandce hak Oona eke e encase dase oaadoneehehosnenss 3 55 A E deviemaneenea nsec oussanenestaciines 3 56 Software Installation COnfiguration ccccssseeeceesseeeseeeseeeseeeneeeseenseees 4 1 OVAS A oe ens area 4 2 A O las sheets ada A te emesis 4 2 Installing AWK Scarch Ut ii 4 2 Contieutins AWK Search Uta a ia 4 5 Other Console Configurations ccccccsesseeeceseseeeeeesneeescesnseeseeeseeessoeaes 5 1 RS 232 Console Configuration 115200 None 8 1 WTIOO occccnnnnnncnnnccnnnnnnooccccncnnnnnnnnnnos 5 2 Contisuration by Telnet dnd SSH COnSOIES acto docs 5 4 Configuration by Web Browser with HTT PS SSL occcccccncnnnnnnnnnnnoonccnnnnnnnnnnnnnonononnnnnnnonnnnnnnnss 5 5 Disabling Telnet and Brows r Access waists sa 5 6 PICTON CIC CS rara casas ancuenscacenas EE 6 1 Beca atan dtiidr 6 2 BEIM O OR 6 2 PP NE 6 2 RIS TRS SOIC sra ai iio 6 2 SEAR TPg A E E TEE ENEN NER 6 2 Theo EPR S EPC ON PL odds 6 2 Dit rences between RSP and STP oeni EER 6 3 Supporting Information iii ica 7 1 About TMsU ser s Minuakin anen e A EEE E E EEN 7 2 DoC Declaration of COMO a ia 7 3 Federal Communication Commission Interference Statement cccccccnnnnnnnnnnonnnn
78. ser based authentication via IEEE802 1X The AWK 5222 can support three EAP methods EAP TLS EAP TTLS and EAP PEAP SSID Moxa 1 Security mode Security mode Setting Factory Default Open Static WEP is used Fully supports IEEE802 111 with TKIP AES 802 1X Open For security reasons it is highly recommended that the security mode should be set to the options other than Open System When the security mode is set to Open System no authentication or data encryption will be performed WEP According to the IEEE802 11 standard WEP can be used for authentication and data encryption confidentiality Shared or Shared Key authentication type is used if WEP authentication and data encryption are both needed Normally Open or Open System authentication type is often used when WEP data encryption is run with authentication When WEP is enabled as a security mode the length of a key so called WEP seed can be 3 17 AWK 5222 User s Manual Other Console Configurations specified as 64 128 bits which is actually a 40 104 bit secret key with a 24 bit initialization vector The AWK 5222 provides 4 entities of WEP key settings that can be selected to use with Key index The selected key setting specifies the key to be used as a send key for encrypting traffic from the AP side to the wireless client side All 4 WEP keys are used as receive keys to decrypt traffic from the wireless client side to the AP side The WEP ke
79. t interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one of the following measures e Reorient or relocate the receiving antenna e Increase the separation between the equipment and receiver e Connect the equipment into an outlet on a circuit different from that to which the receiver is connected e Consult the dealer or an experienced radio TV technician for help FCC Caution To assure continued compliance example use only shielded interface cables when connecting to computer or peripheral devices Any changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate this equipment This transmitter must not be co located or operated in conjunction with any other antenna or transmitter FCC Radiation Exposure Statement This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment This equipment should be installed and operated with a minimum distance of 20 cm between the radiator amp your body This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and 2 this device must accept any interference received including
80. the selected by user Spanning Tree topology by inputting a lower number Port cost Setting Factory Default Enable Disable Input a higher cost to indicate that this port is 2000000 less suitable as a node for the Spanning Tree topology Edge port Setting Factory Default Checked unchecked Sets a port which no BPDU expectedly goes unchecked through as an edge port except WLANI 2 ports AN OTE We recommend you set an edge port for the port which is connected to a non STP RSTP sub network or an end device PLC RTU etc as opposed to network equipment This can prevent unnecessary waiting and negotiation of STP RSTP protocol and accelerate system initialization When an edge port receives BPDUs it can still function as an STP RSTP port and start negotiation Setting an edge port is different from disabling STP RSTP on a port If you disable STP RSTP a port will not deal with STP RSTP BPDUs at all Port Status Port Status indicates the current Spanning Tree status of this port Use Forwarding for normal transmission or Blocking to block transmission 3 37 AWK 5222 User s Manual Other Console Configurations SNMP Agent The AWK 5222 supports SNMP V1 V2c V3 SNMP V1 and SNMP V2c use a community string match for authentication which means that SNMP servers access all objects with read only or read write permissions using the community string public private default value SNMP V3 which requires you to se
81. the filter function Drop no entity on list 1s activated all packets are allowed Accept no entity on list is activated all packets are denied 3 34 AWK 5222 User s Manual Other Console Configurations TCP UDP Port Filter The AWK 5222 s TCP UDP port filter is a policy based filter that can allow or filter out TCP UDP based packets with a specified source or destination port The AWK 5222 provides 8 entities for setting the range of source destination ports of a specific protocol In addition to selecting TCP or UDP protocol you can set either the source port destination port or both The end port can be left empty if only a single port is specified Of course the end port cannot be larger then the start port The Application name is a text string that describes the corresponding entity with up to 31 characters Remember to check the Active check box for each entity to activate the setting TCP UDP Port Filters Enable Disable Y Policy Drop No Active Source port Destination port Protocol Application name 1 O Z H TCP r 2 O C J CL I E fel L O 3 E al al rep Enable Setting Factory Default Enables TCP UDP port filter Disable Disables TCP UDP port filter Policy Setting Factory Default Accept Only the packets fitting the entities on list Drop can be allowed Drop Any packet fitting the entities on list will be denied A ATTENTION Be careful when you
82. tion For your security do not use the default password root and remember to change the administration password regularly Password Current password e New password enscono Confirm password fesses Misc Settings Additional settings to help you manage your AWK 5222 are available on this page Misc Settings Reset button Always enable Disable after 60 sec Reset button Setting Factory Default Always enable The AWK 5222 s Reset button works Always enable normally Disable after 60 sec The AWK 5222 s Reset button will become invalid 60 seconds after the AW K 5222 completes booting 3 54 AWK 5222 User s Manual Other Console Configurations Save Configuration The following figure shows how the AWK 5222 stores the setting changes into volatile and non volatile memory All data stored in volatile memory will disappear when the AWK 5222 is shutdown or rebooted unless they are y Because the AWK 5222 starts up and initializes with the settings stored in flash memory all new changes must be saved to flash memory before restarting the AWK 5222 This also means the new changes will not work unless you run either the Save Configuration function or the Restart function Configuration setting changes Restart without saving configuration non volatile The system reboots and volatile memory Save memory Restart initialize with the settings flash memory __ y in falsh memory i el
83. to connect the AWK 5222 to a PC s COM port can be used if you do not know the AWK 5222 s IP address It is also convenient to use serial console configurations when you cannot access the AWK 5222 over Ethernet LAN such as in the case of LAN cable disconnections or broadcast storming over the LAN A ATTENTION Do not use the RS 232 console manager when the AWK 5222 is powered at reversed voltage ex 48VDC even though reverse voltage protection is supported If you need to connect the RS 232 console at reversed voltage Moxa s TCC 82 isolator is your best solution A NOTE We recommend using Moxa PComm Lite Terminal Emulator which can be downloaded free of charge from Moxa s website Before running PComm Terminal Emulator use an RJ45 to DB9 F or RJ45 to DB25 F cable to connect the AWK 5222 s RS 232 console port to your PC s COM port generally COM1 or COM2 depending on how your system is set up After installing PComm Terminal Emulator take the following steps to access the RS 232 console utility 1 From the Windows desktop open the Start menu and start PComm Terminal Emulator in the PComm Lite group 9 2 AWK 5222 User s Manual Software Installation Configuration 2 Select Open under Port Manager to open a new connection En PComm Terminal Emulator E mj Ed Open Ctrl Alt O 3 The Communication Parameter page of the Property window opens Select the appropriate COM port for Console Connectio
84. to record contact information of the person responsible for maintaining this AWK 5222 Network Settings The Network Settings configuration allows you to modify the usual TCP IP network parameters An explanation of each configuration item is given below Network Settings DHCP IP address CLE al 27 253 Subnet mask 255 255 255 0 Gateway 192 168 127 254 Primary DNS server IP configuration Secondary DNS server IP configuration Setting Factory Default The AWK 5222 s IP address will be assigned automatically by the network s DHCP server Static Set up the AWK 5222 s IP address manually IP address Setting Factory Default AW K 5222 s IP address Identifies the AWK 5222 on a TCP IP 192 168 127 253 network Subnet mask Setting Factory Default AWK 5222 s subnet Identifies the type of network to 255 255 255 0 mask which the AWK 5222 is connected e g 255 255 0 0 for a Class B network or 255 255 255 0 for a Class C network Gateway 3 5 AWK 5222 User s Manual Other Console Configurations Setting Factory Default AW K 5222 s default The IP address of the router that connects the None gateway LAN to an outside network Primary Secondary DNS server Setting Factory Default IP address of Primary The IP address of the DNS Server used by Secondary DNS server your network After entering the DNS Server s IP address you can input the AW
85. urations The status of user configurable events can be found under Relay Status The status will refresh every 5 seconds if the Auto refresh box is checked If an event is triggered it will be noted on this list System administrators can click Acknowledge Event when he has acknowledged the event and addressed it Relay Status Auto refresh Relay Status Power 1 transition On gt Off Power 2 transition On gt Off PoE transition On gt 0ff DI 1 transition On gt Off DI 1 transition Off gt On DI 2 transition On gt Off DI 2 transition Off gt On LAN 1 link On LAN 1 link Off LAN 2 link On LAN 2 link Off DI and Power Status The status of power inputs and digital inputs is shown on this web page The status will refresh every 5 seconds if the Auto refresh box is checked Din and Power status M Auto refresh Input status Power 1 status Power 7 status PoE status DI 1 status DI 2 status On Of Of Of Of On Off 3 51 AWK 5222 User s Manual Other Console Configurations Maintenance Maintenance functions provide the administrator with tools to manage the AWK 5222 and wired wireless networks Console Seitings Ping You can enable or disable access permission for the following consoles HTTP HTTPS Telnet and SSH connections For more security we recommend you only allow access to the two secured consoles HTTPS and SSH Console Settings HTTP console e Enable
86. urations WLAN 1 WLAN Security Settings SSID Security mode D D HR WPAZ WPA type Encryption method TKIP EAP protocol TLS E Certificate issued to a Certificate issued by ra Certificate expiration date Hy es You can check the current certificate status in Current Status if it is available Certificate issued to shows the certificate user Certificate issued by shows the certificate issuer Certificate expiration date indicates when the certificate gets invalid EAP TTLS It is usually much easier to re use existing authentication systems such as a Windows domain or Active Directory LDAP directory or Kerberos realm rather than creating a parallel authentication system As a result TTLS Tunneled TLS and PEAP Protected EAP are used to support the use of so called legacy authentication methods TTLS and PEAP work in a similar way First they establish a TLS tunnel like EAP TLS and validate whether the network is trustworthy with digital certificates on the authentication server This step is run to establish a tunnel that protects the next step or inner authentication so it is sometimes referred to as the outer authentication Then the TLS tunnel is used to encrypt an older authentication protocol that authenticates the user for the network As you can see digital certificates are still needed for the outer authentication in a simplified form Only a small number of certificates
87. ure SWP Agent Enable Disable Read community eubie Write commnuity private sst lt SCisS SNMP agent version vi vec Fl Po Auth Admin auth type Admin privacy key Disable 7 Privacy key Private MIB information Device object ID enterprise 8691 15 1 Enable Setting Factory Default Enable Enables SNMP Agen em Disables SNMP Agent Read community for V1 V2c V3 or V1 V2c Setting Factory Default Read Community Use a community string match with a maximum of 31 characters for authentication This means that the SNMP agent can access all objects with read only permissions using this community string Write community for V1 V2c V3 or V1 V2c Setting Factory Default Read Write Use a community string match with a Community maximum of 31 characters for authentication This means that the SNMP agent can accesses private all objects with read write permissions using this community string SNMP agent version Setting Factory Default V1 V2c V3 or Select the SNMP protocol version used to V1 V2c V1 V2c or V3 only manage the switch 3 39 AWK 5222 User s Manual Other Console Configurations Admin auth type for V1 V2c V3 and V3 only Setting Factory Default authentication M Provide authentication based on the HMAC MDS algorithms 8 character passwords are the minimum requirement xo Auth for authentication D5 SHA Provides authentication based o
88. used to locate all AWK 5222 APs that are connected to the same LAN as your computer After locating an AWK 5222 you will be able to change its IP address Since the Broadcast Search function searches by TCP packet and not IP address it doesn t matter if the AWK 5222 is configured as an AP or Client In either case APs and Clients connected to the LAN will be located regardless of whether or not they are part of the same subnet as the host 1 Start the AWK Search Utility program When the Login page appears select the Search AWK only option to search for AWKs and to view each AWK s configuration Select the AWK management option to assign IPs upgrade firmware and locate devices AWE Search Utility Login C AWE management Password x Cancel AWK 5222 User s Manual Software Installation Configuration 2 Open the AWK Search Utility and then click the Search icon 0 AWK Search Utility File Edit Function Tools Help a A f B E S Search Ex Locate Wwe Telnet Assiat Unloc No Modelname IP address Device MAC address Subnet mask The Searching window indicates the progress of the search 3 When the search is complete all AWKs that were located will be displayed in the AWK Search Utility window 0 AWK Search Utility l File Edit Function Tools Help a b f 2 pal i Seach SearchEx Locate tet Telnet Assign If rio parade Refres Refresh All Exit No
89. xX Information you exchange with this site cannot be viewed or A changed by others However there is a problem with the site s security certificate A The secunty certificate was issued by a company you have not chosen to trust View the certificate to determine whether pou want to trust the certifying authority O The secunty certificate date is valid The security certificate has a valid name matching the name of the page you are tying to view Do you want to proceed 3 Select Yes to accept the certificate issued by Moxa IW and then enter the AWK 5222 s web browser interface secured via HTTPS SSL You can see the protocol in URL is https Then you can use the menu tree on the left side of the window to open the function pages to access each of AWK 5222 s functions MOXA AWK 3121 JP 192 168 127 253 Microsoft Internet Explorer File Edit View Favorites Tools Help rar back y x B A j Search 52 Favorites iZ dr amp E fe LJ 2o Address a https 192 168 127 253 home asp Go Links gt Total Solution for Industrial Wireless Networking 3 Main Menu E Overview Q Basic Settings EJ Wireless Settings a Advanend Cattinac Disabling Telnet and Browser Access If you are connecting the AWK 5222 to a public network but do not intend to use its management functions over the network then we suggest disabling both Telnet Console and Web Configuration Please run Maintenance gt
90. y can be presented in two Key type HEX and ASCII Each ASCII character has 8 bits so a 40 bit or 64 bit WEP key contains 5 characters and a 104 bit or 128 bit key has 13 characters In hex each character uses 4 bits so a 40 bit key has 10 hex characters and a 128 bit key has 26 characters SSID Security mode Authentication type Key type HEX Key length 64 bits vw Key index WEP key 1 A WEP key 2 E WEP key 3 IES WEP key 4 SSCS Submit Authentication type authentication are both enabled Key type Setting Factory Default HEX Specifies WEP keys in hex decimal HEX number form ASCII Specifies WEP keys in ASCII form Key length initialization vector Uses 104 bit secret key with 24 bit initialization vector Key index Setting Factory Default Specifies which WEP key is used Open 3 18 AWK 5222 User s Manual Other Console Configurations WEP key 1 4 Setting Factory Default ASCII type A string that can be used as a WEP None 64 bits 3 chars seed for RC4 encryption engine 128 bits 13chars HEX type 64 bits 10 hex chars 128 bits 26 hex chars WPA WPA2 Personal WPA Wi Fi Protected Access and WPA2 are significantly improved encryption methods of WEP WPA is a security standard based on 802 111 draft 3 while WPA2 is based on the fully ratified version of 802 111 The initial vector is transmitted encrypted and enhanced with its 48 bits twice as lo
Download Pdf Manuals
Related Search