Edge-Core WA6202AM manuel d'utilisation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332

Aller à la page of

Un bon manuel d’utilisation

Les règles imposent au revendeur l'obligation de fournir à l'acheteur, avec des marchandises, le manuel d’utilisation Edge-Core WA6202AM. Le manque du manuel d’utilisation ou les informations incorrectes fournies au consommateur sont à la base d'une plainte pour non-conformité du dispositif avec le contrat. Conformément à la loi, l’inclusion du manuel d’utilisation sous une forme autre que le papier est autorisée, ce qui est souvent utilisé récemment, en incluant la forme graphique ou électronique du manuel Edge-Core WA6202AM ou les vidéos d'instruction pour les utilisateurs. La condition est son caractère lisible et compréhensible.

Qu'est ce que le manuel d’utilisation?

Le mot vient du latin "Instructio", à savoir organiser. Ainsi, le manuel d’utilisation Edge-Core WA6202AM décrit les étapes de la procédure. Le but du manuel d’utilisation est d’instruire, de faciliter le démarrage, l'utilisation de l'équipement ou l'exécution des actions spécifiques. Le manuel d’utilisation est une collection d'informations sur l'objet/service, une indice.

Malheureusement, peu d'utilisateurs prennent le temps de lire le manuel d’utilisation, et un bon manuel permet non seulement d’apprendre à connaître un certain nombre de fonctionnalités supplémentaires du dispositif acheté, mais aussi éviter la majorité des défaillances.

Donc, ce qui devrait contenir le manuel parfait?

Tout d'abord, le manuel d’utilisation Edge-Core WA6202AM devrait contenir:
- informations sur les caractéristiques techniques du dispositif Edge-Core WA6202AM
- nom du fabricant et année de fabrication Edge-Core WA6202AM
- instructions d'utilisation, de réglage et d’entretien de l'équipement Edge-Core WA6202AM
- signes de sécurité et attestations confirmant la conformité avec les normes pertinentes

Pourquoi nous ne lisons pas les manuels d’utilisation?

Habituellement, cela est dû au manque de temps et de certitude quant à la fonctionnalité spécifique de l'équipement acheté. Malheureusement, la connexion et le démarrage Edge-Core WA6202AM ne suffisent pas. Le manuel d’utilisation contient un certain nombre de lignes directrices concernant les fonctionnalités spécifiques, la sécurité, les méthodes d'entretien (même les moyens qui doivent être utilisés), les défauts possibles Edge-Core WA6202AM et les moyens de résoudre des problèmes communs lors de l'utilisation. Enfin, le manuel contient les coordonnées du service Edge-Core en l'absence de l'efficacité des solutions proposées. Actuellement, les manuels d’utilisation sous la forme d'animations intéressantes et de vidéos pédagogiques qui sont meilleurs que la brochure, sont très populaires. Ce type de manuel permet à l'utilisateur de voir toute la vidéo d'instruction sans sauter les spécifications et les descriptions techniques compliquées Edge-Core WA6202AM, comme c’est le cas pour la version papier.

Pourquoi lire le manuel d’utilisation?

Tout d'abord, il contient la réponse sur la structure, les possibilités du dispositif Edge-Core WA6202AM, l'utilisation de divers accessoires et une gamme d'informations pour profiter pleinement de toutes les fonctionnalités et commodités.

Après un achat réussi de l’équipement/dispositif, prenez un moment pour vous familiariser avec toutes les parties du manuel d'utilisation Edge-Core WA6202AM. À l'heure actuelle, ils sont soigneusement préparés et traduits pour qu'ils soient non seulement compréhensibles pour les utilisateurs, mais pour qu’ils remplissent leur fonction de base de l'information et d’aide.

Table des matières du manuel d’utilisation

  • Page 1

    www .edge-core.com User G uide P owered by Accton W A 6202A W A 6202AM 2.4 GH z / 5 G Hz Dual Ba nd Outdoor Access Point / Bridge[...]

  • Page 2

    [...]

  • Page 3

    User Guide 2.4 GHz / 5 GHz Wireless Access Point/Bridge WA6202 A IEEE 8 02.11g and 8 02.11a Dual-band A ccess Point / Bridge with Integ rated 5 GHz High-Gain An tenna and Ex ternal Anten na Option s WA6202 AM IEEE 8 02.11g and 8 02.11a Dual-band A ccess Point / Bridge with External Antenna Options[...]

  • Page 4

    WA6202A WA6202AM F4.3.3.6 E1 12006-DT-R01 1491000 34900 E[...]

  • Page 5

    i Compliances Federal Communication Commission Interference Statement This equipment has been tested and found t o comply with the limits for a Class B digital device, pursuant to P art 15 of the FCC Ru les. These limits are d esigned to provide reasonable protection against harmful interfer ence in a residential installation. This equipment genera[...]

  • Page 6

    ii VCCI No tice This is a c lass A product based on the standard of the V oluntary Control Council for Interference by Information T echnology Equipment (VCCI). If t his equipment is used in a domestic environment, radio disturbance may aris e. When such trouble occurs, the user may be required to t ake corrective act ions. EC Conformance Declarati[...]

  • Page 7

    iii • This device employs a radar detection f eature required for European Community operation in the 5 GHz band. T his feature is automatically enabled when the country of operation is correctly configured for any Eu ropean Community country. The pres ence of nearby radar operation ma y result in temporar y interruption of oper ation of this dev[...]

  • Page 8

    iv Safe ty Co mpl ianc e Power Cord Safety Please read the following safety information carefully bef ore installing the device: Wa r n i n g : Installation and removal of the unit must be carried out by qualif ied personnel only . • The unit must be connected to an earthed (grounded) outlet to comply with international safety standards . • Do [...]

  • Page 9

    v Veuillez lire à fond l'informatio n de la sécurité su ivante avant d'inst aller l’appareil: A VERTI SSEME NT : L ’instal lation et la dépose de ce groupe doivent ê tre confiés à un personnel qualifié. • Ne branchez pas votre apparei l sur une prise s ecteur (alimentation électrique) lorsqu'il n'y a pas de connex[...]

  • Page 10

    vi • L’appareil fonctionne à une tension extrêmem ent basse de sécurité qui es t conforme à la norme IEC 60950. Ces conditions ne s ont maintenues que si l’équipement auquel il est raccordé fonctionne dans les mêmes conditions. France et Pérou uniquement: Ce groupe ne peut pas être alimenté par un dispositif à impédance à la ter[...]

  • Page 11

    vii Bitte unb edingt vor dem Einbauen de s Gerä t s di e folgende n Sicherheitsanweisungen durchlesen (Ger many) : W ARNUNG: Die Installation und der Ausbau des Geräts darf nu r durch Fachpersonal erfolgen. • Das Gerät sollte nicht an eine ungeerdete Wechs elstromsteck dose a ngeschlos sen werden. • Das Gerät muß an eine geerdete Steck dos[...]

  • Page 12

    viii Stromka bel . Dies muss von dem Land, in dem es b enutzt wird gepr üft werden: U.S.A und Canada Der Cord m uß das UL gepruft und war das CSA beglaubigt. Das Minimum spezifikation fur d er Cord sind: - Nu. 18 AWG - nich t mehr als 2 meter, oder 16 AWG. - Der typ SV oder SJ - 3-Leiter Der Cord muß haben eine strombelastbarkeit aus wenigstens [...]

  • Page 13

    ix Table of Contents Chapter 1: Introduction 1-1 Radi o Chara cter istic s 1-1 Packag e Checkli st 1-2 Hardware Description 1-2 LED In dicat ors 1-3 Integrate d High-Gai n Antenna 1-5 External Antenna O ptions 1-5 Ethe rne t Por t 1-6 Power I njector M odule 1-6 Groun ding Po int 1-7 Water Tig ht Test Poi nt 1-7 Wall- an d Pole- Mounting Bracket Ki[...]

  • Page 14

    x Contents Mount ing to a Wall 4-4 Conne ct Externa l Antennas 4-5 Conne ct Cabl es to the Unit 4-6 Connect the Power Injector 4-7 Align An tennas 4-8 Chapter 5: Initi al Configuration 5-1 Init ial Setup th rough the CLI 5-1 Required Connectio ns 5-1 Initial C onfig uration Step s 5-2 Loggi ng I n 5-3 Chap ter 6: Sys tem C onfig urat ion 6-1 Advanc[...]

  • Page 15

    xi Contents Chap ter 7: Com mand L ine I nterf ac e 7-1 Usin g the Comm and Li ne Interfac e 7-1 Accessi ng the CLI 7-1 Consol e Connecti on 7-1 Telnet C onnectio n 7 -1 Entering Commands 7 -2 Keywords an d Argument s 7-2 Minimum Abbrevia tion 7-2 Comma nd Comp letion 7-3 Getting H elp on C omman ds 7-3 Par tial Keyw ord Looku p 7-4 Negatin g the E[...]

  • Page 16

    xii Contents show v ersion 7-24 show c onfig 7-24 show ha rdware 7-28 System Logging Comman ds 7-28 logg ing on 7-29 logg ing ho st 7-29 logg ing co nsol e 7-30 logging l evel 7-30 lo gg ing fa cil ity - typ e 7-31 logg ing cl ear 7-32 show lo gging 7-32 show ev ent-log 7-3 3 System Clock Com mands 7-33 sntp-server i p 7-34 sntp-serv er enable 7-34[...]

  • Page 17

    xiii Contents delete 7-5 7 dir 7-58 show bo otfile 7-58 RADIUS Client 7-59 radius-se rver ad dress 7-59 radius-se rver po rt 7-60 radius-se rver ke y 7-60 radius-se rver ret ransmit 7-61 radius-se rver timeo ut 7-61 radius-se rver po rt-accounting 7-62 radius-ser ver timeout-i nterim 7-62 radius-se rver radius -mac-format 7-63 radius-se rver vl an-[...]

  • Page 18

    xiv Contents bridge stp forwardi ng-delay 7-84 bridge stp hello -time 7-84 bridge stp max-age 7-85 bridge stp priority 7-85 bridge-lin k path -cost 7-86 bridge-lin k port-prio rity 7-86 show bri dge stp 7-87 Ethernet I nterfac e Command s 7-88 in terfac e e ther net 7-88 dns server 7-89 ip address 7-89 ip dhcp 7-90 speed-dup lex 7-9 1 shutdow n 7-9[...]

  • Page 19

    xv Contents rogue-ap au thenti cate 7-11 5 rogue-ap du ration 7-11 6 rogue-ap i nterval 7 -116 rogue-ap s can 7-11 7 show rog ue-ap 7 -118 Wireles s Secu rity Comm and s 7-11 8 auth 7 -119 encryptio n 7-121 key 7 -122 transmit-k ey 7-12 3 cipher-su ite 7 -124 mic_ mode 7- 125 wpa-pre-s hared-key 7-126 pmksa-l ifetime 7 -126 pre-auth enticatio n 7-1[...]

  • Page 20

    xvi Contents Appendi x C: Speci fications C-1 Genera l Specific ations C-1 Sensi tivit y C- 4 Transmit Power C-5 Antenna Spec ifi ca tio ns C -6 18 dBi High Gain Directi onal Panel (2.4 GHz) C-6 8 dBi Om nidirectio nal (2 .4 GHz) C- 7 10 dBi Sector (2.4 GHz) C-8 8 dBi Om nidirectio nal (2 .4 GHz) C- 9 8 dBi Om nidirectio nal (5 GHz) C-10 12.5~13.5 [...]

  • Page 21

    1-1 Chapter 1: Intr oduction The Dual- ban d Outdoor Acc ess P oint / Bri dge system con sists of two mode ls th at provide poi n t-to-point or point - to -m u ltipoint bridge links betwe en remo te Eth er net LANs, and w ir eless acc es s poi n t services for cl i ents in the l oc al LAN area : • WA62 02A – Inclu des an integr ated high- gain [...]

  • Page 22

    Introduction 1-2 1 Package Checklist The Dual- ban d Outdoor Acc ess Point / Bridge packag e includes : • One W i re le ss Du al-b an d Access Poi nt (W A6 20 2A or WA620 2AM) • One C a te gor y 5e network Po E ca ble, length 98 ft (3 0 m ) • One po wer inje ctor m odule a nd powe r cord 5.9 ft (1.8 m ) • One RS2 32 c onsole ca ble 5.9f t ([...]

  • Page 23

    LED Indicators 1-3 1 LED Indicators The access point includ es eight status LED indica to rs , a s in di ca te d i n th e fo l low i ng fig ure. The follow ing table desc ribe s th e sy stem status LEDs . LED Status Descripti on Powe r On G r een Indi cat es th at t he sys tem is wor kin g nor mally . On Ambe r Indicates a s ystem r eset. Link On G[...]

  • Page 24

    Introduction 1-4 1 The 1 1a and 1 1b/ g LEDs operate in two di s pl ay m o des, whic h ar e co nf ig ur ab le through th e m an agement i nt er fa ce. The RSSI mode is for alig ni ng ant en nas in a bridge link . Th e AP m od e is for indicat in g data traffic rate s. The follow in g table de sc ribes the wi re less status LEDs in AP m od e. The fo[...]

  • Page 25

    Integrated Hi gh-Gain Antenna 1-5 1 Integrated High-Gain Ante nna The WA6202A unit inc lude s an integra te d hi gh -g ain (17 dB i) flat- panel ant en na for 5 GHz operat i on. Th e ant en na can prov i de a d irect line-of -s ight lin k up to 15.4 km (9.6 miles ) wi t h a 6 Mbps data rate. External Antenna Options The WA6202AM unit d oes not incl[...]

  • Page 26

    Introduction 1-6 1 Ethernet Port The wireless bridge has one 1 0BAS E-T/100BASE -TX 8-p in DIN por t that conne cts to the pow er injec tor mo dul e u sing the inclu de d Et her ne t cable. The Ether ne t port connect i on pr ov ides powe r to the wire less bridge as wel l as a data link t o th e l oca l network . The wireles s br i dge appears as [...]

  • Page 27

    Grounding Point 1-7 1 The powe r inj ec to r m od ule autom at i call y ad justs to any AC vo ltage between 100-240 volts at 50 or 60 Hz . No v ol tage ran ge setting s ar e re qu ired. Warning : Th e po wer i nje ctor modu le i s de si gned f or i ndoo r us e on ly . Ne ver moun t the power in je ct or outside w ith t he wireless br id ge unit. Gr[...]

  • Page 28

    Introduction 1-8 1 System Configuration At each loca tion where a un it is installed, it mus t be conne ct ed t o t he loc al network using the po wer inject or mo du le. The follo w ing f ig ur e i llus trat e s the system compon ent conne ct i ons . Features and Benefits • W A6 202A units support a 5 GHz po int-to-poin t wireles s link up 1 5.4[...]

  • Page 29

    2-1 Chapte r 2: Network Co nfigur ation The Dual- ban d Outdoor Acc ess P oint / Bri dge system pro vide s access po int and bridging ser vi ce s t hro ug h either th e 5 G Hz or 2. 4 G H z radio interfac es. The wireles s bridge uni ts ca n be us ed just as nor m al 80 2. 1 1a/b/g acc ess points connect ed to a local wired L AN, p roviding c onnec[...]

  • Page 30

    Network Configur ation 2-2 2 Infrastr ucture Wireless LAN The access point func tion of the wireles s bridge prov i des access to a wired L AN for 802.1 1a/b/g wireles s workstatio ns. An int eg rated wi re d/ wi rele ss LAN is cal l ed an Infrastru ctur e co nfiguratio n. A Bas ic Service Set (BSS ) co nsi s ts of a group of wireless PC user s a n[...]

  • Page 31

    Access Point T o p ologies 2-3 2 Infrastr ucture Wireless LAN fo r Roami ng Wirele ss PCs The B asic Ser vice Set (BSS) de fines t he comm unications domain for eac h acces s point and i ts associ ate d wireless cl i en ts. The BSS ID is a 48-bit bi nar y n umber based on the ac cess po i nt’s wirel es s MAC ad dre ss , and is set au to m at i ca[...]

  • Page 32

    Network Configur ation 2-4 2 Bridge Link Topologies The IEEE 802 .1 1 s t andard defines a WIreless Distribution System (W DS) for bridge connect i ons between BSS areas (acc es s points). The outdo or wir el es s br id ge uses WDS to fo rward traffic on lin ks betwee n units. Up to 5 WDS l inks can be s pecified for a W A6202 AM un it, which ac ts[...]

  • Page 33

    Bridge Link T opologies 2-5 2 Point-to- Multipoint Configurati on A W A6202 AM w i rele ss br i dg e can use an om n idirectional or sec tor antenn a to connect to as m an y as 6 bridg es i n a po in t -to- m ultipoint con fig uration. Ther e c an only be on e “Ma ster” unit i n th e wi re le ss bridg e netwo rk , all ot her br id ge s must be [...]

  • Page 34

    Network Configur ation 2-6 2[...]

  • Page 35

    3-1 Chapter 3: Bridge Link Planning The Dual- ban d Outdoor Acc ess P oint / Bri dge supports fixed po in t -to- po int or point-to- m ultipoint wir el es s l in ks. A sing le link betw ee n t w o poi n ts can be us ed to connect a remote si te to larger core networ k. Multip le bridge links can prov ide a way to connec t wid esp read Ethern et LAN[...]

  • Page 36

    Bridge Link Planni ng 3-2 3 If there are ob stacles in the ra di o path , the re may sti ll be a rad io link but th e qua lity and stre ngt h of the s ignal will be affecte d. C al cula ting the m axi m um c learance f ro m objects on a path is imp ortant as it direc tly affects the decisi on on a ntenna placemen t and h eight. It is espec ially c [...]

  • Page 37

    Radio Path Planni ng 3-3 3 . Note that t o avo id any obs truc tion along th e path , the he ight of the obj ec t mu st be added to the m inimum cl earance re quired for a cle ar radio line-o f-sight. Con sider the following s imple example, illustrated in the fi gure below . A wir el ess brid ge l ink i s depl oyed t o co nne ct b uil ding A t o a[...]

  • Page 38

    Bridge Link Planni ng 3-4 3 (7.5 ft) mast or po le m ust be c ontructed on its roof to achiev e the requ ired antenna height. Bu ild ing B is only t hr ee s to ries high, or 9 m (30 ft), but is lo cat ed at an elevatio n that is 12 m (3 9 ft) highe r t han bul di ng A. T o moun t a n ann tena at the required hei gh t on building B, a m as t or pole[...]

  • Page 39

    Ethernet Cabling 3-5 3 Radio Int erference The avoid an ce of radio int er fe re nc e is an important part of wir eles s link plan ni ng. Interfe re nce is caused by ot he r radio transm i s sions usin g the sam e or an adj a cent channel freq uency . Y ou should firs t scan your pr opo sed sit e using a spectr um analyze r to de termine if th er e[...]

  • Page 40

    Bridge Link Planni ng 3-6 3 • Deter m i ne i f cond ui t s, bra cing , or other stru ctures are req uired for saf et y or protection of the cab le • For lig ht ni ng p rotection at th e po wer inject or end o f the cable, con sider us ing a lightning arrestor im m edi a te ly bef or e t he ca ble enters th e bui ldi ng Grounding It is important[...]

  • Page 41

    4-1 4-1 Chapte r 4: Hardwa re Inst allati on Before mou nting ant enn as to set up you r wireless brid ge links, be sur e yo u have selected appropriat e l oc at io ns for each ante nn a. Follow th e gu idance an d informat ion i n Chap ter 3: "Bridge Li nk Plan ning." Also, bef ore mount ing units in their intended lo cation s, you shoul[...]

  • Page 42

    Hard war e Ins talla tion 4-2 4 The bridge’s mou nting brac ket has four parts. One re ctang ul ar pl at e th at is use d for pole and wa ll mountin g, one square plat e th at at tach es dir ectly to the br idge , and two plates that form an ad justable V -shaped cl am p f or pol e m ou nting. Mounting on a Pole Perform the follo wing steps t o m[...]

  • Page 43

    Mount the Unit 4-3 4 4. Attach the bridge wi th its mount ing plate to the br acket al ready fixed to th e pole. 5. Use the in cl ud ed nuts to secur e th e w i re le ss b ri dg e to th e pol e b racket. N ot e that the wi re le ss bridg e tilt angle ma y need to be ad justed dur i ng t he antenna alignme nt pro ce ss. Attach th e adjustable rectan[...]

  • Page 44

    Hard war e Ins talla tion 4-4 4 Be sure to take accou nt of the ant en na p olarizat ion di r ect i on ; all antenna s in a link must be mounted with the same polariza tio n . Mounting to a Wall Perform the fo llow ing steps to moun t the unit to a wal l usi ng the wall-mou nting bracket: Note: The wall-mounting bracket does not allow the wireless [...]

  • Page 45

    Connect Exter nal Antennas 4-5 4 Connect External Antenna s When dep loying a WA6202A M uni t for a br id ge li nk or ac cess poin t op er at ion, yo u need to m ount externa l antennas and connect them to the b ridge. T ypically , a bridge link re quires a 5 GH z ante nna, an d acces s point operation a 2 .4 G Hz an tenna. W A6202 A uni ts als o r[...]

  • Page 46

    Hard war e Ins talla tion 4-6 4 Connect Cables to the Un it Warning : Do not conn ect or disconn ect ca bles or othe rwi s e work with the br id ge dur i n g peri ods of li gh tni n g acti v ity . 1. Attach the Ether net ca ble to the Ether ne t port on the w ireles s bridge. 2. For extra pr ot ec tion again st ra in or m oi s tu re , ap pl y w ea [...]

  • Page 47

    Connect the Power Injector 4-7 4 Connect the Power Injec tor T o connec t the wi r el ess br id ge t o a po wer sourc e: Cauti on: Do not install the pow er injector outdoors. Th e unit is fo r indoor ins tallation only . Cauti on: Install light ni ng p ro te ct io n at th e po wer inject or end o f the Ethern et cab le, use a light ning a rrestor [...]

  • Page 48

    Hard war e Ins talla tion 4-8 4 1. Insert the po wer cable plu g di r ect ly i nt o th e stan dar d AC receptacle on t he power injector . 2. Plug the other end of the power c able into a ground ed, 3-pin s ocket, AC power source. Note: For International use, you may need to change the AC line cord. You m ust use a line cord set that has been appro[...]

  • Page 49

    Align Antennas 4-9 4 The signa l str en gt h LED s indica te the re ceive d radio sig nal st re ng th for a particular bridge link . Th e m or e LED s that turn on, the stron ger the sig nal . A lter na tiv ely , you can monit or th e Rec eive Signal Strength Indica to r (R SSI ) v alue d irectly from the manage m ent interfa ce. The hi ghe r the R[...]

  • Page 50

    Hard war e Ins talla tion 4-10 4 1. Pan the anten na horiz on tally back and for t h whi l e ch eck ing the LE D s. If usin g the pole-m o unting bra ck et with the un i t, you must rotate th e m oun ting brack et around t he po l e. Oth er external an tenna bra ck ets m ay req ui re a di fferent horizontal adj us tment. 2. Find the poi nt whe re t[...]

  • Page 51

    5-1 Chapter 5: Init ial Configuration The Dual- ban d Outdoor Acc ess P oint / Bri dge offers a variety of man agemen t options, in cl ud in g a w eb -based i nt er fa ce, a dir ect co nnecti on t o th e co ns ole port, T e lnet, Se cu re Shell (SSH ), or using SN MP software. The ini tia l co nfigu rat ion ste ps c an b e ma de th rou gh t he we b[...]

  • Page 52

    Initial C onfig uration 5-2 5 For a des cription o f how to use the C LI, see “ Using the Comma nd Line Interface” on page 7-1. For a lis t of al l the C LI com m an ds and detailed inf or m at ion on using the CLI, ref er to “ Comm and Grou ps” on pag e 7-6. Initia l Configuration Ste ps Logging In – Ent er “ admin ” f or t he us er [...]

  • Page 53

    Logging In 5-3 5 Setting the Country Code – Units sold in the Un ited S tates are con fig ure d by default to us e only radio cha nnels 1-1 1 in 802.1 1b or 802.1 1g m od e as defined by FCC re g ulat i on s . Unit s sol d in ot her co untr ie s ar e conf ig ur ed by de faul t wit hou t a country code (i.e ., 99). Y ou must use the CLI to s et th[...]

  • Page 54

    Initial C onfig uration 5-4 5 The hom e page displays the M ain Me nu.[...]

  • Page 55

    6-1 Chapter 6: Syst em Config uration Before cont inuing wi th advance d config uration, first complete t he initial con figuratio n steps descr ibed in Chap te r 5 to se t up an IP add re ss for the acc es s point. The access point can be m a naged b y any com puter usi ng a web brow ser (Int er ne t Explorer 5 .0 or above, or Netscape 6. 2 or abo[...]

  • Page 56

    System Configurati on 6-2 6 Advanced Configuration The Adv anc ed C o nfigurat ion page s include th e f ol low i ng o ptions. T able 6-1. Menu Menu Desc ription Page System Configur es bas ic administ rative and client acc ess 6-3 Identificat ion Specifies the ho st name 6-3 TCP / IP S etting s Configur es the IP addres s, subnet m ask, gate way ,[...]

  • Page 57

    Advanced Configur ation 6-3 6 System Identification The syste m nam e for the acces s po int can be le ft at its default set tin g. Ho w ev er, modi fy i ng t hi s pa ra me te r ca n hel p you t o mor e easi l y dist in gu is h di f f er en t de vi ces i n your n etwork. System Name – An ali as fo r t h e acce ss po i n t, en abli ng th e devi c [...]

  • Page 58

    System Configurati on 6-4 6 CLI Comma nd s for Syst em Id ent i fi cat i on – En te r th e gl ob al co nf ig ur at ion mod e, and use the sy st em nam e command to sp ecify a new syst em name. Then retu rn to the Exec mode, an d use th e show system command to display the changes to t he system iden tification s ettings . Enterprise AP#config 7-8[...]

  • Page 59

    Advanced Configur ation 6-5 6 TCP / IP Se ttings Configu ring the acc ess p oint with an IP address expands your abili ty to manag e the access po int. A number of acc ess point fe at ur es depend on IP addressing to operat e. Note: You can use the web browser interface to access IP addressing only if the access point already has an IP address that[...]

  • Page 60

    System Configurati on 6-6 6 • IP Ad dress: The IP addr ess of the access point. Valid IP add resses consist o f four decimal numb ers, 0 t o 255, separat ed by periods. • Sub ne t Mask: The ma sk t ha t identifies t he host addr ess bits used fo r rout i ng to specific sub nets. • Defau lt Gatew ay: Th e default g ateway is the IP addres s of[...]

  • Page 61

    Advanced Configur ation 6-7 6 RADIUS Remote Aut he ntication Di al- in User Ser vi ce (RAD I US ) is an authen tication prot oc ol that uses so ftware run ning o n a centra l se rv er to c ont r ol acc ess to RA DIU S-awar e devices on t he n etwork. An au thentica tion server co ntains a datab as e of user credent ials for each user t hat requ ire[...]

  • Page 62

    System Configurati on 6-8 6[...]

  • Page 63

    Advanced Configur ation 6-9 6 MAC Addres s Format – MAC a ddresse s can be spec ified in one of four forma ts, using no d el ime ter , with a single dash delimet er, with m ult ip l e das h de limete rs , an d with multip le colon delimet ers. VLAN ID Fo rmat – A VLAN ID (a num ber bet w e en 1 a nd 4094 ) ca n be as si gn ed to each clien t af[...]

  • Page 64

    System Configurati on 6-10 6 CLI Commands for RADIUS – From the global co nfigurati on m od e, use the radius-server address command t o sp ecify the addr es s of the prima ry or secondar y RA DIUS s ervers. (The fol lowing example confi gures the settin gs for the primary RADIUS server .) Configure the other p arameters for th e RADIUS server . [...]

  • Page 65

    Advanced Configur ation 6-11 6 SSH Settings T e lnet is a remo te mana gem e nt to ol tha t c an be use d to configu re the acces s point from anyw h ere in the ne two rk. Howev er , T el net is not sec ur e fro m hostile at tack s. The Secure She ll (SSH) can act as a se cure repla cem e nt fo r T elnet. The SSH protocol use s generat ed public ke[...]

  • Page 66

    System Configurati on 6-12 6 CLI Commands for SSH – T o ena ble the SSH server , use the ip ssh -server enable comm and fr om th e CLI Et her ne t interface con figuratio n m ode . T o set the SSH server U DP port, use the ip ssh-se rver por t com mand. T o view th e current s ettings, use the sho w sys tem command from th e CLI Ex ec mod e (not [...]

  • Page 67

    Advanced Configur ation 6-13 6 MAC Authentication – Y ou can configu re a list of the M A C ad dresses for wirele ss clients that are au thorized to access the net w or k. Thi s pro vides a ba si c leve l of aut he nti c ati on for wirel es s cl ie nt s at t emp t i n g to gai n acce ss to t h e netw o rk. A database of au thorized M AC addre sse[...]

  • Page 68

    System Configurati on 6-14 6 802.1X Su ppli ca nt – The ac cess point can also operat e i n a 802 .1X suppli ca nt mode . Th is en abl es th e ac ces s poi nt it s elf t o be auth enti ca ted wi th a RADI US se rve r using a co nf igur ed MD5 use r na m e and password. Th is pre ve nts rogue acces s points from ga in in g ac ces s to the ne two r[...]

  • Page 69

    Advanced Configur ation 6-15 6 CLI Commands for Local MAC Authentication – Use the mac-authen tication serve r comm an d from the glo bal co nf ig ur at i on m od e to enable l oca l MAC authenti ca tion. Use the m ac -a uth ent i cat i on se ssi on -timeout command to set the authenti cation in terval to enabl e web- based a uthentic ation for s[...]

  • Page 70

    System Configurati on 6-16 6 CLI Commands for RADIUS MAC Authentication – Us e th e mac-au thenticati on serve r comm an d from the glo bal co nf ig ur at i on m od e to enable r em ote MAC authenti ca tion . Set the timeou t value for re-au thentic at ion us ing the mac- aut h enti cati on se ss ion -ti me out comm an d. Be su re to also co nfig[...]

  • Page 71

    Advanced Configur ation 6-17 6 Filter Control The access point can em pl o y network traffic fra m e fil t erin g to control acc ess to network resour ces and increase security . Y ou can p revent communi cations between wireless clients and pre ve nt acc ess point m ana gement from w i r el ess cl ie nt s. Al so, you can b lock specific E th er ne[...]

  • Page 72

    System Configurati on 6-18 6 Uplink Port M AC Ad dress Filterin g Status – Prev en ts traffic wit h spe ci f ie d so ur ce MAC ad dr ess es from being forward ed t o w ire less clients thro ug h the acces s po int. Y ou can ad d a m ax imum of fou r MAC addr ess es to the filter table. (De fault: Disabled) • MAC Ad dres s: Spe cvif ies a MAC ad[...]

  • Page 73

    Advanced Configur ation 6-19 6 VLAN The acc ess poi nt ca n emplo y VLAN tagging s upport t o contr ol access to n etwork resources and increase securi ty . VLANs separate traf fic pa ssing between the access po int, assoc iat ed cl ien ts, and the wired ne twork. Ther e c an be a VLAN assigne d t o eac h as sociated c lient, a defa ult V LAN f or [...]

  • Page 74

    System Configurati on 6-20 6 When setting u p VLAN IDs for eac h user on th e RADIUS server , be sure to use t he RADIUS at tri bu t es an d values as in di ca ted in the fol lo wi ng tab le . VLAN IDs on t he R AD IUS ser ver ca n be en tered as hex ade cimal digi t s or a stri ng (see “radi us -s erver vlan -for mat” on pag e 7- 63). Note: Th[...]

  • Page 75

    Advanced Configur ation 6-21 6 WDS Settings Each acces s point rad io inte rf ac e can be configur ed to operat e i n a br i dge or repeat er mo de, w hich allows it to fo rw ard traffic direc tly to othe r access point units. T o set up bridge links betwe en acce ss poi nt uni ts, you must con fig ur e the wirele ss Distribu tion System (WDS) for [...]

  • Page 76

    System Configurati on 6-22 6 • Br idge: Oper ates as a bridge to other acc ess poin ts. The “Par ent” link to th e root bridge mu st be confi gur ed . Up to five othe r ”Child” links ar e ava ilable to ot her bridges. • Rep eater: Oper at e s as a wireles s repeate r, ex tending th e ra nge for remote wireless clients and conn ecting th[...]

  • Page 77

    Advanced Configur ation 6-23 6 Sp anni ng T r ee Pro toc ol – STP uses a distribut e d algorithm to selec t a bridging device (S TP -compli ant sw i t ch , bridge or rou ter) that ser ves as t he root of the spanning tre e network . It se l ects a roo t po rt on e ach bridg i ng de vice (ex ce pt for th e root d evice) w hich inc urs th e lowe st[...]

  • Page 78

    System Configurati on 6-24 6 the root dev i ce. All po rts conn ected to des ignated br id gi ng devices a re a ssi gn ed as designa ted ports. After determining the lo west co st spanning tree, it enab les all root ports and de signa ted ports, an d di sa bles all other por ts. N et w or k pack ets ar e the r e for e only f or war ded bet w e en r[...]

  • Page 79

    Advanced Configur ation 6-25 6 • Link P ath Cos t – This par am e te r is us ed b y the STP to de te rmin e the best pat h between devices . Therefor e, lower v alues shoul d be assig ned to por ts attached to faster m edia, an d higher values assigne d to por t s w ith slo w er m edi a. (P at h co st takes pr ec ede nce ove r po rt pr iority.)[...]

  • Page 80

    System Configurati on 6-26 6 CLI Commands for STP Settings – If the role of a ra dio i nt er fa ce i s se t to R ep eater , Bridge or Roo t Bridge, STP can be enable d on t he acce ss point to ma intain a va lid network top olog y . T o globally ena ble STP , use the bridge stp en able co m mand from the CLI c onf igu ration mo de. Th en co nfigu[...]

  • Page 81

    Advanced Configur ation 6-27 6 AP Management The Web, T e lnet, a nd SNMP manag ement int erfaces are en abled and open to all I P address es b y defaul t. T o provide m ore secu rit y f or ma nagemen t acce ss to the access po int, specif i c inte rfac es can be disa bled and m an agemen t restricted t o a single IP ad dr ess or a limi te d ra nge[...]

  • Page 82

    System Configurati on 6-28 6 • Mult iple IP: Specif ies an add ress range a s defined by the entered IP address an d subnet m as k. For exa mple, IP addr es s 192.16 8. 1. 6 and subnet m as k 255.255 .2 55 .0, defines al l IP addr es ses from 19 2.168.1. 6 to 192 .168.1 .2 54. CLI Comm a nds for AP Manage m en t features. Administration Chan g in[...]

  • Page 83

    Advanced Configur ation 6-29 6 Setting the T imeout Interva l Y ou can set the timeout interval fo r web access to the unit, a fter whi ch the user will have to re -e nt er th e use rname a nd pass word. Session T imeout for WEB – Sets the time li mit for an id le web interfa ce session. (Ran ge: 0- 1800 seco nd s; De f a ult : 300 se co nds ; 0 [...]

  • Page 84

    System Configurati on 6-30 6 Before up gradin g new s oftware, v erify tha t the a ccess p oint is c onnect ed to the net w ork an d ha s bee n co nfi gur ed wit h a co mpa t i ble IP add r e ss and su bnet mask. If you need t o dow nload from an FTP or TFTP ser ver, take the foll owi ng additional steps: • Obtai n the IP addre ss of the FTP or T[...]

  • Page 85

    Advanced Configur ation 6-31 6 Firmware U pgr ad e Local – Dow nloads an operation cod e image file from th e w eb mana g emen t st ati o n to th e acc es s poi n t usi ng HTT P . Us e the Br ows e bu tt on to locate the ima ge file local ly on the mana gem e nt station and cl ic k Start Upgrade to proceed . • New firmwa re file: Sp ecifies t h[...]

  • Page 86

    System Configurati on 6-32 6 Upon uplo ading a new configura tion file you will be pr om p ted to either res to re factory se ttings, or r ebo ot the unit. CLI Commands for Download ing Software from a TFT P Ser ve r – Us e the copy tf tp file command from th e Ex ec mode an d th en specify the file ty pe , name, and IP address of the TFTP server[...]

  • Page 87

    Advanced Configur ation 6-33 6 System Log The access point can be co nfigured to se nd event and er ro r mes sages to a Sy st em Log Ser ver . The s ystem c lock can also be syn chronized with a time s erver , so t hat all the mess ages se nt to t he Sysl og serve r are stamped w ith the corre ct time and date. Enabling Sy stem Logging The acce ss [...]

  • Page 88

    System Configurati on 6-34 6 Logging Level – Set s th e min imu m sev erit y l evel for even t lo ggi ng. (Default: Info rmational) The syste m al low s yo u to limit the me ssa ges that ar e logge d by spe cify i ng a mini mum se veri t y le ve l. Th e foll o win g t abl e li s ts t h e erro r mes sa ge lev els f rom t he most severe (Emergency)[...]

  • Page 89

    Advanced Configur ation 6-35 6 CLI Commands for System Log ging – T o enable loggi ng on the acces s po int, use the logging on com m a nd from th e gl ob al con figuratio n m ode . The logging level comm and sets the minimum l ev el of messa ge t o log. U se the logging conso le comm and to e nable lo gging to the c onsole . Use the logging ho s[...]

  • Page 90

    System Configurati on 6-36 6 Note: The access point also allows y ou to disable SN TP and set the s ystem clock manually. Set Time Zone – S NTP us es Co ordinated Univers al T ime (or UT C, form erly Greenw ic h M ea n Time, or GM T) base d on the time at th e Ear t h’s prime me rid ian, zero degr ees longitude . T o display a time co rrespondi[...]

  • Page 91

    Advanced Configur ation 6-37 6 CLI Comm a nds for the Sy st em C l ock – The following exa m pl e sh ows how t o manu ally set the sys tem t ime w hen S NTP serv er su ppor t i s dis abl ed o n the acce ss point. RSSI The RSSI value displayed on th e RS S I page represen ts a signa l to nois e r atio . A value of 30 w ould ind icate that the po w[...]

  • Page 92

    System Configurati on 6-38 6 The RSSI co ntrols allo w the extern al connect or to be disabl ed and the r eceive sig nal for ea ch WDS port displaye d.[...]

  • Page 93

    Advanced Configur ation 6-39 6 RSSI: • Auto Re fresh – En ables or disable s the re fres hing of RS SI infor mation. • RSSI Valu e – The display ed RSSI value for a sel e ct ed po rt. •P o r t N u m b e r : Select s a specific WDS p ort for which to display the RSSI output val ue. Port s 1-6 ar e av ail able for a Mas ter uni t, o nly por[...]

  • Page 94

    System Configurati on 6-40 6 SNMP Simp le Ne twor k Mana ge ment Pr ot oc ol ( SN M P ) is a com m u nica tio n pr ot oc ol designe d sp ecificall y f or ma nag ing device s on a networ k. Equipm en t commonl y manage d w i th SN M P in cl ud es switches , routers and ho st comput er s. SN M P is typ ical ly used t o co nfi gur e th ese de vice s f[...]

  • Page 95

    SNMP 6-41 6 Configuring SNMP and T rap Message Parameters The access point SNM P age nt must be en abled to fun ct ion ( for versions 1, 2c, and 3 clients). Mana gement acc es s using SNM P v1 and v2c als o re qu ires comm u ni ty strings t o be conf i gu red for auth en tication. Trap notificat ion s can be en ab led and sent to up t o fo ur ma na[...]

  • Page 96

    System Configurati on 6-42 6 Commu ni ty N am e ( Rea d/Writ e) – Defines the SNMP community access str ing that has read/ wr ite access. Au th or iz ed managem e nt statio ns a re able to both r et riev e and modif y M I B obj ec ts. (Max imum le ngt h: 23 characte rs , case sensitiv e; Default: priv ate) T rap Destination (1 to 4) – Enables r[...]

  • Page 97

    SNMP 6-43 6 T rap C on figuratio n – Allows selection of speci fic SNMP notificatio ns to send. The following i te m s ar e av ailable: • sysSy stemUp - The acc ess point is up an d ru nn ing. • sysSy stemDo w n - Th e ac ces s point is abou t to shutdow n and reboo t. • sysR a diusSer ver Ch anged - T he a cce ss point has cha nged from t [...]

  • Page 98

    System Configurati on 6-44 6 • dot1 1St at i onD isassoc ia te - A cli ent st at ion n o longer a sso ci at es with the netw or k. • dot1 1St at ionA uthent icat eFa il - A client station ha s tried and fai led to aut he nticate to the netwo rk. • Enable All Traps - Click the button to enable all t he available tr aps. • Disable All Traps -[...]

  • Page 99

    SNMP 6-45 6 T o view the current SNMP sett ings, use the show snmp command. Enterprise AP#show snmp 7-54 SNMP Information ========================================= ===== Service State : Enable Community (ro) : ***** Community (rw) : ***** Location : WC-19 Contact : Paul EngineId :80:00:07:e5:80:00:00:2e:62:00 :00:00:18 EngineBoots:1 Trap Destinatio[...]

  • Page 100

    System Configurati on 6-46 6 Configuring SNMPv3 Users The access point allows up to 10 SNMP v3 us ers to be co nfig ur ed . Each user mu st be defined by a uni q ue name, assi gn ed to one of three pre -de f in ed se cur ity groups, and config ured with spe cific authe ntication an d encryp tion settin gs. User – The SNMPv 3 us er name. (3 2 ch a[...]

  • Page 101

    SNMP 6-47 6 CLI Commands for Configuring SNMPv3 Users – Us e t he snmp-ser ve r engine- i d comm and to define the SNM P v3 engine be fore assig ni ng use rs to groups. Us e th e snmp-s erver user co mmand to assign use rs to one of the th ree groups and set the appropr i at e auth entica tion and encryptio n types to be us ed. T o view the cu rr[...]

  • Page 102

    System Configurati on 6-48 6 Configuring SNMPv3 T rap Filters SNMP v3 user s can b e configu red to r eceive notification messag es from the ac cess point. An SNM P T arget ID is created t ha t sp ec ifies the SN M P v3 us er, IP address, and UDP po rt. A user-def i ned notificat ion fil t er can b e cr eat ed so that sp ecif i c notificat ions can[...]

  • Page 103

    SNMP 6-49 6 T o add more subtree IDs to the filt e r , return to the SNMP T rap Filt er s p age and click the Edit butto n. In the Edit p age, cli ck the New button to access the Add SNMP Notificat io n Sub tree page and con figure a new subtree ID to be f ilt er ed. Note: Only the Ne w Filter page allows the Filter ID to be configured. Filter ID ?[...]

  • Page 104

    System Configurati on 6-50 6 CLI Commands for Conf igur ing SNMP v3 T rap Filt er s – T o cr eate a n oti fica tio n fi lter, use the snmp -server fil te r co m mand from th e C LI co nfigurat i on m od e. Use t he comm and more than on ce with the sa me filter ID to bui l d a f ilter th at inc lude s or exclude s m ul t ipl e M IB obj ec ts. T o[...]

  • Page 105

    SNMP 6-51 6 When you click on the Ne w or Edi t bu tto n in th e SN M P T argets page, a ne w page opens w her e t he targe t parameters ar e co nfigured . Define the parame ters and select a fil te r , if required . Note tha t the SN M P v3 u ser name mu st first be de fine d (See “Con figu ring SN MP v 3 Use rs” on page 6 -4 6) . Click Apply [...]

  • Page 106

    System Configurati on 6-52 6 Radio Interface The IEEE 802 .1 1a an d 80 2.1 1g interfaces i nc lude configur ation opt ions for radio signal cha racterist ic s an d wireless se curity fe atur es. The co nf ig ur at ion op tions are near ly id enti ca l , an d are t h eref ore bo th cov ered in thi s sect ion of t h e manu al. The acces s point ca n[...]

  • Page 107

    Radio Interface 6-53 6 Radio Settings A (802.1 1a) The IEEE 802 .1 1a int er fa ce operates w ith in the 5 GHz ba nd, at up t o 54 Mbps in normal m od e or up to 108 Mb ps in Turbo mode. First configu re the radio set t ings that apply to the i ndiv idual V APs (Virtual Access Poi n t) an d t h e comm on radi o sett i ng s t ha t appl y to th e ove[...]

  • Page 108

    System Configurati on 6-54 6 Configuring VAP Ra dio Settings T o configure V AP radio settin gs , select the Rad io Settings page .[...]

  • Page 109

    Radio Interface 6-55 6 Default VLAN ID – The VLAN ID as si gn ed to wirel ess cl ie nts assoc iated to the V AP interface t ha t are not assign ed to a spec ific VL AN by RAD IUS server conf ig ur at i on. (Default : 1) Closed Sy st em – W hen enabl ed, the V AP interface doe s not inclu de its SSID in beacon m essages . Nor does it resp ond to[...]

  • Page 110

    System Configurati on 6-56 6 CLI Comm ands fo r the Configurin g the V APs – From the globa l configuration mode, enter the in t er fac e w i re le ss a comman d t o acc ess the 80 2. 1 1a radio inte rfac e. From the 80 2.1 1a inter f ac e mode, you ca n acces s r adio s ettings that app ly to all V AP inter fa ce s. T o access a specifi c V AP i[...]

  • Page 111

    Radio Interface 6-57 6 The access point can be c onfigured to per io di ca lly scan all radio c han nels and fi nd other access po ints within range. A database of n earby acc ess poi nts is mai ntained where any r og ue APs can be i den tified. Dur ing a s can, Syslog message s (s ee “Enablin g Syste m Log ging” on page 6-3 3) are s ent for ea[...]

  • Page 112

    System Configurati on 6-58 6 using the ro gue -ap scan comm and. T o view the da tabase of de te ct ed access points, use the s how ro gue -ap command from the Exec lev el. Enterprise AP(config)#interface wireless g 7-88 Enter Wireless configuration commands, on e per line. Enterprise AP(if-wireless g)#rogue-ap ena ble 7-114 configure either syslog[...]

  • Page 113

    Radio Interface 6-59 6 Configuring Com mon Radio Settin gs T o confi gure comm on ra dio settings, selec t the Rad io Setting s page, an d scroll d own to below the V AP radio setti ngs . Tu r b o M o d e – The no rma l 802.1 1a /b/g wirele ss operat i on m od e provides connect i ons up to 54 Mbps. Turbo Mode is an en hance d m ode (not regul at[...]

  • Page 114

    System Configurati on 6-60 6 Radi o C han n el – The radio cha nnel that th e access p oint uses to commu nicate w ith wi re l ess clients. Wh en mu ltiple acce ss poi nt s ar e depl oy ed i n th e sam e area , se t t he cha nne l on neighbo ring acce ss poin t s at l east fou r channe ls apart to av oid int er f er enc e wi th ea ch o th er . Fo[...]

  • Page 115

    Radio Interface 6-61 6 are within re gul at or y p ower limits for the c ountry of op er at io n. (De fault: Integr at ed antenna ; ID: 0 000. If t here is no inte grated a ntenna, "id=0x0 000, mod ule=NA" is displaye d in the list.) Se e “E xt er nal Ant e nna Optio ns” on page 1-5 for a list of availabl e an te nn as. Note: The Ante[...]

  • Page 116

    System Configurati on 6-62 6 Ant e nna Lo c ati on – Selects the m ou nting loca tio n of the anten na in use; either “Indoo r” or “ Outdo or.” Selecting the co rr ec t loca tion ensur es that the acc ess point only use s ra di o ch ann els that ar e pe rmitted in th e cou ntry of oper at i on . (Default : Indoor) MIC Mode – T h e Mic h[...]

  • Page 117

    Radio Interface 6-63 6 try sett ing the fragmen t size to send smaller fragments . This will spe ed up the retransmissi on of smaller f rames. However, it is more efficient to set the fr agment size large r if ver y lit t le or no in te rfer en ce is pres ent be cau se it requi re s ov erhead to send mul tipl e f rames . (Range: 256-23 46 bytes; De[...]

  • Page 118

    System Configurati on 6-64 6 CLI Comm a nds for the Common Radio Settings – From th e gl obal conf igu rat i o n mode, enter the inte rface wire le ss a com mand to acce ss the 8 02.1 1 a radi o interface. From the 802. 1 1a interface mode, y ou can access r adio s ettings th at apply to all V AP inte rfaces. Use th e turbo comman d to ena ble th[...]

  • Page 119

    Radio Interface 6-65 6 types of tr affic, W M M allo ws the prior ity l ev els to be conf i gur ed to match an y network -wide QoS policy . WMM als o specifi es a protoc ol that acce ss points can use to c ommun icat e t he co nfi gur ed tr af fi c pri ori ty l evel s to QoS- enab led wire less cli ent s. WMM Operat ion — WMM use s traffic priori[...]

  • Page 120

    System Configurati on 6-66 6 Figure 6-1. WMM Backoff Wait Times For high-p rior i ty tr affic, the AI FSN an d CW value s ar e sm a ller . The smaller value s equate to l ess backoff and wa it tim e, an d therefor e m or e t ra nsm i t opp ortunitie s. T o config ure WMM , se lect t h e Radi o Set t i n gs p a ge, an d scro l l dow n t o the WMM co[...]

  • Page 121

    Radio Interface 6-67 6 WMM – Sets the WM M operation al m ode on the acce ss p oint. Whe n en abled, the parameter s fo r ea ch AC queu e will be em ploy ed on the acc es s point and Q oS capabilities ar e advertis ed to WMM-e na bled clien ts. (Defau lt: Suppor t ) • Disab le: WMM i s di sa bled. • Sup po rt: WMM w ill be used for an y ass o[...]

  • Page 122

    System Configurati on 6-68 6 CLI Commands for WMM – Ente r interfa ce wirele ss mode and t ype wmm require d for clients that w ant to ass ociate wit h t he ac ce ss point . The wmm-acknowledge-policy comma nd is use d to enable or disabl e a policy fo r each access ca tegory . The wmmparms command defines detaile d WMM p arameter s. Enterprise A[...]

  • Page 123

    Radio Interface 6-69 6 T o view the cu rrent 80 2.1 1a radio settings f or th e V AP interface, us e the show interf ac e wireles s a [0-3] com mand. Enterprise AP#show interface wireless a 0 7-111 Wireless Interface Information ========================================= ==================== --------------------Identification------- ----------------[...]

  • Page 124

    System Configurati on 6-70 6 Radio Settings G (802.1 1g) The IEEE 802 .1 1g standa rd operate s within the 2. 4 G H z ba nd a t up to 54 Mbps. Also note that becau se t he IEEE 802.1 1g standard is an e xtension of the IEEE 802.1 1b standard, it allow s clients with 80 2. 1 1b wireles s net wo rk cards to as so ciate to an 802.1 1g access poi nt . [...]

  • Page 125

    Radio Interface 6-71 6 Most of the 802.1 1g comman ds are iden tical to t hose use d by the 802 .1 1a i nterface. For inf ormat ion on t he t hese comma nds, ref er t o th e fo llow ing sect ions : • “C on fig u rin g VAP Radi o Se t t in gs ” on pag e 6-54 • “Conf i gur ing Rogue AP Det ec tio n” o n pag e 6-56 • “Conf i gur i ng C[...]

  • Page 126

    System Configurati on 6-72 6 Radio C hannel – The radio channel tha t the access point uses to commun icate with wireless clients. Wh en mult iple acce ss points are deploye d in the s ame ar ea, set the channel on ne ighbor ing ac cess po ints at lea st five cha nnels apart to avo id interfere nce with each other. For examp le, in the Un ited St[...]

  • Page 127

    Radio Interface 6-73 6 CLI Comm a nds for the 80 2.1 1g Wi r el ess In te rfac e – From the gl ob al con figuratio n mode, enter the inte rface wire le ss g comma nd to access the 802.1 1 g radio interface. The 802.1 1 g radio can be forced to an 8 02.1 1g -o nl y , 802.1 1 b- on ly , or mixed 802. 1 1b/g oper at in g m od e using the ra dio-mode[...]

  • Page 128

    System Configurati on 6-74 6 A summa ry of wirel es s security con sideration s is listed in th e fo llow ing table. Note: You must enable data encryption through the web or CLI in order to enable all types of encryption (WEP, TKIP, or AES) in the access point. T able 6 - 2. Wireless Security C onsider ations Security Mechanis m Client Sup po rt Im[...]

  • Page 129

    Radio Interface 6-75 6 The ac ces s po int ca n sim ul t aneousl y sup po rt cl i e nt s usi n g vari ous d i ff eren t sec urit y mech ani sms. T he conf igur ati on f or th ese s ecu rit y co mbina tio ns ar e ou tli ned in th e following table . Note that M AC ad dress au th ent i ca tion can be co nfig ur ed independentl y to work with all secu[...]

  • Page 130

    System Configurati on 6-76 6 Dynamic W EP an d 802.1x W P A Interface Deta il Settings : Authentica tion: W P A Encryption : Enab le WP A Configur ation: Sup ported Cipher Suite: WE P 802.1x: Re quired Set 802.1x key re fresh and reauthent ication rat es Local or D isabl ed Y es Static and dynam ic (802.1x) W EP keys and 802.1 x WP A Enter 1 to 4 W[...]

  • Page 131

    Radio Interface 6-77 6 Note: If you choose to configure RADIUS MA C authentication together wit h 802.1X, the RADIUS MAC addres s authentication occurs prior to 802.1 X authentication. Only when RADIUS MAC authentication succeeds is 802.1X authentication performed. When RADIUS MAC authentication fails, 802.1X authentication is not performed. Enabli[...]

  • Page 132

    System Configurati on 6-78 6 Enable – Enable s ra di o co mmunica t io ns on th e V AP interface . (D efaul t : Dis abl ed ) Note: You must first enable VAP interface 0 before you can enable ot her VAP interfaces. SSID – The na me of th e basi c serv ice se t prov id ed by a V AP int er fa ce . Cli ent s that want to conn ect to the network thr[...]

  • Page 133

    Radio Interface 6-79 6 • Alpha nu meric: En te r k eys as 5 al ph anumer ic ch aracters f or 64 bit key s, 13 alphanu m er ic cha racters f or 128 bit key s, or 16 alph anu meric cha racters fo r 1 52 bit keys (8 02. 11 a radio only ). Key Numb er – Selects the key numbe r to use for encryp tion for eac h V AP interface. If th e clie nt s have [...]

  • Page 134

    System Configurati on 6-80 6 Note: To use 802. 1X on wireless c lients requi res a network card driver and 802.1X client software that supports the EAP authentication type t hat you want to use. Windows 2000 S P3 or later and W indows XP provide 8 02.1X client support. Windows XP also provides nat ive WPA suppor t. Other syst ems require additional[...]

  • Page 135

    Radio Interface 6-81 6 Enterprise AP(config)#interface wireless g 7-88 Enter Wireless configuration commands, on e per line. Enterprise AP(if-wireless g)#key 1 128 as cii abcdeabcdeabc 7-122 Enterprise AP(if-wireless g)#vap 0 7-95 Enterprise AP(if-wireless g: VAP[0])#auth shared-key 7-122 Data Encryption is set to enabled. Remember to set the share[...]

  • Page 136

    System Configurati on 6-82 6 CLI Comm a nds for WEP ov er 802. 1X Security – U s e th e va p comma nd t o ac cess each V AP interface to conf igu re the secur ity s et ting s. First set 802. 1X to required using the 80 2.1x comm an d and set t he 80 2.1X k ey r ef re sh r at es . Then, use th e auth com mand to se lect open system aut henticati o[...]

  • Page 137

    Radio Interface 6-83 6 to enable da ta encryptio n. T o view the cur re nt sec urity settin gs, use the sho w interf ac e wireles s a [0-3] or sh ow in te rf ace w ir eles s g [0 -3] co m m and (not shown in ex ample). Wi-Fi Pro tected Access (WPA) WP A employs a com bina tion of sev era l techn ologies to pro vi de an en hanced security sol ut i o[...]

  • Page 138

    System Configurati on 6-84 6 the acces s point and all wir eless clients. The PSK mode u ses the sam e TKIP packet encrypt ion a nd key man agemen t as WP A in the enter pr is e, pro vidi ng a robust a nd manage able alterna tive for sma l l ne tw ork s. Mixed WP A and WEP Client Support : WP A enabl es the acc ess poin t to indica te its support e[...]

  • Page 139

    Radio Interface 6-85 6 inf orma tion for m a Secu rit y Asso ci atio n th at t he a cces s poi nt name s and hold s i n a cache. • Pre aut henti cat ion : Each time a cl i ent ro am s to another acc ess poin t it has to be fully re-au th en ticated. Thi s au thentica t io n pr oc ess is time co nsumin g an d ca n disrupt ap pl i cat ion s runnin [...]

  • Page 140

    System Configurati on 6-86 6 The WP A co n fig urat ion p ara met er s are de scri bed below : Encr ypti on – Y o u must enab le d at a en cryp tion in o rde r to ena ble a ll t ypes of encryption (W EP , TKIP , or AES) in the access po int. Pre-Authenticatio n – Whe n using W P A2 over 802.1 X , pre -a uthentic atio n ca n be enabled , wh ich [...]

  • Page 141

    Radio Interface 6-87 6 The configu ra tion settings for WP A are summariz ed be low: CLI Commands for WP A Using P re-shared Key Se curity – From th e V AP interface configur ation m ode, u se the auth wpa-psk requir ed com mand to enab le WP A Pre- shar ed Ke y se curit y . T o ente r a ke y val ue, use t he wp a-pre-sh ared-ke y comm and to s p[...]

  • Page 142

    System Configurati on 6-88 6 CLI Commands for WP A Over 802.1X Secur i ty – From the V AP i nter f ace configur ation m ode, u se the auth w pa required com m an d t o sel e ct WP A o ver 802.1X se cu rity . Th en s et the 802.1 X key re fr es h ra te s. T o view the cur re n t sec urity settings , use t he show i nt erf ac e wirele ss a [ 0- 3 ][...]

  • Page 143

    Radio Interface 6-89 6 Open the Sec urity page, and c lick M ore fo r on e of th e V AP interfaces . Y ou can en abl e 8 02.1X as op tion ally suppo rted or as req ui re d t o enh ance the secu rit y of th e wi rel e ss net wor k. (Def a ult : Di sabl e) • Disab le: The acc ess poi nt does not support 80 2.1X authe ntication f or any wir eless cl[...]

  • Page 144

    System Configurati on 6-90 6 CLI Commands for 802.1X Au th ent ica tion – Use the 802.1X s upported command from the V AP interface m od e to enable 802 . 1X au thentica tion . Se t the ses si on a nd broadca st key refresh r ate, and the re-au thentica tion tim eout. T o disp lay the c urrent settings , use t he show interface wireless comman d [...]

  • Page 145

    Status Information 6-91 6 AP S yste m Conf ig urati on – Th e AP Syst em Con fig ur at i o n ta ble di spl ays th e basi c system co nf ig ur at i on se ttings: • Sys t em Up Ti m e: Len gth of time the managem e nt agent has be en up. • Ether ne t MAC: The phy sical lay er add res s f or the Eth er ne t port. • Rad io A MA C: The physi c a[...]

  • Page 146

    System Configurati on 6-92 6 • Boo trom Ve rsion: Sho w th e boo trom vers ion nu mber. • Hard war e Vers ion: Show s the har d war e ve rsi o n numb er. AP Wirele ss Configur ation – The AP Wireless Conf iguration tables display th e radio and V AP interface sett ings listed b elow . Note that Interfa ce Wireless A r efers to the 802.1 1a ra[...]

  • Page 147

    Status Information 6-93 6 St a tion S t atus The S tation S tatus window shows th e wi re le ss clients currentl y as sociated w it h th e access po int. The S tation Conf igur at i on page displays ba sic conn ect i on in for mation for al l associa t ed sta tion s as describ ed be l ow. Note that this page is aut om a tically refreshe d every fiv[...]

  • Page 148

    System Configurati on 6-94 6 • St at ic – The client is usi ng static WEP keys for en cryption . CLI Comm a nds for Di spla ying S tation St atus – T o view status of cl ients cu rr en tly associa t ed wi t h th e ac cess poin t, us e th e sho w station com mand f rom th e Exec mode. Enterprise AP#show station 7-113 Station Table Information [...]

  • Page 149

    Status Information 6-95 6 Event Logs The E vent Logs window shows the l og messa ges gene rated by the access point a nd stored in mem ory . The E vent Logs table di splays t he fo llowing in formatio n: • Log Ti m e: The t i m e the lo g m es sage was gen erated. • Eve nt Lev el : Th e lo gg ing level as so ci at ed with this mess age. For a d[...]

  • Page 150

    System Configurati on 6-96 6 CLI Commands for Displa yi ng the Logging Status – From th e gl ob al conf i gu r a tio n mode , us e the show logging command . CLI Commands for Displa ying Ev ent Logs – T o view the access point log en tries, use the show even t-log comma nd from the Exec mode. T o clear all log ent ries from the acces s po int, [...]

  • Page 151

    Status Information 6-97 6 STP Status The STP St atus wind ow sh ows the STP status for each por t. • ID: Dis play s th e por t ID num ber. • Pri ori t y : The pr io r i t y de si gna ted t o t h e spec i fi ed port . • Path C o st : Di sp lays the pat h c ost value fo r the s pecified por t. • Stat us : Di sp la ys if STP is enabled or disa[...]

  • Page 152

    System Configurati on 6-98 6[...]

  • Page 153

    7-1 Chapter 7 : Co mmand Line Interface Using the Command Line Interface Acces sing the C LI When acc essing the managem en t interface fo r the ov er a direct con nection to th e console por t , or vi a a T elnet con nec tion, th e acc es s point can be managed by entering com mand ke yw o rds and param e te rs at the pro mpt. Usin g t he ac cess [...]

  • Page 154

    Command Li ne Interface 7-2 7 If your cor por at e n etwork is con nected to an other ne two rk outside you r office or to the Int ernet, y ou need to a pply for a regi stered IP addr ess. Ho wever , if y ou are attached to an is ol at ed n et w or k, th en yo u can use any IP addres s th at m at che s the network seg ment to whi ch you are attache[...]

  • Page 155

    Entering Comman ds 7-3 7 Command Com pletion If you termi na te input with a T ab key , the CLI will pri nt the rema ining char acters of a partial keyw or d up t o the po int of amb igui t y . I the “configu re ” ex am p le, typing con followed by a tab will result in printin g the command up t o “ configure .” Getting He lp on Command s Y[...]

  • Page 156

    Command Li ne Interface 7-4 7 Partial Keyword L ookup If you termi na t e a part ial keyw ord with a ques t io n m ar k, al te rn at ives that matc h th e initial lette rs are pro vi de d. (Rem em be r not to leave a space between t he c omman d and quest i on m ar k. ) For example “ s? ” shows all the keyw or ds starting wit h “s .” Negati[...]

  • Page 157

    Entering Comman ds 7-5 7 Exec Comm ands When yo u open a new cons ole ses sion on an a ccess po int, the system e nters Exec comm and mod e. Only a l imited nu mber of the comm ands are available in this mod e. Y ou can ac ces s all other com m a nds only f ro m th e con figuratio n m od e. T o access Exec mod e, ope n a new cons ol e se ssion with[...]

  • Page 158

    Command Li ne Interface 7-6 7 Command Li ne Processing Comma nds are not ca se sens itive . Y ou can abbr eviate com m a nds and paramet er s as long as the y co ntain en ough lette rs to different i at e th em f rom a ny other c ur re nt ly availabl e co mman ds or parame ters. Y ou can use the T ab key to co m pl et e parti al comm ands, or en te[...]

  • Page 159

    General Commands 7-7 7 The access mode sho wn in the follo w ing table s is indicate d by these ab br ev iations: Exec (Executive Mode ), GC (Globa l Conf iguration), IC-E (Interface-E therne t Conf ig urat ion), IC- W (Inte rfac e-Wireles s Config ur at io n) , an d I C-W-V AP (Interfac e- Wir eless V AP Configuratio n) . General Commands SNMP Con[...]

  • Page 160

    Command Li ne Interface 7-8 7 configure This c ommand activat es Glob al Configu ration m ode. Y ou mus t enter t his mo de to modify mo st of the sett ings on the access poin t. Y ou must also enter Gl obal Configu ra tio n m ode prior to ena bling the c ont ex t modes fo r Int er fa ce C o nfigurati on. See “Usin g the C om m a nd Line Int er f[...]

  • Page 161

    General Commands 7-9 7 Example This examp le shows ho w to return to t he Ex ec mode fro m the In te rfac e Configu ra tio n m ode, and then quit the CLI ses si on : ping This comm an d sends ICM P echo reque st packets to an ot he r node on the net w o rk. Syntax ping < host_na me | ip_a ddre ss > • host_na me - Alias of the host. • ip_a[...]

  • Page 162

    Command Li ne Interface 7-10 7 reset This comm an d restarts the syst em or restores t he factory def au lt se ttings. Syntax reset < board | configuration > • board - Rebo ot s t he s ystem. • co nfig ura tio n - Rese ts the configu ration settings t o the f actory defaults , and then r ebo ot s t he s ystem. Default Sett in g None Comma[...]

  • Page 163

    System Management C ommands 7-11 7 show lin e This comm an d displays the conso le port’s configur at i on s et ting s. Command Mode Exec Example The consol e port setting s ar e fix ed at the val ues shown be lo w. System Management Co mmands Thes e co mmand s ar e used to conf igur e t he us er n ame, p a sswor d, s yste m lo gs, browser manage[...]

  • Page 164

    Command Li ne Interface 7-12 7 country This comm an d config ur es the access poi nt’s cou nt r y cod e, which ide nt ifies the coun try of op erat io n an d set s the autho riz e d radi o chan nels . Syntax country < countr y_cod e > country_code - A two character code that identifies the cou ntry of operation. See the following table for [...]

  • Page 165

    System Management C ommands 7-13 7 Default Sett in g US - for units sold in the United S tates 99 (no coun t ry set ) - for units sold in othe r countries Command Mode Exec Command Usage • If you p urchase d an acces s point out side of the U nited Stat es, the cou ntry code mus t be set be fore radio fu nct i on s ar e enabled . Belgium B E Guat[...]

  • Page 166

    Command Li ne Interface 7-14 7 • The available Co untry Co de settin gs can be d isplayed by using the country ? comm and . Example prompt This comm an d custom i ze s th e C LI pr om p t. Use the no form to rest or e t he de fault prompt. Syntax prompt < string > no prompt string - Any alphanum eric string to use for the C LI prompt. (Maxi[...]

  • Page 167

    System Management C ommands 7-15 7 Command Mode Global Co nfiguration Example username Thi s com mand conf igu res the user n ame f or manage ment acc ess. Syntax usernam e < name > name - The name of the user . (Length: 3-16 characters, case sensitive) Default Sett in g admin Command Mode Global Co nfiguration Example passwo rd After initial[...]

  • Page 168

    Command Li ne Interface 7-16 7 ip ssh-se rver enabl e This comm an d enable s th e Sec ur e She ll server. Use the no form t o di sa bl e th e serv er . Syntax ip ssh- server e nable no ip ssh-s erver Default Sett in g Interface en abled Command Mode Interface C onfigurat i on (Eth ernet) Command Usage • The acc es s point suppo rts Secu re S hel[...]

  • Page 169

    System Management C ommands 7-17 7 ip telnet-se rver enab le This comm an d enable s th e T elnet ser ve r . Use the no form to disa ble the serv er. Syntax ip te lnet -ser ver enabl e no i p tel net -ser ver Default Sett in g Interface en abled Command Mode Interface C onfigurat i on (Eth ernet) Example ip http port This comm an d specifi es t he [...]

  • Page 170

    Command Li ne Interface 7-18 7 ip http serv er This c ommand allows this d evice to be mon itored o r conf igured fr om a browser. Use the no form to disable this functio n . Syntax ip http server no ip http server Default Sett in g Enabled Command Mode Global Co nfiguration Example Related Commands ip htt p port (7-17) ip http ses sion-time out Th[...]

  • Page 171

    System Management C ommands 7-19 7 ip https port Use this c ommand to specif y the UDP port n umber use d for HTTPS/ SSL conn ection to the acces s point’s Web interfa ce . Use the no form to restor e the defaul t port. Syntax ip h ttps po rt < port_n umber> no ip http s port port_number – The UDP port used for HTTPS/SSL. (Range: 80, 1024[...]

  • Page 172

    Command Li ne Interface 7-20 7 Syntax ip htt p s serv er no ip https server Default Sett in g Enabled Command Mode Global Co nfiguration Command Usage • Both HTTP and HTTPS s er vi ce c an be enabled ind epe ndently. • If you enable HTTPS, you must indicate th is in the URL: https:// de vice : port_n umbe r ] • When y ou start HTTPS , the con[...]

  • Page 173

    System Management C ommands 7-21 7 APmgmtIP This comm an d specifi es t he client IP addr esses tha t a re a llow ed manage ment access t o th e ac cess poin t thr ou gh variou s pr ot oc ols. Cauti on: Secure Web (HTTPS) c onnections are not a ffected by the UI Management or IP Management set tings. Syntax APmgmtIP < multiple IP _address subnet[...]

  • Page 174

    Command Li ne Interface 7-22 7 APmgmtUI This comm an d enable s and disab le s m an age ment ac ce ss to the acce ss point through SN M P , T elne t and web inte rfac es. Cauti on: Secure Web (HTTPS) connect ions are not a ffected by the UI M anagement or IP Management set tings. Syntax APmgmtUI < [ SNMP | Te l n e t | Web ] enable | disa ble &g[...]

  • Page 175

    System Management C ommands 7-23 7 show sy stem Thi s co mmand di s play s basi c syst em co nfi g urat ion se ttin gs. Default Sett in g None Command Mode Exec Example Enterprise AP#show system System Information ========================================= ================= Serial Number : A123456789 System Up time : 0 days, 4 hours, 33 minutes, 29 [...]

  • Page 176

    Command Li ne Interface 7-24 7 show ve rsion This com m an d displays the software ve rs ion for the system . Command Mode Exec Example show co nfig This c ommand displays detailed configurat ion info rmation for th e system . Command Mode Exec Example Enterprise AP#show version Version Information ========================================= Version:[...]

  • Page 177

    System Management C ommands 7-25 7 Hardware Version Information ========================================= == Hardware version R01A ========================================= == Ethernet Interface Information ======================================== IP Address : 192.168.0.151 Subnet Mask : 255.255.255.0 Default Gateway : 192.168.0.1 Primary DNS : 210[...]

  • Page 178

    Command Li ne Interface 7-26 7 Logging Information ========================================= ============ Syslog State : Disabled Logging Console State : Disabled Logging Level : Informationa l Logging Facility Type : 16 Servers 1: 0.0.0.0 , UDP Port: 514, St ate: Disabled 2: 0.0.0.0 , UDP Port: 514, St ate: Disabled 3: 0.0.0.0 , UDP Port: 514, St [...]

  • Page 179

    System Management C ommands 7-27 7 dot11InterfaceAGFail Enabled dot11InterfaceBFail Enabled dot11StationAssociation Enabled dot 11StationAuthentication Enabled dot11StationReAssociation Enabled dot11StationRequestFail Enabled dot1xAuthFail Enabled dot1xAuthNotInitiated Enabled dot1xAuthSuccess Enabled dot1xMacAddrAuthFail Enabled dot1xMacAddrAuthSu[...]

  • Page 180

    Command Li ne Interface 7-28 7 show hard ware Thi s co mmand dis pl a ys th e hard w are ve r s ion of the sy st em. Command Mode Exec Example System Logging Comman ds Thes e comma nds ar e used t o co nfi gur e sy stem l og gin g on the acces s poin t. SSH Server : ENABLED SSH Server Port : 22 Telnet Server : ENABLED WEB Redirect : DISABLED DHCP R[...]

  • Page 181

    System Logging C ommands 7-29 7 logging on This comm an d contro ls loggi n g of error mess ages; i.e ., sen ding debu g or error message s to memor y . The no form disabl e s the loggin g pr oc ess . Syntax [ no ] logging on Default Sett in g Disabled Command Mode Global Co nfiguration Command Usage The lo gging proce ss contro ls error messages s[...]

  • Page 182

    Command Li ne Interface 7-30 7 Example logging co nsole This comm an d initiate s lo gg ing of error m ess ages to the co nsole. U se t he no form to d isa ble l ogg ing t o t he co nsol e. Syntax logging conso le no logging console Default Sett in g Disabled Command Mode Global Co nfiguration Example logging lev el This comm an d sets the minimu m[...]

  • Page 183

    System Logging C ommands 7-31 7 Command Usage Messag es sent in clude the se lected level down to Emerg ency level. Example logging fac ility-type This comm an d sets the faci lity t yp e for remot e log ging of sy slog message s. Syntax logging facility-type < type> type - A number that indicates the facility used by the syslog server to dis[...]

  • Page 184

    Command Li ne Interface 7-32 7 Command Usage The comm and spec ifies the facilit y type tag sent in sys log messag es. (See RFC 3164. ) This type has no ef fect on the kind of mes sages reported by t he acce ss poi nt. How ever , it may b e used by the sy slog server to sort message s or to store me ssages in the corre sponding database. Example lo[...]

  • Page 185

    Syst em C lock C omm and s 7-33 7 show ev ent-log This comm an d displays log mess ag es stored in the acc ess point’s mem or y . Syntax show event -lo g Command Mode Exec Example System Clock Command s Thes e co mmand s ar e used to conf igur e SN TP a nd s yste m clo ck s etti ngs o n th e access po int. Enterprise AP#show event-log Mar 09 11:5[...]

  • Page 186

    Command Li ne Interface 7-34 7 sntp-ser ver ip This comm an d sets the IP addr es s of th e se rvers to whi ch SN TP time req ues ts are issued. U se th e th is com m a nd with no arg um en ts to clear all time ser ve rs from the current l ist. Syntax sntp-ser ver ip < 1 | 2 > < ip> • 1 - First t ime server. • 2 - Second time server[...]

  • Page 187

    Syst em C lock C omm and s 7-35 7 Command Mode Global Co nfiguration Command Usage The time ac quired from time se rvers is used to record acc urate dates and times for log ev ent s. With out SNTP , the access point onl y records the tim e starting fr om the f actory def ault set at the last bootup (i .e., 00:14:00, January 1, 19 70). Example Relat[...]

  • Page 188

    Command Li ne Interface 7-36 7 sntp-ser ver dayl ight-s avi ng This comm an d sets the start and en d dates fo r da yli ght sa vings time. U se the no form to disa ble dayli ght sa vi ngs time. Syntax sntp-server da ylight-saving no sntp-serv er daylight-saving Default Sett in g Disabled Command Mode Global Co nfiguration Command Usage The comm and[...]

  • Page 189

    Syst em C lock C omm and s 7-37 7 Command Usage This command sets the local time zone relative to the Coordinated Universal T im e (UTC , for merly Gree nwic h Mean T i me or GMT), ba sed on t he ear th’ s prime m eridian, z ero degre es longitude . T o display a time correspondi ng to your lo cal time , you must in dicate t he num ber of hours a[...]

  • Page 190

    Command Li ne Interface 7-38 7 DHCP Relay Commands Dynami c Hos t Configur at ion Pr ot oc ol (DHC P) c an dy na mically allo ca te an IP addr ess an d othe r conf ig ur ati on inf orm at io n t o netw o rk cl i e nt s that br oad cast a request. T o receive the broadcast reque st, the DHCP server would normally have to be on the same subnet as th [...]

  • Page 191

    DHC P Rel ay Com ma nd s 7-39 7 dhcp-re lay This c ommand configur es the prima ry and seconda ry DH CP serv er addr esses. Syntax dhcp-relay < primary | seconda ry > < ip_addre ss > • primary - The primary DHCP server. • secondar y - The secon dary DHC P server. • ip_addres s - IP address of the serv er. Default Sett in g Pri mar[...]

  • Page 192

    Command Li ne Interface 7-40 7 SNMP Command s Controls a ccess to this ac cess po int from manage m ent stati ons using the Si m pl e Network M a nagemen t Proto col (SNMP) , as well as the hos ts that will rec ei ve trap messag es. T able 7-9. S NMP Co mman ds Comman d Function Mode Pag e snmp -serve r co mmunit y Sets u p the co mmunit y acces s [...]

  • Page 193

    SNMP Commands 7-41 7 snmp- server com munity This comm an d define s the co mmun ity a ccess stri ng f or th e Si m pl e Net w or k Manage m ent Pr ot oc ol. Use the no form to remove the spe cified communit y strin g. Syntax snmp-s erver comm unity strin g [ ro | rw ] no snmp-s erver communi t y string • strin g - Commu ni t y stri n g th at act[...]

  • Page 194

    Command Li ne Interface 7-42 7 Command Mode Global Co nfiguration Example Related Commands snmp -serve r locatio n (7-42) snmp- server loc ation This comm an d sets the sys t em loca tion string . Use the no form to remove th e location string . Syntax snmp-s erver locati on < text > no snmp-s erver location text - St ring that describes the [...]

  • Page 195

    SNMP Commands 7-43 7 Command Mode Global Co nfiguration Command Usage • This com m an d enable s both authen tication f ai lure not i fica tions and link-up-do wn notifi cat i ons . •T h e snmp-s erver h o st c ommand specifi es the host device that will receive SNMP notificatio ns. Example Related Commands snmp- server host (7- 43) snmp- serve[...]

  • Page 196

    Command Li ne Interface 7-44 7 Command Usage The snmp-s erve r host com mand i s u sed i n co njun cti on wi th t he snmp-s erver enabl e server command to enab le SNMP noti fications . Example Related Commands snmp- server enabl e server (7 -42) snmp- server trap This comm an d enable s th e ac ces s point to se nd s pecific SNMP traps (i.e., noti[...]

  • Page 197

    SNMP Commands 7-45 7 - iappStationR oamedTo - A client st ation has roa med to a nother acc ess point (ident i f ie d by its IP addre ss) . - loc alMa cAd drA uthF ai l - A client s tation has faile d authe ntication with the local MAC address da tabase on the acces s poin t. - localMa cAddrAu thSucc ess - A client stat i on h as success fully auth[...]

  • Page 198

    Command Li ne Interface 7-46 7 Command Mode Global Co nfiguration Command Usage • Thi s command i s used in conj unctio n wit h the snmp-server user command. • Enter ing this c omman d invalida tes all e ngine IDs that have been previously configur ed. • If the en gineID is del eted or chang ed, all SNMP users will be cleared. You will need t[...]

  • Page 199

    SNMP Commands 7-47 7 - RWAuth - A rea d/ wr ite group us in g au th ent i ca tion , but no da ta encrypt ion. User s in this g roup se nd SNM P mess ages tha t use a n MD5 key /pa sswor d for aut hen tic atio n, bu t no t a D ES k ey/p ass word f or encrypt ion. - RWPriv - A read/ w r i te gro up us i ng au thentica t io n and data encryp tion. Use[...]

  • Page 200

    Command Li ne Interface 7-48 7 snmp- server targe ts This c ommand configur es SN MP v3 notificati on targets. Us e the no fo rm to d ele te an SNMP v3 target . Syntax snmp-s erver targets < target-i d > < ip-add r > < sec-name > [ version { 3 }] [ ud p-port { port -number }] [ notification-type { TRAP }] no snmp-s erver ta r g e [...]

  • Page 201

    SNMP Commands 7-49 7 snmp- server filte r This comm and confi gures SNMP v3 notificat ion filters. U se the no f orm to delet e an SNMP v3 filte r or re move a sub tree from a filter. Syntax snmp-s erver filter < filt er-id > < include | e xclude > < su btre e > [ mask { mask }] no snmp-s erver filter < fi lter-id > [ subtre[...]

  • Page 202

    Command Li ne Interface 7-50 7 snmp- server filte r-assignments This comm an d assign s SN M P v3 not i fica tion filter s to targets. Use t he no form to remove an SNMP v3 fil ter assi gnment . Syntax snmp-s erver filter- assignmen t s < t arg et-id > < filter -id > no snmp-s erver filt er-a ssig nmen t s < target -id > • targ [...]

  • Page 203

    SNMP Commands 7-51 7 Example show sn mp users This c ommand displays the SNMP v3 users and se ttings. Syntax show s nmp user s Command Mode Exec Example show sn mp group-a ssignments This comm an d displays the SNMP v3 user group ass ignme nts. Syntax show s nmp group-assign ments Command Mode Exec Enterprise AP#show snmp groups GroupName :RO Secur[...]

  • Page 204

    Command Li ne Interface 7-52 7 Example show sn mp target This comm and disp l ays the SNMP v3 notifica tio n targ et set t in gs. Syntax show snmp targ et Command Mode Exec Example show sn mp filter Thi s com mand d is play s th e SNMP v 3 no tif icat ion fil ter sett in gs. Syntax show s nmp filter [ filter -id ] • filter-id - A user-def ined na[...]

  • Page 205

    SNMP Commands 7-53 7 show sn mp filter-a ssignments This comm an d displays the SNMP v3 notificatio n fil te r as sign ments. Syntax show snmp fi lter -ass ignm ent s Command Mode Exec Example Enterprise AP#show snmp filter-assignment s HostID Filt erID mytraps trap filter Enterprise AP#[...]

  • Page 206

    Command Li ne Interface 7-54 7 show sn mp This comm an d displays the SNMP co nfigurati on se ttings. Command Mode Exec Example Enterprise AP#show snmp SNMP Information ========================================= ===== Service State : Enable Community (ro) : ***** Community (rw) : ***** Location : WC-19 Contact : Paul EngineId :80:00:07:e5:80:00:00:2[...]

  • Page 207

    Flash/File Comman ds 7-55 7 Flash/File Commands These c omman ds are used to mana ge the system code or conf iguration files. bootfile This comm an d specif ie s the image us ed t o start up th e sy stem. Syntax bootfile < filename > filename - Name of the i mage file. Default Sett in g None Command Mode Exec Command Usage • The file name s[...]

  • Page 208

    Command Li ne Interface 7-56 7 copy This comm an d copies a boot f ile, co de i m age , or confi gur at ion f i le bet wee n the access po int’s flash memor y and a FTP/TF T P se rv er. When you save t he configur at ion se ttings to a file on a FTP/TFTP ser ve r , that file ca n la te r b e downloa ded to t he access point to re store syst em op[...]

  • Page 209

    Flash/File Comman ds 7-57 7 The follow in g ex ample show s how to dow nl oa d a co nfigurat ion f ile: delete This comm an d deletes a f ile or image. Syntax delete < filename > filename - Name of the configurati on file or image name. Default Sett in g None Command Mode Exec Cauti on: Beware of deleting application images from flash memory.[...]

  • Page 210

    Command Li ne Interface 7-58 7 dir This command dis plays a list o f files in flash memory . Command Mode Exec Command Usage File info rmation is s hown bel ow: Example The follow ing exampl e sh ows how t o disp lay all file info rm a tion: show boo tfile Thi s com mand d is play s th e nam e of t he cu rr ent operat io n code fi le t hat b oot ed[...]

  • Page 211

    RADIUS Client 7-59 7 RADIUS Client Remote Aut he ntication Di al- in User Ser vi ce (RAD I US ) is a logon aut he nt i cati on protoc ol tha t uses software runn ing on a centr al ser ve r to contro l ac ce ss for RADIUS - awa re devic es to the network. An au thentica tion ser ver contains a database of cr ede ntials, suc h as users na mes and pas[...]

  • Page 212

    Command Li ne Interface 7-60 7 Command Mode Global Co nfiguration Example radius- server por t This comm an d sets the RAD I US se rver netw or k po rt. Syntax radius-server [ secondar y ] port < port_n umbe r> • secondar y - S econd ary serv er. • port_n umber - RADIUS server U DP po rt used fo r authe ntication messa ges. (Range: 1 024-[...]

  • Page 213

    RADIUS Client 7-61 7 radius- server r etransmi t This c ommand sets the number of ret ries. Syntax radius-server [ secondar y ] retransmi t number _of_retrie s • secondar y - S econd ary serv er. • number _of_retries - Number of t imes the acc ess point will try to authenti ca te logon acce ss via the RAD I US se rver. (Ran ge: 1 - 30) Default [...]

  • Page 214

    Command Li ne Interface 7-62 7 radius- server port-a ccountin g This comm an d sets the RADI U S Ac counting se rver netw or k po rt . Syntax radius-server [ secondar y ] port-accoun ting < port_num ber> • secondar y - Secondary server. If secondary is not specified, then the access po int assum e s you ar e c onfiguring the primar y RA DIU[...]

  • Page 215

    RADIUS Client 7-63 7 Example radius- server radiu s-mac-fo rmat This comm and sets the f ormat for sp ecifying MAC addre sses on th e RADIUS server . Syntax radius-server radius- m ac -format < mu lti- colon | multi -dash | no-delimi ter | single-da sh > • multi-colon - Ente r MAC addresses in the form xx:xx:xx:x x:xx:xx. • multi-dash - E[...]

  • Page 216

    Command Li ne Interface 7-64 7 show radi us This comm an d displays the current set t i ngs for th e R AD I U S server . Default Sett in g None Command Mode Exec Example Enterprise AP#show radius Radius Server Information ======================================== IP : 0.0.0.0 Port : 1812 Key : ***** Retransmit : 3 Timeout : 5 Radius MAC format : no-[...]

  • Page 217

    802.1X Authentication 7-65 7 802.1X Authentication The access point suppo rts IEEE 802.1 X acc ess control for wi r el ess cl ie nts. This contro l feature prevents una uthorize d access to the n etwork by requ iring an 80 2.1X client ap pl icat i on t o su bmit user cr ede ntials for au thentica t io n. Clien t authentic ation is then verifi ed by[...]

  • Page 218

    Command Li ne Interface 7-66 7 Command Mode Global Co nfiguration Command Usage • Whe n 802. 1X i s dis abl ed, t he a cce ss poi nt does not supp ort 802. 1X authenti ca tion for an y stat i on. Af te r su cc essful 802. 1 1 associa tion , each client is a llowed to access the network. • When 802.1X is sup ported, th e ac ce ss point supp orts[...]

  • Page 219

    802.1X Authentication 7-67 7 802.1x-s upplicant use r This comm an d sets th e use r na me and pas sw o rd used fo r au t hen tic ation of the access po int when op er at ing as a 802.1X su ppl i ca nt . Us e the no form to clear the supplica nt user na m e and password. Syntax 802.1x-su pplicant user < user name > <pa sswor d> no 802.1[...]

  • Page 220

    Command Li ne Interface 7-68 7 show au thenticati on This co mmand sh ows all 80 2.1X aut henticati on settings , as well as the add ress f ilter table. Command Mode Exec Example Enterprise AP#show authentication Authentication Information ========================================= ================== MAC Authentication Server : DISABLED MAC Auth Ses[...]

  • Page 221

    MAC Address Authentication 7-69 7 MAC Address Authenticati on Use these comma nds to d ef in e M AC au thentica tion on t he ac cess poi nt . Fo r loc al MAC au th ent ica tion, first de fin e th e de fault filteri ng po licy using th e ad dress filte r default c ommand. Then enter t he MAC add resses to be filtered, indicating if t hey are allowed[...]

  • Page 222

    Command Li ne Interface 7-70 7 Related Commands address filter entr y (7-70) 802. 1x- suppl ic ant us er (7- 67) addres s filter en try This comm an d enters a MA C add ress in the fi lter table. Syntax address f ilter entry < mac- addre ss> < allowed | den ied > • mac-a ddress - Physi cal addr ess of c lie nt. ( Ent er si x pa irs o [...]

  • Page 223

    MAC Address Authentication 7-71 7 Command Mode Global Co nfiguration Example Related Commands 802. 1x- suppl ic ant us er (7- 67) mac-authe ntication ser ver This comm an d sets addre ss f ilter i ng t o be performe d w ith loc al or remo te options . Use t h e no form to di sa ble MAC ad dress aut he nt i cat i on . Syntax mac-au thenticati on ser[...]

  • Page 224

    Command Li ne Interface 7-72 7 Default 0 (disable d) Command Mode Global Co nfiguration Example Filtering Commands The com mands described in this section are use d to filter communi cations between wireless clients, control acc es s to the mana gement inte rf ac e f ro m wireless cli ents , and filter tra ffic usin g specific Eth er ne t protocol [...]

  • Page 225

    Filtering C ommands 7-73 7 filter lo cal-bridge This c ommand disables comm unication betwee n wire less clien ts. Use the no form to d isa ble t hi s fil ter in g. Syntax filter local -bridge < all- V AP | intra- V A P > no filter local-bridge all-V AP - When e nabled, clien ts cannot e stablish wi reless com munications wit h any ot her cl [...]

  • Page 226

    Command Li ne Interface 7-74 7 filter uplink enable This c ommand enable s filterin g of MA C add resses from the Ether net po rt. Syntax [ no ] filte r upli nk e nabl e Default Disabled Command Mode Global Co nfiguration Example filter uplink This comm an d adds o r de lete s M A C ad dr ess es from th e up link filtering table. Syntax filter upli[...]

  • Page 227

    Filtering C ommands 7-75 7 Global Co nfiguration Command Usage Thi s com mand i s us ed i n co njun cti on w ith t he filter ethern et-type protoc ol comm and to determin e which Ethernet pr otocol types ar e to be filtered . Example Related Commands filter e thernet-type protocol (7-75) filter et hernet-type proto col This comm an d sets a filter [...]

  • Page 228

    Command Li ne Interface 7-76 7 show filte rs This comm an d shows the fil te r op tion s an d protoc ol entrie s in the filter tab le. Command Mode Exec Example WDS Bridge Commands The com mands descr ibed in this se ction are used to set the ope ration m ode f or each access point interface an d configure WIreless Dis tribution Syst em (WDS) forwa[...]

  • Page 229

    WDS Bridge Comman ds 7-77 7 bridge mode This c ommand selects be tween Master and S lave mo de. Syntax bridge mode < master | slave > • maste r - Operates as a master ena bling up to five slave links . • slave - Oper ates as a sla ve wi th only one l in k to the maste r. Default Sett in g W A6202 A: Slave W A6202 AM: Master Command Mode I[...]

  • Page 230

    Command Li ne Interface 7-78 7 configur ed a s the “root bri dg e” in the wirel es s net w o rk. The root bridg e i s the unit co nne cted to the ma in core of th e wi re d LAN . O t her br idges need to spec ify one “Parent” link to the root b ridge or to a bridg e connec ted to the root bridge. The other sev en WD S li nks are availa ble [...]

  • Page 231

    WDS Bridge Comman ds 7-79 7 Default Sett in g None Command Mode Interfa ce Configur ation (Wirel ess) Command Usage Every brid ge ( exc ept the root brid ge) in the wireless brid ge network m ust specify t he MAC add ress of the parent br idge that is linked to the root brid ge, or th e root brid ge it sel f. Example bridge-link child This comm an [...]

  • Page 232

    Command Li ne Interface 7-80 7 bridge dynamic -entry age-time This comm an d sets the time for agi ng out dynami c en tries in the W DS f or w ar di ng table. Syntax bridge dynam ic-entry age-time < seconds > seconds - The ti me to a ge out an address entry . (Range: 10-10000 seconds). Default Sett in g 300 secon ds Command Mode Global Co nfi[...]

  • Page 233

    WDS Bridge Comman ds 7-81 7 show bridg e filter-entry This comm an d displays current entr ie s in th e W DS forward i ng table . Command Mode Exec Example show bridg e link Thi s com mand dis play s WDS brid ge li nk and s p anni ng t ree se tti ngs for s pec ifi ed int erfa ces . Syntax sh ow bri dge link < ethernet | wirele ss < a | g >[...]

  • Page 234

    Command Li ne Interface 7-82 7 Example Enterprise AP#show bridge link wireless a Interface Wireless A WDS Information ==================================== AP Role: Bridge Channel Auto Sync: Disable Parent: 00-12-34-56-78-9a Child: Child 2: 00-08-12-34-56-de Child 3: 00-00-00-00-00-00 Child 4: 00-00-00-00-00-00 Child 5: 00-00-00-00-00-00 Child 6: 00[...]

  • Page 235

    Spanning Tree Commands 7-83 7 Spanning Tree Command s The comm a nds descr ib ed in this secti on ar e us ed to set the MA C address tab le aging time a nd spanning tre e para m et er s fo r bo t h the Et her ne t and wirel ess int erfa ces . bridge stp enable This comm an d enable s th e Sp anning Tree Protocol . Us e t he no form t o di sabl e th[...]

  • Page 236

    Command Li ne Interface 7-84 7 bridge stp forwarding-d elay Use t his comm and to co nfigur e the sp anni ng tree br idge for ward t ime glo ball y for the wir eles s bri d ge. Us e the no form to re st or e th e de fault. Syntax bridge stp forwa r ding-delay < secon ds > no bridge stp forw arding-delay seconds - T ime in seconds. (Range: 4 -[...]

  • Page 237

    Spanning Tree Commands 7-85 7 Example bridge stp max-age Use this com m an d to config ur e th e spann ing tree br idge maximum ag e globally fo r the wir eles s br idge . Us e th e no f orm t o re st or e t he de fault. Syntax bridge stp m ax-age < seconds > no bridge stp max - age seconds - T ime in seconds. (Range: 6-40 seconds) The minimu[...]

  • Page 238

    Command Li ne Interface 7-86 7 Command Mode Global Co nfiguration Command Usage Bridge prior i ty is used in selecti ng the root devi ce, root port, an d designated port. The de vice with the highest pr i ority be comes the STP root devi ce. Howeve r , if all dev ices have the s ame p riori ty , the device with the lowes t MA C address will then be[...]

  • Page 239

    Spanning Tree Commands 7-87 7 Default Sett in g 128 Command Mode Interface Configuratio n Command Usage • This com m an d defines t he pr i or ity for th e us e of a port in the Sp an ning Tree Protoco l. If the p ath cost for al l p or ts on a w i re le ss bridg e are the sa m e, th e por t wi th th e hi ghes t pr i orit y (th at is , lowe st va[...]

  • Page 240

    Command Li ne Interface 7-88 7 Ethernet Interface Comm ands The comm a nds descr ib ed in this secti on co nf i gur e co nnection parameters f or th e Ethernet p or t an d w ire le ss inter f ace . interfac e etherne t This comm an d enters Eth er net int er fa ce c onfigurati on mode. Default Sett in g None Command Mode Global Co nfiguration Examp[...]

  • Page 241

    Ethernet Interfac e Commands 7-89 7 dns se rver Thi s com mand s pec ifie s th e ad dres s fo r th e pr imary or s eco ndar y dom ain name ser ver to b e used for nam e-t o-ad dres s re solu tion . Syntax dns p rimary-serve r < s erver-ad dress> dns seco ndary-ser ver < serv er-address > • pri mary- ser ver - Pri mar y se rver used fo[...]

  • Page 242

    Command Li ne Interface 7-90 7 Command Mode Interface C onfigurat i on (Eth ernet) Command Usage • DHCP is enabled by default. To manually configure a new IP address, you must fi rst disable th e DHCP client with the no ip dhcp co mmand . • You must assign an IP address to this device to gain man agement ac cess over the ne twork or to conn ect[...]

  • Page 243

    Ethernet Interfac e Commands 7-91 7 • When you use this command, the access p oint will b egin broadcasting DHCP client request s. The current IP addr ess (i.e., default or manually configur ed a ddress) w ill con tinue to be eff ec tive until a DHC P rep l y is rec ei ve d. Re que sts w i ll be b ro adc as t per i odi c all y by t hi s de vi ce [...]

  • Page 244

    Command Li ne Interface 7-92 7 shutdown This comm an d disables the Etherne t int er face . T o res tart a disa bled inte rfac e, use the no form. Syntax sh ut dow n no shutdown Default Sett in g Interface en abled Command Mode Interface C onfigurat i on (Eth ernet) Command Usage This comm and allows you to disa ble the Etherne t port due to abno r[...]

  • Page 245

    Wireless Interface Comman ds 7-93 7 Example Wireless Interface Com mands The comm a nds descr ib ed in this secti on co nf i gur e co nnection parameters f or th e wir eles s int e rfa c es. Enterprise AP#show interface ethernet Ethernet Interface Information ======================================== IP Address : 192.168.1.1 Subnet Mask : 255.255.25[...]

  • Page 246

    Command Li ne Interface 7-94 7 beacon-in terval Configu res the rat e at which beacon s ignals are transmit ted fro m the acce ss point IC-W 7-10 3 dtim-perio d Con figures the rate at wh ich station s in sleep mode must wa ke up to receive broadcast /multicast transmis sions IC-W 7-10 3 fragmenta tion- le ngth Configu res the mi nimum packet siz e[...]

  • Page 247

    Wireless Interface Comman ds 7-95 7 interfac e wirel ess This comm an d enters w irel es s i nt er face c onfigura tion mode. Syntax inte rfac e wireless < a | g > • a - 802.11 a ra dio i nt er fa ce . • g - 802.11 g ra dio i nt er fa ce. Default Sett in g None Command Mode Global Co nfiguration Example T o speci fy the 8 02. 1 1a in terf[...]

  • Page 248

    Command Li ne Interface 7-96 7 speed This comm an d config ur es the maximu m da ta ra te at wh ic h th e ac cess poi nt transmi ts un ic ast packe ts. Syntax speed < speed> speed - Maximum access speed allowed for wireless client s. (Options for 802.1 1a: 6, 9, 12, 18, 24, 36, 48, 54 Mbps) (Options for 802.1 1b/g: 1, 2, 5.5, 6, 9, 1 1, 12, 1[...]

  • Page 249

    Wireless Interface Comman ds 7-97 7 Command Usage • The nor m al 802 .11a wirel es s op eration m od e provide s co nnections up to 54 Mbps. Tur bo Mode is an enh anced mo de (not regula ted i n IE EE 802.11a ) that provide s a highe r data rate of up to 108 M bps. Enab ling Turbo Mode al low s t he access poi nt to pro vi de connection s up to 1[...]

  • Page 250

    Command Li ne Interface 7-98 7 chan nel This c ommand configur es the radio channel through which the ac cess p oint comm uni ca tes with w i rele ss clients. Syntax channel < channe l | auto > • channel - Manually se ts the radi o ch ann el used fo r co m m un ications w ith wireless clients. (Ran ge for 802.11a : 36, 40, 44, 48, 52, 56, 6[...]

  • Page 251

    Wireless Interface Comman ds 7-99 7 Default Sett in g ful l Command Mode Interfa ce Configur ation (Wirel ess) Command Usage • The “mi n” key word indica tes minim um power. • The longe r the trans m is sion distance, th e hi gh er the trans m issi on power required . But to support the m aximum num ber of users in an area, you mus t keep t[...]

  • Page 252

    Command Li ne Interface 7-100 7 Example preamble This comm an d sets the length of the signal pr ea mble that is use d at the start of a 802.1 1b/g data tr ansmiss ion. Syntax preamb le [ long | short-or -long ] • lon g - Sets the pr eamble to lo ng ( 192 microsec on ds). • sh ort- or -lon g - Sets the prea mble to sho rt if no 802.11 b cl i en[...]

  • Page 253

    Wireless Interface Comman ds 7-101 7 antenna c ontrol This comm an d selects the u se of two dive rsity antenn as or a sing le ant en na for the radio inter fa ce . Syntax antenna co nt rol < dive rsity | lef t | right > • diversity - The radio us es two identic al ant en nas in a diver si t y m od e. • left - The radi o us es a single an[...]

  • Page 254

    Command Li ne Interface 7-102 7 Command Mode Interfa ce Configur ation (Wirel ess) Command Usage • See “Ex te rn al Ant en na Option s” on pa ge 1-5 for a list of th e ava i la ble antenna options and t heir pa rt numb ers. • The opt iona l external an tennas ( if any ) t ha t are certifie d fo r us e w ith th e access po int are listed b y[...]

  • Page 255

    Wireless Interface Comman ds 7-103 7 beacon-int erval This comm and con figures the rate at w hich beac on signa ls are trans mitted from the access po int. Syntax beacon-int erval < inte rval> interv al - The r ate for transmitting bea con signals. (Range: 20-1000 milliseconds) Default Sett in g 100 Command Mode Interfa ce Configur ation (Wi[...]

  • Page 256

    Command Li ne Interface 7-104 7 will save all broadcast /multicast fr ames for the Bas ic Service Set (BSS) and forwar d th em af t er e ver y se cond beac on. • Using smalle r DTIM i ntervals delivers b roadcast/ multicas t frames i n a mo re timely ma nn er, causin g st at i ons in Pow er Sav e m od e to wake up m ore often and d rain pow er fa[...]

  • Page 257

    Wireless Interface Comman ds 7-105 7 rts-threshold This comm an d sets the packet siz e threshol d at w hich a R e quest to S end (RTS) signal mu st be s ent to the re ceivi n g station prior to the send ing station starting comm unicatio ns. Syntax rts-thre shold < thre shol d> threshold - Threshold packet size for which to s end an RTS. (Ra[...]

  • Page 258

    Command Li ne Interface 7-106 7 super-a Thi s com mand enab les A the ros prop riet ary Supe r A pe rfor man ce en han cemen ts . Use t h e no form to disable this function. Syntax [ no ] super-a Default Sett in g Disabled Command Mode Interfa ce Configur ation (Wirel ess - 802.1 1a) Command Usage Super A enhanc ements include bursting, compress io[...]

  • Page 259

    Wireless Interface Comman ds 7-107 7 descri ption This comm an d adds a desc ript i on to a the wireles s interface. U se the no form to remov e th e de scription. Syntax description < string > no description string - Comment or a description for this interface. (Range: 1-80 characters) Default Sett in g Radi o A: Ent erpr is e 802. 1 1a A cc[...]

  • Page 260

    Command Li ne Interface 7-108 7 clos ed-s ystem Thi s com mand prohi bit s a cce ss t o cli ent s w itho ut a pre- conf ig ured SSID . Use the no form to disa ble this featur e. Syntax clo sed-s yst em no closed-syst em Default Sett in g Disabled Command Mode Interface C onfigurat ion (Wireles s-V AP) Command Usage When closed system is enabled, th[...]

  • Page 261

    Wireless Interface Comman ds 7-109 7 assoc-tim eout-interv al This comm an d config ur es the id le tim e int er val (w hen no frame s are sent) a fter whi ch t he cl ien t is dis assoc iat ed f rom t he V AP int erf ace. Syntax assoc-time out-interva l < minutes > minutes - The number of minutes of inactivity before disassociation. (Range: 5[...]

  • Page 262

    Command Li ne Interface 7-110 7 Default Sett in g Interface en abled Command Mode Interface C onfigurat ion (Wireles s-V AP) Command Usage Y ou must f i rst ena ble V A P interf ace 0 before yo u can ena ble V AP interfaces 1, 2, 3, 4 , 5, 6, o r 7. Example Enterprise AP(if-wireless g: VAP[0])#shut down Enterprise AP(if-wireless g)#[...]

  • Page 263

    Wireless Interface Comman ds 7-111 7 show inte rface wireless This comm an d displ ays the status for the wire le ss int er face. Syntax show i nterface wi reless < a | g > vap- id • a - 802.11 a ra dio i nt er fa ce . • g - 802.11 g ra dio i nt er fa ce. • vap-id - The number that ide ntifies the VAP i nterface. (Options : 0~3) Command[...]

  • Page 264

    Command Li ne Interface 7-112 7 ----------------802.1x------------------- -------------------------------- 802.1x : DISABLE D Broadcast Key Refresh Rate : 30 min Session Key Refresh Rate : 30 min 802.1x Session Timeout Value : 0 min ----------------Antenna------------------ -------------------------------- Antenna Control method : Diversi ty Antenn[...]

  • Page 265

    Wireless Interface Comman ds 7-113 7 show sta tion Thi s co mmand shows t h e wire less clie nt s assoc ia t ed with t h e acce s s poin t. Command Mode Exec Example Enterprise AP#show station Station Table Information ========================================= =============== if-wireless A VAP [0] : 802.11a Channel : 60 No 802.11a Channel Stations.[...]

  • Page 266

    Command Li ne Interface 7-114 7 Rogue AP Detection Comm ands A “rogue AP ” is ei ther an ac cess po int tha t is no t a ut hor i zed to participat e in th e wireless network, or an acc ess poin t that do es not have the correct se curity configur at io n. Rog ue APs can poten tially allow un author ized users acce ss to the net work. Al tern at[...]

  • Page 267

    Rogue AP Detection C ommands 7-115 7 • A “rog ue AP ” is either an ac ce ss point that is no t authorized to particip at e in the wire le ss n etwork, or a n acc ess poin t that do es not have the correct security con figuratio n. R o gue acces s points can be identifie d by unknow n BSSI D (MAC addr ess) or S SID conf igurat ion. A dat abase[...]

  • Page 268

    Command Li ne Interface 7-116 7 rogu e-ap durat ion This comm an d sets the sca n du ration fo r de te ct ing ac cess po in ts. Syntax rogue-ap d uration <milliseconds> milliseconds - The duration of the scan. (Range: 1 00-1000 milliseconds) Default Sett in g 350 millisec onds Command Mode Interfa ce Configur ation (Wirel ess) Command Usage ?[...]

  • Page 269

    Rogue AP Detection C ommands 7-117 7 Example Related Commands rogue-a p duration (7- 1 16) rogue-a p scan This comm an d starts an immed ia t e sca n for acce ss poi nts on th e ra di o in terf a ce. Default Sett in g Disabled Command Mode Interfa ce Configur ation (Wirel ess) Command Usage While the access point scans a channel for rogue APs, wire[...]

  • Page 270

    Command Li ne Interface 7-118 7 show rogu e-ap This comm an d displays the current ro gue AP database. Command Mode Exec Example Wireless Security Comm ands The comm a nds descr ib ed in this secti on co nfigure para m et er s f or wir el es s se curity on the 802 .1 1a and 802.1 1g interface s. Enterprise AP#show rogue-ap 802.11a Channel : Rogue A[...]

  • Page 271

    Wireless Security Commands 7-119 7 auth This c ommand configur es authe ntication for the V AP interface. Syntax auth < open -system | shared-key | wp a | wp a-ps k | wp a2 | wp a2-p sk | wpa-wpa2-mixed | w pa-wpa2-p sk-mi xed | > <required | suppor ted> • open-sys tem - Accep ts the cl ien t wit h out ve rif y i ng it s iden tit y us[...]

  • Page 272

    Command Li ne Interface 7-120 7 • To u se W EP sh ared-k ey au th en tication, set th e aut h entication typ e t o “share d-key” and de fine at leas t one static W EP key w ith the key comma nd. Encrypti on i s au to m at i call y en abled by the comman d. • T o use W EP encryption only (no authentication), s et the authenti c ation ty pe t[...]

  • Page 273

    Wireless Security Commands 7-121 7 Example Related Commands encrypt ion (7-121 ) key (7 -122) encryp tion This comm an d enable s data e ncr yp tion for wire less comm u nication s. Use t he no form to disa ble data encry pt io n. Syntax encr ypt ion no encrypt ion Default Sett in g disabled Command Mode Interface C onfigurat ion (Wireles s-V AP) C[...]

  • Page 274

    Command Li ne Interface 7-122 7 key This comm an d sets the keys us ed for WE P enc ryption. U se the no form to d elete a configur ed k ey . Syntax key < index > < size > < type > < value > no key in dex • ind ex - Ke y inde x. (Range : 1-4) • size - Key si ze. (Op tions: 64 , 12 8, or 15 2 bit s) • type - In p u t fo[...]

  • Page 275

    Wireless Security Commands 7-123 7 transmit-ke y This comm an d sets the index of the key to be used f or encr yp ting data fram es for broadca st or multicas t traffic transmi t te d f rom t he V AP to wirel es s clients. Syntax transm it-key < index> index - Key index. (Ran ge: 1-4) Default Sett in g 1 Command Mode Interface C onfigurat ion[...]

  • Page 276

    Command Li ne Interface 7-124 7 ciph er-s uite This comm an d define s the ci p her algori thm used to enc ry pt th e gl ob al key for broadca st and multicast traffic wh en us ing Wi-Fi Pr ot ec ted Acces s (W P A) security . Syntax multicast- cipher < aes-ccmp | tkip | wep > • aes-ccm p - Use AES-C CMP encry pt i on f or the uni ca st and[...]

  • Page 277

    Wireless Security Commands 7-125 7 • AES -CCM P (Advanced Enc ryption Stan dar d Cou nter-Mode /CBCMAC Protocol): W PA2 is backward compatible wit h WPA, including the same 802.1X and PSK m odes of operation and support for TKIP encryp tion. The main enh anceme nt is its use of AE S Coun ter-Mode e ncryption with Ciphe r Block Cha inin g M es sag[...]

  • Page 278

    Command Li ne Interface 7-126 7 Example wpa-pr e-shared-key This comm an d defines a W i -Fi Pr ot ec te d Acc ess (WP A/WP A2 ) Pre-share d- ke y . Syntax wpa-pre-shared- key < hex | p assph rase-ke y > < value> • hex - Specif ie s he xadecima l digits as th e ke y input form at. • passph rase-key - Specifies an ASC II pas s-phra s[...]

  • Page 279

    Wireless Security Commands 7-127 7 Command Mode Interface C onfigurat ion (Wireles s-V AP) Command Usage • WPA2 provides fast roam ing for authen ticated clients by re taining keys and other se curity inform ation in a cac he, so th at if a client roam s away fro m an access po int and then retu rns reauthe ntication is not require d. • Whe n a[...]

  • Page 280

    Command Li ne Interface 7-128 7 know n to be a lread y au the ntica ted, so i t pr oce eds direc tl y to k ey e xchan ge and assoc iation. • To s upport pre -authentic ation, both clients and ac cess poi nts in the net work must be WP A2 enabled . • Pre- aut he ntication requires al l acce ss points i n t he ne tw ork to be on the same IP subn [...]

  • Page 281

    Link Integri ty Commands 7-129 7 link-int egrity ping-det ect This comm an d enable s link in te gr ity detection . Us e th e no form to di sable link inte gri t y det e cti o n. Syntax [ no ] link-integrity ping-detect Default Sett in g Disabled Command Mode Global Co nfiguration Command Usage • Whe n l i nk i nte gri t y is en able d, t he I P [...]

  • Page 282

    Command Li ne Interface 7-130 7 link-integrity ping-inte rval This c ommand configur es the t ime be tween e ach Ping sent to the l ink hos t. Syntax li nk- int egr ity ping -int e rval < in terval > interv al - The time between Pings. (Range: 5 - 60 seconds) Default Sett in g 30 seco nds Command Mode Global Co nfiguration Example link-integr[...]

  • Page 283

    Link Integri ty Commands 7-131 7 Command Mode Global Co nfiguration Example show lin k-integrity This comm an d displays the current link in te gr ity configura tion . Command Mode Exec Example Enterprise AP(config)#link-integrity ethe rnet-detect Notification : Ethernet Link Detect SUCCE SS - RADIO(S) ENABLED Enterprise AP(config)# Enterprise AP#s[...]

  • Page 284

    Command Li ne Interface 7-132 7 IAPP Commands The comm a nd describe d in this sec tio n ena bles the pro tocol sig nali ng required to ensure t he s ucc essful han dover of wi r el es s cl ie nts roam i n g between di ffere nt 802.1 1f-complian t access poi nts. In oth er w or ds, th e 80 2.1 1f pr ot oco l can ensu re success ful roamin g between[...]

  • Page 285

    VLAN Commands 7-133 7 VLAN Commands The access point can ena ble the supp ort of VLAN -tagge d traffic passing bet w een wireless clien ts and the wired net wor k. Up to 64 VLAN I Ds ca n be mappe d to specific wi reless client s, allo wing users to remain within the same VLAN as they move ar oun d a campus si te . When VLAN i s en ab led on the ac[...]

  • Page 286

    Command Li ne Interface 7-134 7 • Traf fic ent er ing t he Et he rnet port mu st be ta gg ed with a VLA N ID that matches the access point’s nat ive VLAN ID, or with a VLAN tag that match es o ne of the wire le ss clients cu rrent l y as sociated with the acce ss point. Example Related Commands management -vlanid (7-1 34) managem ent-vlanid Thi[...]

  • Page 287

    WMM Commands 7-135 7 Default Sett in g 1 Command Mode Interface C onfigurat ion (Wireles s-V AP) Command Usage • To impl em e nt the defaul t VL AN ID s et ting fo r VAP interf ac e, the access point mus t enab le VLAN supp or t using the vlan co mmand. • When VLANs ar e ena bled, the a cce ss point ta gs f ra m es received from wir eles s cli [...]

  • Page 288

    Command Li ne Interface 7-136 7 wmm This comm an d sets the WMM o perationa l mo de on the acces s po int. Use the no form to disa ble WMM . Syntax [ no ] wmm < supported | requi red > • supported - WMM will be u sed for any as sociated device t hat supp orts this feature. Device s that do not sup port this fea ture ma y still ass ociate w [...]

  • Page 289

    WMM Commands 7-137 7 interpreta bility with o ther wired network QoS p olicies. While the four ACs are specifie d for specif ic types of tr affic, WMM allo ws the priority levels to be conf igured to match an y network- wide QoS p olicy. W MM also s pecifies a proto col that ac cess po ints ca n use to c ommun icate the c onfigu red traffic priorit[...]

  • Page 290

    Command Li ne Interface 7-138 7 • admissi on_cont rol - The adm i s si on contr ol mo de for th e ac ces s cate gory . When en able d, cl ien ts ar e bloc ked fr om usi n g the ac cess ca tego ry . (Options: 0 t o disa ble, 1 to enab le) Default Command Mode Interfa ce Configur ation (Wirel ess) Example AP Param eters WMM Par ameters AC0 (B est E[...]

  • Page 291

    A-1 Appendix A: Tr oubleshoo ting Check the following items bef or e yo u contact loca l T echni ca l Support . 1. If wireless clients canno t ac ce ss the net wor k, check the fo llow ing: • Be sure the a ccess po int and t he wirel ess clien ts are con figured with the s ame Service Set ID (SSID). • If auth entication or encryption are enabl [...]

  • Page 292

    T roubleshooti ng A-2 A 3. If you canno t access t he on-board con figuratio n pr ogram via a ser ial port connect ion: • Be sur e you h ave set the te rmin al em ul at or progr am to VT100 co mpat ibl e, 8 data bits , 1 stop bit, no parity an d 9600 bp s. • Che ck that the null- m od em serial cab le conf or m s to the pi n- out co nnections p[...]

  • Page 293

    B-1 Appe ndix B: Ca bles an d Pi nouts Twisted-Pair Cable Assignments For 10/100 BASE-T X connecti ons, a twi sted-pair cab le must ha ve two pairs of wires. Each wire pair is iden t ified b y two different co lors . Fo r ex am p le, one wire mig ht be green and the other , green with w hi te st r ip es. Al so , an RJ-45 co nn ector mus t be attach[...]

  • Page 294

    Cables and Pino uts B-2 B Straight- Through Wiring Beca use the 10/10 0 Mbp s port on t he ac cess poi nt u ses an MDI pin conf igur at ion, you must us e “s traight-t hr ou gh” cable fo r ne two rk connect io ns t o hu bs or switch es that only h ave MDI-X po rts. How e ver , if the device t o w hi c h you are con ne cting supports au t o- M D[...]

  • Page 295

    T wisted-Pair Cable Assignments B-3 B Crossover Wiring Beca use the 10/10 0 Mbp s port on t he ac cess poi nt u ses an MDI pin conf igur at ion, you must us e “c ro ssover” cab le for netwo rk con nections t o PC s , se rv er s or other end nodes that only hav e M D I por ts. How ev er , if the device to whi ch you are connect i ng su pports au[...]

  • Page 296

    Cables and Pino uts B-4 B 8-Pin DIN to RJ-45 Cable Wirin g T o constr uct an ex tend ed Et her n et ca ble t o co nnec t f ro m t h e po w er in j ecto r’s RJ- 45 Outp ut p ort to t he wi rel ess brid ge’ s 8 -pin DIN conn ect or , foll ow t he w iri ng di agr am below . Use C ategory 5 or better UTP or STP cabl e, maxim um leng th 100 m (328 f[...]

  • Page 297

    C-1 Appendix C: Spe cification s General Specif ications Maximu m Channels 802.1 1a: US & Canada : 13 (norm al mo de ), 5 (turbo mo de) Jap an: 4 (n orm al mo de), 1 (t ur bo mode ) ETSI: 1 1 channels (nor m al m ode ), 4 (turbo m ode ) T a iwan: 8 (n or m al mo de), 3 (turbo mode) 802.1 1b/g: FCC/IC: 1-11 ETSI: 1-13 France: 10- 13 MKK: 1-14 Ta[...]

  • Page 298

    Specifications C-2 C Operating Frequ enc y 802.1 1a: 5.15 ~ 5.25 G H z (lower band) US/Cana da , Japan 5.25 ~ 5.35 GHz (m iddle ba nd) US/ Canada 5.725 ~ 5.82 5 GHz (upp er band) US /Canada 5.50~ 5.70 G H z Eur op e 5.25 ~ 5.35 GHz (m iddle ba nd) T aiwan 5.725 ~ 5.82 5 GHz (high b and) T aiwan 802.1 1b: 2.4 ~ 2.4835 GHz (US, Can ad a, ETSI) 2.4 ~ [...]

  • Page 299

    General Specificati ons C-3 C Wireless Radio/Regulatory Certification ETSI 300 32 8 (1 1b/g) , 30 1 89 3 (1 1a Fu ll range), 30 1 489 (DC power ) FCC Part 15C 15.247/15. 20 7 (1 1b/g) , P ar t 15E 15. 40 7 (1 1a Fu ll range) Wi-Fi DG T TELEC RSS210 (Canada) C-T ick Electromagneti c Compatibil ity CE Class B (EN 55022) CE EN5502 4, IEC61 000 -3 -2 ,[...]

  • Page 300

    Specifications C-4 C Sensi tivity Table C -1 Se nsitivity 8 02.11a IEEE 802. 1 1a Sensi ti vity (GHz - dBm) Modulatio n/Rate s 5.15- 5.250 5.25-5 .350 5.50-5 .700 5.725-5 .825 BPSK (6 Mbps) -89 -89 -91 -90 BPSK (9 Mbps) -89 -89 -89 -88 QPSK (12 Mbps ) -8 8 -87 -87 -87 QPSK (18 Mbps ) -8 5 -85 -85 -84 16 QAM ( 24 Mbp s) -81 -81 -83 -80 16 QAM ( 36 M[...]

  • Page 301

    Transmit Power C-5 C Transmit P ower Table C- 4 Tran smit Pow er 802.11 a IEEE 802 .1 1a M aximum O utput Po wer (GHz - dBm) Data Rate 5.15 -5.250 5.2 5-5.350 5.5 0-5.700 5. 725-5.825 6 Mbps 18 18 18 18 9 Mbps 18 18 18 17 12 Mbps 1 8 18 18 17 8 Mbps 18 18 18 17 24 Mbps 1 8 18 18 17 36 Mbps 1 8 18 18 17 48 Mbps 1 7.5 17 17 16.5 54 Mbps 1 7.5 17 16.5[...]

  • Page 302

    Specifications C-6 C Antenna Specifications 18 dBi High Gain Directional Panel (2.4GHz) Model Num ber ACC04- 050090 Frequenc y Range 2.4 - 2.5 GH z Gain 18 dB i VSWR 1.5 : 1 max Po l a r i z a t i o n Linear, vertica l/ho rizontal HPBW Hori zo nt al: 1 5° Ve r t i c a l : 1 5 ° Fr ont-to-Bac k Ratio >26 dB P o wer Handling 50 W (cw) Impedanc e[...]

  • Page 303

    Antenna Specificati ons C-7 C 8 dBi Omnidirectional (2.4 GHz) Model Num ber ACC04- 05028A Frequenc y Range 2.400~2 .500 GHz Gain 8 dBi VSWR 2.0 : 1 max Po l a r i z a t i o n Linear, vertica l HPBW Hori zo nt al: 3 60° Ve r t i c a l : 1 5 ° Downt ilt 0° P o wer Handling 10 W (cw) Impedanc e 50 Oh ms Connector N type, fema le Radome Material : F[...]

  • Page 304

    Specifications C-8 C 10 dBi Sector (2.4 GHz) Model Num ber ACC04- 053830A Frequenc y range 2.4~2.5 G H z Gain 10 dB i VSWR 1.5 : 1 max Po l a r i z a t i o n Linear, vertica l HPBW Linear: 12 0° Ve r t i c a l : 1 5 ° Downt ilt 0° P o wer Handling 5 W (cw) Impedanc e 50 Oh ms Connector N Jack Radome Material : Fibe r gla ss Color: Gray-whit e En[...]

  • Page 305

    Antenna Specificati ons C-9 C 8 dBi Omnidirectional (2.4 GHz) Model Num ber ACC04- 05427A Frequenc y range 2.4~2.5 G H z Gain 8 dBi VSWR 2.0 : 1 max Po l a r i z a t i o n Linear, vertica l HPBW Hori zo nt al: 3 60° Ve r t i c a l : 1 5 ° Downt ilt 0° P o wer Handling 10 W (cw) Impedanc e 50 Oh ms Connector N plug Radome Material : Fibe r gla ss[...]

  • Page 306

    Specifications C-10 C 8 dBi Omnidirectional (5 GHz) Model Num ber ACC04- 090380 Frequenc y range 5.47~5.875 GHz Gain 8 dBi VSWR 2.0 : 1 max Po l a r i z a t i o n Linear, vertica l HPBW Hori zo nt al: 3 60° Ve r t i c a l : 1 5 ° Downt ilt 0° P o wer Handling 10 W (cw) Impedanc e 50 Oh ms Connector N plug Radome Material : Fibe r gla ss Color: G[...]

  • Page 307

    Antenna Specificati ons C-11 C 12.5~13.5 dBi 60-Degree Sect or (5 GHz ) Model Num ber ACC04- 200010 Frequenc y range 4.9~5.875 GH z Gain 12. 5~ 13. 5 dBi VSWR 2.0 : 1 max Po l a r i z a t i o n Linear, vertica l HPBW Hori zo nt al: 1 20° Ve r t i c a l : 6 ° Downt ilt 0° P o wer Handling 5 W (cw) Impedanc e 50 Oh ms Connector N type, fema le Rad[...]

  • Page 308

    Specifications C-12 C 8 dBi Omnidirectional (5 GHz) Model Num ber ACC04- 200180 Frequenc y Range 5.5~5.825 GH z Gain 8 dBi VSWR 2.0 : 1 max Po l a r i z a t i o n Linear, vertica l HPBW Hori zo nt al: 3 60° Ve r t i c a l : 1 5 ° Downt ilt 0° P o wer Handling 10 W (cw) Impedanc e 50 Oh ms Connector N type, fema le Radome Material : Fibe r gla ss[...]

  • Page 309

    Antenna Specificati ons C-13 C 23 dBi High-Gain Panel (5 GHz) Model Num ber ACC04- 20212A Frequenc y range 5.725 ~5.87 5 GHz Gain 23 dB i VSWR 1.5 : 1 max Po l a r i z a t i o n Linear, vertica l/ho rizontal HPBW Hori zo nt al: 9 ° Ve r t i c a l : 9 ° Fr ont-to-Bac k Ratio 30 dB Cr oss P olari zation 25 dB P o wer Handling 20 W (cw) Impedanc e 5[...]

  • Page 310

    Specifications C-14 C 8 dBi Omnidirectional (5 GHz) Model Num ber ACC04- 202130 Frequenc y range 5.15~ 5.35 G H z Gain 8 dBi VSWR 2.0 : 1 max Po l a r i z a t i o n Linear, vertica l HPBW Hori zo nt al: 3 60° Ve r t i c a l : 1 5 ° Downt ilt 0° P o wer Handling 10 W (cw) Impedanc e 50 Oh ms Connector N plug Radome Material : Fibe r gla ss Color:[...]

  • Page 311

    Antenna Specificati ons C-15 C 8 dBi Omnidirectional (5 GHz) Model Num ber ACC04- 200180 Frequenc y range 4.9~5.35 G H z Gain 8 dBi VSWR 2.0 : 1 max Po l a r i z a t i o n Linear, vertica l HPBW Hori zo nt al: 3 60° Ve r t i c a l : 1 2 ° Downt ilt 0° P o wer Handling 5W (cw) Impedanc e 50 Oh ms Connector N plug Radome Material : Fibe r gla ss C[...]

  • Page 312

    Specifications C-16 C[...]

  • Page 313

    D-1 D-1 Appendix D: Montie ren der Bridge Die Bridge k ann auf folgend en Oberfläche ntypen m on tie rt werden : •M a s t • Wand oder elektris che r Kasten (NEM A En closure) Achtun g: Die Bridge darf nur im Fr ei en v erwendet wer den . Installieren Sie die Bridge n icht in I nnenräum en. Verwenden der Halterun g für Mastmontage Montieren S[...]

  • Page 314

    Montieren d er Bridge D-2 D 3. S tecken Sie die Rä nder der V-förmigen Halte ru ng i n die Au ssparungen in der rechtecki g en Platte un d zi eh en Sie die Mu tter n f est an . 4. Befestigen Si e d ie verstellbar e, re ch teckige Pl atte mit den beigefügten Schr aube n an de r Br id ge. Schlitze[...]

  • Page 315

    V erwenden der Halter ung für Wandmontage D-3 D 5. Befestigen Si e d ie Bridge mit Hal t er an de r am M as t a nge brachten Pl at t e. Befestig en Sie d ie drahtlose B ridg e m it de n beigefügt en Muttern an de r Halterung . Berücks ichtigen S ie dabei die Aus richtung der Ant ennenpolar isierung; alle Ant ennen in eine m Li nk mü ssen mit de[...]

  • Page 316

    Montieren d er Bridge D-4 D 2. Halten Sie die Hal te ru ng an der gew ü nschte n S telle an und markieren Si e di e Position en d er drei Löcher für di e M onta ges chraube n. 3. Bohren Sie dr ei Löc her in die Wand, passend zu den Schrauben und den Dübe ln, die der Halt eru ng be igel egt sin d, u nd be fest ige n Si e di e Hal ter ung an der[...]

  • Page 317

    Anschließen der externen Antennen D-5 D 5. V erbinden S ie das Ethernet - Kab el (und da s Net zk abel, fall s er fo rd er lich ) mit den Anschl ü sse n auf der V order sei te de r Bridge. Anschließen der extern en Antennen Die in der Bridge ei ng ebaute An te nn e is t ihre H au ptan tenne . Für einige Anwend ung en, z.B. Einsa t z ei nes WA62[...]

  • Page 318

    Montieren d er Bridge D-6 D Anschließen der Kabel an das Gerät 1. V erbinden S ie das Ethernet -Kabel m it dem Ethern et-Port de r drah tlosen Bridge. 2. Umwick el n Si e als zu sätzlic hen Schutz geg en Regen ode r Fe uch tigkeit den Ethernet -An sc hluss mit was serdicht em Kl ebe band (nicht m itg el ief ert) . 3. Achten Sie da rauf, das Ge[...]

  • Page 319

    Anschließen des PoE Injectors D-7 D Anschließen des PoE In jectors So schließe n Si e die dr ah tlose Bridge an eine S tromqu el le an: Achtun g: In st al lier en Si e den P oE I njec tor n ic ht im Fr eien . Da s Ger ät d arf nur in Innenräumen ins talliert werden. Hinweis: Der Etherne t-Po rt der drahtlos en Bridge unt erst üt zt ke in PoE [...]

  • Page 320

    Montieren d er Bridge D-8 D 1. S tecken Sie de n N et zle itungsst eck er direkt in d en sta nda rdmäßige n Netzans chluss de s I nj ect o r-Modul s. 2. V erbinden Sie das an dere Ende de r Net z leitung mit ei ne r ge erd eten, 3-po lig en Netzst romquelle . Hinweis: Bei internati on aler V erwendun g müssen Sie eve ntuell die Net zl e itun g a[...]

  • Page 321

    Glossary-1 Glossary 10BASE-T IEEE 802. 3 specific ation for 10 Mbps Ether net over two pai rs of Cate gory 3 or be tter UTP cable. 100BASE- TX IEEE 802. 3u s pec ification fo r 10 0 M bps Fas t Ethe rnet over t wo pairs of Cat eg ory 5 or better UTP ca ble. Access Point An intern etworking device that seam lessly connects w ired and w ireless ne tw[...]

  • Page 322

    Glossary-2 Glossar y Broadcast Key Broadca st key s are sent to station s us ing 802.1X dy namic keyi n g. Dy na mic broad cas t key rotation is often use d to allow th e ac cess poin t to ge nerate a ran dom gr ou p key an d periodic al ly upd ate all key -ma nageme nt capable wir el ess cl ie nts. CSMA/CA Carrier Sense Mul tiple Access with Colli[...]

  • Page 323

    Glos sary- 3 Glossar y IEEE 802 .11b A wireless s tandard that supp or ts wirel e ss comm un ic at i ons in the 2.4 G Hz ba nd using Direct Seq uence Spread S pectrum (DS SS). The s tandard prov ides for data rate s of 1, 2, 5.5, and 1 1 Mbps. IEEE 802 .11g A wireless s tandard that supp or ts wirel e ss comm un ic at i ons in the 2.4 G Hz ba nd us[...]

  • Page 324

    Glossary-4 Glossar y Power over Ether net (PoE) A specificat i on f or pro vi ding both power and data to low-powe r networ k dev i ces usi ng a single Cat egory 5 Ethe rnet cabl e. PoE provides greater fle xibility in the lo cating of acc ess point’s and netw o rk devices, an d significa ntly dec re ase d installation c osts. RADIUS A logon auth[...]

  • Page 325

    Glos sary- 5 Glossar y Temporal Key Integrity Pr otocol (TKIP) A data encryptio n method des ig ne d as a replacem e nt for WEP . TKIP avoids the problem s of WEP static key s by dynam i call y ch anging da ta enc ry pt i on ke ys . Trivial File Tra nsfer Protocol (TFTP) A TCP/IP pr otoc ol common l y use d for software dow nloads. Virtua l Access [...]

  • Page 326

    Glossary-6 Glossar y[...]

  • Page 327

    Index-1 Numerics 802.11g 7- 95 A AES 6-84 auth entic ati on 6-12 cipher s uite 6-86, 7-120 closed system 7- 108 configu ring 6 -12 MAC ad dress 6-13, 7-69 , 7-70 type 6-73, 7-108 web redire ct 6-14 B Basic Service Set See BSS beacon interval 6 -62, 7-103 rate 6-62, 7- 103 BOOTP 7 -89, 7-90 BPDU 6-24 BSS 2-2 C cable assign ments B-1 cros sover B -3 [...]

  • Page 328

    Index Index-2 firmware displa ying vers ion 6-30, 7-2 4 upgradin g 6-29, 6-31, 7-56 frag menta tion 7 -104 G gatewa y addres s 5-2, 6-6, 7-1, 7-8 9 H hard ware ve rsio n, di splay ing 7-24 HTTP, se cure server 7-20 HTTPS 7-19 I IAPP 7- 132 IEEE 802 .11a 1-1, 6-52 , 7-95 configu ring in terface 6-53, 7-95 maximu m data r ate 7 -97 radio ch annel 7-9[...]

  • Page 329

    Index Index-3 RSSI BNC 1-7 RTS threshol d 6-63, 7-105 S Secure Sock et Layer See SSL securit y, options 6-73 sessio n ke y 6- 88 shared k ey 6-79, 7-1 22 Simp le Netw ork Ti me Proto col See SNTP SNMP 6-41, 7-40 commun ity na me 7 -41 commun ity st ring 7-41 enablin g traps 6-42, 7-4 2 trap desti nati on 6- 42, 7- 43 trap man ager 6-42, 7-4 3 SNTP [...]

  • Page 330

    Index Index-4[...]

  • Page 331

    [...]

  • Page 332

    Model Number: WA6202 A / WA6202AM Pub. Nu mber: 14910003 4900E E1 12006-DT-R01[...]