LevelOne EAP-200 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of LevelOne EAP-200, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of LevelOne EAP-200 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of LevelOne EAP-200. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of LevelOne EAP-200 should contain:
- informations concerning technical data of LevelOne EAP-200
- name of the manufacturer and a year of construction of the LevelOne EAP-200 item
- rules of operation, control and maintenance of the LevelOne EAP-200 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of LevelOne EAP-200 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of LevelOne EAP-200, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the LevelOne service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of LevelOne EAP-200.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the LevelOne EAP-200 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    1 LevelOne EAP-200 Enterprise Access Point User Manual V1.00[...]

  • Page 2

    2 Table of Content s 1. Before You Start ............................................................................................................................. 3 1.1 Preface ........................................................................................................................................................ ... 3 1.2 Docume[...]

  • Page 3

    3 Article I. Before You Start Section 1.01 1.1 Pref ace This manual is intended for system integrators, field engine ers, and networ k administrators to set up LevelOne’ s EAP-200 802.1 1n/b/ g 2.4GHz MIMO Access Point in their network environment s. It cont ains step-by-st ep proc edures and visual examples to g uide MI S st af f or individu als[...]

  • Page 4

    4 Section 1.03 1.3 Pack age C ontent The sta ndard p ackage of EAP-200 in cludes: • Lev elOne EAP-2 00 x1 • Quic k Installation Guide (QI G) x1 • CD-ROM (with User’s Manua l and QIG) x1 • Conso le Cable x1 • Ethern et Cable x1 • Power Adapter ( DC 12V) x1 • Anten na x2 • Screw Pack x1 • Gr ound Cable x1 It is recomm ended to kee[...]

  • Page 5

    5 Article II. System Overvie w and Getting Started Section 2.01 2.1 Introduction of LevelOne EAP-20 0 The LevelOne EAP-200 Enterprise A ccess Point em bedded with 802.1 1 n/b/g 2.4GHz MIMO radio in dust-proof meta l ho using i s designe d for wireless connectiv ity in enterpr ise or industri al env ironment s o f a ll dimensions. EAP-200 makes the [...]

  • Page 6

    6 Section 2.02 2.2 Deployment Topology Common Netw ork Layout with EAP-200s This above de ployment scenario illustr ates a deploy ment exa mple using t hree access p oint s, A P-1 , A P-2 , and AP-3 . • Three EAP-200 sy stems c onstruct a network co mprising of wire d and wir eless seg ments • AP-2 plays t he role of a w ireless bridge. • All[...]

  • Page 7

    7 Section 2.03 2.3 Hardwa re Description This section de picts the hardw are informat ion including all pa nel descripti on. Connector Panel EAP-200 Con nector Pane l 1 USB Disabled for f uture usage only . 2 WES Press to st art runn ing W ES proce ss. 3 Console Attach t he serial cab le here. 4 LAN1 / LA N2 Attach t he Ethernet cable here f or con[...]

  • Page 8

    8 LED Panel EAP-200 LED Panel 1 Power LED LED ON ind icates power on; OFF indicates pow er off. 2 LAN LED LED ON ind icates LAN ca bl e connected; OFF indic ates no connection; BLINKING indicates tr ansmitting dat a. 3 WLA N LED LED ON indicate s wireless ready . 4 WDS LED LED ON ind icates W D S r eady . 5 WES LED T o indicate W ES stat us. Master[...]

  • Page 9

    9 2.4 Hard ware Install ation Please follow the step s mentio ned below to insta l l the hardwar e of EAP-200: 1. Place the EA P-200 at the best l ocation. The best locat i on for EA P-200 is usua lly at the center of y our intended wireless network. 2. Connect the E A P -200 to y o ur network device. Connect one end of the E thernet cable t o LAN [...]

  • Page 10

    10 Section 2.04 2.5 Console Interface Via thi s port to enter the conso l e interface f or the adm inistrator to check the IP address of EA P -200 and reset the device to default if t he admin pa ssword is forgotten. 1. In order t o connect t o the console p ort of EA P-200, a cons ol e, mode m cable a n d a terminal s imulation program, suc h as t[...]

  • Page 11

    11 When resett ing the dev ice to default fro m the cons o le interface, k ey in “reset 2def” for login and password. Confirm “y es” and EAP-200 will beg i n the reset process. When the log in prompt r eappears, the device has c ompleted the reset to default proce ss and the LAN IP is reset to 192.16 8.1.1.[...]

  • Page 12

    12 Section 2.05 2.6 Access Web Man agement Interface LevelOne EA P-200 suppo rts web-based con f igurati on. Upon the completion of hardwar e installation, EAP-200 can b e configured through a P C by using it s web browser suc h as Mozilla Firefox 2. 0 (and hig her) or Internet Exp lorer version 6.0 (and higher). The default v a lues of the EAP-200[...]

  • Page 13

    13 The Web Management Int erface - S ystem Over view Page[...]

  • Page 14

    14 • To logout, simply cli ck on the Logout butt on at the upper ri ght hand corner of the interface to return to the Administrator L ogin Page. Click OK to logout. Logout Logout Promp t For security r easons, it is strongly recomm ended to change the adm inistrator’s password u pon the com pletion of all configura tion settings[...]

  • Page 15

    15 Please follow the followin g steps t o change the a dministrator ’s p assword: Change Passwo rd Page  Clic k on the Util ities main m enu button, an d then select the Cha nge Pass word tab.  Enter the old pas sword and then a new pas sword with a length o f up to 32 c haracters, an d retype it in the Re-enter N ew Pass word field. Congra[...]

  • Page 16

    16 Article III. Connect your AP to your Network The following i nstructions d epict how t o estab l ish the wireless coverag e of your network. The AP w ill connect to the networ k through it s LAN por t and prov ide wireless ac cess to your network. After having prep ared the EAP-20 0’s har dware for config uration, set the TCP/IP settings of ad[...]

  • Page 17

    17 From here, click on the System icon to arrive at the following page. On this P age you can make ent ries to the Name , De scription , and Locati on fields as w ell as set the device’s t ime. System Informat ion Page There are t wo methods o f setting u p the ti me: Manual (indicat ed by the option Set Date & Ti me ) and NTP . The default i[...]

  • Page 18

    18 While still on t h is Page, click on the Net wo rk Interf ace t ab to begin configurati o n of the net work settings. Network Settin gs Page If the deploy ment decides the AP will be g etting dynamic IP Addresses from th e connected network, set Mode to D HCP ; other wise, set Mode to S tatic and fill in the required f i elds marked w i th a red[...]

  • Page 19

    19 Step 3: Confi gure the AP’s W ireless General Sett ings Click on the W ireless icon follow ed by the General t ab. On this pag e we only need to choose the Band and Cha n nel that we wish to u se. Wireless Gene ral Setting s Page On this pa ge, select the Band wit h which the AP is to broadcast it s signal. The rest of the f ields are optional[...]

  • Page 20

    20 Step 4: Confi guring Wi reless Coverage ( V AP-1) T o setup the AP’s wir eless access, refer to the follow i ng V AP-1 con f iguration (o ther V AP configur ation can refer to the same setu p steps as done for V AP-1). Click on the Ov erview tab to procee d. Virtual AP Over view Page On this pa ge click the hyperlin k in the row a nd column th[...]

  • Page 21

    21 The desired V AP profile can be selected from the dr op-down menu of Profile Name and V AP-1 configuration w ill serve as an example for all other V A Ps. Be fore proceeding further , please make sur e that the V A P fi eld is Enab le ; afterwards, ent er an E S SID to represe nt the WLAN associate d with AP’s V AP-1. It is suggested tha t Pro[...]

  • Page 22

    22 Article IV. Adding Virtual Ac ces s Points EAP-200 pos sesses the f eature of mult i -ESSID; na m ely , it can be ha ve as m ultiple virtual a ccess points, providing dif ferent levels o f services fro m the same physical AP d evice. Please clic k on the Wir eless icon to review the V AP Overview page. VAP Overview Page T o proceed with specific[...]

  • Page 23

    23 Please select the desired V AP profile fro m the drop-down menu of Profile Na me. Choose E nable for the V AP field. Pick a descriptive Profile N ame and an appropriate ESSID for client s to associate to. A VLAN I D can be provided to indicate the traf fics through thi s partic ular V AP . I t may allow further management /control (e.g. access r[...]

  • Page 24

    24 Article V. Secure Your AP Differ ent V AP may require dif ferent level of secur ity . Thes e instructions will gui de the user thr ough setti ng up dif ferent ty pes of secur ity for a p articular V AP . Simp ly repeat the following steps for other V AP with security requi rement. Step 1: Ensure t he inten ded V AP is Enabled VAP Overview Page O[...]

  • Page 25

    25 to begin the next step. Step 2: Confi gure Securi ty Settings for your V AP The following i nstructions wil l guide the us er to set up wireless sec uri ty w ith a specific V AP . If only restricted access of certain M AC addresse s is desired, skip to the St e p3. MAC restriction can b e coupled with wireless sec urity to provide extr a protect[...]

  • Page 26

    26 • None : Authenticat i on is not requi red and d ata is not encrypted during trans mission when this option is selected. This i s the default setting as s ho wn in t he following f igure. Security Settin gs: None • WE P: W EP ( W ired Equivale nt Privacy ) is a data en cryption mech a nism with key length selected fro m 64-bit, 128-bit, or 1[...]

  • Page 27

    27 • 802.1 X: W hen 802.1 X Aut hentication is selected, R ADIUS aut hentication a nd enhanced dyna m ic WEP are prov i ded. Security Settin gs: 802.1 X Authent ication  Dynami c WEP S ettings: o Dynamic WE P : For 802. 1X security type, Dynamic WEP is always enab l ed to aut omatically generate W EP key s for encryption. o WEP K ey Length: Se[...]

  • Page 28

    28 • WPA -PSK: Provide share d ke y authent icaiton in W P A da ta encr yption. Security Settin gs: WPA-P SK  Cipher Sui te: S elect an encryption meth od f ro m TKIP (WP A) , AES (WP A ) , TKIP (W AP2) , AES (W A P2) , or Mixed .  Pre-share d Key T ype: Select a pre-s hared key type: PSK (He x) or Passphrase .  Pre-share d K ey: Enter t[...]

  • Page 29

    29 • WPA -RADIUS: Authenticate users b y RADIU S and provide W PA data encr yption. Security Settin gs: WPA-R ADIUS  WP A Settings: o Cipher Suit e: Select an e ncryption method from T KIP (WP A ) , AES (WP A ) , TKIP ( W AP2) , AES (W A P2) , or Mixed . o Group Key U pd ate P eriod: The t im e interval for the Group Key to be renewed; the tim[...]

  • Page 30

    30 Step 3: Confi guring M AC ACL ( A ccess Control List) Clicking on the hyperlink c orresponding w ith intende d V AP in the M AC ACL col umn, the us e r will be brought t o the A c cess Control Settin g s page. Access Control Settings Page Please cho ose among Disable , A llow , Deny , and RA D IUS A CL from the dr op-down menu of A ccess Control[...]

  • Page 31

    31 MAC ACL Deny Li st[...]

  • Page 32

    32 4) RADIUS A CL : Authentica te incoming MAC address es by an external RA D IUS serv er. W hen RADIUS ACL is selected, all incoming M AC addres ses will be authenticat ed by a n external RADIUS serv er. Pl ease note t hat each VAP MAC ACL and its secur i ty ty pe (shown on the Security S ettings page) share the same RA DIUS con figuration. RADIUS[...]

  • Page 33

    33 Article VI. Create a WDS Bridge between two APs WDS link cre ation will ass ist to extend networ k coverage w here running wires i s not an option, ef f ectively transferring the t raf fics to the other end of WLAN/L AN through the EAP-200. Since this is a peer to peer connection, both EAP-200 s will be con figured by the same way . Step 1: Make[...]

  • Page 34

    34 Step 2: Prev ent Loops if Connecting M any APs When many AP s are linke d in this manner , undesired loop s may form to low er overall WLAN performance. T o prevent such occ urrence, ple ase ma k e sure Layer 2 STP is enabled. T o turn on this featur e, please click on the Sy stem and then Net work Interfac e tab. Network Settin gs Page Please s[...]

  • Page 35

    35 Article VII. Web Managemen t Interface Configuration This chapter will guide the user through the EAP-2 00’s deta iled settings. Th e follow ing tab le shows al l the User Inter face (UI) funct ions of Lev elOne’s EAP-200 Enterprise Access Po i nt. The Web Man agement Interface (W MI) is the p age where the status is displ a yed, control is [...]

  • Page 36

    36 Event Log  Note: On each conf iguration p age, the user may Click SAVE t o save the changes, b ut the user m ust reboot the syste m upon the co mpletion of all configurati ons for the c hanges to take effect. Upo n clicking S AVE , the following message will appear: “Some modif ication has been s aved and w ill take ef fect after R eboot.?[...]

  • Page 37

    37 Section 7.01 7.1 System Upon clicking o n the Sy stem button, users can w o rk on t his section for general con fi gurations of the devices (e. g. Time Setup, Network Configurations, a nd System Logs) . This section includ es the follo wing functions: G eneral , Net work Interface , M anagement , GRE T unnel and CA PW A P . (a) 7.1.1 General Sys[...]

  • Page 38

    38 1) Enable NTP : By selecting E nabled N TP , EAP-20 0 can synchr onize its system time with the NTP server automatica lly . While this m ethod is chos en, at least one NTP server's IP address or domain name must b e provided. NTP Time Con figuration Fields Generally netw orks would have a common NTP server (internal or external). If there i[...]

  • Page 39

    39 (b)7.1.2 Network Interf ace On this pa ge, the network settings of the d evice can be configure d; fields w ith a red ast erisk (i.e. IP Address , Netm ask , Defa u lt Gate w ay , and Primar y DNS Server ) are mandatory . Network Settin gs Page • Mod e: Determine t he way to obtain the IP address, by DHCP or Stat ic .  St atic: T he adminis[...]

  • Page 40

    40 (c) 7.1.3 Management The manage m ent service s (e.g. VLA N for Management , S NMP , and Sy stem log ) can be con f igured here. Management Se rvices P age • VLA N for Management : W hen it is enabled, mana gement traffics from the s ystem will be t agged with a VLAN ID. I n other words, administrator who wants t o access the W MI must send ma[...]

  • Page 41

    41 • SN M P C onfiguratio n: By enab ling SNMP funct ion, the ad m inistrator can obta in the system i nformation remotely . SNMP Configuratio n Fiel ds  Enable/ Dis able: Enabl e or Disa b le this funct i on.  Community String: T he com munity str ing is required w hen accessin g the M anagement In f ormation Base (MIB) of the syste m . o [...]

  • Page 42

    42 (d) 7.1.4 GRE Tunnel When GRE tu nn el is creat ed between EAP-200 an d the controller , EAP-200 ca n be logically deploy e d into the Controller’s managed network reg ardless of it s physical locati on. If the t unnel is created from WHG seri es controllers, a l l of the conf iguration sho uld be performed on the Controller side. I t is meani[...]

  • Page 43

    43 (e) 7.1.5 CAPWAP CAPWAP is a st andard interoperabl e protocol t hat enab les a controller to manage a collection of wireles s access points. There are 5 ways of discovery , DNS SRV, DHCP opt ion, Broad cast, Multicast, and Stat ic.  Certificate D ate Check : T o enable th i s item, se lect Enable and click Ma n age Certi ficates to ent er th[...]

  • Page 44

    44 Manage Certi ficates[...]

  • Page 45

    45 Section 7.02 7.2 Wireless This section i ncludes the following funct ions: V A P Overview , Gener al , V A P Configuration , Securi ty , Repeater , A dvanced , Access Control , and Sit e Survey . EAP-200 supports up to eight V i rtual Access Points ( V APs). Each V AP can have it s own settings (e.g. ESSID, VLAN ID, se curity settings, etc.). W [...]

  • Page 46

    46 • State: The hyperlin k showing E nable or Dis able co n nects to the VA P Configuration page. VAP – State Page • Security Ty p e: The hyper l ink showing the secur ity type connects to the S ecuri ty Setti ngs Page. VAP – Security T ype Pag e[...]

  • Page 47

    47 • M AC A C L: The hyper link showi ng Al low or Disable connects to the A ccess C ontrol S ettings Pag e. VAP – MAC ACL Page • Advanced Settin g s: The ad vanced set tings hy perlink con nects to the A dvanced Wireless S ettings Page. VAP – Advanced Settings Page[...]

  • Page 48

    48 (b)7.2.2 General AP’s general wirel e ss settings ca n be configured her e: AP General Settin gs Pag e • Band : Select an ap propriate wireless ba nd : 802.1 1b , 802.1 1g , 802. 1 1b+802. 1 1g , 802.1 1g+802. 1 1n or select Disabl e if the wire less function is not r equired.  Pure 1 1n: Enable 802.1 1 n network only . • Short Preamble[...]

  • Page 49

    49 from the access point. **Due to RF reg ulation in dif f erent natio ns, availab le values in the above t able will differ . Table 2 RF Configuratio ns (under n ormal ci rcumstances i n certain countries ) Band Channel Rate Power Disable N/A N/A N/A 802.1 1a 36, 40, 44, 48, 52, 56, 60, 64, 100, 104, 10 8, 1 12, 1 16, 120, 124, 12 8, 132, 136, 140[...]

  • Page 50

    50 (c) 7.2.3 VAP Configuration This section prov i des conf iguration of ea ch Virt ual Access Point w ith settings s uch as Profile Name , ESSID , and V L AN ID . VAP Configu ration Page T o enable specific V AP , se l ect the V AP fro m the drop -down list of Pr ofile Name. The basic settings of eac h V AP are collected in the profile a s follows[...]

  • Page 51

    51 (d) 7.2.4 Security EAP-200 sup ports v arious wireless authe n tication and data e n cryption methods in e ach V AP profile. With this, t he adm inistrator can prov i de dif ferent serv i ce le vels to cl ients. The sec urity type includes None , WEP , 802.1X , W P A-PSK , and W P A-RA D IUS . • None : Authenticat i on is not requi red and d a[...]

  • Page 52

    52  802.1 1 A uthentication: S el ect from O pen System , Shared Key , or A uto .  WEP Key Length: Select from 64-bit , 128-bit , 152-bit key length.  WEP Key Format: Select from ASCII or Hex for m at for t he W EP key .  WEP Key Index: Select a k ey index fr om 1 ~ 4 . The W EP key index is a numb er that specifies wh ich WEP key will [...]

  • Page 53

    53 o Accounting Port: The p ort number used by the RADIU S server for ac counting purposes. S pecify a port number or use the default, 1813. o Accounting Interim U p date Interval: The sy stem will update acco unting inform ation to t he RADIUS serv er every interval period. • WPA -PSK: WPA-PSK ( Wi -Fi Protecte d Access Pre-shared Key) is a pre-[...]

  • Page 54

    54  WP A-RA DIUS: If th is opti on is se lected, the RADIU S auth entication and dat a encrypt ion w ill be both enabled. Security Settin gs: WPA-RADIUS  WP A Settings: o Cipher Suit e: Select an e ncryption method from T KIP (WP A) , AES ( WP A) , TKI P (W AP2) , AES (WAP2) , or Mixed . o Group Key U pd ate P eriod: The t im e interval for t[...]

  • Page 55

    55 (e) 7.2.5 Repeate r T o extend wireless n etwork coverage, EAP-2 00 sup ports 3 options of R epeater t ype, None , W D S or Universal Rep ea ter ; se lecting None w ill turn of f this function.  Universal Repeater If Universal R epeater is selected, please prov i de the SSI D of upper-bou nd AP for up l ink connect i on; Security T ype ( None[...]

  • Page 56

    56  WDS If WDS i s selected, EAP-200 can su pport up to 4 W DS l inks to its peer APs. Security T ype ( None , WE P , or WP A/ P SK ) can be conf igured to dec i de which en cryption to be used for WDS connect ions respectively . Please fill in remote peer ’s MA C address and c l ick SA VE to p roceed; i f setting revis ion is necessary , CLE [...]

  • Page 57

    57 (f) 7.2.6 Advanced The advanced w ireless se ttings for the EAP-200’ s V AP (V irtual A ccess Point) profiles al l ow custo m ization of data transmission settin gs. Th e administrat o r can t une the followi ng p arameters to improve net work communicatio n perfor mance if a poor co n nection oc curs. Advanced Wi reless Settin gs Page • RTS[...]

  • Page 58

    58 • WMM: T he default is D isable. W i-Fi Multimed i a ( WMM) is a Quality of Service ( QoS) feature t h at prioritizes w ireless dat a packets based on four acce ss categories: voice, video, best ef fort, and background. Applications without WMM and app lications that do not requ ire QoS are assigned to the best-ef f ort categ ory , which recei[...]

  • Page 59

    59 (g) 7.2.7 Access Control On this pa ge, the network administrator ca n restrict the tot al number o f client s connected t o the EA P-200, as well as spe cify p articular MAC addresses t ha t can or cannot acces s the device. Access Control Settings Page • Maxim um Numb er of Clients EAP-200 sup ports v arious methods of aut henticatin g clien[...]

  • Page 60

    60 • A ccess Control Type The administrator can rest rict the wireless ac cess of client devices bas ed on their MAC addr esses.  Disable A ccess Control : W hen Disabl e is selected, there is no restriction f or client devices to access the sy stem.  MAC ACL A llow List: W hen selecting M AC ACL All ow List , only the client d evices (iden[...]

  • Page 61

    61  MAC ACL De ny Li st: When selecti ng MAC A C L Deny List , all client devices are granted w ith access to t h e system exc ept those listed in the Den y List ( “denied MAC addr esses”). The administrator ca n allow any denied M AC address t o connect t o the syst em temporari ly by checking Disable . Deny List[...]

  • Page 62

    62  RADIUS ACL: Authe nticate i ncoming MAC addres ses by an external RADIUS. W hen RA DIUS ACL is selected, a ll incoming M AC addre sses will be aut henticated by an externa l RADIUS. Pl ease note that each VAP’s MAC ACL and its security type (shown on the Securi ty Settings page) share the same RADIUS config uration. RADIUS ACL[...]

  • Page 63

    63 (h) 7.2.8 Site Survey Sit Survey is a useful tool to prov ide information about the surrounding w ireless env ironment; av ai lable APs are shown w ith their respect ive SSID, M AC Address, Chann el, Rate sett ing, Signal re ading, and Security type. The administrator can clic k Setup or Co nnect to con fig ure the wireless connect ion according[...]

  • Page 64

    64  W P A-PSK: C lick Setup to con f igure the W P A-PSK s etting for associat i ng with the target AP . The following c onfiguration box wi ll then appear a t the bott om of the scr een. I nformation provided here mu st be co nsi stent with the secur i ty sett ings of the t arget AP .[...]

  • Page 65

    65 Section 7.03 7.3 Firewall The syste m provides an a dded secur i ty feature, Layer2 Firew all, in addit ion to ty pica l A P s ecurity . Layer2 Firewall of fers a firewall funct i on that is t ailored specifically f or Layer2 t raff ics, providing an other choic e of shield against possible se curity threats coming fro m/going to W LAN (AP inter[...]

  • Page 66

    66 >>T o delete a specif ic rul e, Del in Settin g column o f firewall list will lead t o the followin g page for re moval confir mation. After SA VE button is clicked and syst em reboot, the rule wi l l be remov ed. >>T o edit a speci fic rule, Ed in Setting column of f irewall list will lead to t he following p age for deta i l conf i[...]

  • Page 67

    67  VLAN ID (when Ether T ype i s 802.1 Q ) : The VLAN I D is provided to a ssociate with certain VLAN-t a gging traf fics.  Priority (when Et herT ype i s 802.1 Q ) : It denotes the priority level with assoc i ated VL AN traf fics.  Encaps u lated T ype (when EtherT ype is 802. 1 Q ) : It can be used to indic ate the ty pe of encapsul a t[...]

  • Page 68

    68 Please ma k e sure all des ired rules ( state of rule) ar e checked and sa ved in o verview page; the rule will be enforced upon sy stem reboot.[...]

  • Page 69

    69 (b)7.3.2 Service The ad m inistrator can add or delete firewall serv ice here; the services i n this list will be come options to choose in firewall ru le (when Ethe rT ype is IPv4). EAP-200 prov i des a list of rules to bloc k or p a ss traf fics of layer-3 or ab ove protocols. These servic es are available to choose fro m dr op-down list of la[...]

  • Page 70

    70 (c) 7.3.3 Advanced Advanced firew all settings are used to supplement t he firewall rules, prov i ding extr a security enha n cement against DHCP and ARP traf fics traversing the av ailable interfaces of sy stem.  T rust Interfa ce : Each V AP interface can be checke d individually to mar k as trusted inter faces; security e nforcements on DH[...]

  • Page 71

    71 Section 7.04 7.4 Utilities The administrator can m aintain th e system on t his p age : Change Pa sswor d , Backup & R estore , Sy stem Upgrade , R eboot and U pload Certificate . (a) 7.4.1 Change P assword T o protect the W eb Ma n agement Int e rface fro m unauthorized a ccess, it is highly reco mm ended to c hange the administ rator ’s [...]

  • Page 72

    72 (b)7.4.2 Backup & Restore This function is u sed to backup and rest ore the EAP-200 sett ings. The EAP-200 can a lso be restored t o factory defau l ts us ing this function. I t can be used to duplicate settings t o other access p oints (backup settings of thi s system a nd then r estore on anot her AP). Backup & Resto re Page • Reset [...]

  • Page 73

    73 (c) 7.4.3 System Upg rade The EAP-200 p rovides a web firmware upload / upgrade feature. The admini strator can download t he latest firmware from the w eb site and sav e it on the a dmi nistrator’s PC. T o upgrade the syste m firmware, click Browse to choose the new firmw are file y o u downloaded o nto your PC and then c li ck Uploa d to exe[...]

  • Page 74

    74 (d) 7.4.4 Reboot This function al l ows the adm inistrator to restart the EAP-20 0 safely . The process shall t ake about three minutes. Clic k Reboot t o restar t the sy stem . Please w a it for the blinki ng timer t o complete its c ount down before access i ng the syst em’s W eb Manag ement In terface aga in. The System Overview page will a[...]

  • Page 75

    75 (e) 7.4.4 Upload Certificate This function is u sed to setup the adv an ced configur ation for the CAP WAP to manage Cert ificates.  Certificate: It provides Certificate security for CAP WAP to ensures the safe ty between A ccess Controller and WAP .  Use Default Certificate: C lick Use Default Cert ificate t o use the defa ult certificate[...]

  • Page 76

    76 Section 7.05 7.5 Status This p age is used t o v iew the cur rent condition and state of th e system and includes t he following functions: Overv iew , Associated C lient s , Repeater an d Event Log. (a) 7.5.1 Overview The Sy stem Overview pa ge provides an overview o f the system st atus for the admin i strator . System Ove rview Page[...]

  • Page 77

    77 Table 3 Statu s Page's O rganization al Layout Item Description System System Name The syste m name of the EAP-200. Firmware V ersion The present f irmware ver sion of the EAP-200 Build Number The present f irmware bui ld number of the EAP-200 Location The location o f the EAP-2 00. Site The site of the EAP-200 Device T ime The syste m time[...]

  • Page 78

    78 (b)7.5.2 Associated Clients The administrator can re motely oversee the st atus of all assoc i ated client s on this page. When a low SNR is found here, the admin istrator can tune the corres ponding paramet ers or inv estigate the settings of associated cl ients to improv e network communicati on perfor mance. Associated Cli ent Status Page •[...]

  • Page 79

    79 (c) 7.5.3 Repeater The administrator can rev i ew detai l ed informat i on of t he repeater funct io n on this p age. Information of repeater ’s st atus, mode and encryption is pr ovided. Repeater Stat us Page[...]

  • Page 80

    80 (d) 7.5.4 Event Log The Event Log provides t he records of sy stem activ ities. The administrator ca n monitor the system st atus by checking t his log. Event Log Page In the log each lin e repres ents an event record; in e ach line, there ar e 4 fields: • Date / Time: T he time & d ate when the event hap pened • Hostname: Indi cates whi[...]

  • Page 81

    81 Section 7.06 7.6 Online He lp The Help but ton is at the upper right corner o f the display screen. Click Help for t he Onlin e Help window , and then click the hyperlink o f the rele vant informat ion needed. Online Help Co rner[...]