Proxim ORiNOCO AP-2500 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Proxim ORiNOCO AP-2500, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Proxim ORiNOCO AP-2500 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Proxim ORiNOCO AP-2500. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Proxim ORiNOCO AP-2500 should contain:
- informations concerning technical data of Proxim ORiNOCO AP-2500
- name of the manufacturer and a year of construction of the Proxim ORiNOCO AP-2500 item
- rules of operation, control and maintenance of the Proxim ORiNOCO AP-2500 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Proxim ORiNOCO AP-2500 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Proxim ORiNOCO AP-2500, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Proxim service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Proxim ORiNOCO AP-2500.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Proxim ORiNOCO AP-2500 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    ORiNOCO AP-2500 User Guide[...]

  • Page 2

    2 Copyright © 2003 Prox im Corpora tion. All rights reser ved. Covered by one or more of the followi ng U.S. patents: 5,231,63 4; 5,875,179 ; 6,0 06,090; 5,809, 060; 6,0 75,81 2; 5,077 ,753. This use r ’s guide and t he softw are des cribed i n it a re copyright ed wit h all r ights reserve d. No part of t his pu blication may be reprod uced, tr[...]

  • Page 3

    3 ORiNOCO AP-2500 User Guide Content s 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Int roducing the AP-2500 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Overview of Product Features . . . . . . . . . . . . . . . . . [...]

  • Page 4

    4 Contents Configure Net work Names for the Wirele ss Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 Configure the Ethernet Int erface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Set WEP Encryption f or each Wi reless Int erface . . . . . . . . . . . . . . . . . . . . .[...]

  • Page 5

    5 Contents Disabling the AP’s DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 IP Upsell . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 DNS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]

  • Page 6

    6 Contents Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 S p ecial Co nsidera tions Reg arding VPN Support . [...]

  • Page 7

    7 Contents Autho rized Su bscr ibers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 Authorized S ubscribers T able and th e Current S ubscribers T abl e . . . . . . . . . . . . . . . . . . . . 154 Manually Adding a S ubscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [...]

  • Page 8

    8 Contents Client Con nection Pr oblems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 5 Client Ma nager Finds No Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 Client P C Card Does Not Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]

  • Page 9

    9 Contents Command Line Inter face (CLI) V ariations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186 Bootload er CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186 CLI Command T ypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [...]

  • Page 10

    10 Contents Set the Mu lticast Rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3 Set Etherne t S peed and Transmission M ode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203 Set Interfac e Managem ent Servic es . . . . . . . . . . . . . . . . . . . . . . . . . . . [...]

  • Page 11

    11 Contents URL Filtering Paramet ers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221 URL Filterin g IP T able . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 21 URL Filterin g DNS T able . . . . . . . . . . . . . . . . . . . . . . . [...]

  • Page 12

    12 External Aut hentication Procedur e (Detai led) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240 Sample X ML Commun ications wi th the AP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241 C Credit Card I nterface Spe cification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242 Da[...]

  • Page 13

    13 ORiNOCO AP-2500 User Guide 1 Intr oduction In This Chapter • Introduc ing the AP-2 500 • Overvi ew of Product Features • The P rod uct Packa ge • Minimum System R equirem ents • Manage ment an d Monitori ng Capabilitie s • Act ive Et hern et Intr oducing the AP-2500 The ORiNOCO AP-2500 is an al l-in-one wireless ac cess point and acc[...]

  • Page 14

    14 Intr oduc tion • Outgoing e-m ail (SMTP) Redirect ion: Y ou ca n con figure the AP-2 500 to redirect o utgoin g e-ma il mess ages to a specified Simple M ail Transfer Prot ocol (SM TP) ser ver . Subscrib ers can send e -mails as if they w ere con nected to the ir home ne twor k. See SMTP Redirect ion fo r detai ls. • VPN Pass through: T he A[...]

  • Page 15

    15 Intr oduc tion One of th e key feat ures o f DA T is a t ech nique known as Network Ad dress Translation (NA T) . NA T is an Internet standard tha t allows a dev ice (like the AP-2500) to u se a single pu blic IP addres s to provide Internet connectivit y to multiple devices (which wou ld otherwi se each need to have its ow n public IP ad dress [...]

  • Page 16

    16 Intr oduc tion Networking Features The AP-250 0 provid es wireles s access to the Internet for hotspot su bscriber s. This mea ns that your custom ers can surf the In ternet and send e-m ails from a nywhere w ithin rang e of the Access Point with out having to install extra wi res or ca blin g. Figure 1-2 Sampl e AP-2 500 Hotspot Confi guration [...]

  • Page 17

    17 Intr oduc tion 802.11a and 802.11b Networks The AP-250 0 supports both the IEEE 80 2.1 1a and 802.1 1b standar ds. The AP-25 00 can be use d with the following combinat ions of 802 .1 1 a and 802. 1 1b rad io cards : • One 802.1 1b card ( second sl ot empty ) • One 802.1 1a 5 GHz up grad e kit (secon d slot empty ) • T wo 802. 1 1b cards ?[...]

  • Page 18

    18 Intr oduc tion List of Networking Featur es The IEEE standards tha t governs w ireless communi cations ar e different for the 2. 4 GHz band and the 5 GHz band. The table belo w compares the software featur es suppor ted for each type of ca rd in the AP-2500 device: *This feature is not available if y ou are using an OR iNOCO 802.11a/b Com boCard[...]

  • Page 19

    19 Intr oduc tion The follow ing table provi des detailed infor mation o n the differences between t he 802.1 1a and 802 .1 1b f eature sets. 2.4 G Hz (802.11b) 5 GHz (802. 1 1a) Physi cal Layer T ype (Modul ation Typ e) DSSS (Direct Seq uence Spread Sp ectrum) ODFM (Orthogon al Freque ncy Division Mu ltiplexin g) Auto Ch annel S elect enable (defa[...]

  • Page 20

    20 Intr oduc tion The Product Package Each AP-2500 comes with the following: • AP proces sor modul e • AP cover • Mount ing plate • Mount ing hardwar e – Four 3.5 mm x 40 mm sc rews – Four 6 mm x 35 mm plug s • One powe r supply (if you purcha sed the Powe r Supply mo del) • One p ower co rd (if you pu rchased the Power Supply model[...]

  • Page 21

    21 Intr oduc tion W eb Br owser Inter face The Web Browse r interface (also kno wn as the HTTP i nterface ) provides easy acces s to configura tion setti ngs and network statistics from an y comp uter in the ne twork. Us e the Web brows er interfac e throug h your LAN (switch, hub, etc.), over the Internet , or with a “cros sover” E thernet ca [...]

  • Page 22

    22 Intr oduc tion The Nomadix MIB con trols the followin g settings: • All of the Publ ic S pace features found unde r the PublicSpace and Subscrib er head ings w ithin t he Web browser interface (describe d in Publ ic S pace Pa rame ters ). • The fo llowing Network p arameters: — IP Co nfiguration — DHCP Server — DNS Serve r — RADIUS ?[...]

  • Page 23

    23 ORiNOCO AP-2500 User Guide 2 Instal lation & Basic Co nfigurati on In This Chapter This c hapter d escribe s how to ins tall the AP -2500 hardwa re a nd per form ba sic co nfigurati on oper ations. • Prerequi sites • Hardware Inst allati on • Initializ ation (ScanT ool) • Basi c Co nfig urati on • Downl oad the Late st Software •[...]

  • Page 24

    24 Installation & Basic Configurati on Hardwar e Installation Refer to th e steps below that corres pond to yo ur configu ration: • AP-2500 with Active E thernet • AP-2500 with Pow er S upply • Insta lling a Card in Slot B • 5 GHz Kit I nstallation • Ins ta llin g the AP -250 0 in a Pl enum AP-2500 with Acti ve Ether net Follow these [...]

  • Page 25

    25 Installation & Basic Configurati on NOTE If you wan t to install a second 802.1 1 b wirele ss card in Slot B, you will first need to rem ove the slot cover (which is pr ovided for plenum-rat ing purpos es). See Inst alli ng a Card in Slot B for instr uctions. If y ou want to install a 5 GHz ki t, see 5 GHz Kit Inst allation . 3. Conne ct one[...]

  • Page 26

    26 Installation & Basic Configurati on AP-2500 with Power Supply Follow these inst allation st eps if you purc hased an AP with a power su pply: 1. Clip t he power supply int o the mounting brac ket. 2. Plug the AC power cor d into the powe r supply . Figur e 2-5 Inst all the power su pply 3. Slide the AP module ont o the mount ing bracke t. Ma[...]

  • Page 27

    27 Installation & Basic Configurati on Figur e 2 -7 Slid e a PC C ard i nto th e AP NOTE If you wan t to install a second 802.1 1 b wirele ss card in Slot B, you will first need to rem ove the slot cover (which is pr ovided for plenum-rat ing purpos es). See Inst alli ng a Card in Slot B for instr uctions. If y ou want to install a 5 GHz ki t, [...]

  • Page 28

    28 Installation & Basic Configurati on NOTE Proxim reco mmends that you perf orm a Site Survey p rior to determi ne the inst allation locati on for your AP-2500. For informa tion about how to condu ct a Site Survey , contact yo ur local rese ller . 10. Once yo u have ch osen a final location for your unit, m ount the wall bracke t and the proc [...]

  • Page 29

    29 Installation & Basic Configurati on Figure 2-1 1 Remo ve the A P cover 4. Remove the powe r and Ethern et cables from the unit. 5. Position the antenna adapter, card inward, fa cing the top of the unit (see di agram) an d insert th e 5 GHz card into the avail able card sl ot. Figure 2-12 Insert card 6. Angle the an tenna ada pter slig htly u[...]

  • Page 30

    30 Installation & Basic Configurati on 8. Position the antenna for best rec eption: • at a 90° angle for flat surfac e moun ts • at a 180° ang le for wall m ounts 9. Re-attach th e power and Ethernet cab ling. 10. Re-ins tall the cove r and moun t the AP bac k in place. 1 1. Re-conn ect the po wer suppl y to the pow er source or the Ether[...]

  • Page 31

    31 Installation & Basic Configurati on Initialization (ScanT ool) ScanT ool is a sof tware utility that is inclu ded on the inst allation CD-ROM. The to ol automatically dete cts the Access Poi nts installed on your netwo rk, regard less of IP ad dress, an d lets you config ure each un it’s IP settings. In addition , you can use Sca nT ool to[...]

  • Page 32

    32 Installation & Basic Configurati on 7. Locate the MAC add ress of the AP y ou want to ini tialize with in the Scan List . NOTE If your Acce ss Point does not show up i n the Scan L ist, click the Rescan bu tton to upda te the disp lay . If the unit still doe s not appea r in the list, se e T roubl eshoot ing for sugg estions. Note that after[...]

  • Page 33

    33 Installation & Basic Configurati on Basic Configuration Once yo u have a valid IP Address assigned to your AP-25 00 and you ca n commu nicate w ith it over an Ethe rnet network , use you r web bro wser to c onfigure the AP-25 00. This se ction desc ribes h ow to perfo rm som e basic function s and conf igure some of the AP’s bas ic setting[...]

  • Page 34

    34 Installation & Basic Configurati on Figure 2-17 Ente r Netwo rk Passw ord Figure 2-18 W eb In terf ace’s System S t atus S creen[...]

  • Page 35

    35 Installation & Basic Configurati on Set System Name, Location and Contact Information Figure 2-19 System Config uratio n 1. Click C onfi gure > System . 2. Enter a na me for the A P , its locat ion within yo ur networ k or its physical l ocation (s uch as “Fro nt Lobby ” or Enginee ring), and th e name, phone num ber , and e-ma il add[...]

  • Page 36

    36 Installation & Basic Configurati on Figure 2-20 Netwo rk IP C onfigura tion Config ure Network Names for the Wireless Interfaces During bo ot-up, the AP au tomat ically dete cts the numbe r and type of radi o cards ins talled and upd ates the wireless configur ation param eters accor dingly . Many of the w ireless settings can be left at the[...]

  • Page 37

    37 Installation & Basic Configurati on Config ure the Ethern et Interface 1. Click C onfi gure > Interfaces > Ethernet . 2. Set the Speed and Transmission Mo de for the A P’s Ethernet inter face. • This is the s peed and dup lex at which the AP com municat es with your Ethe rnet net work. By def ault, the AP autom atically detec ts th[...]

  • Page 38

    38 Installation & Basic Configurati on 5. Select the Key that the Access Point will use to encrypt outgoing data from the E ncrypt Data T ransmi ssions Using drop-dow n menu. By default, th is parameter is se t to Key 1. 6. Repea t these steps f or the second slot ( if appl icable). 7. Click OK . 8. Reboot the AP fo r these chan ges to t ake ef[...]

  • Page 39

    39 Installation & Basic Configurati on NOTE For security purpos es Proxim recom mends that you ch ange ALL P ASSWORDS from the d efault “public” immedi ately to rest rict acce ss to author ized per sonnel. If yo u lose or for get your password setti ngs, you can always pe rform the R eset to Fact ory Defaul t Procedure . Configur e the Date[...]

  • Page 40

    40 Installation & Basic Configurati on Reboot the AP Most of the AP’s co nfigurati on setting s take effect immedia tely; they do not require a reboot. How ever , som e parameter s do a require a reboot befo re they take effect. Th erefore, reb oot the AP after con figuring th e basic se ttings to ensur e that all of your change s take effect[...]

  • Page 41

    41 Installation & Basic Configurati on Download Updates fr om your T F TP Server us ing the CLI I nterface 1. Downl oad the late st software at http://www .proxim. com/ . 2. Copy the la test softwar e updates to your TFTP server . 3. Open t he CLI inter face via T elnet or a se rial conne ction. (Se e Using th e Comma nd Line Inte rface for mor[...]

  • Page 42

    42 Installation & Basic Configurati on Downloading Con figuration Files Follow these step s to download confi guration files to the AP: 1. Copy co nfig.sys and current.txt to yo ur TFTP serv er ’s root director y (if neces sary). 2. Login to th e AP’s Web browser inte rface. 3. Click Comman ds > Downloa d . 4. Enter the IP address of the[...]

  • Page 43

    43 ORiNOCO AP-2500 User Guide 3 AP-2500 Au thentication Methods The AP-250 0 is a versat ile Access Po int for hotspot lo cations th at suppo rts multiple authe ntication methods. The unit includes all of the feat ures nec essary for a user to set up a h otspot quickly and easil y withou t requiring s ervers or advanced Web desig n skills. The AP-2[...]

  • Page 44

    44 AP-2500 Au thentica tion Methods Intern al Authentication In this con figuratio n, the AP-250 0 provid es all authent ication services to sub scribe rs using its Inter nal Web Server (IWS). Th is is the easi est configur ation to des ign and im plement but it offers limited fun ctionality . The fo llowing diagra m illustr ates a netw ork topo lo[...]

  • Page 45

    45 AP-2500 Au thentica tion Methods NOTE If you wan t to provide th e user with t he ability to lo g in or out of the c onnection , you need t o use a RADI US server . See Internal Authentication with RADIUS for det ails. End User Experience The fo llowing procedu re details the ex perienc e of the typi cal cus tomer i f you configu re the AP-250 0[...]

  • Page 46

    46 AP-2500 Au thentica tion Methods • Y ou can disable the AP’s DHCP server if there is another DHCP server that you want to use instead . See Disabling the AP’ s DHCP Server for details . 4. Config ure IP Upsel l , if desi red. See IP Up sell for d etai ls. • In general , it costs more to ob tain public IP ad dresses from your ISP du e to [...]

  • Page 47

    47 AP-2500 Au thentica tion Methods NOTE Advanced users can al so mana ge the AP from a networ k comput er using XM L comm ands (tasks suc h as adding an d deleting users). See AAA Basic for conf iguration informat ion and XML Interfac e Specification for informat ion on XML comm ands. 12. Click OK to s ave your changes to t he AAA settings. 13. Cl[...]

  • Page 48

    48 AP-2500 Au thentica tion Methods 17. If you wan t to char ge custome rs for ac cess time via credit car d, config ure the Credit Card Services options. • Y o u need an account with a credit ca rd service provide r to use this feature. • The AP-2 500 works with the foll owing cre dit card provi ders by de fault: — Datace nter Luxem bourg (i[...]

  • Page 49

    49 AP-2500 Au thentica tion Methods • If you wan t all outgoin g mail traffic redir ected to the specifie d server , enable b oth the M isconfigu red and Properly Configured option s. Misconfigu red refers to subscrib ers whose e-mail se ttings are incompatibl e with the AP -2500’s Intern et settings (in other wor ds, thes e email se ttings may[...]

  • Page 50

    50 AP-2500 Au thentica tion Methods 6. Confi gure the Amoun t Paid field, if d esired. The AP au tomat ically fills in this f ield after a s ucces sful cre dit card pu rchase. 7. Confi gure the opt ional User Alias fields, if desi red. These ar e for notes only and do not have an im pact on the au thentica tion proce ss. 8. Confi gure the Upstre am[...]

  • Page 51

    51 AP-2500 Au thentica tion Methods Intern al Authentication with RADIUS In this con figuration, the AP-25 00 provides all of the aut henticati on services describ ed in Internal Authe ntication , but it also communica tes with a Remote Authentic ation Dial-In User Service (RADIUS) server on the network to determine if a user is v alid. RA DIUS i s[...]

  • Page 52

    52 AP-2500 Au thentica tion Methods 3. Client sends AP its login c redent ials (Us er nam e/passwor d or MAC address ). 4. AP chec ks i ts Authoriz ed Subscr ibers T able. If the client is not listed , the AP forwards the authenticatio n request to the RADIUS server . 5. The RADI US serv er authent icates the user base d on the clien t’s login cr[...]

  • Page 53

    53 AP-2500 Au thentica tion Methods 1. Install the RA DIUS ap plication on your net work serv er , if necess ary . • IAS is include d with Wi ndows 200 0 Serve r . If yo u want to in stall IAS, follow these steps: 1. Click Start > C ontrol Panel . 2. Doub le-click the Add /Remove Programs icon. 3. Click th e Add/Remove Wind ows Co mponents opt[...]

  • Page 54

    54 AP-2500 Au thentica tion Methods 16. Retur n to the Internet Au thentica tion Serv ices window and right- click the Remote A ccess Policies entr y in the na viga tion tree. 17. Selec t New Remote Access P olicy f rom th e dr op-do wn men u. 18. Enter a Policy friendly name in the field provide d and cli ck Next . 19. Click Add . 20. Selec t Wind[...]

  • Page 55

    55 AP-2500 Au thentica tion Methods Configure the AP- 2500 After you have installed and con figured yo ur RADI US server, you need to conf igure your AP to commun icate wit h the RADIUS server and provide internal aut henticatio n. Follow thes e steps: 1. Configur e the AP-2500 t o use its Internal Web Server for authent ication. See Internal Au th[...]

  • Page 56

    56 AP-2500 Au thentica tion Methods 5. Config ure the Retrans mission Options . • Select a Retran smissi on Me thod . Thi s opt ion i s on ly v alid if yo u hav e conf igu red s etti ngs f or a Secon dary Server . — Fail ove r: The AP make mult iple attempts to reac h the Primary Server . If the Prima ry Server fails to respo nd (after the spec[...]

  • Page 57

    57 AP-2500 Au thentica tion Methods • Place a che ck mark i n the Send NA S Port T ype box if you wan t to includ e the port typ e in the messa ges sen t to the RADIUS server . • Set the NAS Port T y pe to 19 if y ou enab led Se nd NAS Port T ype . — Port T ype 19 cor responds to a co nnection ma de over an IEEE 802.1 1 Wireless networ k. See[...]

  • Page 58

    58 AP-2500 Au thentica tion Methods Exte r nal Authen ticat ion The Externa l Web Server (EWS) interf ace was des igned fo r custome rs who wan t to develo p and use the ir own content. It allow s for more c ustomiz ation than if us ing the Internal Web Serv er (IWS ). By u sing a n EWS ( Extern al Web Server) you can aut henticat e subs criber s e[...]

  • Page 59

    59 AP-2500 Au thentica tion Methods • The cu stomer m ust try to acce ss a val id Web sit e to initiat e a redir ect. En tering an unreac hable UR L or inv alid Web ad dress will not initiate a red irect to the Ex ternal port al page. • Custom ers who try to access e-mail first w ill not have a connec tion. Custom ers need to login vi a a Web b[...]

  • Page 60

    60 AP-2500 Au thentica tion Methods • Some app licatio ns require a public IP add ress to func tion prope rly over th e Internet (such as ce rtain VPN applicati ons, on-line gaming, a nd Web hostin g). Customers who requi re a public IP a ddress may be willin g to a premium for this ser vice. • The subsc riber ’s wire less card must be config[...]

  • Page 61

    61 AP-2500 Au thentica tion Methods 22. Click t he AAA Port tab and con figure the AAA Passthro ugh Port set tings, if appl icable. For ex ample, if you ar e redirecti ng custom ers to a secur e HTTPS page, you should set the AAA Passt hrough Port for port 443. See Passthrou gh AAA Port . 23. If you plan to limit su bscribe r bandwidth or offer mul[...]

  • Page 62

    62 ORiNOCO AP-2500 User Guide 4 Network Parameters In This Chapter This chap ter describe s all of the network op erating param eters that can be conf igured usi ng the Acc ess Point’s Web browser interfac e (that is, the para meters acc essible after clicking the Configure butt on). • System : C onfigure specific sy stem infor mation su ch as [...]

  • Page 63

    63 Network Parameters Network The Netw ork catego ry contains fo ur sub-cat egorie s. – IP Co nfiguration – DHCP Server – DNS Server – VLAN IP Configurat ion Y ou can co nfigure an d view the following parameters wit hin the IP Configurat ion screen ( see Set the Access Point’ s IP Addr ess for st ep-by- step i nstr uctio ns): • IP Addr[...]

  • Page 64

    64 Network Parameters Overview of DHCP Server Parameters Y ou can co nfigure an d view the following parameters wit hin the DHC P Server Configuratio n screen : • Enable DHCP Server: Place a check mark in the box provided to enable DHCP Ser ver functionality . Remove the check m ark if you do n ot want the AP t o act as a DH CP server. • DHCP S[...]

  • Page 65

    65 Network Parameters Fig ure 4-1 DHC P Serv er Conf igur atio n Scr een Configuring the AP to Serve Public IP Addr esses If you have a pool of public IP a ddresses and do not want th e AP to perform NA T for subscribers wh o have DHCP client su pport enabl ed, follow these steps (n ote that thi s is not a typica l configurat ion for th e device): [...]

  • Page 66

    66 Network Parameters 5. In the Relay T ype field, s elect the type o f addresses your DHCP server will assign to subscrib ers: Public or Private . 6. In the DHCP Relay Server IP field, enter the IP address of your DHCP server . 7. Config ure the DHCP Relay Agent IP as follows: • If t he DHCP Relay Server is on t he same IP network as the AP , en[...]

  • Page 67

    67 Network Parameters Figure 4-2 En abling IP U psell 1 1. Config ure the billing plans that you want to offer . – At least on e plan sho uld offer priv ate IP addre sses and a t least one plan shou ld offer publi c IP address es (you can config ure up to si x different billing pl ans). –S e e Billing Opt ions for Su bscriber s for det ail ed i[...]

  • Page 68

    68 Network Parameters • If you use e xternal au thentica tion, you ca n add an IP_ T y pe attribute t o the User_A dd XML co mmand and specify the addr ess type (pu blic or priva te), as show n in the follow ing exam ple: <USG COMMAND=”USE R_ADD” MAC_ADDR= ”0050da554787”> <USER_N AME>joh ndoe< /USER_N AME> <P AS SWORD[...]

  • Page 69

    69 Network Parameters 4. Enter the DNS Do main na me. T his na me is prov ided b y you r ISP or ne twor k admi nist rator . 5. Enter up to thr ee DNS S erver IP addr esses in th e fields provi ded. Y ou m ust configur e at least the Primary D NS Server IP address. Th ese IP addr esses sh ould be pr ovided by you r ISP or netw ork admin istrator . 6[...]

  • Page 70

    70 Network Parameters VLAN W orkgrou ps and T raff ic Management T radi tional, dua l-slot acc ess po int devic es that ar e not VLA N-capable typically b roadcas t and m ulticast tr affic over bo th wireless cells. This pr ocess w astes wirel ess band width and deg rades throu ghput per formanc e. In compar ison, the dual-slo t, VLAN-capabl e AP-2[...]

  • Page 71

    71 Network Parameters Figure 4-5 VLAN Configuration Scr een (Wir eless A and Wirele ss T agged with Different VLAN IDs ) 1. Login to th e Web interface. 2. Click C onfi gure > Interfaces > Wire less A . 3. Set the SSID for card A. 4. Click the Wi reless B tab . 5. Set the SSID for card B (this shoul d be different from the SSID f or card A). [...]

  • Page 72

    72 Network Parameters Figure 4-6 V LAN Configurat ion Screen (Sl ot A tagge d; Slot B unta gged) 1. Login to th e Web interface. 2. Click C onfi gure > Interfaces > Wire less A . 3. Set the SSID for card A. 4. Click the Wi reless B tab . 5. Set the SSID for card B (this shoul d be different from the SSID f or card A). 6. Click Network > VL[...]

  • Page 73

    73 Network Parameters Figure 4-7 VLAN Configuration Scr een (Wir eless A and Wirele ss B Use Same VLAN ID) 1. Login to th e Web interface. 2. Click C onfi gure > Interfaces > Wire less A . 3. Set the SSID for card A. 4. Click the Wi reless B tab . 5. Set the SSID for card B (this can be the sa me SSID as c ard A). 6. Click Network > VLAN .[...]

  • Page 74

    74 Network Parameters Wireless (802.11a) Y ou can co nfigure an d view the following parameters wit hin the Wi reless I nterfa ce Confi gura tion scre en for an 802. 1 1a radi o: NOTE Y o u must rebo ot the Acc ess Point be fore any c hanges to these parameter s take effect. • Physical Interf ace T ype: This fie ld rep orts: “802. 1 1a ( OFDM 5[...]

  • Page 75

    75 Network Parameters Dynamic Frequency Selec tion (DFS) 802.1 1a devices sold in E urope use a te chniqu e called Dy namic Frequen cy Selec tion (DFS) to autom atical ly select an operat ing chann el. During boo t-up, the AP scans the availab le frequen cy and sele cts a channel that is free of interfere nce. If the AP subse quently det ects inter[...]

  • Page 76

    76 Network Parameters • Distance Betwee n APs: Set to Large , Medium , Small , Microcell , or Minicell depending on th e site surv ey for your system. By default, this parameter is set to Large . The distance val ue is related to th e Multicast Rate (descr ibed next) . In general, a larger distanc e between AP s mean s that your clients opera te [...]

  • Page 77

    77 Network Parameters • Multicast Rate: Sets the rate at which Mu lticast m essages are sen t. This v alue is r elated to the Distanc e Between APs paramete r (describ ed previou sly). The table be low displa ys the possi ble Multicas t Rates bas ed on the Distance bet ween APs s etting. By defau lt, this parame ter is set to 2 M bits/sec. See Mu[...]

  • Page 78

    78 Network Parameters CAUTION ! Y o u should con duct a Site Sur vey to determ ine the streng th of the wirele ss conne ction on the bo rders of your hotspot. Contact y our reseller for inform ation on how t o conduct a Site Survey . Multica st Rate The mult icast rate d etermin es the rat e at which br oadc ast and mu lticast packe ts are transmi [...]

  • Page 79

    79 Network Parameters Wir eless Distribution System (WDS) A Wireless D istributio n System (W DS) crea tes a link betw een two AP s over the ir radio interfa ces. This link relays traffic from one AP th at does no t have Ether net connect ivity to a seco nd AP that has Et hernet con nectivity . T wo AP-250 0s cannot establish a WD S link with each [...]

  • Page 80

    80 Network Parameters • The WD S link share s the comm unication ba ndwidth w ith the clients. Ther efore, whi le the max imum data rate fo r the Acce ss Point’s cell is still 1 1 Mbits/sec, cl ient through put will de crease whe n the WDS l ink is active . The connect ion over th e link will be s lower than if the client were commu nicating di[...]

  • Page 81

    81 Network Parameters 14. Click C onfi gure > Interfaces > Wireles s (A or B, if appl icable) to op en the confi guration screen for the r adio that will use WDS. 15. Disable Auto Channel Select if necess ary . 16. Chang e the Frequ ency Chan nel to match t he AP-2500 ’s Frequenc y Channe l, if necessa ry . 17. Scro ll down to the Wirel ess[...]

  • Page 82

    82 Network Parameters NOTE For sec urity p urposes Proxi m recom mends cha nging A LL P ASSWO RDS f rom th e defau lt “pub lic” immediat ely , to restrict acc ess to you r network devices to authorized personne l. If you lose or forget yo ur password set tings, yo u can alway s perfor m the Res et to Factory Def ault Proc edure . IP Access T ab[...]

  • Page 83

    83 Network Parameters Fig ure 4-13 Ma nage ment Se rvic es Co nfig urat ion Sc ree n T el net Co nfig urati on Set tings • T eln et Int erface Bi tmask: T o a llow ma nagemen t of the AP using the C LI ove r a T elnet connec tion, set this parame ter to Etherne t (the defaul t setting). Y ou can also selec t Disabl ed to prevent T eln et access .[...]

  • Page 84

    84 Network Parameters • Serial Dat a Bit s: This is a rea d-only fiel d and displa ys the num ber of data bits used in serial comm unicati on (8 data bits by defau lt). • Serial Parity: This is a read -only fie ld and display s the num ber of parity bits used in serial comm unicati on (no parity bits by def ault). • Serial Stop Bit s: This is[...]

  • Page 85

    85 Network Parameters • T o edi t or delete an ent ry , click Edit and c hange the inf ormation , or select Enable , Disable , or De let e from the Statu s drop-do wn men u. • An entry’s status m ust be enab led in orde r for the proto col to be subj ect to the fi lter . The default filters are all disabled b y defaul t. 2. Select th e interf[...]

  • Page 86

    86 Network Parameters • Exam ples: — If y ou set the Wired M AC A ddress to 00: 03:8F:00 :00:00 and yo u wan t to block all car ds tha t begin with 00:03:8F , enter FF:FF:FF:00:00:00 as the Wired Mask. This will block any cards whose MAC addre ss begi ns wit h th ose di git s, rangi ng fr om 00 :03 :8F:00 :00: 00 to 00:0 3:8F :FF:F F:FF . — I[...]

  • Page 87

    87 Network Parameters Alarms This c ategory has two sub -categories . – Groups – Alarm Host T able Gro ups There are seven ala rm groups tha t can be enab led or disa bled: • Enable Configuration Alar ms • Enable Security Alarms • Enable Wirel ess Alarms • Enab le Oper atio nal Al arms • Enable F lash Memory Ala rms • Enable TFTP Al[...]

  • Page 88

    88 Network Parameters Bridge A tradition al access poi nt oper ates as a tran sparent bridge b etwee n your wired an d wirele ss networki ng devic es. The AP-2500 takes t his a step fu rther and prov ides Publ ic S pace features that facilitate ho tspot operatio n (see Public S pace Featur es and Public Space Param eters for details). Y ou can disa[...]

  • Page 89

    89 Network Parameters 9. Select a n Operation T ype from the d rop-dow n menu . Thi s dete rmines how the stations identifi ed in the MA C Access C ontrol T a ble are filter ed. • If set to Passthru , o nly the addresses listed in the Control T able will pass through the AP . • If set to Block , the AP will block traf fic to or fro m the addres[...]

  • Page 90

    90 Network Parameters RADIUS • RADIUS Overview • Unique AP- 2500 RA DIUS Clie nt Features • RADIUS Messages and RADIUS Attributes • Sample RADIUS T ransmissions • RADIUS Configuration Parameters RADIUS Overview RADIUS is a proven carrier-class protocol to perform a ccurate time and volume-based billin g. The RADIUS protocols are define d [...]

  • Page 91

    91 Network Parameters Data V olume Information T ransmission ( bytes sent/re ceived) The A P’ s RADI US cl ient imple ment ati on al lows a hot spo t ope rator to a ccura tely trac k th e exac t num ber o f byt es sen t and receiv ed by a sub scriber ba sed on: •U s e r N a m e • IP addr ess ( Framed IP) • MA C addr ess of th e user (C alli[...]

  • Page 92

    92 Network Parameters Acce ss- Acce pt Pa rsin g – Reply-Me ssage • Used for ch allenge/ respons e authenticat ion; since t he AP uses th e Passwo rd Authen tication Prot ocol (P AP) for authen tication pu rposes, this attribute is no t curren tly in use. –S t a t e • Used for ch allenge/ respons e authenticat ion; since t he AP uses th e P[...]

  • Page 93

    93 Network Parameters Acct-Requ est – Usern ame – Called-Station-Id – Calling-S tation-Id – Acct-St atus-Type (S tart/St op/Al ive) – Acct-Se ssion-ID – Acc t-O utp ut-O cte ts • Number of octets (bytes) sent by sub scriber . – Acct-Inp ut-Octets • Number of octets (bytes) received by subscri ber . – Acc t-O utp ut-P ack ets •[...]

  • Page 94

    94 Network Parameters Sample RADIUS T ransmissions Thes e are ac tual accoun ting l ogs fr om a Lucen t Navi s RADIUS server with al l VSAs enabled . Accounting Start Message Thu Aug 29 12 :45:32 2 002 User -Name = “t est flo” NAS-IP -Addre ss = 64.209 .75.10 2 NAS-Port = 0 Acct-S tatu s-T ype = S tart Acct-S ession-Id = “9 800000 4” Called[...]

  • Page 95

    95 Network Parameters Accounti ng Alive Mess age Caused by Explicit Servi ce Plan Ch ange Thu Aug 29 12 :49:20 2 002 User -Name = “t est flo” NAS-IP -Addre ss = 64.209 .75.10 2 NAS-Port = 0 Acct-S tatus-T ype = Alive Acct-S ession-Id = “9 800000 4” Acct-Output-Octet s = 36440 Acct-Inp ut-Octets = 51 2195 Acct -Out put- Pack ets = 284 Acct-I[...]

  • Page 96

    96 Network Parameters RADIUS Configuration Parameters Y ou can co nfigure the AP to comm unicate w ith up to four different RADIU S server s: • Primary Authentication Ser ver • Back-up Authen tication Server • Primary Accoun ting Server • Back-up Acco unting Serve r NOTE Y o u must co nfigure the s ettings f or at least one Au thentica tion[...]

  • Page 97

    97 Network Parameters • Server IP Address: The IP addre ss of the RA DIUS serve r (separate f ields for Aut henticatio n and Accoun ting). • Server DNS Name: The DNS Name of the RADIU S server (s eparate fields fo r Authentica tion and Accounting ). NOTE Enter either the Server IP Address or th e Server DNS Name, but not both. • Server Port: [...]

  • Page 98

    98 Network Parameters • Enable RADIUS Profile Caching : When enabled , the AP ma intains the user ’s infor mation in the Current Subs crib ers T able ( S tate: Pend ing ) afte r a user log s out or times out. If th e user attempt s to re-conne ct, he can access t he service again wit hout being p rompted t o re-enter his user na me and passw or[...]

  • Page 99

    99 Network Parameters Encryption The IEE E 802 .1 1 s tandards specify an o ptional encryp tion fea ture, k nown a s Wired Equiv alent Privacy o r WEP , that i s designe d to provid e a wireless L AN with a security lev el equal to what is found on a wired E thernet ne twork. WE P encrypts the data portion of ea ch packet exc hanged on an 802.1 1 n[...]

  • Page 100

    100 Network Parameters Special Considerations Regar ding VPN Support The most co mmon VPN protoco l is IPSec. Whe n a subsc riber who ha s a private I P address (assigned vi a NA T ) attempts to cr eate a VPN se ssion, the AP-250 0 perform s a mapping betwee n the subsc riber ’s private I P address a nd the AP’s public IP address. This i s also[...]

  • Page 101

    101 ORiNOCO AP-2500 User Guide 5 Public Space Parameters In this Chapter This chap ter describe s all of the Public S pace oper ating paramet ers that ca n be configur ed using the Access Poi nt’s Web browser interface (tha t is, the para meters acc essible after clicking the PublicSp ace or Subscr iber butt on). NOTE If this is your first time c[...]

  • Page 102

    102 Public Space Parameters Home Page Redir ection (HPR) This tab is used to redirect the subscri ber ’s browser to a specifie d home page fo llowing su ccessfu l authent ication. T o redirect subscriber s to a specified page befor e authent ication, use the Portal Page featu re with interna l authenticati on (see Por tal Page ) or use e xternal [...]

  • Page 103

    103 Public Space Parameters Figure 5 -1 Home Page Redirectio n Configuration Authentication, Auth orization, and Accounting (AAA) The AP-250 0 uses AA A services to aut hentica te, authoriz e, and sub sequently bill subscribe rs for their use of the custom er ’s network. This secti on describe s the param eters that ca n be confi gured from the A[...]

  • Page 104

    104 Public Space Parameters • Enable AAA Services: Enable thi s option to supp ort any of the authent ication me thods de scribed in AP-250 0 Authentica tion Me thods . Wh en disabled, wireles s users will have a ccess to the Internet without authentic ation; this is the defa ult setting. • Enable XML Interface: Enable this option to co nfigure[...]

  • Page 105

    105 Public Space Parameters AAA Services with the Internal Web Server (IWS) This screen lets you set th e configur ation option s when au thorizing su bscrib ers using th e IWS (that is, when PublicSpace > AAA > Basic > Aut hen tica tio n M eth od is set to Intern al ). The IW S is “flashed” into the sys tem’s memo ry and the subs cr[...]

  • Page 106

    106 Public Space Parameters Creati ng SSL Keys Y ou need to downloa d three keys to the AP-2 500 before en abling SSL. Y ou mus t create two of these ke ys yours elf: a Private Key file ( cakey .pem ) and a Public Ke y file ( serve r .pe m ). Proxi m provid es the third key ( cacert .pem ), on the AP’s CD in t he SSL_KEY folder (it is also i nclu[...]

  • Page 107

    107 Public Space Parameters 8. When pr ompted , follow the on -scree n instruct ions and en ter the info rmation re quested (such as you r company’s name an d address ). • Y ou will be prompted to enter a Common Name . The Common Name is typically composed of t he Host name and Domai n Name ( taking the form of “www.company .com ” or “ssl[...]

  • Page 108

    108 Public Space Parameters 14. Click OK . • Result: The TFTP o peration b egins. A n ew TFTP Oper ation Status window opens. 15. Click Close after the TFTP operat ion is compl ete. 16. Ent er server .pem in the File Na m e fiel d. 17. Le ave File T ype set to Ge neric . 18. Se t File Operation to Download & Reboot . 19. Click OK . • Result[...]

  • Page 109

    109 Public Space Parameters Figur e 5-5 Inte rnal Auth entica tion with Portal Page The f ollo wing sec ti ons prov ide ba sic in stru ction s for us ing a Po rt al Page. Setting up a W eb Server (Micr osoft IIS ) If you have a W indow s 2000 Serv er , follow the se basic steps t o setup the I IS Web server . NOTE For detailed info rmation , refer [...]

  • Page 110

    110 Public Space Parameters Designing a Portal Pag e A Portal Page is a Web page; you can des ign it using w hatever Web desig n tools you have availab le. The Portal Page does not have to be ver y complica ted. At its most basic, th e Portal Page nee ds a link to the AP’s Lo gin page. The AP’s standard Int ernal Login page i s located at: http[...]

  • Page 111

    111 Public Space Parameters Decidi ng which sa mple is righ t for your hotspot de pends on the custom er exper ience yo u want to prov ide. The sections below de scribe how the custom er interac ts with the AP-2 500 under the followin g scena rios: – No Portal Page – HTML Portal Page – ASP Portal Pages No Portal Page 1. Custom er enters t he [...]

  • Page 112

    112 Public Space Parameters 7. Follow ing succe ssful authen ticatio n, the custo mer is red irected to th e page he origin ally request ed or to the page you speci fied in the Home Page Redirection URL fiel d (i f ena bled ; se e Home Pa ge Redire ction (HPR) ). • Y o u can us e the confir m.asp sam ple page to di splay a sec ond cust om scree n[...]

  • Page 113

    113 Public Space Parameters Figure 5-6 Po rtal Pag e Config uration 6. Click the Pa ssthrou gh ta b. 7. Place a ch eck mark in the Enable P assthrough Address b ox, if ne cessary . 8. Add the DN S names for the Web sites in yo ur walle d garden to th e Passthrough DNS T able . • Click Add . • Enter the D NS name i n the field pro vided. • Cli[...]

  • Page 114

    114 Public Space Parameters Figure 5-7 Sa mple Pa ssthrough T a bles 10. Click OK . 1 1. Click the HPR tab . 12. Plac e a check m ark in the Enab le Home Page Red irection box. 13. Ente r the Web site to whi ch you wa nt to direct custom ers follow ing succe ssful aut henticat ion in the Red irection URL field (for exa mple, http://www .y ahoo.com/[...]

  • Page 115

    115 Public Space Parameters Figure 5-8 Po rtal Pag e Config uration 6. Click the Pa ssthrou gh ta b. 7. Place a ch eck mark in the Enable P assthrough Address b ox, if ne cessary . 8. Add the DN S names for the Web sites in yo ur walle d garden to th e Passthrough DNS T able . • Click Add . • Enter the D NS name i n the field pro vided. • Cli[...]

  • Page 116

    116 Public Space Parameters Figure 5-9 Sa mple Pa ssthrough T a bles 10. Click OK . NOTE If you dis able Home Page Redirec tion, your subscrib ers will be auto matically redirecte d to the p age they originall y requested (following succes sful authe ntication ). The instruc tions b elow descr ibe how to ena ble Home Page Redi rect ion; when used i[...]

  • Page 117

    117 Public Space Parameters Figure 5-10 H PR (with Parameter Passing) 15. Click OK . 16. Click Comman ds > R eboot . 17. Click OK to r eboot the AP so y our changes will t ake ef fect. 18. T e st the Portal Page feature by t urning on a w ireless com puter and launch ing its Web browser . Note t hat the comput er must n ot be a cur rent or acti [...]

  • Page 118

    118 Public Space Parameters Figure 5-1 1 AP Co mmun icatin g with Ho tspot A ggrega tor The follow ing steps descr ibe how you should co nfigure t he AP-2500 if you are partner ed with a ho tspot aggrega tor: 1. Follow the ins tallation steps des cribed in In ter nal A uth en tica tio n and Internal Authentication wit h RADIUS . • Configu re the [...]

  • Page 119

    119 Public Space Parameters Figure 5-12 A AA Int ernal Se ttings if Ena bling Sm art Clien t 3. Click OK to s ave the settin gs. 4. Reboot the AP . User Name & New Subscribers The User Name and N ew Subscribers op tions w ork in co njunct ion to de termine who c an con nect to t he Inte rnet and what cred entials the AP uses t o authenti cate u[...]

  • Page 120

    120 Public Space Parameters Figure 5-13 Sa mple Lo gin Screen Presented to Subscrib ers Sample sce narios include: • If you are re nting car ds to cust omers, disa ble User Name and New Sub scriber s . Only cards whose MAC address es are enter ed in the Aut horized S ubscriber T able w ill have acces s to the Int ernet. • If you are ma nuall y [...]

  • Page 121

    121 Public Space Parameters 13. AP adds c ustomer to its Author ized Subscr iber s T able for th e period of time purch ased by th e customer ; the AP also add s the cust omer to the C urrent Sub scribers T able . 14. AP redirec ts customer to home page or to page sp ecified by the Home Pa ge Redirect ion featu re. 15. Cust omer acc esses the In te[...]

  • Page 122

    122 Public Space Parameters NOTE If you wan t the AP to send copies of cre dit card tran sactions to a mirrori ng server , see Credi t Card Mirroring for inst ructio ns. Cred it Card Mirr oring The AP-250 0 can sen d copies of c redit card trans action billing recor ds to extern al servers that are defin ed in the Subscri ber > Billing > Mirr[...]

  • Page 123

    123 Public Space Parameters Enabling Bill Mirroring Follow the se steps the enable bill mirr oring: 1. Login to th e AP’s Web browser inte rface. 2. Click Subscriber > Billing > Mirrori ng . Figure 5-14 Credit Ca rd Mirroring Screen 3. Place a ch eck mark in the Enab le Mi rro rin g box. 4. En te r a Pr ope rty Iden tifi ca tion cod e in th[...]

  • Page 124

    124 Public Space Parameters 9. Enter the f ollowing settings for the primary server , secon dary serv er (if any), and carbon copy serve r that will receive bi lling records from the AP: • IP: Enter the se rver ’s IP addre ss in the fiel d provided. • URL: This field i s optional. If a URL is not spe cified, the AP sends an XML packet to the [...]

  • Page 125

    125 Public Space Parameters Example of a Positive Ack nowle dgment: <AP COMMAND=”RMTLOG_ACK”> <ACK_V ALUE>OK</ACK _V ALUE> <IP_ADDR>205.23.43.12</IP_ADDR> <E RROR _COD E> 1</ ERR OR CO DE> </AP> Example of a Negative Ac knowl edgmen t: <AP COMMAND=”RMTLOG_ACK”> <ACK_V AL UE>ERROR&l[...]

  • Page 126

    126 Public Space Parameters Conf igurati on Instr uctions Follow the se steps to en able the AP ’s syslog features : 1. Login to th e AP’s Web browser inte rface. 2. Click PublicSp ace > Logging . 3. Place a ch eck mark in the Syst em L og box to enab le the logg ing of syst em mess age. 4. Place a ch eck mark in the AAA Log box to ena ble t[...]

  • Page 127

    127 Public Space Parameters Sample Logging Events • AAA Mess ages – Cr edit Card • AAA Mess ages – Int ernal Web Server – Us er Name Lo gin • AAA Messages – RADIUS • AAA Mess ages – XML • Bill Mirror • DHCP • DNS • Home Page Red irect • Other AAA Messa ges • Rebo ot Re quest s AAA Messages – Cr edit Car d AAA Message[...]

  • Page 128

    128 Public Space Parameters AAA Mess ages – XML Bill M irror DHCP Messag e Mea ning USG_AAA: 4007 AAA_Interface added_by_administrator 00:50:0 4:29:3 7:56 Exp_ time:24 hr s 0 min User ad ded USG_AAA: 4800 AAA_ XML Memory_updated_ _State_valid 00:50 :04: 29:37 :56 Upda te Ca che exe cute d USG_A AA: 40 06 AAA_I nterface Remo ved_by_ad minist rator[...]

  • Page 129

    129 Public Space Parameters DNS Home Page Redir ect Mess age Mean ing USG_DNS:ndxDNSRedirectionTable::pro cessFromNetwork(): could not get su bid This syslog su ggests that the AP cou ld not g et the subscriber associate d with a p articula r DNS redir ection request. USG_DNS: ndxDNSRedirectionTable:: processFromSubscriber(): dnsI sQuer yA( ) fail [...]

  • Page 130

    130 Public Space Parameters Other AAA Messages Reboot R equests Messag e Mea ning AAA: 4121 AAA_lookup Tried to add bl acklisted IP 210.155 .227.2 44 or MAC 00:50:E 8:00: 07:99 Attempting t o add a bla cklisted IP to subscriber table. IP is 'bl ackli sted' when its on e of t he IPs known t o not belong to a subscriber (i.e. Network/ Subsc[...]

  • Page 131

    131 Public Space Parameters URL Filtering The AP-250 0 can rest rict acces s to specif ied web site s based on URLs. U RL filterin g will block acc ess to these list of sites and/ or doma ins. Y ou ca n restric t access to sp ecific Web site s based on I P address , DNS n ame (for ex ample www .yah oo.co m ) or D NS Domai n na me (for exa mple, *.y[...]

  • Page 132

    132 Public Space Parameters URL Filtering by IP Address 1. Login to th e AP’s Web browser inte rface. 2. Click PublicSp ace > URLFilter . 3. Place a ch eck mark in the Enab le U RL Filt eri ng bo x. 4. Click the Ad d button abov e the URL Filtering by IP Address heading. 5. Enter the IP address to block in the IP Address fiel d and cl ic k OK [...]

  • Page 133

    133 Public Space Parameters ICC Appearance The I CC sc reen cont ains the follo win g ite ms: •T i t l e B a r — Appe ars at the to p of the scre en near th e Web browser name. • Ad Banner — Y ou can specify up to 5 different bann ers that sha re this space. • ISP Button — Appe ars in the ce nter of the ICC. — Y ou can cust omi ze thi[...]

  • Page 134

    134 Public Space Parameters Figure 5-19 ICC Scree n -- Credit C ard Authentica ted by RADIUS If a subscri ber has been authenti cated by a RADIUS serve r (if using In ternal authenticati on with RADIUS), the ICC includes a L ogout button so cu stomers can end their s ession. The ICC als o disp lays the sub scriber ’ s c urrent b illing plan in th[...]

  • Page 135

    135 Public Space Parameters Figure 5-21 ICC Set up Screen 9. Place a ch eck mark in the Enab le IC C box. 10. Ente r the Titl e for the ICC. • This is the n ame that ap pears at the top of the ICC next to the Web browse r name. 1 1. Co nfigure the I C C on subscri ber session cl ose option . • When s et to Redisplay , the ICC reappea rs appro x[...]

  • Page 136

    136 Public Space Parameters 12. Conf igure the ISP Log o Button setti ngs. • Enter the Nam e or Ti tle of th e ISP Button in the I SP Logo Butto n’s Na me /T ext field. — This i s the text that will appear in the text bar at the bottom of the ICC when a subs criber ro lls over the icon wi th his/her m ouse cur sor . •I n t h e Ta r g e t U [...]

  • Page 137

    137 Public Space Parameters • Configu re the optiona l bann er Start Time and Stop Ti me . — The St art Time is in hh:mm AM/PM format an d deter mines w hen th e banner will b e display ed on the IC C. After the start tim e elapses, the banner app ears in the I CC for the spec ified Bann er Dur ation along w ith the other enabled banners. The b[...]

  • Page 138

    138 Public Space Parameters Follow the se steps to enabl e SMTP Redi rection : 1. Login to th e AP’s Web browser inte rface. 2. Click PublicSp ace > SMTP . 3. If you wan t all outgoin g mail traffic redire cted to the sp ecified se rver , enable both the Miscon figured a nd Prope rly Configured options. If y ou want proper ly configur ed sub s[...]

  • Page 139

    139 Public Space Parameters The DNS an d IP Addres s tables can hold up to 50 entrie s each. The AAA port option s upports only pass through por t. • Passthrou gh DN S T able • Passthrou gh IP T a ble • Passthrou gh AAA Port Figure 5-24 IP/D NS Passth rough T ab le Passthr ough DNS T able 1. Login to th e AP’s Web browser inte rface. 2. Cli[...]

  • Page 140

    140 Public Space Parameters Passthr ough IP T able 1. Login to th e AP’s Web browser inte rface. 2. Click PublicSp ace > Passthrough > IP/DNS . 3. Place a ch eck mark in the Enable P assthrough Address box. 4. Click the Ad d button bel ow the Passthr ough IP Table heading. 5. Enter the IP address to passthrough in the IP Address field and c[...]

  • Page 141

    141 Public Space Parameters 4. Enter the sp eed of the con nectio n between the AP and the Ethernet ne twork in the Band widt h u plink (to network) speed field (in Kb ps). 5. Enter the sp eed of the con nectio n between the AP and the wireless cl ients in the Bandw id th downlink (to subsc ribers) speed field (in Kbps). 6. Click OK . 7. Reboot the[...]

  • Page 142

    142 Public Space Parameters Billing Options for Subscribers The Web browse r interface ’s Subscriber butto n links to thre e screens that allow you to confi gure Subsc riber billing plans ( Billing tab), login an d error mes sages ( Mes sages tab), and the Au thorized Subs cribers database ( Authorized tab). NOTE The Billing an d Messag es option[...]

  • Page 143

    143 Public Space Parameters Figure 5-27 Defa ult New U ser Screen that Appear s to Subsc ribers • Edit the Introduction M essage . — The d efault Intr oduction Message is “Please C hoose from the follow ing plans .” • Edit the Offer Messa ge . — The d efault O ffer Message is “How ma ny days of Int ernet acce ss woul d you like to pur[...]

  • Page 144

    144 Public Space Parameters 7. Click OK . 8. Click the Plan 0 ta b . 9. Config ure the setti ngs for billin g plan 0. • Place a check ma rk in the Ena ble P lan box to make the plan ac tive. It will appear as an opti on in the New User screen pres ented to subscribe rs. • Enter a name for the pla n in the Plan Label field. • Enter a d escript[...]

  • Page 145

    145 Public Space Parameters Creating a Fr ee Billing Pl an Unde r som e cir cumst anc es yo u may w ant t o of fer free Inte rnet acce ss to y our subsc ribe rs. For ex ample , you might offer a low bandw idth connec tion for free bu t charge f or faster connection s. Follow these step s to make one of your six billi ng plans a free bil ling plan: [...]

  • Page 146

    146 Public Space Parameters Figure 5-30 Subscr iber s Can Sele ct a Plan th at Off ers Free Int ernet Acc ess Subs crib er Me ssag es The Web browse r interface ’s Subscriber butto n links to thre e screens that allow you to confi gure Subsc riber billing plans ( Billing tab), login an d error mes sages ( Mes sages tab), and the Au thorized Subs [...]

  • Page 147

    147 Public Space Parameters Figure 5-31 Su bscribe r Login M essage s 3. Edit the logi n messa ges as nece ssary . • Service S election Messag e • Existing Use r Name Mess age — Appe ars on the main login sc reen wh en the User N ame opt ion i s en able d in PublicSp ace > AAA > Internal . — Def ault is “Plea se enter your user ID a[...]

  • Page 148

    148 Public Space Parameters Figure 5-32 Sa mple Lo gin Screen Presented to Subscrib ers 4. JavaScr ipt suppor t on the AP’s internal Web pages are ena bled by defau lt. Remo ve the chec k mark from the Enable Ja vaScrip t to disable th is feature. 5. Config ure the “Rem ember Me” cookie options. See Ena bling Co okie Supp ort for det ails. 6.[...]

  • Page 149

    149 Public Space Parameters Figure 5-33 Su bscr iber Me ssages Screen 12. Click t he Sub Msgs 2 ta b. 13. Edit th e subscrib er messa ges as ne cessa ry . • If this is not correct, please go back to the previous page • and make t he neces sary chan ges • Please se lect purc hase time • Purchase one-time ac cess usin g your credit car d • [...]

  • Page 150

    150 Public Space Parameters 16. Edit th e subscrib er messa ges as ne cessa ry . • Thank you for you r busines s • We are verifying y our account. P lease wait — This messag e app ears if RADIU S is en abled. T he AP displays this page whi le it wa it for an authe ntication response from t he RADIUS server . • Y ou will be purchas ing Inter[...]

  • Page 151

    151 Public Space Parameters 4. Edit the Reme mber M e Message . • This me ssage appe ars on the login scree n to let the user know th at his/he r user name a nd passwor d can be stor ed for fu ture lo gi n at tem pts. • The defau lt messag e is “Remem ber my usernam e and password .” 5. Enter the nu mber of day s for which t he cookie will [...]

  • Page 152

    152 Public Space Parameters Figure 5-35 Lo gin Screen wi th Custo m Logo Follow the se steps to add you r own partner im age and log o to the AP: 1. Create the image files that you want to add to the l ogin pages. Kee p in mind th e following: • The file s hould in JPG or a GIF f ormat. • The file nam e cannot exceed 8 ch aracte rs (DOS 8+ 3 fo[...]

  • Page 153

    153 Public Space Parameters Authorized Subscr ibers The AP-250 0 stores information about subs cribers in t he Author ized Subs cribers T a ble. Y ou ca n view the table by clicking Subscriber > Autho ri zed withi n the Web brows er interfac e. Figure 5-36 Auth orized S ubscr ibers T able The table is the AP’s internal database of a uthorized [...]

  • Page 154

    154 Public Space Parameters • Custom fields for inter nal use (User Alias 1 or User Alias 2) • Upstream and Downs tream ban dwidth setting s •S t a t u s — Shou ld be Active at all t imes. — Chan ge to Destroy to delete an entry . — The other opti ons are no t ap plic able when u sing the W eb br owse r int erf ace. Authorized Subscribe[...]

  • Page 155

    155 Public Space Parameters 5. If authori zing a user bas ed on MA C address (in other wor ds, the PublicSpace > AAA > Internal > Enable User Name option is disa bled), ent er the MAC addres s of the subsc riber ’s wireles s card in the field prov ided. • If you have ch osen to m anage this subscr iber by user name only , you do not ne[...]

  • Page 156

    156 ORiNOCO AP-2500 User Guide 6 Monitor Informat ion In This Chapter This chap ter describe s the statisti cs that can be viewed usi ng the Acc ess Point’s Web brows er interfac e (that is, th e options ac cessibl e after clicking the Statu s or Monitor button). • Syst em S tat us: Displays basi c informat ion about th e Access Poin t’s oper[...]

  • Page 157

    157 Monitor In formatio n Syst em Stat us Syst em Stat us is the first screen to appear eac h time you c onnect to th e Web browser interface. Y o u can also r eturn to t his screen b y cl ickin g the Stat us button . Figure 6-1 System S tatus Screen Each sect ion of the Sy stem Status scree n provides the followin g informa tion: • Syst em St at[...]

  • Page 158

    158 Monitor In formatio n Ve r s i o n From the Web br owser inte rface, clic k the Monitor button and sele ct the Ve r s i o n t ab. The l ist displaye d provides you wit h inf ormat ion that may be pert inen t whe n call ing T echni cal S uppor t. Wi th t his infor matio n, yo ur T echnica l Su pport represent ative can veri fy compatib ility iss[...]

  • Page 159

    159 Monitor In formatio n ICMP This tab provide s statistical inf ormation fo r both recei ved and tran smitte d messag es directed t o the Acces s Point. For example, if you ping the AP from ano ther comp uter , the AP rep orts the ping requ ests (Echos ) and replies ( Echo Rep ly) on this scr een (as sho wn in the ex ample bel ow). Not all ICM P [...]

  • Page 160

    160 Monitor In formatio n IP/ARP T able This tab provide s informat ion based on the Address Resol ution Protoc ol (ARP), w hich maps IP Addr esses to MAC Ad dresses. Th e AP adds an ent ry to this list for ea ch station with wh ich the AP direc tly commun icates. This includes devices tha t manage the AP , ping the AP , an d/or recei ve traps from[...]

  • Page 161

    161 Monitor In formatio n Lear n T able This tab display s inform ation relat ing to netwo rk bridging. It reports the MAC addres s for each node that the AP has learned is on the netw ork and the i nterface on which the node was detected. There can be up to 2,000 entries in the Learn T able. Click the Refresh button if you want to u pdate the tabl[...]

  • Page 162

    162 Monitor In formatio n Current Subscribers T able This table lists all of the active subscrib ers tha t are co mmun icating with the A P . (See A uthori zed Subsc ribers T able and the Curr ent Subs cribers T able for an explan ation of ho w this table di ffers from the A uthorized Subsc ribers T able.) T his table can hold up to 50 entries . Us[...]

  • Page 163

    163 Monitor In formatio n A subscribe r is remov ed from th e Current Subscriber s T abl e under the f ollowing circumstan ces: • The netw ork admi nistrator ch anges the subsc riber ’s St atus from Active to Destroy . • The sub scriber ha s logged ou t (applicabl e to RAD IUS-aut henticat ed users an d RADIUS Profile Caching is disabled) . ?[...]

  • Page 164

    164 Monitor In formatio n Interfaces This tab disp lays statistic s for the Ethe rnet and wireless int erfaces. The Ope rational St atu s can be up, do wn, or testing. Figur e 6 -8 Interf ace Moni torin g[...]

  • Page 165

    165 Monitor In formatio n Link T est (802.11b Only) Thi s tab di spla ys inf ormat ion on t he qual ity of the wir eless l ink to client s and other 80 2.1 1b APs in the Wi rele ss Distribu tion System . During a Link T est, t he Acces s Point and the selec ted devi ce exch ange a series of pack ets to test the streng th of the con nectio n. The de[...]

  • Page 166

    166 Monitor In formatio n • No ise (d Bm ): The str ength of the no ise detecte d at the receive r reported in dB m (decibe ls reference d to 1 milliwatt). The displayed v alue is the r unning average si nce the start of the test a nd is report ed as a nega tive num ber . Noise can int erfere w ith the recei ved sign al so a smalle r noise va lue[...]

  • Page 167

    167 ORiNOCO AP-2500 User Guide 7 Comman ds In This Chapter This ch apter d escribes the com mands that ca n be is sued usi ng the A ccess P oint’s Web bro wser interface ( that is, t he options ac cessibl e after clicking the Commands button). • Download: Download fi les from a TFTP server to th e Access Point. • Upload: Upload file s from th[...]

  • Page 168

    168 Commands File T ype Overview For Downloads, the Fil e T ype parameter supports four opt ions: Conf ig, Img, Bs pBl, and Gener ic. For Upl oads, File Ty p e supports two option s: Confi g and Gen eric. • Config: This refers to a file that con tains the AP’s networ k configur ation set tings (that is the parameters t hat correspond to t he OR[...]

  • Page 169

    169 Commands Upl oad Use the Upload tab to upl oad C onfiguration and i mage files from the AP-2500 to the TFTP server. NOTE The Download and Upload c omma nds are fro m the A P’s perspective . In other word s, to send f iles to th e AP , use the Dow nload command; to obtain files from t he AP , use the U pload com mand. The TFT P server m ust be[...]

  • Page 170

    170 Commands Reboot Use t he Reboot tab to save co nfigurat ion chan ges (if any) and reset the AP-2500. Entering a va lue of 0 (zero ) causes an immed iate reboo t. Note tha t Reset , describe d below , doe s not save co nfigurati on change s. CAUTION ! Rebooti ng the AP-2 500 will cau se all us ers who are currently connect ed to lose the ir conn[...]

  • Page 171

    171 Commands Figur e 7-4 Reset to Fact ory Defa ults Comman d Scr een Hel p Lin k T o o pen Help , c lick the Help button on any di splay scr een. During ini tializatio n, the Acces s Point’s on-line he lp files are do wnloade d to the defau lt locatio n: C:Program FilesORiNOCOAP2500HTMLin dex.htm . If you wan t to place thes e files on a sh[...]

  • Page 172

    172 ORiNOCO AP-2500 User Guide 8 T roublesho oting In This Chapter • Tr oubl eshoot ing Conce pts • Symptoms and Solutions • Connec tivity Issues • AP-2500 Unit Will Not Boot - No LED Activi ty • Seri al Li nk D oes N ot W ork • Ether net Link Does Not Work • Basic Softw are Setup and Co nfigurat ion Prob lems • Lost AP-25 00, T eln[...]

  • Page 173

    173 T roublesh ooting NOTE This section hel ps you locate prob lems related to the AP-2500 devi ce setup. For details ab out RADIUS , TFTP , Serial c ommun ications p rogram (such as H yperT er minal) , T eln et appli cations or web brows ers, p lease ref er to their respec tive doc umentation. T r oubleshooting Concepts The follow ing list iden ti[...]

  • Page 174

    174 T roublesh ooting Ethernet Link Does Not Work 1. Double- check th e physica l networ k connect ions. Use a kn own-g ood unit to make sure the netwo rk connec tion is present. Once you have the AP-25 00 IP Add ress, you ca n use the “Pi ng” comm and ov er Ethernet to test the IP Addres s. If the AP-25 00 respon ds to the Ping , then the Ethe[...]

  • Page 175

    175 T roublesh ooting HTML Help Files Do Not Appear 1. V erify that th e HTML He lp files are installed in the defau lt directo ry listed in the Help Link scre en. 2. If the Help files are not located in this f older , contact you r networ k adminis trator to find out where t he Help files ar e located on your se rver . 3. Perform the followin g st[...]

  • Page 176

    176 T roublesh ooting VLAN Operation Issues V erifying Proper Operat ion of the VLAN Feature The corr ect VLAN con figuratio n can be ve rified by “ping ing” both w ired and w ireless hosts from both s ides of the AP-2500 de vice and the network s witch. T raffic can be “sn iffed” on both the w ired (Ethe rnet) and wi reless (W DS) backbon [...]

  • Page 177

    177 T roublesh ooting Recovery Procedur es The most co mmon i nstallation pro blems relat e to IP Addres sing. Fo r example , without the TFTP server IP address, you will not be able to down load an AP Im age to the AP -2500. IP Ad dress m anageme nt is fundam ental. We suggest you creat e a chart to d ocumen t and valida te the IP addresse s for y[...]

  • Page 178

    178 T roublesh ooting Download Proce dur e Follow the se steps to us e ScanT ool to down load a softwar e image to an Access P oint with a miss ing image : 1. Downl oad the late st software fro m http://www .proxim.com/ . 2. Copy the la test softwar e updates to your TFTP server . 3. Launch Sc anT oo l. 4. Highligh t the entry for the AP y ou want [...]

  • Page 179

    179 T roublesh ooting 4. Open yo ur terminal emulatio n program (like Hype rT erm inal) and s et the followin g conne ction prop erties: • Com Port: < COM1, C OM2, etc. , depending on your com puter > • Baud rate : 9600 • Data Bits: 8 • S top bits: 1 • Flow Contro l: None • Parity: None 5. Under F ile -> Properti es -> Setti[...]

  • Page 180

    180 T roublesh ooting Setting IP Address using Serial Port and Normal CLI Use the followi ng proce dure t o set an IP Addr ess ove r the s erial po rt using the nor mal C LI. The ne twork a dminist rator typ icall y pr ovid es the AP-2 500 IP Addr ess. Hardwar e and Software Requir ements • S tandard seri al data (RS-232 ) cable wit h a female DB[...]

  • Page 181

    181 T roublesh ooting 6. Chang e the IP Addr ess and ot her netwo rk values us ing set an d reboot CLI com mand s, similar to the exampl e dialog bel ow (use yo ur own IP Address an d IP Mask ). Result: After ea ch entry the CLI remind s you to re boot; howev er wait to reboo t until all com mands have bee n entered. [Devic e name ]> se t ipaddr[...]

  • Page 182

    182 T roublesh ooting Image Alarms Standard MIB-II (RFC 1213) Alarms AAA Alarms Ther e ar e two ente rpris e tr aps sent f rom t he P ublic S p ace fu nct ions: Related Applications RADIUS Server If you hav e confi gured the AP ’s RADIUS s ettings, make s ure your ne twork’s RADI US ser ver is confi gured an d running. Otherwi se, clien ts will[...]

  • Page 183

    183 T roublesh ooting LED Indicator s POWER ETHERNET PC CARD A PC CARD B INIDICAT ION Gre en Green flash with data activi ty Green fl ash with data activi ty Green fl ash with data a ctivity Norm al Operati on Amber n/a (not app licable ) Am ber Amber Rebo oting Amber n/a n/a n/a Missing or bad AP Image if a mber after reb oot Red Red n/a n/a Power[...]

  • Page 184

    184 ORiNOCO AP-2500 User Guide A Using the Command Line Interface In This Chapter This section provide s details for the Com mand Line (CLI) Interf ace used to m anage an AP- 2500 devi ce. CLI comm ands can be u sed to initia lize, configu re, and man age netw ork operat ion of the Ac cess Poin t. • CLI com mands m ay be ente red in real time thr[...]

  • Page 185

    185 Using the Command Line Inte rface Prer equisite Skills and Knowledge T o use t his docum ent effectively , you shoul d have a wo rking know ledge of Lo cal Area Ne tworking ( LAN) conce pts, network access in frastruc tures, and client-s erver rel ationships. I n addition , you should be familiar with software setup procedu res for typ ical net[...]

  • Page 186

    186 Using the Command Line Inte rface CLI Erro r Messages The follow ing table desc ribes the er ror messa ges assoc iated wi th improper inputs or expec ted CLI be havior . Command Line Interface (CLI) V ariations Adminis trators use the C LI to cont rol Access Po int operation an d mon itor network statistics. The AP -2500 sup ports two type s of[...]

  • Page 187

    187 Using the Command Line Inte rface The follow ing lists display the results of us ing the help and show commands i n the Bootload er CLI: [Devic eNam e]> help <CR> Figur e A -1 Resul ts of “help ” boot loade r CLI co mmand [Devic eNam e]> show <CR> sysnam e <value of sysn ame> ipadd rtype <value of ip addrty pe>[...]

  • Page 188

    188 Using the Command Line Inte rface ? (List Commands) This co mmand has var ied uses to display comma nds a nd paramete rs, dep ending o n the op eration in which it i s used. The follow ing table lists each op eration an d provides a b asic exam ple. Fol lowing the table are detailed exam ples an d display r esults for each op eratio n. Example [...]

  • Page 189

    189 Using the Command Line Inte rface Figure A-4 R esult of “set ?” C LI comm and Example 3b. Display parameters b ased on letter s equence This ex ample s hows e ntries for paramete rs that start with the lette r “i”. Th e more letters y ou en ter , the fe wer the results ret urne d. Noti ce that ther e is no sp ace be tween the lett ers a[...]

  • Page 190

    190 Using the Command Line Inte rface After entering one paramete r , you may a dd anothe r " ? " to the new CLI line see the next param eter prompt , and so on unt il you en ter al l par amet ers. The fol lowi ng examp le sho ws how thi s is us ed for the "dow nload" Comma nd. The last part of the exam ple shows the comp leted [...]

  • Page 191

    191 Using the Command Line Inte rface Figu re A-7 Re sults o f “hel p<spa ce>” CLI com man d 2. Compl ete com mand descr iption a nd com mand usage can b e prov ided b y: [Devic e Name ]> he lp <co mman d name > [Devic e Name ]> <comman d name> he lp history Shows co ntent of Com mand History Buffer . The Com mand H isto[...]

  • Page 192

    192 Using the Command Line Inte rface search Lists the memb ers of the spe cified table. T his list corres ponds to the table informati on displaye d in the HTTP Interface . In this exa mple, the CLI returns th e same table item s that are di splayed in the HTTP Inter face’s IP Acces s T able. [ Device Na me]> sear ch ? [ Device Na me]> sea[...]

  • Page 193

    193 Using the Command Line Inte rface Parameter Control Commands The follow ing sect ions cover e ach CLI Co mman d, and include severa l tables showing parameter pr operties . The two Parame ter Con trol Com mands a re sh ow and set. Thes e allo w you to view (sh ow) all parameter s and stati stics, and to change (s et) parameter s. • show - T o[...]

  • Page 194

    194 Using the Command Line Inte rface NOTE Some tables us e a different syntax. S ee Working wi th T ables for detail s. Example 4 - Enable, Disable , or Delete a table entry or row In t his examp le you woul d li ke to mana ge the seco nd t able row/ ent ry . Syntax: [Devic e Name ]> se t <Table > inde x status <enab le, disa ble, dele[...]

  • Page 195

    195 Using the Command Line Inte rface Example 6 - Show Individu al and T able Parameters 1. View a single parameter Syntax: [Devic e Name ]> show <par ameter name> Example: [Devic e Name ]> show ipad dr Result: Displays the Access Point IP Address. Figure A-10 Resu lt of “show ipaddr ” CLI Com mand 2. View all parameter s in a table[...]

  • Page 196

    196 Using the Command Line Inte rface •D e l e t i o n – Th e ta ble nam e is requ ired . – Th e ta ble ind ex is re quir ed – for t able dele tion th e inde x should be the i ndex of the entr y to be de leted . – The reser ved wor d delete or de stroy is requ ired. There are some differenc es betwee n table entry ad d and dele te operati[...]

  • Page 197

    197 Using the Command Line Inte rface Configuri ng Objects that Requir e Reboot Certain obje cts supported by the AP req uire the dev ice to be reb ooted in ord er for the ch anges to take effect. I n order to inform th e end-user of this behavio r , th e CLI shall pro vide inform ational mes sages when the user ha s configur ed an object or object[...]

  • Page 198

    198 Using the Command Line Inte rface Configuring the AP-2500 Unit using CLI commands Log Into the AP-2500 Unit using HyperT erminal 1. Launc h Hyper T ermi nal from the Sta rt > Pr ogram s menu. Open an ex isting connec tion or cre ate a new one with the following settings: • Com Port: <CO M1, CO M2, etc., de pending on your com puter> [...]

  • Page 199

    199 Using the Command Line Inte rface Figure A-1 1 Result of “show syste m” CLI Command Set Static IP Addr ess for the AP-2500 devic e [Devic e Name ]> se t ipaddr type static [Devic e Name ]> se t ipad dr < fixed IP a ddress of unit> [Devic e Name ]> se t ipsubm ask <I P Mask (de fault = 255.0. 0.0) > [Devic e Name ]> s[...]

  • Page 200

    200 Using the Command Line Inte rface Figure A-12 Results of “show wi f” CLI command Set WEP Encryption for each Wir eless Interf ace – 3 = wireless card in Slot A – 4 = wireless card in Slot B CAUTION ! Client station s must have t he sam e encry ption key to be able to c ommun icate w ith the AP-2500 device. Ea ch Wire less Inte rfac e ca[...]

  • Page 201

    201 Using the Command Line Inte rface For the wireless car d in Slot B Y ou ca n set up to fou r encr yption k eys. Th is exa mple describes setting encry ption Key 2 on t he wir eless card in Slot B. [Devic e Name ]> se t wifs ec 4 encry pt e nable encr yptkey 2 <WEP key (5 -13 charact ers lon g dependi ng on card typ e) > encryp tkeytx 2[...]

  • Page 202

    202 Using the Command Line Inte rface Change your Wireless Interface Settings Enable/Disable Interf erence Robustness – 3 = wireless card in Slot A – 4 = wireless card in Slot B [Devic e Name ]> se t wif <3 or 4> interr obust <e nable/ disabl e> Thi s feat ure is on ly ava ilab le for 80 2.1 1b wirel ess car ds. Enable/Disable Cl[...]

  • Page 203

    203 Using the Command Line Inte rface NOTE The distance betw een APs sh ould not be appr oximate d. It is calculated by m eans of a manua l Site Survey , in which an AP- 2500 uni t is set up and clie nts are tested throughout the area to determin e signal stren gth and coverag e, and local limits such as phys ical inter ference are investig ated. F[...]

  • Page 204

    204 Using the Command Line Inte rface Configure Management Ports [Devic e Name ]> se t snmpif bitm ask <0, 1, 4, 8, 15 (see below) > [Devic e Name ]> se t httpif bitm ask <0, 1, 4, 8, 15 (see below) > [Devic e Name ]> se t teli fbit mask < 0, 1 , 4, 8 , 15 (see below) > Choose from the fo llowing values: Edit IP Access T [...]

  • Page 205

    205 Using the Command Line Inte rface Par ame ter T a ble s Objects con tain groups that co ntain both paramet ers and param eter tables. Use the followi ng T ab les to co nfigure the A ccess Po int. The Acces s Point CLI is un der deve lopment as this docume nt is being pr epared; there fore, some tab le cells are blan k where a feature has not ye[...]

  • Page 206

    206 Using the Command Line Inte rface • Passthrou gh Pa rameters - S pecify free content or walled garde n sites for unauthen ticated u sers • Passthrough IP T able • Passthrou gh DNS T able • AAA Passthro ugh Port • Bandwidth M anagem ent P arameters - Enable ban dwidth man agemen t control for subscribe rs • Billing Parame ters - Conf[...]

  • Page 207

    207 Using the Command Line Inte rface Inv ent ory M ana gem en t Info rma tion NOTE The i nvent ory man agemen t comm ands dis play advanc ed inf ormat ion ab out th e AP’ s inst alle d comp onent s. Y o u may be as ked to rep ort this infor mation t o a technical re presentati ve if you contact customer support. Network Parameters NOTE The IP Ad[...]

  • Page 208

    208 Using the Command Line Inte rface DHCP Server Parameters DNS Parameters Name T ype V alues Access CLI Parameter DHCP Group N/A R dhcp DHCP Service Integer disab le (0) enable (1) RW/R eboot dhcpDisable DHCP IP Upsell Service Integer disab le (0) enable (1) RW/R eboot dhcpIp Upsell DHCP Server Service Integer disab le (0) enable (1) RW/R eboot d[...]

  • Page 209

    209 Using the Command Line Inte rface VLAN Parameters VLAN ID T able Interface Par ameters Since the AP- 2500 devi ces suppo rt two PC Car d slots, we differenti ate the two wi reless inter faces by using the table index: — Slot A = index 3 — Slot B = index 4 The w ire less i nte rface grou p pa ramet er i s wif , which displays the objects ass[...]

  • Page 210

    210 Using the Command Line Inte rface NOTE There is an in ter-depe ndent relat ionship between th e Distance bet ween APs an d the Mult icast Rate . In gene ral, larg er syst ems oper ate a l ower av erage trans mit ra tes. Wir eless Distributio n System (WDS) Parameters NOTE These param eters onl y apply to 802 .1 1b ra dios. Mediu m Distributi on[...]

  • Page 211

    211 Using the Command Line Inte rface Wireless 802.11a Parameters NOTE For 802.1 1a cards i n Europe, Aut o Channe l Select is a re ad-only param eter; it is alw ays enabled . Name T y pe V alues Access CLI Parameter Wireless Interfa ces Group N/A R wif Networ k Name Disp layStr ing 2 – 31 charac ters My Wireless Network A (defau lt) My Wireless [...]

  • Page 212

    212 Using the Command Line Inte rface Ethernet Interface Parameters Management Parameters IP Access T able Parameters When cr eating table en tries, yo u may eith er speci fy the argu ment nam e followed by argum ent valu e or simply e ntering the argu ment valu e. When o nly the argu ment valu e is specifie d, then ente r the value s in the order [...]

  • Page 213

    213 Using the Command Line Inte rface SNMP Parameters SNMP T able Host T able Parameters When c rea ting tabl e en tries , yo u may e ithe r sp ecify ing the ar gume nt nam e fol lowe d by a rgume nt val ue. CLI ap plie s default va lues to the omitt ed argum ents. Due to the nature of the informat ion, the only ar gument tha t can be omitte d is t[...]

  • Page 214

    214 Using the Command Line Inte rface Serial Port Parameters HTTP (web browser) Parameter s TF TP Server Parameters These param eters relat e to upload a nd downl oad com mands. When a user execute s an upload an d/or down load Comma nd, the sp ecified argum ents are stored in TFTP parameter s for future us e. If nothin g is specifie d in the comm [...]

  • Page 215

    215 Using the Command Line Inte rface NTP Parameters Name T ype V a lues Access CL I Parameter SNTP Group N/A R sntp SNTP On Integer enable (1) disable ( 2) RW oriSNTPStatus Primary SNTP Server IP Displa yString User Defined RW oriSNTPPrim aryServe rNameO rIPAddres s Secondary SNT P Server IP Displa yString User Defined RW oriSNTPSeco ndarySer verN[...]

  • Page 216

    216 Using the Command Line Inte rface Security Parameters NOTE The Secu rity group is not currently i mpleme nted in the AP-25 00. RADIUS Server Parameters Day Integer32 (1..31) User Defined RW oriSNTPDay Hour Intege r32 (0..23) User Defined RW oriSNTPHour Minute s Integer32 (0..59) User Defined RW oriSNTPMinutes Seconds Int eger32 (0..59) User Def[...]

  • Page 217

    217 Using the Command Line Inte rface Primary RADIUS Acct Server Secret Key Displ ayString Size(0. .130) User Defined RW a aaRadiu sAcctSrv1S ec Primary RADIUS Acct Server DNS Name Displ ayString Size(0. .240) User Defined RW a aaRadiu sAcctSrv1D ns Secondary RADIUS Accounting Server IP IpAddr ess User Defined RW a aaRadiu sAcctSrv2Ip Secondary RAD[...]

  • Page 218

    218 Using the Command Line Inte rface Encryption Parameters The follow ing table details the WE P encry ption paramet ers for the A P-2500. T his informat ion applie s to both the 802.1 1a and the 802.1 1 b wireless i nterface s. Security Encrypti on Key Length T able The follow ing table details how t o set the Encr yption K ey Length for the wire[...]

  • Page 219

    219 Using the Command Line Inte rface AAA Parameters The Authe ntication, Aut horizat ion and Accoun ting (A AA) module enables sol ution prov ider to provisi on, track, and bill new or ret urning subs cribers. These paramet ers are s hown in the following tables . Basic AAA Parameters AAA External Authorization Parameters Name T ype Values Access [...]

  • Page 220

    220 Using the Command Line Inte rface AAA Inter nal Authorization Par ameters Logging Parameters Name T ype V alu es Access CLI Parameter AAA Intern al Authorization Group N/A R aaaIntern alAuth SSL Support Integer di sable (0) enable (1) RW/R eboot aaaSslOn SSL Host Name DisplayS tring Size(0..3 1) User Defined RW aaaSslHostName SSL Portal Pag e R[...]

  • Page 221

    221 Using the Command Line Inte rface URL Filtering Paramet ers URL Filt erin g IP T abl e URL Filtering DNS T able Name T ype V alu es Acce ss CL I Parame ter URL Filtering Group N/A R urlFiltering URL Filtering On Int eger disa ble (0) enable (1) RW urlFilteringOn Name T ype V a lues A ccess CLI Pa ramete r URL Filtering IP Table Table N/A R urlF[...]

  • Page 222

    222 Using the Command Line Inte rface ICC (Inf ormation Cont rol C onsole) Paramete rs ICC Button Configuration The follo wing table is for ICC Bu tton 2. The s ame parameters ap ply to but ton 3 thro ugh 9 (sim ply ch ange the 2 in each comma nd to a di ff eren t butto n numb er). Name T ype Values Access C LI Para meter ICC Group N/A R icc ICC On[...]

  • Page 223

    223 Using the Command Line Inte rface ICC Banner Configuration The follow ing table is for ICC Ban ner 1. The same paramet ers apply t o banners 2 through 5 (sim ply cha nge the 1 in each com mand to a different button number ). SMTP Parameters Passthrough Pa rameters “Passt hrough” allo ws non sub scribe r to access pr edeterm ined servi ces a[...]

  • Page 224

    224 Using the Command Line Inte rface Passthr ough IP T able Passthr ough DNS T able AAA Passthrough Port See Basic AAA Parame ters . Bandwidth Management Parameters System adm inistrat ors can m anage th e bandwidth for subscribe rs, defin ed in Kbps (Kilobits per sec ond) for both upstream and downst ream data tran smiss ions. Name T ype V alues [...]

  • Page 225

    225 Using the Command Line Inte rface Billing Parameters Billing Mirr oring Parameters Name T ype V alu es Access CL I Para meter AAA Billing Option Gro up N/A R aaaBillingOption Intro Mess age Dis playSt ring Size(0..1 40) User Defined RW aaaBilloptIn troMsg Offer Mess age DisplayS tring Size(0..1 40) User Defined RW aaaBilloptOf ferMsg Policy Mes[...]

  • Page 226

    226 Using the Command Line Inte rface Billing Plans Configurat ion The following ta ble is for Billing Plan 0. The same p arameters apply to Billi ng Plans 1 through 5 (simply change the 0 in each com mand to a different billing pl an numbe r). Carbon Copy Ser ver URL One Displa yString Size(1..2 38) User Defined RW brmServerCCUrlOne Carbon Copy Se[...]

  • Page 227

    227 Using the Command Line Inte rface Subscriber Messages Paramet ers Rate per M onth DisplayStri ng Size(0..3 2) User Defined RW aaaBillingPlanMonth0 Uplink Bandwidth Int eger 0.. 1500 RW aaaBillingPlanBandwidthUp0 Downlink Bandwidth Int eger 0.. 1500 RW aaaBillingPlanBandwidthDown0 DHCP Pool Intege r private (0) public (1 ) RW aaaBillingPlanDHCPP[...]

  • Page 228

    228 Using the Command Line Inte rface ISP Challenge Displ ayStri ng Size(0..2 18) User Defined RW aaaE rrorISP Challe nge Value Ou t of Rang e DisplayStri ng Size(0..2 18) User Defined RW aaaErr orMi nMaxVa lues No Billing Options Di splayS tring Size(0..2 18) User Defined RW aaaErrorNoBillingOpts Internet S ervice Not Available Displa yString Size[...]

  • Page 229

    229 Using the Command Line Inte rface Authorized Subscribers T able RADIUS Create Message Displa yString Size(0..2 18) User Defined RW aaaM essage RadiusCre ate RADIUS Login Message Displa yString Size(0..2 18) User Defined RW aaaM essage RadiusLo gin Request Failed Message Displa yString Size(0..2 18) User Defined RW aaaM essage RequestFa iled Req[...]

  • Page 230

    230 Using the Command Line Inte rface Curren t Subscribers T able Subscriber Download Bandwidth Integer User D efi ned RW authSubBwDown Credit Card Confirmation Number Displ ayString N/A R authSub Confirm ation Subscribe r Status Ro wStatus active (1), notInS ervice (2) , notR eady ( 3), crea teAndGo (4), crea teAndWait (5) , destroy (6) RW authSub[...]

  • Page 231

    231 Using the Command Line Inte rface Miscellaneous Parameter s CLI Monitoring Parameters Using th e “show” co mmand w ith the followi ng table paramete rs will display operating statistics for the AP-2500 (these are the sa me statistics t hat are desc ribed in Monitor Informatio n for th e H TT P Web in terf ace ). – staticmp. Displays the I[...]

  • Page 232

    232 ORiNOCO AP-2500 User Guide B XML Interface Specification This speci fication des cribes the AP- 2500’s XML Inter face. Befo re reviewing this specifica tion, note th e following: • This spe cification refer s to sample HTML files written in Jav aScript that illus trate the XML comma nds (they build an XM L object tha t is sent to the AP) . [...]

  • Page 233

    233 XML Interface Specificat ion URL GET A networ k devi ce can s end c ommands to the AP via a query string appended to a U RL line (GET m ethod). The query string is the string of char acter s follow ing the ques tion ma rk (?) at th e end o f the URL. For e xampl e, con sider th e following e xample illustrati ng a “user s uccessful login” c[...]

  • Page 234

    234 XML Interface Specificat ion XML Response Form Format In response t o a command, t he AP returns an XML form in the follo wing format: <USG RESUL T="(RESUL TCOD E)" ID="(UI)" IP="(AP_IP_ADD R)"> [<ERROR_NUM>(error number )</ERR OR_NUM>] [<ERROR_DESC>(error description)</ERROR_DESC>] &l[...]

  • Page 235

    235 XML Interface Specificat ion AP Command Refer ence Add/Update User Sample file n ame: UserAdd.htm The specified user has b een authorized for access and will be added to the AP’s Aut horized Subscribers T able. Command: " USER_ADD " Comma nd attr: " MAC_ADDR " Comma nd attr_da ta: u ser MAC address (string) tag_1: " U[...]

  • Page 236

    236 XML Interface Specificat ion Bandwidt h Up Set the bandw idth up for an au thorized u ser . Command: " SET_BANDWIDTH_UP " Comma nd attr: " SUBSCRIBER " Comma nd attr_da ta: U ser MA C address (string) tag_1: " BANDWIDTH_UP " data_1: (nu mber mea sured in Kb ps (i.e. for 128,000 bi t per secon d, enter 128 )) Return[...]

  • Page 237

    237 XML Interface Specificat ion Query User Sample file n ame: UserQuery .htm The c urre nt Us er d ata is re turn ed. Command: " USER_QUER Y " tag_1: " USER " tag_1_attr: " ID_TYPE " tag_1_attr_da ta: " MAC_ADDR " or " USER_NAME " data_1: if ID_TYPE = " MAC_ADDR " then ( User's M AC [...]

  • Page 238

    238 XML Interface Specificat ion Commands For Ref erenc e Only The follow ing com mands are i ncluded for reference purposes only . They are no t currently s upporte d by the AP- 2500. Set Room Access The speci fied room ac cess mod e is set. Command: " ROOM_SET_A CCESS " Comma nd attr: " ROOM_NUMBER " Comma nd attr_da ta: R oom[...]

  • Page 239

    239 XML Interface Specificat ion User Payment User's au thorization a nd payment is requ ested. PMS is not suppo rted by the AP a t this time. Command: " USER_P A Y MENT " Comma nd attr: " P A YMENT_M ETHOD " Comm and a ttr_d at a: " PMS " tag_1: " USER_NAME " data_1: (us er nam e) tag_2: " P ASSW O[...]

  • Page 240

    240 XML Interface Specificat ion Exte r nal Aut hen ticat ion Pr oce dur e (Deta iled) Whenever a subsc riber tries to a ccess the Intern et, it must p ass through th e AP . The AP tracks all packet s flowing throug h it by the sourc e MAC ad dress of the packet, which un iquely identifies th e wireless card that th e subscribe r is using. If th e [...]

  • Page 241

    241 XML Interface Specificat ion Sample XML C ommunicatio ns with the AP The follow ing is an exam ple of the comman ds to set acce ss for a ne w subscr iber with the followin g attribute s: User Name: jo hndoe MAC ad dress: 0050 da554 787 NOTE The followin g exam ples contain C RLFs and spaci ng for display clarity onl y . A quer y string mus t no[...]

  • Page 242

    242 ORiNOCO AP-2500 User Guide C Cr edit Card Interface Specification A key paymen t feature of the AP -2500 is d irect Credit Car d billing. The AP s upports sever al credit card se rvice companie s by defau lt (see Credit Card Servi ces ). How ever , if your par tic ular credi t car d se rvic e prov ider or clearing house is not sup ported b y de[...]

  • Page 243

    243 Credit Card Interfa ce Specificat ion 8. Merch ant ID 9. Amount 10. URL to post silent reply 1 1. This field must be i n the form and set to a value of TRUE to t ell the system that it will be doin g an ADC Relay Respo nse tr ansactio n. 12. Se nding t his fiel d guar antees that t he defa ult P ayment Form w ill sho w up for the use r . Should[...]

  • Page 244

    244 ORiNOCO AP-2500 User Guide D ASCII Charac ter Chart Y ou can co nfigure WEP En cryption Keys in eithe r Hexadecim al or ASCII format. Hexa decimal digits are 0-9 and A-F (not case sen sitive). ASC II charact ers are 0-9, A -F , a-f (case se nsitive) , and punctua tion marks. Each ASCII character corres ponds to tw o hexadec imal dig its. The ta[...]

  • Page 245

    245 ORiNOCO AP-2500 User Guide E Specifications In This Chapter • Hardware S pecifications • Radio S p ecifications – 802.1 1b Channel Frequenc ies – 802.1 1a Channel Frequenc ies – Wireles s Commu nication Range Har dware Specifications Physical Specific ations AP-2500 Unit Dimens ions (H x W x L) = 6.5 x 18.5 x 26 cm (2.5 x 7. 25 x 10.2[...]

  • Page 246

    246 Specifications Ethernet Interface 10/100 Ba se-T , RJ-45 female so cket PCMCIA Interface PC Card Slot (A & B) = S t andard PC Car d slot for PC Card Serial Port Inter face Connec tor Type = DB9, male Serial Cabl e = S tandard RS- 232C se rial data cable, wi th a female D B-9 conn ector at eac h end Active Ethernet Interface Categor y 5, foi[...]

  • Page 247

    247 Specifications Radio Specifications 802.1 1a rad io certif ication i s not availab le in a ll co untries. C ontact y our sal es re presentati ve for details. 802.1 1b radio certif ication is av ailable in the US/Cana da (FCC) , Japan (VCCI ), Europe (ET SI), and F rance. 802.11b Channel Frequencies The follow ing table shows the chann el alloca[...]

  • Page 248

    248 Specifications Wire less Communication Range The rang e of the wireless signal is related to the com position o f objec ts in the radi o wave path, and the transmit rate of the wirel ess comm unication . Com municat ions at a lowe r transmit range ma y travel longe r distances. NOTE The range values liste d in the Com municat ions Ran ge Chart [...]

  • Page 249

    249 ORiNOCO AP-2500 User Guide F T echni cal Support If you are hav ing a probl em using an AP- 2500 and ca nnot res olve it with the i nformati on in T rou bleshoo ting , gather the followi ng informat ion and co ntact your local authoriz ed reselle r . Gather the following informatio n before conta cting your resel ler: • List of ORiNOCO produc[...]

  • Page 250

    250 T echnical Support For the Caribbean and Latin America: Phone: 1-866-ORiNOCO (1-866-674-662 6) 1-661- 367-22 30 E-mail: CALAsuppo rt@orinocow ireless.com For Asia Pacific: Phone: + 1 66 1-367-2230 E-mail: AP A Csupport@o rinocowi reless.c om For Eur ope, the Middle East, and Africa (EMEA): Y our local su pplier in the EMEA region is trained to [...]