Part No. 214853-B June 2003 4655 Great America Parkway Santa Clara, CA 95054 Using the Nortel Networks Wireless LAN Access Point 2220/2221-802.11b-only This multi-product manual describes some features not available on the 2221-802.11b-only Access Point. The 802.11a radio described in this manual is unavailable on the 2221-802.11b-only Access Point.
Copyright © 2003 Nortel Networks All rights reserved. June 2003. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, whether electronic, mechanical, photocopying, recording or otherwise without the prior writing of the publisher. Windows 98SE/2000/ME/XP are trademarks of Microsoft Corp. Pentium is a trademark of Intel. Nortel Networks and the Nortel Networks logo are trademarks of Nortel Networks, Inc.
This device is restricted to indoor use when operated in the European Community using channels in the 5150-5350 MHz band to reduce the potential for harmful interference to other users of the band. To remain in conformance with European National spectrum usage laws, the channel and power settings must be configured during installation to match the country in which the device is operating.
Hiermit erklärt Nortel Networks die Übereinstimmung des Gerätes Radio LAN device mit den grundlegenden Anforderungen und den anderen relevanten Festlegungen der Richtlinie 1999/5/EG.
Warning: Um gesundheitliche Schäden zu vermeiden, öffnen Sie nie den oberen Gehäusedeckel. Es befinden sich keine durch den Benutzer zu wartenden Teile im Inneren. Warning: pour éviter tout risque d’électrocution, ne retirez jamais le couvercle du module. Celui-ci ne comprend aucun composant pouvant être dépanné par l’utilisateur. Advertencia: No retire nunca la cubierta superior del dispositivo, ya que podría resultar herido como consecuencia de una descarga eléctrica y de corriente.
214853-B
Contents Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Package Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Hardware Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 64-Bit Manual Entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 128-Bit Manual Entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 Advanced Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 System . . . . . . . . . . . . . .
Contents 9 Radio Interface A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 Radio Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 Enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 Turbo Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Compliance Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 Warranty . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 Appendix B Template for placing the Access Point 2220/2221. . . . . . . . . . . . . . . . . . . .
Figures Figure 1 LED indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Figure 2 Rear Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 Figure 3 Login screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Figure 4 Main Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Figures 214853-B
Tables Table 1 LED Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Table 2 802.1x Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Table 3 Local MAC Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Tables 214853-B
Preface Note: Both 802.11a and 802.11b radios are turned off on your Nortel Networks Wireless LAN Access Point 2220/2221. You must configure your Access Point 2220/2221 for your country before turning on the 802.11a and 802.11b radios. For information on country-specific configuration, refer to Country-specific Configuration for the Nortel Networks Wireless LAN Access Point 2220/2221 (part number 215293-B). Go to http://support.nortelnetworks.
Preface Package Checklist The Access Point 2220/2221 package includes: • • • One Access Point 2220/2221 Driver & Utility CD Documentation CD Hardware Description Ethernet Compatibility The Access Point 2220/2221 can attach directly to 10BASE-T/100BASE-TX (twisted-pair) Ethernet LAN segments. These segments must conform to the IEEE 802.3 specification. The access point is an Ethernet node which switches packets from the remote devices on the wireless infrastructure to the wired LAN and vice versa.
Preface 17 Figure 1 LED indicators Power Ethernet Link/Activity 802.11b 802.11a Wireless Wireless Link/Activity Link/Activity Table 1 LED Indicators LED Status Description Ready On Indicates that power is being supplied. Flashing Indicates • running a self-test • loading software program system errors LAN WLANa WLANb On Indicates a valid 10/100 Mbps Ethernet cable link. Flashing Indicates that the access point is transmitting or receiving data on a 10/100 Mbps Ethernet LAN.
Preface System Requirements Before you install the Access Point 2220/2221, be sure you can meet the following requirements: • • • An AC power outlet (100~240 V, 50~60 Hz) or an IEEE 802.3af-draft-compliant power source 802.11a or 802.11b compliant (or dual-compliant) wireless Ethernet adapters with TCP/IP compatible protocol installed Web browser for configuration Alternatively, you can connect an RS-232 cable to the console port and use the command line interface (CLI).
Chapter 1 Hardware Installation Note: Both 802.11a and 802.11b radios are turned off on your Nortel Networks Wireless LAN Access Point 2220/2221. You must configure your Access Point 2220/2221 for your country before turning on the 802.11a and 802.11b radios. For information on country-specific configuration, refer to Country-specific Configuration for the Nortel Networks Wireless LAN Access Point 2220/2221 (part number 215293-B). Go to http://support.nortelnetworks.
Chapter 1 Hardware Installation Figure 2 Rear Panel Console Port RJ-45 Connector (PoE) 5 V DC Power Socket 2 Connect the Console Port – Connect the console cable to the RS-232 console port for accessing the command-line interface. (Refer to “Run Time Console Specifications” for complete information on the CLI.) You can manage the access point through this console connection, or the Web management interface (refer to “System Configuration” on page 24.
Chapter 2 Network Configuration and Planning 21 Chapter 2 Network Configuration and Planning The wireless solution supports a stand-alone wireless network configuration as well as an integrated configuration with 10/100 Mbps Ethernet LANs.
Chapter 2 Network Configuration and Planning Infrastructure Wireless LAN The access point can also provide access to a wired LAN for wireless workstations. An integrated wired/wireless LAN is called an Infrastructure configuration. A Basic Service Set (BSS) consists of a group of wireless PC users, and an access point that is directly connected to the wired LAN.
Chapter 2 Network Configuration and Planning 23 A wireless infrastructure can also support roaming for mobile workers. More than one access point can be configured to create an Extended Service Set (ESS). By placing the access points so that a continuous coverage area is created, wireless users within this ESS can roam freely.
Chapter 3 System Configuration Chapter 3 System Configuration Note: Both 802.11a and 802.11b radios are turned off on your Nortel Networks Wireless LAN Access Point 2220/2221. You must configure your Access Point 2220/2221 for your country before turning on the 802.11a and 802.11b radios. For information on country-specific configuration, refer to Country-specific Configuration for the Nortel Networks Wireless LAN Access Point 2220/2221 (part number 215293-B). Go to http://support.nortelnetworks.
Chapter 3 System Configuration 25 Telnet or open the console connection to the Access Point 2220/2221. 1 When you have connected to the Access Point 2220/2221, you will see the following prompt: Username: 2 Enter: nortel You will see the following prompt: Password: 3 The default is no password. Press Enter. The EXEC mode prompt appears: Nortel Enterprise AP# For a list of commands available from the CLI, refer to Run Time Console Specifications (part number 215113-A).
Chapter 3 System Configuration If DHCP is enabled, (default setting is “Enable,” page 48) and a DHCP server is located on the network, then the access point will automatically be assigned an IP address when booted. To access the Access Point 2220/2221’s management interface, enter the IP address of the device in your Web browser: http://192.168.168.10 The Web management window will appear. Setup Wizard Note: Both 802.11a and 802.
Chapter 3 System Configuration 27 Figure 3 Login screen 2 The home page displays the Main Menu (Figure 4). Figure 4 Main Menu 3 Click “Setup Wizard” to open the “1-2-3” Setup Wizard (Figure 5).
Chapter 3 System Configuration Figure 5 Setup Wizard screen 4 Click the “Next” button to start basic configuration (Figure 6). SSID – The Service Set ID. This should be set to the same value as other wireless devices in your network. (Default: Nortel) Note: The SSID is case sensitive and can consist of up to 32 alphanumeric characters.
Chapter 3 System Configuration 29 Channel Note: Both 802.11a and 802.11b radios are turned off on your Nortel Networks Wireless LAN Access Point 2220/2221. You must configure your Access Point 2220/2221 for your country before turning on the 802.11a and 802.11b radios. For information on country-specific configuration, refer to Country-specific Configuration for the Nortel Networks Wireless LAN Access Point 2220/2221 (part number 215293-B). Go to http://support.nortelnetworks.
Chapter 3 System Configuration 802.11b: Set the operating radio channel number (Default: channel 11) Note: Available channel settings are limited by local regulations which determine which channels are available (Figure 7). Figure 7 Channel screen IP Configuration DHCP Client: With DHCP (Dynamic Host Configuration Protocol) Client enabled, the IP address, subnet mask, default gateway, and DNS address can be dynamically assigned to the access point by an external network DHCP server on the network.
Chapter 3 System Configuration 31 Figure 8 TCP/IP Settings screen Security WEP – Wired Equivalent Privacy (WEP) is implemented in this device to prevent unauthorized access to your wireless network (Figure 9). Authentication Type: Click on the “Shared Key” radio button to start filtering the frames with the addresses defined in the “Shared Key Setup” field. Enabling the shared key gives the option to encrypt the data.
Chapter 3 System Configuration Figure 9 Security screen The Access Point 2220/2221 supports “Shared Key” encryption with key lengths of the standard 64-bit and industry standard 128-bit. The bit key can be in alphanumeric characters, or hexadecimal numerals (0-9, A-F, e.g., D7 0A 9C 7F E5.) All wireless devices must have the same Key ID values to communicate. 64-Bit Manual Entry Key 1-4 - Each Key ID contains 10 HEX digits, or 5 alphanumeric characters.
Chapter 3 System Configuration 33 Note: You must use the Advanced screens to do 152-bit encryption, which is available only on 802.11a. Advanced Setup Click “Advanced Setup” on the Home page to open the Advanced Setup page. (Figure 10). Figure 10 Advanced Setup screen Note: The “Advanced Setup” screen allows you to view and change the current configuration of the access point. After modifying the configuration parameters, you must click on the “Apply” button to save the changes.
Chapter 3 System Configuration System Identification System Name: You can easily identify the access point by providing a descriptive name. Enter a maximum of 32 characters in the System Name field (Figure 11). SSID: The SSID (Service Set Identification) is the name of a Basic Service Set (BSS) provided by an access point. Clients that want to connect to the wireless network via an access point must set their SSIDs to the same as that of the access point. (SSID Default: Nortel).
Chapter 3 System Configuration 35 TCP / IP Settings Figure 12 TCP/IP Settings screen Note: You must disable DHCP for the manual TCP/IP addresses to be accepted (Figure 12). DHCP Client: With DHCP (Dynamic Host Configuration Protocol) Client enabled, the IP address, subnet mask and default gateway can be dynamically assigned to the access point by the network DHCP server.
Chapter 3 System Configuration RADIUS Figure 13 RADIUS screen Remote Authentication Dial-in User Service (RADIUS) is a logon authentication protocol that uses software running on a central server to control access to RADIUS-compliant devices on the network. It allows a wireless access point to send the connection parameters to a RADIUS server.
Chapter 3 System Configuration 37 Timeout – The number of seconds the access point waits for a reply from the RADIUS server before it resends the request. (Range: 1-60; Default: 5) Retransmit attempts – Number of times the access point will try to authenticate logon access via the authentication server. (Range: 1-30; Default: 3) PPPoE Settings Figure 14 PPPoE Setup screen Enter the PPPoE user name and password assigned by your Service Provider (Figure 14).
Chapter 3 System Configuration Authentication Figure 15 Authentication screen Management access will be checked against the authentication database stored on the access point (Figure 15). If a remote authentication server is used, you must specify the authentication sequence and the corresponding parameters (see “RADIUS” on page 36) for the remote authentication protocol. MAC Authentication (Default: Local MAC) Selecting the MAC authentication allows you to define access permission and precedence.
Chapter 3 System Configuration 39 802.1x Setup Click the “Supported” or “Required” radio button on the 802.1x Setup field when using the Radius MAC authentication. Table 2 802.1x Setup Field Defaults Description Broadcast Key Refresh Rate 0 (in minutes) Defines how long the radius server will refresh the primary broadcast key Session Key Refresh Rate 0 (in minutes) Defines how long the radius server will dynamically re-assign a session key to a connected client station. 802.
Chapter 3 System Configuration Filter Control Figure 16 Filter Control screen Local Bridge Filter Using this filter function (Figure 16) prevents direct node-to-node connection through the Access Point 2220/2221, for a more secure wireless network. The Local Bridge Filter does not restrict ad hoc connections between clients. (Default: Disable) AP Management Filter The administration management can be protected with AP Management Filter.
Chapter 3 System Configuration 41 Ethernet Type Filter Use the “Ethernet Type Filter” table to filter out Ethernet packet frames matching Ethernet protocol type. (Default: Disable) SNMP Figure 17 SNMP screen Use this screen to display and enter a community string for the Simple Network Management Protocol (SNMP). To communicate with the access point, the SNMP agent must first be enabled, and the Network Management Station must submit a valid community string for authentication (Figure 17).
Chapter 3 System Configuration Community Name (Read/Write) - Specifies a community string with read-write access. Authorized management stations are able to both retrieve and modify MIB objects. (Maximum length: 23 characters) Trap Destination IP Address - Fill in the IP address box for a trap manager that will receive these messages. Trap Destination Community Name - Fill in the community string box for a trap manager that will receive these messages.
Chapter 3 System Configuration 43 Change Password Use this section to change the password on the access point (Figure 18). Firmware Upgrade Note: You must disable the radios prior to upgrading the Access Point 2220/2221 or the upgrade may not occur. Local - Click “Browse” to locate the downloaded firmware file and click “Start Upgrade” to start the upgrade process. Remote - Select FTP or TFTP, and enter firmware file name, the host IP address, user name, and password.
Chapter 3 System Configuration System Log Figure 19 System Log screen The System Log Setup (Figure 19) allows you to setup a log server with various logging level (as shown on the above screen). (Default: Disable) SNTP Server Allows you to enter Simple Network Time Protocol (SNTP) Server information for a primary and secondary SNTP Server. (Default: Enable) You may also set your time zone and daylight savings information (as shown on the above screen).
Chapter 3 System Configuration 45 Radio Interface B Note: Both 802.11a and 802.11b radios are turned off on your Nortel Networks Wireless LAN Access Point 2220/2221. You must configure your Access Point 2220/2221 for your country before turning on the 802.11a and 802.11b radios. For information on country-specific configuration, refer to Country-specific Configuration for the Nortel Networks Wireless LAN Access Point 2220/2221 (part number 215293-B). Go to http://support.nortelnetworks.
Chapter 3 System Configuration Radio Channel The radio channel (Figure 20) is the channel number used for communication between the access point and its BSS. (Default: channel 11) Note: The available channel settings are limited by local regulations, which determine the number of channels that are available. (For more information specific to each country’s configuration, refer to Country-specific Configuration for the Nortel Networks Wireless LAN Access Point 2220/2221 (part number 215293-B).
Chapter 3 System Configuration 47 The DTIM is the interval between two synchronous frames with broadcast information. If you set the value to 2, the access point saves broadcast and multicast packets and forwards them after every second beacon. Having smaller DTIM intervals delivers broadcast and multicast frames in a more timely manner; however, by causing stations in Power Save mode to wake up more often, smaller DTIM intervals drain power faster.
Chapter 3 System Configuration Security WEP (Wired Equivalent Privacy) Figure 21 Security screen WEP is implemented in this device to prevent unauthorized access to your wireless network (Figure 21). The WEP setting must be the same on each client in your wireless network. Authentication Type Setup You may choose either “Open System” or “Shared Key.” (Default: Open System) If Shared Key is enabled, WEP should be enabled and at least one shared key should be defined.
Chapter 3 System Configuration 49 Data Encryption You may choose “Enable” to enhance your network security with WEP data encryption (Default: Disable) If Shared Key is enabled, WEP should be enabled and at least one shared key should be defined. Standard Key Setup (WEP Default: 128) Default Shared Key – Choose the Shared Key that has the encryption string you prefer (Key 1-3). The access point supports “Shared Key” encryption with key lengths of the standard 64-bit and industry standard 128-bit.
Chapter 3 System Configuration Radio Interface A Note: Both 802.11a and 802.11b radios are turned off on your Nortel Networks Wireless LAN Access Point 2220/2221. You must configure your Access Point 2220/2221 for your country before turning on the 802.11a and 802.11b radios. For information on country-specific configuration, refer to Country-specific Configuration for the Nortel Networks Wireless LAN Access Point 2220/2221 (part number 215293-B). Go to http://support.nortelnetworks.
Chapter 3 System Configuration 51 Turbo Mode You may either “Enable” or “Disable” the “Turbo Mode.” (Default: Disable) “Turbo Mode” is an enhanced wireless LAN operating mode (not regulated in the standard IEEE 802.11a) that can provide a higher data rate. The “Normal Mode” of the 802.11a access point provides connections up to 54 Mbps. Enabling “Turbo Mode” on the 802.11a access point allows the access point to provide connections up to 108 Mbps (Figure 22).
Chapter 3 System Configuration Transmit Power Set the signal strength transmitted from the access point. The longer the transmission distance, the higher the transmission power required. (Default: 100%) Maximum Station Data Rate Select the appropriate data rate from the drop-down list for the data transfer speed running on your network. (Default: 54 Mbps) Note: Nortel Networks recommends that you do not change any default settings. Beacon Interval (20-1000) Sets the beacon signal interval.
Chapter 3 System Configuration 53 RTS Threshold (0-2347) Set the RTS (Request to Send) frame length. You may configure the access point to initiate an RTS frame sequence always, never, or only on frames longer than a specified length. If the packet size is smaller than the preset RTS threshold size, the RTS/CTS mechanism will NOT be enabled When the RTS/CTS mechanism is enabled, the access point sends Request to Send (RTS) frames to a particular receiving station to negotiate the sending of a data frame.
Chapter 3 System Configuration Security WEP (Wired Equivalent Privacy) Figure 23 Security screen Authentication Type Setup You may choose either “Open System” or “Shared Key.” (Default: Open System) If Shared Key is enabled, WEP is automatically enabled and at least one shared key must be defined (Figure 23).
Chapter 3 System Configuration 55 Data Encryption You may choose “Enable” to enhance your network security with WEP data encryption (Default: Disable) If Shared Key is enabled, WEP is automatically enabled and at least one shared key must be defined. Standard Key Setup (WEP Default: 128) Default Shared Key – Choose the Shared Key that has the encryption string you prefer (Key 1-3).
Chapter 3 System Configuration Status Figure 24 Status screen Clicking on the “Status” radio button on the home page displays additional information about the access point status and station status as shown in the following section (Figure 24).
Chapter 3 System Configuration 57 Access Point Status Figure 25 AP Status screen On the Status page, click “AP Status” to view the access point system configuration and access point wireless configuration (Figure 25).
Chapter 3 System Configuration Station Status Figure 26 Station Status screen Click “Station Status” to view connected station configuration (Figure 26). The “Station Statistics” page displays basic connection information for all associated stations. The page is automatically refreshed every five seconds.
Chapter 3 System Configuration 59 Event Logs Figure 27 Event Logs screen Click “Event Logs” to display the activity logs of the access point (Figure 27).
Chapter 3 System Configuration 214853-B
Appendix A Specifications This appendix provides technical specifications for the Access Point 2220/2221. Available Channels Available channels will vary according to current local regulations. For information on configuring the Nortel Networks Wireless LAN Access Point 2220/2221 for the country you are in, go to http://support.nortelnetworks.com/ , select “Wireless LAN” and then “WLAN Access Point 2220” or “WLAN Access Point 2221”.
Appendix A Specifications Power supply Input: 100-240 VAC, 50-60 Hz; Output: 5 VDC, 3 A Power over Ethernet (POE) circuitry: Input voltage 48 VDC, 12.95W maximum Output Power Maximum power setting will vary according to current local regulations. Physical Size 20.5 x 13.6 x 4 cm, (8.07 x 5.35 x 1.58 in) Weight 700 grams (1.5 lbs.
Appendix A Specifications 63 Humidity 5% to 95% (non-condensing) Compliance Standards Safety: UL 60950 CAN/CSA-22.2 No. 60950 IEC 60950/EN60950, CB certificate and report with all national deviations Radio Approvals: FCC Part 15.247 (2.4 GHz) FCC Part 15.401-15.407 (5 GHz) RSS-139-1, RSS-210 (Canada) EN 300.329 (Europe, 2.4 GHz) EN 301.893 (Europe, 5 GHz) EMI and Susceptibility (Class B): FCC Part 15.107 and 15.109 ICES-003 (Canada) EN 301.489-1 and -17 (Europe) Other: IEEE 802.11a and 802.
Appendix A Specifications 214853-B
Appendix B Template for placing the Access Point 2220/2221 The template on the next page can be used to assist in positioning the Access Point 2220/2221. Mark where the wall-mount screws should go. For proper ventilation, allow at least 1 inch (2.54 centimeters) clearance around the ventilation holes on your Access Point 2220/2221. Note: Because of variations that exist from printer to printer, please verify that the template matches the mounting holes on the Access Point 2220/2221.
Appendix C Mounting the Access Point 2220/2221 on a Drop Ceiling You can mount the Nortel Networks Wireless LAN Access Point 2220/2221 on a drop ceiling (sometimes referred to as an acoustic or suspended ceiling) using the optional mounting bracket (Figure 28). The bracket attaches to a drop ceiling T-rail and provides a mounting surface for the Access Point 2220/2221.
Appendix C Mounting the Access Point 2220/2221 on a Drop Ceiling Attaching the mounting bracket to a drop ceiling To attach the mounting bracket to a drop ceiling: 1 Loosen the two washer nuts to allow the T-rail clamps to slide freely. Do not remove the washer nuts. 2 Place the mounting bracket in the desired location and position the T-rail clamps around the drop ceiling T-rail. 3 Holding the T-rail clamps in place around the T-rail, tighten both washer nuts securely.
