Installation Guide
Table Of Contents
- PMP 450i and PTP 450i Configuration and User Guide
- Safety and regulatory information
- Contents
- List of Figures
- List of Tables
- About This Configuration and User Guide
- Chapter 1: Reference information
- Chapter 2: Configuration
- Preparing for configuration
- Task 1: Connecting to the unit
- Task 2: Configuring IP and Ethernet interfaces
- Configuring the AP IP interface
- NAT, DHCP Server, DHCP Client and DMZ in SM
- Configuring the SM IP interface with NAT disabled
- Configuring the SM IP interface with NAT enabled
- NAT tab of the SM with NAT disabled
- NAT tab of the SM with NAT enabled
- Reconnecting to the management PC
- VLAN Remarking and Priority bits configuration
- VLAN tab of the AP
- VLAN tab of the SM
- VLAN Membership tab of the SM
- PPPoE tab of the SM
- NAT Port Mapping tab of the SM
- Task 3: Upgrading the software version and using CNUT
- Task 4: Configuring General and Unit settings
- Task 5: Configuring security
- Isolating APs from the internet
- Encrypting radio transmissions
- Managing module access by passwords
- Requiring SM Authentication
- Filtering protocols and ports
- Encrypting downlink broadcasts
- Isolating SMs
- Filtering management through Ethernet
- Allowing management only from specified IP addresses
- Configuring management IP by DHCP
- Restricting radio Telnet access over the RF interface
- Security tab of the AP
- Filtering protocols and ports
- Protocol Filtering tab of the AP
- Port configuration tab of the AP
- Security tab of the SM
- Protocol Filtering tab of the SM
- Port Configuration tab of the SM
- Task 6: Configuring radio parameters
- Task 7: Setting up SNMP agent
- Task 8: Configuring syslog
- Task 9: Configuring remote access
- Task 10: Monitoring the AP-SM Link
- Task 11: Configuring quality of service
- Maximum Information Rate (MIR) Parameters
- Token Bucket Algorithm
- MIR Data Entry Checking
- Committed Information Rate (CIR)
- Bandwidth from the SM Perspective
- Interaction of Burst Allocation and Sustained Data Rate Settings
- High-priority Bandwidth
- Traffic Scheduling
- Setting the Configuration Source
- Quality of Service (QoS) tab of the AP
- DiffServ tab of the AP
- Quality of Service (QoS) tab of the SM
- DiffServ tab of the SM
- Task 12: Performing an Sector Wide SA
- Task 13: Zero Touch Configuration Using DHCP Option 66
- Task 14: Configuring Radio via config file
- Task 15: Configuring a RADIUS server
- Understanding RADIUS for PMP 450i
- Choosing Authentication Mode and Configuring for Authentication Servers - AP
- SM Authentication Mode – Require RADIUS or Follow AP
- Handling Certificates
- Configuring your RADIUS servers for SM authentication
- Assigning SM management IP addressing via RADIUS
- Configuring your RADIUS server for SM configuration
- Using RADIUS for centralized AP and SM user name and password management
- RADIUS Device Data Accounting
- RADIUS Device Re-authentication
Task 5: Configuring security PMP 450i and PTP 450i Configuration and User
Guide
Attribute Meaning
Upload Certificate
File
To upload a certificate manually to a SM, first load it in a
known place on your PC
or
network
drive, then click on a
Delete button on one of the Certificate description blocks to
delete a certificate to provide space for your certificate. Click
on Choose File, browse to
the
location of the certificate, and
click the Import Certificate button, and then reboot the radio
to use the new certificate.
When a certificate is in use, after the SM successfully registers
to an AP, an indication of In
Use
will appear in the description
block of the certificate being
used.
The public certificates installed on the SMs are used with the
private certificate on the
RADIUS
server to provide a
public/private key encryption
system.
Up to 2 certificates can be resident on a SM. An installed
certificate can be deleted
by
clicking the Delete button in the
certificate’s description block on the Configuration >
Security
tab. To restore fhe 2 default certificates, click the Use Default
Certificates button in
the
RADIUS Certificate Settings
parameter block and reboot the
radio.
Encryption Setting Specify the type of airlink security to apply to this SM. The
encryption setting must match the encryption setting of the AP.
None provides no encryption on the air link.
DES (Data Encryption Standard): An over-the-air link
encryption option that uses secret 56-bit keys and 8 parity bits.
DES performs a series of bit permutations, substitutions, and
recombination operations on blocks of data. DES encryption
does not affect the performance or throughput of the system.
AES (Advanced Encryption Standard): An over-the-air link
encryption option that uses the Rijndael algorithm and 128-bit
keys to establish a higher level of security than DES. AES
products are certified as compliant with the Federal Information
Processing Standards (FIPS 197) in the U.S.A.
Web, Telnet, FTP
Session Timeout
Enter the expiry in seconds for remote management sessions via
HTTP, telnet, or FTP access to the SM.
pmp-0957 (April 2015) 103