Installation Guide
Table Of Contents
- PMP 450i and PTP 450i Configuration and User Guide
- Safety and regulatory information
- Contents
- List of Figures
- List of Tables
- About This Configuration and User Guide
- Chapter 1: Reference information
- Chapter 2: Configuration
- Preparing for configuration
- Task 1: Connecting to the unit
- Task 2: Configuring IP and Ethernet interfaces
- Configuring the AP IP interface
- NAT, DHCP Server, DHCP Client and DMZ in SM
- Configuring the SM IP interface with NAT disabled
- Configuring the SM IP interface with NAT enabled
- NAT tab of the SM with NAT disabled
- NAT tab of the SM with NAT enabled
- Reconnecting to the management PC
- VLAN Remarking and Priority bits configuration
- VLAN tab of the AP
- VLAN tab of the SM
- VLAN Membership tab of the SM
- PPPoE tab of the SM
- NAT Port Mapping tab of the SM
- Task 3: Upgrading the software version and using CNUT
- Task 4: Configuring General and Unit settings
- Task 5: Configuring security
- Isolating APs from the internet
- Encrypting radio transmissions
- Managing module access by passwords
- Requiring SM Authentication
- Filtering protocols and ports
- Encrypting downlink broadcasts
- Isolating SMs
- Filtering management through Ethernet
- Allowing management only from specified IP addresses
- Configuring management IP by DHCP
- Restricting radio Telnet access over the RF interface
- Security tab of the AP
- Filtering protocols and ports
- Protocol Filtering tab of the AP
- Port configuration tab of the AP
- Security tab of the SM
- Protocol Filtering tab of the SM
- Port Configuration tab of the SM
- Task 6: Configuring radio parameters
- Task 7: Setting up SNMP agent
- Task 8: Configuring syslog
- Task 9: Configuring remote access
- Task 10: Monitoring the AP-SM Link
- Task 11: Configuring quality of service
- Maximum Information Rate (MIR) Parameters
- Token Bucket Algorithm
- MIR Data Entry Checking
- Committed Information Rate (CIR)
- Bandwidth from the SM Perspective
- Interaction of Burst Allocation and Sustained Data Rate Settings
- High-priority Bandwidth
- Traffic Scheduling
- Setting the Configuration Source
- Quality of Service (QoS) tab of the AP
- DiffServ tab of the AP
- Quality of Service (QoS) tab of the SM
- DiffServ tab of the SM
- Task 12: Performing an Sector Wide SA
- Task 13: Zero Touch Configuration Using DHCP Option 66
- Task 14: Configuring Radio via config file
- Task 15: Configuring a RADIUS server
- Understanding RADIUS for PMP 450i
- Choosing Authentication Mode and Configuring for Authentication Servers - AP
- SM Authentication Mode – Require RADIUS or Follow AP
- Handling Certificates
- Configuring your RADIUS servers for SM authentication
- Assigning SM management IP addressing via RADIUS
- Configuring your RADIUS server for SM configuration
- Using RADIUS for centralized AP and SM user name and password management
- RADIUS Device Data Accounting
- RADIUS Device Re-authentication
PMP 450i and PTP 450i Configuration and User
Task 15: Configuring a RADIUS server
Attribute Meaning
Authentication
Server 5 (BAM
Only)
Radius Port This field allows the operator to configure a custom port for RADIUS
server communication. The default value is
1812
.
Authentication Key The authentication key is a 32-character hexadecimal string used
when Authentication Mode is set to AP Pre-Shared Key. By
default, this key is set to
0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF.
Selection Key This option allows operators to choose which authentication key is
used:
Use Key above means that the key specified in Authentication
Key is used for authentication
Use Default Key means that a default key (based off of the SM’s
MAC address) is used for authentication
Encryption Key Specify the type of airlink security to apply to this AP. The
encryption setting must match the encryption setting of the SMs.
None provides no encryption on the air link.
DES (Data Encryption Standard): An over-the-air link encryption
option that uses secret 56-bit keys and 8 parity bits. DES performs a
series of bit permutations, substitutions, and recombination
operations on blocks of data. DES encryption does not affect the
performance or throughput of the system.
AES (Advanced Encryption Standard): An over-the-air link
encryption option that uses the Rijndael algorithm and 128-bit keys
to establish a higher level of security than DES. AES products are
certified as compliant with the Federal Information Processing
Standards (FIPS 197) in the U.S.A.
SM Display of AP
Evaluation Data
You can use this field to suppress the display of data about this AP
on the AP Evaluation tab of the Tools page in all SMs that register.
Web, Telnet, FTP
Session Timeout
Enter the expiry in seconds for remote management sessions via
HTTP, telnet, or ftp access to the AP.
IP Access Control You can permit access to the AP from any IP address (IP Access
Filtering Disabled) or limit it to access from only one, two, or three
IP addresses that you specify (IP Access Filtering Enabled). If you
select IP Access Filtering Enabled, then you must populate at
least one of the three Allowed Source IP parameters or have no
access permitted from any IP address
Allowed Source IP
1
If you selected IP Access Filtering Enabled for the IP Access
Control parameter, then you must populate at least one of the three
188
pmp-0957 (April 2015)