Installation Guide
Table Of Contents
- PMP 450i and PTP 450i Configuration and User Guide
- Safety and regulatory information
- Contents
- List of Figures
- List of Tables
- About This Configuration and User Guide
- Chapter 1: Reference information
- Chapter 2: Configuration
- Preparing for configuration
- Task 1: Connecting to the unit
- Task 2: Configuring IP and Ethernet interfaces
- Configuring the AP IP interface
- NAT, DHCP Server, DHCP Client and DMZ in SM
- Configuring the SM IP interface with NAT disabled
- Configuring the SM IP interface with NAT enabled
- NAT tab of the SM with NAT disabled
- NAT tab of the SM with NAT enabled
- Reconnecting to the management PC
- VLAN Remarking and Priority bits configuration
- VLAN tab of the AP
- VLAN tab of the SM
- VLAN Membership tab of the SM
- PPPoE tab of the SM
- NAT Port Mapping tab of the SM
- Task 3: Upgrading the software version and using CNUT
- Task 4: Configuring General and Unit settings
- Task 5: Configuring security
- Isolating APs from the internet
- Encrypting radio transmissions
- Managing module access by passwords
- Requiring SM Authentication
- Filtering protocols and ports
- Encrypting downlink broadcasts
- Isolating SMs
- Filtering management through Ethernet
- Allowing management only from specified IP addresses
- Configuring management IP by DHCP
- Restricting radio Telnet access over the RF interface
- Security tab of the AP
- Filtering protocols and ports
- Protocol Filtering tab of the AP
- Port configuration tab of the AP
- Security tab of the SM
- Protocol Filtering tab of the SM
- Port Configuration tab of the SM
- Task 6: Configuring radio parameters
- Task 7: Setting up SNMP agent
- Task 8: Configuring syslog
- Task 9: Configuring remote access
- Task 10: Monitoring the AP-SM Link
- Task 11: Configuring quality of service
- Maximum Information Rate (MIR) Parameters
- Token Bucket Algorithm
- MIR Data Entry Checking
- Committed Information Rate (CIR)
- Bandwidth from the SM Perspective
- Interaction of Burst Allocation and Sustained Data Rate Settings
- High-priority Bandwidth
- Traffic Scheduling
- Setting the Configuration Source
- Quality of Service (QoS) tab of the AP
- DiffServ tab of the AP
- Quality of Service (QoS) tab of the SM
- DiffServ tab of the SM
- Task 12: Performing an Sector Wide SA
- Task 13: Zero Touch Configuration Using DHCP Option 66
- Task 14: Configuring Radio via config file
- Task 15: Configuring a RADIUS server
- Understanding RADIUS for PMP 450i
- Choosing Authentication Mode and Configuring for Authentication Servers - AP
- SM Authentication Mode – Require RADIUS or Follow AP
- Handling Certificates
- Configuring your RADIUS servers for SM authentication
- Assigning SM management IP addressing via RADIUS
- Configuring your RADIUS server for SM configuration
- Using RADIUS for centralized AP and SM user name and password management
- RADIUS Device Data Accounting
- RADIUS Device Re-authentication
PMP 450i and PTP 450i Configuration and User
Task 2: Configuring IP and Ethernet interfaces
Attribute Meaning
VLAN Aging
Timeout
Specify how long the AP must keep dynamically learned VIDs. The
range of values is 5 to
1440
(minutes). The default value is
25
(minutes).
VIDs that you enter for the Management VID and VLAN
Membership parameters do not time out.
Management
VID
Enter the VID that the operator wishes to use to communicate with
the module manager. The range of values is 1 to 4095. The default
value is 1.
QinQ EtherType
Modules can be configured with 802.1ad Q-in-Q DVLAN (Double-
VLAN) tagging which is a way for an operator to put an 802.1Q VLAN
inside of an 802.1ad VLAN. A nested VLAN, which is the original
802.1Q tag and a new second 802.1ad tag, allows for bridging of
VLAN traffic across a network and segregates the broadcast domains
of 802.1Q VLANs. Q-in-Q can be used with PPPoE and/or NAT.
The 802.1ad standard defines the S-VLAN as the Service Provider
VLAN and the C-VLAN as the customer VLAN. The radio software
does 2 layer Q-in-Q whereby the C-VLAN is the 802.1Q tag and the S-
VLAN is the second layer Q tag as shown below:
Table 16 Q-in-Q Ethernet frame
Ethernet Header
S-VLAN
EthType 0x88a8
C-VLAN
EthType 0x8100
IP Data EthType 0x0800
The 802.1ad S-VLAN is the outer VLAN that is configurable on the
Configuration => VLAN web page of the AP. The Q-in-Q EtherType
parameter is configured with a default EtherType of 0x88a8 in
addition to four alternate EtherTypes that can be configured to aid in
interoperability with existing networks that use a different EtherType
than the default.
The C-VLAN is the inner VLAN tag, which is the same as 802.1Q. As a
top level concept, this operates on the outermost tag at any given
time, either “pushing” a tag on or “popping” a tag off. This means
packets will at most transition from an 802.1Q frame to an 801.ad
frame (with a tag “pushed” on) or an untagged 802.1 frame (with the
tag “popped” off. Similarly, for an 802.1ad frame, this can only
transition from an 802.1ad frame to an 802.1Q frame (with the tag
“popped” off) since the radio software only supports 2 levels of tags
44
pmp-0957 (April 2015)