Revision: 1.
© Copyright 2007 Compex Systems Pte Ltd All Rights Reserved This document contains information, which is protected by copyright. Reproduction, adaptation or translation without prior permission is prohibited, except as allowed under the copyright laws. Trademark Information Compex® is a registered trademark of Compex, Inc. Microsoft Windows and the Windows logo are the trademarks of Microsoft Corp. NetWare is the registered trademark of Novell Inc.
FCC Compliance Statement: This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: This device may not cause harmful interference, and This device must accept any interference received, including interference that may cause undesired operation. RF Exposure warning The equipment complies with FCC RF exposure limits set forth for an uncontrolled environment. The equipment must not be co-located or operating in conjunction with any other antenna or transmitter.
Table of Contents OVERVIEW THE PRODUCT .............................................................. 6 Introduction ................................................................................................... 6 Features and Benefits................................................................................... 7 When to Use Which Mode........................................................................... 9 Access Point Mode.....................................................................
Setup your WAN .......................................................................................... 68 Setup Telnet / SSH ....................................................................................... 76 Access the TELNET Command Line Interface..................................... 78 Access the Secure Shell Host Command Line Interface .................. 79 Set the WEB Mode ...................................................................................... 80 Setup SNMP.....................
SECURE YOUR WIRELESS LAN.....................................................140 Setup WEP .................................................................................................. 141 Setup WPA-Personal ................................................................................. 142 Setup 802.1x/RADIUS ................................................................................ 144 Setup WPA Enterprise ...............................................................................
Overview the Product Introduction The Wireless 54Mbps Outdoor Access Point is a high-performance AP designed for enterprise and outdoor users. The access point is compatible with IEEE 802.11 and supports high-speed data transmission of up to 54Mbps. This equips the access point with network robustness, stability and wider network coverage. Housed in a weatherproof casing, the access point is designed to withstand any outdoor climatic conditions, making it the ideal solution for outdoor applications.
Features and Benefits • Point-to-Point & Point-to-MultiPoint Support Point-to-Point and Point-to-MultiPoint communication between different buildings enables you to bridge wireless clients that are kilometres apart while unifying the networks. • Virtual AP (Multiple SSID) Virtual AP implements mSSID (Multi-SSID) This allows a single wireless card to be set up with multiple virtual AP connections with different SSIDs or BSSID (Basic Service Set Identifier) and security modes.
• STP Spanning-Tree Protocol provides path redundancy while preventing undesirable loops in the network. It forces certain redundant data paths into a standby (blocked) state. If one network segment in the Spanning-Tree Protocol becomes unreachable, or if Spanning-Tree Protocol costs change, the spanning-tree algorithm reconfigures the spanning-tree topology and re-establishes the link by activating the standby path. • HTTPS The access point supports HTTPS (SSL) in addition to the standard HTTP.
When to Use Which Mode Access Point Mode The Access Point Mode is the default mode of the access point and enables the bridging of wireless clients to access the wired network infrastructure and also enables their communication with each other. In this example the wireless users are able to access the file server connected to the switch, through the access point in Access Point Mode.
Access Point Client Mode In Access Point Client Mode the device acts as a wireless client. When connected to an access point, it creates a network link between the Ethernet network connected at this client device, and the wireless Ethernet network connected at the access point. In this mode it can only connect with another access point.
Wireless Routing Client Mode In Wireless Routing Client Mode the Ethernet port of the access point may be used to connect with other devices on the network while Internet access would be provided through wireless communication with a wireless ISP.
Gateway Mode In Gateway Mode, the access point supports several types of broadband connections in a wireless network after you have identified the type of broadband Internet access you are subscribed to.
Broadband Internet Access Type: Static IP Address Use Static IP Address if you have subscribed to a fixed IP address or to a range of fixed IP addresses from your ISP.
Wireless Adapter Mode In Wireless Adapter Mode, the access point can communicate wirelessly with another access point to perform transparent bridging between 2 networks, like in the Access Point Client Mode. In this mode, however, the wireless adapter connects to a single workstation only. No client software or drivers are required to use this mode. Optional additional feature: Point-to-Point connection in this operation mode is also supported if you specifically wish to connect with an access point only.
Transparent Client Mode In Transparent Client Mode, the access point provides connection with an access point * acting as the RootAP. This operation is designed for the implementation of Point-to-Point and Point-to-Multipoint connections. Point-to-Point An access point acts as Root AP and 1 other access point acts as Transparent Client. Point-to-MultiPoint An access point acts as Root AP and several other access point acts as Transparent Clients.
Difference Between other client modes and Transparent Client Mode Other client modes Transparent Client Mode Connectivity with any standard Connectivity with RootAP-supported APs. APs. All devices connected to the Devices connected to the Ethernet Ethernet ports use a common ports flow through freely and MAC address for communications transparently without the MAC with the AP. address restriction.
Panel Views and Description 1 Features POWER LED Status and Indication Steady Power is supplied to the device. Red Off No power is supplied to the device. 2 10 ACT LED Steady Red The respective port has successfully connected to the access point. Blinking The respective receiving data. Off No connection is established. Steady Red The respective port has successfully connected to the access point. Blinking Red The respective receiving data. Off No connection is established.
4 WLAN LED 5 6 WAN Conn LED DIAG LED 7 LAN 8 SURGE ARRESTOR 10 RESET BUTTON Steady Wireless interface up and running. Red Ready for operation. Flashing Activity is detected in the wireless network. Red Flashing Data transmission at WAN connection. Red Flashing It indicates that the firmware is corrupted. Red Connection for computer with NIC (Network Interface Card) or Ethernet network card. Device is power up with PoE on this LAN port. Connect to a ground wire. To reboot, press once.
Install the Hardware This section will show you how to install the hardware of the access point. • Antenna Alignment The antenna alignment of the access point must first be considered to ensure that the signal is strong. • Installation Direction After considering the antenna alignment, the direction in which the access point is facing must be considered to ensure that the signal is actually being directed to the receiving end.
Antenna Alignment The physical environment of the antenna must be examined when aligning the antenna. Obstructions, available mounting locations, and other factors must be considered. Many objects such as forests, buildings, and hills, can obstruct the antenna, reducing the signal strength. The antenna can be installed at a height above such obstructions, and aligned so that antennas are directed at each other by taking into account the horizontal angle and the vertical angle of the antenna signal.
Installation Direction The directional antenna radiates the signal towards the front of the unit. The unit should be installed in a position whereby the front of the unit faces the direction you wish to send the signal to. Therefore the direction you wish to send the signal to has to be considered before going on to the next step of starting to set up the access point.
Setup Requirements • • • CAT5/5e Networking Cable. At least 1 computer installed with a web browser and a wired or wireless network interface adapter. All network nodes installed with TCP/IP and properly configured IP address parameters. Setting Up You can install your access point on a pole. The mounting method will be described as shown below.
Mount the Unit on a Pole Align the mount metal bracket horizontally to the access point as shown in figure. Attach the U shape metal to the mount metal along with two screws. Now the access point can be mount to the pole. Connect one end of an RJ45 Ethernet cable to the LAN OUT port of the Injector and the other end to LAN of the access point. Maximum length of the RJ45 Category 5 cable is 100 meters*. * up to 200mW radio. For higher power radio need upgrade to higher rating power adapter.
Connect the RJ45 Ethernet cable attached to the PoE Injector to a network device, such as to a switch or to the PC you will use to configure the access point. PoE power input: 7A and 7C use Passive PoE (range 12V – 24V DC) Connect the power adapter in the PoE kit to the main electrical supply and the power plug into the socket of the injector. Now, turn on your power supply. Notice that the POWER LED has lighted up.
Configure the IP Address After setting up the hardware you need to assign an IP address to your PC so that it is in the same subnet as the access point. For Windows 95/98/98SE/ME/NT Step 1: From your desktop, right-click the Network Neighborhood icon and select Properties. Step 2: Select the network adapter that you are using, then right-click and select Properties. Step 3: Highlight TCP/IP and Properties button. click on the Step 4: Select the Specify an IP address radio button.
Step 5: To verify that the IP address has been correctly assigned to your PC, go to the Start menu, select Run, and enter the command: winipcfg. Select the Ethernet adapter from the drop-down list and click OK. Your PC is now ready to communicate with the access point.
For Windows XP/2000 Step 1: Go to your desktop, right-click on the My Network Places icon and select Properties. Step 2: Right-click the network adapter icon and select Properties. Step 3: Highlight Internet Protocol (TCP/IP) and click on the Properties button. Step 4: Select the Use the following IP address radio button. Set the IP address to 192.168.168.X and subnet mask to 255.255.255.0, where X can be any number from 2 to 254. Step 5: Click on the OK button to close all windows.
Step 6: To verify that the IP address has been correctly assigned to your PC, go to the Start menu, Accessories, select Command Prompt, and type the command: ipconfig/all Your PC is now ready to communicate with your access point.
Access the Web Interface Access with uConfig The UConfig utility provides direct access to the web interface. This utility can be download from our website at www.compex.com.sg Step 1: From the Utilities section, select to install the uConfig utility to your hard disk. Step 2: After installation double-click on the uConfig icon and click on the Yes button.
Step 3: Select the access point from the products list and click on the Open Web button. To retrieve and display the latest device(s) in the list, click on the Refresh button. Step 4: Do not exit the uConfig program while accessing the web-based interface as this will disconnect you from the device. Click on the OK button.
Step 5: At the login page, press the LOG ON ! button to enter the configuration page. The default password is: password Step 6: You will then reach the home page of the access point web-based interface.
Manual access with Internet Explorer Step 1: Launch your Web browser and under the Tools tab, select Internet Options. Step 2: Open the Connections tab and in the LAN Settings section disable all the option boxes. Click on the OK button to update the changes.
Step 3: At the Address bar type in http://192.168.168.1 and press Enter on your keyboard. Step 4: At the login page, click on the LOG ON ! Button. You will then reach the home page of the access point web interface.
Perform Basic Configuration Setup Management Port At the Management Port Setup page, you may: • Set Ethernet Link Speed and duplex settings. • Automatically obtain IP address from DHCP server. The default IP 192.168.168.1 is used until a new IP is obtained. Access Point Clients also allows PCs connected to the Ethernet port to obtain IP from the DHCP server at the access point end network. • Manually define IP address Follow these steps to set Ethernet Link Speed and duplex settings.
Follow these steps to automatically obtain the IP address from DHCP server. Step 1: Click on TCP/IP Settings from Management Setup from the CONFIGURATION menu. Step 2: Select to Automatically obtain IP address. Step 3: Select to either Automatically obtain DNS server address or Use the following DNS server addresses and enter the parameters, if any.
If you choose to Use the following DNS server addresses. Step 3: Click on the Apply button to save your new parameters.
This table describes the parameters that can be modified in the Management Port Setup page if you select to Use the following DNS server addresses. Parameters Description Primary DNS Your ISP usually provides the IP address of IP Address the DNS server. Secondary This optional field is reserved for the IP DNS IP address of a secondary DNS server.
Follow these steps to manually define the IP address. Step 1: Click on TCP/IP Settings CONFIGURATION menu. from Management Setup from the Step 2: Select to Use the following IP address. In the Management Port Setup page, refer to the table below to replace the default settings of Access point with appropriate values to suit the needs of your network. The parameters are the same in routing mode. Step 3: Click on the Apply button to save your new parameters.
This table describes the parameters that can be modified in the Management Port Setup page. Parameters Description IP Address When the DHCP server of the access point is enabled (unless you set a different DHCP Gateway IP Address), this LAN IP Address would be allocated as the Default Gateway of the DHCP client. The IP address of your Access point is set by default to 192.168.168.1. Network Mask The Network Mask serves to identify the subnet in which your Access point resides.
To Setup DHCP Server There are 3 DHCP Modes: • NONE By default, DHCP Mode is set to NONE. Leave the selection at this mode if you do not wish to use DHCP. • DHCP Server Select this mode to setup a DHCP server. • DHCP Relay Select this mode to setup a DHCP relay. By default, DHCP broadcast messages do not cross router interfaces. DHCP Relay supports DHCP Clients and DHCP Servers on different networks by configuring the router to pass selective DHCP messages.
The following will guide you to setup the DHCP Server. Step 1: Click on Advanced Settings from Management Setup from the CONFIGURATION menu. Step 2: Set DHCP Mode to DHCP Server. In DHCP Server Setup, refer to the table below to set the appropriate values to suit the needs of your network. Step 3: Click on the Apply button.
This table describes the parameters that can be modified in DHCP Server Setup. Parameters Description The fields DHCP Start IP Address and DHCP End IP Address fields allow you to define the range of IP addresses from which the DHCP Server can assign an IP address to the LAN. DHCP Start IP Address This is the first IP address that the DHCP server will assign and should belong to the same subnet as the access point. For example if the access point IP address is 192.168.168.1 and the network mask is 192.168.
DHCP Gateway Address IP Though the DHCP server usually also acts as the Default Gateway of the DHCP client, the access point allows you to define a different Gateway IP Address which will be allocated as the Default Gateway IP of the DHCP client. The DHCP client will thus receive its dynamic IP address from the access point but will access to the Internet or the other LAN through the Default Gateway defined by the DHCP Gateway IP Address.
The following will guide you to setup the DHCP Relay. Step 1: Click on Advanced Settings from Management Setup from the CONFIGURATION menu. Step 2: Set DHCP Mode to DHCP Relay. In DHCP Server Setup, refer to the table below to set the appropriate values to suit the needs of your network. Step 3: Click on the Apply button.
This table describes the parameters that can be modified in DHCP Server Setup. Parameters Description DHCP Server IP This is the IP address of the DHCP server. DHCP Gateway IP Though the DHCP server usually also acts as the Default Gateway of the DHCP client, the access point allows you to define a different Gateway IP Address which will be allocated as the Default Gateway IP of the DHCP client.
View Active DHCP Leases Step 1: Select Management Setup from the CONFIGURATION menu. Step 2: Go to the Advanced DHCP Server Options section and click on the Show Active DHCP leases button. The DHCP Active Leases table displays: • The Host Name of the DHCP client. • The IP Address allocated to the DHCP client. • The Hardware (MAC) Address of the DHCP client. • The Lease Expired Time.
Reserve IP Addresses for Predetermined DHCP Clients A reserved IP address is excluded from the pool of free IP addresses the DHCP server draws on for dynamic IP address allocation. For instance if you set up a publicly accessible FTP or HTTP server within your private LAN, while that server requires a fixed IP address you would still want the DHCP server to dynamically allocate IP addresses to the rest of the PCs on the LAN.
Step 3: Fill in: The host portion of the IP Address to be reserved. The Hardware Address, in pairs of two hexadecimal values. Press the Apply button to effect your new entry. The DHCP Server Reservations page refreshes to display the currently reserved IP addresses.
Delete DHCP Server Reservation Step 1: Select the reserved IP address to delete. Step 2: Click on the Delete button. The DHCP Server Reservations table refreshes to display your changes.
Setup WLAN Configure the Basic Setup of the Wireless Mode Step 1: Select WLAN Setup from the CONFIGURATION menu and you will see the sub menus expanded under WLAN Setup, select Basic. The default operating mode of the access point is the Access Point mode. Step 2: (Optional: Change Current mode) To change the current mode of the access point click on Change, select the Operation Mode, and click on the Apply button to access the setup page of the selected mode.
Step 3: Enter the parameters in their respective fields, click on the Apply button and reboot your device to let your changes take effect. Note that the WLAN Basic Setup pages for the modes are different.
WLAN Basic Setup page Parameters The Current Mode Description The default operating mode is the Access Point mode. Operating modes: • • • • • • • Access Point Mode Client Mode Wireless Routing Client Gateway Mode Wireless Adapter Mode Transparent Client Mode Repeater Mode You can toggle the modes by clicking on the Change button. ESSID Enter a preferred name for the wireless network. Your wireless clients must be configured with the same ESSID.
Wireless Profile A selection of network environment types in which to operate the access point: • 802.11a only (Version AG) Supports wireless A clients with data rates of up to 54Mbps in the frequency range of 5GHz. • 802.11b only Supports wireless B clients with data rates of up to 11Mbps in the frequency range of 2.4GHz. • 802.11b/g mixed Supports both wireless B and G clients. • 802.11g only Supports wireless-G clients that offer transmission rates of up to 54Mbps in the 2.4GHz frequency band.
Act as RootAP The access point will connect with 1, or multiple clients to create a point-to-point and point-to-multi-point connection network with 2 or more access points. This connection mode is fully compliant with 802.1h standards. VLAN ID This is the number that identifies the different virtual network segments to which the network devices are grouped. This can be any number from 1 to 4094. Channel Survey A list of channels that are detected by your access point in the WLAN.
Scan for Site Survey (Available in Client and Wireless Routing Client modes) Step 1: In the Mode Setup page click on the Site Survey button. The Site Survey provides a list of the MAC addresses (BSSID) and SSID of neighbouring access points detected, the Chan (channels), Auth (Authentication), Alg (Algorithm) used, and the strength of the Signal received.
Step 2: To connect the client to one of the access points detected, select the radio button corresponding to the access point you want to connect to. Step 3: Click on the Apply button to effect the change and return to the setup page. Step 4: Click on the Refresh button to update the screen.
Read-Only Parameters of Neighbouring Access Points Viewable from Site Survey page Description Bssid Wireless MAC address of the access point in a wireless network infrastructure. SSID Network name that uniquely identifies the network to which the access point is connected. Chan Channel being used for transmission. Auth Types of authentication, such as WPA, WPA-Personal, etc being used by the access point. Alg Types of algorithm, such as WEP, TKIP, etc being used by the access point.
View Link Information (Available in Client and Wireless Routing Client modes) To view the connection status when the client is linked to another access point, click on the Show Link Information button.
Parameters Viewable from Link Information page Description State Displays whether the State is Scanning or Associated, and MAC address of the access point to which the client is connected. Current Channel Tx Rate Signal Strength Page 59 Channel presently being used for transmission. Rate of data transmission in Mbps. Intensity of the signal received, in percentage.
Scan for Channel Survey (Available in Access Point and Gateway modes) Channel Survey displays a list of all the channels supported by the access point, shows the relative interference of all the channels, and recommends the least congested channel. Step 1: In the Mode Setup page, click on the Channel Survey button.
Step 2: To connect the client to one of the channels detected, select the corresponding radio button. Step 3: Click on the Apply button to effect the change and return to the setup page. Step 4: Click on the Refresh button to update the screen.
Read-Only Parameters of All Channels Viewable from Channel Survey page Description Freq Frequency of the channel at which your access point is operating. Channel Channel of the access point being used for transmission depending on its origin of country. MyQuality Interference level of the respective channel with this AP. The lower the value, the less interference. If the value is zero, there is no interference. APCount Total number of access points operating at the current channel.
Align the Antenna Antenna Alignment precisely aligns the antenna over long distances for higher signal strength to improve the connection between the access point and another access point. Step 1: Select WLAN Setup from the CONFIGURATION menu. You will see the sub-menus expanded under WLAN Setup. Click on Antenna Alignment. The Antenna Alignment page can act as a diagnostic tool to check the communication with a remote device. The remote AP MAC Address is preset to all zeros by default.
NOTE If no MAC address is entered, the Antenna Alignment tool will make use of the SSID to align the antenna. Please ensure that the correct SSID is entered. If more than one access points share the same SSID, the access point with the strongest signal will be shown. Signal Strength (RSSI Value) Indicated by DIAG LED Status of DIAG LED Above 20 Stays turned on. Between 19 and 17 Flashes 6 times. Between 17 and 14 Flashes 3 times. Between 13 and 10 Flashes once. Below 10 Turns off.
Configure the Advanced Setup of the Wireless Mode Step 1: Select WLAN Setup from the CONFIGURATION menu to expand four sub-menus. From here, select Advanced. Step 2: Enter the parameters in the WLAN Advanced Setup page. Step 3: Click on the Apply button to update the changes.
Advanced Setup Parameters Beacon Interval (Only in Access Point mode) Data Beacon Rate (DTIM) (Only in Access Point mode) Description Amount of time between beacon transmissions. This tells the client when to receive the beacon. A beacon is a guidance signal sent by the access point to announce its presence to other devices in the network. How often the beacon contains a delivery traffic indication message (DTIM). The DTIM identifies which clients have data waiting to be delivered to them.
View the Statistics The Statistics feature reveals information on the wireless device connected to the WLAN. Step 1: Select WLAN Setup from the CONFIGURATION menu. The sub-menus under WLAN Setup expand, select Statistics. Wireless clients that are connected to the WLAN are shown in the WLAN Station List. Step 2: Click on the Refresh button to get the latest information on the availability of wireless clients in the wireless network.
Setup your WAN (Available in Wireless Routing Client and Gateway modes) NOTE: Any changes to the WAN Setup will only take effect after rebooting. Setup your WAN to share Internet connection among the clients of the access point. Setup your WAN for cable internet whereby WAN IP address is dynamically assigned by ISP The access point is pre-configured to support this WAN type. However, you may verify the WAN settings with the following steps: Step 1: Under CONFIGURATION on the command menu, select WAN Setup.
Note: Additional configuration might be required before your ISP will allocate an IP address to the access point. Certain ISPs require authentication through a DHCP Client ID before releasing a public IP address to you. The access point uses the System Name in the System Identity as the DHCP Client ID. Therefore if this is the case, refer to your ISP for the correct DHCP Client ID to be set and follow steps 4 - 5 to accomplish the setup.
Setup your WAN for cable internet whereby fixed WAN IP address is assigned by ISP WAN Setup Parameters Example: • IP Address: 203.120.12.240 • Network Mask: 255.255.255.0 • Gateway IP Address: 203.120.12.2 Step 1: Under CONFIGURATION on the command menu, select WAN Setup. Step 2: Access the Select WAN Type page and select Static IP Address before clicking the Apply button.
Setup your WAN for ADSL Internet using PPP over Ethernet If you subscribe to an ADSL service using PPP over Ethernet (PPPoE) authentication, you can set up your access point’s WAN type as follows. For example, you may configure an account whose username is ‘guest’ as described below: Step 1: Under CONFIGURATION on the command menu, click on WAN Setup.. Step 2: Access the Select WAN Type page and choose PPP over Ethernet before clicking the Apply button.
Step 3: Enter your account name assigned by your ISP (Example: guest) in the field for Username, followed by your account Password. Select Always-On if you want your access point to always maintain a connection with the ISP. Otherwise select On-Demand for the access point to connect to the ISP automatically when it receives Internet requests from the PCs in your network.
You can limit the maximum size a packet can be in a network by setting the MTU (Maximum Transmissible Unit). Click the MTU Button in Advanced WAN Options. The MTU Value has a range of 1 to 1492. Enter the MTU Value and click Apply.
Setup your WAN for ADSL Internet using Point-to-Point Tunneling Protocol (PPTP) WAN Setup Parameters Example: • IP Address: 203.120.12.47 • Network Mask: 255.255.255.0 • VPN Server: 203.120.12.15 Step 1: Under CONFIGURATION on the command menu, click on WAN Setup.. Step 2: Access the Select WAN Type page and select PPTP before clicking the Apply button.
Step 3: Fill in the information provided by your ISP in the IP Address, Network Mask, VPN Server, and DHCP fields, and click the Apply button. Select Reboot System under SYSTEM TOOLS and click the Reboot button to effect the settings The Idle Timeout setting allows you to specify the value in seconds after the last Internet activity by which the access point will disconnect from the ISP. A value of “0” will disable idle timeout.
Setup Telnet / SSH Telnet allows a computer to remotely connect to the access point CLI (Command Line Interface) for control and monitoring. SSH (Secure Shell Host) establishes a secure host connection to the access point CLI for control and monitoring. Step 1: Select Telnet/SSH Setup from the CONFIGURATION menu. Step 2: 1. Select Telnet Server Enable and enter the Port Number to enable. 2. Select SSH Server Enable and enter the Port Number to enable. 3. Enter the Time out in seconds for Telnet.
Step 3: To add user: 1. Click the Add button. 2. In Add User Entry Page, enter the User Name, Password, and specify whether the user is granted permission to Read Only or Read/Write. 3. Click the Apply button. To Delete User: 1. Select which user to Delete. 2. Click the Delete button. To Refresh User Management list click the Refresh button.
Access the TELNET Command Line Interface You may connect to the CLI (Command Line Interface) via a TELNET session to the default IP 192.168.168.1 Microsoft TELNET command is shown here but any TELNET client can be used. 1. Enter C:\WINDOWS\TELNET 192.168.168.1 at DOS prompt and the TELNET application will launch and connect. 2. At the login prompt, type in the default password “password” and press enter. You will then login to the CLI.
Access the Secure Shell Host Command Line Interface SSH provides the best remote access security using different forms of encryption and ciphers to encrypt sessions, and providing better authentication facilities and features that increase the security of other protocols. An encrypted connection like SSH is not viewable on the network. The server can still read the information, but only after negotiating the encrypted session with the client. SSH CLI has a command line interface.
Set the WEB Mode The access point supports HTTPS (SSL) featuring additional authentication and encryption for secure communication, in addition to the standard HTTP. Step 1: Select Web Management Setup from the CONFIGURATION menu. Step 2: 1. Select whether to set web server to HTTP or HTTPS (SSL) mode. 2. Click Apply. Changes will be effected after reboot.
Setup SNMP The Simple Network Management Protocol (SNMP) is a set of communication protocols that separates the management software architecture from the hardware device architecture. Step 1: Select SNMP Setup from the CONFIGURATION menu. Step 2: Select Enable from the SNMP State drop-down list. The Read Password is set to public while the Read/Write Password is set to private by default. Step 3: Click on the Apply button.
Setup SNMP Trap The SNMP Trap saves network resources through eliminating the need for unnecessary SNMP requests by providing notification of significant network events with unsolicited SNMP messages. Step 1: Select SNMP Setup from the CONFIGURATION menu. Step 2: 1. Select whether to Enable or Disable the SNMP Trap. 2. Enter the Remote IP Address or DNS. 3. Enter the Remote Port. This is the port number of the SNMP manager. 4. Enter the Community.
Setup STP (Available in Access Point, Transparent Client, and Repeater modes) Spanning Tree Protocol (STP) prevents broadcast storms when there are redundant paths in the network. STP creates a tree that spans all devices in an extended network, forcing redundant paths into a standby state, but establishing the redundant links as backup in case the active link should fail.
Scenario #1 – (No STP) With no STP, all clients (Notebook#1, #2, #3, #4) can access one another, resulting in low data security. Due to the redundant paths, broadcast packets will be duplicated and forwarded endlessly, resulting in a broadcast storm. Scenario #2 – (With STP) With STP, extra redundant network paths between access points will be disabled, hence preventing multiple active network paths in between any 2 access points.
Step 1: Select STP Setup from the CONFIGURATION menu. Step 2: Select the STP Status Enable radio button, fill in the fields, and click on the Apply button to update the changes. Priority: (Default: 32768, Range: 0 – 65535) This is the relative priority. The lowest priority will be elected as the root. Hello Time: (Default: 2, Range: 1 – 10) This is the time interval in seconds whereby a hello packet is sent out.
Use MAC Filtering MAC Filtering acts as a security measure by restricting user network access according to MAC address. Each WLAN or radio card supports up to 16 virtual access points and has its own MAC address listing. NOTE MAC Filtering will not filter any MAC address from the Ethernet port.
Add a MAC Address to the MAC Address List Step 1: Select MAC Filtering from WLAN Setup. The MAC Address Filtering page displays. In this page you may also set the MAC Filtering Status to Enable or Disable for access points and set the Policy to either Accept or Deny MAC addresses. MAC Filtering set to Enable with Policy to Accept only the MAC addresses in the MAC Filter Address List and deny all other MAC addresses.
Step 2: MAC Filter Address List page displays. Click the Add button. Step 3: The Add MAC Address page displays. Step 4: Enter the MAC Address of the client in the format xx-xx-xx-xx-xx-xx, where x can take any value from 0 to 9 or a to f. Enter the Comment. This describes the MAC Address you have entered. To apply to all virtual access points, check Apply to All. To apply to specific virtual access point, select the checkbox of the corresponding access point. Click the Apply button.
Step 5: MAC Filter Address List page displays with updated MAC Address List. NOTE Please reboot to effect all changes and new MAC address entries.
Delete a MAC Address From All Access Points Step 1: Select MAC Filtering from WLAN Setup. The MAC Address Filtering page displays. Select View Complete MAC List. S t ep 2 : The MAC Filter Address List page displays. Select the checkbox of the MAC address you wish to delete. Click the Delete button.
Step 3: The MAC Filter Address List page displays with updated MAC Address List.
Delete a MAC address from individual access point S t ep 1 : Select MAC Filtering from WLAN Setup. The MAC Address Filtering page displays. Select Edit for the corresponding access point. S t ep 2 : The MAC Filter Address List page displays. Select the checkbox of the MAC address you wish to delete. Click the Delete button.
S t ep 3 : The MAC Filter Address List page displays with updated MAC Address List.
Edit MAC Address from the MAC Address List Step 1: Select MAC Filtering from WLAN Setup. The MAC Address Filtering page displays. Select Edit. Step 2: MAC Filter Address List page displays. Select the MAC address to edit.
Step 3: The Edit MAC Address page displays. Edit the MAC address settings accordingly. Click the Save button. Step 4: The MAC Filter Address List page displays with updated MAC Address List.
Perform Advanced Configuration Setup Routing (Available in Wireless Routing Client and Gateway modes) The access point allows you to add a static routing entry into its routing table to re-route IP packets to another access point. This is useful if your network has more than one access point. Important: You do NOT need to set any routing information if you are simply configuring the access point for broadband Internet sharing.
Configure Static Routing Step 1: Select Routing from the CONFIGURATION command menu. The System Routing Table page displays. Initially the table contains the default routing entries of the access point. Step 2: Click on the Static Routing Table button, then click the Add button. Step 3: Enter the Destination IP Address, Destination Net Mask, and Gateway IP Address, and click the Add button. The Static Routing Table reflects the entry.
Use Routing Information Protocol (Available in Wireless Routing Client and Gateway modes) RIP (Routing Information Protocol) allows information to be exchanged within a set of routers under the same administration. RIPv1 bases the path used to pass traffic between routers on the fewest number of hops between the source and destination IP addresses within a packet.
Use Network Address Translation (Available in Wireless Routing Client and Gateway modes) NAT (Network Address Translation) allows multiple PCs in a private network to share a single public IP address by using different TCP ports to identify requests coming from different PCs, and is enabled by default. Computers in the private LAN behind the access point will not be directly accessible from the Internet.
Configure Virtual Servers Based on DMZ Host DMZ (De-Militarized Zone) makes specific PCs in a NAT-enabled network directly accessible from the Internet. With NAT, the access point keeps track of port number and forwards Internet replies the port number in the reply packet. Reply port numbers are discarded, but with forwarded to the DMZ-enabled PC instead.
Configure Virtual Servers Based on Port Forwarding Virtual Server based on Port Forwarding forwards Internet requests arriving at the access point WAN interface to specific PCs in the private network based on their ports. Step 1: Select NAT from the CONFIGURATION command menu. Step 2: Click the Port Forwarding button in Advanced NAT Options. Step 2: Click the Add button on the Port Forward Entries page.
Step 3: In the Add Port Forward Entry page, you can set up a Virtual Server for a Known Server type by selecting from a drop-down menu or you can define a Custom Server.
Known Server Server Type : Select from the drop-down list of known server types: • HTTP • FTP • POP3 • Netmeeting Private IP Address : Specify the LAN IP address of the server PC running within the private network. Public IP : Select All, Single, or Range from the dropdown list. From To : Enter the beginning of the range. : Enter the end of the range. Custom Server Server Type : Define a name for the server type you wish to configure.
Public IP From To : Select All, Single, or Range from the dropdown list. : Enter the beginning of the range. : Enter the end of the range. For example to set up a web server on a PC with IP address 192.168.168.55, set the Server Type as HTTP and set the Private IP Address as 192.168.168.55, then click on the Add button.
Configure Virtual Servers based on IP Forwarding If you are subscribed to more than one IP address from your ISP, virtual servers based on IP forwarding can forward all Internet requests regardless of the port number to defined computers in the private network. Step 1: Select NAT CONFIGURATION menu. from the command Step 2: Click the IP Forwarding button in Advanced NAT Options. Step 3: In the Add IP Forward Entry page, enter the Private IP Address and Public IP Address.
Control the Bandwidth Available (Available in Wireless Routing Client and Gateway modes) You can control the bandwidth available to subscribers to prevent the occurrence of massive data transfer that can slow down the network. Enable Bandwidth Control Step 1: Select Bandwidth Control from the CONFIGURATION command menu. Step 2: Bandwidth Control is disabled by default, select Enable, and click the Apply button.
Configure WAN Bandwidth Control The Upload / Download Bandwidth Setting can limit throughput to the defined rates regardless of the number of connections. Step 1: Select WAN Bandwidth Control Setup from the Bandwidth Control submenu from the CONFIGURATION command menu. Step 2: Enter the Download Total Rate and Upload Total Rate. The default values are 0, which indicates that there is no bandwidth limit. Click the Apply button.
Configure LAN Bandwidth Control Bandwidth Control can also limit LAN users’ throughput. Step 1: Select LAN Bandwidth Control Setup from the Bandwidth Control submenu from the CONFIGURATION command menu. Step 2: Click the Add button to create the bandwidth rule for LAN user.
Step 3: Click the Add button to create the rule for LAN user’s bandwidth control. Parameters Rule Name Description You can set a name for the bandwidth control rule. Committed Rate (kbit) Minimum bandwidth rate of throughput. Ceiling Rate (kbit) Capped bandwidth rate of throughput. NOTE: The sum of the Committed Rate of all the rules should not exceed the total rate available.
Perform Remote Management (Available in Wireless Routing Client and Gateway modes) You can use the access point web-based interface from the Internet to manage your network remotely. Setup Remote Management Step 1: Select Remote Management from the CONFIGURATION command menu. Step 2: To disable Remote Management, set Remote Http Port to 0 To enable Remote Management, set Remote Http Port to an unused port number. It is recommended that you avoid using port number 80 as it is blocked by some ISPs.
Use Parallel Broadband (Available in Gateway mode) Parallel Broadband provides scalable Internet bandwidth with Load Balancing and Fail-Over Redundancy. Load Balancing is provided by balancing the aggregate bandwidth of multiple broadband connections across the traffic demands of your private network. With Parallel Broadband, if a particular broadband connection fails, the access point will use the remaining functional broadband connections, thus providing Fail-Over Redundancy.
Enable Parallel Broadband Begin by verifying that every access point in the network is properly configured to connect to its individual broadband Internet account. Secondly ensure that either: • each access point is connected to an Ethernet port in the network OR • the access points are wired to each other. Then all the access points have to have the DHCP server, followed by the Parallel Broadband feature, enabled through the web-based configuration.
Setup Email Notification This feature notifies you by email if there is a change in the WAN IP address that was supplied to you. Step 1: Select WAN PPPoE Setup or WAN PPTP Setup from the CONFIGURATION command menu. Step 2: Click on the Email Notification button. Step 3: Select to Enable Email Notification and enter the following details: • Email address of Receiver: Email address of the receiver to whom the message would be sent.
Step 4: Specify whether the SMTP server Needs Authentication or not by setting the checkbox accordingly. By default it is not selected. Step 5: Click on the Apply button.
Using Static Address Translation (Available in Wireless Routing Client and Gateway modes) If you use a notebook for work in the office, you most probably bring it home to connect to the Internet as well. Since it is most likely that your office network and home network broadband-sharing network subnets are configured differently, you would have the hassle of reconfiguring your TCP/IP settings every time you use the notebook in a different place. Static Address Translation allows you to bypass this hassle.
Use DNS Redirection (Available in Wireless Routing Client and Gateway modes) When you enter a URL into your Internet browser, it requests for a nameto-IP address translation from the Domain Name System (DNS) servers to locate the web server hosting the desired website. The DNS server searches its local cache for the answer, and if found, returns this cached IP address. Otherwise, it contacts other DNS servers until the query is answered.
NOTE An entry for the DNS Server field in the PC TCP/IP Properties is required for Internet access. If the exact DNS IP address is unavailable, simple key in any valid IP address, for example: 10.10.10.
Enable or Disable DNS Redirection Step 1: Select DNS Redirection from the Home User Features command menu. Step 2: Select to Enable or Disable DNS Redirection. Step 3: Click the Apply button.
Dynamic DNS Setup With Dynamic IP Internet connection, keeping track address for Internet communication is complicated regularly by the ISP. If you are doing some web computer, Internet users will have to keep up with address to access your computer. of your public IP as it is changed hosting on your the changing IP When you sign up for an account with a Dynamic Domain Name Service (DDNS) provider, it will register your permanent domain name, for example: MyName.Domain.
To manage Dynamic DNS List Step 1: Select Dynamic DNS Setup from the Home User Features command menu. Step 2: If you have created a list earlier, click on the Refresh button to update the list. Step 3: To add a new Dynamic DNS, click on the Add button. The Choice DDNS Provider page appears. There are two default providers that you can use. The parameters are explained below: • Choice: Indicates your preferred DDNS provider. • Provider Name: Name of your preferred DDNS provider.
2 DDNS providers are predefined for you. You need to be connected to the Internet to register your DDNS account. Select 2MyDNS – Dynamic DNS Service Provider as DDNS Service Provider: Step 1: Under the Choice column in the Choice DDNS Provider list, check the radio button next to the 2MyDNS – DNS Service Provider entry. Click on the Next button. Step 2: Enter your Domain Name. Step 3: The Auto Detect checkbox is selected by default. The WAN IP field is empty by default.
Optional In the Mail Exchanger field, enter the Static WAN IP address of the mail server configured to handle email for your domain. Step 5: Select Backup Mail Exchanger to enable this service. Step 6: Click on the Add button. The new domain is added to the Dynamic DNS list table. It will appear as a hyperlink that you can click to go back to the Dynamic DNS Edit page. Step 7: From the Dynamic DNS Edit page you can update or reset the parameters, or delete the domain name.
Select DtDNS as DDNS Service Provider: Step 1: Under the Choice column in the Choice DDNS Provider list, check the radio button next to the DtDNS entry. Click on the Next button. Step 2: Enter your Domain Name. Step 3: The Auto Detect checkbox is selected by default. The WAN IP field is empty by default. These default settings should be used if dynamic WAN IP connection is used.
Use the Wireless Extended Features Setup WDS2 WDS2 (Wireless Distributed System 2) links up access points to create a wider network in which mobile users can roam while still staying connected to available network resources. The wireless client and root access point has to be set up with the same channel frequency. This allows them to connect even when the link is lost, as the channel frequency setting is preserved.
Follow these steps to change the setup the root access point. Setup access point 1: Click on WLAN Setup from the CONFIGURATION menu. You will see the sub-menus expanded under WLAN Setup. Click on Basic. Ensure that The Current Mode is set to Access Point. To change The Current Mode, please refer to: Common Configuration – WLAN Setup - To Configure the Basic Setup of the Wireless Mode. Select Act as RootAP. Select the Channel common to both access point 1 and access point 2.
Follow these settings to setup access point 2. Setup access point 2: Click on WLAN Setup from the CONFIGURATION menu. You will see the sub-menus expanded under WLAN Setup. Click on Basic. Select the Channel common to both access point 1 and access point 2.
Configure WDS2 link: Click on WLAN Setup from the CONFIGURATION menu. You will see the sub-menus expanded under WLAN Setup. Click on Advanced. Under Extended Features, click on the WDS2 Settings button. Set WDS2 Link Status to Enable. Options for configuring WDS2 link: • By Remote AP MAC – Enter the Remote AP MAC OR • By Remote AP SSID – Uncheck the Remote AP MAC checkbox and enter the Remote AP SSID. • Click Apply..
Set Virtual AP (Multiple SSID) Virtual AP implements mSSID (Multi-SSID) whereby a single wireless card can be setup with up to 16 virtual AP connections with different SSIDs or BSSID (Basic Service Set Identifier) and security modes. Virtual AP delivers multiple services by VLAN segmentation: making the network think there are many SSIDs available and channeling each connection through different VLANs to the respective virtual network segments on the Ethernet network.
Follow these steps to setup Virtual AP. Virtual AP 1 Click on WLAN Setup CONFIGURATION menu. Select Virtual AP. from the 2 Virtual AP List page displays. • Click Apply to register changes. • Click Clear to clear Virtual AP List. • Click Back to return to WLAN Basic Setup page. • Select the Delete option beside any Virtual APs you wish to delete. Click Add to goto add Virtual AP page. 3 1. Enter ESSID name. 2. Settings: • VLAN ID • Closed System • RootAP 3. Select Security Mode 4.
Set Preferred APs (Available in Client Mode) When there is more than one AP with the same SSID, the Preferred APs function allows you define the MAC address of the APs in order of preference. The MAC address at the top of the Preferred APs list has the highest connection preference, and the MAC address at the bottom has the lowest connection preference. Follow these steps to specify your preferred APs. Preferred APs 1 1. Click on WLAN Setup from the CONFIGURATION menu. 2. Select Preferred APs. 2 1.
Get Long Distance Parameters The access point can calculate and display suggested values for certain parameters to use to ensure that efficient wireless communication between physically distant access points. Select Advanced from WLAN Setup under Configuration. Click on the Long Distance Parameters button under the Extended Features section. Select to Enable the Outdoor function.
You can enter the parameters based on the recommended values in the pop-up window, click on the Apply button to update the changes. Long Distance Parameters Outdoor Description If set to Enable, the Outdoor parameters will be configured for outdoor communication over short or long distances as specified, it is disabled by default. Distance Determines the distance between your access point and the remote access point in meters.
Set Wireless Multimedia Wireless Multimedia (WMM) is a QoS (Quality of Service) standard in IEEE802.11E that we have adopted to improve and support the user experience for multimedia, video, and voice applications by prioritizing data traffic. QoS can be realized through 4 different Access Categories (AC). Each AC type consists of an independent transmit queue, and a channel access function with its own parameters.
Follow these steps to change the setup Wireless Multimedia on your access point. Step 1: 1. Click on WLAN Setup from the CONFIGURATION menu. 2. Select Advanced. Step 2: Click on the WMM Settings button. Step 3: Select to Enable Wireless Multimedia (WMM) Enter the desired WMM parameters. Using the default parameters is recommended. Click Apply to apply the WMM settings, click Default to reset all parameters to default, or click Back to discard any changes and return to WLAN Basic Setup page.
AIFs (Arbitrary Inter-Frame Space) WMM Parameters (for advanced users) Arbitrary Inter-Frame Space is the minimum wait time interval between the wireless medium becoming idle and the start of transmission of a frame over the network. Cwmin (Contention Window Minimum) Contention Window Minimum is the minimum random wait time drawn from this interval or window for the backoff mechanism on the network.
Setup Point-to-Point & Point-toMultiPoint Connection You can implement Point-to-Point connection by simply setting one access point as RootAP in Access Point mode and setting the other access points to Transparent Client mode. You can set a root access point and a transparent client to allow pointto-point communication between different buildings and enable you to bridge wireless clients that are kilometres apart while unifying the networks.
Page 137
Follow these steps to setup Transparent Client/s. Transparent Client Step 1: Click on WLAN Setup from the CONFIGURATION menu. You will see the sub-menus expanded under WLAN Setup. Click on Basic. Ensure that The Current Mode is set to Transparent Client. To change The Current Mode, please refer to: Common Configuration – WLAN Setup - To Configure the Basic Setup of the Wireless Mode.
Transparent Client Step 2: Select the Remote AP MAC checkbox. Enter the Remote AP MAC. Note: When using Remote AP MAC, the ESSID name must also match the AP’s ESSID name, especially when Closed System is enabled on the AP. Repeat Transparent Client step to add more points to the Point-toMultiPoint connection.
Secure your Wireless LAN Step 1: Select Security from WLAN Setup under the CONFIGURATION menu. Step 2: Make a selection from the Security Mode drop-down list. The Security Mode is set to NONE by default. Click on the Apply button. NOTE All nodes in your network must share the same wireless settings in order to communicate.
Setup WEP At the WEP Setup page, Step 1: Specify the key entry type, by selecting either: • Use Hexadecimal: • Use ASCII Step 2: Select the Transmission Key from the pull down menu: • Key 1 • Key 2 • Key 3 • Key 4 The access point lets you define up to four different transmission keys. It defines a set of shared keys for network security. You must enter at least one WEP key to enable security using a shared key.
Setup WPA-Personal (Available in Access Point mode) Follow these steps if you have activated the WPA-Personal, WPA2Personal or WPA-Personal-AUTO security modes. At the WPA1/2-PSK Setup page, Step 1: Specify the key entry type, by selecting either: • Passphrase (Alphanumeric characters) • Hexadecimal Step 2: Fill in the pre-shared network key: If you are using the Passphrase format, your entry can consist of a minimum of 8 alphanumeric characters or a maximum of 63 alphanumeric characters.
Step 3: For WPA-Personal Set the Cipher Type to TKIP. WPA replaces WEP with a strong encryption technology called Temporal Key Integrity Protocol (TKIP) with Message Integrity Check (MIC). For WPA2-Personal Set the Cipher Type to AES. Advanced Encryption Standard (AES) is a stronger symmetric 128-bit block data encryption technique. AES is a requirement of WPA2 under the IEEE 802.11i standard.
Setup 802.1x/RADIUS (Available in Access Point mode) At the IEEE 802.1x Setup page, Step 1: Key in the IP address of the Primary RADIUS Server in your WLAN. You can optionally add in the IP address of a Secondary RADIUS Server, if any. The RADIUS authentication server MUST be in the same subnet as the access point. Step 2: By default, the value for Authentication Port number is 1812. You can leave this value as it is. This value must be set to be the same as the one in the RADIUS server.
Step 6: Select the length of each encryption key: • 64- bit 10 hexadecimal or 5 ASCII Text • 128-bit 26 hexadecimal or 13 ASCII Text Step 7: Click the Apply button and reboot your system, after which your settings will become effective.
Setup WPA Enterprise (Available in Access Point mode) Follow these steps if you have selected the WPA, WPA1-Enterprise, WPA2-Enterprise, or WPA-Enterprise-AUTO security modes. At the WPA1/2-EAP Setup page, Step 1: Key in the IP address of the Primary RADIUS Server in your WLAN. You can optionally add in the IP address of a Secondary RADIUS Server, if any. The RADIUS authentication server MUST be in the same subnet as the access point. Step 2: By default, the value for Authentication Port number is 1812.
Step 5: Select the length of each encryption key: • 64- bit 10 hexadecimal or 5 ASCII Text • 128-bit 26 hexadecimal or 13 ASCII Text Step 6: For WPA-Enterprise Set the Cipher Type to TKIP. WPA replaces WEP with a strong encryption technology called Temporal Key Integrity Protocol (TKIP) with Message Integrity Check (MIC). For WPA2- Enterprise Set the Cipher Type to AES. Advanced Encryption Standard (AES) is a symmetric 128-bit block data encryption technique.
Configure the Security Features Use Packet Filtering Packet filtering selectively allows /disallows applications from Internet connection. Configure Packet Filtering Step 1: Select Packet Filtering from the Security Configuration command menu. Step 2: Select the Packet Filter Type by clicking on the Change button. Step 3: Select from three choices: Disabled, Sent, Discarded, and then click on the Apply button. The default is Disabled, which allows all packets to be sent.
apply the rule to: A Range of IP addresses In this case, you will have to define (From) which IP address (To) which IP address, your range extends. A Single IP address Here, you need only specify the source IP address in the (From) field. Any IP address You may here, leave both, the (From) as well as the (To) fields, blank. Here, the rule will apply to all IP addresses. 4c).
In this case, you may skip both the (From) as well as the (To) drop down fields. 4e). At the Time of the Day drop down list, you may also choose to apply the rule to: A Range of time In which case, you have to specify the time in the format HH:MM, where HH may take any value from 00 to 23 and MM, any value from 00 to 59. Any time Here, you may leave both (From) and (To) fields blank. Step 5: Click on the Apply button to make the new rule effective.
Use URL Filtering URL Filtering allows you to block objectionable websites from your LAN users. Configure URL Filtering Step 1: Select URL Filtering from the Security Configuration command menu. Step 2: To select the URL Filter Type, click the Change button. Step 3: Select to Block or Allow, and then click on the Apply button. The default is Disabled, which allows all websites to be accessed. Then click the Add button. Step 4: For the Host Name field, input the web site address that you wish to block.
Configure the Firewall Configure SPI Firewall Stateful Packet Inspection (SPI) thwarts common hacker attacks like IP Spoofing, Port Scanning, Ping of Death, and SynFlood by comparing certain key parts of the packet to a database of trusted information before allowing it through. NOTE Firewall security rules should be planned carefully as incorrect configuration may cause improper network function. Select Firewall Configuration from the Security Configuration command menu. Enable the firewall.
You may add more firewall rules for specific security purposes. Click on the Add radio button at the screen shown above, followed by the Edit button. Rule Name : Enter a unique name to identify this firewall rule. Disposition Policy : This parameter determines whether the packets obeying the rule should be accepted or denied by the firewall. Choose between Accept and Deny. Protocols : Users are allowed to select the type of data packet from: TCP, UDP, ICMP, IGMP or ALL.
Redirect Time exceeded Parameter Problem Timestamp Request Information Request Information Reply IGMP Types Source IP which it sends datagrams because of congestion. Informs the host of a preferred route. Indicates that the Time-to-Live (TTL) of an IP datagram has expired. Informs that host that there is a problem in one the ICMP parameter. Information that is from the ICMP data packet. Information that is from the ICMP data packet. Information that is from the ICMP data packet.
Timestamp – Timestamp RR – Record Route SID – Stream Identifier SSRR – Strict Source Routing RA – Router Alert Check TTL : This parameter would let you screen packets according to their Time-To-Live (TTL) value available options are: 1. Equal 2. Less than 3. Greater than 4.
Use the Firewall Log The Firewall Log captures and stores network traffic information such as the type of data traffic, the time, the source and destination address / port, as well as the action taken by the firewall. View Firewall Logs Step 1: Select Firewall Log from the SECURITY CONFIGURATION command menu. Step 2: Click on the Refresh button to see the information captured in the log: Page 156 Time at which the packet was detected by the firewall.
Administer the System Use the System Tools Use the Ping Utility (Available in Wireless Routing Client and Gateway modes.) You can check whether the access point can communicate (ping) with another network host with the Ping Utility. Step 1: Select Ping Utility under the SYSTEM TOOLS command menu. Step 2: Enter the IP address of the target host to ping. Click the Start button. The Ping messages are displayed.
Use Syslog Syslog forwards system log messages in a network to a machine running a Syslog listening application. It is used to help in managing the computer system and increase security on the network. Freeware supporting Syslog is widely available for download from the Internet. This section shows how to: • Setup Syslog. • View logged information. The System Log Setup page allows the user to: • Enable or Disable system logging.
Follow these steps to setup Syslog: Step 1: Click on Syslog from the SYSTEM TOOLS menu. Step 2: Select to Enable Syslog. Enter the Logging IP or Domain Name Enter the Logging Port Click Apply to make the changes.
Follow these sample steps to view logged information: Step 1: Search for a Syslog listening application. Step 2: Select a Syslog listening application. Step 3: Download Syslog listening application. Step 4: Install Syslog listening application. Step 5: View logged information on Syslog listening application.
Set System Identity You can set the System Identity of the access point to be uniquely identifiable. Step 1: Select System Identity from the SYSTEM TOOLS menu. Step 2: Enter a unique System Name. Step 3: Enter the name of a contact person in the System Contact field. Step 4: Enter the System Location. This entry identifies the device location, especially when there are multiple devices. Step 5: Click on the Apply button to effect the changes.
Step 1: Select System Clock Setup from the SYSTEM TOOLS menu. Step 2: Select the appropriate time zone from the Select to Change the Time Zone for the Router Location drop-down list. Step 3: Enable the Auto Time Setting (SNTP) radio button. SNTP stands for Simple Network Time Protocol and is used to synchronise computer clocks. Step 4: Fill in the Time Servers field and click on the Apply button to effect the changes.
Upgrade the Firmware with UConfig You can check the types and version of your firmware by clicking on About System from the HELP menu. To begin with, ensure that you have the updated firmware available. Step 1: Select Firmware Upgrade from the SYSTEM TOOLS menu. Step 2: Click on the Browse button to locate the file. Step 3: Click on the Upgrade button. Follow the instructions given during the upgrading process. Step 4: You need to reboot the system after the firmware upgrade.
Upgrade the Firmware with Command Line Interface You can check the types and version of your firmware by clicking on About System from the HELP menu in UConfig. Follow these steps to upgrade firmware from Command Line Interface (CLI). Step 1: Ensure that you have the updated firmware available.
Step 2: On the PC connected to the AP, run a TFTP server and setup to point to the same firmware image filename.
Step 4: These screens display when upgrade is done. Sample Screenshot NOTE The firmware upgrade process must NOT be interrupted; otherwise the device might become unusable.
Perform Firmware Recovery If the system fails to launch properly, the access point will automatically switch to loader mode and the diagnostic LED will remain lighted. The firmware should then be reloaded. Access Point State Corrupted firmware – access point automatically switches to loader mode Recovery in progress Successful recovery Diagnostic LED ( ) State Blinks very fast ON Blinks very slowly Before starting, check the status of the diagnostic LED to confirm if firmware failure has occurred.
Step 5: From the Start menu, click Run and type cmd. When the command prompt window appears, type in the following command: X:\recovery\TFTP -i 192.168.168.1 PUT image_name.IMG, where X refers to your CD drive and image_name.IMG refers to the firmware filename found in the Recovery folder of the Product CD. Step 6: If you have downloaded a newer firmware and have saved it in your local hard disk as: C:\accesspoint\accesspointxxx.IMG, then replace the command with this new path and firmware name.
Backup or Reset the Settings You may choose to save the current configuration profile, create a backup of it on your hard disk, restore an earlier saved profile, or to reset the access point back to its default settings. Reset your settings Step 1: Select Backup or Reset Settings from the SYSTEM TOOLS menu. Step 2: To discard configurations made and restore the access point to its initial factory settings, click on the Reset button.
Backup your Settings Step 1: Select Backup or Reset Settings from the SYSTEM TOOLS menu. Step 2: To back up the current settings of your access point onto your hard disk drive, click on the Backup button. Step 3: Save your configuration file to your local disk.
Restore your Settings Step 1: Select Backup or Reset Settings from the SYSTEM TOOLS menu. Step 2: To restore previously saved settings, click on the Browse… button and select the folder where you saved your configuration file. Click on the Restore button and the system will prompt you to reboot your device.
Reboot the System Most of the changes you make to the system settings require a system reboot before the new parameters can take effect. Step 1: Select Reboot System from the SYSTEM TOOLS menu. Step 2: Click on the Reboot button. Step 3: Wait for the system to reboot and the login page will be displayed.
Change the Password It is recommended that the login password is changed from the factory default password. Step 1: Select Change Password from the SYSTEM TOOLS menu. Step 2: Key in the Current Password. The password is case-sensitive and defaulted to password Enter the New Password field and then Confirm Password. Step 3: Click on the Apply button to update the changes.
To Logout Step 1: Select Logout from the SYSTEM TOOLS menu. Step 2: Click the LOG ON ! button to access the access point configuration interface again.
Use the HELP menu View About System System Information displays system configuration information that may be required by support technicians for troubleshooting. Select About System from the HELP menu. The System Information page displays information about the access point configuration settings.
Get Technical Support This page displays the contact information of technical support centres around the world. If further information unavailable in the manual or data sheet is required, please contact a Technical Support Centre by mail, email, fax or telephone. Click on Get Technical Support from the HELP menu.
Appendix: Use the Command Line Interface Get Operation List SYNTAX Get tasks Get sysinfo Get aplist Get athstats Get brinfo Get brmacshow Get bssinfo. Get channel Get chanlist Get ieee80211stats Get routeshow Get stalist Get linkinfo Get macstats Get opmode Get wmode DESCRIPTION Display all active process/tasks. Display system information. Display list of access points discovered. Display wireless driver information. Display bridge and interfaces information. Display bridge learned MAC address list.
Wireless Mode SYNTAX Set wirelessmode Set autochannelselect Enable/disable Set radio_off_eth_down enable/disable DESCRIPTION Supported strings are: auto, 11a, 11b, 11g, pureg, superg, supera Enable or disable smart channel select during power up. Enable or disable auto turn off radio when Ethernet port connection link is lost. WEP Key Must first set a key entry type, then proceed to set the key index, size, and value.
{CTRY_IRAN, "IR" }, {CTRY_IRELAND, "IE" }, {CTRY_ISRAEL, "IL" }, {CTRY_ITALY, "IT" }, {CTRY_JAPAN, "JP" }, {CTRY_JAPAN1, "J1" }, {CTRY_JAPAN2, "J2" }, {CTRY_JAPAN3, "J3" }, {CTRY_JAPAN4, "J4" }, {CTRY_JAPAN5, "J5" }, {CTRY_JAPAN6, "J6" }, {CTRY_JORDAN, "JO" }, {CTRY_KAZAKHSTAN, "KZ" }, {CTRY_KOREA_NORTH, "KP" }, {CTRY_KOREA_ROC, "KR" }, {CTRY_KOREA_ROC2, "K2" }, {CTRY_KOREA_ROC3, "K3" }, {CTRY_KUWAIT, "KW" }, {CTRY_LATVIA, "LV" }, {CTRY_LEBANON, "LB" }, {CTRY_LIECHTENSTEIN, "LI" }, {CTRY_LITHUANIA, "LT" },
Channel SYNTAX Set channel DESCRIPTION (Value in decimal) SSID SYNTAX Set ssid DESCRIPTION (Not More than 32 characters) Closed System SYNTAX Set hidessid enable/disable DESCRIPTION Enable or disable broadcasting of SSID. Per Node SYNTAX Set apbridge enable/disable DESCRIPTION Enable or disable isolation of wireless client.
Appendix: Virtual AP (Multi-SSID) FAQ Q1) What is mSSID? Multi-SSID (mSSID) as the name suggest, allows an access point (AP) with a single radio card to support more than one SSID. Q2) What can you do with mSSID connection? The application of mSSID is to provide better security with multiple network path connections from a single AP, to multiple VLAN network segments of the switch on the local area network. A network setup application is illustrated below. E.g.
Q3) Can I update my access point to this mSSID firmware? Yes. You can retain your access point configuration when you update to the mSSID firmware if the current firmware running is v1.3x and above. If AP is running the following configuration setup, updating to the mSSID firmware will affect the configuration. If AP is running as PtP (Point-To-Point) or PtMP (Point-To-MultiPoint) mode.
Q6) I have Pseudo VLAN for Per Group enabled. Will updating to mSSID firmware still support wireless clients with MAC addresses listed in Per Group? The mSSID firmware replaces Pseudo VLAN and integrates it into VAP (Virtual AP) and MAC Filtering. Thus, Pseudo VLAN with its VLAN ID and MAC listing will be lost after updating to mSSID firmware. Refer to the user manual on how to create new VAP with VLAN ID and MAC Filtering.
Q8) I have 2 of the access point units installed at a site about 2km from each other running PtP modes. Should I update to mSSID firmware? Can I do it from one location to update the firmware like I do with the current single SSID firmware? The setup for PtP and PtMP for mSSID firmware is different the current sSSID firmware. After mSSID firmware starts up, the link between the 2 APs will be lost. The recommended method is to setup 2 similar model units in the office.
Appendix: View the Technical Specifications Safety and Electromagnetic Conformance • FCC Part 15 SubPart B and SubPart C (for wireless module) • EN 300 328-2 • EMC CE EN 301 489 (EN300 826) • EN 55022 (CISPR 22)/EN 55024 Class B • EN 61000-3-2 • EN 61000-3-3 • CE EN 60950 • EN 301 893 Industrial Standards • IEEE 802.11a (Version AG) • IEEE 802.11b • IEEE 802.11g Data Rates • Network speeds dynamically shift between 1,2, 5.5, 11, 12, 18, 24, 36, 48, 54 Mbps Frequency Range IEEE 802.11a (Version AG): 5.
Network Interface 1x RJ45 10/100 Mbps auto-negotiating Ethernet port Modulation • • • • Radio Technology • DSSS (Direct Sequence Spread Spectrum) • OFDM (Orthogonal Frequency Division Multiplexing) BPSK (Binary Phase Shift Keying) QPSK (Quadrature Phase Shift Keying) CCK (Complementary Code Keying) 16 QAM, 64 QAM (Quadrature Amplitude Modulation) Output Power IEEE 802.11a (Version AG): 20 - 26 dBm (depend on configuration) IEEE 802.11b: 20 - 26 dBm (depend on configuration) IEEE 802.
IP Addressing All classful/classless subnets Management • • • • Built-in DHCP Server Yes DHCP Reservation By MAC address Operating Channels • 11 Channels: US and Canada • 13 Channels: Europe • 14 Channels: Japan Load Balancing Parallel Broadband (in Gateway mode) Fail-Over Redundancy Virtual Server Parallel Broadband (in Gateway mode) IP Packet Filtering • Time-based • By TCP Port • By Source IP IP Routing Static & Dynamic Entry VPN Client PassThrough Configuration Interface Profile Backup
Technical Support Information The warranty information and registration form are found in the Quick Install Guide. For technical support, you may contact Compex or its subsidiaries. For your convenience, you may also seek technical assistance from the local distributor, or from the authorized dealer/reseller that you have purchased this product from. For technical support by email, write to support@compex.com.sg.
