Distributed Network Management Solution v0.90 Copyright © 2015 by EnGenius. All Rights Reserved.
Table of contents Introduction ............................................................................................................................................... 4 Overview .................................................................................................................................................... 4 ezMaster Software ....................................................................................................................................
Device Management ............................................................................................................................... 31 Summary .............................................................................................................................................. 31 Device Config ....................................................................................................................................... 31 AP Groups...............................................
Introduction Overview EnGenius ezMaster is a powerful and scalable enterprise-class centralized network management system that manages EnGenius Neutron Series products for building and managing enterprise grade Wi-Fi infrastructures for all sizes of businesses from a single console.
Deployment Scenario 5 / 60
Before you begin For ezMaster to manage an AP or switch, the device must be able to communicate with the ezMaster server. Make sure that the ezMaster server, EWS AP and EWS switch can all be reachable via HTTP/HTTPS from outside your internal network. System Requirements Recommended environment for managing up to 500 APs CPU: Intel i3 3.6GHz dual core or above RAM: 4GB minimum HDD: 500GB (actual requirement depending on log size) OS: Microsoft Windows 7 or later + VirtualBox 4.3.
Installing ezMaster The instructions below will guide you through the process of installing ezMaster VM. Getting a Virtualization Product ezMaster VM is distributed as an Open Virtualization Appliance (OVA) which should be compatible with these virtual machine products. VirtualBox (v4.3.30 recommended*) VMWare Workstation Player 12 Note: At the time of release, VirtualBox v5 has known issues with bridging NICs: https://www.virtualbox.org/ticket/14558. We recommend using VirtualBox v4.3.30.
Launching the ezMaster VM image using VMware Workstation Player 12 1. Start VMware® Workstation Player and click on “Open a Virtual Machine”. 2. Locate and select the ezMaster VM image file (.ova), then press "Import". Additional Information When importing the .ova file, you may see this error: The import failed because .ova did not pass the OVF specification conformance or virtual hardware compliance checks.
3. The VM should now be visible in the list. Click on "Edit virtual machine settings". 4. Under the Hardware tab, click on Network Adapter and select Bridged: Connect directly to the physical network. If your PC has more than one network adapter, click on Configure Adapters and choose the network adapter that your computer uses to connect to the Internet (WAN). Choose only one wired LAN adapter. DO NOT select a Wireless LAN adapter or other virtual adapters. 5. Click on OK to save and apply settings.
6. After setting up your network adapter, press “Play Virtual Machine” to launch the ezMaster image.
Launching the ezMaster VM image using VirtualBox 4.3.30 1. Download and install VirtualBox 4.3.30 for Windows. https://www.virtualbox.org/wiki/Download_Old_Builds_4_3 2. Start VirtualBox and click on File > Import Appliance… 3. Locate and select ezMaster image, select the “Reinitialize the MAC address of all network cards” checkbox, then click on Import.
4. After importing the image, click on Network. 5. From the drop-down box, select the network adapter that your computer uses to connect to the Internet (WAN). DO NOT select a Wireless LAN adapter or other virtual adapters. Click on OK to continue. 6. Click on the Start button to launch the ezMaster image.
Setting up ezMaster Server 1. After launching the image, once the installation script finishes running, you will be prompted to enter login and password for ezMaster. For login enter admin, for the password enter password. 2. Once the ezmaster# command prompt appears, start entering network settings for your ezMaster server. (Tip: Use Network Adapter Properties to check the info of your network adapter.) *network settings below are for reference example use.
Logging into ezMaster 1. Open a web browser and type the IP address of the ezMaster server you've assigned. 2. Once the log in screen appears, enter the username (admin) and password (password) to log in.
Registering ezMaster to ezRegistration Server In order to manage remote device using ezMaster, you must first register ezMaster to the ezRegistration server. You may skip this section if you are managing only local devices or if you are manually redirecting each AP to ezMaster. 1. In the ezMaster user interface, click on the Global Settings menu. 2. Under Admin Account, fill in the fields and click Apply to register your ezMaster to the ezRegistration server.
Getting Started Before ezMaster is able to manage a Neutron device, the access point/switch must be running with the required firmware version. All Neutron devices will need to be running firmware version c1.6.x or later. With ezMaster, you'll be able to manage both local and remote access points. The table below lists the methods of how access points are managed.
Adding devices to ezMaster Device Inventory Before managing a remote AP/switch, you must first bind the AP to ezMaster's Device Inventory by ‘registering’ the device. Skip this section if you are managing only local devices or if you are manually redirecting each AP to ezMaster. 1. Once ezMaster has been registered with the ezRegistration server, you can start registering your APs and adding them to ezMaster’s device inventory by clicking on the ‘Device Inventory’ icon. 2.
4. The message below will be displayed upon successfully claiming an AP. Click on "OK" to proceed. 5. The registered AP will be listed in your Device Inventory. Manually redirecting AP to ezMaster From the AP's web user interface, select 'Management'. Under Controller Settings, fill in the IP Address of the ezMaster server you wish to redirect to AP to. The 'Test' button can be used to test whether the AP can successfully connect with the ezMaster server. Click on 'Apply' to save your settings.
Managing devices using ezMaster In order to start managing and monitoring Neutron devices, these devices must first be added to a project. 1. Make sure that your Neutron device is connected to a network with a DHCP server and can access the Internet. 2. Click on the “Project” icon to create a new project. A ‘Project’ is similar to a ‘profile’ which can be used to classify/represent different sites or floors of your deployment. 3. Click on “Create New Project” and enter a project name and description.
Note: In order to manage an EWS Switch, the Controller State of the EWS Switch must be set to “Disabled” in the EWS switch web interface. A switch with Controller State “Enabled” will not be discovered by ezMaster.
Working with ezMaster Main Dashboard After logging in to the ezMaster web interface, the Dashboard is the first page that appears. The Dashboard provides a quick summary of the ezMaster system displaying information such as system resource usage status, system information and software version.
Projects A ‘project’ is concept similar to a 'profile' which can be used to classify/represent different floors or sites of your deployment. On this page, you'll be able to manage existing projects as well as create new projects. Global Settings The page allows you set up global and general settings for ezMaster including administrator account settings, log related settings, backup/restore settings, connectivity tests, software upgrades.
System Admin Account Use this page to register your ezMaster to the ezReg server. A valid email address is required for you to unregister your devices in the event of ezMaster server failure. Also, on this page you can change the ezMaster login password. For security purposes, it is recommended to change the default password. Preferences By default, the ezMaster web server will operate on port 80 and 443. Users can change HTTP/HTTPS ports from their default assignments.
Event Logs The Event Log is designed to monitor the operation of ezMaster by recording the event messages it generates during normal operation. These events may provide vital information about system activity that can help in the identification and solutions of system problems. This page displays the most recent records. Log entries are listed in reverse chronological order (with the latest logs at the top of the list). Click a column header to sort the contents by that category.
Email Alert If an event is detected, ezMaster will record it in the event log. ezMaster can also be configured to send email notifications upon detecting selected events. Mail Alert State: Select whether to Enable/Disable email notification. Mail Information Setting SMTP Server: Enter the name of the mail server. SMTP Port: Enter the SMTP port. SSL/TSL: Enable this option if your mail server uses SSL/TLS encryption. Authentication: Select this option to enable authentication.
server to receive log contents from the ezMaster. Use this page to direct all logging to the syslog server. Click the Add button to create a new entry and define your syslog server. Backup/Restore ezMaster After you have finished setting and configuring your ezMaster, you may want to backup the full configuration. This configuration file can be used to restore your settings if for some reason you ezMaster server crashes.
Wireless Background Scanning Using Background Scanning, ezMaster periodically samples RF activity of all Access Points including channel utilization and surrounding devices in all available channels. Background scanning is the basis of Auto Channel, Auto Tx Power and Rogue AP detection, and must be enabled for these features to operate. You may, if you prefer, disable it if you feel it's not helpful, or adjust the scanning frequency, if you want scans at greater or fewer intervals.
Diagnostic Connectivity Test Connectivity Test is used to ensure that your network is setup correctly. Use the Test button to check your network connection.
Software Upgrade Update ezMaster Use this page to upgrade your ezMaster server to a later version. Note: We recommend backing up ezMaster settings before performing a ezMaster server software update. Warning: Upgrading ezMaster will temporarily disable device management. To minimize network disruption,we recommend performing the upgrade procedure at an off-peak time.
Device Inventory In order to manage devices which are in a different network from ezMaster, you must first register these devices into ezMaster's device inventory. Once added to your inventory, you will be able to manage these devices from your projects. On this page, you can register/unregister devices from your ezMaster.
Working with Projects A ‘project’ is concept similar to a 'profile' which can be used to classify/represent different floors or sites of your deployment. Device Management Summary The Summary page provides a quick overview of the selected project. Device Config This page displays the status of all devices that are currently being managed by the selected project.
Access Point Dashboard The Dashboard on the upper right shows the current number of APs that is being managed by the selected project. Remove The Remove button removes selected Access Point(s) from the project. Access Points removed will be automatically set to standalone mode with all settings restored to their factory default settings, and will appear in the Pending Approval list. Reboot The Reboot button reboots the selected Access Point(s).
Model Name Shows the model name of the managed Access Point. MAC Address Shows the MAC address of the managed Access Point. Device Name Displays the device name of the managed Access Point. When the AP is not configured to a Group, click on this field and you’ll be redirected to the configuration page where you can configure AP settings such as device name, IP Address, Wireless Radio settings.
Reboot The Reboot button reboots the selected EWS Switches. Search Bar Use the Search Bar to search the list of managed EWS Switches using the following criteria: Status, model name, MAC Address, Device name, IP address, Firmware Version. Status This indicates the current status of the managed EWS Switch. Status Explanation Online EWS Switch is connected and managed by ezMaster. Provisioning EWS Switch is currently in the process of connecting to ezMaster.
Pending Approval Add Use the Add button to add selected devices into your project. Search Bar Use the Search Bar to search the list of devices using the following criteria: device type, model name, MAC address, device name, IP address, SKU, firmware version. Device Type Indicates whether the device pending approval is an AP or EWS Switch. Model Name Shows the model name of the device pending approval. MAC Address Shows the MAC address of the device pending approval.
AP Groups AP Groups can be used to define configuration options and applying these settings to multiple APs at once without having to modify each AP’s settings individually. If your wireless network covers a large physical environment and you want to provide wireless services with different settings and policies to different areas of your environment, you can use AP Groups to do this instead of having to modify the settings of each AP individually.
Monitoring Active Clients From here, you can view information, temporarily disconnect and permanently block the wireless clients that are associated with the managed Access Points. ezMaster is able to identify client devices by their Operating System, device type and host name, if available. If there are multiple Access Points in your project, use the search bar to find an Access Point by its name. Kick Client Use this function to temporarily disconnect a wireless client from the network.
Rogue AP Detection Rogue Access Points refer to those unauthorized and often unmanaged APs attached to an existing wired network which could bring harm to the network or may be used to deliberately gain access to confidential company information. With Background Scanning enabled, the Rogue AP Detection feature can be used to periodically scan 2.4 GHz and 5 GHz frequency bands to identify rogue wireless Access Points not managed by the ezMaster.
Visualization Topology View If you have an EWS Switch deployed in your network, you will be able to see a visual view of the topology of all supported devices in the network. The Topology View feature will automatically maps your network deployment and displays the device relationships across your network infrastructure. An essential feature for troubleshooting network issues that would otherwise require manual mapping, overlay monitoring software, or manually keeping track of MAC address tables.
Left click on the Access Point to bring up a menu where you can remove AP from management list, reboot AP, or redirect to the Active Clients page. You can search for a device using the IP Address or MAC address. Click on to show or hide port information. Note: ezMaster can only generate topologies when there is an EnGenius EWS Series Switch in the network. EnGenius EGS L2 Series and EGS Smart Series v2 models can be displayed in the topology if connected under a network with an EWS Switch.
Use the Search box to search for locations by typing an address or the name of a landmark. Use the Locate button to pinpoint the map to your current location. Note that the location provided is calculated based on your IP address and results might be inaccurate. Left click on the Access Point marker to bring up a menu where you can remove AP from management list, reboot AP, or redirect to the Active Clients page. Click on to save the changes made.
AP Info AP Information: Select to toggle on/off AP detailed information to be shown on your floor plan. 2.4GHz / 5GHz: Select whether to display signal coverage of 2.4GHz or 5GHz radio. The wireless coverage displayed will be based on the transmit power settings of the Access Point. Scaling Tool: Use the scaling tool to determine the exact distance on the floorplan. Signal Indicator: The colored indicator displays the reference signal strength covered.
Upload Floor Plan From here, the administrator can add or delete a custom map or floor plan image. An unlimited number of floor plan images can be imported to the EWS Switch. However, the total file size of all imported floor plans is limited to 20MB and the maximum file size per image is 2MB (a smaller image loads faster). Valid image file formats are .PNG, .GIF or .JPG. Status Dashboard Total: Displays the total memory storage space allocated for uploading custom floor plans.
Statistics This page displays a visual chart of network traffic of all the AP managed by ezMaster. Access Points The page displays a visual chart of the top 10 network traffic of the Access Points managed by the ezMaster. Navigating Tips Click Sort to sort the order from ascending/descending, depending on your preference. Click Rx to display Rx transmission, Tx to display Tx transmission or Total to display combined Rx and Tx transmission.
Wireless Clients In addition to viewing information based on specific Access Points, you can view data via specific clients as well for security purposes. Navigating Tips Click Sort to sort the order from ascending/descending, depending on your preference. Click Rx to display Rx transmission, Tx to display Tx transmission or Total to display combined Rx and Tx transmission. Click 1 day or 1 week button to select a time increment to monitor statistics by.
Hotspot Service A hotspot is a wireless network that provides access through a captive portal. Use this feature to setup captive portal related configurations. A captive portal provides registered users with network access while containing unregistered users. Users will need to enter a valid user name and password before they are allowed access to the Internet through the hotspot. Once a Captive Portal Profile is created, the administrator can apply this profile to multiple Guest Networks SSIDs.
Captive Portal Settings Profile Name: Enter a name for this captive portal profile. Description: Enter a brief description for this captive portal profile. Authentication Type: Defines the mechanism by which a wireless client gains access to the network after the client has associated to the SSID. Splash & Go The wireless client is granted network access without any further authentication as soon as it is associates to the SSID.
User Session: Configure session timeout and ideal timeout period. Session Timeout Specify a time limit after which users will be disconnected and required to log in again. Idle Timeout Specify a time limit for an idle client after which users will be disconnected and required to log in again. Walled Garden: This option allows users to define network destinations that users can access before authentication. For example, your company's website.
Creating a basic captive portal using ezMaster authentication The steps below will guide you to create a basic captive portal using ezMaster authentication. 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. Select a project and navigate to Hotspot Service > Captive Portal. Click on Add. Fill in the Profile Name and Description. For Authentication Type, select ezMaster Authentication.
Maintenance Bulk Upgrade The Bulk Upgrade feature allows administrators to upgrade the firmware of multiple Access Points at the same time. After uploading the firmware of an AP, the system will automatically display a list of Access Points the system is currently managing that the uploaded firmware is for. To upgrade, please follow the steps below: 1. Click on Upload New File to mount AP firmware onto ezMaster's flash. 2.
Access Point Configuration Under Device Management > Device Config > Access Point, you can configure AP settings by clicking on the Device Name link of the device. General Settings Device Name: The device name of the Access Point. Users can enter a custom name for the Access Point if they wish. Administrator Username: Displays the current administrator login username for the Access Point. Enter a new Administrator username for the Access Point if you wish to change the username.
Default Gateway: Enter the Default Gateway for the Access Point. Primary/Secondary DNS Server: Enter the Primary/Secondary DNS server name. Wireless Radio Settings Country: Select a Country/Region to conform to local regulations. Different regions have different rules that govern which channels can be used for wireless communications. Wireless Mode: Select from the drop-down menu to set the wireless mode for the Access Point. Channel HT Mode: Use the drop-down menu to select the channel width for 2.4GHz.
RTS/CTS Threshold: Enter a Request to Send (RTS) Threshold value between 1~2346. Use RTS/CTS to reduce data collisions on the wireless network if you have wireless clients that are associated with the same Access Point. Changing the RTS threshold can help control traffic flow through the Access Point. If you specify a lower threshold value, RTS packets will be sent more frequently. This will consume more bandwidth and reduce the throughput of the Access Point.
WLAN Settings - 2.4GHz/5GHz Basic Setting Enable SSID: Select to enable or disable the SSID broadcasting. SSID: Enter the SSID for the current profile. This is the name that is visible to wireless clients on the network. Hidden SSID: Enable this option if you do not want to broadcast this SSID. This can help to discourage wireless users from connecting to a particular SSID. Client Isolation: When enabled, all communication between wireless clients connected to the same AP will be blocked.
single VLAN ID could be used to identify all wireless traffic traversing the network, regardless of the SSID. When the AP receives VLAN-tagged traffic from the upstream switch or router, it forwards that traffic to the correct SSID. The AP drops all packets with VLAN IDs that are not associated to the SSID. Traffic Shaping: Traffic Shaping regulates the allowed maximum downloading/uploading throughput per SSID. Select to enable or disable Wireless Traffic Shaping for the SSID.
the wireless clients associated with it. Both the Access Point and the wireless client must use the same WEP key for data encryption and decryption. o Mode: Select Open System or Shared Key. o WEP Key: Select the WEP Key you wish to use. o Input Type: ASCII: Regular Text or HEX. Select the key type. Your available options are ASCII and HEX. ASCII Key: You can choose upper and lower case alphanumeric characters and special symbols such as @ and #.
Guest Network Guest Network: The Guest Network feature allows administrators to grant Internet connectivity to visitors or guests while keeping other networking devices and sensitive personal or company information private and secure. Basic Setting Enable SSID: Select to enable or disable the SSID broadcasting. SSID: Enter the SSID for the current profile. This is the name that is visible to wireless clients on the network. Hidden SSID: Enable this option if you do not want to broadcast this SSID.
o Type: Select the WPA-PSK type to use. Available options are Mixed, WPA-PSK and WPA2o o o PSK. Choose Mixed if your network has a mixture of older clients that only support WPA and TKIP, and newer client devices that support WPA2 and AES. Encryption: Select the WPA encryption type you would like. Your available options are: Both, TKIP(Temporal Key Integrity Protocol) and AES(Advanced Encryption Standard). Note: Since TKIP is not permitted for 802.
Advanced Settings LED Control: In some environments, the blinking LEDs on APs are not welcomed. This option allows you to enable or disable the devices LED indicators. Note that only indoor models support this feature.
Appendix Appendix A: ezMaster CLI Show system information • Cmd: show e.g. show ip Start/Stop/Restart ezMaster • Cmd: ezmaster e.g. ezmaster restart IP/DNS/Gateway setting • Cmd: config ip eth0 e.g. config ip eth0 192.168.0.200 255.255.255.0 • Cmd: config dns e.g. config dns 8.8.8.8 • Cmd: config gateway e.g. config gateway 192.168.0.
